last executing test programs: 5.828743605s ago: executing program 0 (id=1421): mmap$auto(0x0, 0x2024005, 0x6, 0xeb2, 0xfffffffffffffffb, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/nbd14/ext_range\x00', 0x140, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003480)=""/247, 0xf7) pidfd_open$auto(0x1, 0x0) socket(0x2, 0x3, 0x100) unshare$auto(0x40000080) ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x400003b, 0x8, 0x0, 0x4000000001, 0xffffffffffffffff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) unshare$auto(0x40000080) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) bpf$auto(0x2, &(0x7f00000001c0)=@batch={0x8000000000009, 0x80000001, 0x10008, 0x8250, 0xa6d5, 0xffffffffffffffff, 0x7, 0x6}, 0x103) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYRES64=r1], 0x1d8}, 0x1, 0x0, 0x0, 0x48080}, 0x4001) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x88000, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000) r4 = socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.150408086s ago: executing program 0 (id=1431): r0 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000140), 0x301000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x80006a) connect$auto(0x3, &(0x7f00000000c0)=@generic={0x2b, "5317ca81a2b5da443f872eb8a595"}, 0x55) setsockopt$auto(r2, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x10000000017, 0x28, 0x4, 0x8000000156, 0x0) open(0x0, 0x1e1401, 0xe5) r3 = socket(0x2, 0x5, 0x0) close_range$auto(r3, r3, 0x7) bpf$auto(0x4004, &(0x7f0000000340)=@link_update={0xa, @new_prog_fd=r0, 0x4007, @old_prog_fd=0x13b}, 0xa3) socket(0x2, 0x801, 0x100) socket(0x25, 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x4000, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x8000, 0x0) setreuid$auto(0xffffffffffffffff, 0x8) r4 = pidfd_open$auto(0x1, 0x0) setns(r4, 0x20000) r5 = getpid() process_vm_readv$auto(r5, &(0x7f00000001c0)={0x0, 0xfff}, 0x6, &(0x7f0000000280)={&(0x7f0000000400)="6c4bc022f1a924305022a30137693a982a45fbe9ff2946c55588f6e6b4d2ac8a3cf622fea061dabb10c9e95074b44c5a60ce8869b2543b524155c6f578f91d601e080b93079026b4df1c404d8a1c2a1326c86f5e9ef22cd70b4ea5384b648a4b98edbb52f55430b8d125ca741481566365547ee43cf3ee361ecb7c35c27e777dd06bf72995389a2c44f9cfbab8908856f5dc45f0bfd4270ed456554aa7d35e948dbe24d3c981282eecca96667fb3a1b8b72e0efb330ba6ff1e80419bdd9947", 0xffffffff}, 0x6, 0x28e8) r6 = bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x5, 0x105, 0xc, 0xb, 0x800, 0xffffffffffffffff, 0x5, "d81ddef9d4e6d312212bab98f4060bd8", 0x0, 0xffffffffffffffff, 0x7fffffff, 0xa991, 0x7, 0x8001}, 0x7) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xce, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r6, 0x4, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0xe4, 0x95f4da0a, 0xfffffffffff7ffff, 0x3, 0x62, 0x80000001, 0xa, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 4.074268814s ago: executing program 3 (id=1433): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) flock$auto(0xffffffffffffffff, 0x4) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) r1 = socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r2, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0d, 0x20000003, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) sendfile$auto(r5, r5, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x8, 0x16) ioctl$auto_BLKTRACESETUP32(r4, 0xc0401273, &(0x7f0000000340)={"b1a100b967be2e54e34c9d44929be213f9ecda96b6a1d2f6d86c74861092fb8c", 0x8001, 0xffffffff, 0x40, 0x2, 0x1, 0xffffffffffffffff}) r7 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/tracing_thresh\x00', 0x40280, 0x0) dup$auto(r7) sendmsg$auto_NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="b0010000", @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES32=r6, @ANYBLOB="a3a692c937d6889c54cbc2458ed7e1a3338238f90d4f461280f9092a7d7033be65ed7e142b7521f04b23444100005399222471aeaa74f504cb38cb66ad204de6df6e97b9c613f52492da3e5c39a2742f2a23b3612af0124a1250163dcdcf0c614071dea33757628487ff97897f59e6f3001539643f0fbd5f5a68d22c2af3408938b2bf5a7f51d0e18e033e56425e132b071e3ad5c6fb2ee2f4b55fae10f899c223f209f84033e629ecac7ed665e2fb1b0fe0e76e7c9cfb8563276c04e83c72bbc8030ea75b9480d151790ed95f51a71cfb1ab2cf4001c564f3cd0b72cfd7a6dff7ff3d5438a6315e7e2e43563e67e645371d98adb1d178cc6f5d3aa919a918c7f710ed5b17ae629dfac533311e16f1577ceedec32954b5364ce4435987c4c3e92c2f5b69c4504e126f8cfa5e40ea3d0405e9da214888d8daeb1b39ff2b368627f5c71d648261add93350ac2ea6bfe37123744e1400430000000000000000000000ffffffffffff0000f27f55c0c52d5ab0215839f06d0b98852e9f000000"], 0x1b0}, 0x1, 0x0, 0x0, 0x4008015}, 0xd0) madvise$auto(0x0, 0x200007, 0x19) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) setsockopt$auto_SO_INCOMING_CPU(r2, 0x72, 0x31, &(0x7f0000000040)='\x00', 0x81) close_range$auto(0x2, 0x8, 0x0) 3.997411411s ago: executing program 1 (id=1434): rseq$auto(&(0x7f0000000340)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8000006) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x7, 0x48, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x1, &(0x7f0000000100)={0x0}, 0x9, 0x0, 0x4000000000005, 0x42}, 0x800}, 0x4, 0x4008) getdents64$auto(0xffffffffffffffff, &(0x7f00000005c0)={0x9, 0x80, 0x10, 0x8, "5f7441e6fc753c522269e5c2cfd54c174c4022b4144ac008e8b3a77089acf9c35bf9def3b113c9c361a9b5347864f947366de3eba988b0d0b70c667b82a472cf055eeb59d41b0005b9a0355ebe09737dd984cff9b65849f9f7d9a0cd8d1589cc4c9bf5e3614893"}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[], 0x1ac}}, 0x4c041) setsockopt$auto(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x7fffffff) mmap$auto(0x2, 0x20009, 0xe2, 0xed0, 0xffffffffffffffff, 0x5) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[], 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c3c57d5"], 0x50}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) sched_setattr$auto(0x0, &(0x7f00000002c0)={0x1000, 0x50, 0x400000001d, 0xa9, 0x0, 0x4, 0xb, 0x71, 0xb, 0x5}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r1, 0x57, r0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[,\\\b\"B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20\x89\x8dT\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa0\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00') ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f00000004c0)={0x1, 0x80}) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio1\x00', 0x20040, 0x0) sysfs$auto(0x2, 0x11, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0xffffffffffffffff, 0x6173, 0x2, 0xeb1, 0x401, 0x7) getpid() openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x10200, 0x0) 3.579538208s ago: executing program 0 (id=1435): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000080), r0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0) sendfile$auto(r2, r1, 0x0, 0x7) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x3, 0x1000df, 0x9b72, 0x7, 0x28000) socket(0x2c, 0x2, 0x8b) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) r4 = socket(0x15, 0x5, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x6, &(0x7f0000000780)="853f86a671b500d303cf4c9a414b10efd6050000001facf83b2efd115412c9d21f9d3c6b1b351521ab7f05b543475463ef40c68679d8e2646557698d1e92f00a7f1d0eb7029eaaf480bc86ffc0344f7bacb10000000000000000000000001300000000e2ffcdbcccafa7561e2069a774794510fbe3474db2c77c2b7ebcd4614e0ac5a8e27ba1bd4e426a2dc349212a3de29117647d5aabf1d809ee9d77669658c6bfa708c8481c4879e41f07dfb6d31ad49372084b9c2020a177dfcd5ffddd692d5baedfddeddde347b645178af2d771e7b09dbc5e2ac227fe871655ac37d8393ac3d4fbb8eff760ce14c1ce62322860d4d76c42f42b7219c7cad7a8e543a84952000000d2d21f5d3326ddb1e3b0cb38683979f8a57390fd3ebbf91ef4bdab12e2e6256c17b2debe21b93303758d483af0bcd09e93f9a913f3403c17c89ff4c82dc1f2c36d9cd3c69b60a8cdf3c3f346dc7085a9f8039ed4293ac3eca031300982490e01d9dc0bf1094a5e9666891dd80e74158bf2d069a673c0e16ca41e73f5184b3f01ce904dab6fb1931df0c39349c899a521245ffcdfc7f21b13324aef742c0a855d1c8c856380d3ea647674f7225c77c4cbaceba486fa55e025cf5c12bdb5b083622bb4b4d3fa4937624aafed3ec8e7daf3ca87061ec3b3c7f5b28ea6f68434f8209d6a3429b86a14aa7f1f304f407d7e50c043dcea42c5882e5279e7aeccc973f797795bb771e38382f4ddabb9bdca4d6d98aed7f6eeef11e59ec5e126c8f058668e15d4a2c72df73c6b5022301244257e797fcc566d9feb7de4a26a1a78fef862027d904deb83af9ba16126fbd6ec0c64bb5018f80f513ed4540b948530a9c9bda60ca5b39bcf04978773106877bb40e3ac6024507108bcd6fb143d7126e0049a3cc610fc4d880d6f3ebaf03b9d13585e09781f59e93b102d3bbd42deb51d07a74a918e6f4692ee1f51c336cf2d3f982e02bd2bc5c26e65116f88f3d08a8a53f46dcf179d590aee63f27489cb57d59dbcff701b69d9d9297c4c3ca550084f7867e40ba0970fabf8a631e95ba5e0d13b2792537b9112329675dd8619b6b813953e95d93a255643144849e1f42948ce04bc50e3e3fc2a") sendmsg$auto_TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000094}, 0x10008880) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'caif0\x00'}) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x40, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/node/node0/numastat\x00', 0xa000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000300)=""/33, 0x21) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000180), 0x210500, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp6\x00', 0x0, 0x0) pread64$auto(r6, 0x0, 0x100000000008, 0x8000) socket(0x10, 0x3, 0x6) 3.061655215s ago: executing program 1 (id=1437): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0xa, 0x801, 0x106) pipe2$auto(0x0, 0x4800) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f0000002b80)={@sival_int=0x1ff}, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) 2.780157001s ago: executing program 2 (id=1438): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(&(0x7f0000000040)='\x85\x19bI\xfe\x7f\x17t\xe9\xf24\x907\x1c$\x13\x03\xe1\xd7vj`\xc8\xeb\xeb\x05?\xfa\xb1\xe5(\xc5!\"x\xafX&hva\xba\x04\xc2\x03{\xfbm\xd0\x96\"\xe8\xd3\xc3\xd7\x04\x00\x00\x00\x93i\xb8D\xa8u\x96\b\x1c\xb7\x9f\xba=\xa8\n\\\xf9y\x8f\x13h.\xd9j\x85<\x0ern\xaes3\xc3M\x959_\xd9\x18]\xcbw\x94\x85\xe6\x05\x06-\x80\xab76\xe5\n\x94\x90;\x0e\xb5\a\x00\xf0 \xca\xb7\xcet\xfe\xa4bu\xe9JK\xf7lA\x93]\xbb\xb2\x00\x7f\x1as\x9co&\x85', 0x4) fcntl$auto(0xff80000000000000, 0x409, 0x13) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0xb5, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40100, 0x0) pread64$auto(r1, 0x0, 0x10001, 0x830) write$auto(r0, 0x0, 0x30fe) bpf$auto(0x19, 0x0, 0x92) mmap$auto(0x6, 0x2020006, 0x9, 0x11, 0x8000000000000000, 0x8000) 2.5692528s ago: executing program 0 (id=1439): close_range$auto(0x0, 0xffffffffffffffff, 0x2) r0 = pidfd_open$auto(0x1, 0x0) r1 = socket(0xa, 0x3, 0x100) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000300)={"4a660dc167d897915b44eb7009b4a3035a52c53940bca2a116800e212f0400", 0x3, 0xfffffffc, 0xe, 0x8, 0x9, 0x0}) bpf$auto(0x2, &(0x7f00000001c0)=@task_fd_query={r2, r0, 0xdf66, 0x3, 0x1, 0xffff, r1, 0x7, 0x2000000000ca6}, 0x3) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x88000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, 0x0) ioctl$auto(0x3, 0xc0383e04, 0xffffffffffffffff) ioctl$auto_KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000280)={0x4, 0xee00, 0x100, 0xba73}) quotactl_fd$auto(r3, 0x6, r6, &(0x7f0000000380)="0cc047f4b518041c636e21b7205dae837ecbef5c9b3589637b96dd896858b2d9e9bf4802b53645cbefbf8e330bbd370b7142b642928dd14a3f387fad3ce1c203087ece4299cf83c2469409b731bf59cc187cc4cfbe59a3653d4ff258da49b14a134fd446f4fe316f09f26ea8966f87d873267820aa3fc98a42b9f8eb74d2d6667013ec47c24662d665ccb19fb91cb28fa7faa77263593447b55d7ea1c0ee428f38ff2bcd1ae9bd") r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r7, 0x4b68, 0xffffffffffffffff) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/rose8/address\x00', 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r8 = io_uring_setup$auto(0x4, 0x0) close_range$auto(0x2, r8, 0x0) arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r9 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r9, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.527887165s ago: executing program 1 (id=1440): sched_setaffinity$auto(0x0, 0xffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) unshare$auto(0x40000080) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fff) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) listen$auto(0x3, 0x81) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) shutdown$auto(r1, 0x844) close_range$auto(0x2, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x400, 0x6) pread64$auto(0xffffffffffffffff, 0x0, 0x2, 0x100000005) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000010, 0x400, 0x2}]}) socket(0xe, 0xa, 0x7fffffff) 2.426050112s ago: executing program 2 (id=1441): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r2 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000480), 0xa2200, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r2, 0x40087543, &(0x7f00000004c0)={0x5, 0x2e9, [{0xffffffffffffffff, 0x0, 0x5, 0xd}, {0xffffffffffffffff, 0x0, 0xffff, 0x4}, {0xffffffffffffffff, 0x0, 0xc43, 0x3}, {0xffffffffffffffff, 0x0, 0x6}]}) recvmmsg$auto(r1, &(0x7f00000000c0)={{&(0x7f0000000380)="7d0ac4e5176e5e1c9ef1bd18f438120d9aa5beaac771c0384053af11bdf0231a450c4c67d2227d8c3631bbe16af0430d3b96204d3f630922f4c0f8dce895c683480c4a59b4ab26a8fe7bd69d6c8bfdf11f34673a2b57a3ba11fd93973f1eacbaa1181382c9f460f8b3ee3718ae6fa0acd46984e982ce4117a4cb4d2dca21cb9efc18f8bff90a2444fa770232de702a420de95676d9e39f014ffbec906fc8cb064201c93ccb81bfb1c6618ce6ffb02c0e8cae016a2b17d1246a74e0c714ab2ea01863f39aa8c876ef94def0c1beee5709d0d871fbb4906f89b79759904d692af5", 0x80, &(0x7f0000000000)={&(0x7f0000000480)="eb6a8fc3b13a750e5e171b477e72c351c8769e3ee0c958845ad05355a297895e4b2e82f7d0403d7f18b3a8af9971bf8eb58eeacc4f", 0xd69b}, 0x2, 0x0, 0x8bed, 0x3}, 0x765}, 0xfffffffa, 0xc, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), r0) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010f2cbd7000ffdbdf251f00000008002100f9ffffffb363df11ab6818b59a70a25726fc8e22bcb1d4e11d2eb0565d360281e74fb7fcd09a6158d089b648a0ad8a4d72fc2794124662fcf55567cd9c02aa852860353884168425bce749521b36543832b021caa7335aade2968c3639a643cf2e5d8cf92c52d36cc83fcf690176fd67dc3075b2"], 0x1c}, 0x1, 0x0, 0x0, 0x24040085}, 0x40) 2.299993083s ago: executing program 3 (id=1442): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x5, 0x8000000000000001, 0x7, 0x5570, r0, 0x104) mremap$auto(0x4000, 0xc0, 0x1000401, 0x480000000000, 0xfffff000) close_range$auto(r0, 0xffffffffffffffff, 0x746b) (async) close_range$auto(r0, 0xffffffffffffffff, 0x746b) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2002, 0x0) close_range$auto(0x2, 0x8, 0x6) mmap$auto(0x0, 0x8, 0x100, 0x16, 0x2, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x802, 0x0) fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x2, 0x2) (async) r2 = fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x2, 0x2) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x80400, 0x0) (async) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x80400, 0x0) r3 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) read$auto_hwsim_fops_ps_(r3, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x4, 0x0) (async) r4 = socket(0x2, 0x4, 0x0) fcntl$auto(0xffffffffffffffff, 0x402, 0x1) (async) r5 = fcntl$auto(0xffffffffffffffff, 0x402, 0x1) fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff) bind$auto(r4, &(0x7f0000000040)=@l2={0x1f, 0xf, @none, 0xf97}, 0x6d) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xfffffffffffffeb9}, 0x1, 0x0, 0x0, 0x24008800}, 0x4c011) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xfffffffffffffeb9}, 0x1, 0x0, 0x0, 0x24008800}, 0x4c011) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x6f, 0x0, 0x1, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x809) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x147c00, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) (async) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0) mmap$auto(0xffffffffffffff6f, 0xf81, 0x0, 0x10, r2, 0x300000000000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sg0\x00', 0x64a780, 0x0) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sg0\x00', 0x64a780, 0x0) unshare$auto(0x40000080) 1.516301844s ago: executing program 0 (id=1443): unshare$auto(0x40000080) futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff) r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x800, 0x0) read$auto_aoe_fops_aoechr(r0, 0x0, 0x0) getrandom$auto(&(0x7f0000000140)='/dev/loop-control\x00', 0x3, 0x7f) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0x980, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x7ffffffc, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ppoll$auto(&(0x7f0000000040)={r1, 0x3, 0x2}, 0x2f9638f3, &(0x7f0000000080)={0x66e2, 0x512d}, &(0x7f0000000100)={0x3ff}, 0x8) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da09, 0x3, 0x2, 0x62, 0x8000001f, 0x7, 0x9, 0x5, 0x2, 0x3]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffc54, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/pid\x00') splice$auto(r3, &(0x7f0000000080)=0x7, r3, &(0x7f00000000c0)=0x400, 0x2, 0x7e000000) setns(r3, 0x8000000) memfd_secret$auto(0x0) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/usb/usbmon/30t\x00', 0x660702, 0x0) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, r4, 0x8000) 1.417686674s ago: executing program 2 (id=1444): mmap$auto(0x0, 0x4, 0x4000000000df, 0x1000000040eb4, 0x401, 0x8000000000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(r0, &(0x7f0000000040)=@l2={0x1f, 0x280, @any, 0xd072, 0x1}, 0x58) (async) connect$auto(r0, &(0x7f0000000040)=@l2={0x1f, 0x280, @any, 0xd072, 0x1}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x700) (async) r1 = socket(0xa, 0x2, 0x700) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@ax25={0x3, @null}, 0x55) (async) connect$auto(r2, &(0x7f00000018c0)=@ax25={0x3, @null}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, r1, 0x6) r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x20401, 0x0) write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000) mmap$auto(0x5, 0x20009, 0x4001000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x5, 0x20009, 0x4001000000df, 0xeb1, 0x401, 0x8000) syz_clone3(&(0x7f0000000080)={0x123060000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, &(0x7f00000011c0)=[0x0], 0x1}, 0x58) madvise$auto(0x1ffff000, 0x7, 0x36f) open(&(0x7f0000000100)='./file0/file0\x00', 0x4f0040, 0x84) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0xffffffffffffffff, 0xe, 0x6) (async) madvise$auto(0xffffffffffffffff, 0xe, 0x6) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x44004}, 0x408c1) (async) sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x44004}, 0x408c1) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) 640.359788ms ago: executing program 3 (id=1445): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(0x0, 0x9, 0x0) (async) socketpair$auto(0x1e, 0x1, 0xd1de, 0x0) open(0x0, 0x149443, 0x0) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x8000, 0x0) (async, rerun: 64) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC0\x00', 0x80, 0x0) (rerun: 64) ioctl$auto(r1, 0xc10c5541, r0) 560.795565ms ago: executing program 3 (id=1446): r0 = getuid() ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0xa, 0xa) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) r2 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000000), 0x80101, 0x0) write$auto_split_huge_pages_fops_huge_memory(r2, &(0x7f0000000040)="2f9143327f204f9127bd0c494bb2f75e31ed950d27740ce92a30e0e11bc8194405a0e11688c0cd430e1910af85020ee71b5282c57712be0f3c9df550b5f3058d9610d37abc796d83a3255541a3f76be41280499360c4a71d3fb896da6ff74a5251ab0ba3ab2c", 0x66) setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x28) sendmmsg$auto(r1, &(0x7f0000000300)={{&(0x7f0000000140), 0x12, &(0x7f0000000280)={0x0, 0x4e}, 0x7, 0x0, 0x3, 0x1}, 0x7}, 0x8, 0x7fff) keyctl$auto(0x2, 0xfffffffffffffffd, r0, 0xee01, 0xa00002) r3 = open(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x220080, 0xb5d1af1605322c72) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(r1, &(0x7f00000015c0)={{&(0x7f0000001340)="15b753a26c50476113dd0c887f3c9b0b0bba58d65ed775d1b73c6194280683bcb883906e1815b2ff0b4148a9b9b33fa7a68f13b9f441b234e20d08ed20e5fcbf3639852b713c08148104cbca717edb997425fe56766424243b7e5cc6878f37bccba805295572b5bc00738ca4248c8668fb50d29f6a120d38d1735a2bc15f407416fc8b86819e74e7c511aafde41035aab5f7e7667965ed193375f32a22729a9817ec04a9ddd73552c006217f3e39b798fd0e12e385158359046ba217f4985b2327f408fd2d5a04b2bb1722e6a56f4ccfc1220409c4b83cb8db285e78fa91015800b844313375b0c81c831f8a6dbdb7f800c1e7d46e3325af76ed495685", 0x9, &(0x7f0000001480)={&(0x7f0000001440)="bbfcbed3262de6c3731fddcce1e02087bc8b3599aaee320d8990a999", 0x5}, 0xab, &(0x7f00000014c0)="4f33afc69a8c89fc30e85aec27d9fcd716cfc67affc022e1e6ef2f2d6db2f7cfc3e11f272efe2f4bc649f5ba9e6888ab364c9368218b19e2ba7d03529aa422a91508858834dc5e99bfe346ebf118f5b9ff0006f0c7cce2beef9809173791bc3aa17bcc0087f904fe7e7e80127e4a04aaae54916f729354a83b47d896054963d62bfeff920c75945b7d231d9e2d28d3c795b478ba658c544c1605ce0b946826129d8860f97dfc4c661c45deb27f6b8372b9dab6eff0a922f28a4aa75bfe1cb63ffd2fd199e500383cb2b228db0e5f695e3f0c6f3b71a697958d689af22546a33d430903b0c516ca9598c4ec29", 0x4}, 0x80000001}, 0x99, 0x2) mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b40, 0x0) ppoll$auto(&(0x7f0000000000)={r4, 0x844}, 0x5, 0x0, 0x0, 0x8) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r7, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}]}, 0x24}}, 0x4000000) read$auto(0x3, 0x0, 0xf34) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/loop8/rqos/wbt/inflight\x00', 0x0, 0x0) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000001300), r3) socket(0x2, 0x1, 0x0) ioctl$auto_XFS_IOC_FREESP(r3, 0x4030580b, &(0x7f00000000c0)={0x5, 0x9, 0x2, 0xa, 0x100, 0xffffffffffffffff}) r9 = set_tid_address$auto(0x0) syz_open_procfs$namespace(r9, &(0x7f0000000080)) syz_clone3(&(0x7f0000001280)={0x200940000, &(0x7f0000000140), &(0x7f0000000180)=0x0, &(0x7f00000001c0), {0x13}, &(0x7f0000000200)=""/13, 0xd, &(0x7f0000000240)=""/4096, &(0x7f0000001240)=[r8, r9], 0x2, {r5}}, 0x58) sched_rr_get_interval$auto(r10, 0x0) pidfd_open$auto(r9, 0x7) open_by_handle_at$auto(r3, &(0x7f0000000040)={0x8, 0x8, 'w\x00\x00\x00\x00\x00\x00\x00'}, 0x9c) 478.826898ms ago: executing program 1 (id=1447): io_uring_setup$auto(0x59, &(0x7f0000000340)={0x7fffffff, 0xd, 0x2, 0x4, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) 342.535063ms ago: executing program 2 (id=1448): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0xa, 0x801, 0x106) pipe2$auto(0x0, 0x4800) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f0000002b80)={@sival_int=0x1ff}, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) 337.405024ms ago: executing program 0 (id=1449): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000000)="b19954b0f03772040252b0f74914332bda914abb959de8ceac7cf2419e2fe4f4c0139256ea6b0a0ede542032aec74e3587e245c5e6cc5e81575b8b68a7a1a85e1d25cd83") r1 = epoll_create$auto(0x4) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) epoll_ctl$auto(r1, 0x1, r2, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000140)={{0x0, 0x2, 0x200800, 0x3, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, 0x0) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000001000)='/dev/sg0\x00', 0x294480, 0x0) mmap$auto(0x0, 0x2020006, 0x8004, 0xeb1, r4, 0x1007ffd) r5 = prctl$auto_PR_SET_MM_ARG_START(0x1ff, 0x8, 0x0, 0x4, 0xffffffffffffff94) ioctl$auto_BTRFS_IOC_RESIZE(r5, 0x50009403, &(0x7f0000000000)={@raw=0xfffffffffffffffc, "471e44d42a37f434d0405f36f8487962808fb1abb41aa21954d788c7c0313ad8e05d833e69339b817eeebdd89e74aedb43fd7a2e2379b8e9c8f141c73c6f57b10fb6f3d05d8fe13d6bdc818a8b6f66bda011bcb04cf1e118c0aceaa8805b684957990da484463b82cab002c2246def987ff7b5ce6b3d47bbbb7442f5bb3eb74ed4c3278924dcd9c489fd26bd5e83d4c961f9c9c124c7215c9bdf521a949add25f6ba2b672f37f0354902d0cfe708c906ee8327f4ae8fe77cf55034e6314ba1958c85e71cb1d1c2c27f7469c242f800adfd579f611337b633552db1780ee745595e5bf4dd700d91707bdd5d603c036525fe36eaced191ceec562d3fe05370005535917d4a391b7e97909ec4923d7e65098bf283e5af46387558fe1eb0f528ca34131af566aedb3d6a873d4619385789791dc9734f790bad76e240f26f1d70fe5c3b7badb5efa1782c0df5fefd912676b227c221973f4ab590e3a87816dd6777dfb12f9b7eab7122ffdbb6b01d852385289a5918990ef52f6079d8d01f87b506818ba3c0da715dac27f877998658aa309819c392d808ee49bd2d1380d428067b4e1339dce5f0bc2b98ba3551dd06479902e6616c365ea0a69d1224590f85b216f86b91b59aaf234e08dacd38d1f8811149d6b7fbbfb08f888b1d100d54fa549656c2c34403631198e1090538825524faf5a76031d38223bfc731cd0e9c8c6a056a277f0c6b65c7a09d7e2b10fc552107185081bf8dca76d76bed0bf53b05c0f937bb089630570d30871561a1ab9bf898755c7665e9046f32d8ce72f8a49f7e93d0e9257e61b2f1774a6a598310f3faa4103b9be53463327936b2ea607e26b062bdd06b964cce337f86d043df705e56c9f76f62db50994e8b77d6647e704ebffc65851e9881cda977ae4e36b06e9336904a7e06d2e45329477418393ed5f5af5b3f4e0d93f067ea2bb599ae9e0b448fc31b5fd0e929d7d2d4ec44a4ded2396f90f19cf405f17d9a22704d15e77d7d754a96f0215f20d7f6df097d1cc3f410afcfe50cfd40209b8953128844ce6cd8cf1ef74f8b8568ca856d33c15c20cc1c324af0b0d2c7610a725909c9019df5a45670f3ee4e74bbfa4d4495eeb3114247f7b6939e389d715f8c3956e056cd3834066df78e5b6aa9670e4185b4c6d9b092e151f6d15154d6f796e0adb62bd334a804a49207d3f350f380dece77aa3ad780f44fd9a1b8e61e50e2ca09d5767d9dfd8cb9eeaf5351459307a8d884eff4d499298adc1165c98a2cd6b912b41d7eb7c8d739192ef96e118d7a1f59ee41a6cedf9292ccc52cbbc186cb55556a1737d0fc6b61820170a4d33b1d7a0f5e11c57b73bb6f754bfb4e959af9d2b0a3f5c163f5be972b4ab48e14e6adfa9c491e356e3383f6d639b0fbd17e841ed78117a21b9e4047e9a89fd5490ee54780260918f672531e31302c717624f61d276913392714b63531511d092601b10f6c2e231122a7bb4fdc85a3e823df49561f6327840ac358408d4b9af74d00e7175767eeaac88dca5d30bbd35ecdbafff04b8bed492fd58dd7f8570225d6f9b75d117bc4c8609fad6fcb12133f5918931e5cf988a68ff8880ca05b6145b095274eb714cab2825ef7c375f64584a953c48ebd39259b90cd319fe752774fcef95eae8784adc11d355ca8223fad5b200304c48ab3725299c883a2cd68aa601ff3ff020840ca955d805f2832ee98bd7206baa34b523d8223d13cb2ded7264be7e32670a81421661023f2231d49e3355bbe5e5b49d2f98cc9a4c4cd75dd0b944efac5f93711bfec97cafa8096f73c8f3d333a9ae02fc4155d85366f7d021a554848f9e262cc47e57296a4a7d125570e86c024225d8115a18e97f2523ffde5c4c019be53d33b261b95b9933e4d8a8cba93d754f9a09b355a8398abc2acbb403b29522833b1a7acba65621f7e87cb1f632f4853c1271318b96db610a05d1a86ce39a65d290d0f0bcaee86af1cabd8f9d2a43cce7e2f0de203e689ccee52d061efebb8954a438412d52e711f287039a64d4664d90c64b358e26a22daeeaff633fe4ea1e2d33c34ed49d38e185d43854ec9b101bd08d77fbd6893e9394dd78640dd507aae92273b47121b4d5c18c444a1b078bd9c3825c593d92fe75d0c5217b8f5c3d5deb74a8a78c76b5b379093a198cc1b1a501a634e488fe8032c7d81079b0fcb5aae4af8f2f4408818f5abbb7850aff0421ba985588eabdb312ecff285b36cf533bbc06b7bb684d4128ec98bf0f9b642453895d4eade41bad5017de7ec60d5c9781ed420aab32ccdd6b6dcf3d92cb6602070509dc4e1d3ce1c9750d0a4d44565e057bfef4b243a612806ec250103a9ad83fc7c8d3494158e47c73c6745d047d38c5425e61db8ab90b1e6fca9252f2faaeba8e0d530cd42aabb48187f725e7c47fdc2ea87287bb8811791a500c2358c16e2c03fccc4db7d425b9bb9b8a5cbfe5fd850741da2313fc68aadaf441d0aea3115086ccb4dd6d7df4dec446b3b936faad76c24bdd287b00f8b90804b0072d8f8c89a686bbcdc1290eefd04f83e02b7c01a1c585b2ee4a50f472b5e6b19c40e1585fdfa9c35741812c4cad383e1c4389316b2c3bea7bf9ecfcd554b19d6bb0e2a538f049364087f2898e003a6978547b0083f6fa693d7760cb5569774237c9e080413ff03e4bf11b2044633df0d2f75ff5902d31ce4aa546a73c3687627b35b068903b54004ecb3d2547a45ea0ac5c4c36bd6d0b8b3502acf228515c7f300631e2786f4c11b783b443b7493b8e9615881d21f5a8781ea32a4ca39d0e39ed68ec59abeeafe9fe2e86f91b7eebf86916f32730ccd4fd78fc904f1774691b177703b2d577f8200a518c99378ff7fa50cf6a2c65f4bf0de230448fe755c7d1289d9d483e3d0d715b4f1d2e9793f767efec07ada9bd69c5806b0a0a84c418a4607b3b97d23f4d71897778f499503e4abf71588c4172535e44890656fdd8f1824923cf62f4fd8895181ee862cd9a762d1cb7ee4080bd98f0b2c73da602873a43f64a0620023a3beee23c0793832d79e103347f8b64e0cf1f8254829a7b001ac30bd20b71a02882caa9085859843b6ed2993a88ec14a6e31f788c0c5601e0635e3c10809fc01aabb96f50b00d0a06c0227c8c9dc3dfba69f74484612fa18676de4a0c178f223bc1f6955b94f3b1b0974b8e33c6f1d59ad3522da4311757eddf0c3303ff22ff09902e3ed1d11cb2dde8b62f84afc8f533d9c3aab35caaf8f2125afd4b6e24ba6357cbd20cec09117f5cfdb8fd0d7966e6bf853ce3609648e7a02ac0a15a33b19689b78d6480b3b6104e65645668c09f2409709585e013df9d920ee95292a9030e3730cbb27de51b349caab943c1362540daa1101907916ac25a8d5aac3477e7076966c1ebc62d86421b2a6f724ba7f587ed1a2943307a5979df1631e49cdf6b1eb426610370df47b34e37068503769dec130eb495f53dae35c8ca838befc1ec6ddd33977b159a563c59eba2b7110486ba73e920d02c0566815907ec6d1ceef3cff8a5e85fa4a582ef7759c5aa01b7bc63fa1c9bdbf2c12a491312713eac672d29ab222d5ac988cba69e8b587f4abc8ffa84d520ebc4096e0f4d28cc51772828414591576ef703e43470b8607568901a52eb667f0c598fa61fa93a56a546b96806c0bdb3c3dc8c0534e01931c3d89af0969402a41da3a8282f3b65ec68094e38874413c2121f1793d797f2de538ef8adc21c29610032654ae315b538568c0f7322c235f03d479f35523a3a796259ee2540dcf9d1cbf65ae1aef67b95ab0a1dd7330966919247d9da97c49e879a60de51ce6cf8af675a7ea83935875ad5f8086416812b1d9cf8b2d82462e57271cc608f756e9ffac521182190704025a8e7234eb29966152863af22e0725c4c6be881cfc2df7b0a7afa1fb5ada2733bd11ba1e04f2ea314f43576fc991bac5d0a2ac10e003923be29b0db693ef4da9be90f0ac73ba3f425e0e8de003e21c9a56a1546e282389a15b88ea89a6b02cab488049acbec5980c203f01b303d6b377e1d972c544b68fe51f4db2479e431131d30e6c79480b4c2d4852a568610e55afa8c30fe82125afec72ebd1819b622854e3c78396bf59dee364d1953d497d0ceb245dfe2e622b7ff1950c38086d58d0aebc3960b84bf085a5e628fac7b30045ad20e6b9941e0a39efc71b617676c96bdf12a4373ec88ff28ab2d5c75a344e3eecb2c0c1d594ec79144253e538522b1bd81a6e9b377e8dc207bc0f2a76a3cbaefb26150dcab2bdcc2b945a2cd2901f6a430d94b539073e9308e8b4a31c2f3d4b9084f47b99df35dd3490a31e3bcc553af383cdc172eeb33c09ec3c40707c31aa791bcfd95b54b14d4c441e64f5f59461e26c2491906db3820f9ba6e119801c4d864c63fc0fec5f8f56cb4c52a54535fec761a74b4460f6d86492b7da6cb087f999267ed76c21955e5bea88e9865c339a1bc61b4594fd7a3a25dce32a14c8a7e930aa6dc929c576c0cfa8fdcbf738dc22763f8ff37f9b6e07bb2e5ecd8c576febecec45e86a218b1bc78020ab7dba695e0c2db5ca42085f475b10b9959feff6f65017012e135f8b26038ed829758b90a2c45472b8f401b74c7de8bc463b5cf6d2b2feb951f0444e2adec621be44650b8508acc8f281fb4926e55012f7d54eda08e4e91b79d120d7c98a7d8f9f27af88b2f8ef057bbd01f1e7b7031cd0a182faac62104ad5b8c8d7b3e95cfebe5978803305078d03c585eb139fd37f1192fc1a5828a1f4418ebe656329bf3da13bf3a74f0a9807820102d791de9923bc1b37fffacf6a0db82c48f231bb00a06e6d5cfe31b72a162b4b2761d8bc697769ed6879cef0bc1b896eb7871b96aec76cd0c4f55231b0f41987ee5d82e10ea9b1cecdec540450b25537362a542609e0a56ccf69a1bffb59be31766eb8631a25880c8b101907cf3d9eeb68b74cb946e13a3001174ada179b98ed6d3e6e8bd4231672f2987bc72153a11b2080a8e18921c5b4932ca48eeb5f719ce0caf41107c1e87145aab8a6ee665c118b3439ee01b1886e9fb9b91a88205a426112617b6045e9d375ee7565b9b1da0faa7b05290ae95522cc9ed3c7d1ab8154468bdf6ff986746225277c5a1a1458b6835116a7faff52a2b2675e66bc562e49cc526d4bdd6359d0793f37d4ff13a06136df0b2281b85e887071f37e9c2b80a6df85fc1ef84010ea9e07774c86037280fd74ad1ddbce6c5f81ca5c3a154eacf6223997b73c8fe0eced127b9f95ad0306e77eb34d2e604ff604cbb3b5ac9bf7b52e0f8fe6dde44d55f3c802c73ed3c5e0c7d4c9a2ec04ace540262bdf2215d19c65a3dd299c71f602d7ea48f548e0c55d632d0d16889f1a4e4f150fbb5614d33d89273cd73f56ad1c237f1891d3d4c99227fb927431b23ea3dba3b6e55bb9a86571d29049a7965178649609d11cb734bacd8716f05389ba756318b3cad771a5dbc7f6f8eee65025b1189e50d180229cc6a3716aa590b7cbd96daa2f28220d955300a93766baf1d5a07dbb4b478135284e2095ddebda7c8a09592c3826d97bd1a2531d970f3f5259e1821dd404c871e3497e926f581cb69a896bd20c7ed98ac9f86b1013809ded61697adaf2fe2f56dc6b5c856356f4decbd4943d1d14a617ae05dd785c4d71ea7c86f6fe9a1dc365c73fa75fca8f864c52aa5324802cdd691eec419f91331a55f1155f0f16e8fbab83882381398bf00942bbf82a1cf8e96168b3bbe60e1bc03a6ee83aa31a5f6dac4c0967dd4e"}) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/ext4/sda1/es_shrinker_info\x00', 0x8880, 0x0) close_range$auto(0x2, 0x8, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xbf) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000001040)={'veth1_to_bridge\x00'}) setsockopt$auto(0x3, 0x0, 0x12, 0x0, 0x28) read$auto(0x3, 0x0, 0x80) connect$auto(0x3, &(0x7f0000001080)=@isdn={0x22, 0x34, 0x5, 0x2, 0x5}, 0x1ff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 265.368658ms ago: executing program 1 (id=1450): r0 = socket(0x1f, 0x2, 0x73) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon11\x00', 0x6f59d794f07cd362, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000100)={&(0x7f0000000040)={0x7, 0xfe, 0x8, 0x1, 0xb, 0x0, 0x2, 0x2, 0x3, 0x1, 0x4, 0x3, 0x1, @setup="1c8a4ef6cb2cab5a", 0x5cc78a6a, 0x1, 0x7, 0xfff}, &(0x7f0000000080)="c57577d1e4e9b0852582e8bdd64986d20f8f7b48bef2f42e368229fb5098ea1c81b2171c5e98982e850513e6ca3bc618d73ed114a75ab1e31f47168873c0072f22fd3add66523410fc32a1263f635e7d1c4cb231efef11d1fb3aa16e49572d477033fe7d273b29100603d41a3de8867726d49be535", 0x3}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r0], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x13, &(0x7f0000000000), 0x2) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="2f212cbd7000fbdbdf252100000008000300", @ANYRES32=r6, @ANYBLOB="100006"], 0x2c}}, 0x20000800) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x7c, r5, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x7}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0xa}, @NL80211_ATTR_PMKID={0x50, 0x55, "6d845c5171aff871b8ab9b3095bbeefe56f126ad6e8eb1dad16169e456605a317b885a709c8a89765d8bef14cccb219a20642e0a0efe98dac7ba90e8553c0f3721710ebee225ee0d3decd0c0"}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x7}]}, 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 225.429942ms ago: executing program 3 (id=1451): close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) lremovexattr$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='/sys/firmware/devicetree/base/name\x00') r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) symlink$auto(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00') open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x8) open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000180)='{', 0x1) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @local}, 0x55) 188.039189ms ago: executing program 2 (id=1452): request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000000)='\x18)\x00', &(0x7f0000000040)='#\x00', &(0x7f0000000080)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000000c0)='\x18)\x00', &(0x7f0000000100)='\x18)\x00', &(0x7f0000000140)='@\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000180)='@\x00', &(0x7f00000001c0)='\'&/\x00', &(0x7f0000000200)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000240)='\x18)\x00', &(0x7f0000000280)='@\x00', &(0x7f00000002c0)='@\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000300)='\x00', &(0x7f0000000340)='@\x00', &(0x7f0000000380)='\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000300)='\x00', &(0x7f0000000340)='@\x00', &(0x7f0000000380)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000003c0)='-&@[\x00', &(0x7f0000000400)='9!\x00', &(0x7f0000000440)='\x18)\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000480)='!+,)\x00', &(0x7f00000004c0)='-&@[\x00', &(0x7f0000000500)='\x18)\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000540)='\x00', &(0x7f0000000580)='(-!\x00', &(0x7f00000005c0)=',\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000540)='\x00', &(0x7f0000000580)='(-!\x00', &(0x7f00000005c0)=',\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000600)=',\x00', &(0x7f0000000640)='::^$\x00', &(0x7f0000000680)=',\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000006c0)='\'\x00', &(0x7f0000000700)='\x18)\x00', &(0x7f0000000740)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000780)='@\x00', &(0x7f00000007c0)='9!\x00', &(0x7f0000000800)='$\'\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000780)='@\x00', &(0x7f00000007c0)='9!\x00', &(0x7f0000000800)='$\'\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000840)='$.{\x00', &(0x7f0000000880)='\x00', &(0x7f00000008c0)=',\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000900)='\'&/\x00', &(0x7f0000000940)='\'&/\x00', &(0x7f0000000980)='9!\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000009c0)='::^$\x00', &(0x7f0000000a00)=',\x00', &(0x7f0000000a40)='$.{\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000a80)=']%#\x00', &(0x7f0000000ac0)='9!\x00', &(0x7f0000000b00)='-&@[\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000b40)='+#\x00', &(0x7f0000000b80)='}.++}\x00', &(0x7f0000000bc0)='*\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000c00)='+#\x00', &(0x7f0000000c40)='!+,)\x00', &(0x7f0000000c80)='\x18)\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000cc0)=',\x00', &(0x7f0000000d00)='@\'\'},\x00', &(0x7f0000000d40)='&,\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000cc0)=',\x00', &(0x7f0000000d00)='@\'\'},\x00', &(0x7f0000000d40)='&,\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000d80)='(-!\x00', &(0x7f0000000dc0)='!\x00', &(0x7f0000000e00)='::^$\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000d80)='(-!\x00', &(0x7f0000000dc0)='!\x00', &(0x7f0000000e00)='::^$\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000e40)='^--)\x00', &(0x7f0000000e80)='@\'\'},\x00', &(0x7f0000000ec0)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000f00)='\x00', &(0x7f0000000f40)='\'(k$#,-.$\x00', &(0x7f0000000f80)='\xa9]\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000fc0)='\x00', &(0x7f0000001000)='{#\x00', &(0x7f0000001040)='$%\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001080)='*\x00', &(0x7f00000010c0)='\xc0*&-/\x00', &(0x7f0000001100)='\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001080)='*\x00', &(0x7f00000010c0)='\xc0*&-/\x00', &(0x7f0000001100)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001140)='\x00', &(0x7f0000001180)='\x00', &(0x7f00000011c0)='#\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001140)='\x00', &(0x7f0000001180)='\x00', &(0x7f00000011c0)='#\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001200)='\x00', &(0x7f0000001240)='\x00', &(0x7f0000001280)='.)#$}@\\\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000012c0)='\x00', &(0x7f0000001300)='\x00', &(0x7f0000001340)='{#\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001380)='\xc0*&-/\x00', &(0x7f00000013c0)='$.$%.\x14\xc3&\x00', &(0x7f0000001400)='\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001380)='\xc0*&-/\x00', &(0x7f00000013c0)='$.$%.\x14\xc3&\x00', &(0x7f0000001400)='\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001440)='[!{\x00', &(0x7f0000001480)='+#\x00', &(0x7f00000014c0)='!\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001440)='[!{\x00', &(0x7f0000001480)='+#\x00', &(0x7f00000014c0)='!\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001500)='$.$%.\x14\xc3&\x00', &(0x7f0000001540)='@\x00', &(0x7f0000001580)='@\'\'},\x00', 0xfffffffffffffffb) (async) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000001500)='$.$%.\x14\xc3&\x00', &(0x7f0000001540)='@\x00', &(0x7f0000001580)='@\'\'},\x00', 0xfffffffffffffffb) request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000015c0)='\'\x00', &(0x7f0000001600)=']%#\x00', &(0x7f0000001640)='9!\x00', 0xfffffffffffffffb) 48.819537ms ago: executing program 2 (id=1453): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(0x0, 0xd02, 0xc3) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="88050020", @ANYRES16=0x0, @ANYBLOB="200027bd7000ffdbdf250f0000005b053300afa6e0335f4a2c0c9b03ed037529ed1f8c19df0534c0c618363857d371dfe3575f074ed09281c32a0f2392027bee6d0506bdc9f52f16c9cddce2ee2bf411b5c37071c69297cbc252870e10ae089076ebd6ce5e42336573f7457224fb6e4d5cbc4b2847351ae8b9723b261b5876aa693b1f99786a8aff10d220aadda3c7f68a53903dbf2891b524fb9d9f1935f6873af22229e32a71276fac61cfbb99a0e9896735a111f46a73d9141b874444d253c3bcc98c2eddc451cb222af5ff8bdf0222e89524e44e1550d57f65061818b2e64ed23cbadd4cd35c4e675a6c76c93487649d5e120e876eef7d33bda62ec8ff4194ac957e81ef9aea0f96d44b4d7d28d0a90f3f3f1ab2302188a33eba4baeb8a36328ff04c2f77de5f5c1a202b358ced0d7ea41158c3745dc867e377ecadeccfcd5b8b519bef4dabe08dc5d923fb1a0bcfb63eb4c8e2143c4d2132e5e9c82712afab78723dc43d092eeb8a1bf619dd7d7c27b9785b953d4506d0d5207f3e8b76284b7749045ca2b5f062013c53f35be3e4489a1b8e3232314c86fbe18a58751f0b58219c53c1907daa47745badd8947431a66134913519262c65969aae0a78e040810ad130354b65c729754e9af226114904d39c5b24eaf02702067fdae7ae01c7fb58aa834b3d815caabb1761ba0d83cf8d53502a268b63fc3501fb67ded5c1b1482367ee4f5214303dc652abe046ce1abf20a3f49e1036026d77c132d332e98878ea17bd994e882becd6fc52d9fd91260ef25c204390f2c88c9e8cccd2d3f51bb9a93f0765f02dd8422bd3715b1205811f72ef91397fd5ab58f60cd10542ef3fa257e6cb0c311287b1af50dac0fb5614eaa5e67563c8efd9e89bb8fc2d7c6c4f64e95768bed149a69a345aadb64c89bb9e4bec361d74bef891543a5c8ba242c434b476bad123aece2a552ad43999907b425f4df57d3e4ca2c2b865568e619be2ef134718b47b6055a0bcc8ea64ff4ebc05339f5481e3c6fceadbd6f4126ccca4fb0e6b2303c4ec0d591cb45a076706a700ff34ad1c569fd11674bcbab1228132f1bfe192d138f25ec2520da501ed6e583492447734f69fa581e64a96f90582f9d757e391c0d33ce8250cc7c9e0d3651801cb285c9eee5bd0224d388dddf8527e49ca9030fd7955e93e3365f9602b4a4ef1aaca177e44e7f1142c8ec0015f2b505a775afe9ae820df18adaad4b3924d8033965991fe1e59acbbad440bc64b3198a4eae215fd32283be418b6ee791a89eaf386422aed1ca9a18a0220f88a7609d536ffd7db73c9654cbe7a7835668771f8f2f98d58cf1d60cff1004ee2fb4c394bf3b48d0232866d382ceeae8f340bddb3ac677edc560982312ac13bf765db179a235e47ec0747d428fe273fda500641154f168cad55351172f93a970ccf26626ec89d52f64d89f0d7456212854f35542794264126abf75567f56cf0081de22def6305d279b2aabdb91ac0813ccd0a4e87dd63b3188cc10a3eee94e7af67e2ab5070bc5e639a204af69b49aef29b61c7efd1a9f4b6bc51659aeb399b34cf21dc827259991979828515c776d86f06cf69ea710e6be91ec0ea9e46e9d08e07ad2ab67a4b43e2d0763a4673a8002df95761309b011b25a6effab4da60e599c27e263394328da81b0af4ebcd6d838c1a9ff729482681115b4964be42bb4b8d8855c71450e9c48999e195227f41eb0fde516123e1da39f0db125045c3e5dadbfba05b329cf3d02dbd9fa01c75856ee233ef96b5e61f845560c640758d3883bb7ca2da85c9c5c15dc0f4033bc8140ec0965f91a4be0692c0348a3cc38fbac8a0e6db18433aeb3f05921c5cf614be4754f76c9e3323026a646d89a7a894e1b493a999af49864886b6ed68ce635ba2eeff167e99ac5fa5696aca29f1517b47f460151ca4b9afb34cc5ffbeb037e000800a500080000000600f7000e0900000800620007000000"], 0x588}, 0x1, 0x0, 0x0, 0x48010}, 0x20000800) mmap$auto(0x7, 0x3ff, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) pwrite64$auto(r3, &(0x7f0000000040)='.\'*&\x04!\x00', 0x1, 0x8) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, 0xffffffffffffffff, 0x28000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="4401000036239b708d95fedac376436ecd767b8fb10968396acb7e3ad116ea0ca4fbbd560e705901d6d07bdce43191db9fc41ef4bff03095288a8b381233213db537f029685d827355927d66ff00c8b2cb6a475dd8ba3f9c17527e64f2a2025ce5d01be3a9b393664265e1b842b862d672b1581013f188e08b3e9c8079df0fb636c171b940825774b4d5000200000000000070961b948446dcda4b882d89bcd1290000000000", @ANYRES16=r1, @ANYRES16=r2, @ANYRES32=r6, @ANYBLOB="28946d2eba5858d400d8e6fad7f195302365255ab025728c2eef97c7726c5b5097b622675b02446c45a4500700f0259871b44534a73eaf2cc4a9d73243099364fd2bc439d820fd066a90c9e69ccd12828da6cb68785c999a2fde8ffd62a0806564c3237b4c7d00009c5b1ced6344017a3d02bac9e560692fd5517b6baff3e8cdbcf40e6057a87a94758d00000000000000000000000000000000008ba32cefd7608351e384b0b396feb96565a16efa26e308766c7535fd076b8805"], 0x144}, 0x1, 0x0, 0x0, 0x4040085}, 0x4000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 47.34373ms ago: executing program 3 (id=1454): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r1, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) 0s ago: executing program 1 (id=1455): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) get_robust_list$auto(0x0, 0x0, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x4c0800, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x16bb02, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) socketpair$auto(0x824, 0x4, 0xda, &(0x7f0000000800)=0x26) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x100, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x0, 0x3, 0x15f4da07, 0x8, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x200000000008]}, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) close_range$auto(0x2, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) r5 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000005c0), r4) sendmsg$auto_SMC_NETLINK_REMOVE_UEID(r1, &(0x7f00000007c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000600)=ANY=[@ANYBLOB="7c010000", @ANYRES16=r5, @ANYBLOB="080029bd7000fcdbdf250b00000096000000572e4f7fe08db93ccb9fd6c418135cde259bc1e502051caeafd2554c7c5cc25c1f81ce576e25645abed0dde5ab732e44f92854970beafbbf97cd845a1b2e9b9bcadcef77bb821319652e790d23ff2361e71d91b6403397a53f3146750119123634aee6094d7a3767081bc4311631620ae7e6b5b798dd7b3bb9df44afbaa03f49fbef0bd3e7cb9576f24768e3972bf5de79210000cf00000009c7abfdd372376f23220d52c82d8f6aaade0a602f1519561b157b6075844f27e4bb1e718c725e6205e3bd5edf66be5d65bbbe04f636adf663f74c0333cfe41b1372e8829152d795a608bf3d3d254f4289abb9ec7dda005d0793d87cf7015870386222c6d9c0d3fdfbc33813ebc9e0d2ea24f308b9bddb625d4713a8957b928843d7cd7cda9ae4837afc8b178ca64ad00eade38e66c81060b5c49bf857a8c755e975ee3024d40441277948d2650746dbae9b7046b20b55e3b2d84bdcce832c2ebff700cde2e69f3ce7819800"], 0x17c}, 0x1, 0x0, 0x0, 0x40}, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) select$auto(0x5, &(0x7f0000000140)={[0xdbc, 0xb03, 0xbb2f, 0x5, 0x0, 0x9, 0xffffffffffffffff, 0xd, 0xa94c, 0xc, 0x5e, 0x0, 0xfffffffffffffffc, 0x6, 0x1000000000001, 0x9]}, &(0x7f0000000440)={[0x3, 0x4, 0xc2, 0x27a278eb, 0x79a8, 0x9, 0x4, 0x4, 0x55, 0x2, 0x3, 0x5, 0x7, 0x6, 0x0, 0x100000001]}, &(0x7f0000000540)={[0x200, 0x9, 0xd6, 0xc, 0x7, 0xe, 0x8, 0xd0af, 0xc, 0x3, 0x4, 0x4, 0x8, 0x1000, 0xffffffffffffffff, 0x6]}, &(0x7f00000001c0)={0x7, 0x24d30201}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x4, 0x100000001, 0x9, 0x6, 0x1ff, 0x100000000, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x4000000000000008, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0x8001, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0x1000, 0x80000001, 0x1]}, &(0x7f0000000380)={[0x8000000000000005, 0x5, 0x1001, 0x10001, 0xe, 0xf, 0x20004, 0x3, 0x59fc8000, 0x6, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x10006, 0xcc}) kernel console output (not intermixed with test programs): Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 198.830001][ T7330] Call Trace: [ 198.830011][ T7330] [ 198.830023][ T7330] dump_stack_lvl+0x16c/0x1f0 [ 198.830073][ T7330] should_fail_ex+0x512/0x640 [ 198.830116][ T7330] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 198.830165][ T7330] should_failslab+0xc2/0x120 [ 198.830203][ T7330] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 198.830249][ T7330] ? security_file_alloc+0x34/0x2b0 [ 198.830297][ T7330] security_file_alloc+0x34/0x2b0 [ 198.830336][ T7330] init_file+0x93/0x4c0 [ 198.830367][ T7330] alloc_empty_file+0x73/0x1e0 [ 198.830400][ T7330] alloc_file_pseudo+0x13a/0x230 [ 198.830435][ T7330] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 198.830468][ T7330] ? alloc_fd+0x471/0x7d0 [ 198.830515][ T7330] sock_alloc_file+0x50/0x210 [ 198.830547][ T7330] __sys_socket+0x1c0/0x260 [ 198.830584][ T7330] ? __pfx___sys_socket+0x10/0x10 [ 198.830620][ T7330] ? xfd_validate_state+0x61/0x180 [ 198.830670][ T7330] __x64_sys_socket+0x72/0xb0 [ 198.830704][ T7330] ? lockdep_hardirqs_on+0x7c/0x110 [ 198.830747][ T7330] do_syscall_64+0xcd/0x490 [ 198.830797][ T7330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.830826][ T7330] RIP: 0033:0x7f9d64b8e929 [ 198.830849][ T7330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.830876][ T7330] RSP: 002b:00007f9d65a25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 198.830904][ T7330] RAX: ffffffffffffffda RBX: 00007f9d64db5fa0 RCX: 00007f9d64b8e929 [ 198.830923][ T7330] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 0000000000000010 [ 198.830939][ T7330] RBP: 00007f9d64c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 198.830956][ T7330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.830973][ T7330] R13: 0000000000000000 R14: 00007f9d64db5fa0 R15: 00007fff89c6c658 [ 198.831012][ T7330] [ 199.528758][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.536097][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.199379][ T7350] netlink: 28 bytes leftover after parsing attributes in process `syz.3.263'. [ 201.007244][ T7369] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 201.396178][ T7371] Bluetooth: Can't allocate semaphore structure [ 201.483239][ T7371] Falling back ldisc for ttyS2. [ 205.939145][ T7440] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[7440] [ 206.292415][ T7454] ======================================================= [ 206.292415][ T7454] WARNING: The mand mount option has been deprecated and [ 206.292415][ T7454] and is ignored by this kernel. Remove the mand [ 206.292415][ T7454] option from the mount to silence this warning. [ 206.292415][ T7454] ======================================================= [ 207.635541][ T7483] netlink: 338 bytes leftover after parsing attributes in process `syz.3.291'. [ 210.229112][ T7519] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 216.219514][ T7595] openvswitch: netlink: Flow key attribute not present in set flow. [ 216.269621][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.310'. [ 216.404942][ T7600] openvswitch: netlink: Flow actions attr not present in new flow. [ 219.737744][ T7653] FAULT_INJECTION: forcing a failure. [ 219.737744][ T7653] name failslab, interval 1, probability 0, space 0, times 0 [ 219.752942][ T7653] CPU: 1 UID: 0 PID: 7653 Comm: syz.1.322 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 219.752992][ T7653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 219.753010][ T7653] Call Trace: [ 219.753021][ T7653] [ 219.753032][ T7653] dump_stack_lvl+0x16c/0x1f0 [ 219.753085][ T7653] should_fail_ex+0x512/0x640 [ 219.753127][ T7653] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 219.753181][ T7653] should_failslab+0xc2/0x120 [ 219.753210][ T7653] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 219.753256][ T7653] ? __pfx_proc_create_net_data+0x10/0x10 [ 219.753305][ T7653] ? nf_log_net_init+0x9f/0x450 [ 219.753337][ T7653] ? __pfx_nf_log_net_init+0x10/0x10 [ 219.753366][ T7653] kmemdup_noprof+0x29/0x60 [ 219.753411][ T7653] nf_log_net_init+0x9f/0x450 [ 219.753442][ T7653] ? __pfx_nf_log_net_init+0x10/0x10 [ 219.753472][ T7653] ops_init+0x1e2/0x5f0 [ 219.753505][ T7653] setup_net+0x1ff/0x510 [ 219.753531][ T7653] ? lockdep_init_map_type+0x5c/0x280 [ 219.753572][ T7653] ? __pfx_setup_net+0x10/0x10 [ 219.753603][ T7653] ? debug_mutex_init+0x37/0x70 [ 219.753637][ T7653] copy_net_ns+0x2a6/0x5f0 [ 219.753674][ T7653] create_new_namespaces+0x3ea/0xa90 [ 219.753716][ T7653] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 219.753753][ T7653] ksys_unshare+0x45b/0xa40 [ 219.753792][ T7653] ? __pfx_ksys_unshare+0x10/0x10 [ 219.753832][ T7653] ? xfd_validate_state+0x61/0x180 [ 219.753884][ T7653] __x64_sys_unshare+0x31/0x40 [ 219.753920][ T7653] do_syscall_64+0xcd/0x490 [ 219.753978][ T7653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.754009][ T7653] RIP: 0033:0x7f9d64b8e929 [ 219.754034][ T7653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.754062][ T7653] RSP: 002b:00007f9d65a25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 219.754091][ T7653] RAX: ffffffffffffffda RBX: 00007f9d64db5fa0 RCX: 00007f9d64b8e929 [ 219.754111][ T7653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 219.754128][ T7653] RBP: 00007f9d64c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 219.754146][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.754163][ T7653] R13: 0000000000000000 R14: 00007f9d64db5fa0 R15: 00007fff89c6c658 [ 219.754204][ T7653] [ 220.648952][ T7660] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 223.423363][ T7717] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(17) [ 223.523073][ T7721] netlink: 'syz.2.338': attribute type 3 has an invalid length. [ 224.185675][ T7728] FAULT_INJECTION: forcing a failure. [ 224.185675][ T7728] name failslab, interval 1, probability 0, space 0, times 0 [ 224.216330][ T7728] CPU: 0 UID: 0 PID: 7728 Comm: syz.2.340 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 224.216358][ T7728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 224.216369][ T7728] Call Trace: [ 224.216375][ T7728] [ 224.216382][ T7728] dump_stack_lvl+0x16c/0x1f0 [ 224.216415][ T7728] should_fail_ex+0x512/0x640 [ 224.216441][ T7728] ? __kvmalloc_node_noprof+0x124/0x620 [ 224.216470][ T7728] should_failslab+0xc2/0x120 [ 224.216487][ T7728] __kvmalloc_node_noprof+0x137/0x620 [ 224.216513][ T7728] ? __pfx___mutex_lock+0x10/0x10 [ 224.216541][ T7728] ? traverse.part.0.constprop.0+0x392/0x640 [ 224.216569][ T7728] ? traverse.part.0.constprop.0+0x392/0x640 [ 224.216591][ T7728] traverse.part.0.constprop.0+0x392/0x640 [ 224.216616][ T7728] ? aa_file_perm+0x4c7/0xfb0 [ 224.216644][ T7728] seq_read_iter+0x932/0x12c0 [ 224.216676][ T7728] seq_read+0x39e/0x4e0 [ 224.216698][ T7728] ? __pfx_seq_read+0x10/0x10 [ 224.216720][ T7728] ? get_pid_task+0xfc/0x250 [ 224.216761][ T7728] ? rw_verify_area+0xcf/0x680 [ 224.216783][ T7728] ? __pfx_seq_read+0x10/0x10 [ 224.216805][ T7728] vfs_read+0x1e1/0xc60 [ 224.216835][ T7728] ? __pfx_vfs_read+0x10/0x10 [ 224.216858][ T7728] ? find_held_lock+0x2b/0x80 [ 224.216876][ T7728] ? __fget_files+0x204/0x3c0 [ 224.216904][ T7728] ? __fget_files+0x20e/0x3c0 [ 224.216926][ T7728] ? __fget_files+0x130/0x3c0 [ 224.216956][ T7728] __x64_sys_pread64+0x1eb/0x250 [ 224.216983][ T7728] ? __pfx___x64_sys_pread64+0x10/0x10 [ 224.217017][ T7728] do_syscall_64+0xcd/0x490 [ 224.217048][ T7728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.217067][ T7728] RIP: 0033:0x7f2ab3d8e929 [ 224.217081][ T7728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.217098][ T7728] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 224.217116][ T7728] RAX: ffffffffffffffda RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 224.217127][ T7728] RDX: 0000000000000001 RSI: 0000200000003600 RDI: 0000000000000003 [ 224.217137][ T7728] RBP: 00007f2ab4ca6090 R08: 0000000000000000 R09: 0000000000000000 [ 224.217147][ T7728] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 224.217157][ T7728] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 224.217179][ T7728] [ 224.914284][ T7732] random: crng reseeded on system resumption                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      getty: ttyS0: read error: Resource temporarily unavailable [ 284.459901][ T8634] ptrace attach of "./syz-executor exec"[8642] was attempted by "./syz-executor exec"[8634] [ 284.659143][ T8649] ubi0: attaching mtd0 [ 284.685572][ T8649] ubi0: scanning is finished [ 284.737418][ T8649] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 285.027618][ T8649] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 286.237279][ T8660] mkiss: ax0: crc mode is auto. [ 287.496982][ T8691] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.261403][ T8722] could not allocate digest TFM handle [ 289.866574][ T8722] could not allocate digest TFM handle [ 290.803490][ T8732] netlink: 28 bytes leftover after parsing attributes in process `syz.3.553'. [ 291.014174][ T8722] could not allocate digest TFM handle [ 291.230092][ T8744] Process accounting resumed syzkaller syzkaller login: [ 298.510773][ T8855] capability: warning: `syz.1.577' uses 32-bit capabilities (legacy support in use) [ 299.430756][ T8873] netlink: 130 bytes leftover after parsing attributes in process `syz.2.581'. [ 300.996434][ T8896] FAULT_INJECTION: forcing a failure. [ 300.996434][ T8896] name failslab, interval 1, probability 0, space 0, times 0 [ 301.067390][ T8896] CPU: 1 UID: 0 PID: 8896 Comm: syz.3.586 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 301.067436][ T8896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 301.067456][ T8896] Call Trace: [ 301.067466][ T8896] [ 301.067477][ T8896] dump_stack_lvl+0x16c/0x1f0 [ 301.067531][ T8896] should_fail_ex+0x512/0x640 [ 301.067572][ T8896] ? __kmalloc_noprof+0xbf/0x510 [ 301.067618][ T8896] ? landlock_init_hierarchy_log+0x17f/0x810 [ 301.067656][ T8896] should_failslab+0xc2/0x120 [ 301.067685][ T8896] __kmalloc_noprof+0xd2/0x510 [ 301.067738][ T8896] landlock_init_hierarchy_log+0x17f/0x810 [ 301.067784][ T8896] landlock_merge_ruleset+0x6e1/0x870 [ 301.067834][ T8896] ? prepare_creds+0x583/0x7d0 [ 301.067880][ T8896] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 301.067933][ T8896] do_syscall_64+0xcd/0x490 [ 301.067982][ T8896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.068020][ T8896] RIP: 0033:0x7f27ea98e929 [ 301.068044][ T8896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.068071][ T8896] RSP: 002b:00007f27eb746038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 301.068099][ T8896] RAX: ffffffffffffffda RBX: 00007f27eabb5fa0 RCX: 00007f27ea98e929 [ 301.068118][ T8896] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 301.068135][ T8896] RBP: 00007f27eaa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 301.068153][ T8896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.068170][ T8896] R13: 0000000000000000 R14: 00007f27eabb5fa0 R15: 00007ffeb18a9d18 [ 301.068210][ T8896] [ 302.888568][ T8947] ubi0: attaching mtd0 [ 302.897066][ T8947] ubi0: scanning is finished [ 302.901786][ T8947] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 302.981860][ T8930] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 303.256129][ T8947] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 305.842966][ T8998] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 305.886787][ T8998] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 305.942634][ T8998] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 306.037209][ T8998] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 306.089441][ T8998] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 306.154331][ T9004] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 307.282371][ T9027] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 307.527596][ T9031] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 307.558027][ T9031] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 307.606617][ T9031] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 307.645157][ T9031] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 307.690445][ T9031] raw: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000 [ 307.755531][ T9031] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 307.807088][ T9031] head: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000 [ 307.857062][ T9031] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 307.868227][ T9031] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 307.881088][ T9031] page dumped because: unmovable page [ 307.886881][ T9031] page_owner tracks the page as allocated [ 307.923367][ T9031] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5684, tgid 5684 (sftp-server), ts 77713216576, free_ts 33508134186 [ 307.942829][ T5153] Bluetooth: hci1: command 0x0c1a tx timeout [ 307.942898][ T5153] Bluetooth: hci0: command 0x0c1a tx timeout [ 308.092341][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 308.125116][ T9031] register_dummy_stack+0x89/0xd0 [ 308.149849][ T9031] init_page_owner+0x48/0x7e0 [ 308.155031][ T9031] page_ext_init+0x703/0xb00 [ 308.159789][ T9031] mm_core_init+0x13c/0x220 [ 308.164557][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 308.170707][ T9031] page last free pid 1 tgid 1 stack trace: [ 308.176713][ T9031] __free_frozen_pages+0x7fe/0x1180 [ 308.182094][ T9031] free_contig_range+0x183/0x4b0 [ 308.187199][ T9031] destroy_args+0x7f6/0xa60 [ 308.191941][ T9031] debug_vm_pgtable+0x13b8/0x2d00 [ 308.197328][ T9031] do_one_initcall+0x120/0x6e0 [ 308.202192][ T9031] kernel_init_freeable+0x5c2/0x900 [ 308.208789][ T9031] kernel_init+0x1c/0x2b0 [ 308.213393][ T9031] ret_from_fork+0x5d7/0x6f0 [ 308.218064][ T9031] ret_from_fork_asm+0x1a/0x30 [ 308.648632][ T9034] net_ratelimit: 20 callbacks suppressed [ 308.648657][ T9034] netlink: zone id is out of range [ 308.685920][ T9034] netlink: zone id is out of range [ 308.775647][ T9034] netlink: set zone limit has 8 unknown bytes [ 309.455309][ T9063] netlink: 4 bytes leftover after parsing attributes in process `syz.0.617'. [ 309.533992][ T9063] netlink: 5 bytes leftover after parsing attributes in process `syz.0.617'. [ 309.605765][ T9063] netlink: 16 bytes leftover after parsing attributes in process `syz.0.617'. [ 309.827822][ T9071] FAULT_INJECTION: forcing a failure. [ 309.827822][ T9071] name failslab, interval 1, probability 0, space 0, times 0 [ 309.840701][ T9071] CPU: 1 UID: 0 PID: 9071 Comm: syz.3.614 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 309.840743][ T9071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.840761][ T9071] Call Trace: [ 309.840769][ T9071] [ 309.840780][ T9071] dump_stack_lvl+0x16c/0x1f0 [ 309.840829][ T9071] should_fail_ex+0x512/0x640 [ 309.840911][ T9071] ? __kvmalloc_node_noprof+0x124/0x620 [ 309.840958][ T9071] should_failslab+0xc2/0x120 [ 309.840987][ T9071] __kvmalloc_node_noprof+0x137/0x620 [ 309.841028][ T9071] ? io_uring_setup+0x377/0x2080 [ 309.841076][ T9071] ? io_uring_setup+0x377/0x2080 [ 309.841111][ T9071] io_uring_setup+0x377/0x2080 [ 309.841153][ T9071] ? __pfx_io_uring_setup+0x10/0x10 [ 309.841191][ T9071] ? do_futex+0x122/0x350 [ 309.841229][ T9071] ? __pfx_do_futex+0x10/0x10 [ 309.841262][ T9071] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 309.841341][ T9071] ? xfd_validate_state+0x61/0x180 [ 309.841379][ T9071] ? __pfx_do_writev+0x10/0x10 [ 309.841429][ T9071] __x64_sys_io_uring_setup+0xc2/0x170 [ 309.841471][ T9071] do_syscall_64+0xcd/0x490 [ 309.841523][ T9071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.841553][ T9071] RIP: 0033:0x7f27ea98e929 [ 309.841579][ T9071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.841609][ T9071] RSP: 002b:00007f27e83d3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 309.841640][ T9071] RAX: ffffffffffffffda RBX: 00007f27eabb6240 RCX: 00007f27ea98e929 [ 309.841659][ T9071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 309.841676][ T9071] RBP: 00007f27eaa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 309.841694][ T9071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.841712][ T9071] R13: 0000000000000000 R14: 00007f27eabb6240 R15: 00007ffeb18a9d18 [ 309.841751][ T9071] [ 310.031848][ C1] vkms_vblank_simulate: vblank timer overrun [ 310.037983][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 311.800346][ T9088] sd 0:0:1:0: PR command failed: 1026 [ 312.086301][ T9088] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 312.098150][ T9088] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 312.228630][ T9088] Setting dangerous option i915.mitigations - tainting kernel [ 316.146585][ T9149] random: crng reseeded on system resumption [ 317.091577][ T9173] netlink: 504 bytes leftover after parsing attributes in process `syz.3.638'. [ 318.956789][ T9201] netlink: 28 bytes leftover after parsing attributes in process `syz.1.642'. [ 320.506996][ T9220] netlink: 504 bytes leftover after parsing attributes in process `syz.0.646'. [ 322.393525][ T5831] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 322.412036][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.419709][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.524871][ T30] audit: type=1326 audit(6045574038.598:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9253 comm="syz.2.654" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2ab3d8e929 code=0x0 [ 322.540118][ T9236] Process accounting paused [ 322.584971][ T9261] netlink: 28 bytes leftover after parsing attributes in process `syz.2.654'. [ 323.140812][ T5831] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 324.441102][ T9305] FAULT_INJECTION: forcing a failure. [ 324.441102][ T9305] name failslab, interval 1, probability 0, space 0, times 0 [ 324.454234][ T9305] CPU: 0 UID: 0 PID: 9305 Comm: syz.2.663 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 324.454284][ T9305] Tainted: [U]=USER [ 324.454294][ T9305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 324.454311][ T9305] Call Trace: [ 324.454322][ T9305] [ 324.454334][ T9305] dump_stack_lvl+0x16c/0x1f0 [ 324.454386][ T9305] should_fail_ex+0x512/0x640 [ 324.454427][ T9305] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 324.454476][ T9305] should_failslab+0xc2/0x120 [ 324.454503][ T9305] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 324.454547][ T9305] ? __d_alloc+0x31/0xaa0 [ 324.454599][ T9305] __d_alloc+0x31/0xaa0 [ 324.454652][ T9305] d_alloc_pseudo+0x1c/0xc0 [ 324.454686][ T9305] alloc_file_pseudo+0xcf/0x230 [ 324.454721][ T9305] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 324.454778][ T9305] __shmem_file_setup+0x1a3/0x330 [ 324.454823][ T9305] shmem_zero_setup+0x93/0x1a0 [ 324.454872][ T9305] __mmap_region+0x1ece/0x25e0 [ 324.454925][ T9305] ? __pfx___mmap_region+0x10/0x10 [ 324.454971][ T9305] ? rcu_is_watching+0x12/0xc0 [ 324.455011][ T9305] ? rcu_is_watching+0x12/0xc0 [ 324.455040][ T9305] ? trace_sched_exit_tp+0xde/0x130 [ 324.455075][ T9305] ? __schedule+0x1181/0x5de0 [ 324.455148][ T9305] ? __pfx___schedule+0x10/0x10 [ 324.455252][ T9305] ? trace_cap_capable+0x18d/0x200 [ 324.455318][ T9305] mmap_region+0x1ab/0x3f0 [ 324.455364][ T9305] ? __get_unmapped_area+0x267/0x440 [ 324.455404][ T9305] do_mmap+0xa3e/0x1210 [ 324.455448][ T9305] ? __pfx_do_mmap+0x10/0x10 [ 324.455482][ T9305] ? __pfx_down_write_killable+0x10/0x10 [ 324.455524][ T9305] vm_mmap_pgoff+0x281/0x450 [ 324.455564][ T9305] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 324.455607][ T9305] ? __x64_sys_futex+0x1e0/0x4c0 [ 324.455642][ T9305] ? __x64_sys_futex+0x1e9/0x4c0 [ 324.455684][ T9305] ksys_mmap_pgoff+0x7d/0x5c0 [ 324.455715][ T9305] ? xfd_validate_state+0x61/0x180 [ 324.455751][ T9305] ? __pfx_ksys_write+0x10/0x10 [ 324.455808][ T9305] __x64_sys_mmap+0x125/0x190 [ 324.455855][ T9305] do_syscall_64+0xcd/0x490 [ 324.455905][ T9305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.455935][ T9305] RIP: 0033:0x7f2ab3d8e929 [ 324.455960][ T9305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.455989][ T9305] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 324.456018][ T9305] RAX: ffffffffffffffda RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 324.456037][ T9305] RDX: 00000000000001ff RSI: 0000000000020004 RDI: 0000000000000000 [ 324.456054][ T9305] RBP: 00007f2ab3e10b39 R08: 8000000000000024 R09: 0000000000008000 [ 324.456072][ T9305] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 324.456089][ T9305] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 324.456129][ T9305] [ 324.743995][ C0] vkms_vblank_simulate: vblank timer overrun [ 325.387690][ T9317] FAULT_INJECTION: forcing a failure. [ 325.387690][ T9317] name failslab, interval 1, probability 0, space 0, times 0 [ 325.405640][ T9317] CPU: 0 UID: 0 PID: 9317 Comm: syz.0.665 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 325.405691][ T9317] Tainted: [U]=USER [ 325.405701][ T9317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 325.405718][ T9317] Call Trace: [ 325.405728][ T9317] [ 325.405740][ T9317] dump_stack_lvl+0x16c/0x1f0 [ 325.405791][ T9317] should_fail_ex+0x512/0x640 [ 325.405832][ T9317] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 325.405882][ T9317] should_failslab+0xc2/0x120 [ 325.405910][ T9317] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 325.405953][ T9317] ? kmem_cache_free+0x2d1/0x4d0 [ 325.405994][ T9317] ? getname_kernel+0x52/0x370 [ 325.406037][ T9317] getname_kernel+0x52/0x370 [ 325.406071][ T9317] do_file_open_root+0x19d/0x610 [ 325.406120][ T9317] ? __pfx_do_file_open_root+0x10/0x10 [ 325.406206][ T9317] ? vsnprintf+0x318/0x1160 [ 325.406255][ T9317] file_open_root+0x2a7/0x450 [ 325.406304][ T9317] ? __pfx_file_open_root+0x10/0x10 [ 325.406345][ T9317] ? find_held_lock+0x2b/0x80 [ 325.406380][ T9317] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 325.406426][ T9317] kernel_read_file_from_path_initns+0x189/0x260 [ 325.406465][ T9317] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 325.406496][ T9317] ? trace_kmem_cache_alloc+0x28/0xc0 [ 325.406531][ T9317] ? _request_firmware+0x503/0x1470 [ 325.406579][ T9317] _request_firmware+0x744/0x1470 [ 325.406638][ T9317] ? __pfx__request_firmware+0x10/0x10 [ 325.406706][ T9317] request_firmware+0x35/0x50 [ 325.406747][ T9317] valid_regdb+0x188/0x590 [ 325.406780][ T9317] ? __pfx___mutex_lock+0x10/0x10 [ 325.406827][ T9317] ? __pfx_valid_regdb+0x10/0x10 [ 325.406871][ T9317] reg_reload_regdb+0x11e/0x460 [ 325.406908][ T9317] ? __pfx_reg_reload_regdb+0x10/0x10 [ 325.406947][ T9317] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 325.406991][ T9317] ? nl80211_pre_doit+0x1b0/0xb10 [ 325.407050][ T9317] genl_family_rcv_msg_doit+0x206/0x2f0 [ 325.407093][ T9317] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 325.407130][ T9317] ? rcu_is_watching+0x12/0xc0 [ 325.407175][ T9317] ? bpf_lsm_capable+0x9/0x10 [ 325.407211][ T9317] ? security_capable+0x7e/0x260 [ 325.407268][ T9317] genl_rcv_msg+0x55c/0x800 [ 325.407313][ T9317] ? __pfx_genl_rcv_msg+0x10/0x10 [ 325.407352][ T9317] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 325.407395][ T9317] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 325.407428][ T9317] ? __pfx_nl80211_post_doit+0x10/0x10 [ 325.407484][ T9317] netlink_rcv_skb+0x155/0x420 [ 325.407515][ T9317] ? __pfx_genl_rcv_msg+0x10/0x10 [ 325.407555][ T9317] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 325.407606][ T9317] ? netlink_deliver_tap+0x1ae/0xd30 [ 325.407644][ T9317] genl_rcv+0x28/0x40 [ 325.407677][ T9317] netlink_unicast+0x53a/0x7f0 [ 325.407715][ T9317] ? __pfx_netlink_unicast+0x10/0x10 [ 325.407761][ T9317] netlink_sendmsg+0x8d1/0xdd0 [ 325.407800][ T9317] ? __pfx_netlink_sendmsg+0x10/0x10 [ 325.407850][ T9317] ____sys_sendmsg+0xa95/0xc70 [ 325.407887][ T9317] ? copy_msghdr_from_user+0x10a/0x160 [ 325.407933][ T9317] ? __pfx_____sys_sendmsg+0x10/0x10 [ 325.407979][ T9317] ? __pfx_futex_wake_mark+0x10/0x10 [ 325.408037][ T9317] ___sys_sendmsg+0x134/0x1d0 [ 325.408086][ T9317] ? __pfx____sys_sendmsg+0x10/0x10 [ 325.408128][ T9317] ? __lock_acquire+0x622/0x1c90 [ 325.408233][ T9317] __sys_sendmsg+0x16d/0x220 [ 325.408282][ T9317] ? __pfx___sys_sendmsg+0x10/0x10 [ 325.408328][ T9317] ? __x64_sys_futex+0x1e0/0x4c0 [ 325.408398][ T9317] do_syscall_64+0xcd/0x490 [ 325.408450][ T9317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.408481][ T9317] RIP: 0033:0x7f3d2bd8e929 [ 325.408507][ T9317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.408535][ T9317] RSP: 002b:00007f3d2cca6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 325.408564][ T9317] RAX: ffffffffffffffda RBX: 00007f3d2bfb5fa0 RCX: 00007f3d2bd8e929 [ 325.408583][ T9317] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 325.408601][ T9317] RBP: 00007f3d2be10b39 R08: 0000000000000000 R09: 0000000000000000 [ 325.408618][ T9317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.408635][ T9317] R13: 0000000000000000 R14: 00007f3d2bfb5fa0 R15: 00007fffe8c159b8 [ 325.408676][ T9317] [ 325.408833][ T9317] platform regulatory.0: loading /lib/firmware/updates/regulatory.db.p7s failed with error -12 [ 325.673467][ T9325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.666'. [ 325.925709][ T9317] syz.0.665 (9317) used greatest stack depth: 19800 bytes left [ 328.535027][ T9377] bond0: option all_slaves_active: invalid value () syzkaller syzkaller login: [ 331.318260][ T9420] netlink: 28 bytes leftover after parsing attributes in process `syz.2.685'. [ 331.723337][ T9420] bond0: (slave bond_slave_1): Releasing backup interface [ 332.383792][ T9430] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 332.395834][ T9430] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 332.413854][ T9430] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 332.486142][ T9430] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 332.527018][ T9430] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 333.678869][ T9466] ima: policy update failed [ 333.700076][ T30] audit: type=1802 audit(4294967311.014:14): pid=9466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.694" res=0 errno=0 [ 333.928091][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 334.100639][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880334d3800: rx timeout, send abort [ 334.110715][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880334d0c00: rx timeout, send abort [ 334.119159][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880334d3800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 334.134717][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880334d0c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 334.412276][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 334.498549][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 334.570054][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 335.154103][ T9494] netlink: 'syz.1.702': attribute type 11 has an invalid length. [ 335.162123][ T9494] netlink: 'syz.1.702': attribute type 11 has an invalid length. [ 336.491595][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 336.962045][ T9528] 0x000200000001-0xa29656a63616329 : "" [ 336.968161][ T9528] mtd: partition "" is out of reach -- disabled [ 337.026239][ T9528] ftl_cs: FTL header not found. [ 338.955893][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 338.999253][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.008706][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.034415][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.044580][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.057939][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.117500][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.245134][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.256341][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 339.267270][ T9565] netlink: 48 bytes leftover after parsing attributes in process `syz.3.717'. [ 341.517443][ T9614] Invalid ELF header magic: != ELF [ 343.899662][ T5831] Bluetooth: hci3: Malformed LE Event: 0x1d [ 344.330229][ T9672] program syz.0.743 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 346.661236][ T9712] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.901487][ T9800] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input17 [ 351.867676][ T9809] FAULT_INJECTION: forcing a failure. [ 351.867676][ T9809] name failslab, interval 1, probability 0, space 0, times 0 [ 351.880500][ T9809] CPU: 0 UID: 0 PID: 9809 Comm: syz.3.773 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 351.880549][ T9809] Tainted: [U]=USER [ 351.880559][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 351.880575][ T9809] Call Trace: [ 351.880585][ T9809] [ 351.880597][ T9809] dump_stack_lvl+0x16c/0x1f0 [ 351.880648][ T9809] should_fail_ex+0x512/0x640 [ 351.880690][ T9809] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 351.880740][ T9809] should_failslab+0xc2/0x120 [ 351.880768][ T9809] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 351.880813][ T9809] ? mas_alloc_nodes+0x18b/0x8b0 [ 351.880863][ T9809] mas_alloc_nodes+0x18b/0x8b0 [ 351.880915][ T9809] mas_node_count_gfp+0x105/0x130 [ 351.880961][ T9809] mas_preallocate+0x77b/0xda0 [ 351.880989][ T9809] ? __memcg_slab_post_alloc_hook+0x472/0x960 [ 351.881030][ T9809] ? __pfx_mas_preallocate+0x10/0x10 [ 351.881078][ T9809] ? anon_vma_name+0x75/0x100 [ 351.881119][ T9809] __split_vma+0x34a/0x1070 [ 351.881169][ T9809] ? __pfx___split_vma+0x10/0x10 [ 351.881241][ T9809] vms_gather_munmap_vmas+0x392/0x1310 [ 351.881295][ T9809] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 351.881344][ T9809] ? mas_walk+0x6a6/0x910 [ 351.881405][ T9809] __mmap_region+0x3c7/0x25e0 [ 351.881453][ T9809] ? __lock_acquire+0xb8a/0x1c90 [ 351.881499][ T9809] ? __pfx___mmap_region+0x10/0x10 [ 351.881559][ T9809] ? lock_acquire+0x179/0x350 [ 351.881598][ T9809] ? find_held_lock+0x2b/0x80 [ 351.881634][ T9809] ? mark_held_locks+0x49/0x80 [ 351.881672][ T9809] ? finish_task_switch.isra.0+0x221/0xc10 [ 351.881707][ T9809] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 351.881739][ T9809] ? rcu_is_watching+0x12/0xc0 [ 351.881767][ T9809] ? trace_sched_exit_tp+0xde/0x130 [ 351.881803][ T9809] ? __schedule+0x1181/0x5de0 [ 351.881908][ T9809] ? trace_cap_capable+0x18d/0x200 [ 351.881975][ T9809] mmap_region+0x1ab/0x3f0 [ 351.882019][ T9809] ? __get_unmapped_area+0x267/0x440 [ 351.882058][ T9809] do_mmap+0xa3e/0x1210 [ 351.882102][ T9809] ? __pfx_do_mmap+0x10/0x10 [ 351.882136][ T9809] ? __pfx_down_write_killable+0x10/0x10 [ 351.882165][ T9809] ? vfs_read+0x23b/0xc60 [ 351.882213][ T9809] vm_mmap_pgoff+0x281/0x450 [ 351.882254][ T9809] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 351.882298][ T9809] ? __x64_sys_futex+0x1e0/0x4c0 [ 351.882332][ T9809] ? __x64_sys_futex+0x1e9/0x4c0 [ 351.882375][ T9809] ksys_mmap_pgoff+0x7d/0x5c0 [ 351.882406][ T9809] ? xfd_validate_state+0x61/0x180 [ 351.882443][ T9809] ? __pfx_ksys_read+0x10/0x10 [ 351.882491][ T9809] __x64_sys_mmap+0x125/0x190 [ 351.882546][ T9809] do_syscall_64+0xcd/0x490 [ 351.882597][ T9809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.882626][ T9809] RIP: 0033:0x7f27ea98e929 [ 351.882650][ T9809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.882678][ T9809] RSP: 002b:00007f27eb746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 351.882707][ T9809] RAX: ffffffffffffffda RBX: 00007f27eabb5fa0 RCX: 00007f27ea98e929 [ 351.882726][ T9809] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 351.882742][ T9809] RBP: 00007f27eaa10b39 R08: fffffffffffffffa R09: 0000000000008000 [ 351.882760][ T9809] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 351.882777][ T9809] R13: 0000000000000000 R14: 00007f27eabb5fa0 R15: 00007ffeb18a9d18 [ 351.882817][ T9809] [ 352.712040][ T9819] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 353.157993][ T9780] Process accounting resumed [ 356.240043][ T9875] mkiss: ax0: crc mode is auto. [ 357.716241][ T9901] FAULT_INJECTION: forcing a failure. [ 357.716241][ T9901] name failslab, interval 1, probability 0, space 0, times 0 [ 357.729311][ T9901] CPU: 0 UID: 0 PID: 9901 Comm: syz.2.789 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 357.729357][ T9901] Tainted: [U]=USER [ 357.729366][ T9901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 357.729382][ T9901] Call Trace: [ 357.729402][ T9901] [ 357.729414][ T9901] dump_stack_lvl+0x16c/0x1f0 [ 357.729463][ T9901] should_fail_ex+0x512/0x640 [ 357.729502][ T9901] ? fs_reclaim_acquire+0xae/0x150 [ 357.729539][ T9901] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 357.729576][ T9901] should_failslab+0xc2/0x120 [ 357.729604][ T9901] __kmalloc_noprof+0xd2/0x510 [ 357.729654][ T9901] tomoyo_realpath_from_path+0xc2/0x6e0 [ 357.729699][ T9901] ? tomoyo_profile+0x47/0x60 [ 357.729750][ T9901] tomoyo_path_number_perm+0x245/0x580 [ 357.729782][ T9901] ? tomoyo_path_number_perm+0x237/0x580 [ 357.729816][ T9901] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 357.729853][ T9901] ? find_held_lock+0x2b/0x80 [ 357.729919][ T9901] ? find_held_lock+0x2b/0x80 [ 357.729945][ T9901] ? hook_file_ioctl_common+0x145/0x410 [ 357.729983][ T9901] ? __fget_files+0x20e/0x3c0 [ 357.730028][ T9901] security_file_ioctl+0x9b/0x240 [ 357.730065][ T9901] __x64_sys_ioctl+0xb7/0x210 [ 357.730102][ T9901] do_syscall_64+0xcd/0x490 [ 357.730149][ T9901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.730177][ T9901] RIP: 0033:0x7f2ab3d8e929 [ 357.730201][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.730228][ T9901] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.730255][ T9901] RAX: ffffffffffffffda RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 357.730273][ T9901] RDX: 0000200000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 357.730289][ T9901] RBP: 00007f2ab4ca6090 R08: 0000000000000000 R09: 0000000000000000 [ 357.730305][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 357.730321][ T9901] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 357.730360][ T9901] [ 358.110069][ T9901] ERROR: Out of memory at tomoyo_realpath_from_path. [ 358.216398][ T9907] FAULT_INJECTION: forcing a failure. [ 358.216398][ T9907] name failslab, interval 1, probability 0, space 0, times 0 [ 358.252132][ T9907] CPU: 1 UID: 0 PID: 9907 Comm: syz.0.790 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 358.252180][ T9907] Tainted: [U]=USER [ 358.252189][ T9907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 358.252205][ T9907] Call Trace: [ 358.252214][ T9907] [ 358.252226][ T9907] dump_stack_lvl+0x16c/0x1f0 [ 358.252273][ T9907] should_fail_ex+0x512/0x640 [ 358.252312][ T9907] ? __kmalloc_noprof+0xbf/0x510 [ 358.252356][ T9907] ? sk_prot_alloc+0x1a8/0x2a0 [ 358.252384][ T9907] should_failslab+0xc2/0x120 [ 358.252411][ T9907] __kmalloc_noprof+0xd2/0x510 [ 358.252475][ T9907] sk_prot_alloc+0x1a8/0x2a0 [ 358.252511][ T9907] sk_alloc+0x36/0xc20 [ 358.252553][ T9907] __netlink_create+0x5e/0x2c0 [ 358.252593][ T9907] ? __wake_up+0x3f/0x60 [ 358.252627][ T9907] netlink_create+0x39e/0x620 [ 358.252670][ T9907] ? __pfx_rtnetlink_bind+0x10/0x10 [ 358.252713][ T9907] __sock_create+0x338/0x8d0 [ 358.252754][ T9907] __sys_socket+0x14d/0x260 [ 358.252788][ T9907] ? __pfx___sys_socket+0x10/0x10 [ 358.252821][ T9907] ? xfd_validate_state+0x61/0x180 [ 358.252866][ T9907] __x64_sys_socket+0x72/0xb0 [ 358.252897][ T9907] ? lockdep_hardirqs_on+0x7c/0x110 [ 358.252936][ T9907] do_syscall_64+0xcd/0x490 [ 358.252982][ T9907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.253012][ T9907] RIP: 0033:0x7f3d2bd8e929 [ 358.253034][ T9907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.253059][ T9907] RSP: 002b:00007f3d2cca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 358.253085][ T9907] RAX: ffffffffffffffda RBX: 00007f3d2bfb5fa0 RCX: 00007f3d2bd8e929 [ 358.253103][ T9907] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000010 [ 358.253119][ T9907] RBP: 00007f3d2be10b39 R08: 0000000000000000 R09: 0000000000000000 [ 358.253136][ T9907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.253151][ T9907] R13: 0000000000000000 R14: 00007f3d2bfb5fa0 R15: 00007fffe8c159b8 [ 358.253189][ T9907] [ 361.141135][ T9974] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 363.485852][T10015] ubi0: attaching mtd0 [ 363.514228][T10015] ubi0: scanning is finished [ 363.541639][T10015] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 364.077158][T10015] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 364.219394][T10028] netlink: 'syz.0.811': attribute type 1 has an invalid length. [ 365.319075][T10037] __nla_validate_parse: 23 callbacks suppressed [ 365.319093][T10037] netlink: 342 bytes leftover after parsing attributes in process `syz.1.815'. [ 367.109248][T10068] kAFS: Invalid Command on /proc/fs/afs/cells file [ 367.426997][ T30] audit: type=1804 audit(4294967329.906:15): pid=10070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.822" name="/newroot/216/file0" dev="tmpfs" ino=1161 res=1 errno=0 [ 367.450200][ T30] audit: type=1800 audit(4294967329.906:16): pid=10070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.822" name="file0" dev="tmpfs" ino=1161 res=0 errno=0 [ 368.239215][T10078] sctp: [Deprecated]: syz.2.824 (pid 10078) Use of int in maxseg socket option. [ 368.239215][T10078] Use struct sctp_assoc_value instead [ 371.078417][T10126] netlink: 28 bytes leftover after parsing attributes in process `syz.2.834'. [ 371.231316][T10122] QAT: Invalid ioctl 6 [ 371.577513][T10123] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium syzkaller syzkaller login: [ 374.497088][ T30] audit: type=1804 audit(4294967341.978:17): pid=10179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.848" name="/newroot/sys/kernel/debug/tracing/trace_options" dev="tracefs" ino=1243 res=1 errno=0 [ 375.211934][T10200] netlink: 'syz.2.851': attribute type 16 has an invalid length. [ 375.222710][T10200] netlink: 50 bytes leftover after parsing attributes in process `syz.2.851'. [ 376.665028][T10224] batman_adv: Routing algorithm '' is not supported [ 377.683507][T10222] program syz.3.857 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 380.253141][T10268] netlink: 342 bytes leftover after parsing attributes in process `syz.2.866'. [ 380.626588][T10281] netlink: 28 bytes leftover after parsing attributes in process `syz.1.868'. [ 380.662350][T10281] macvlan0: left allmulticast mode [ 380.667627][T10281] veth1_vlan: left allmulticast mode [ 380.736011][T10281] macvlan0: left promiscuous mode [ 380.765280][T10281] bridge0: port 3(macvlan0) entered disabled state [ 380.777569][T10281] bridge_slave_1: left allmulticast mode [ 380.785494][T10281] bridge_slave_1: left promiscuous mode [ 380.794448][T10281] bridge0: port 2(bridge_slave_1) entered disabled state [ 380.819246][T10281] bridge_slave_0: left allmulticast mode [ 380.828726][T10277] netlink: 'syz.0.867': attribute type 1 has an invalid length. [ 380.836807][T10281] bridge_slave_0: left promiscuous mode [ 380.865358][T10281] bridge0: port 1(bridge_slave_0) entered disabled state [ 382.777738][T10320] netlink: 24 bytes leftover after parsing attributes in process `syz.0.879'. [ 383.241664][T10323] Process accounting paused [ 383.872164][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.878611][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.424449][T10350] nbd: socks must be embedded in a SOCK_ITEM attr [ 384.746054][T10356] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 385.508381][T10357] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 387.637310][ T30] audit: type=1800 audit(4294967355.118:18): pid=10405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.896" name="lu_gp_id" dev="configfs" ino=26341 res=0 errno=0 [ 387.896268][T10408] vivid-003: ================= START STATUS ================= [ 387.941652][T10408] vivid-003: Radio HW Seek Mode: Bounded [ 387.980129][T10408] vivid-003: Radio Programmable HW Seek: false [ 388.014652][T10408] vivid-003: RDS Rx I/O Mode: Block I/O [ 388.021902][T10408] vivid-003: Generate RBDS Instead of RDS: false [ 388.028406][T10408] vivid-003: RDS Reception: true [ 388.064594][T10408] vivid-003: RDS Program Type: 0 inactive [ 388.132001][T10408] vivid-003: RDS PS Name: inactive [ 388.145984][T10408] vivid-003: RDS Radio Text: inactive [ 388.152686][T10408] vivid-003: RDS Traffic Announcement: false inactive [ 388.159693][T10408] vivid-003: RDS Traffic Program: false inactive [ 388.166847][T10408] vivid-003: RDS Music: false inactive [ 388.176658][T10408] vivid-003: ================== END STATUS ================== [ 390.799978][ T5831] Bluetooth: hci1: unexpected subevent 0x19 length: 252 > 28 [ 390.807981][ T5831] Bluetooth: hci1: Unable to find connection with handle 0xc3d2 [ 391.103676][T10470] FAULT_INJECTION: forcing a failure. [ 391.103676][T10470] name failslab, interval 1, probability 0, space 0, times 0 [ 391.137420][T10470] CPU: 1 UID: 0 PID: 10470 Comm: syz.2.910 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 391.137473][T10470] Tainted: [U]=USER [ 391.137482][T10470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 391.137500][T10470] Call Trace: [ 391.137509][T10470] [ 391.137520][T10470] dump_stack_lvl+0x16c/0x1f0 [ 391.137571][T10470] should_fail_ex+0x512/0x640 [ 391.137614][T10470] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 391.137663][T10470] should_failslab+0xc2/0x120 [ 391.137693][T10470] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 391.137737][T10470] ? vma_merge_new_range+0x37f/0xa00 [ 391.137777][T10470] ? vm_area_alloc+0x1f/0x160 [ 391.137820][T10470] vm_area_alloc+0x1f/0x160 [ 391.137859][T10470] __mmap_region+0xf0a/0x25e0 [ 391.137906][T10470] ? __pfx___mmap_region+0x10/0x10 [ 391.137949][T10470] ? rcu_is_watching+0x12/0xc0 [ 391.137986][T10470] ? rcu_is_watching+0x12/0xc0 [ 391.138016][T10470] ? trace_sched_exit_tp+0xde/0x130 [ 391.138051][T10470] ? __schedule+0x1181/0x5de0 [ 391.138127][T10470] ? __pfx___schedule+0x10/0x10 [ 391.138220][T10470] ? trace_cap_capable+0x18d/0x200 [ 391.138286][T10470] mmap_region+0x1ab/0x3f0 [ 391.138331][T10470] ? __get_unmapped_area+0x267/0x440 [ 391.138369][T10470] do_mmap+0xa3e/0x1210 [ 391.138410][T10470] ? __pfx_do_mmap+0x10/0x10 [ 391.138444][T10470] ? __pfx_down_write_killable+0x10/0x10 [ 391.138484][T10470] vm_mmap_pgoff+0x281/0x450 [ 391.138522][T10470] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 391.138564][T10470] ? __x64_sys_futex+0x1e0/0x4c0 [ 391.138599][T10470] ? __x64_sys_futex+0x1e9/0x4c0 [ 391.138642][T10470] ksys_mmap_pgoff+0x7d/0x5c0 [ 391.138673][T10470] ? xfd_validate_state+0x61/0x180 [ 391.138709][T10470] ? __task_pid_nr_ns+0x17c/0x500 [ 391.138753][T10470] __x64_sys_mmap+0x125/0x190 [ 391.138797][T10470] do_syscall_64+0xcd/0x490 [ 391.138847][T10470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.138878][T10470] RIP: 0033:0x7f2ab3d8e929 [ 391.138903][T10470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.138933][T10470] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 391.138961][T10470] RAX: ffffffffffffffda RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 391.138981][T10470] RDX: 00000000000000df RSI: 0000000000000008 RDI: 0000000000000000 [ 391.138998][T10470] RBP: 00007f2ab3e10b39 R08: 0000000000000002 R09: 0000000000008000 [ 391.139016][T10470] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 391.139033][T10470] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 391.139075][T10470] [ 391.480575][T10475] FAULT_INJECTION: forcing a failure. [ 391.480575][T10475] name failslab, interval 1, probability 0, space 0, times 0 [ 391.493516][T10475] CPU: 0 UID: 0 PID: 10475 Comm: syz.3.913 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 391.493575][T10475] Tainted: [U]=USER [ 391.493586][T10475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 391.493604][T10475] Call Trace: [ 391.493615][T10475] [ 391.493627][T10475] dump_stack_lvl+0x16c/0x1f0 [ 391.493681][T10475] should_fail_ex+0x512/0x640 [ 391.493723][T10475] ? fs_reclaim_acquire+0xae/0x150 [ 391.493765][T10475] should_failslab+0xc2/0x120 [ 391.493795][T10475] __kmalloc_cache_noprof+0x6a/0x3e0 [ 391.493838][T10475] ? __asan_memset+0x23/0x50 [ 391.493875][T10475] ? do_proc_control+0x335/0x10a0 [ 391.493904][T10475] ? usb_init_urb+0x38/0x130 [ 391.493955][T10475] do_proc_control+0x335/0x10a0 [ 391.493987][T10475] ? __might_fault+0x13b/0x190 [ 391.494032][T10475] ? __pfx_do_proc_control+0x10/0x10 [ 391.494087][T10475] usbdev_ioctl+0x2300/0x4070 [ 391.494125][T10475] ? __pfx_usbdev_ioctl+0x10/0x10 [ 391.494155][T10475] ? do_vfs_ioctl+0x523/0x1a60 [ 391.494192][T10475] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 391.494265][T10475] ? find_held_lock+0x2b/0x80 [ 391.494297][T10475] ? hook_file_ioctl_common+0x145/0x410 [ 391.494341][T10475] ? __fget_files+0x20e/0x3c0 [ 391.494390][T10475] ? __pfx_usbdev_ioctl+0x10/0x10 [ 391.494421][T10475] __x64_sys_ioctl+0x18e/0x210 [ 391.494462][T10475] do_syscall_64+0xcd/0x490 [ 391.494512][T10475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.494543][T10475] RIP: 0033:0x7f27ea98e929 [ 391.494569][T10475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.494599][T10475] RSP: 002b:00007f27eb746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 391.494630][T10475] RAX: ffffffffffffffda RBX: 00007f27eabb5fa0 RCX: 00007f27ea98e929 [ 391.494651][T10475] RDX: 0000000000000000 RSI: 00000000c0185500 RDI: 0000000000000004 [ 391.494670][T10475] RBP: 00007f27eaa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 391.494689][T10475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 391.494707][T10475] R13: 0000000000000000 R14: 00007f27eabb5fa0 R15: 00007ffeb18a9d18 [ 391.494748][T10475] [ 398.877060][T10600] FAULT_INJECTION: forcing a failure. [ 398.877060][T10600] name failslab, interval 1, probability 0, space 0, times 0 [ 398.961444][T10600] CPU: 0 UID: 0 PID: 10600 Comm: syz.0.938 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 398.961498][T10600] Tainted: [U]=USER [ 398.961508][T10600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 398.961527][T10600] Call Trace: [ 398.961537][T10600] [ 398.961549][T10600] dump_stack_lvl+0x16c/0x1f0 [ 398.961601][T10600] should_fail_ex+0x512/0x640 [ 398.961643][T10600] ? fs_reclaim_acquire+0xae/0x150 [ 398.961681][T10600] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 398.961723][T10600] should_failslab+0xc2/0x120 [ 398.961753][T10600] __kmalloc_noprof+0xd2/0x510 [ 398.961810][T10600] tomoyo_realpath_from_path+0xc2/0x6e0 [ 398.961866][T10600] tomoyo_check_open_permission+0x2ab/0x3c0 [ 398.961904][T10600] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 398.961985][T10600] ? do_raw_spin_lock+0x12c/0x2b0 [ 398.962044][T10600] tomoyo_file_open+0x6b/0x90 [ 398.962087][T10600] security_file_open+0x84/0x1e0 [ 398.962127][T10600] do_dentry_open+0x596/0x1c10 [ 398.962185][T10600] vfs_open+0x82/0x3f0 [ 398.962223][T10600] path_openat+0x1de4/0x2cb0 [ 398.962280][T10600] ? __pfx_path_openat+0x10/0x10 [ 398.962335][T10600] ? __lock_acquire+0xb8a/0x1c90 [ 398.962379][T10600] do_filp_open+0x20b/0x470 [ 398.962423][T10600] ? __pfx_do_filp_open+0x10/0x10 [ 398.962499][T10600] ? alloc_fd+0x471/0x7d0 [ 398.962551][T10600] do_sys_openat2+0x11b/0x1d0 [ 398.962585][T10600] ? __pfx_do_sys_openat2+0x10/0x10 [ 398.962635][T10600] __x64_sys_openat+0x174/0x210 [ 398.962671][T10600] ? __pfx___x64_sys_openat+0x10/0x10 [ 398.962724][T10600] do_syscall_64+0xcd/0x490 [ 398.962776][T10600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.962806][T10600] RIP: 0033:0x7f3d2bd8e929 [ 398.962832][T10600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.962863][T10600] RSP: 002b:00007f3d2cc85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 398.962893][T10600] RAX: ffffffffffffffda RBX: 00007f3d2bfb6080 RCX: 00007f3d2bd8e929 [ 398.962913][T10600] RDX: 0000000000004000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 398.962932][T10600] RBP: 00007f3d2be10b39 R08: 0000000000000000 R09: 0000000000000000 [ 398.962950][T10600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.962967][T10600] R13: 0000000000000000 R14: 00007f3d2bfb6080 R15: 00007fffe8c159b8 [ 398.963008][T10600] [ 398.963020][T10600] ERROR: Out of memory at tomoyo_realpath_from_path. [ 399.187458][T10608] : Can't lookup blockdev [ 399.508493][T10615] netdevsim netdevsim15 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 399.824915][ T5831] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 399.853421][ T5831] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 401.402052][T10646] ubi0: attaching mtd0 [ 401.426108][T10646] ubi0: scanning is finished [ 401.430789][T10646] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 401.833177][T10646] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 405.020165][T10710] netlink: 326 bytes leftover after parsing attributes in process `syz.3.963'. [ 409.742200][T10773] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 414.072851][T10849] program syz.0.986 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 415.308364][T10847] Process accounting resumed [ 420.206315][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 420.212745][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.239876][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 420.246626][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.259791][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 420.266379][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.284338][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 420.291543][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.459447][T10928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1003'. [ 420.791038][T10935] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1005'. [ 420.942524][T10939] FAULT_INJECTION: forcing a failure. [ 420.942524][T10939] name failslab, interval 1, probability 0, space 0, times 0 [ 420.960686][T10939] CPU: 0 UID: 0 PID: 10939 Comm: syz.0.1005 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 420.960735][T10939] Tainted: [U]=USER [ 420.960744][T10939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 420.960754][T10939] Call Trace: [ 420.960760][T10939] [ 420.960767][T10939] dump_stack_lvl+0x16c/0x1f0 [ 420.960819][T10939] should_fail_ex+0x512/0x640 [ 420.960847][T10939] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 420.960875][T10939] should_failslab+0xc2/0x120 [ 420.960893][T10939] __kmalloc_cache_noprof+0x6a/0x3e0 [ 420.960918][T10939] ? do_epoll_create+0x62/0x470 [ 420.960944][T10939] do_epoll_create+0x62/0x470 [ 420.960968][T10939] __x64_sys_epoll_create+0x45/0x70 [ 420.960991][T10939] do_syscall_64+0xcd/0x490 [ 420.961023][T10939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.961045][T10939] RIP: 0033:0x7f3d2bd8e929 [ 420.961060][T10939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.961077][T10939] RSP: 002b:00007f3d2cc64038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 420.961094][T10939] RAX: ffffffffffffffda RBX: 00007f3d2bfb6160 RCX: 00007f3d2bd8e929 [ 420.961106][T10939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 420.961117][T10939] RBP: 00007f3d2be10b39 R08: 0000000000000000 R09: 0000000000000000 [ 420.961128][T10939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.961139][T10939] R13: 0000000000000000 R14: 00007f3d2bfb6160 R15: 00007fffe8c159b8 [ 420.961161][T10939] [ 422.710143][T10970] sd 0:0:1:0: PR command failed: 1026 [ 422.717786][T10970] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 422.725022][T10970] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 425.415404][T10976] syz.3.1013 (10976): attempted to duplicate a private mapping with mremap. This is not supported. [ 427.265576][T10999] syz.1.1017 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 428.917342][T11030] Invalid ELF header magic: != ELF [ 431.575948][T11090] : renamed from gre0 (while UP) [ 435.028368][T11147] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 syzkaller syzkaller login: [ 435.985964][T11151] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 437.630501][T11187] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1054'. [ 438.109593][T11089] Bluetooth: hci0: unexpected subevent 0x1d length: 0 < 14 [ 438.178206][T11199] can: request_module (can-proto-0) failed. [ 438.767961][T11216] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1061'. [ 439.079463][T11222] FAULT_INJECTION: forcing a failure. [ 439.079463][T11222] name failslab, interval 1, probability 0, space 0, times 0 [ 439.092908][T11222] CPU: 1 UID: 0 PID: 11222 Comm: syz.1.1064 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 439.092961][T11222] Tainted: [U]=USER [ 439.092971][T11222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 439.092989][T11222] Call Trace: [ 439.093000][T11222] [ 439.093011][T11222] dump_stack_lvl+0x16c/0x1f0 [ 439.093065][T11222] should_fail_ex+0x512/0x640 [ 439.093107][T11222] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 439.093155][T11222] should_failslab+0xc2/0x120 [ 439.093184][T11222] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 439.093228][T11222] ? prepare_creds+0x2c/0x7d0 [ 439.093277][T11222] prepare_creds+0x2c/0x7d0 [ 439.093322][T11222] join_session_keyring+0x17/0x340 [ 439.093358][T11222] lookup_user_key+0x576/0x1300 [ 439.093398][T11222] ? __pfx_lookup_user_key+0x10/0x10 [ 439.093436][T11222] ? __pfx_do_futex+0x10/0x10 [ 439.093478][T11222] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 439.093520][T11222] ? native_tss_update_io_bitmap+0x3e1/0x770 [ 439.093585][T11222] keyctl_keyring_move+0xb4/0x150 [ 439.093619][T11222] __do_sys_keyctl+0x171/0x590 [ 439.093664][T11222] do_syscall_64+0xcd/0x490 [ 439.093715][T11222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.093746][T11222] RIP: 0033:0x7f9d64b8e929 [ 439.093771][T11222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.093801][T11222] RSP: 002b:00007f9d65a25038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 439.093831][T11222] RAX: ffffffffffffffda RBX: 00007f9d64db5fa0 RCX: 00007f9d64b8e929 [ 439.093853][T11222] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 000000000000001e [ 439.093872][T11222] RBP: 00007f9d64c10b39 R08: 0000000000000001 R09: 0000000000000000 [ 439.093891][T11222] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 439.093908][T11222] R13: 0000000000000000 R14: 00007f9d64db5fa0 R15: 00007fff89c6c658 [ 439.093948][T11222] [ 439.118674][T11216] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 439.415023][T11216] vivid-007: ================= START STATUS ================= [ 439.493219][T11216] vivid-007: Generate PTS: true [ 439.511972][T11216] vivid-007: Generate SCR: true [ 439.533817][T11216] tpg source WxH: 320x240 (Y'CbCr) [ 439.565795][T11216] tpg field: 1 [ 439.577052][T11216] tpg crop: (0,0)/320x240 [ 439.601474][T11216] tpg compose: (0,0)/320x240 [ 439.618930][T11216] tpg colorspace: 8 [ 439.657985][T11216] tpg transfer function: 0/0 [ 439.662841][T11216] tpg Y'CbCr encoding: 0/0 [ 439.667553][T11216] tpg quantization: 0/0 [ 439.680755][T11216] tpg RGB range: 0/2 [ 439.700268][T11216] vivid-007: ================== END STATUS ================== [ 440.360226][T11249] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1070'. [ 440.364666][T11243] Invalid ELF header magic: != ELF [ 441.166062][T11258] nfs4: Unknown parameter '' [ 445.029788][T11321] Invalid ELF header magic: != ELF [ 445.304522][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.310974][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.639752][T11337] Process accounting paused [ 446.291039][T11348] random: crng reseeded on system resumption [ 448.218270][T11382] tipc: Started in network mode [ 448.234224][T11382] tipc: Node identity ee00, cluster identity 4711 [ 448.240813][T11382] tipc: Node number set to 60928 [ 448.292223][T11387] Process accounting resumed [ 448.534829][T11397] program syz.2.1101 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 448.546803][T11397] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 451.727086][T11466] : renamed from gre0 (while UP) [ 452.229555][T11472] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1112'. [ 452.497853][T11482] netlink: zone id is out of range [ 452.518747][T11482] netlink: zone id is out of range [ 452.543604][T11482] netlink: zone id is out of range [ 452.548868][T11482] netlink: zone id is out of range [ 452.582739][T11482] netlink: zone id is out of range [ 452.587938][T11482] netlink: zone id is out of range [ 452.661878][T11482] netlink: zone id is out of range [ 452.681476][T11482] netlink: zone id is out of range [ 452.687321][T11482] netlink: zone id is out of range [ 452.721376][T11482] netlink: zone id is out of range [ 455.436286][T11534] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 455.745589][T11538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1125'. [ 456.022961][T11089] Bluetooth: hci0: unexpected event 0x3d length: 726 > 14 [ 458.377468][T11582] nvme_fabrics: missing parameter 'transport=%s' [ 458.399113][T11582] nvme_fabrics: missing parameter 'nqn=%s' [ 458.553063][T11584] nvme_fabrics: missing parameter 'transport=%s' [ 458.571383][T11584] nvme_fabrics: missing parameter 'nqn=%s' [ 460.556315][T11615] net_ratelimit: 54 callbacks suppressed [ 460.556341][T11615] openvswitch: netlink: Key type 293 is out of range max 32 [ 465.256056][T11690] FAULT_INJECTION: forcing a failure. [ 465.256056][T11690] name failslab, interval 1, probability 0, space 0, times 0 [ 465.271019][T11690] CPU: 0 UID: 0 PID: 11690 Comm: syz.2.1155 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 465.271053][T11690] Tainted: [U]=USER [ 465.271063][T11690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 465.271079][T11690] Call Trace: [ 465.271087][T11690] [ 465.271099][T11690] dump_stack_lvl+0x16c/0x1f0 [ 465.271150][T11690] should_fail_ex+0x512/0x640 [ 465.271191][T11690] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 465.271236][T11690] should_failslab+0xc2/0x120 [ 465.271264][T11690] __kmalloc_cache_noprof+0x6a/0x3e0 [ 465.271293][T11690] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 465.271324][T11690] ? do_epoll_create+0x62/0x470 [ 465.271365][T11690] do_epoll_create+0x62/0x470 [ 465.271392][T11690] __x64_sys_epoll_create+0x45/0x70 [ 465.271417][T11690] do_syscall_64+0xcd/0x490 [ 465.271447][T11690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.271465][T11690] RIP: 0033:0x7f2ab3d8e929 [ 465.271481][T11690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 465.271500][T11690] RSP: 002b:00007f2ab4c85038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 465.271518][T11690] RAX: ffffffffffffffda RBX: 00007f2ab3fb6080 RCX: 00007f2ab3d8e929 [ 465.271530][T11690] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 465.271540][T11690] RBP: 00007f2ab3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 465.271550][T11690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.271561][T11690] R13: 0000000000000000 R14: 00007f2ab3fb6080 R15: 00007ffdb8050fe8 [ 465.271583][T11690] [ 465.813313][T11693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1156'. [ 467.432039][T11596] delete_channel: no stack [ 469.023936][T11743] ima: policy update failed [ 469.029497][ T30] audit: type=1802 audit(4294967436.508:19): pid=11743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1167" res=0 errno=0 [ 469.966739][T11771] ubi0: attaching mtd0 [ 469.980745][T11771] ubi0: scanning is finished [ 469.989241][T11771] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 470.249279][T11771] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 475.264639][T11837] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 475.313891][T11837] mmap: syz.3.1186 (11837): VmData 46407680 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 476.379984][T11848] Process accounting resumed [ 476.611362][T11858] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 479.685526][T11907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1203'. [ 479.707821][T11907] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 479.965520][T11702] Process accounting paused [ 482.231637][T11948] can: request_module (can-proto-0) failed. [ 487.824321][T12019] futex_wake_op: syz.0.1227 tries to shift op by -9; fix this program [ 487.995634][T12009] netlink: zone id is out of range [ 488.014477][T12009] netlink: del zone limit has 4 unknown bytes [ 489.661985][T12049] Invalid ELF header magic: != ELF [ 490.024805][T12059] kAFS: No cell specified [ 491.303295][T12063] Invalid ELF header magic: != ELF [ 491.759230][T12068] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1237'. [ 492.400640][T12076] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 493.461815][T12091] FAULT_INJECTION: forcing a failure. [ 493.461815][T12091] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 493.461888][T12091] CPU: 1 UID: 0 PID: 12091 Comm: syz.2.1244 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 493.461936][T12091] Tainted: [U]=USER [ 493.461945][T12091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 493.461964][T12091] Call Trace: [ 493.461975][T12091] [ 493.461987][T12091] dump_stack_lvl+0x16c/0x1f0 [ 493.462039][T12091] should_fail_ex+0x512/0x640 [ 493.462090][T12091] should_fail_alloc_page+0xe7/0x130 [ 493.462122][T12091] prepare_alloc_pages+0x3c2/0x610 [ 493.462166][T12091] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 493.462220][T12091] ? stack_trace_save+0x8e/0xc0 [ 493.462267][T12091] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 493.462321][T12091] ? fb_var_to_videomode+0x4c9/0x690 [ 493.462395][T12091] ? __pfx_fb_match_mode+0x10/0x10 [ 493.462435][T12091] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 493.462486][T12091] ? vc_allocate+0x489/0x880 [ 493.462529][T12091] __alloc_pages_noprof+0xb/0x1b0 [ 493.462575][T12091] ___kmalloc_large_node+0x84/0x1e0 [ 493.462619][T12091] ? vc_allocate+0x489/0x880 [ 493.462660][T12091] __kmalloc_large_node_noprof+0x1c/0x70 [ 493.462702][T12091] __kmalloc_noprof.cold+0xc/0x61 [ 493.462762][T12091] vc_allocate+0x489/0x880 [ 493.462809][T12091] ? __pfx_vc_allocate+0x10/0x10 [ 493.462871][T12091] con_install+0xa1/0x600 [ 493.462922][T12091] ? __pfx_con_install+0x10/0x10 [ 493.462977][T12091] ? __pfx_con_install+0x10/0x10 [ 493.463022][T12091] tty_init_dev.part.0+0x99/0x500 [ 493.463077][T12091] tty_open+0xa50/0xf90 [ 493.463115][T12091] ? __pfx_tty_open+0x10/0x10 [ 493.463145][T12091] ? chrdev_open+0x58c/0x6a0 [ 493.463197][T12091] ? __pfx_tty_open+0x10/0x10 [ 493.463224][T12091] chrdev_open+0x234/0x6a0 [ 493.463271][T12091] ? __pfx_chrdev_open+0x10/0x10 [ 493.463321][T12091] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 493.463381][T12091] do_dentry_open+0x741/0x1c10 [ 493.463428][T12091] ? __pfx_chrdev_open+0x10/0x10 [ 493.463488][T12091] vfs_open+0x82/0x3f0 [ 493.463529][T12091] path_openat+0x1de4/0x2cb0 [ 493.463593][T12091] ? __pfx_path_openat+0x10/0x10 [ 493.463640][T12091] ? __lock_acquire+0xb8a/0x1c90 [ 493.463688][T12091] do_filp_open+0x20b/0x470 [ 493.463734][T12091] ? __pfx_do_filp_open+0x10/0x10 [ 493.463819][T12091] ? alloc_fd+0x471/0x7d0 [ 493.463874][T12091] do_sys_openat2+0x11b/0x1d0 [ 493.463905][T12091] ? __pfx_do_sys_openat2+0x10/0x10 [ 493.463955][T12091] __x64_sys_openat+0x174/0x210 [ 493.463990][T12091] ? __pfx___x64_sys_openat+0x10/0x10 [ 493.464048][T12091] do_syscall_64+0xcd/0x490 [ 493.464099][T12091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.464131][T12091] RIP: 0033:0x7f2ab3d8e929 [ 493.464156][T12091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.464185][T12091] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 493.464216][T12091] RAX: ffffffffffffffda RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 493.464236][T12091] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 493.464256][T12091] RBP: 00007f2ab3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 493.464274][T12091] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 493.464292][T12091] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 493.464333][T12091] [ 494.204806][T12106] Invalid ELF header magic: != ELF [ 496.968131][T12133] Debayer A: ================= START STATUS ================= [ 496.995116][T12133] Debayer A: Debayer Mean Window Size: 3 [ 497.029849][T12133] Debayer A: ================== END STATUS ================== [ 497.650294][T12144] sysfs_service_op_show: Client not running :-5: [ 500.241116][T12186] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 501.279976][T12207] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 503.035300][T12234] nbd: socks must be embedded in a SOCK_ITEM attr [ 503.830723][T12254] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1278'. [ 506.436944][T12274] binder: 12273:12274 ioctl c00c620f 200000000340 returned -22 [ 506.724447][T12299] Process accounting paused [ 506.745999][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.785533][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.163968][T12304] random: crng reseeded on system resumption [ 507.187223][T12304] FAULT_INJECTION: forcing a failure. [ 507.187223][T12304] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 507.260935][T12304] CPU: 0 UID: 0 PID: 12304 Comm: syz.1.1287 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 507.260987][T12304] Tainted: [U]=USER [ 507.260997][T12304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 507.261012][T12304] Call Trace: [ 507.261023][T12304] [ 507.261034][T12304] dump_stack_lvl+0x16c/0x1f0 [ 507.261087][T12304] should_fail_ex+0x512/0x640 [ 507.261134][T12304] should_fail_alloc_page+0xe7/0x130 [ 507.261166][T12304] prepare_alloc_pages+0x3c2/0x610 [ 507.261198][T12304] ? rcu_is_watching+0x12/0xc0 [ 507.261244][T12304] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 507.261308][T12304] ? stack_trace_save+0x8e/0xc0 [ 507.261340][T12304] ? __pfx_stack_trace_save+0x10/0x10 [ 507.261371][T12304] ? stack_depot_save_flags+0x28/0xa40 [ 507.261415][T12304] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 507.261462][T12304] ? kasan_save_stack+0x42/0x60 [ 507.261500][T12304] ? kasan_save_stack+0x33/0x60 [ 507.261547][T12304] ? do_dentry_open+0x741/0x1c10 [ 507.261587][T12304] ? vfs_open+0x82/0x3f0 [ 507.261613][T12304] ? path_openat+0x1de4/0x2cb0 [ 507.261650][T12304] ? do_filp_open+0x20b/0x470 [ 507.261686][T12304] ? do_sys_openat2+0x11b/0x1d0 [ 507.261715][T12304] ? __x64_sys_openat+0x174/0x210 [ 507.261746][T12304] ? do_syscall_64+0xcd/0x490 [ 507.261787][T12304] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.261817][T12304] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 507.261859][T12304] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 507.261902][T12304] ? policy_nodemask+0xea/0x4e0 [ 507.261951][T12304] alloc_pages_mpol+0x1fb/0x550 [ 507.261983][T12304] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 507.262022][T12304] alloc_pages_noprof+0x131/0x390 [ 507.262053][T12304] get_zeroed_page_noprof+0x18/0xb0 [ 507.262085][T12304] get_image_page+0x18/0x190 [ 507.262116][T12304] alloc_rtree_node+0x3c/0xb0 [ 507.262145][T12304] memory_bm_create+0x519/0x810 [ 507.262195][T12304] create_basic_memory_bitmaps+0xbd/0x320 [ 507.262244][T12304] snapshot_open+0x235/0x2b0 [ 507.262279][T12304] ? __pfx_snapshot_open+0x10/0x10 [ 507.262316][T12304] misc_open+0x35d/0x420 [ 507.262351][T12304] ? __pfx_misc_open+0x10/0x10 [ 507.262386][T12304] chrdev_open+0x234/0x6a0 [ 507.262430][T12304] ? __pfx_apparmor_file_open+0x10/0x10 [ 507.262467][T12304] ? __pfx_chrdev_open+0x10/0x10 [ 507.262513][T12304] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 507.262560][T12304] do_dentry_open+0x741/0x1c10 [ 507.262604][T12304] ? __pfx_chrdev_open+0x10/0x10 [ 507.262657][T12304] vfs_open+0x82/0x3f0 [ 507.262696][T12304] path_openat+0x1de4/0x2cb0 [ 507.262753][T12304] ? __pfx_path_openat+0x10/0x10 [ 507.262798][T12304] ? __lock_acquire+0xb8a/0x1c90 [ 507.262845][T12304] do_filp_open+0x20b/0x470 [ 507.262888][T12304] ? __pfx_do_filp_open+0x10/0x10 [ 507.262994][T12304] ? alloc_fd+0x471/0x7d0 [ 507.263047][T12304] do_sys_openat2+0x11b/0x1d0 [ 507.263077][T12304] ? __pfx_do_sys_openat2+0x10/0x10 [ 507.263126][T12304] __x64_sys_openat+0x174/0x210 [ 507.263161][T12304] ? __pfx___x64_sys_openat+0x10/0x10 [ 507.263222][T12304] do_syscall_64+0xcd/0x490 [ 507.263272][T12304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.263303][T12304] RIP: 0033:0x7f9d64b8e929 [ 507.263328][T12304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.263354][T12304] RSP: 002b:00007f9d65a25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 507.263383][T12304] RAX: ffffffffffffffda RBX: 00007f9d64db5fa0 RCX: 00007f9d64b8e929 [ 507.263403][T12304] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 507.263422][T12304] RBP: 00007f9d64c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 507.263440][T12304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.263457][T12304] R13: 0000000000000000 R14: 00007f9d64db5fa0 R15: 00007fff89c6c658 [ 507.263496][T12304] [ 509.737290][T12345] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 510.423787][T12380] Invalid ELF header magic: != ELF [ 510.620883][T12368] Process accounting resumed [ 510.941151][T12380] could not allocate digest TFM handle [ 510.964742][T12383] could not allocate digest TFM handle [ 515.516316][T12442] netlink: 'syz.0.1317': attribute type 5 has an invalid length. [ 515.558852][T12442] netlink: 'syz.0.1317': attribute type 1 has an invalid length. [ 515.586244][T12442] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1317'. [ 517.374260][T12478] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1323'. [ 517.415495][T12480] vhci_hcd: invalid port number 16 [ 517.431573][T12480] vhci_hcd: invalid port number 16 [ 518.764186][T12516] page: refcount:22 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78020 [ 518.831547][T12516] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 518.914141][T12516] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 518.951557][T12516] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 518.960475][T12516] raw: 0000000000000000 0000000000000000 00000016ffffffff 0000000000000000 [ 518.969215][T12516] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 518.978097][T12516] head: 0000000000000000 0000000000000000 00000016ffffffff 0000000000000000 [ 518.987294][T12516] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 518.998439][T12516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 519.015688][T12516] page dumped because: unmovable page [ 519.071567][T12516] page_owner tracks the page as allocated [ 519.078274][T12516] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 11119, tgid 11119 (modprobe), ts 433376920574, free_ts 433293898283 [ 519.099378][T12516] post_alloc_hook+0x1c0/0x230 [ 519.109742][T12516] get_page_from_freelist+0x1321/0x3890 [ 519.180036][T12516] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 519.195000][T12516] alloc_pages_mpol+0x1fb/0x550 [ 519.264000][T12520] could not allocate digest TFM handle [ 519.291018][T12516] alloc_pages_noprof+0x131/0x390 [ 519.334703][T12516] skb_page_frag_refill+0x186/0x5a0 [ 519.341712][T12516] try_fill_recv+0x7e4/0x28a0 [ 519.380503][T12516] virtnet_poll+0x1984/0x3c30 [ 519.482389][T12516] __napi_poll.constprop.0+0xb7/0x550 [ 519.502241][T12516] net_rx_action+0xa9f/0xfe0 [ 519.506977][T12516] handle_softirqs+0x216/0x8e0 [ 519.512072][T12516] __irq_exit_rcu+0x109/0x170 [ 519.516920][T12516] irq_exit_rcu+0x9/0x30 [ 519.521245][T12516] common_interrupt+0xbf/0xe0 [ 519.534480][T12516] asm_common_interrupt+0x26/0x40 [ 519.539945][T12516] page last free pid 11056 tgid 11056 stack trace: [ 519.547057][T12516] __free_frozen_pages+0x7fe/0x1180 [ 519.552419][T12516] __folio_put+0x329/0x450 [ 519.556919][T12516] page_to_skb+0xa58/0xca0 [ 519.561610][T12516] receive_buf+0x7ad/0x4500 [ 519.566191][T12516] virtnet_poll+0x10e8/0x3c30 [ 519.570933][T12516] __napi_poll.constprop.0+0xb7/0x550 [ 519.581503][T12516] net_rx_action+0xa9f/0xfe0 [ 519.586195][T12516] handle_softirqs+0x216/0x8e0 [ 519.596267][T12516] __irq_exit_rcu+0x109/0x170 [ 519.601051][T12516] irq_exit_rcu+0x9/0x30 [ 519.624682][T12516] common_interrupt+0xbf/0xe0 [ 519.639783][T12516] asm_common_interrupt+0x26/0x40 [ 520.322516][T12566] FAULT_INJECTION: forcing a failure. [ 520.322516][T12566] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 520.344115][T12566] CPU: 1 UID: 0 PID: 12566 Comm: syz.3.1343 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 520.344164][T12566] Tainted: [U]=USER [ 520.344174][T12566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 520.344190][T12566] Call Trace: [ 520.344199][T12566] [ 520.344210][T12566] dump_stack_lvl+0x16c/0x1f0 [ 520.344244][T12566] should_fail_ex+0x512/0x640 [ 520.344274][T12566] _copy_from_user+0x2e/0xd0 [ 520.344303][T12566] kern_select+0xc0/0x1e0 [ 520.344328][T12566] ? __pfx_kern_select+0x10/0x10 [ 520.344356][T12566] ? __pfx_ksys_write+0x10/0x10 [ 520.344385][T12566] __x64_sys_select+0xbd/0x160 [ 520.344408][T12566] ? do_syscall_64+0x91/0x490 [ 520.344437][T12566] ? lockdep_hardirqs_on+0x7c/0x110 [ 520.344464][T12566] do_syscall_64+0xcd/0x490 [ 520.344494][T12566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.344512][T12566] RIP: 0033:0x7f27ea98e929 [ 520.344527][T12566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 520.344545][T12566] RSP: 002b:00007f27e87d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 520.344563][T12566] RAX: ffffffffffffffda RBX: 00007f27eabb6240 RCX: 00007f27ea98e929 [ 520.344574][T12566] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000000000000009 [ 520.344585][T12566] RBP: 00007f27e87d5090 R08: 0000200000000280 R09: 0000000000000000 [ 520.344596][T12566] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001 [ 520.344606][T12566] R13: 0000000000000001 R14: 00007f27eabb6240 R15: 00007ffeb18a9d18 [ 520.344627][T12566] [ 522.991113][T12612] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 526.789779][T12629] sysfs_service_op_show: Client not running :-5: [ 526.799812][T12678] program syz.1.1368 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 528.249440][T12712] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1376'. [ 528.428915][T12717] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1377'. [ 528.439215][T12709] FAULT_INJECTION: forcing a failure. [ 528.439215][T12709] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 528.516352][T12709] CPU: 0 UID: 0 PID: 12709 Comm: syz.1.1375 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 528.516400][T12709] Tainted: [U]=USER [ 528.516409][T12709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 528.516426][T12709] Call Trace: [ 528.516435][T12709] [ 528.516445][T12709] dump_stack_lvl+0x16c/0x1f0 [ 528.516494][T12709] should_fail_ex+0x512/0x640 [ 528.516537][T12709] _copy_from_user+0x2e/0xd0 [ 528.516582][T12709] core_sys_select+0x315/0xc10 [ 528.516631][T12709] ? __pfx_core_sys_select+0x10/0x10 [ 528.516709][T12709] ? read_tsc+0x9/0x20 [ 528.516737][T12709] ? ktime_get_ts64+0x256/0x400 [ 528.516783][T12709] kern_select+0x15d/0x1e0 [ 528.516822][T12709] ? __pfx_kern_select+0x10/0x10 [ 528.516865][T12709] ? __pfx_ksys_write+0x10/0x10 [ 528.516913][T12709] __x64_sys_select+0xbd/0x160 [ 528.516959][T12709] ? do_syscall_64+0x91/0x490 [ 528.517007][T12709] ? lockdep_hardirqs_on+0x7c/0x110 [ 528.517049][T12709] do_syscall_64+0xcd/0x490 [ 528.517096][T12709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.517125][T12709] RIP: 0033:0x7f9d64b8e929 [ 528.517149][T12709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.517177][T12709] RSP: 002b:00007f9d65a04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 528.517206][T12709] RAX: ffffffffffffffda RBX: 00007f9d64db6080 RCX: 00007f9d64b8e929 [ 528.517226][T12709] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000000000000009 [ 528.517244][T12709] RBP: 00007f9d65a04090 R08: 0000200000000280 R09: 0000000000000000 [ 528.517261][T12709] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001 [ 528.517279][T12709] R13: 0000000000000000 R14: 00007f9d64db6080 R15: 00007fff89c6c658 [ 528.517318][T12709] [ 528.984829][T12720] FAULT_INJECTION: forcing a failure. [ 528.984829][T12720] name failslab, interval 1, probability 0, space 0, times 0 [ 528.998526][T12720] CPU: 0 UID: 0 PID: 12720 Comm: syz.2.1378 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 528.998578][T12720] Tainted: [U]=USER [ 528.998588][T12720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 528.998606][T12720] Call Trace: [ 528.998616][T12720] [ 528.998628][T12720] dump_stack_lvl+0x16c/0x1f0 [ 528.998681][T12720] should_fail_ex+0x512/0x640 [ 528.998722][T12720] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 528.998768][T12720] should_failslab+0xc2/0x120 [ 528.998796][T12720] __kmalloc_cache_noprof+0x6a/0x3e0 [ 528.998835][T12720] ? ww_mutex_lock+0x37/0x160 [ 528.998861][T12720] ? vkms_plane_duplicate_state+0x45/0x130 [ 528.998894][T12720] ? modeset_lock+0x114/0x6e0 [ 528.998943][T12720] vkms_plane_duplicate_state+0x45/0x130 [ 528.998978][T12720] drm_atomic_get_plane_state+0x20e/0x590 [ 528.999014][T12720] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 528.999075][T12720] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 528.999166][T12720] drm_client_modeset_commit_locked+0x14d/0x580 [ 528.999206][T12720] drm_client_modeset_commit+0x4f/0x80 [ 528.999240][T12720] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 528.999292][T12720] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 528.999334][T12720] drm_fbdev_client_restore+0x2c/0x40 [ 528.999373][T12720] drm_client_dev_restore+0x1f3/0x2a0 [ 528.999414][T12720] drm_release+0x2c4/0x360 [ 528.999448][T12720] ? __pfx_drm_release+0x10/0x10 [ 528.999474][T12720] __fput+0x402/0xb70 [ 528.999515][T12720] task_work_run+0x14d/0x240 [ 528.999562][T12720] ? __pfx_task_work_run+0x10/0x10 [ 528.999607][T12720] ? __pfx___do_sys_close_range+0x10/0x10 [ 528.999663][T12720] exit_to_user_mode_loop+0xeb/0x110 [ 528.999711][T12720] do_syscall_64+0x3f6/0x490 [ 528.999761][T12720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.999788][T12720] RIP: 0033:0x7f2ab3d8e929 [ 528.999813][T12720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.999843][T12720] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 528.999874][T12720] RAX: 0000000000000000 RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 528.999892][T12720] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 528.999910][T12720] RBP: 00007f2ab3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 528.999928][T12720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.999945][T12720] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 528.999988][T12720] [ 529.855639][T12734] random: crng reseeded on system resumption [ 530.572469][T12757] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1387'. [ 530.622504][T12757] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1387'. [ 530.882087][T12761] FAULT_INJECTION: forcing a failure. [ 530.882087][T12761] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 530.922538][T12761] CPU: 1 UID: 0 PID: 12761 Comm: syz.2.1388 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 530.922588][T12761] Tainted: [U]=USER [ 530.922598][T12761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 530.922614][T12761] Call Trace: [ 530.922624][T12761] [ 530.922635][T12761] dump_stack_lvl+0x16c/0x1f0 [ 530.922700][T12761] should_fail_ex+0x512/0x640 [ 530.922756][T12761] _copy_from_user+0x2e/0xd0 [ 530.922801][T12761] core_sys_select+0x35b/0xc10 [ 530.922850][T12761] ? __pfx_core_sys_select+0x10/0x10 [ 530.922932][T12761] ? read_tsc+0x9/0x20 [ 530.922959][T12761] ? ktime_get_ts64+0x256/0x400 [ 530.923006][T12761] kern_select+0x15d/0x1e0 [ 530.923043][T12761] ? __pfx_kern_select+0x10/0x10 [ 530.923087][T12761] ? __pfx_ksys_write+0x10/0x10 [ 530.923136][T12761] __x64_sys_select+0xbd/0x160 [ 530.923171][T12761] ? do_syscall_64+0x91/0x490 [ 530.923213][T12761] ? lockdep_hardirqs_on+0x7c/0x110 [ 530.923255][T12761] do_syscall_64+0xcd/0x490 [ 530.923301][T12761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.923337][T12761] RIP: 0033:0x7f2ab3d8e929 [ 530.923361][T12761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 530.923389][T12761] RSP: 002b:00007f2ab4c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 530.923417][T12761] RAX: ffffffffffffffda RBX: 00007f2ab3fb6240 RCX: 00007f2ab3d8e929 [ 530.923436][T12761] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000000000000009 [ 530.923453][T12761] RBP: 00007f2ab4c43090 R08: 0000200000000280 R09: 0000000000000000 [ 530.923471][T12761] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001 [ 530.923489][T12761] R13: 0000000000000001 R14: 00007f2ab3fb6240 R15: 00007ffdb8050fe8 [ 530.923528][T12761] [ 531.763011][T12774] FAULT_INJECTION: forcing a failure. [ 531.763011][T12774] name failslab, interval 1, probability 0, space 0, times 0 [ 531.784476][T12774] CPU: 0 UID: 0 PID: 12774 Comm: syz.0.1391 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 531.784533][T12774] Tainted: [U]=USER [ 531.784544][T12774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 531.784563][T12774] Call Trace: [ 531.784574][T12774] [ 531.784587][T12774] dump_stack_lvl+0x16c/0x1f0 [ 531.784640][T12774] should_fail_ex+0x512/0x640 [ 531.784682][T12774] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 531.784727][T12774] should_failslab+0xc2/0x120 [ 531.784757][T12774] __kmalloc_cache_noprof+0x6a/0x3e0 [ 531.784795][T12774] ? __mutex_lock+0x1ca/0xb90 [ 531.784837][T12774] ? alloc_tty_struct+0x96/0x8c0 [ 531.784869][T12774] alloc_tty_struct+0x96/0x8c0 [ 531.784892][T12774] ? __pfx___mutex_lock+0x10/0x10 [ 531.784934][T12774] ? __pfx_alloc_tty_struct+0x10/0x10 [ 531.784973][T12774] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 531.785029][T12774] tty_init_dev.part.0+0x1e/0x500 [ 531.785060][T12774] tty_init_dev+0x60/0x80 [ 531.785087][T12774] ? __pfx_ptmx_open+0x10/0x10 [ 531.785120][T12774] ptmx_open+0x10d/0x360 [ 531.785154][T12774] ? __pfx_ptmx_open+0x10/0x10 [ 531.785188][T12774] chrdev_open+0x234/0x6a0 [ 531.785232][T12774] ? __pfx_apparmor_file_open+0x10/0x10 [ 531.785268][T12774] ? __pfx_chrdev_open+0x10/0x10 [ 531.785313][T12774] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 531.785358][T12774] do_dentry_open+0x741/0x1c10 [ 531.785401][T12774] ? __pfx_chrdev_open+0x10/0x10 [ 531.785459][T12774] vfs_open+0x82/0x3f0 [ 531.785495][T12774] path_openat+0x1de4/0x2cb0 [ 531.785551][T12774] ? __pfx_path_openat+0x10/0x10 [ 531.785596][T12774] ? __lock_acquire+0xb8a/0x1c90 [ 531.785640][T12774] do_filp_open+0x20b/0x470 [ 531.785684][T12774] ? __pfx_do_filp_open+0x10/0x10 [ 531.785753][T12774] ? alloc_fd+0x471/0x7d0 [ 531.785807][T12774] do_sys_openat2+0x11b/0x1d0 [ 531.785840][T12774] ? __pfx_do_sys_openat2+0x10/0x10 [ 531.785891][T12774] __x64_sys_openat+0x174/0x210 [ 531.785926][T12774] ? __pfx___x64_sys_openat+0x10/0x10 [ 531.785989][T12774] do_syscall_64+0xcd/0x490 [ 531.786041][T12774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.786072][T12774] RIP: 0033:0x7f3d2bd8e929 [ 531.786097][T12774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 531.786127][T12774] RSP: 002b:00007f3d2cca6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 531.786158][T12774] RAX: ffffffffffffffda RBX: 00007f3d2bfb5fa0 RCX: 00007f3d2bd8e929 [ 531.786179][T12774] RDX: 0000000000002200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 531.786198][T12774] RBP: 00007f3d2be10b39 R08: 0000000000000000 R09: 0000000000000000 [ 531.786216][T12774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 531.786234][T12774] R13: 0000000000000000 R14: 00007f3d2bfb5fa0 R15: 00007fffe8c159b8 [ 531.786275][T12774] [ 533.401113][T12784] FAULT_INJECTION: forcing a failure. [ 533.401113][T12784] name failslab, interval 1, probability 0, space 0, times 0 [ 533.518485][T12784] CPU: 1 UID: 0 PID: 12784 Comm: syz.1.1394 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 533.518538][T12784] Tainted: [U]=USER [ 533.518548][T12784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 533.518566][T12784] Call Trace: [ 533.518576][T12784] [ 533.518587][T12784] dump_stack_lvl+0x16c/0x1f0 [ 533.518638][T12784] should_fail_ex+0x512/0x640 [ 533.518678][T12784] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 533.518723][T12784] should_failslab+0xc2/0x120 [ 533.518753][T12784] __kmalloc_cache_noprof+0x6a/0x3e0 [ 533.518792][T12784] ? kasan_save_track+0x14/0x30 [ 533.518833][T12784] ? snd_info_text_entry_open+0xfb/0x2a0 [ 533.518875][T12784] snd_info_text_entry_open+0xfb/0x2a0 [ 533.518909][T12784] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 533.518948][T12784] ? trace_kmem_cache_alloc+0x28/0xc0 [ 533.518978][T12784] ? __pfx_apparmor_file_open+0x10/0x10 [ 533.519016][T12784] ? proc_reg_open+0x21d/0x610 [ 533.519060][T12784] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 533.519095][T12784] proc_reg_open+0x289/0x610 [ 533.519142][T12784] do_dentry_open+0x741/0x1c10 [ 533.519187][T12784] ? __pfx_proc_reg_open+0x10/0x10 [ 533.519240][T12784] vfs_open+0x82/0x3f0 [ 533.519280][T12784] path_openat+0x1de4/0x2cb0 [ 533.519342][T12784] ? __pfx_path_openat+0x10/0x10 [ 533.519388][T12784] ? __lock_acquire+0xb8a/0x1c90 [ 533.519435][T12784] do_filp_open+0x20b/0x470 [ 533.519484][T12784] ? __pfx_do_filp_open+0x10/0x10 [ 533.519565][T12784] ? alloc_fd+0x471/0x7d0 [ 533.519621][T12784] do_sys_openat2+0x11b/0x1d0 [ 533.519652][T12784] ? __pfx_do_sys_openat2+0x10/0x10 [ 533.519700][T12784] __x64_sys_openat+0x174/0x210 [ 533.519733][T12784] ? __pfx___x64_sys_openat+0x10/0x10 [ 533.519785][T12784] do_syscall_64+0xcd/0x490 [ 533.519836][T12784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.519863][T12784] RIP: 0033:0x7f9d64b8e929 [ 533.519888][T12784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 533.519917][T12784] RSP: 002b:00007f9d65a04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 533.519956][T12784] RAX: ffffffffffffffda RBX: 00007f9d64db6080 RCX: 00007f9d64b8e929 [ 533.519976][T12784] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 533.519994][T12784] RBP: 00007f9d64c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 533.520012][T12784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.520030][T12784] R13: 0000000000000000 R14: 00007f9d64db6080 R15: 00007fff89c6c658 [ 533.520073][T12784] [ 534.266100][T12816] FAULT_INJECTION: forcing a failure. [ 534.266100][T12816] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 534.279431][T12816] CPU: 1 UID: 0 PID: 12816 Comm: syz.2.1398 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 534.279461][T12816] Tainted: [U]=USER [ 534.279467][T12816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 534.279478][T12816] Call Trace: [ 534.279484][T12816] [ 534.279491][T12816] dump_stack_lvl+0x16c/0x1f0 [ 534.279524][T12816] should_fail_ex+0x512/0x640 [ 534.279554][T12816] core_sys_select+0x949/0xc10 [ 534.279584][T12816] ? __pfx_core_sys_select+0x10/0x10 [ 534.279631][T12816] ? read_tsc+0x9/0x20 [ 534.279656][T12816] ? ktime_get_ts64+0x256/0x400 [ 534.279684][T12816] kern_select+0x15d/0x1e0 [ 534.279708][T12816] ? __pfx_kern_select+0x10/0x10 [ 534.279735][T12816] ? __pfx_ksys_write+0x10/0x10 [ 534.279765][T12816] __x64_sys_select+0xbd/0x160 [ 534.279788][T12816] ? do_syscall_64+0x91/0x490 [ 534.279817][T12816] ? lockdep_hardirqs_on+0x7c/0x110 [ 534.279844][T12816] do_syscall_64+0xcd/0x490 [ 534.279873][T12816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.279894][T12816] RIP: 0033:0x7f2ab3d8e929 [ 534.279911][T12816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.279929][T12816] RSP: 002b:00007f2ab4c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 534.279947][T12816] RAX: ffffffffffffffda RBX: 00007f2ab3fb6240 RCX: 00007f2ab3d8e929 [ 534.279958][T12816] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000000000000009 [ 534.279969][T12816] RBP: 00007f2ab4c43090 R08: 0000200000000280 R09: 0000000000000000 [ 534.279979][T12816] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001 [ 534.279990][T12816] R13: 0000000000000001 R14: 00007f2ab3fb6240 R15: 00007ffdb8050fe8 [ 534.280012][T12816] [ 536.199548][T12849] netlink: 103 bytes leftover after parsing attributes in process `syz.0.1408'. [ 536.231439][T12849] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 537.824588][T12875] random: crng reseeded on system resumption [ 538.284242][T12880] openvswitch: netlink: Message has 1 unknown bytes. [ 538.823358][T12882] sd 0:0:1:0: PR command failed: 1026 [ 538.830001][T12882] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 538.837752][T12882] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 538.851412][T12882] Setting dangerous option i915.mitigations - tainting kernel [ 539.767676][T12858] Process accounting resumed [ 540.196705][T12899] usb usb36: usbfs: process 12899 (syz.2.1423) did not claim interface 0 before use [ 540.522847][ T30] audit: type=1804 audit(4294967507.998:20): pid=12907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1425" name="/newroot/362/file0" dev="tmpfs" ino=1919 res=1 errno=0 [ 540.842671][T12917] ptrace attach of "./syz-executor exec"[5835] was attempted by "./syz-executor exec"[12917] [ 541.084720][T12921] FAULT_INJECTION: forcing a failure. [ 541.084720][T12921] name failslab, interval 1, probability 0, space 0, times 0 [ 541.123228][T12921] CPU: 1 UID: 0 PID: 12921 Comm: syz.3.1429 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 541.123282][T12921] Tainted: [U]=USER [ 541.123293][T12921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 541.123311][T12921] Call Trace: [ 541.123322][T12921] [ 541.123334][T12921] dump_stack_lvl+0x16c/0x1f0 [ 541.123388][T12921] should_fail_ex+0x512/0x640 [ 541.123430][T12921] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 541.123476][T12921] should_failslab+0xc2/0x120 [ 541.123506][T12921] __kmalloc_cache_noprof+0x6a/0x3e0 [ 541.123546][T12921] ? __mutex_lock+0x1ca/0xb90 [ 541.123600][T12921] ? alloc_tty_struct+0x96/0x8c0 [ 541.123638][T12921] alloc_tty_struct+0x96/0x8c0 [ 541.123664][T12921] ? __pfx___mutex_lock+0x10/0x10 [ 541.123713][T12921] ? __pfx_alloc_tty_struct+0x10/0x10 [ 541.123743][T12921] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 541.123805][T12921] tty_init_dev.part.0+0x1e/0x500 [ 541.123838][T12921] tty_init_dev+0x60/0x80 [ 541.123869][T12921] ? __pfx_ptmx_open+0x10/0x10 [ 541.123904][T12921] ptmx_open+0x10d/0x360 [ 541.123944][T12921] ? __pfx_ptmx_open+0x10/0x10 [ 541.123981][T12921] chrdev_open+0x234/0x6a0 [ 541.124027][T12921] ? __pfx_apparmor_file_open+0x10/0x10 [ 541.124065][T12921] ? __pfx_chrdev_open+0x10/0x10 [ 541.124117][T12921] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 541.124168][T12921] do_dentry_open+0x741/0x1c10 [ 541.124214][T12921] ? __pfx_chrdev_open+0x10/0x10 [ 541.124273][T12921] vfs_open+0x82/0x3f0 [ 541.124313][T12921] path_openat+0x1de4/0x2cb0 [ 541.124376][T12921] ? __pfx_path_openat+0x10/0x10 [ 541.124423][T12921] ? __lock_acquire+0xb8a/0x1c90 [ 541.124471][T12921] do_filp_open+0x20b/0x470 [ 541.124517][T12921] ? __pfx_do_filp_open+0x10/0x10 [ 541.124608][T12921] ? alloc_fd+0x471/0x7d0 [ 541.124665][T12921] do_sys_openat2+0x11b/0x1d0 [ 541.124699][T12921] ? __pfx_do_sys_openat2+0x10/0x10 [ 541.124755][T12921] __x64_sys_openat+0x174/0x210 [ 541.124790][T12921] ? __pfx___x64_sys_openat+0x10/0x10 [ 541.124844][T12921] do_syscall_64+0xcd/0x490 [ 541.124895][T12921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.124926][T12921] RIP: 0033:0x7f27ea98e929 [ 541.124952][T12921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.124982][T12921] RSP: 002b:00007f27eb746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 541.125013][T12921] RAX: ffffffffffffffda RBX: 00007f27eabb5fa0 RCX: 00007f27ea98e929 [ 541.125033][T12921] RDX: 0000000000002200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 541.125052][T12921] RBP: 00007f27eaa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 541.125071][T12921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.125089][T12921] R13: 0000000000000000 R14: 00007f27eabb5fa0 R15: 00007ffeb18a9d18 [ 541.125131][T12921] [ 542.239127][T12903] Process accounting paused [ 542.630298][T12950] FAULT_INJECTION: forcing a failure. [ 542.630298][T12950] name failslab, interval 1, probability 0, space 0, times 0 [ 542.657581][T12950] CPU: 1 UID: 0 PID: 12950 Comm: syz.2.1436 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 542.657633][T12950] Tainted: [U]=USER [ 542.657643][T12950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 542.657660][T12950] Call Trace: [ 542.657670][T12950] [ 542.657683][T12950] dump_stack_lvl+0x16c/0x1f0 [ 542.657733][T12950] should_fail_ex+0x512/0x640 [ 542.657776][T12950] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 542.657820][T12950] should_failslab+0xc2/0x120 [ 542.657849][T12950] __kmalloc_cache_noprof+0x6a/0x3e0 [ 542.657887][T12950] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 542.657924][T12950] ? do_epoll_create+0x62/0x470 [ 542.657968][T12950] do_epoll_create+0x62/0x470 [ 542.658007][T12950] __x64_sys_epoll_create+0x45/0x70 [ 542.658044][T12950] do_syscall_64+0xcd/0x490 [ 542.658094][T12950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.658123][T12950] RIP: 0033:0x7f2ab3d8e929 [ 542.658148][T12950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 542.658177][T12950] RSP: 002b:00007f2ab4ca6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 542.658207][T12950] RAX: ffffffffffffffda RBX: 00007f2ab3fb5fa0 RCX: 00007f2ab3d8e929 [ 542.658227][T12950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 542.658245][T12950] RBP: 00007f2ab3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 542.658264][T12950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 542.658281][T12950] R13: 0000000000000000 R14: 00007f2ab3fb5fa0 R15: 00007ffdb8050fe8 [ 542.658321][T12950] [ 545.483704][T13015] netlink: 'syz.1.1450': attribute type 11 has an invalid length. [ 545.708967][T11089] ================================================================== [ 545.717106][T11089] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 545.725077][T11089] Read of size 140 at addr ffffc90004fbb000 by task kworker/u11:1/11089 [ 545.733454][T11089] [ 545.735828][T11089] CPU: 0 UID: 0 PID: 11089 Comm: kworker/u11:1 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 545.735874][T11089] Tainted: [U]=USER [ 545.735884][T11089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 545.735904][T11089] Workqueue: hci0 hci_devcd_timeout [ 545.735946][T11089] Call Trace: [ 545.735956][T11089] [ 545.735968][T11089] dump_stack_lvl+0x116/0x1f0 [ 545.736013][T11089] print_report+0xcd/0x680 [ 545.736057][T11089] ? __virt_addr_valid+0x81/0x610 [ 545.736090][T11089] ? hci_devcd_dump+0x142/0x240 [ 545.736124][T11089] kasan_report+0xe0/0x110 [ 545.736150][T11089] ? hci_devcd_dump+0x142/0x240 [ 545.736190][T11089] kasan_check_range+0x100/0x1b0 [ 545.736222][T11089] __asan_memcpy+0x23/0x60 [ 545.736259][T11089] hci_devcd_dump+0x142/0x240 [ 545.736296][T11089] hci_devcd_timeout+0xb5/0x2e0 [ 545.736333][T11089] ? rcu_is_watching+0x12/0xc0 [ 545.736365][T11089] process_one_work+0x9cc/0x1b70 [ 545.736412][T11089] ? __pfx_process_one_work+0x10/0x10 [ 545.736459][T11089] ? assign_work+0x1a0/0x250 [ 545.736498][T11089] worker_thread+0x6c8/0xf10 [ 545.736545][T11089] ? __kthread_parkme+0x19e/0x250 [ 545.736578][T11089] ? __pfx_worker_thread+0x10/0x10 [ 545.736629][T11089] kthread+0x3c5/0x780 [ 545.736667][T11089] ? __pfx_kthread+0x10/0x10 [ 545.736705][T11089] ? rcu_is_watching+0x12/0xc0 [ 545.736731][T11089] ? __pfx_kthread+0x10/0x10 [ 545.736767][T11089] ret_from_fork+0x5d7/0x6f0 [ 545.736802][T11089] ? __pfx_kthread+0x10/0x10 [ 545.736841][T11089] ret_from_fork_asm+0x1a/0x30 [ 545.736884][T11089] [ 545.736894][T11089] [ 545.895050][T11089] The buggy address ffffc90004fbb000 belongs to a vmalloc virtual mapping [ 545.903577][T11089] Memory state around the buggy address: [ 545.909228][T11089] ffffc90004fbaf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 545.917395][T11089] ffffc90004fbaf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 545.925474][T11089] >ffffc90004fbb000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 545.933550][T11089] ^ [ 545.937635][T11089] ffffc90004fbb080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 545.945800][T11089] ffffc90004fbb100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 545.953877][T11089] ================================================================== [ 545.972660][T11089] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 545.979945][T11089] CPU: 0 UID: 0 PID: 11089 Comm: kworker/u11:1 Tainted: G U 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 545.993904][T11089] Tainted: [U]=USER [ 545.997773][T11089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 546.007886][T11089] Workqueue: hci0 hci_devcd_timeout [ 546.013165][T11089] Call Trace: [ 546.016481][T11089] [ 546.019452][T11089] dump_stack_lvl+0x3d/0x1f0 [ 546.024106][T11089] panic+0x71c/0x800 [ 546.028062][T11089] ? __pfx_panic+0x10/0x10 [ 546.032531][T11089] ? mark_held_locks+0x49/0x80 [ 546.037362][T11089] ? preempt_schedule_thunk+0x16/0x30 [ 546.042789][T11089] ? hci_devcd_dump+0x142/0x240 [ 546.047691][T11089] ? preempt_schedule_common+0x44/0xc0 [ 546.053191][T11089] ? check_panic_on_warn+0x1f/0xb0 [ 546.058338][T11089] ? hci_devcd_dump+0x142/0x240 [ 546.063310][T11089] check_panic_on_warn+0xab/0xb0 [ 546.068288][T11089] end_report+0x107/0x170 [ 546.072654][T11089] kasan_report+0xee/0x110 [ 546.077095][T11089] ? hci_devcd_dump+0x142/0x240 [ 546.081986][T11089] kasan_check_range+0x100/0x1b0 [ 546.086948][T11089] __asan_memcpy+0x23/0x60 [ 546.091404][T11089] hci_devcd_dump+0x142/0x240 [ 546.096112][T11089] hci_devcd_timeout+0xb5/0x2e0 [ 546.100993][T11089] ? rcu_is_watching+0x12/0xc0 [ 546.105781][T11089] process_one_work+0x9cc/0x1b70 [ 546.110759][T11089] ? __pfx_process_one_work+0x10/0x10 [ 546.116170][T11089] ? assign_work+0x1a0/0x250 [ 546.120790][T11089] worker_thread+0x6c8/0xf10 [ 546.125422][T11089] ? __kthread_parkme+0x19e/0x250 [ 546.130473][T11089] ? __pfx_worker_thread+0x10/0x10 [ 546.135627][T11089] kthread+0x3c5/0x780 [ 546.139742][T11089] ? __pfx_kthread+0x10/0x10 [ 546.144365][T11089] ? rcu_is_watching+0x12/0xc0 [ 546.149147][T11089] ? __pfx_kthread+0x10/0x10 [ 546.153767][T11089] ret_from_fork+0x5d7/0x6f0 [ 546.158384][T11089] ? __pfx_kthread+0x10/0x10 [ 546.163007][T11089] ret_from_fork_asm+0x1a/0x30 [ 546.167803][T11089] [ 546.170985][T11089] Kernel Offset: disabled [ 546.175312][T11089] Rebooting in 86400 seconds..