last executing test programs: 6.593044546s ago: executing program 3 (id=3378): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0xa, 0x1, 0x100) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) (async) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) select$auto(0x8, 0x0, 0x0, 0x0, 0x0) write$auto(r1, 0x0, 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) (async) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xa, 0x80002, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socket(0x2, 0x80805, 0x0) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) timer_create$auto(0x0, 0x0, 0x0) (async) timer_create$auto(0x3, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x23, 0x0, 0x8) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) mmap$auto(0x6, 0x400008, 0x2, 0x9b76, r2, 0x6) (async) mmap$auto(0x0, 0x400000020009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) (async) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf25060000000c001100657468746f6f6c000800060002000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x40000d0) (async) r3 = socket(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 5.970974708s ago: executing program 3 (id=3379): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2900, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) fsconfig$auto_FSCONFIG_CMD_RECONFIGURE(r0, 0x7, &(0x7f0000000040)='/sys/devices/platform/vkms/graphics/fb0/state\x00', &(0x7f0000000180)="4fd3fff11fb8f05fe7543e170c274dd38e7fb942dbe8a5cd654a8ffba12ac502ffc8a570a0a428150e090be7e7fffd17fa92af7ea203b951b19c2af6df345b27c2aa0aa7e4da8f131ebf76e9507df1490d540c672842a69ee8b818d62406ee89750b3094123e32935d6a0d78f7cc0f916b45977dc022c5dfe1aeaecdba0010d004f81e9fdebb9a0907761b13af7f7b752cf3549630eef98998d94fe8d4be843b016f22032da8b9f096e6fa79461df8388db9a44fc7712d2727061087e4b1dbedcc694e79565ee25496b1282388008fa26684c74eeba2b9741fa415ac267fc50f405073304512f80e0473650592177c8e8e1a5290ba6c935074e49bbb6172ad23367bbf85964eff9fa4aa9656e49dd21966ec0bb2a6246d5f70ff3d0613b630de5c9e0185616862e4adbbaf3db7e66b964487edc951f40f973c0a86a407bb9deb103384882429f4ac2230909999be33780650fcbd39f7d9a2768978ce09fdeccc9d8b9fc8b2fea36dd089a9a16496f3283f478ee9f87520c12a5a9a8051b65e44937e9904215c87a502f5da6b5eff5ee11efbbb75db6ed3d45e3c8eecb60580bb3853b6c54b2d252829e5743b20a5b990c8b476c932acf1494d924518a1e12a9873afdca04d14c2f17833acb9eeef60e3ff2f54f03c1b0bd8e398a86c2efbc1e4074073e6a36bb575b7551e39eaa2ea1d7908b27b459f0598394362d5c19e128e01547df145ff36d7c81e802727a04e590baf2e64149b02d476674c316985d98c6c3e1bcc3632167beee70c0ab1116730c467650f151874613a2443ebbedf550deab145a00269e6ebbdcc0977824f28aa2d89129685181159915282b45387fa834b06421c762a57c0f7b4a184f656d07a4c57ce7ab057cc08b75f844bcc2998f2f1e5b82e8d208a2ecb3541827f4ecd59d642fd3b07dbae38422decbaa0b926218b28a2a0506b82f293d525df6aa74e8e0f44badf07f2cc0de042bb99410f2e2e9bf849890865404eb45a0b3de4b07295de0b2c9cc213f4a39f260167bafebf65db1dce32abd724124effab57eba971eed85cd7a3d49df44e4f073ef3f86fddec8c9c0be023fe8f9c7e33bca8f2b9d79f47a6a4446373265eded9a564d8028e1bc3592885c2f7f099859e8bd432f8284011348d076fefa736200494338a7721a8803797ab220d2778d5a029d5033b6de4283d41000c96b95ad058886bea2f725e26ed0fa9e585b7b60327a9665225a1606f56b9e941e389c8c034bbb43b27342d194ddc2fe2133c7ac4679c3c3137bfdd7adeae09239db8c73951da483d1c39de8c5bcb2264fc88d169d2c78679d3322d7288e6dc98290ef87c0ca32edc5674ec1aae0d6ddeab609c978ae3202f35376e7629e241fe29266aa84fdb5cf343f40514770f4ef949b9f69979915f6618dfde609792aaa17eab834eddeb615d6c64aa418f2123d1f9c51e33c3435f98b1ffa5a003663e8c1548dc2ec44b5d891d524a4e2446f15925649f918b92935339e68d4a174965a0cecfd3312e0ab9d0f3dd3080841a317224655e8c3e3e7fd674949ab033b2dd4a27a660bb3776ea7415ca6f39a52e87ff436e81795080af0c39897d0e55512444e7592d1e505912ec2bb20e9f8b23ef1b575f78afcd3f6dc6a357f8957f5cf2485774779e07525b1b8745aa8ec07fb1720988759343c95c9766c767689ff2503a76551923eb871a0d73567e33b4a45d06f0e905ac1d919a85add1c043e828bdc5abb418fb1bd5b04ac82829532e5870628958f2a0ead25aaac19dcb4811b31729a882fb24863331188d3a6b070338e21523703f5874bd5509abfa73eefc6f29159d07a560ee5c856ec6e09a9ee98c6fa3cd63fd373901300efbb230567bc108054dc903c592f24c91139fc2ab184af43dc5e01ed2dc86f56241e2b68d5728efce6773b466ca3136eeb3602137bc13d6dbdac3259478df69a44bb51215ddea91fa26a14d5b1eb559b29b544cd737db141b3580dfcba9248b0b156bc3422c9293dfc28e7f7c4400c9e4e84bd72f2d2a7e006fd04a18c8dd5697896b6de7cfc08b472c6459ce1caeb48b0ac5ed547748d7d5f12c5940cc52da40afd3c6d5ec9de54090b8a93968d2ccc1b9dbea0e1f180bd10126787f975806e709a6a20701387b0d1b5091437a331076e4a0292613331714b179ebceeb0cad054bbaacf3ede0d10c241bed4cfca39aac7e981421fc694ed476399e2f440f8cbaa63457c3812b8b98ca380c4d1295f5730301c7a865c9ba52be44637d57f2586571f2ff593ec2eb73e9492efcbe3ee362c6ec2346ae7af9e99385a678a92acae8ee5800249dfba0eb24b7f1e9e0d66987f79604365bcf43b75fc533d8edb2099298289e64209c7ce2eb08b20dd662f57fe946ec485d5d05b745211abebac3d63d7883fc0be20a74a6a6cf8c818fb3516c61f8a4131657c0cfb6aedea94ecbbbed1488d343a59b8dbe2f1f4ba99adf3f05f3bd7351f8dbb93da008687678d5997018b271696b1260624679c480d1f3738e2db4346286b2ab859690e4d40dd6ca763e4b08c918646d8e6acb9dd756061a205bc9ed61984be6c1f629c80add9628487d3fdbfd4ab92efa888e34ba04f45955e2cf88851bf18e15f0bcd8f61f6d40b611cf49d95b7df363d5b969eab1890ae6a0dcf9039221d80fe428a2a2b913488f5c3ada1fb5d89096f039e695d52e9890c888f7eab10d9e6d4f21ee2beb10e5653a28ec80f764d49181638bc6cb3a441d315ad4b6af15da42c209db8f93ccc53761a0d344714c2c6d2af988e4f0f0b18a9e99bab91eb9e64f69cb640461f8589c21730e82fda752e7700309fd5fa77e5642615f0a1fbab7c23f0eebf4ce25eb5571b7009fe48bbb7ccb1f85ac7742b981bbf0e29e93e912cf3390918d5d288afcf99a9c042312fad7eaef5e0183c262d53c2c9f8011ef3a5fbbc30b6a2a3047c9f4229ed9ff7e8b7779a06330ddaa57e123674dfb15558a2f20010dcc120bdc63fb85d789be97fea966820053292fe424563bf55d0c7391a5dcc18855f65e8e56a04cd0e7e4632dfc2ad1759e4553bfc627715cd78904ad06d08e692aa462e93fc5204c78153da569a65b6e01c1e084e86701d05249b2b792d6e5e0e3b824a0b60f31b412799a89c38bf00699cd762e8b2385e682bf6a35bff3d172310fbad99fe29fbe58b4bfa40a065bb544dbca7f4f3226a96a52415fb1aca4dcf6b0683a167fe0c680a79b9ca2cbf11bc156c4a5d59b5eff5dfde943009ee5de3f6f4e7f3204b8fbc5a8088fb89fbf112041af94ebf59eadb25be3e1b085c899accc3eaf775d106f451c9fae697e066ca64969363a86677397b5b8bb2c7fe117dc05761a709495d1b80d75b8d1a8e581dfbf8699091730e85e3b691c95394b560e2af4a622705f040ec27a01fb707999de5b107fea1f8dad6832cb242326f3dc52356d9b3c05026ea690b7fe369405486e1efdb7cc0e4ea66869a45396257e528e6f029795b7b0da2bcf3d158d4c3fcf926cc30a40920935463352aa6dec2d93bfad15058bc6fea59c5a500126f9d966485fa74ba128da897065522cf32cf586a054c030ba781fa6a1cf26d2e114386aa731f4856c715397759581de5faca780ae8e1cfb06756ea371aa29566efa26cace3021d81ecbbe711a7e8e57f98303c47319994cb65e0421ab5aaeca52b48ec5f8544b95f2d8bc1b8e00d362ee7769fa3bcb35bea8f1860757237135874c048e8f1ebff7d661763364a21f44eb613a72df07498393a4b4340b7136410685984cdad08dc9e24e10df16fefdd9bdbf7ce3c40fa2d9730cbe67ade6be429ec48a23b9fc8d4fbfa452fe83fc1be71e37a2d15a7afb60b351e5d764ff684db91826d27cbe5326edd0ad0ee79e61e2f24fd494c6f1fb19aa8d62f019aa614fd43f61ccd8136ddc2cfc22d52ea00756d2b462030baa49e611c175529fad0bbbd24f9bf64781d9a897bb4871f05386b9a8c6f51b22cbd1ab949d2666110f1e456950b2404e24bca71f8c5cf162dcdfe9493f6d57d98809c0bbbd8a1725d922995e5438479f3e99e97fdc086e73ecba5f77f6908575608e6114d29f3cc32a9d752de0922a51ff700a5a06f1e404416672d36c2a44fddd9df1fc8e5c3bdc6d32d8e4ab735bb38e9c357832526790ef52e6c6cf1e441919800427f3be56fcb5ad6658c32c222d2d45dd60da80561d65a1eac180db66293016fde454750b0bf9b5ec9003b98191e0130478e33a4413ce1cfe87056f34fd716476974dd4bcd162a05d536ce8b3efd670e639383bcb23e4ce8575c81bb30146afaae12f6bc966e69e3eebd7fcd022096215f55f68ddbc4400a2e151a2296649186e60489674412d681405e8968788e5d5123d9dd36c9a63ba8c3197e372ee642a486e1d31f84cb2de05e223a6b5b781d3abe99547fa7d780616c553dad99c606e53619e83a93d9abf9b74b06038b66ae5fad3686a14d24408fc21d46141b96dfb7780c9a9628e2e98d56cfa37f8741eb6bcbdbb0076ba6ac52b5ce76fe6744dda52947d53fdc23ebaa59b5594179964ae72dde30e4d56cf179bdec1be67ee63eceecee6e1d7798f9b2936c50e6a84e927ec5f5a88daad2b3da04ecb769888db63a7a92d1745b5490f23831f5149058a3b47c4a72debbace3b5d1ccf50acc292b0e3f3f7a0e8b1e1266d4900ecd5af8e966e4e342deec581cebd758da8574a1d691566db36ccdd2591babb07241ee7b970063f0e577d13a2105b63da7c5c7884fe80a0a08eed16fbb28ecc9264bc855b40574490f360985309b0ba4526b25f0068e46d5ee8e7a88834d866604a225a7509060faa0f73fcc453686269cc830388157a98f9ce7b24f18a724cd415af6675151a03dcba0c3f6d17e215d95111817edf727947d2264fdd04237f942e0f240d36592f9cebc6ea7d9d329b2cda0a7728c6c2457c20d177f345457b70ec10675f6e47f4c0cae619e0016e9561090b4822da247bbb966448df03214cc1262a272510dcd9fb94a8350830d5f2a1646a63858e623a83fd29a06834942148f17dda087011be734dbe4e53cce8ed25661605c68c7ac3c44039e87a6e5ec12f0f3a385e22e2f8a01f4a9afa2319bf2a3c218f4c2f085314ca28e0b4ff63c74c8d6c33e96a38b9db6cb1d1e5802856e846660235052287b05a59463792f587b71649bbc2165d44d53ca42ba92b152a0889b06c73e4694ea51e50a165d85950f8f15468d99b53186b6668dfde7ebb0a3046041390bd843735d406bf1d73fa05bc8f0992552ac808c142509e55f3c9765a6eca6f936198f8b3462960aa1912e2fc6491745d23992baf90f21680f06719dcb1a57e62d6ee109e235814b1b66e68cd597e2affde98df7b3251cf0d0b5f09bba89a770277a5592df957e6f0adcb2b87b9fdcf11f86b4649d054f8b8031255dfb0dfe1c7f63ff7a04bc74de97c03aefb8feaff2db2ebd54b9eed65251bbc2937c797159c06cc0f10e6d493aa1da638107441abca93f4af80ff84f61c111c3217f950ffe4cc5e2f5ac41d93f852ca2942bdf5f598a45456b59f1fdb14f50783300f616725d77c387aa21acabc63e61d4f277169dd7a2377a52332f3b2c13c34cd556ad9675a3bf4a6587d63926c4a4e6eeccc5f54e802142a966d5ac8cd2d402c6eee0afb3a9727f0a8ebd8d22e5a29c07dc94079997042072743edb4127b7cae7f681a8ad8bb92f92bb4e4a0f23c3b2f8c181b947cdacacaaa62c62c93cb47badedbfd097158e0b2a2822ed3318af437cbcca8ae5ca74245f3e3", 0x1) read$auto(r0, 0x0, 0x20) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(0xffffffffffffffff, 0x7cb, 0x0) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(0xffffffffffffffff, 0x7cb, 0x0) prctl$auto(0x21, 0xffff, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) socket(0x2, 0x1, 0x106) mq_getsetattr$auto(0xffffffffffffffff, &(0x7f0000000000)={0x81, 0x25, 0x5, 0x80}, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000", @ANYRES32=r1, @ANYBLOB="69b5"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) socket(0x1d, 0x2, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)={0x1c, r6, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x20000040) sendmsg$auto_NL80211_CMD_SET_BEACON(r4, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB='\x00\x00\x00g', @ANYRES16=r6, @ANYBLOB="000325bd7000fddbdf250e0000004b014580dd00408008dc1d6bac53377a67f8d1387506abf67cae353e65b7d945cf6835098581509c627586ccc30d80fdc22bc4ccedf06fbe17227da94338ca54940afe629ceaabb1fee11d5d149774a139fe24c6c4a0d34f8b93f76fc3166d462520e2f249e67e6946287139012afe323cca102e4aabd05b5490087c91687ea872f4b6d4c7ab38298eb508226de8dfc3574bb6d830e8344e90c6f6ced55f47a34bf320e2a2af9c63cbf1d4710e93c637747673badc4a5b27d8a7edd831296d61b6e687c66a57523cf5f3b0a9f881c9860103bb19c624177a9554d707160e6a95000000008d6f5bd90488bc782e9201c3752c38e5f35ad8d9f6d2c8d2e9f158b6f4f550adc5f8cc9d2d59e65596142434154ce81a69e27a78a31f7c51ffc5988fa46aaa0823283b2400bb800400f3800400198008001e00", @ANYRES32=r2, @ANYBLOB="0400bc80040074800800a500ff000000000600b10000800000"], 0x168}, 0x1, 0x0, 0x0, 0x8015}, 0x4000000) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) 5.968328393s ago: executing program 0 (id=3380): getpriority$auto_PRIO_USER(0x2, 0x0) set_mempolicy$auto(0x80, &(0x7f0000000000)=0xffffffffffffff81, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x80091, 0x0) ioctl$auto(r0, 0xfc, r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) sendfile$auto(r0, r0, &(0x7f0000000040)=0x6, 0x4) r1 = fsopen$auto(0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x800019) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)="8dc9fc604f721b4b9b6fb75391e7e39755cc3cb395bbeb92c3807417bf1ff9a25a49c991b8928467fa6892bd2134d2b370b5483301f7f22130c3ebecaa9465c0c6c5641ad82adc8f2b12ca943d4de3658dd514b1fb698e93894b0dd0b3d306c32943eadea51e79b452099c1418bfbec96103e85c850857da852c9c4412a8d0c6907db9ef3ca7895f954c47b90d47baca32a1a2be6dd5c144bd78062790ea1b7ec15c4bfd2e5ef3aea5d501aa35cfe9bff7eee7c2f4", 0xb5) mmap$auto(0x0, 0x10, 0xde, 0x9b7f, 0x2, 0x7fff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) mlockall$auto(0x7) write$auto_sg_fops_sg(r1, 0x0, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r0) socketpair$auto(0x7, 0x1fffffe, 0x315, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) pselect6$auto(0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 5.352170583s ago: executing program 2 (id=3383): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/amidi2\x00', 0x82040, 0x0) r0 = ioctl$auto_NS_GET_MNTNS_ID(0xffffffffffffffff, 0x8008b705, &(0x7f0000000300)=0x3) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$auto_BPF_ITER_CREATE(0x21, &(0x7f0000000580)=@query={@target_ifindex, 0x4, 0xffff08fb, 0x101, 0x6d, @prog_cnt=0x9, 0x0, 0x7, 0x4, 0x7, 0x9}, 0x5) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x110) getdents64$auto(r3, 0x0, 0x400) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0x4008af12, r1) r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$auto_IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x98, r4, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@IEEE802154_ATTR_CHANNEL_PAGE_LIST={0x84, 0x1e, "b9367484f5d6842a1d8342828baa41bbf756d7bd4375412d2ff3e43c16e0a38c5d227acefaad7ed93e1e091666376d0d8623e7dc970138e754337412f53b74b6efa7dd5f519fe46ea1128af11b0e5cf59b213beae341c616a11959bf1fb803a5e35e9b830892f3ce8a3211475e4cd6e640d813bab76b5ad9ce1265b87dae48eb"}]}, 0x98}, 0x1, 0x0, 0x0, 0x4}, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = open(&(0x7f0000000080)='./file0\x00', 0x4242, 0xe1d2b27bdc14abfd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x21, 0x2, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) fcntl$auto(r5, 0x400, 0x1) setxattr$auto(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='-\x00', &(0x7f0000000200), 0x10, 0x0) 4.993935703s ago: executing program 2 (id=3384): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x9da, 0x20009, 0xdf, 0xffb, 0x401, 0x8000) statmount$auto(0x0, 0x0, 0x7ffffffff000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x40002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_FIFREEZE(0xffffffffffffffff, 0xc0045878, 0xfa) waitid$auto(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0) ioctl$auto_RNDGETENTCNT(0xffffffffffffffff, 0x80045200, 0x0) ppoll$auto(0x0, 0x100, 0x0, 0x0, 0x8) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) 4.545369505s ago: executing program 3 (id=3386): unshare$auto(0x40000080) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x27, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy11/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x486003, 0x0) rt_sigprocmask$auto(0x8, 0xffffffffffffffff, 0x0, 0x8) getpgid$auto(0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/122, 0x7a) 3.593728007s ago: executing program 0 (id=3387): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) setreuid$auto(0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) sysfs$auto(0x2, 0x10, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) writev$auto(0x1, 0x0, 0x1) readahead$auto(0xffffffffffffffff, 0x6, 0x2) r3 = socket(0x23, 0x5, 0x0) listen$auto(r3, 0x5ed) unshare$auto(0x40000080) r4 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r4, 0x0, 0x1) write$auto(0xffffffffffffffff, 0x0, 0x6) socket(0x2, 0x1, 0x0) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) 3.395409351s ago: executing program 1 (id=3388): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x6) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x3, 0x8, 0x800000df, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) r0 = semctl$auto_GETPID(0x2, 0x1, 0xb, 0x2b) prctl$auto(0x37, 0x1, r0, 0x5, 0x7) shutdown$auto(0x200000003, 0x2) timerfd_create$auto(0x9, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 3.266403113s ago: executing program 2 (id=3389): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) socket(0xa, 0x2, 0x88) epoll_create$auto(0x3e) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) socket(0x2, 0x3, 0x6) socket(0x2, 0x2, 0x88) socket(0x2a, 0x2, 0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x2040, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x2) wait4$auto(0x0, &(0x7f0000000080)=0x7fffffff, 0x4, &(0x7f0000001140)={{0x8, 0xffffffff}, {0x9, 0xfffffffffffffff9}, 0x1, 0x794, 0x1000000000000007, 0x6e, 0x1ff, 0x4, 0x5, 0x1, 0x401, 0x6, 0xfffffffffffffffb, 0x1, 0x3, 0x9}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r2, 0x92106402, r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_gtp(0x0, r3) sendmsg$auto_GTP_CMD_GETPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8014) write$auto(0xffffffffffffffff, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x4, 0x2020009, 0x3, 0xeb1, r3, 0x1) r5 = socket(0x1e, 0x4, 0x0) ioperm$auto(0x9, 0x9, 0x75) getsockname$auto(r5, &(0x7f0000000000)=@generic={0x2b, "bc9fefa9442c9e39021439230679"}, &(0x7f0000000180)=0xff) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x4, {0x100000000, 0x10000}, 0x7, 0x1, 0xfffffffffffffffa, 0x1007fff, 0x0, 0x8, 0xfff, 0xdfffffffffff628e, 0x6, 0x6, 0x808}) 3.095313113s ago: executing program 3 (id=3390): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) getpeername$auto(r1, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x40000) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$auto_BLKTRACESETUP32(r3, 0xc0401273, &(0x7f0000000180)={"c16f6303d5736a1b0feb8f6a0554277f3190781cfe525c42f1ebed0dc940e2fd", 0x3, 0xff, 0x3798, 0xd, 0x810}) waitid$auto_P_ALL(0x0, 0x8, &(0x7f0000000200)={@_si_pad}, 0x2, &(0x7f0000000280)={{0x3, 0x1}, {0x5, 0x100000000}, 0x2, 0x2, 0x8, 0x6, 0x8, 0x7, 0x80, 0x14, 0x0, 0x1, 0xf34, 0x6, 0x1000200000, 0x6}) fcntl$getown(r0, 0x9) msgctl$auto_MSG_STAT_ANY(0x5, 0xd, &(0x7f0000000380)={{0x4468ebf0, 0xee01, 0x0, 0x7, 0x6, 0x7, 0x2}, &(0x7f0000000100)=0x5, &(0x7f0000000340)=0xa, 0xfffffffffffffff8, 0x0, 0x3, 0x81, 0x3, 0x4, 0xf25, 0x5, @inferred, @raw=0x5}) msgctl$auto_IPC_SET(0x6, 0x1, &(0x7f00000004c0)={{0x401, 0xee00, 0x0, 0x7, 0x6, 0x8, 0x7}, &(0x7f0000000440)=0x2, &(0x7f0000000480)=0x3, 0x4, 0x80000000, 0x1, 0x1, 0x2, 0x6, 0x8, 0xc0, @inferred=0xffffffffffffffff}) r4 = gettid() process_vm_readv$auto(r4, 0x0, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0) sendmsg$auto_TIPC_NL_LINK_SET(r3, 0x0, 0x4004840) 2.963951635s ago: executing program 0 (id=3391): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event\x00', 0x40800, 0x0) pread64$auto(r0, &(0x7f0000002680)='/dev/snapshot\x00', 0x73528428, 0x3) (fail_nth: 1) 2.784885956s ago: executing program 2 (id=3392): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r0 = open_by_handle_at$auto(0xffffffffffffffff, 0x0, 0xffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x15, 0x5, 0x0) getsockopt$auto(r1, 0x114, 0x2710, 0xfffffffffffffffc, 0x0) mmap$auto(0x401, 0x20009, 0x25, 0x18, r0, 0x8000) prctl$auto_PR_PAC_RESET_KEYS(0x36, 0x0, 0xffffffffffffffff, 0x9, 0x7) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x10011, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x7cf702, 0x0) mmap$auto(0x0, 0x810004, 0x2, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x28c102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0) ioctl$auto_MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201, 0x0) mmap$auto(0x0, 0xb991, 0x5, 0x19, 0xffffffffffffffff, 0x2) clock_adjtime$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0xffffffffffffffff, 0x0, 0x55) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x1, 0x0, 0x8004) socket(0x10, 0x80000, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) 2.286714219s ago: executing program 1 (id=3393): r0 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x3) bpf$auto(0x6, &(0x7f00000001c0)=@test={r0, 0x10004, 0x0, 0x1000, 0x106, 0x0, 0x0, 0xfff, 0x10000, 0x9, 0x0, 0x4, 0x7, 0x2, 0xfffeffff}, 0x1) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.234233942s ago: executing program 0 (id=3394): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) io_uring_register$auto_IORING_REGISTER_SEND_MSG_RING(0xffffffffffffffff, 0x1f, &(0x7f00000030c0), 0x7) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd6/queue/iosched/writes_starved\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000100)='%\x00', 0x38f) write$auto(0x3, 0x0, 0x1) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) futex_waitv$auto(&(0x7f0000000300)={0x0, 0x4, 0x2}, 0x1, 0x0, 0x0, 0x0) 2.095110833s ago: executing program 1 (id=3395): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x6) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x240, 0x0) pread64$auto(r0, 0x0, 0x200000000003, 0x2f4a3a23) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/bond0/ignore_routes_with_linkdown\x00', 0x40001, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0xa, 0x0) mmap$auto(0x3, 0x8, 0x800000df, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) r2 = semctl$auto_GETPID(0x2, 0x1, 0xb, 0x2b) prctl$auto(0x37, 0x1, r2, 0x5, 0x7) madvise$auto(0x0, 0x2003f0, 0x15) timerfd_create$auto(0x9, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 1.389248792s ago: executing program 2 (id=3396): mbind$auto(0xfffffffffffff000, 0x8, 0x80000000, 0x0, 0x806, 0x2) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0xb5, 0x1, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@prog_fd, @target_ifindex=r1, 0x3, 0x2, @netfilter={0x4, 0x1, 0x40, 0x7}}, 0x81) madvise$auto(0x0, 0xb, 0x15) open(&(0x7f0000000000)='./file0\x00', 0x7dfd, 0x85) write$auto(0x3, 0x0, 0x100082) bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f00000000c0)=@bpf_attr_7={@map_id=0xf, 0x8, 0x10000, r0}, 0x8f) clone$auto(0x7, 0x2000400000d, 0xfffffffffffffffc, 0x0, 0x3) mmap$auto(0x6, 0xfffffffffffffff0, 0x4, 0x14, r0, 0x76d) r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) ppoll$auto(&(0x7f0000000040)={r2, 0x4, 0xa7}, 0x1c, &(0x7f0000000080)={0x2, 0x6}, 0x0, 0x8) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) write$auto(r3, 0x0, 0x300001000000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29a02, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/rds/tcp/rds_tcp_sndbuf\x00', 0x40001, 0x0) write$auto(r4, 0x0, 0xfffffdef) 1.137920677s ago: executing program 0 (id=3397): mmap$auto(0x0, 0x400003, 0xdf, 0x19, 0x2, 0x8) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYRESHEX=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20004881}, 0x40001810) close_range$auto(r1, r0, 0xfffffffa) socket(0xf, 0x80b, 0x9) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/44, 0x2c) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(r1, &(0x7f0000000340)={{0x0, 0x3, 0x0, 0x1000, 0x0, 0x6c, 0x480000}, 0xd}, 0x5, 0x2) mmap$auto(0x0, 0xee3, 0xdf, 0x9b72, 0x2, 0x8003) r4 = io_uring_setup$auto(0x7, 0x0) close_range$auto(0xffffffffffffffff, r2, 0xaa) r5 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000002c0), 0x62a000, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0xc0684608, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) read$auto(0x3, 0x0, 0xfdef) sendmsg$auto_IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="16a6d1eee1bccd347a10061054f0a8b1db67d9c86c8a9dd40d768283924bd8292d51507340e8d7822d0e27f8c9f057e1401ac47ca80283e559450c5aa9a3400ec566c795103852033c198fc51e1f43454bd385c592829ee24b051206167b51f615771f925c995865ea3b298d50428ff32799712a617dc9ae82e17b04f38d437139b51128dc2cd9188925a82d127bf97cea58afe5b0c3191823c88017a31d4cb292e5d7c8a3d1609d6d01f0098d76ca80b10b45712591e746b423c5c12ac8a48fa34cd29def2281754f1975e826feaab76215879a1fa3238ff097db94ffd10ecbed3817b4b5edd9dd", @ANYRES16=r5, @ANYBLOB="000129bd7000ffdbdf252800000006000a000400000006000600040000001400010065727370616e3000000000000000000008002c00ff0f0000060008000400000024003200af077032e161ba46808464570b28f4deb8f056"], 0x7c}, 0x1, 0x0, 0x0, 0x81}, 0x8000) sendmsg$auto_IEEE802154_ASSOCIATE_REQ(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESHEX=0x0, @ANYRES16=0x0, @ANYBLOB="010028bd7000fcdbdf250100000006000e0096010000"], 0x1c}}, 0x1) madvise$auto(0x0, 0xffffffffffff0004, 0x19) mremap$auto(0x9, 0x4, 0x4, 0x7, 0x0) 678.150055ms ago: executing program 1 (id=3398): mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x3ff, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) ioctl$auto_RTC_IRQP_READ(r0, 0x8008700b, &(0x7f0000000200)=0x9) io_uring_register$auto(0x2, 0xf, 0x0, 0x20) 608.781319ms ago: executing program 3 (id=3399): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/amidi2\x00', 0x82040, 0x0) r0 = ioctl$auto_NS_GET_MNTNS_ID(0xffffffffffffffff, 0x8008b705, &(0x7f0000000300)=0x3) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$auto_BPF_ITER_CREATE(0x21, &(0x7f0000000580)=@query={@target_ifindex, 0x4, 0xffff08fb, 0x101, 0x6d, @prog_cnt=0x9, 0x0, 0x7, 0x4, 0x7, 0x9}, 0x5) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x110) getdents64$auto(r3, 0x0, 0x400) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0x4008af12, r1) r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$auto_IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x98, r4, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@IEEE802154_ATTR_CHANNEL_PAGE_LIST={0x84, 0x1e, "b9367484f5d6842a1d8342828baa41bbf756d7bd4375412d2ff3e43c16e0a38c5d227acefaad7ed93e1e091666376d0d8623e7dc970138e754337412f53b74b6efa7dd5f519fe46ea1128af11b0e5cf59b213beae341c616a11959bf1fb803a5e35e9b830892f3ce8a3211475e4cd6e640d813bab76b5ad9ce1265b87dae48eb"}]}, 0x98}, 0x1, 0x0, 0x0, 0x4}, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x4242, 0xe1d2b27bdc14abfd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x21, 0x2, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) setxattr$auto(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='-\x00', &(0x7f0000000200), 0x10, 0x0) 305.156845ms ago: executing program 1 (id=3400): mmap$auto(0x0, 0x43, 0x5ecb, 0x8000fb1, 0xfffffffffffffffa, 0x4850) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x22, 0x2, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01042dbd7000fbdbdf2504000000779477163e00d33a5179fd8b06f220"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8800) socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socket(0x23, 0x2, 0x0) pipe$auto(&(0x7f0000000000)) pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x4020007, 0xdb, 0xeb1, 0x401, 0x8004) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card1\x00', 0x22280, 0x0) ioctl$auto(r0, 0x8000515, r4) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ioctl$auto_UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0) writev$auto(r3, &(0x7f0000000340)={&(0x7f0000000180)="d8f80ae1755e56c6414d6837ebd777a07f305acbee14eddcc9e2a179f2e1e078269624373c9ea51ad9e39dd7d756f9c233920ccb9a3f4722650777b7e2c457b38e", 0xda7e}, 0x9) io_uring_setup$auto(0x6, 0x0) r5 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183042, 0x0) socketpair$auto(0x1, 0x5, 0xea3, 0x0) close_range$auto(r5, r4, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptye4\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) 243.048206ms ago: executing program 0 (id=3401): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x6) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x3, 0x8, 0x800000df, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) r0 = semctl$auto_GETPID(0x2, 0x1, 0xb, 0x2b) prctl$auto(0x37, 0x1, r0, 0x5, 0x7) shutdown$auto(0x200000003, 0x2) timerfd_create$auto(0x9, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 151.154394ms ago: executing program 3 (id=3402): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event\x00', 0x40800, 0x0) pread64$auto(r0, &(0x7f0000002680)='/dev/snapshot\x00', 0x73528428, 0x3) (fail_nth: 2) 78.814109ms ago: executing program 1 (id=3403): r0 = socket(0x17, 0x3, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00', 0x0}) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x48, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_CHANNELS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8001}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x48}, 0x1, 0x100000000000000, 0x0, 0x2000c000}, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), r0) getsockopt$auto(r0, 0x8, 0xd24a, 0x0, &(0x7f0000000080)=0x4db9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) landlock_restrict_self$auto(r5, 0x1) r6 = gettid() getpid() timer_create$auto(0x0, &(0x7f0000000040)={@sival_ptr=0x0, @raw=0x4, 0x6, @_tid=r6}, 0x0) r7 = socket(0x9, 0x2, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r7) 0s ago: executing program 2 (id=3404): r0 = socket(0x2, 0x80002, 0x73) getpeername$auto(r0, 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0x2240, 0x154) bpf$auto(0x13, &(0x7f0000000780)=@link_update={0xa, @new_map_fd, 0x4007, @old_map_fd}, 0xa3) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) setrlimit$auto(0x7, &(0x7f0000000080)={0x0, 0x6}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) select$auto(0x7fffffff, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xc048ae65, 0x10000000000402) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) kernel console output (not intermixed with test programs): ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 908.419683][T18530] acpi_ns_evaluate+0x76c/0xca0 [ 908.419719][T18530] ? kasan_save_track+0x14/0x30 [ 908.419769][T18530] acpi_evaluate_object+0x1fa/0xa90 [ 908.419817][T18530] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.419852][T18530] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 908.419902][T18530] ? __mutex_trylock_common+0xe9/0x250 [ 908.419952][T18530] acpi_evaluate_integer+0xdd/0x200 [ 908.419993][T18530] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 908.420031][T18530] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 908.420086][T18530] ? __pfx_status_show+0x10/0x10 [ 908.420106][T18530] status_show+0xa0/0x120 [ 908.420133][T18530] ? __pfx_status_show+0x10/0x10 [ 908.420173][T18530] dev_attr_show+0x53/0xe0 [ 908.420211][T18530] ? __pfx_dev_attr_show+0x10/0x10 [ 908.420244][T18530] sysfs_kf_seq_show+0x213/0x3e0 [ 908.420308][T18530] seq_read_iter+0x506/0x12c0 [ 908.420362][T18530] kernfs_fop_read_iter+0x40f/0x5a0 [ 908.420387][T18530] ? rw_verify_area+0xcf/0x680 [ 908.420420][T18530] vfs_read+0x8bf/0xc60 [ 908.420456][T18530] ? __pfx___mutex_lock+0x10/0x10 [ 908.420480][T18530] ? __pfx_vfs_read+0x10/0x10 [ 908.420530][T18530] ksys_read+0x12a/0x250 [ 908.420563][T18530] ? __pfx_ksys_read+0x10/0x10 [ 908.420610][T18530] do_syscall_64+0xcd/0x490 [ 908.420634][T18530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.420656][T18530] RIP: 0033:0x7f0912f8e929 [ 908.420674][T18530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.420695][T18530] RSP: 002b:00007f0913d49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 908.420715][T18530] RAX: ffffffffffffffda RBX: 00007f09131b6080 RCX: 00007f0912f8e929 [ 908.420730][T18530] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 908.420744][T18530] RBP: 00007f0913010b39 R08: 0000000000000000 R09: 0000000000000000 [ 908.420757][T18530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 908.420770][T18530] R13: 0000000000000000 R14: 00007f09131b6080 R15: 00007ffef0fc1458 [ 908.420798][T18530] [ 908.779076][T18533] FAULT_INJECTION: forcing a failure. [ 908.779076][T18533] name failslab, interval 1, probability 0, space 0, times 0 [ 908.791873][T18533] CPU: 1 UID: 0 PID: 18533 Comm: syz.1.2757 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 908.791913][T18533] Tainted: [U]=USER [ 908.791921][T18533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 908.791937][T18533] Call Trace: [ 908.791945][T18533] [ 908.791955][T18533] dump_stack_lvl+0x16c/0x1f0 [ 908.791994][T18533] should_fail_ex+0x512/0x640 [ 908.792032][T18533] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 908.792070][T18533] should_failslab+0xc2/0x120 [ 908.792095][T18533] __kmalloc_cache_noprof+0x6a/0x3e0 [ 908.792129][T18533] ? acpi_ds_create_walk_state+0x78/0x250 [ 908.792160][T18533] acpi_ds_create_walk_state+0x78/0x250 [ 908.792187][T18533] acpi_ps_execute_method+0x253/0xb30 [ 908.792215][T18533] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 908.792248][T18533] acpi_ns_evaluate+0x76c/0xca0 [ 908.792276][T18533] ? kasan_save_track+0x14/0x30 [ 908.792316][T18533] acpi_evaluate_object+0x1fa/0xa90 [ 908.792355][T18533] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.792382][T18533] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 908.792421][T18533] ? __mutex_trylock_common+0xe9/0x250 [ 908.792459][T18533] acpi_evaluate_integer+0xdd/0x200 [ 908.792493][T18533] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 908.792527][T18533] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 908.792570][T18533] ? __pfx_status_show+0x10/0x10 [ 908.792611][T18533] status_show+0xa0/0x120 [ 908.792633][T18533] ? __pfx_status_show+0x10/0x10 [ 908.792663][T18533] dev_attr_show+0x53/0xe0 [ 908.792692][T18533] ? __pfx_dev_attr_show+0x10/0x10 [ 908.792718][T18533] sysfs_kf_seq_show+0x213/0x3e0 [ 908.792756][T18533] seq_read_iter+0x506/0x12c0 [ 908.792803][T18533] kernfs_fop_read_iter+0x40f/0x5a0 [ 908.792830][T18533] ? rw_verify_area+0xcf/0x680 [ 908.792866][T18533] vfs_read+0x8bf/0xc60 [ 908.792907][T18533] ? __pfx___mutex_lock+0x10/0x10 [ 908.792932][T18533] ? __pfx_vfs_read+0x10/0x10 [ 908.792989][T18533] ksys_read+0x12a/0x250 [ 908.793025][T18533] ? __pfx_ksys_read+0x10/0x10 [ 908.793071][T18533] do_syscall_64+0xcd/0x490 [ 908.793098][T18533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.793123][T18533] RIP: 0033:0x7fae8938e929 [ 908.793142][T18533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.793167][T18533] RSP: 002b:00007fae8a21a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 908.793190][T18533] RAX: ffffffffffffffda RBX: 00007fae895b6320 RCX: 00007fae8938e929 [ 908.793208][T18533] RDX: 000000000000007a RSI: 0000200000000140 RDI: 000000000000000a [ 908.793223][T18533] RBP: 00007fae89410b39 R08: 0000000000000000 R09: 0000000000000000 [ 908.793239][T18533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 908.793255][T18533] R13: 0000000000000000 R14: 00007fae895b6320 R15: 00007ffe4f223e88 [ 908.793286][T18533] [ 910.955958][T18553] FAULT_INJECTION: forcing a failure. [ 910.955958][T18553] name failslab, interval 1, probability 0, space 0, times 0 [ 910.973183][T18553] CPU: 1 UID: 0 PID: 18553 Comm: syz.0.2762 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 910.973228][T18553] Tainted: [U]=USER [ 910.973238][T18553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 910.973254][T18553] Call Trace: [ 910.973264][T18553] [ 910.973275][T18553] dump_stack_lvl+0x16c/0x1f0 [ 910.973306][T18553] should_fail_ex+0x512/0x640 [ 910.973350][T18553] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 910.973397][T18553] should_failslab+0xc2/0x120 [ 910.973426][T18553] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 910.973467][T18553] ? __proc_create+0xc3/0x8c0 [ 910.973492][T18553] ? __proc_create+0x2ce/0x8c0 [ 910.973523][T18553] __proc_create+0x2ce/0x8c0 [ 910.973550][T18553] ? __pfx___proc_create+0x10/0x10 [ 910.973597][T18553] proc_mkdir+0x81/0x170 [ 910.973626][T18553] ? __pfx_proc_mkdir+0x10/0x10 [ 910.973654][T18553] ? cache_register_net+0x137/0x5e0 [ 910.973696][T18553] cache_register_net+0x18f/0x5e0 [ 910.973734][T18553] nfsd_idmap_init+0xb6/0x250 [ 910.973772][T18553] ? __pfx_nfsd_net_init+0x10/0x10 [ 910.973803][T18553] nfsd_net_init+0x69/0x3d0 [ 910.973837][T18553] ? __pfx_nfsd_net_init+0x10/0x10 [ 910.973868][T18553] ops_init+0x1df/0x5f0 [ 910.973902][T18553] setup_net+0x1ff/0x510 [ 910.973931][T18553] ? lockdep_init_map_type+0x5c/0x280 [ 910.973973][T18553] ? __pfx_setup_net+0x10/0x10 [ 910.974008][T18553] ? debug_mutex_init+0x37/0x70 [ 910.974040][T18553] copy_net_ns+0x2a6/0x5f0 [ 910.974079][T18553] create_new_namespaces+0x3ea/0xa90 [ 910.974119][T18553] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 910.974154][T18553] ksys_unshare+0x45b/0xa40 [ 910.974191][T18553] ? __pfx_ksys_unshare+0x10/0x10 [ 910.974230][T18553] ? xfd_validate_state+0x61/0x180 [ 910.974278][T18553] __x64_sys_unshare+0x31/0x40 [ 910.974315][T18553] do_syscall_64+0xcd/0x490 [ 910.974347][T18553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.974375][T18553] RIP: 0033:0x7f0912f8e929 [ 910.974398][T18553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 910.974427][T18553] RSP: 002b:00007f0913d49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 910.974455][T18553] RAX: ffffffffffffffda RBX: 00007f09131b6080 RCX: 00007f0912f8e929 [ 910.974475][T18553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 910.974492][T18553] RBP: 00007f0913010b39 R08: 0000000000000000 R09: 0000000000000000 [ 910.974509][T18553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 910.974526][T18553] R13: 0000000000000000 R14: 00007f09131b6080 R15: 00007ffef0fc1458 [ 910.974562][T18553] [ 912.727497][T18580] FAULT_INJECTION: forcing a failure. [ 912.727497][T18580] name failslab, interval 1, probability 0, space 0, times 0 [ 912.748862][T18580] CPU: 1 UID: 0 PID: 18580 Comm: syz.3.2770 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 912.748899][T18580] Tainted: [U]=USER [ 912.748907][T18580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 912.748919][T18580] Call Trace: [ 912.748927][T18580] [ 912.748935][T18580] dump_stack_lvl+0x16c/0x1f0 [ 912.748960][T18580] should_fail_ex+0x512/0x640 [ 912.748994][T18580] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 912.749031][T18580] should_failslab+0xc2/0x120 [ 912.749052][T18580] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 912.749087][T18580] ? acpi_ut_create_thread_state+0x63/0x170 [ 912.749123][T18580] acpi_ut_create_thread_state+0x63/0x170 [ 912.749155][T18580] acpi_ps_parse_aml+0x79/0xcb0 [ 912.749179][T18580] acpi_ps_execute_method+0x55a/0xb30 [ 912.749204][T18580] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 912.749233][T18580] acpi_ns_evaluate+0x76c/0xca0 [ 912.749258][T18580] ? kasan_save_track+0x14/0x30 [ 912.749294][T18580] acpi_evaluate_object+0x1fa/0xa90 [ 912.749329][T18580] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.749352][T18580] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 912.749387][T18580] ? __mutex_trylock_common+0xe9/0x250 [ 912.749420][T18580] acpi_evaluate_integer+0xdd/0x200 [ 912.749456][T18580] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 912.749486][T18580] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 912.749520][T18580] ? __pfx_status_show+0x10/0x10 [ 912.749538][T18580] status_show+0xa0/0x120 [ 912.749557][T18580] ? __pfx_status_show+0x10/0x10 [ 912.749582][T18580] dev_attr_show+0x53/0xe0 [ 912.749607][T18580] ? __pfx_dev_attr_show+0x10/0x10 [ 912.749628][T18580] sysfs_kf_seq_show+0x213/0x3e0 [ 912.749662][T18580] seq_read_iter+0x506/0x12c0 [ 912.749701][T18580] kernfs_fop_read_iter+0x40f/0x5a0 [ 912.749724][T18580] ? rw_verify_area+0xcf/0x680 [ 912.749755][T18580] vfs_read+0x8bf/0xc60 [ 912.749789][T18580] ? __pfx___mutex_lock+0x10/0x10 [ 912.749810][T18580] ? __pfx_vfs_read+0x10/0x10 [ 912.749859][T18580] ksys_read+0x12a/0x250 [ 912.749889][T18580] ? __pfx_ksys_read+0x10/0x10 [ 912.749929][T18580] do_syscall_64+0xcd/0x490 [ 912.749951][T18580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.749973][T18580] RIP: 0033:0x7f485538e929 [ 912.749989][T18580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 912.750010][T18580] RSP: 002b:00007f48531f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 912.750029][T18580] RAX: ffffffffffffffda RBX: 00007f48555b6080 RCX: 00007f485538e929 [ 912.750044][T18580] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 912.750057][T18580] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 912.750071][T18580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 912.750084][T18580] R13: 0000000000000000 R14: 00007f48555b6080 R15: 00007fff2c26f118 [ 912.750110][T18580] [ 912.750153][T18580] ACPI Error: ffff88807d257000 walk still has a scope list (20250404/dswstate-694) [ 913.363209][T18586] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2772'. [ 914.785037][T17975] hsr_slave_1: left promiscuous mode [ 914.791139][T17975] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 914.799713][T17975] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 914.826350][T17975] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 914.834031][T17975] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 914.886160][T17975] veth0_macvtap: left promiscuous mode [ 914.892039][T17975] veth1_vlan: left promiscuous mode [ 914.897705][T17975] veth0_vlan: left promiscuous mode [ 916.373124][T18639] Process accounting resumed [ 916.821006][T18653] FAULT_INJECTION: forcing a failure. [ 916.821006][T18653] name failslab, interval 1, probability 0, space 0, times 0 [ 916.834959][T18653] CPU: 1 UID: 0 PID: 18653 Comm: syz.1.2787 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 916.835004][T18653] Tainted: [U]=USER [ 916.835011][T18653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 916.835024][T18653] Call Trace: [ 916.835032][T18653] [ 916.835040][T18653] dump_stack_lvl+0x16c/0x1f0 [ 916.835066][T18653] should_fail_ex+0x512/0x640 [ 916.835100][T18653] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 916.835138][T18653] should_failslab+0xc2/0x120 [ 916.835160][T18653] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 916.835194][T18653] ? acpi_ut_create_thread_state+0x63/0x170 [ 916.835231][T18653] acpi_ut_create_thread_state+0x63/0x170 [ 916.835263][T18653] acpi_ps_parse_aml+0x79/0xcb0 [ 916.835288][T18653] acpi_ps_execute_method+0x55a/0xb30 [ 916.835312][T18653] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 916.835341][T18653] acpi_ns_evaluate+0x76c/0xca0 [ 916.835366][T18653] ? kasan_save_track+0x14/0x30 [ 916.835401][T18653] acpi_evaluate_object+0x1fa/0xa90 [ 916.835437][T18653] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.835460][T18653] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 916.835494][T18653] ? __mutex_trylock_common+0xe9/0x250 [ 916.835528][T18653] acpi_evaluate_integer+0xdd/0x200 [ 916.835558][T18653] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 916.835587][T18653] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 916.835620][T18653] ? __pfx_status_show+0x10/0x10 [ 916.835638][T18653] status_show+0xa0/0x120 [ 916.835656][T18653] ? __pfx_status_show+0x10/0x10 [ 916.835682][T18653] dev_attr_show+0x53/0xe0 [ 916.835706][T18653] ? __pfx_dev_attr_show+0x10/0x10 [ 916.835728][T18653] sysfs_kf_seq_show+0x213/0x3e0 [ 916.835761][T18653] seq_read_iter+0x506/0x12c0 [ 916.835800][T18653] kernfs_fop_read_iter+0x40f/0x5a0 [ 916.835824][T18653] ? rw_verify_area+0xcf/0x680 [ 916.835861][T18653] vfs_read+0x8bf/0xc60 [ 916.835896][T18653] ? __pfx___mutex_lock+0x10/0x10 [ 916.835918][T18653] ? __pfx_vfs_read+0x10/0x10 [ 916.835966][T18653] ksys_read+0x12a/0x250 [ 916.835997][T18653] ? __pfx_ksys_read+0x10/0x10 [ 916.836037][T18653] do_syscall_64+0xcd/0x490 [ 916.836060][T18653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.836081][T18653] RIP: 0033:0x7fae8938e929 [ 916.836098][T18653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 916.836119][T18653] RSP: 002b:00007fae8a27d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 916.836139][T18653] RAX: ffffffffffffffda RBX: 00007fae895b6080 RCX: 00007fae8938e929 [ 916.836153][T18653] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 916.836166][T18653] RBP: 00007fae89410b39 R08: 0000000000000000 R09: 0000000000000000 [ 916.836181][T18653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 916.836194][T18653] R13: 0000000000000000 R14: 00007fae895b6080 R15: 00007ffe4f223e88 [ 916.836221][T18653] [ 917.156286][T18653] ACPI Error: ffff88807a962000 walk still has a scope list (20250404/dswstate-694) [ 917.185753][T17975] team0 (unregistering): Port device team_slave_1 removed [ 917.324268][T17975] team0 (unregistering): Port device team_slave_0 removed [ 920.695710][T18693] FAULT_INJECTION: forcing a failure. [ 920.695710][T18693] name failslab, interval 1, probability 0, space 0, times 0 [ 920.718207][T18693] CPU: 0 UID: 0 PID: 18693 Comm: syz.3.2798 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 920.718256][T18693] Tainted: [U]=USER [ 920.718267][T18693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 920.718284][T18693] Call Trace: [ 920.718294][T18693] [ 920.718306][T18693] dump_stack_lvl+0x16c/0x1f0 [ 920.718340][T18693] should_fail_ex+0x512/0x640 [ 920.718388][T18693] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 920.718438][T18693] should_failslab+0xc2/0x120 [ 920.718469][T18693] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 920.718517][T18693] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 920.718567][T18693] acpi_ut_create_generic_state+0x5c/0xb0 [ 920.718612][T18693] acpi_ps_init_scope+0x1a/0x1c0 [ 920.718643][T18693] acpi_ds_init_aml_walk+0x1d9/0x590 [ 920.718680][T18693] acpi_ps_execute_method+0x32d/0xb30 [ 920.718721][T18693] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 920.718764][T18693] acpi_ns_evaluate+0x76c/0xca0 [ 920.718801][T18693] ? kasan_save_track+0x14/0x30 [ 920.718859][T18693] acpi_evaluate_object+0x1fa/0xa90 [ 920.718910][T18693] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.718938][T18693] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 920.718983][T18693] ? __mutex_trylock_common+0xe9/0x250 [ 920.719031][T18693] acpi_evaluate_integer+0xdd/0x200 [ 920.719072][T18693] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 920.719113][T18693] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 920.719160][T18693] ? __pfx_status_show+0x10/0x10 [ 920.719185][T18693] status_show+0xa0/0x120 [ 920.719211][T18693] ? __pfx_status_show+0x10/0x10 [ 920.719248][T18693] dev_attr_show+0x53/0xe0 [ 920.719284][T18693] ? __pfx_dev_attr_show+0x10/0x10 [ 920.719334][T18693] sysfs_kf_seq_show+0x213/0x3e0 [ 920.719384][T18693] seq_read_iter+0x506/0x12c0 [ 920.719444][T18693] kernfs_fop_read_iter+0x40f/0x5a0 [ 920.719479][T18693] ? rw_verify_area+0xcf/0x680 [ 920.719526][T18693] vfs_read+0x8bf/0xc60 [ 920.719579][T18693] ? __pfx___mutex_lock+0x10/0x10 [ 920.719613][T18693] ? __pfx_vfs_read+0x10/0x10 [ 920.719688][T18693] ksys_read+0x12a/0x250 [ 920.719735][T18693] ? __pfx_ksys_read+0x10/0x10 [ 920.719795][T18693] do_syscall_64+0xcd/0x490 [ 920.719831][T18693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.719875][T18693] RIP: 0033:0x7f485538e929 [ 920.719901][T18693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.719934][T18693] RSP: 002b:00007f48531f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 920.719963][T18693] RAX: ffffffffffffffda RBX: 00007f48555b6080 RCX: 00007f485538e929 [ 920.719984][T18693] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 920.720003][T18693] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 920.720023][T18693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.720042][T18693] R13: 0000000000000000 R14: 00007f48555b6080 R15: 00007fff2c26f118 [ 920.720085][T18693] [ 923.006252][T18722] FAULT_INJECTION: forcing a failure. [ 923.006252][T18722] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 923.029689][T18722] CPU: 0 UID: 0 PID: 18722 Comm: syz.3.2804 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 923.029747][T18722] Tainted: [U]=USER [ 923.029758][T18722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 923.029775][T18722] Call Trace: [ 923.029797][T18722] [ 923.029808][T18722] dump_stack_lvl+0x16c/0x1f0 [ 923.029840][T18722] should_fail_ex+0x512/0x640 [ 923.029890][T18722] _copy_to_user+0x32/0xd0 [ 923.029923][T18722] simple_read_from_buffer+0xcb/0x170 [ 923.029966][T18722] proc_fail_nth_read+0x197/0x270 [ 923.030006][T18722] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 923.030046][T18722] ? rw_verify_area+0xcf/0x680 [ 923.030084][T18722] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 923.030123][T18722] vfs_read+0x1e1/0xc60 [ 923.030172][T18722] ? __pfx___mutex_lock+0x10/0x10 [ 923.030203][T18722] ? __pfx_vfs_read+0x10/0x10 [ 923.030268][T18722] ? __fget_files+0x20e/0x3c0 [ 923.030336][T18722] ksys_read+0x12a/0x250 [ 923.030377][T18722] ? __pfx_ksys_read+0x10/0x10 [ 923.030439][T18722] do_syscall_64+0xcd/0x490 [ 923.030482][T18722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.030511][T18722] RIP: 0033:0x7f485538d33c [ 923.030534][T18722] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 923.030561][T18722] RSP: 002b:00007f48531f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 923.030586][T18722] RAX: ffffffffffffffda RBX: 00007f48555b6080 RCX: 00007f485538d33c [ 923.030604][T18722] RDX: 000000000000000f RSI: 00007f48531f60a0 RDI: 0000000000000009 [ 923.030621][T18722] RBP: 00007f48531f6090 R08: 0000000000000000 R09: 0000000000000009 [ 923.030637][T18722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 923.030653][T18722] R13: 0000000000000001 R14: 00007f48555b6080 R15: 00007fff2c26f118 [ 923.030689][T18722] [ 931.259549][T18848] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 934.113687][T18880] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 934.126086][T18880] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 934.132189][T18880] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 935.515718][T16468] Bluetooth: hci0: command 0x0406 tx timeout [ 936.158186][T16468] Bluetooth: hci4: command 0x0c1a tx timeout [ 936.158195][ T5154] Bluetooth: hci1: command 0x0c1a tx timeout [ 936.293183][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.414916][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 937.530323][T18935] program syz.3.2860 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 937.765703][T18938] can: request_module (can-proto-0) failed. [ 938.036342][T18946] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input63 [ 938.925378][ T5154] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 938.934806][ T5154] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 938.943322][ T5154] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 938.951465][ T5154] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 938.960901][ T5154] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 939.744460][T17976] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 939.794433][T18951] chnl_net:caif_netlink_parms(): no params data found [ 939.955195][T17976] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 940.115161][T17976] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 940.215539][T18951] bridge0: port 1(bridge_slave_0) entered blocking state [ 940.229969][T18951] bridge0: port 1(bridge_slave_0) entered disabled state [ 940.243639][T18951] bridge_slave_0: entered allmulticast mode [ 940.257033][T18951] bridge_slave_0: entered promiscuous mode [ 940.296148][T18951] bridge0: port 2(bridge_slave_1) entered blocking state [ 940.303394][T18951] bridge0: port 2(bridge_slave_1) entered disabled state [ 940.311437][T18951] bridge_slave_1: entered allmulticast mode [ 940.319834][T18951] bridge_slave_1: entered promiscuous mode [ 940.564909][T18951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 940.622413][T18951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 940.837526][T18951] team0: Port device team_slave_0 added [ 940.883477][T18951] team0: Port device team_slave_1 added [ 941.084681][ T5154] Bluetooth: hci0: command tx timeout [ 941.263548][T17976] netdevsim netdevsim15 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 941.452079][T18951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 941.481255][T18951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 941.553118][T18951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 941.652094][T18951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 941.702832][T18951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 941.811378][T18951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 942.126707][T19006] FAULT_INJECTION: forcing a failure. [ 942.126707][T19006] name failslab, interval 1, probability 0, space 0, times 0 [ 942.145609][T19006] CPU: 0 UID: 0 PID: 19006 Comm: syz.3.2871 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 942.145654][T19006] Tainted: [U]=USER [ 942.145665][T19006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 942.145682][T19006] Call Trace: [ 942.145693][T19006] [ 942.145704][T19006] dump_stack_lvl+0x16c/0x1f0 [ 942.145737][T19006] should_fail_ex+0x512/0x640 [ 942.145782][T19006] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 942.145827][T19006] should_failslab+0xc2/0x120 [ 942.145857][T19006] __kmalloc_cache_noprof+0x6a/0x3e0 [ 942.145898][T19006] ? input_allocate_device+0xc5/0x350 [ 942.145945][T19006] input_allocate_device+0xc5/0x350 [ 942.145988][T19006] uinput_ioctl_handler.isra.0+0x8bb/0x1df0 [ 942.146028][T19006] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 942.146071][T19006] ? find_held_lock+0x2b/0x80 [ 942.146119][T19006] ? __pfx_uinput_ioctl+0x10/0x10 [ 942.146153][T19006] __x64_sys_ioctl+0x18b/0x210 [ 942.146193][T19006] do_syscall_64+0xcd/0x490 [ 942.146224][T19006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.146263][T19006] RIP: 0033:0x7f485538e929 [ 942.146285][T19006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 942.146313][T19006] RSP: 002b:00007f4852db2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 942.146341][T19006] RAX: ffffffffffffffda RBX: 00007f48555b6240 RCX: 00007f485538e929 [ 942.146360][T19006] RDX: 0000200000000300 RSI: 00000000405c5503 RDI: 0000000000000006 [ 942.146377][T19006] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 942.146394][T19006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 942.146411][T19006] R13: 0000000000000000 R14: 00007f48555b6240 R15: 00007fff2c26f118 [ 942.146447][T19006] [ 942.149872][T18951] hsr_slave_0: entered promiscuous mode [ 942.525046][T18951] hsr_slave_1: entered promiscuous mode [ 942.555368][T18951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 942.579362][T18951] Cannot create hsr debugfs directory [ 942.839253][T17976] vlan1: left allmulticast mode [ 942.844173][T17976] veth0_vlan: left allmulticast mode [ 942.863913][T17976] vlan1: left promiscuous mode [ 942.902172][T17976] bridge0: port 3(vlan1) entered disabled state [ 942.940603][T17976] bridge_slave_0: left allmulticast mode [ 942.972203][T17976] bridge_slave_0: left promiscuous mode [ 942.994921][T17976] bridge0: port 1(bridge_slave_0) entered disabled state [ 943.128924][ T5154] Bluetooth: hci0: command tx timeout [ 943.840362][T17976] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 943.879480][T17976] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 943.890115][T17976] bond0 (unregistering): Released all slaves [ 944.032317][ T5154] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 945.213230][T16468] Bluetooth: hci0: command tx timeout [ 946.594847][T18987] Process accounting paused [ 946.816644][T18951] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 946.907292][T18951] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 947.123626][T18951] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 947.190839][T18951] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 947.275692][T16468] Bluetooth: hci0: command tx timeout [ 948.042823][T17976] hsr_slave_0: left promiscuous mode [ 948.051751][T17976] hsr_slave_1: left promiscuous mode [ 948.067112][T17976] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 948.090067][T17976] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 948.186791][T17976] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 948.194258][T17976] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 948.231982][T17976] veth0_macvtap: left promiscuous mode [ 948.239957][T17976] veth1_vlan: left promiscuous mode [ 948.245427][T17976] veth0_vlan: left promiscuous mode [ 948.748417][T19132] FAULT_INJECTION: forcing a failure. [ 948.748417][T19132] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 948.782496][T19132] CPU: 1 UID: 0 PID: 19132 Comm: syz.3.2890 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 948.782551][T19132] Tainted: [U]=USER [ 948.782562][T19132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 948.782583][T19132] Call Trace: [ 948.782594][T19132] [ 948.782608][T19132] dump_stack_lvl+0x16c/0x1f0 [ 948.782646][T19132] should_fail_ex+0x512/0x640 [ 948.782701][T19132] _copy_from_user+0x2e/0xd0 [ 948.782745][T19132] uinput_dev_setup+0xdf/0x2f0 [ 948.782777][T19132] ? dev_set_name+0xc7/0x100 [ 948.782819][T19132] ? __pfx_uinput_dev_setup+0x10/0x10 [ 948.782868][T19132] ? input_allocate_device+0x271/0x350 [ 948.782924][T19132] uinput_ioctl_handler.isra.0+0x14b3/0x1df0 [ 948.782979][T19132] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 948.783044][T19132] ? find_held_lock+0x2b/0x80 [ 948.783098][T19132] ? __pfx_uinput_ioctl+0x10/0x10 [ 948.783137][T19132] __x64_sys_ioctl+0x18b/0x210 [ 948.783184][T19132] do_syscall_64+0xcd/0x490 [ 948.783221][T19132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 948.783256][T19132] RIP: 0033:0x7f485538e929 [ 948.783284][T19132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 948.783319][T19132] RSP: 002b:00007f48531d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 948.783349][T19132] RAX: ffffffffffffffda RBX: 00007f48555b6160 RCX: 00007f485538e929 [ 948.783372][T19132] RDX: 0000200000000300 RSI: 00000000405c5503 RDI: 0000000000000008 [ 948.783393][T19132] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 948.783414][T19132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 948.783433][T19132] R13: 0000000000000000 R14: 00007f48555b6160 R15: 00007fff2c26f118 [ 948.783475][T19132] [ 949.722840][T17976] team0 (unregistering): Port device team_slave_1 removed [ 949.764650][T17976] team0 (unregistering): Port device team_slave_0 removed [ 950.160998][T18951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 950.692839][T18951] 8021q: adding VLAN 0 to HW filter on device team0 [ 950.740291][T17975] bridge0: port 1(bridge_slave_0) entered blocking state [ 950.747533][T17975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 950.789897][T17975] bridge0: port 2(bridge_slave_1) entered blocking state [ 950.797128][T17975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 951.568780][T19169] can: request_module (can-proto-3) failed. [ 952.423156][T19191] Invalid ELF header magic: != ELF [ 952.651306][T18951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 952.890183][T18951] veth0_vlan: entered promiscuous mode [ 952.955849][T18951] veth1_vlan: entered promiscuous mode [ 953.043657][T18951] veth0_macvtap: entered promiscuous mode [ 953.091263][T18951] veth1_macvtap: entered promiscuous mode [ 953.152259][T18951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 953.186880][T18951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 953.205070][T18951] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 953.218517][T18951] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 953.239730][T18951] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 953.275644][T18951] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 953.311067][T19212] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2902'. [ 953.485284][T19216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2902'. [ 953.569458][T19212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2902'. [ 954.174795][T17963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 954.211924][T17963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 954.550808][T17974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 954.569815][T17974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 955.349617][T19261] random: crng reseeded on system resumption [ 956.105892][ T5154] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 956.119314][ T5154] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 956.138347][ T5154] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 956.159721][ T5154] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 956.172342][ T5154] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 957.005142][T19305] FAULT_INJECTION: forcing a failure. [ 957.005142][T19305] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 957.062575][T19305] CPU: 1 UID: 0 PID: 19305 Comm: syz.2.2910 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 957.062611][T19305] Tainted: [U]=USER [ 957.062618][T19305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 957.062631][T19305] Call Trace: [ 957.062639][T19305] [ 957.062648][T19305] dump_stack_lvl+0x16c/0x1f0 [ 957.062673][T19305] should_fail_ex+0x512/0x640 [ 957.062710][T19305] should_fail_alloc_page+0xe7/0x130 [ 957.062735][T19305] prepare_alloc_pages+0x3c2/0x610 [ 957.062762][T19305] ? rcu_is_watching+0x12/0xc0 [ 957.062787][T19305] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 957.062824][T19305] ? stack_trace_save+0x8e/0xc0 [ 957.062848][T19305] ? __pfx_stack_trace_save+0x10/0x10 [ 957.062871][T19305] ? stack_depot_save_flags+0x28/0xa40 [ 957.062912][T19305] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 957.062947][T19305] ? __lock_acquire+0x622/0x1c90 [ 957.062981][T19305] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 957.063009][T19305] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 957.063044][T19305] ? policy_nodemask+0xea/0x4e0 [ 957.063067][T19305] alloc_pages_mpol+0x1fb/0x550 [ 957.063089][T19305] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 957.063118][T19305] alloc_pages_noprof+0x131/0x390 [ 957.063145][T19305] alloc_pages_exact_noprof+0x37/0xe0 [ 957.063172][T19305] ? __asan_memset+0x23/0x50 [ 957.063202][T19305] snd_pcm_attach_substream+0x4bb/0xd60 [ 957.063241][T19305] snd_pcm_open_substream+0x8d/0x17f0 [ 957.063279][T19305] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 957.063318][T19305] snd_pcm_oss_open+0x735/0x1400 [ 957.063354][T19305] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 957.063382][T19305] ? __lock_acquire+0xb8a/0x1c90 [ 957.063409][T19305] ? __pfx_default_wake_function+0x10/0x10 [ 957.063433][T19305] ? __lock_acquire+0xb8a/0x1c90 [ 957.063467][T19305] ? do_raw_spin_lock+0x12c/0x2b0 [ 957.063501][T19305] ? soundcore_open+0x35a/0x580 [ 957.063529][T19305] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 957.063565][T19305] soundcore_open+0x409/0x580 [ 957.063597][T19305] ? __pfx_soundcore_open+0x10/0x10 [ 957.063626][T19305] chrdev_open+0x234/0x6a0 [ 957.063645][T19305] ? __pfx_apparmor_file_open+0x10/0x10 [ 957.063675][T19305] ? __pfx_chrdev_open+0x10/0x10 [ 957.063696][T19305] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 957.063731][T19305] do_dentry_open+0x741/0x1c10 [ 957.063766][T19305] ? __pfx_chrdev_open+0x10/0x10 [ 957.063790][T19305] vfs_open+0x82/0x3f0 [ 957.063817][T19305] path_openat+0x1de4/0x2cb0 [ 957.063857][T19305] ? __pfx_path_openat+0x10/0x10 [ 957.063892][T19305] ? __lock_acquire+0xb8a/0x1c90 [ 957.063923][T19305] do_filp_open+0x20b/0x470 [ 957.063955][T19305] ? __pfx_do_filp_open+0x10/0x10 [ 957.064006][T19305] ? alloc_fd+0x471/0x7d0 [ 957.064044][T19305] do_sys_openat2+0x11b/0x1d0 [ 957.064068][T19305] ? __pfx_do_sys_openat2+0x10/0x10 [ 957.064095][T19305] ? __sys_sendmsg+0x18c/0x220 [ 957.064122][T19305] __x64_sys_openat+0x174/0x210 [ 957.064153][T19305] ? __pfx___x64_sys_openat+0x10/0x10 [ 957.064190][T19305] do_syscall_64+0xcd/0x490 [ 957.064213][T19305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 957.064235][T19305] RIP: 0033:0x7f065d58e929 [ 957.064252][T19305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 957.064274][T19305] RSP: 002b:00007f065e46f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 957.064294][T19305] RAX: ffffffffffffffda RBX: 00007f065d7b6160 RCX: 00007f065d58e929 [ 957.064308][T19305] RDX: 0000000000020b42 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 957.064322][T19305] RBP: 00007f065d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 957.064336][T19305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 957.064349][T19305] R13: 0000000000000000 R14: 00007f065d7b6160 R15: 00007ffc8ca1c718 [ 957.064376][T19305] [ 957.111813][T19279] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 957.504770][T19279] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 957.642938][T19279] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 957.659827][T19279] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 957.695631][T19279] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 957.708179][T19279] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 957.800457][T19279] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 957.815246][T19279] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 957.833160][T19279] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 958.324995][T19272] chnl_net:caif_netlink_parms(): no params data found [ 958.564845][T16468] Bluetooth: hci4: command 0x0c1a tx timeout [ 959.311195][T19272] bridge0: port 1(bridge_slave_0) entered blocking state [ 959.321623][T19272] bridge0: port 1(bridge_slave_0) entered disabled state [ 959.330633][T19272] bridge_slave_0: entered allmulticast mode [ 959.342162][T19272] bridge_slave_0: entered promiscuous mode [ 959.422585][T19272] bridge0: port 2(bridge_slave_1) entered blocking state [ 959.433609][T19272] bridge0: port 2(bridge_slave_1) entered disabled state [ 959.441570][T19272] bridge_slave_1: entered allmulticast mode [ 959.450129][T19272] bridge_slave_1: entered promiscuous mode [ 959.519648][T19272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 959.560581][T19272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 959.677731][ T5154] Bluetooth: hci1: command 0x0c1a tx timeout [ 959.683850][T16468] Bluetooth: hci0: command 0x0c1a tx timeout [ 959.836599][T16468] Bluetooth: hci3: command 0x041b tx timeout [ 959.885350][T19272] team0: Port device team_slave_0 added [ 959.903957][T19272] team0: Port device team_slave_1 added [ 960.067499][T19272] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 960.084726][T19272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 960.139277][T19272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 960.167958][T19272] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 960.190014][T19272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 960.248062][T19272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 960.500588][T19272] hsr_slave_0: entered promiscuous mode [ 960.526676][T19272] hsr_slave_1: entered promiscuous mode [ 960.544573][T19272] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 960.576022][T19272] Cannot create hsr debugfs directory [ 960.643938][T16468] Bluetooth: hci4: command 0x0c1a tx timeout [ 961.153923][T19272] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 961.407019][T19272] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 961.647278][T19400] Line length is too long: Should be less than 4094 [ 961.663834][T19272] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 961.755583][T16468] Bluetooth: hci0: command 0x0c1a tx timeout [ 961.915719][T16468] Bluetooth: hci3: command 0x041b tx timeout [ 961.960617][T19272] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 962.687048][T19272] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 962.826016][T19272] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 962.849756][T19272] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 962.898683][T19272] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 963.221328][T19272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 963.409009][T19272] 8021q: adding VLAN 0 to HW filter on device team0 [ 963.480026][T17963] bridge0: port 1(bridge_slave_0) entered blocking state [ 963.487211][T17963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 963.563220][T17974] bridge0: port 2(bridge_slave_1) entered blocking state [ 963.570496][T17974] bridge0: port 2(bridge_slave_1) entered forwarding state [ 963.744211][T19272] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 963.838134][T16468] Bluetooth: hci0: command 0x0c1a tx timeout [ 964.006007][T16468] Bluetooth: hci3: command 0x041b tx timeout [ 964.706650][T19272] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 964.845435][T19272] veth0_vlan: entered promiscuous mode [ 964.898063][T19272] veth1_vlan: entered promiscuous mode [ 964.974853][T19272] veth0_macvtap: entered promiscuous mode [ 964.996606][T19272] veth1_macvtap: entered promiscuous mode [ 965.096387][T19272] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 965.132382][T19272] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 965.150359][T19272] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.167412][T19463] FAULT_INJECTION: forcing a failure. [ 965.167412][T19463] name failslab, interval 1, probability 0, space 0, times 0 [ 965.187014][T19272] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.208632][T19272] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.208888][T19463] CPU: 1 UID: 0 PID: 19463 Comm: syz.2.2937 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 965.208941][T19463] Tainted: [U]=USER [ 965.208952][T19463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 965.208972][T19463] Call Trace: [ 965.208983][T19463] [ 965.208996][T19463] dump_stack_lvl+0x16c/0x1f0 [ 965.209033][T19463] should_fail_ex+0x512/0x640 [ 965.209084][T19463] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 965.209146][T19463] should_failslab+0xc2/0x120 [ 965.209182][T19463] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 965.209231][T19463] ? d_instantiate+0x77/0x90 [ 965.209262][T19463] ? alloc_empty_file+0x55/0x1e0 [ 965.209301][T19463] alloc_empty_file+0x55/0x1e0 [ 965.209344][T19463] alloc_file_pseudo+0x13a/0x230 [ 965.209384][T19463] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 965.209422][T19463] ? alloc_fd+0x471/0x7d0 [ 965.209475][T19463] sock_alloc_file+0x50/0x210 [ 965.209514][T19463] __sys_socket+0x1c0/0x260 [ 965.209565][T19463] ? __pfx___sys_socket+0x10/0x10 [ 965.209609][T19463] ? xfd_validate_state+0x61/0x180 [ 965.209651][T19463] ? __pfx___do_sys_close_range+0x10/0x10 [ 965.209710][T19463] __x64_sys_socket+0x72/0xb0 [ 965.209753][T19463] ? lockdep_hardirqs_on+0x7c/0x110 [ 965.209805][T19463] do_syscall_64+0xcd/0x490 [ 965.209842][T19463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 965.209875][T19463] RIP: 0033:0x7f065d58e929 [ 965.209900][T19463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 965.209932][T19463] RSP: 002b:00007f065e490038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 965.209963][T19463] RAX: ffffffffffffffda RBX: 00007f065d7b6080 RCX: 00007f065d58e929 [ 965.209986][T19463] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 965.210005][T19463] RBP: 00007f065d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 965.210026][T19463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 965.210044][T19463] R13: 0000000000000000 R14: 00007f065d7b6080 R15: 00007ffc8ca1c718 [ 965.210084][T19463] [ 965.508009][T19272] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 966.076760][T16468] Bluetooth: hci3: command 0x041b tx timeout [ 966.393453][T17976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 966.419781][T17976] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 966.598826][T17976] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 966.628365][T17976] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 966.831742][T19497] random: crng reseeded on system resumption [ 967.484655][T19512] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2943'. [ 967.623142][T19501] netlink: zone id is out of range [ 967.649851][T19501] netlink: zone id is out of range [ 967.668403][T19501] netlink: zone id is out of range [ 967.709365][T19501] netlink: zone id is out of range [ 967.714543][T19501] netlink: zone id is out of range [ 967.775798][T19501] netlink: zone id is out of range [ 967.801317][T19501] netlink: zone id is out of range [ 967.816826][T19501] netlink: zone id is out of range [ 967.825740][T19501] netlink: zone id is out of range [ 967.830924][T19501] netlink: zone id is out of range [ 967.920445][T19512] bond0: (slave bond_slave_1): Releasing backup interface [ 968.155636][T16468] Bluetooth: hci3: command 0x041b tx timeout [ 968.391680][T16468] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 969.096220][T19539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2949'. [ 970.235796][T16468] Bluetooth: hci3: command 0x041b tx timeout [ 970.566131][T19556] warning: `syz.1.2953' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 979.789501][T19709] ERROR: Out of memory at tomoyo_memory_ok. [ 980.127213][T19717] netlink: 'syz.2.2982': attribute type 16 has an invalid length. [ 980.135104][T19717] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2982'. [ 980.186178][T19717] veth1_macvtap: left promiscuous mode [ 980.691644][T19729] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2986'. [ 982.010919][T19759] vivid-007: ================= START STATUS ================= [ 982.018820][T19759] vivid-007: Generate PTS: true [ 982.023745][T19759] vivid-007: Generate SCR: true [ 982.028751][T19759] tpg source WxH: 320x240 (Y'CbCr) [ 982.033914][T19759] tpg field: 1 [ 982.043141][T19759] tpg crop: (0,0)/320x240 [ 982.053221][T19759] tpg compose: (0,0)/320x240 [ 982.073739][T19759] tpg colorspace: 8 [ 982.116030][T19759] tpg transfer function: 0/0 [ 982.120703][T19759] tpg Y'CbCr encoding: 0/0 [ 982.125151][T19759] tpg quantization: 0/0 [ 982.238052][T19759] tpg RGB range: 0/2 [ 982.251527][T19759] vivid-007: ================== END STATUS ================== [ 982.677397][T19769] program syz.0.2993 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 982.725101][T19769] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 987.187711][T19835] ERROR: Out of memory at tomoyo_memory_ok. [ 988.383520][T19858] ERROR: Out of memory at tomoyo_memory_ok. [ 988.949300][T19866] block nbd7: not configured, cannot reconfigure [ 990.636673][T19892] ubi0: attaching mtd0 [ 990.649015][T19892] ubi0: scanning is finished [ 990.653650][T19892] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 991.169858][T19892] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 992.007155][T19916] ovs_: entered promiscuous mode [ 993.485958][ T30] audit: type=1800 audit(4294967388.160:20): pid=19939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3030" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 994.457085][T19970] input input68: cannot allocate more than FF_MAX_EFFECTS effects [ 997.608532][T20022] ERROR: Out of memory at tomoyo_memory_ok. [ 997.683395][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 997.689848][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 997.698977][T20024] snd_aloop snd_aloop.0: control 16781581:65535:512:'?F/zF˷fC:1037 is already present [ 997.829618][T20025] ERROR: Out of memory at tomoyo_memory_ok. [ 997.899502][T20024] ERROR: Out of memory at tomoyo_memory_ok. [ 1000.012076][T20064] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3056'. [ 1001.860163][T20101] tipc: Started in network mode [ 1001.872485][T20101] tipc: Node identity ee00, cluster identity 4711 [ 1001.880104][T20101] tipc: Node number set to 60928 [ 1003.225771][T20136] tipc: Started in network mode [ 1003.274735][T20136] tipc: Node identity ee00, cluster identity 4711 [ 1003.320554][T20136] tipc: Node number set to 60928 [ 1006.077548][T20170] ptrace attach of "./syz-executor exec"[17011] was attempted by "./syz-executor exec"[20170] [ 1008.595988][T20216] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 1008.704187][T20211] ERROR: Out of memory at tomoyo_memory_ok. [ 1009.098460][T20221] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3091'. [ 1009.168791][T20220] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3091'. [ 1010.250431][T20225] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 1011.156670][T20228] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71 [ 1011.901679][T20259] zswap: compressor not available [ 1012.924057][T20283] HfR: entered promiscuous mode [ 1012.950385][T20283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3103'. [ 1012.979713][T20283] openvswitch: HfR: Dropping previously announced user features [ 1013.023605][T20283] device-mapper: ioctl: Unable to rename non-existent device,  to [ 1013.600056][T20292] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1013.902180][T20297] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 1014.050508][T20299] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 1016.462239][T20259] kexec: Could not allocate control_code_buffer [ 1017.170395][T20355] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3119'. [ 1017.180930][T20355] net_ratelimit: 653 callbacks suppressed [ 1017.180952][T20355] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1022.634701][T20451] svc: failed to register nfsdv3 RPC service (errno 111). [ 1022.686299][T20451] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1022.840439][T20459] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 1023.587263][T20480] FAULT_INJECTION: forcing a failure. [ 1023.587263][T20480] name failslab, interval 1, probability 0, space 0, times 0 [ 1023.612911][T20480] CPU: 0 UID: 0 PID: 20480 Comm: syz.2.3143 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1023.612959][T20480] Tainted: [U]=USER [ 1023.612968][T20480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1023.612985][T20480] Call Trace: [ 1023.612995][T20480] [ 1023.613006][T20480] dump_stack_lvl+0x16c/0x1f0 [ 1023.613038][T20480] should_fail_ex+0x512/0x640 [ 1023.613081][T20480] ? __kmalloc_noprof+0xbf/0x510 [ 1023.613141][T20480] ? acpi_ns_internalize_name+0x144/0x220 [ 1023.613180][T20480] should_failslab+0xc2/0x120 [ 1023.613209][T20480] __kmalloc_noprof+0xd2/0x510 [ 1023.613257][T20480] ? acpi_ns_get_internal_name_length+0x272/0x400 [ 1023.613303][T20480] acpi_ns_internalize_name+0x144/0x220 [ 1023.613346][T20480] ? __pfx_acpi_ns_internalize_name+0x10/0x10 [ 1023.613395][T20480] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1023.613427][T20480] ? acpi_evaluate_integer+0xdd/0x200 [ 1023.613464][T20480] ? status_show+0xa0/0x120 [ 1023.613486][T20480] ? dev_attr_show+0x53/0xe0 [ 1023.613525][T20480] ? sysfs_kf_seq_show+0x213/0x3e0 [ 1023.613559][T20480] ? seq_read_iter+0x506/0x12c0 [ 1023.613597][T20480] acpi_ns_get_node_unlocked+0x163/0x310 [ 1023.613640][T20480] ? __pfx_acpi_ns_get_node_unlocked+0x10/0x10 [ 1023.613680][T20480] ? find_held_lock+0x2b/0x80 [ 1023.613721][T20480] ? down_timeout+0x6b/0x90 [ 1023.613751][T20480] ? acpi_os_wait_semaphore+0xcb/0xf0 [ 1023.613786][T20480] ? acpi_ns_get_node+0x4c/0x70 [ 1023.613823][T20480] acpi_ns_get_node+0x4c/0x70 [ 1023.613864][T20480] acpi_ns_evaluate+0x6ef/0xca0 [ 1023.613897][T20480] ? kasan_save_track+0x14/0x30 [ 1023.613980][T20480] acpi_evaluate_object+0x1fa/0xa90 [ 1023.614025][T20480] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1023.614058][T20480] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1023.614105][T20480] ? __mutex_trylock_common+0xe9/0x250 [ 1023.614151][T20480] acpi_evaluate_integer+0xdd/0x200 [ 1023.614191][T20480] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1023.614231][T20480] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1023.614279][T20480] ? __pfx_status_show+0x10/0x10 [ 1023.614305][T20480] status_show+0xa0/0x120 [ 1023.614331][T20480] ? __pfx_status_show+0x10/0x10 [ 1023.614368][T20480] dev_attr_show+0x53/0xe0 [ 1023.614402][T20480] ? __pfx_dev_attr_show+0x10/0x10 [ 1023.614432][T20480] sysfs_kf_seq_show+0x213/0x3e0 [ 1023.614478][T20480] seq_read_iter+0x506/0x12c0 [ 1023.614536][T20480] kernfs_fop_read_iter+0x40f/0x5a0 [ 1023.614569][T20480] ? rw_verify_area+0xcf/0x680 [ 1023.614612][T20480] vfs_read+0x8bf/0xc60 [ 1023.614661][T20480] ? __pfx___mutex_lock+0x10/0x10 [ 1023.614690][T20480] ? __pfx_vfs_read+0x10/0x10 [ 1023.614767][T20480] ksys_read+0x12a/0x250 [ 1023.614809][T20480] ? __pfx_ksys_read+0x10/0x10 [ 1023.614865][T20480] do_syscall_64+0xcd/0x490 [ 1023.614898][T20480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1023.614927][T20480] RIP: 0033:0x7f065d58e929 [ 1023.614957][T20480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1023.614987][T20480] RSP: 002b:00007f065e490038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1023.615015][T20480] RAX: ffffffffffffffda RBX: 00007f065d7b6080 RCX: 00007f065d58e929 [ 1023.615035][T20480] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1023.615054][T20480] RBP: 00007f065e490090 R08: 0000000000000000 R09: 0000000000000000 [ 1023.615073][T20480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1023.615092][T20480] R13: 0000000000000000 R14: 00007f065d7b6080 R15: 00007ffc8ca1c718 [ 1023.615132][T20480] [ 1024.528568][T20494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3146'. [ 1024.616689][T20489] FAULT_INJECTION: forcing a failure. [ 1024.616689][T20489] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.639664][T20489] CPU: 0 UID: 0 PID: 20489 Comm: syz.0.3145 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1024.639711][T20489] Tainted: [U]=USER [ 1024.639722][T20489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1024.639741][T20489] Call Trace: [ 1024.639751][T20489] [ 1024.639763][T20489] dump_stack_lvl+0x16c/0x1f0 [ 1024.639798][T20489] should_fail_ex+0x512/0x640 [ 1024.639846][T20489] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1024.639897][T20489] should_failslab+0xc2/0x120 [ 1024.639938][T20489] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1024.639996][T20489] ? copy_process+0x4b6/0x76a0 [ 1024.640033][T20489] ? _raw_spin_unlock_irq+0x23/0x50 [ 1024.640077][T20489] copy_process+0x4b6/0x76a0 [ 1024.640110][T20489] ? __pfx___futex_wait+0x10/0x10 [ 1024.640165][T20489] ? __pfx_copy_process+0x10/0x10 [ 1024.640220][T20489] kernel_clone+0xfc/0x960 [ 1024.640259][T20489] ? __pfx_kernel_clone+0x10/0x10 [ 1024.640315][T20489] __do_sys_clone+0xce/0x120 [ 1024.640349][T20489] ? __pfx___do_sys_clone+0x10/0x10 [ 1024.640399][T20489] ? xfd_validate_state+0x61/0x180 [ 1024.640435][T20489] ? __pfx_do_writev+0x10/0x10 [ 1024.640486][T20489] do_syscall_64+0xcd/0x490 [ 1024.640518][T20489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1024.640547][T20489] RIP: 0033:0x7efc68b8e929 [ 1024.640570][T20489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1024.640598][T20489] RSP: 002b:00007efc69a08fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1024.640624][T20489] RAX: ffffffffffffffda RBX: 00007efc68db5fa0 RCX: 00007efc68b8e929 [ 1024.640644][T20489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000040011 [ 1024.640660][T20489] RBP: 00007efc68c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1024.640677][T20489] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1024.640694][T20489] R13: 0000000000000000 R14: 00007efc68db5fa0 R15: 00007ffdbac45208 [ 1024.640730][T20489] [ 1026.742841][T20537] zswap: compressor not available [ 1027.788514][T20570] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3163'. [ 1028.116200][T20570] hsr_slave_0 (unregistering): left promiscuous mode [ 1029.204469][T20601] Unable to find swap-space signature [ 1029.846123][T20615] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input74 [ 1030.357177][T20616] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input75 [ 1032.410165][T20646] FAULT_INJECTION: forcing a failure. [ 1032.410165][T20646] name failslab, interval 1, probability 0, space 0, times 0 [ 1032.481498][T20646] CPU: 1 UID: 0 PID: 20646 Comm: syz.1.3175 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1032.481555][T20646] Tainted: [U]=USER [ 1032.481564][T20646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1032.481581][T20646] Call Trace: [ 1032.481590][T20646] [ 1032.481600][T20646] dump_stack_lvl+0x16c/0x1f0 [ 1032.481631][T20646] should_fail_ex+0x512/0x640 [ 1032.481672][T20646] ? fs_reclaim_acquire+0xae/0x150 [ 1032.481709][T20646] ? tomoyo_encode2+0x100/0x3e0 [ 1032.481744][T20646] should_failslab+0xc2/0x120 [ 1032.481773][T20646] __kmalloc_noprof+0xd2/0x510 [ 1032.481819][T20646] tomoyo_encode2+0x100/0x3e0 [ 1032.481864][T20646] tomoyo_encode+0x29/0x50 [ 1032.481902][T20646] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1032.481953][T20646] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1032.481991][T20646] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1032.482059][T20646] ? find_held_lock+0x2b/0x80 [ 1032.482095][T20646] tomoyo_file_open+0x6b/0x90 [ 1032.482125][T20646] security_file_open+0x84/0x1e0 [ 1032.482163][T20646] do_dentry_open+0x596/0x1c10 [ 1032.482215][T20646] vfs_open+0x82/0x3f0 [ 1032.482250][T20646] path_openat+0x1de4/0x2cb0 [ 1032.482305][T20646] ? __pfx_path_openat+0x10/0x10 [ 1032.482355][T20646] ? __lock_acquire+0xb8a/0x1c90 [ 1032.482395][T20646] do_filp_open+0x20b/0x470 [ 1032.482439][T20646] ? __pfx_do_filp_open+0x10/0x10 [ 1032.482491][T20646] ? __pfx_kfree_link+0x10/0x10 [ 1032.482537][T20646] ? alloc_fd+0x471/0x7d0 [ 1032.482586][T20646] do_sys_openat2+0x11b/0x1d0 [ 1032.482620][T20646] ? __pfx_do_sys_openat2+0x10/0x10 [ 1032.482667][T20646] __x64_sys_openat+0x174/0x210 [ 1032.482702][T20646] ? __pfx___x64_sys_openat+0x10/0x10 [ 1032.482747][T20646] do_syscall_64+0xcd/0x490 [ 1032.482770][T20646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1032.482792][T20646] RIP: 0033:0x7f450cd8d290 [ 1032.482808][T20646] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 1032.482829][T20646] RSP: 002b:00007f450dbfbfe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1032.482848][T20646] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f450cd8d290 [ 1032.482862][T20646] RDX: 0000000000000002 RSI: 00007f450ce10e1e RDI: 00000000ffffff9c [ 1032.482875][T20646] RBP: 00007f450ce10e1e R08: 0000000000000000 R09: 00007f450dc1e000 [ 1032.482888][T20646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 1032.482900][T20646] R13: 0000000000000000 R14: 00007f450cfb6080 R15: 00007ffe82d0aa18 [ 1032.482926][T20646] [ 1032.483011][T20646] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1032.744891][T20646] FAULT_INJECTION: forcing a failure. [ 1032.744891][T20646] name failslab, interval 1, probability 0, space 0, times 0 [ 1032.757857][T20646] CPU: 1 UID: 0 PID: 20646 Comm: syz.1.3175 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1032.757898][T20646] Tainted: [U]=USER [ 1032.757907][T20646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1032.757924][T20646] Call Trace: [ 1032.757934][T20646] [ 1032.757946][T20646] dump_stack_lvl+0x16c/0x1f0 [ 1032.757970][T20646] should_fail_ex+0x512/0x640 [ 1032.758002][T20646] ? __kmalloc_noprof+0xbf/0x510 [ 1032.758036][T20646] ? acpi_ns_get_normalized_pathname+0x75/0xd0 [ 1032.758061][T20646] should_failslab+0xc2/0x120 [ 1032.758082][T20646] __kmalloc_noprof+0xd2/0x510 [ 1032.758120][T20646] acpi_ns_get_normalized_pathname+0x75/0xd0 [ 1032.758148][T20646] acpi_ex_start_trace_method+0x30/0x480 [ 1032.758179][T20646] acpi_ds_begin_method_execution+0x3c/0x980 [ 1032.758210][T20646] ? acpi_tb_check_dsdt_header+0x187/0x3e0 [ 1032.758243][T20646] acpi_ps_execute_method+0x94/0xb30 [ 1032.758267][T20646] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1032.758300][T20646] acpi_ns_evaluate+0x76c/0xca0 [ 1032.758325][T20646] ? kasan_save_track+0x14/0x30 [ 1032.758359][T20646] acpi_evaluate_object+0x1fa/0xa90 [ 1032.758392][T20646] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1032.758415][T20646] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1032.758449][T20646] ? __mutex_trylock_common+0xe9/0x250 [ 1032.758483][T20646] acpi_evaluate_integer+0xdd/0x200 [ 1032.758512][T20646] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1032.758542][T20646] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1032.758574][T20646] ? __pfx_status_show+0x10/0x10 [ 1032.758592][T20646] status_show+0xa0/0x120 [ 1032.758610][T20646] ? __pfx_status_show+0x10/0x10 [ 1032.758635][T20646] dev_attr_show+0x53/0xe0 [ 1032.758659][T20646] ? __pfx_dev_attr_show+0x10/0x10 [ 1032.758679][T20646] sysfs_kf_seq_show+0x213/0x3e0 [ 1032.758712][T20646] seq_read_iter+0x506/0x12c0 [ 1032.758751][T20646] kernfs_fop_read_iter+0x40f/0x5a0 [ 1032.758774][T20646] ? rw_verify_area+0xcf/0x680 [ 1032.758804][T20646] vfs_read+0x8bf/0xc60 [ 1032.758838][T20646] ? __pfx___mutex_lock+0x10/0x10 [ 1032.758858][T20646] ? __pfx_vfs_read+0x10/0x10 [ 1032.758905][T20646] ksys_read+0x12a/0x250 [ 1032.758935][T20646] ? __pfx_ksys_read+0x10/0x10 [ 1032.758981][T20646] do_syscall_64+0xcd/0x490 [ 1032.759012][T20646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1032.759036][T20646] RIP: 0033:0x7f450cd8e929 [ 1032.759052][T20646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1032.759073][T20646] RSP: 002b:00007f450dbfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1032.759092][T20646] RAX: ffffffffffffffda RBX: 00007f450cfb6080 RCX: 00007f450cd8e929 [ 1032.759106][T20646] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1032.759136][T20646] RBP: 00007f450dbfc090 R08: 0000000000000000 R09: 0000000000000000 [ 1032.759149][T20646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1032.759162][T20646] R13: 0000000000000000 R14: 00007f450cfb6080 R15: 00007ffe82d0aa18 [ 1032.759190][T20646] [ 1033.113933][T20646] ACPI Error: Could not allocate 15 bytes (20250404/nsnames-308) [ 1033.403681][T20653] FAULT_INJECTION: forcing a failure. [ 1033.403681][T20653] name failslab, interval 1, probability 0, space 0, times 0 [ 1033.444524][T20653] CPU: 1 UID: 0 PID: 20653 Comm: syz.3.3177 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1033.444571][T20653] Tainted: [U]=USER [ 1033.444581][T20653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1033.444599][T20653] Call Trace: [ 1033.444609][T20653] [ 1033.444621][T20653] dump_stack_lvl+0x16c/0x1f0 [ 1033.444656][T20653] should_fail_ex+0x512/0x640 [ 1033.444703][T20653] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1033.444754][T20653] should_failslab+0xc2/0x120 [ 1033.444785][T20653] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1033.444834][T20653] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 1033.444886][T20653] acpi_ut_create_generic_state+0x5c/0xb0 [ 1033.444931][T20653] acpi_ds_scope_stack_push+0x4b/0x1d0 [ 1033.444964][T20653] acpi_ds_init_aml_walk+0x2bb/0x590 [ 1033.445002][T20653] acpi_ps_execute_method+0x32d/0xb30 [ 1033.445039][T20653] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1033.445080][T20653] acpi_ns_evaluate+0x76c/0xca0 [ 1033.445116][T20653] ? kasan_save_track+0x14/0x30 [ 1033.445176][T20653] acpi_evaluate_object+0x1fa/0xa90 [ 1033.445222][T20653] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.445254][T20653] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1033.445302][T20653] ? __mutex_trylock_common+0xe9/0x250 [ 1033.445346][T20653] acpi_evaluate_integer+0xdd/0x200 [ 1033.445386][T20653] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1033.445428][T20653] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1033.445473][T20653] ? __pfx_status_show+0x10/0x10 [ 1033.445506][T20653] status_show+0xa0/0x120 [ 1033.445532][T20653] ? __pfx_status_show+0x10/0x10 [ 1033.445567][T20653] dev_attr_show+0x53/0xe0 [ 1033.445602][T20653] ? __pfx_dev_attr_show+0x10/0x10 [ 1033.445632][T20653] sysfs_kf_seq_show+0x213/0x3e0 [ 1033.445677][T20653] seq_read_iter+0x506/0x12c0 [ 1033.445732][T20653] kernfs_fop_read_iter+0x40f/0x5a0 [ 1033.445765][T20653] ? rw_verify_area+0xcf/0x680 [ 1033.445813][T20653] vfs_read+0x8bf/0xc60 [ 1033.445860][T20653] ? __pfx___mutex_lock+0x10/0x10 [ 1033.445890][T20653] ? __pfx_vfs_read+0x10/0x10 [ 1033.445956][T20653] ksys_read+0x12a/0x250 [ 1033.445997][T20653] ? __pfx_ksys_read+0x10/0x10 [ 1033.446051][T20653] do_syscall_64+0xcd/0x490 [ 1033.446082][T20653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.446112][T20653] RIP: 0033:0x7f485538e929 [ 1033.446135][T20653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1033.446162][T20653] RSP: 002b:00007f48531d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1033.446190][T20653] RAX: ffffffffffffffda RBX: 00007f48555b6160 RCX: 00007f485538e929 [ 1033.446208][T20653] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1033.446225][T20653] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1033.446241][T20653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1033.446258][T20653] R13: 0000000000000000 R14: 00007f48555b6160 R15: 00007fff2c26f118 [ 1033.446294][T20653] [ 1033.749389][T20653] ACPI Error: ffff88807d78e000 walk still has a scope list (20250404/dswstate-694) [ 1033.972387][T20656] zswap: compressor not available [ 1034.670658][T20664] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3181'. [ 1036.659968][T20689] random: crng reseeded on system resumption [ 1037.327523][T20698] can: request_module (can-proto-0) failed. [ 1038.531873][T20715] FAULT_INJECTION: forcing a failure. [ 1038.531873][T20715] name failslab, interval 1, probability 0, space 0, times 0 [ 1038.544770][T20715] CPU: 1 UID: 0 PID: 20715 Comm: syz.2.3189 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1038.544821][T20715] Tainted: [U]=USER [ 1038.544832][T20715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1038.544851][T20715] Call Trace: [ 1038.544863][T20715] [ 1038.544877][T20715] dump_stack_lvl+0x16c/0x1f0 [ 1038.544914][T20715] should_fail_ex+0x512/0x640 [ 1038.544964][T20715] ? __kmalloc_noprof+0xbf/0x510 [ 1038.545023][T20715] ? acpi_ns_get_normalized_pathname+0x75/0xd0 [ 1038.545061][T20715] should_failslab+0xc2/0x120 [ 1038.545102][T20715] __kmalloc_noprof+0xd2/0x510 [ 1038.545163][T20715] acpi_ns_get_normalized_pathname+0x75/0xd0 [ 1038.545209][T20715] acpi_ex_start_trace_method+0x30/0x480 [ 1038.545259][T20715] acpi_ds_begin_method_execution+0x3c/0x980 [ 1038.545319][T20715] ? acpi_tb_check_dsdt_header+0x187/0x3e0 [ 1038.545367][T20715] acpi_ps_execute_method+0x94/0xb30 [ 1038.545439][T20715] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1038.545484][T20715] acpi_ns_evaluate+0x76c/0xca0 [ 1038.545522][T20715] ? kasan_save_track+0x14/0x30 [ 1038.545573][T20715] acpi_evaluate_object+0x1fa/0xa90 [ 1038.545626][T20715] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1038.545660][T20715] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1038.545710][T20715] ? __mutex_trylock_common+0xe9/0x250 [ 1038.545760][T20715] acpi_evaluate_integer+0xdd/0x200 [ 1038.545802][T20715] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1038.545844][T20715] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1038.545892][T20715] ? __pfx_status_show+0x10/0x10 [ 1038.545917][T20715] status_show+0xa0/0x120 [ 1038.545944][T20715] ? __pfx_status_show+0x10/0x10 [ 1038.545983][T20715] dev_attr_show+0x53/0xe0 [ 1038.546018][T20715] ? __pfx_dev_attr_show+0x10/0x10 [ 1038.546048][T20715] sysfs_kf_seq_show+0x213/0x3e0 [ 1038.546101][T20715] seq_read_iter+0x506/0x12c0 [ 1038.546160][T20715] kernfs_fop_read_iter+0x40f/0x5a0 [ 1038.546195][T20715] ? rw_verify_area+0xcf/0x680 [ 1038.546238][T20715] vfs_read+0x8bf/0xc60 [ 1038.546289][T20715] ? __pfx___mutex_lock+0x10/0x10 [ 1038.546320][T20715] ? __pfx_vfs_read+0x10/0x10 [ 1038.546392][T20715] ksys_read+0x12a/0x250 [ 1038.546436][T20715] ? __pfx_ksys_read+0x10/0x10 [ 1038.546493][T20715] do_syscall_64+0xcd/0x490 [ 1038.546525][T20715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1038.546555][T20715] RIP: 0033:0x7f065d58e929 [ 1038.546579][T20715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1038.546609][T20715] RSP: 002b:00007f065e490038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1038.546637][T20715] RAX: ffffffffffffffda RBX: 00007f065d7b6080 RCX: 00007f065d58e929 [ 1038.546657][T20715] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1038.546686][T20715] RBP: 00007f065d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1038.546704][T20715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1038.546738][T20715] R13: 0000000000000000 R14: 00007f065d7b6080 R15: 00007ffc8ca1c718 [ 1038.546790][T20715] [ 1038.893584][T20715] ACPI Error: Could not allocate 15 bytes (20250404/nsnames-308) [ 1038.954085][ T12] bridge_slave_1: left allmulticast mode [ 1038.960055][ T12] bridge_slave_1: left promiscuous mode [ 1038.973646][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1039.041725][ T12] bridge_slave_0: left allmulticast mode [ 1039.057956][ T12] bridge_slave_0: left promiscuous mode [ 1039.063778][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1039.363765][T20727] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3195'. [ 1040.483294][ T30] audit: type=1800 audit(4294967435.180:21): pid=20745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3199" name="dmabuf" dev="dmabuf" ino=22 res=0 errno=0 [ 1040.632147][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1040.652211][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1040.672158][ T12] bond0 (unregistering): Released all slaves [ 1041.028416][T20727] team0: Port device team_slave_0 removed [ 1041.191134][ T12] tipc: Left network mode [ 1042.317276][T20758] FAULT_INJECTION: forcing a failure. [ 1042.317276][T20758] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1042.407567][T20758] CPU: 1 UID: 0 PID: 20758 Comm: syz.2.3200 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1042.407610][T20758] Tainted: [U]=USER [ 1042.407620][T20758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1042.407636][T20758] Call Trace: [ 1042.407646][T20758] [ 1042.407657][T20758] dump_stack_lvl+0x16c/0x1f0 [ 1042.407689][T20758] should_fail_ex+0x512/0x640 [ 1042.407739][T20758] get_futex_key+0xf3e/0x1540 [ 1042.407777][T20758] ? __pfx_get_futex_key+0x10/0x10 [ 1042.407812][T20758] ? __mutex_trylock_common+0xe9/0x250 [ 1042.407859][T20758] futex_wake+0xea/0x530 [ 1042.407903][T20758] ? __pfx_futex_wake+0x10/0x10 [ 1042.407940][T20758] ? __lock_acquire+0xb8a/0x1c90 [ 1042.407993][T20758] do_futex+0x1e3/0x350 [ 1042.408028][T20758] ? __pfx_do_futex+0x10/0x10 [ 1042.408059][T20758] ? __might_fault+0xe3/0x190 [ 1042.408112][T20758] mm_release+0x24e/0x300 [ 1042.408145][T20758] do_exit+0x683/0x2bd0 [ 1042.408190][T20758] ? __pfx_do_exit+0x10/0x10 [ 1042.408227][T20758] ? do_raw_spin_lock+0x12c/0x2b0 [ 1042.408271][T20758] ? find_held_lock+0x2b/0x80 [ 1042.408305][T20758] do_group_exit+0xd3/0x2a0 [ 1042.408346][T20758] get_signal+0x2673/0x26d0 [ 1042.408391][T20758] ? __pfx_get_signal+0x10/0x10 [ 1042.408421][T20758] ? do_futex+0x122/0x350 [ 1042.408456][T20758] ? __pfx_do_futex+0x10/0x10 [ 1042.408495][T20758] arch_do_signal_or_restart+0x8f/0x790 [ 1042.408529][T20758] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1042.408587][T20758] exit_to_user_mode_loop+0x84/0x110 [ 1042.408634][T20758] do_syscall_64+0x3f6/0x490 [ 1042.408664][T20758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1042.408692][T20758] RIP: 0033:0x7f065d58e929 [ 1042.408714][T20758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1042.408741][T20758] RSP: 002b:00007f065e4900e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1042.408766][T20758] RAX: fffffffffffffe00 RBX: 00007f065d7b6088 RCX: 00007f065d58e929 [ 1042.408784][T20758] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f065d7b6088 [ 1042.408800][T20758] RBP: 00007f065d7b6080 R08: 0000000000000000 R09: 0000000000000000 [ 1042.408816][T20758] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f065d7b608c [ 1042.408833][T20758] R13: 0000000000000000 R14: 00007ffc8ca1c630 R15: 00007ffc8ca1c718 [ 1042.408867][T20758] [ 1043.056881][T20785] random: crng reseeded on system resumption [ 1043.133552][T20785] ptrace attach of "./syz-executor exec"[20786] was attempted by "./syz-executor exec"[20785] [ 1044.024180][T20800] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3211'. [ 1044.245145][T20790] delete_channel: no stack [ 1044.484968][T20809] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3214'. [ 1045.090158][T20817] sg_write: data in/out 808465932/65454 bytes for SCSI command 0x0-- guessing data in; [ 1045.090158][T20817] program syz.2.3216 not setting count and/or reply_len properly [ 1046.023479][T20836] can: request_module (can-proto-0) failed. [ 1046.179890][ T12] hsr_slave_0: left promiscuous mode [ 1046.219913][ T12] hsr_slave_1: left promiscuous mode [ 1046.227703][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1046.236336][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1046.250161][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1046.258407][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1046.414828][ T12] veth1_macvtap: left promiscuous mode [ 1046.437242][ T12] veth0_macvtap: left promiscuous mode [ 1047.030105][T20855] ERROR: Out of memory at tomoyo_memory_ok. [ 1047.783232][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1047.912401][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1049.237156][T20878] zswap: compressor not available [ 1049.804431][T20886] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3227'. [ 1049.845506][T20886] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1049.884382][T20886] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1049.991504][T20886] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1050.014992][T20886] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1050.680782][T20878] kexec: Could not allocate control_code_buffer [ 1050.791171][T20911] ERROR: Out of memory at tomoyo_memory_ok. [ 1052.280547][T20935] FAULT_INJECTION: forcing a failure. [ 1052.280547][T20935] name failslab, interval 1, probability 0, space 0, times 0 [ 1052.318985][T20935] CPU: 0 UID: 0 PID: 20935 Comm: syz.3.3237 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1052.319034][T20935] Tainted: [U]=USER [ 1052.319045][T20935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1052.319063][T20935] Call Trace: [ 1052.319074][T20935] [ 1052.319085][T20935] dump_stack_lvl+0x16c/0x1f0 [ 1052.319120][T20935] should_fail_ex+0x512/0x640 [ 1052.319169][T20935] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1052.319222][T20935] should_failslab+0xc2/0x120 [ 1052.319254][T20935] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1052.319304][T20935] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 1052.319357][T20935] acpi_ut_create_generic_state+0x5c/0xb0 [ 1052.319402][T20935] acpi_ps_init_scope+0x1a/0x1c0 [ 1052.319434][T20935] acpi_ds_init_aml_walk+0x1d9/0x590 [ 1052.319472][T20935] acpi_ps_execute_method+0x32d/0xb30 [ 1052.319509][T20935] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1052.319570][T20935] acpi_ns_evaluate+0x76c/0xca0 [ 1052.319610][T20935] ? kasan_save_track+0x14/0x30 [ 1052.319662][T20935] acpi_evaluate_object+0x1fa/0xa90 [ 1052.319721][T20935] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1052.319773][T20935] ? __mutex_trylock_common+0xe9/0x250 [ 1052.319837][T20935] acpi_evaluate_integer+0xdd/0x200 [ 1052.319893][T20935] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1052.319935][T20935] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1052.319983][T20935] ? __pfx_status_show+0x10/0x10 [ 1052.320010][T20935] status_show+0xa0/0x120 [ 1052.320037][T20935] ? __pfx_status_show+0x10/0x10 [ 1052.320074][T20935] dev_attr_show+0x53/0xe0 [ 1052.320110][T20935] ? __pfx_dev_attr_show+0x10/0x10 [ 1052.320141][T20935] sysfs_kf_seq_show+0x213/0x3e0 [ 1052.320188][T20935] seq_read_iter+0x506/0x12c0 [ 1052.320247][T20935] kernfs_fop_read_iter+0x40f/0x5a0 [ 1052.320281][T20935] ? rw_verify_area+0xcf/0x680 [ 1052.320325][T20935] vfs_read+0x8bf/0xc60 [ 1052.320374][T20935] ? __pfx___mutex_lock+0x10/0x10 [ 1052.320405][T20935] ? __pfx_vfs_read+0x10/0x10 [ 1052.320477][T20935] ksys_read+0x12a/0x250 [ 1052.320521][T20935] ? __pfx_ksys_read+0x10/0x10 [ 1052.320577][T20935] do_syscall_64+0xcd/0x490 [ 1052.320610][T20935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1052.320641][T20935] RIP: 0033:0x7f485538e929 [ 1052.320665][T20935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1052.320696][T20935] RSP: 002b:00007f48531d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1052.320725][T20935] RAX: ffffffffffffffda RBX: 00007f48555b6160 RCX: 00007f485538e929 [ 1052.320756][T20935] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1052.320774][T20935] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1052.320792][T20935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1052.320816][T20935] R13: 0000000000000000 R14: 00007f48555b6160 R15: 00007fff2c26f118 [ 1052.320856][T20935] [ 1053.679127][T20951] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3243'. [ 1055.851384][T20980] FAULT_INJECTION: forcing a failure. [ 1055.851384][T20980] name failslab, interval 1, probability 0, space 0, times 0 [ 1055.866894][T20980] CPU: 1 UID: 0 PID: 20980 Comm: syz.0.3248 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1055.866939][T20980] Tainted: [U]=USER [ 1055.866950][T20980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1055.866967][T20980] Call Trace: [ 1055.866977][T20980] [ 1055.866989][T20980] dump_stack_lvl+0x16c/0x1f0 [ 1055.867023][T20980] should_fail_ex+0x512/0x640 [ 1055.867068][T20980] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1055.867116][T20980] should_failslab+0xc2/0x120 [ 1055.867144][T20980] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1055.867190][T20980] ? acpi_ut_create_integer_object+0x64/0x180 [ 1055.867229][T20980] ? acpi_ds_init_aml_walk+0x2d3/0x590 [ 1055.867263][T20980] acpi_ut_create_integer_object+0x64/0x180 [ 1055.867302][T20980] acpi_ps_execute_method+0x516/0xb30 [ 1055.867335][T20980] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1055.867374][T20980] acpi_ns_evaluate+0x76c/0xca0 [ 1055.867409][T20980] ? kasan_save_track+0x14/0x30 [ 1055.867455][T20980] acpi_evaluate_object+0x1fa/0xa90 [ 1055.867500][T20980] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.867528][T20980] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1055.867580][T20980] ? __mutex_trylock_common+0xe9/0x250 [ 1055.867627][T20980] acpi_evaluate_integer+0xdd/0x200 [ 1055.867666][T20980] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1055.867705][T20980] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1055.867750][T20980] ? __pfx_status_show+0x10/0x10 [ 1055.867775][T20980] status_show+0xa0/0x120 [ 1055.867800][T20980] ? __pfx_status_show+0x10/0x10 [ 1055.867835][T20980] dev_attr_show+0x53/0xe0 [ 1055.867868][T20980] ? __pfx_dev_attr_show+0x10/0x10 [ 1055.867897][T20980] sysfs_kf_seq_show+0x213/0x3e0 [ 1055.867942][T20980] seq_read_iter+0x506/0x12c0 [ 1055.867994][T20980] kernfs_fop_read_iter+0x40f/0x5a0 [ 1055.868025][T20980] ? rw_verify_area+0xcf/0x680 [ 1055.868065][T20980] vfs_read+0x8bf/0xc60 [ 1055.868111][T20980] ? __pfx___mutex_lock+0x10/0x10 [ 1055.868141][T20980] ? __pfx_vfs_read+0x10/0x10 [ 1055.868209][T20980] ksys_read+0x12a/0x250 [ 1055.868251][T20980] ? __pfx_ksys_read+0x10/0x10 [ 1055.868305][T20980] do_syscall_64+0xcd/0x490 [ 1055.868337][T20980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.868366][T20980] RIP: 0033:0x7efc68b8e929 [ 1055.868388][T20980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1055.868415][T20980] RSP: 002b:00007efc699c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1055.868442][T20980] RAX: ffffffffffffffda RBX: 00007efc68db6160 RCX: 00007efc68b8e929 [ 1055.868461][T20980] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1055.868479][T20980] RBP: 00007efc68c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1055.868495][T20980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1055.868511][T20980] R13: 0000000000000000 R14: 00007efc68db6160 R15: 00007ffdbac45208 [ 1055.868553][T20980] [ 1055.868566][T20980] ACPI Error: Could not allocate an object descriptor (20250404/utobject-180) [ 1056.204900][T20980] ACPI Error: ffff888047d49000 walk still has a scope list (20250404/dswstate-694) [ 1056.744273][T20973] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 1056.774462][T20990] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3253'. [ 1056.848291][T20990] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3253'. [ 1058.352788][T21018] device-mapper: ioctl: Unable to rename non-existent device,  to [ 1059.121606][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 1059.128110][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 1059.556005][T21033] random: crng reseeded on system resumption [ 1059.859681][T21037] netlink: 346 bytes leftover after parsing attributes in process `syz.0.3265'. [ 1060.870714][T21066] netlink: 'syz.3.3274': attribute type 19 has an invalid length. [ 1060.936654][T21066] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3274'. [ 1061.347691][T21075] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input76 [ 1062.874781][T21119] openvswitch: netlink: Message has 1 unknown bytes. [ 1063.001671][T16468] Bluetooth: hci4: Unable to find connection for big 0xd2 [ 1064.387861][T21154] FAULT_INJECTION: forcing a failure. [ 1064.387861][T21154] name failslab, interval 1, probability 0, space 0, times 0 [ 1064.409000][T21154] CPU: 0 UID: 0 PID: 21154 Comm: syz.0.3296 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1064.409041][T21154] Tainted: [U]=USER [ 1064.409048][T21154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1064.409061][T21154] Call Trace: [ 1064.409068][T21154] [ 1064.409076][T21154] dump_stack_lvl+0x16c/0x1f0 [ 1064.409101][T21154] should_fail_ex+0x512/0x640 [ 1064.409135][T21154] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1064.409168][T21154] should_failslab+0xc2/0x120 [ 1064.409190][T21154] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1064.409220][T21154] ? acpi_ds_create_walk_state+0x78/0x250 [ 1064.409246][T21154] acpi_ds_create_walk_state+0x78/0x250 [ 1064.409270][T21154] acpi_ps_execute_method+0x253/0xb30 [ 1064.409295][T21154] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1064.409325][T21154] acpi_ns_evaluate+0x76c/0xca0 [ 1064.409350][T21154] ? kasan_save_track+0x14/0x30 [ 1064.409385][T21154] acpi_evaluate_object+0x1fa/0xa90 [ 1064.409420][T21154] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.409443][T21154] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1064.409477][T21154] ? __mutex_trylock_common+0xe9/0x250 [ 1064.409512][T21154] acpi_evaluate_integer+0xdd/0x200 [ 1064.409541][T21154] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1064.409570][T21154] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1064.409603][T21154] ? __pfx_status_show+0x10/0x10 [ 1064.409621][T21154] status_show+0xa0/0x120 [ 1064.409640][T21154] ? __pfx_status_show+0x10/0x10 [ 1064.409665][T21154] dev_attr_show+0x53/0xe0 [ 1064.409690][T21154] ? __pfx_dev_attr_show+0x10/0x10 [ 1064.409711][T21154] sysfs_kf_seq_show+0x213/0x3e0 [ 1064.409745][T21154] seq_read_iter+0x506/0x12c0 [ 1064.409785][T21154] kernfs_fop_read_iter+0x40f/0x5a0 [ 1064.409808][T21154] ? rw_verify_area+0xcf/0x680 [ 1064.409838][T21154] vfs_read+0x8bf/0xc60 [ 1064.409872][T21154] ? __pfx___mutex_lock+0x10/0x10 [ 1064.409894][T21154] ? __pfx_vfs_read+0x10/0x10 [ 1064.409942][T21154] ksys_read+0x12a/0x250 [ 1064.409980][T21154] ? __pfx_ksys_read+0x10/0x10 [ 1064.410019][T21154] do_syscall_64+0xcd/0x490 [ 1064.410043][T21154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.410064][T21154] RIP: 0033:0x7efc68b8e929 [ 1064.410081][T21154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1064.410103][T21154] RSP: 002b:00007efc699e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1064.410123][T21154] RAX: ffffffffffffffda RBX: 00007efc68db6080 RCX: 00007efc68b8e929 [ 1064.410137][T21154] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1064.410150][T21154] RBP: 00007efc68c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1064.410163][T21154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1064.410176][T21154] R13: 0000000000000000 R14: 00007efc68db6080 R15: 00007ffdbac45208 [ 1064.410203][T21154] [ 1066.465345][T21190] FAULT_INJECTION: forcing a failure. [ 1066.465345][T21190] name failslab, interval 1, probability 0, space 0, times 0 [ 1066.478483][T21190] CPU: 1 UID: 0 PID: 21190 Comm: syz.1.3305 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1066.478525][T21190] Tainted: [U]=USER [ 1066.478534][T21190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1066.478549][T21190] Call Trace: [ 1066.478558][T21190] [ 1066.478567][T21190] dump_stack_lvl+0x16c/0x1f0 [ 1066.478593][T21190] should_fail_ex+0x512/0x640 [ 1066.478642][T21190] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1066.478676][T21190] should_failslab+0xc2/0x120 [ 1066.478700][T21190] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1066.478732][T21190] ? acpi_ds_create_walk_state+0x78/0x250 [ 1066.478761][T21190] acpi_ds_create_walk_state+0x78/0x250 [ 1066.478786][T21190] acpi_ps_execute_method+0x253/0xb30 [ 1066.478812][T21190] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1066.478844][T21190] acpi_ns_evaluate+0x76c/0xca0 [ 1066.478870][T21190] ? kasan_save_track+0x14/0x30 [ 1066.478908][T21190] acpi_evaluate_object+0x1fa/0xa90 [ 1066.478945][T21190] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1066.478970][T21190] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1066.479013][T21190] ? __mutex_trylock_common+0xe9/0x250 [ 1066.479049][T21190] acpi_evaluate_integer+0xdd/0x200 [ 1066.479098][T21190] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1066.479132][T21190] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1066.479169][T21190] ? __pfx_status_show+0x10/0x10 [ 1066.479190][T21190] status_show+0xa0/0x120 [ 1066.479211][T21190] ? __pfx_status_show+0x10/0x10 [ 1066.479240][T21190] dev_attr_show+0x53/0xe0 [ 1066.479268][T21190] ? __pfx_dev_attr_show+0x10/0x10 [ 1066.479292][T21190] sysfs_kf_seq_show+0x213/0x3e0 [ 1066.479330][T21190] seq_read_iter+0x506/0x12c0 [ 1066.479374][T21190] kernfs_fop_read_iter+0x40f/0x5a0 [ 1066.479401][T21190] ? rw_verify_area+0xcf/0x680 [ 1066.479436][T21190] vfs_read+0x8bf/0xc60 [ 1066.479474][T21190] ? __pfx___mutex_lock+0x10/0x10 [ 1066.479499][T21190] ? __pfx_vfs_read+0x10/0x10 [ 1066.479554][T21190] ksys_read+0x12a/0x250 [ 1066.479589][T21190] ? __pfx_ksys_read+0x10/0x10 [ 1066.479633][T21190] do_syscall_64+0xcd/0x490 [ 1066.479659][T21190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1066.479683][T21190] RIP: 0033:0x7f450cd8e929 [ 1066.479701][T21190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1066.479725][T21190] RSP: 002b:00007f450dbfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1066.479768][T21190] RAX: ffffffffffffffda RBX: 00007f450cfb6080 RCX: 00007f450cd8e929 [ 1066.479785][T21190] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1066.479801][T21190] RBP: 00007f450ce10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1066.479816][T21190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1066.479831][T21190] R13: 0000000000000000 R14: 00007f450cfb6080 R15: 00007ffe82d0aa18 [ 1066.479863][T21190] [ 1066.802902][T21192] ptrace attach of "./syz-executor exec"[21193] was attempted by "./syz-executor exec"[21192] [ 1067.289231][T21199] can: request_module (can-proto-0) failed. [ 1067.458475][T21199] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input79 [ 1068.506156][T21219] can: request_module (can-proto-0) failed. [ 1071.349726][T21260] ERROR: Out of memory at tomoyo_memory_ok. [ 1071.458133][T21264] can: request_module (can-proto-0) failed. [ 1071.699631][T21270] FAULT_INJECTION: forcing a failure. [ 1071.699631][T21270] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1071.869239][T21270] CPU: 0 UID: 0 PID: 21270 Comm: syz.2.3321 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1071.869284][T21270] Tainted: [U]=USER [ 1071.869294][T21270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1071.869310][T21270] Call Trace: [ 1071.869320][T21270] [ 1071.869331][T21270] dump_stack_lvl+0x16c/0x1f0 [ 1071.869370][T21270] should_fail_ex+0x512/0x640 [ 1071.869418][T21270] get_futex_key+0x1d0/0x1540 [ 1071.869456][T21270] ? __pfx_get_futex_key+0x10/0x10 [ 1071.869501][T21270] futex_wake+0xea/0x530 [ 1071.869540][T21270] ? rcu_is_watching+0x12/0xc0 [ 1071.869570][T21270] ? __pfx_futex_wake+0x10/0x10 [ 1071.869613][T21270] ? kmem_cache_free+0x2d1/0x4d0 [ 1071.869652][T21270] ? fd_install+0x225/0x750 [ 1071.869688][T21270] ? putname+0x154/0x1a0 [ 1071.869722][T21270] do_futex+0x1e3/0x350 [ 1071.869757][T21270] ? __pfx_do_futex+0x10/0x10 [ 1071.869800][T21270] __x64_sys_futex+0x1e0/0x4c0 [ 1071.869838][T21270] ? __x64_sys_openat+0x174/0x210 [ 1071.869870][T21270] ? __pfx___x64_sys_futex+0x10/0x10 [ 1071.869917][T21270] do_syscall_64+0xcd/0x490 [ 1071.869949][T21270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.869976][T21270] RIP: 0033:0x7f065d58e929 [ 1071.869999][T21270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1071.870026][T21270] RSP: 002b:00007f065e4b10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1071.870053][T21270] RAX: ffffffffffffffda RBX: 00007f065d7b5fa8 RCX: 00007f065d58e929 [ 1071.870070][T21270] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f065d7b5fac [ 1071.870089][T21270] RBP: 00007f065d7b5fa0 R08: 00007f065e4b2000 R09: 0000000000000000 [ 1071.870106][T21270] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f065d7b5fac [ 1071.870122][T21270] R13: 0000000000000000 R14: 00007ffc8ca1c630 R15: 00007ffc8ca1c718 [ 1071.870160][T21270] [ 1072.065436][ C0] vkms_vblank_simulate: vblank timer overrun [ 1072.878408][T21282] FAULT_INJECTION: forcing a failure. [ 1072.878408][T21282] name failslab, interval 1, probability 0, space 0, times 0 [ 1072.925461][T21282] CPU: 1 UID: 0 PID: 21282 Comm: syz.1.3324 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1072.925513][T21282] Tainted: [U]=USER [ 1072.925525][T21282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1072.925551][T21282] Call Trace: [ 1072.925562][T21282] [ 1072.925576][T21282] dump_stack_lvl+0x16c/0x1f0 [ 1072.925616][T21282] should_fail_ex+0x512/0x640 [ 1072.925666][T21282] ? __build_skb_around+0x278/0x3b0 [ 1072.925715][T21282] should_failslab+0xc2/0x120 [ 1072.925750][T21282] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1072.925805][T21282] ? sctp_chunkify+0x51/0x2d0 [ 1072.925855][T21282] ? __lock_acquire+0x622/0x1c90 [ 1072.925902][T21282] sctp_chunkify+0x51/0x2d0 [ 1072.925955][T21282] _sctp_make_chunk+0x148/0x270 [ 1072.926010][T21282] sctp_make_control+0x2f/0x2d0 [ 1072.926064][T21282] sctp_make_shutdown+0xb6/0x1d0 [ 1072.926100][T21282] ? __pfx_sctp_make_shutdown+0x10/0x10 [ 1072.926138][T21282] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1072.926193][T21282] sctp_sf_do_9_2_start_shutdown+0x27/0x490 [ 1072.926247][T21282] sctp_sf_do_9_2_prm_shutdown+0x11c/0x150 [ 1072.926299][T21282] ? __pfx_sctp_pname+0x10/0x10 [ 1072.926330][T21282] sctp_do_sm+0x181/0x5c80 [ 1072.926382][T21282] ? __kernel_text_address+0xd/0x40 [ 1072.926432][T21282] ? unwind_get_return_address+0x59/0xa0 [ 1072.926484][T21282] ? arch_stack_walk+0xa6/0x100 [ 1072.926542][T21282] ? __pfx_sctp_do_sm+0x10/0x10 [ 1072.926589][T21282] ? look_up_lock_class+0x6b/0x150 [ 1072.926655][T21282] ? register_lock_class+0x41/0x4c0 [ 1072.926759][T21282] ? mark_held_locks+0x49/0x80 [ 1072.926798][T21282] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1072.926847][T21282] ? lockdep_hardirqs_on+0x7c/0x110 [ 1072.926897][T21282] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1072.926952][T21282] sctp_primitive_SHUTDOWN+0x9f/0xd0 [ 1072.927010][T21282] sctp_close+0x3ff/0x940 [ 1072.927064][T21282] ? __pfx_sctp_close+0x10/0x10 [ 1072.927093][T21282] ? __pfx___might_resched+0x10/0x10 [ 1072.927144][T21282] ? ip_mc_drop_socket+0x1f/0x280 [ 1072.927176][T21282] ? down_write+0x14d/0x200 [ 1072.927208][T21282] inet_release+0x13c/0x280 [ 1072.927260][T21282] inet6_release+0x4f/0x70 [ 1072.927287][T21282] __sock_release+0xb3/0x270 [ 1072.927318][T21282] ? __pfx_sock_close+0x10/0x10 [ 1072.927344][T21282] sock_close+0x1c/0x30 [ 1072.927370][T21282] __fput+0x3ff/0xb70 [ 1072.927412][T21282] task_work_run+0x150/0x240 [ 1072.927461][T21282] ? __pfx_task_work_run+0x10/0x10 [ 1072.927500][T21282] ? __pfx___do_sys_close_range+0x10/0x10 [ 1072.927557][T21282] exit_to_user_mode_loop+0xeb/0x110 [ 1072.927600][T21282] do_syscall_64+0x3f6/0x490 [ 1072.927629][T21282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1072.927655][T21282] RIP: 0033:0x7f450cd8e929 [ 1072.927678][T21282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1072.927710][T21282] RSP: 002b:00007f450dbfc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1072.927736][T21282] RAX: 0000000000000000 RBX: 00007f450cfb6080 RCX: 00007f450cd8e929 [ 1072.927754][T21282] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1072.927769][T21282] RBP: 00007f450ce10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1072.927784][T21282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1072.927798][T21282] R13: 0000000000000000 R14: 00007f450cfb6080 R15: 00007ffe82d0aa18 [ 1072.927828][T21282] [ 1073.273360][T21292] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3327'. [ 1073.284402][T21292] vlan1: entered allmulticast mode [ 1073.289607][T21292] veth0_vlan: entered allmulticast mode [ 1073.749069][T21299] Invalid ELF header magic: != ELF [ 1073.998444][T21299] Invalid ELF header magic: != ELF [ 1074.048485][T21299] Invalid ELF header magic: != ELF [ 1074.067511][T21312] can: request_module (can-proto-3) failed. [ 1075.321387][T21306] FAULT_INJECTION: forcing a failure. [ 1075.321387][T21306] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1075.372037][T21306] CPU: 1 UID: 0 PID: 21306 Comm: syz.2.3329 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1075.372088][T21306] Tainted: [U]=USER [ 1075.372099][T21306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1075.372117][T21306] Call Trace: [ 1075.372127][T21306] [ 1075.372138][T21306] dump_stack_lvl+0x16c/0x1f0 [ 1075.372173][T21306] should_fail_ex+0x512/0x640 [ 1075.372223][T21306] should_fail_alloc_page+0xe7/0x130 [ 1075.372255][T21306] prepare_alloc_pages+0x3c2/0x610 [ 1075.372290][T21306] ? rcu_is_watching+0x12/0xc0 [ 1075.372325][T21306] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1075.372383][T21306] ? stack_trace_save+0x8e/0xc0 [ 1075.372416][T21306] ? __pfx_stack_trace_save+0x10/0x10 [ 1075.372448][T21306] ? stack_depot_save_flags+0x28/0xa40 [ 1075.372501][T21306] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1075.372550][T21306] ? __lock_acquire+0x622/0x1c90 [ 1075.372596][T21306] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.372637][T21306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1075.372684][T21306] ? policy_nodemask+0xea/0x4e0 [ 1075.372715][T21306] alloc_pages_mpol+0x1fb/0x550 [ 1075.372746][T21306] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1075.372786][T21306] alloc_pages_noprof+0x131/0x390 [ 1075.372816][T21306] alloc_pages_exact_noprof+0x37/0xe0 [ 1075.372852][T21306] ? __asan_memset+0x23/0x50 [ 1075.372891][T21306] snd_pcm_attach_substream+0x4bb/0xd60 [ 1075.372945][T21306] snd_pcm_open_substream+0x8d/0x17f0 [ 1075.372989][T21306] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 1075.373042][T21306] snd_pcm_oss_open+0x735/0x1400 [ 1075.373091][T21306] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1075.373129][T21306] ? __lock_acquire+0xb8a/0x1c90 [ 1075.373168][T21306] ? __pfx_default_wake_function+0x10/0x10 [ 1075.373201][T21306] ? __lock_acquire+0xb8a/0x1c90 [ 1075.373247][T21306] ? do_raw_spin_lock+0x12c/0x2b0 [ 1075.373296][T21306] ? soundcore_open+0x35a/0x580 [ 1075.373328][T21306] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1075.373373][T21306] soundcore_open+0x409/0x580 [ 1075.373407][T21306] ? __pfx_soundcore_open+0x10/0x10 [ 1075.373437][T21306] chrdev_open+0x234/0x6a0 [ 1075.373464][T21306] ? __pfx_apparmor_file_open+0x10/0x10 [ 1075.373503][T21306] ? __pfx_chrdev_open+0x10/0x10 [ 1075.373534][T21306] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1075.373581][T21306] do_dentry_open+0x741/0x1c10 [ 1075.373628][T21306] ? __pfx_chrdev_open+0x10/0x10 [ 1075.373663][T21306] vfs_open+0x82/0x3f0 [ 1075.373699][T21306] path_openat+0x1de4/0x2cb0 [ 1075.373755][T21306] ? __pfx_path_openat+0x10/0x10 [ 1075.373801][T21306] ? __lock_acquire+0xb8a/0x1c90 [ 1075.373844][T21306] do_filp_open+0x20b/0x470 [ 1075.373889][T21306] ? __pfx_do_filp_open+0x10/0x10 [ 1075.373959][T21306] ? alloc_fd+0x471/0x7d0 [ 1075.374011][T21306] do_sys_openat2+0x11b/0x1d0 [ 1075.374046][T21306] ? __pfx_do_sys_openat2+0x10/0x10 [ 1075.374087][T21306] ? __sys_sendmsg+0x18c/0x220 [ 1075.374125][T21306] __x64_sys_openat+0x174/0x210 [ 1075.374161][T21306] ? __pfx___x64_sys_openat+0x10/0x10 [ 1075.374212][T21306] do_syscall_64+0xcd/0x490 [ 1075.374244][T21306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.374272][T21306] RIP: 0033:0x7f065d58e929 [ 1075.374296][T21306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1075.374324][T21306] RSP: 002b:00007f065e4b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1075.374359][T21306] RAX: ffffffffffffffda RBX: 00007f065d7b5fa0 RCX: 00007f065d58e929 [ 1075.374378][T21306] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1075.374396][T21306] RBP: 00007f065d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1075.374414][T21306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1075.374430][T21306] R13: 0000000000000000 R14: 00007f065d7b5fa0 R15: 00007ffc8ca1c718 [ 1075.374467][T21306] [ 1080.264863][T21378] can: request_module (can-proto-0) failed. [ 1080.278286][T21385] FAULT_INJECTION: forcing a failure. [ 1080.278286][T21385] name failslab, interval 1, probability 0, space 0, times 0 [ 1080.312091][T21385] CPU: 0 UID: 0 PID: 21385 Comm: syz.3.3345 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1080.312139][T21385] Tainted: [U]=USER [ 1080.312149][T21385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1080.312167][T21385] Call Trace: [ 1080.312177][T21385] [ 1080.312200][T21385] dump_stack_lvl+0x16c/0x1f0 [ 1080.312232][T21385] should_fail_ex+0x512/0x640 [ 1080.312278][T21385] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1080.312324][T21385] should_failslab+0xc2/0x120 [ 1080.312352][T21385] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1080.312391][T21385] ? __proc_create+0xc3/0x8c0 [ 1080.312417][T21385] ? __proc_create+0x2ce/0x8c0 [ 1080.312446][T21385] __proc_create+0x2ce/0x8c0 [ 1080.312473][T21385] ? __pfx___proc_create+0x10/0x10 [ 1080.312505][T21385] ? _raw_write_unlock+0x28/0x50 [ 1080.312547][T21385] ? proc_register+0x314/0x5f0 [ 1080.312579][T21385] proc_create_reg+0x7d/0x180 [ 1080.312610][T21385] proc_create_data+0x86/0x110 [ 1080.312638][T21385] ? __pfx_proc_create_data+0x10/0x10 [ 1080.312669][T21385] ? cache_register_net+0x137/0x5e0 [ 1080.312709][T21385] cache_register_net+0x2d6/0x5e0 [ 1080.312755][T21385] nfsd_idmap_init+0xb6/0x250 [ 1080.312795][T21385] ? __pfx_nfsd_net_init+0x10/0x10 [ 1080.312825][T21385] nfsd_net_init+0x69/0x3d0 [ 1080.312858][T21385] ? __pfx_nfsd_net_init+0x10/0x10 [ 1080.312889][T21385] ops_init+0x1df/0x5f0 [ 1080.312924][T21385] setup_net+0x1ff/0x510 [ 1080.312953][T21385] ? lockdep_init_map_type+0x5c/0x280 [ 1080.312992][T21385] ? __pfx_setup_net+0x10/0x10 [ 1080.313025][T21385] ? debug_mutex_init+0x37/0x70 [ 1080.313056][T21385] copy_net_ns+0x2a6/0x5f0 [ 1080.313093][T21385] create_new_namespaces+0x3ea/0xa90 [ 1080.313132][T21385] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1080.313167][T21385] ksys_unshare+0x45b/0xa40 [ 1080.313205][T21385] ? __pfx_ksys_unshare+0x10/0x10 [ 1080.313242][T21385] ? xfd_validate_state+0x61/0x180 [ 1080.313289][T21385] __x64_sys_unshare+0x31/0x40 [ 1080.313325][T21385] do_syscall_64+0xcd/0x490 [ 1080.313356][T21385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.313384][T21385] RIP: 0033:0x7f485538e929 [ 1080.313408][T21385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1080.313435][T21385] RSP: 002b:00007f485612d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1080.313461][T21385] RAX: ffffffffffffffda RBX: 00007f48555b5fa0 RCX: 00007f485538e929 [ 1080.313479][T21385] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1080.313495][T21385] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1080.313513][T21385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1080.313526][T21385] R13: 0000000000000000 R14: 00007f48555b5fa0 R15: 00007fff2c26f118 [ 1080.313553][T21385] [ 1080.695829][T21390] block nbd7: not configured, cannot reconfigure [ 1083.367642][T21416] zswap: compressor not available [ 1083.640184][T21425] zswap: compressor not available [ 1084.778274][T21444] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 1085.176587][T21452] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3356'. [ 1085.292708][T21445] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85 [ 1085.528729][T21422] kexec: Could not allocate control_code_buffer [ 1085.890412][T21455] FAULT_INJECTION: forcing a failure. [ 1085.890412][T21455] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1086.176868][T21455] CPU: 0 UID: 0 PID: 21455 Comm: syz.2.3358 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1086.176918][T21455] Tainted: [U]=USER [ 1086.176929][T21455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1086.176946][T21455] Call Trace: [ 1086.176956][T21455] [ 1086.176968][T21455] dump_stack_lvl+0x16c/0x1f0 [ 1086.177003][T21455] should_fail_ex+0x512/0x640 [ 1086.177057][T21455] should_fail_alloc_page+0xe7/0x130 [ 1086.177091][T21455] prepare_alloc_pages+0x3c2/0x610 [ 1086.177126][T21455] ? rcu_is_watching+0x12/0xc0 [ 1086.177160][T21455] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1086.177211][T21455] ? stack_trace_save+0x8e/0xc0 [ 1086.177249][T21455] ? __pfx_stack_trace_save+0x10/0x10 [ 1086.177282][T21455] ? stack_depot_save_flags+0x28/0xa40 [ 1086.177338][T21455] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1086.177388][T21455] ? __lock_acquire+0x622/0x1c90 [ 1086.177433][T21455] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.177473][T21455] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1086.177520][T21455] ? policy_nodemask+0xea/0x4e0 [ 1086.177557][T21455] alloc_pages_mpol+0x1fb/0x550 [ 1086.177588][T21455] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1086.177630][T21455] alloc_pages_noprof+0x131/0x390 [ 1086.177661][T21455] alloc_pages_exact_noprof+0x37/0xe0 [ 1086.177699][T21455] ? __asan_memset+0x23/0x50 [ 1086.177738][T21455] snd_pcm_attach_substream+0x4bb/0xd60 [ 1086.177793][T21455] snd_pcm_open_substream+0x8d/0x17f0 [ 1086.177839][T21455] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 1086.177893][T21455] snd_pcm_oss_open+0x735/0x1400 [ 1086.177944][T21455] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1086.177982][T21455] ? __lock_acquire+0xb8a/0x1c90 [ 1086.178021][T21455] ? __pfx_default_wake_function+0x10/0x10 [ 1086.178055][T21455] ? __lock_acquire+0xb8a/0x1c90 [ 1086.178102][T21455] ? do_raw_spin_lock+0x12c/0x2b0 [ 1086.178149][T21455] ? soundcore_open+0x35a/0x580 [ 1086.178182][T21455] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1086.178220][T21455] soundcore_open+0x409/0x580 [ 1086.178253][T21455] ? __pfx_soundcore_open+0x10/0x10 [ 1086.178282][T21455] chrdev_open+0x234/0x6a0 [ 1086.178310][T21455] ? __pfx_apparmor_file_open+0x10/0x10 [ 1086.178349][T21455] ? __pfx_chrdev_open+0x10/0x10 [ 1086.178380][T21455] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1086.178428][T21455] do_dentry_open+0x741/0x1c10 [ 1086.178474][T21455] ? __pfx_chrdev_open+0x10/0x10 [ 1086.178508][T21455] vfs_open+0x82/0x3f0 [ 1086.178550][T21455] path_openat+0x1de4/0x2cb0 [ 1086.178607][T21455] ? __pfx_path_openat+0x10/0x10 [ 1086.178656][T21455] ? __lock_acquire+0xb8a/0x1c90 [ 1086.178697][T21455] do_filp_open+0x20b/0x470 [ 1086.178740][T21455] ? __pfx_do_filp_open+0x10/0x10 [ 1086.178811][T21455] ? alloc_fd+0x471/0x7d0 [ 1086.178863][T21455] do_sys_openat2+0x11b/0x1d0 [ 1086.178897][T21455] ? __pfx_do_sys_openat2+0x10/0x10 [ 1086.178933][T21455] ? __sys_sendmsg+0x18c/0x220 [ 1086.178972][T21455] __x64_sys_openat+0x174/0x210 [ 1086.179008][T21455] ? __pfx___x64_sys_openat+0x10/0x10 [ 1086.179057][T21455] do_syscall_64+0xcd/0x490 [ 1086.179090][T21455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.179119][T21455] RIP: 0033:0x7f065d58e929 [ 1086.179143][T21455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1086.179173][T21455] RSP: 002b:00007f065e4b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1086.179201][T21455] RAX: ffffffffffffffda RBX: 00007f065d7b5fa0 RCX: 00007f065d58e929 [ 1086.179221][T21455] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1086.179239][T21455] RBP: 00007f065d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1086.179256][T21455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1086.179273][T21455] R13: 0000000000000000 R14: 00007f065d7b5fa0 R15: 00007ffc8ca1c718 [ 1086.179311][T21455] [ 1086.880552][T21472] FAULT_INJECTION: forcing a failure. [ 1086.880552][T21472] name failslab, interval 1, probability 0, space 0, times 0 [ 1086.930826][T21472] CPU: 1 UID: 0 PID: 21472 Comm: syz.3.3362 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1086.930872][T21472] Tainted: [U]=USER [ 1086.930883][T21472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1086.930899][T21472] Call Trace: [ 1086.930909][T21472] [ 1086.930920][T21472] dump_stack_lvl+0x16c/0x1f0 [ 1086.930952][T21472] should_fail_ex+0x512/0x640 [ 1086.930996][T21472] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1086.931046][T21472] should_failslab+0xc2/0x120 [ 1086.931075][T21472] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1086.931120][T21472] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 1086.931170][T21472] acpi_ut_create_generic_state+0x5c/0xb0 [ 1086.931213][T21472] acpi_ps_init_scope+0x1a/0x1c0 [ 1086.931250][T21472] acpi_ds_init_aml_walk+0x1d9/0x590 [ 1086.931288][T21472] acpi_ps_execute_method+0x32d/0xb30 [ 1086.931324][T21472] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1086.931364][T21472] acpi_ns_evaluate+0x76c/0xca0 [ 1086.931400][T21472] ? kasan_save_track+0x14/0x30 [ 1086.931453][T21472] acpi_evaluate_object+0x1fa/0xa90 [ 1086.931522][T21472] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.931557][T21472] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1086.931606][T21472] ? __mutex_trylock_common+0xe9/0x250 [ 1086.931655][T21472] acpi_evaluate_integer+0xdd/0x200 [ 1086.931697][T21472] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1086.931739][T21472] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1086.931787][T21472] ? __pfx_status_show+0x10/0x10 [ 1086.931813][T21472] status_show+0xa0/0x120 [ 1086.931841][T21472] ? __pfx_status_show+0x10/0x10 [ 1086.931880][T21472] dev_attr_show+0x53/0xe0 [ 1086.931915][T21472] ? __pfx_dev_attr_show+0x10/0x10 [ 1086.931947][T21472] sysfs_kf_seq_show+0x213/0x3e0 [ 1086.931994][T21472] seq_read_iter+0x506/0x12c0 [ 1086.932052][T21472] kernfs_fop_read_iter+0x40f/0x5a0 [ 1086.932087][T21472] ? rw_verify_area+0xcf/0x680 [ 1086.932131][T21472] vfs_read+0x8bf/0xc60 [ 1086.932181][T21472] ? __pfx___mutex_lock+0x10/0x10 [ 1086.932213][T21472] ? __pfx_vfs_read+0x10/0x10 [ 1086.932291][T21472] ksys_read+0x12a/0x250 [ 1086.932334][T21472] ? __pfx_ksys_read+0x10/0x10 [ 1086.932378][T21472] ? syscall_user_dispatch+0x78/0x140 [ 1086.932439][T21472] do_syscall_64+0xcd/0x490 [ 1086.932473][T21472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.932504][T21472] RIP: 0033:0x7f485538e929 [ 1086.932528][T21472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1086.932576][T21472] RSP: 002b:00007f48531d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1086.932606][T21472] RAX: ffffffffffffffda RBX: 00007f48555b6160 RCX: 00007f485538e929 [ 1086.932629][T21472] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1086.932660][T21472] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1086.932680][T21472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1086.932698][T21472] R13: 0000000000000000 R14: 00007f48555b6160 R15: 00007fff2c26f118 [ 1086.932738][T21472] [ 1088.291767][T21485] zswap: compressor not available [ 1088.677304][T21500] can: request_module (can-proto-0) failed. [ 1088.718552][T21503] usb usb15: usbfs: process 21503 (syz.2.3367) did not claim interface 16 before use [ 1089.664056][T21492] kexec: Could not allocate control_code_buffer [ 1090.502401][T21525] FAULT_INJECTION: forcing a failure. [ 1090.502401][T21525] name failslab, interval 1, probability 0, space 0, times 0 [ 1090.515767][T21525] CPU: 0 UID: 0 PID: 21525 Comm: syz.1.3375 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1090.515812][T21525] Tainted: [U]=USER [ 1090.515822][T21525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1090.515839][T21525] Call Trace: [ 1090.515849][T21525] [ 1090.515861][T21525] dump_stack_lvl+0x16c/0x1f0 [ 1090.515893][T21525] should_fail_ex+0x512/0x640 [ 1090.515936][T21525] ? __kmalloc_noprof+0xbf/0x510 [ 1090.515984][T21525] ? acpi_ns_internalize_name+0x144/0x220 [ 1090.516024][T21525] should_failslab+0xc2/0x120 [ 1090.516053][T21525] __kmalloc_noprof+0xd2/0x510 [ 1090.516099][T21525] ? acpi_ns_get_internal_name_length+0x272/0x400 [ 1090.516145][T21525] acpi_ns_internalize_name+0x144/0x220 [ 1090.516187][T21525] ? __pfx_acpi_ns_internalize_name+0x10/0x10 [ 1090.516241][T21525] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1090.516274][T21525] ? acpi_evaluate_integer+0xdd/0x200 [ 1090.516310][T21525] ? status_show+0xa0/0x120 [ 1090.516333][T21525] ? dev_attr_show+0x53/0xe0 [ 1090.516363][T21525] ? sysfs_kf_seq_show+0x213/0x3e0 [ 1090.516397][T21525] ? seq_read_iter+0x506/0x12c0 [ 1090.516437][T21525] acpi_ns_get_node_unlocked+0x163/0x310 [ 1090.516484][T21525] ? __pfx_acpi_ns_get_node_unlocked+0x10/0x10 [ 1090.516525][T21525] ? find_held_lock+0x2b/0x80 [ 1090.516567][T21525] ? down_timeout+0x6b/0x90 [ 1090.516599][T21525] ? acpi_os_wait_semaphore+0xcb/0xf0 [ 1090.516637][T21525] ? acpi_ns_get_node+0x4c/0x70 [ 1090.516676][T21525] acpi_ns_get_node+0x4c/0x70 [ 1090.516738][T21525] acpi_ns_evaluate+0x6ef/0xca0 [ 1090.516775][T21525] ? kasan_save_track+0x14/0x30 [ 1090.516826][T21525] acpi_evaluate_object+0x1fa/0xa90 [ 1090.516876][T21525] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1090.516908][T21525] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1090.516958][T21525] ? __mutex_trylock_common+0xe9/0x250 [ 1090.517007][T21525] acpi_evaluate_integer+0xdd/0x200 [ 1090.517049][T21525] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1090.517091][T21525] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1090.517138][T21525] ? __pfx_status_show+0x10/0x10 [ 1090.517164][T21525] status_show+0xa0/0x120 [ 1090.517190][T21525] ? __pfx_status_show+0x10/0x10 [ 1090.517237][T21525] dev_attr_show+0x53/0xe0 [ 1090.517273][T21525] ? __pfx_dev_attr_show+0x10/0x10 [ 1090.517312][T21525] sysfs_kf_seq_show+0x213/0x3e0 [ 1090.517357][T21525] seq_read_iter+0x506/0x12c0 [ 1090.517412][T21525] kernfs_fop_read_iter+0x40f/0x5a0 [ 1090.517443][T21525] ? rw_verify_area+0xcf/0x680 [ 1090.517484][T21525] vfs_read+0x8bf/0xc60 [ 1090.517531][T21525] ? __pfx___mutex_lock+0x10/0x10 [ 1090.517561][T21525] ? __pfx_vfs_read+0x10/0x10 [ 1090.517629][T21525] ksys_read+0x12a/0x250 [ 1090.517672][T21525] ? __pfx_ksys_read+0x10/0x10 [ 1090.517727][T21525] do_syscall_64+0xcd/0x490 [ 1090.517760][T21525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1090.517789][T21525] RIP: 0033:0x7f450cd8e929 [ 1090.517812][T21525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1090.517840][T21525] RSP: 002b:00007f450dbfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1090.517866][T21525] RAX: ffffffffffffffda RBX: 00007f450cfb6080 RCX: 00007f450cd8e929 [ 1090.517885][T21525] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1090.517902][T21525] RBP: 00007f450ce10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1090.517920][T21525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1090.517936][T21525] R13: 0000000000000000 R14: 00007f450cfb6080 R15: 00007ffe82d0aa18 [ 1090.517973][T21525] [ 1091.959778][T21548] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3377'. [ 1092.084985][T21551] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 1092.727541][T21560] can: request_module (can-proto-0) failed. [ 1092.799691][T21560] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input87 [ 1093.887690][T21592] FAULT_INJECTION: forcing a failure. [ 1093.887690][T21592] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.912184][T21592] CPU: 1 UID: 0 PID: 21592 Comm: syz.3.3386 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1093.912235][T21592] Tainted: [U]=USER [ 1093.912246][T21592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1093.912265][T21592] Call Trace: [ 1093.912277][T21592] [ 1093.912289][T21592] dump_stack_lvl+0x16c/0x1f0 [ 1093.912327][T21592] should_fail_ex+0x512/0x640 [ 1093.912377][T21592] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1093.912433][T21592] should_failslab+0xc2/0x120 [ 1093.912466][T21592] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1093.912519][T21592] ? acpi_ps_alloc_op+0xf1/0x310 [ 1093.912560][T21592] acpi_ps_alloc_op+0xf1/0x310 [ 1093.912596][T21592] acpi_ps_create_scope_op+0x1a/0x70 [ 1093.912630][T21592] acpi_ps_execute_method+0x1b1/0xb30 [ 1093.912669][T21592] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 1093.912714][T21592] acpi_ns_evaluate+0x76c/0xca0 [ 1093.912753][T21592] ? kasan_save_track+0x14/0x30 [ 1093.912807][T21592] acpi_evaluate_object+0x1fa/0xa90 [ 1093.912862][T21592] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.912899][T21592] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1093.912953][T21592] ? __mutex_trylock_common+0xe9/0x250 [ 1093.913012][T21592] acpi_evaluate_integer+0xdd/0x200 [ 1093.913057][T21592] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1093.913103][T21592] ? xfs_rtrefcountbt_init_cursor+0x57/0x4a0 [ 1093.913153][T21592] ? __pfx_status_show+0x10/0x10 [ 1093.913182][T21592] status_show+0xa0/0x120 [ 1093.913210][T21592] ? __pfx_status_show+0x10/0x10 [ 1093.913251][T21592] dev_attr_show+0x53/0xe0 [ 1093.913288][T21592] ? __pfx_dev_attr_show+0x10/0x10 [ 1093.913322][T21592] sysfs_kf_seq_show+0x213/0x3e0 [ 1093.913372][T21592] seq_read_iter+0x506/0x12c0 [ 1093.913435][T21592] kernfs_fop_read_iter+0x40f/0x5a0 [ 1093.913471][T21592] ? rw_verify_area+0xcf/0x680 [ 1093.913518][T21592] vfs_read+0x8bf/0xc60 [ 1093.913571][T21592] ? __pfx___mutex_lock+0x10/0x10 [ 1093.913605][T21592] ? __pfx_vfs_read+0x10/0x10 [ 1093.913680][T21592] ksys_read+0x12a/0x250 [ 1093.913728][T21592] ? __pfx_ksys_read+0x10/0x10 [ 1093.913791][T21592] do_syscall_64+0xcd/0x490 [ 1093.913826][T21592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.913859][T21592] RIP: 0033:0x7f485538e929 [ 1093.913884][T21592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1093.913916][T21592] RSP: 002b:00007f48531f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1093.913946][T21592] RAX: ffffffffffffffda RBX: 00007f48555b6080 RCX: 00007f485538e929 [ 1093.913967][T21592] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 1093.913987][T21592] RBP: 00007f4855410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1093.914014][T21592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1093.914033][T21592] R13: 0000000000000000 R14: 00007f48555b6080 R15: 00007fff2c26f118 [ 1093.914075][T21592] [ 1095.360303][T21615] FAULT_INJECTION: forcing a failure. [ 1095.360303][T21615] name failslab, interval 1, probability 0, space 0, times 0 [ 1095.426465][T21615] CPU: 0 UID: 0 PID: 21615 Comm: syz.0.3391 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1095.426511][T21615] Tainted: [U]=USER [ 1095.426521][T21615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1095.426537][T21615] Call Trace: [ 1095.426548][T21615] [ 1095.426560][T21615] dump_stack_lvl+0x16c/0x1f0 [ 1095.426594][T21615] should_fail_ex+0x512/0x640 [ 1095.426648][T21615] ? __kvmalloc_node_noprof+0x124/0x620 [ 1095.426697][T21615] should_failslab+0xc2/0x120 [ 1095.426727][T21615] __kvmalloc_node_noprof+0x137/0x620 [ 1095.426773][T21615] ? __pfx___mutex_lock+0x10/0x10 [ 1095.426801][T21615] ? traverse.part.0.constprop.0+0x392/0x640 [ 1095.426850][T21615] ? traverse.part.0.constprop.0+0x392/0x640 [ 1095.426890][T21615] traverse.part.0.constprop.0+0x392/0x640 [ 1095.426932][T21615] ? aa_file_perm+0x4c7/0xfb0 [ 1095.426982][T21615] seq_read_iter+0x932/0x12c0 [ 1095.427038][T21615] seq_read+0x39e/0x4e0 [ 1095.427077][T21615] ? __pfx_seq_read+0x10/0x10 [ 1095.427117][T21615] ? get_pid_task+0xfc/0x250 [ 1095.427175][T21615] ? rw_verify_area+0xcf/0x680 [ 1095.427215][T21615] ? __pfx_seq_read+0x10/0x10 [ 1095.427253][T21615] vfs_read+0x1e1/0xc60 [ 1095.427305][T21615] ? __pfx_vfs_read+0x10/0x10 [ 1095.427345][T21615] ? find_held_lock+0x2b/0x80 [ 1095.427376][T21615] ? __fget_files+0x204/0x3c0 [ 1095.427423][T21615] ? __fget_files+0x20e/0x3c0 [ 1095.427468][T21615] ? __fget_files+0x190/0x3c0 [ 1095.427520][T21615] __x64_sys_pread64+0x1eb/0x250 [ 1095.427568][T21615] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1095.427633][T21615] do_syscall_64+0xcd/0x490 [ 1095.427666][T21615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1095.427696][T21615] RIP: 0033:0x7efc68b8e929 [ 1095.427719][T21615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1095.427748][T21615] RSP: 002b:00007efc69a09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1095.427774][T21615] RAX: ffffffffffffffda RBX: 00007efc68db5fa0 RCX: 00007efc68b8e929 [ 1095.427792][T21615] RDX: 0000000073528428 RSI: 0000200000002680 RDI: 0000000000000003 [ 1095.427809][T21615] RBP: 00007efc69a09090 R08: 0000000000000000 R09: 0000000000000000 [ 1095.427825][T21615] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1095.427840][T21615] R13: 0000000000000000 R14: 00007efc68db5fa0 R15: 00007ffdbac45208 [ 1095.427876][T21615] [ 1098.236675][T21653] FAULT_INJECTION: forcing a failure. [ 1098.236675][T21653] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.273309][T21653] CPU: 0 UID: 0 PID: 21653 Comm: syz.3.3402 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1098.273351][T21653] Tainted: [U]=USER [ 1098.273361][T21653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1098.273376][T21653] Call Trace: [ 1098.273386][T21653] [ 1098.273396][T21653] dump_stack_lvl+0x16c/0x1f0 [ 1098.273449][T21653] should_fail_ex+0x512/0x640 [ 1098.273492][T21653] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1098.273537][T21653] should_failslab+0xc2/0x120 [ 1098.273566][T21653] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1098.273606][T21653] ? rcu_is_watching+0x12/0xc0 [ 1098.273634][T21653] ? s_start+0x7b/0x320 [ 1098.273688][T21653] s_start+0x7b/0x320 [ 1098.273734][T21653] traverse.part.0.constprop.0+0xac/0x640 [ 1098.273788][T21653] seq_read_iter+0x932/0x12c0 [ 1098.273842][T21653] seq_read+0x39e/0x4e0 [ 1098.273881][T21653] ? __pfx_seq_read+0x10/0x10 [ 1098.273920][T21653] ? get_pid_task+0xfc/0x250 [ 1098.273978][T21653] ? rw_verify_area+0xcf/0x680 [ 1098.274016][T21653] ? __pfx_seq_read+0x10/0x10 [ 1098.274054][T21653] vfs_read+0x1e1/0xc60 [ 1098.274104][T21653] ? __pfx_vfs_read+0x10/0x10 [ 1098.274145][T21653] ? find_held_lock+0x2b/0x80 [ 1098.274176][T21653] ? __fget_files+0x204/0x3c0 [ 1098.274225][T21653] ? __fget_files+0x20e/0x3c0 [ 1098.274265][T21653] ? __fget_files+0x190/0x3c0 [ 1098.274316][T21653] __x64_sys_pread64+0x1eb/0x250 [ 1098.274361][T21653] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1098.274417][T21653] do_syscall_64+0xcd/0x490 [ 1098.274449][T21653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.274479][T21653] RIP: 0033:0x7f485538e929 [ 1098.274502][T21653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1098.274531][T21653] RSP: 002b:00007f485612d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1098.274557][T21653] RAX: ffffffffffffffda RBX: 00007f48555b5fa0 RCX: 00007f485538e929 [ 1098.274575][T21653] RDX: 0000000073528428 RSI: 0000200000002680 RDI: 0000000000000003 [ 1098.274592][T21653] RBP: 00007f485612d090 R08: 0000000000000000 R09: 0000000000000000 [ 1098.274609][T21653] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1098.274625][T21653] R13: 0000000000000000 R14: 00007f48555b5fa0 R15: 00007fff2c26f118 [ 1098.274668][T21653] [ 1098.274692][T21653] [ 1098.505238][T21653] ===================================== [ 1098.510787][T21653] WARNING: bad unlock balance detected! [ 1098.516342][T21653] 6.15.0-syzkaller-13743-g8630c59e9936 #0 Tainted: G U [ 1098.524688][T21653] ------------------------------------- [ 1098.530238][T21653] syz.3.3402/21653 is trying to release lock (event_mutex) at: [ 1098.537893][T21653] [] traverse.part.0.constprop.0+0x2c0/0x640 [ 1098.545467][T21653] but there are no more locks to release! [ 1098.551189][T21653] [ 1098.551189][T21653] other info that might help us debug this: [ 1098.559264][T21653] 1 lock held by syz.3.3402/21653: [ 1098.564388][T21653] #0: ffff88803be99d58 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0 [ 1098.573311][T21653] [ 1098.573311][T21653] stack backtrace: [ 1098.579215][T21653] CPU: 0 UID: 0 PID: 21653 Comm: syz.3.3402 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1098.579253][T21653] Tainted: [U]=USER [ 1098.579261][T21653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1098.579277][T21653] Call Trace: [ 1098.579285][T21653] [ 1098.579295][T21653] dump_stack_lvl+0x116/0x1f0 [ 1098.579319][T21653] ? traverse.part.0.constprop.0+0x2c0/0x640 [ 1098.579355][T21653] print_unlock_imbalance_bug+0x11b/0x130 [ 1098.579390][T21653] ? traverse.part.0.constprop.0+0x2c0/0x640 [ 1098.579424][T21653] lock_release+0x242/0x2f0 [ 1098.579459][T21653] __mutex_unlock_slowpath+0xa2/0x6a0 [ 1098.579486][T21653] ? rcu_is_watching+0x12/0xc0 [ 1098.579512][T21653] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1098.579538][T21653] ? __kmalloc_cache_noprof+0x249/0x3e0 [ 1098.579574][T21653] ? rcu_is_watching+0x12/0xc0 [ 1098.579599][T21653] ? kfree+0x24f/0x4d0 [ 1098.579631][T21653] ? s_start+0x28c/0x320 [ 1098.579673][T21653] traverse.part.0.constprop.0+0x2c0/0x640 [ 1098.579713][T21653] seq_read_iter+0x932/0x12c0 [ 1098.579752][T21653] seq_read+0x39e/0x4e0 [ 1098.579785][T21653] ? __pfx_seq_read+0x10/0x10 [ 1098.579817][T21653] ? get_pid_task+0xfc/0x250 [ 1098.579857][T21653] ? rw_verify_area+0xcf/0x680 [ 1098.579891][T21653] ? __pfx_seq_read+0x10/0x10 [ 1098.579923][T21653] vfs_read+0x1e1/0xc60 [ 1098.579962][T21653] ? __pfx_vfs_read+0x10/0x10 [ 1098.579997][T21653] ? find_held_lock+0x2b/0x80 [ 1098.580022][T21653] ? __fget_files+0x204/0x3c0 [ 1098.580059][T21653] ? __fget_files+0x20e/0x3c0 [ 1098.580094][T21653] ? __fget_files+0x190/0x3c0 [ 1098.580133][T21653] __x64_sys_pread64+0x1eb/0x250 [ 1098.580173][T21653] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1098.580218][T21653] do_syscall_64+0xcd/0x490 [ 1098.580244][T21653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.580271][T21653] RIP: 0033:0x7f485538e929 [ 1098.580291][T21653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1098.580317][T21653] RSP: 002b:00007f485612d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1098.580341][T21653] RAX: ffffffffffffffda RBX: 00007f48555b5fa0 RCX: 00007f485538e929 [ 1098.580358][T21653] RDX: 0000000073528428 RSI: 0000200000002680 RDI: 0000000000000003 [ 1098.580376][T21653] RBP: 00007f485612d090 R08: 0000000000000000 R09: 0000000000000000 [ 1098.580392][T21653] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1098.580407][T21653] R13: 0000000000000000 R14: 00007f48555b5fa0 R15: 00007fff2c26f118 [ 1098.580431][T21653] [ 1098.866176][T21660] FAULT_INJECTION: forcing a failure. [ 1098.866176][T21660] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.893425][T21660] CPU: 1 UID: 0 PID: 21660 Comm: syz.1.3403 Tainted: G U 6.15.0-syzkaller-13743-g8630c59e9936 #0 PREEMPT(full) [ 1098.893474][T21660] Tainted: [U]=USER [ 1098.893485][T21660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1098.893514][T21660] Call Trace: [ 1098.893523][T21660] [ 1098.893533][T21660] dump_stack_lvl+0x16c/0x1f0 [ 1098.893565][T21660] should_fail_ex+0x512/0x640 [ 1098.893611][T21660] should_failslab+0xc2/0x120 [ 1098.893640][T21660] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1098.893683][T21660] ? do_timer_create+0x18a/0x14e0 [ 1098.893721][T21660] ? rcu_is_watching+0x12/0xc0 [ 1098.893750][T21660] do_timer_create+0x18a/0x14e0 [ 1098.893788][T21660] ? __might_fault+0x13b/0x190 [ 1098.893830][T21660] ? __pfx_do_timer_create+0x10/0x10 [ 1098.893865][T21660] ? lock_release+0x201/0x2f0 [ 1098.893908][T21660] __x64_sys_timer_create+0x182/0x1d0 [ 1098.893949][T21660] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 1098.893998][T21660] do_syscall_64+0xcd/0x490 [ 1098.894027][T21660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.894056][T21660] RIP: 0033:0x7f450cd8e929 [ 1098.894077][T21660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1098.894106][T21660] RSP: 002b:00007f450dbfc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000de [ 1098.894133][T21660] RAX: ffffffffffffffda RBX: 00007f450cfb6080 RCX: 00007f450cd8e929 [ 1098.894153][T21660] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 1098.894170][T21660] RBP: 00007f450ce10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1098.894189][T21660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1098.894206][T21660] R13: 0000000000000000 R14: 00007f450cfb6080 R15: 00007ffe82d0aa18 [ 1098.894234][T21660]