last executing test programs: 50.702706836s ago: executing program 2 (id=1344): r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) write$auto(r0, 0x0, 0x10) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0x25, 0x5, 0x0) sendfile$auto(0x6, 0x3, 0x0, 0xfdef) mmap$auto(0x2000000000000, 0x2, 0x9, 0x9b71, r1, 0x2) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20400, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(r2, 0x40084149, &(0x7f0000001080)=0x7) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x26040, 0x0) close_range$auto(0x2, 0x8, 0x0) 49.334618481s ago: executing program 2 (id=1349): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) mmap$auto(0x0, 0x4, 0xffd, 0x12, 0x3, 0x0) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) r2 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) select$auto(0x5, 0x0, 0x0, 0x0, 0x0) epoll_ctl$auto(r2, 0x40, r0, 0x0) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x1) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x400800, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioperm$auto(0x800, 0x5, 0xd) ptrace$auto(0x10, r3, 0x4, 0x7ff) ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r3, 0x4, 0x8) 47.595802418s ago: executing program 2 (id=1353): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) close_range$auto(0x2, 0xa, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x37, 0xffffffffffffffff, 0x0) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000140)={0x2, 0x0, [{0x491, 0x1, 0x9}, {0x6, 0x2, 0x8000}]}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) write$auto(0xc8, 0x0, 0x4040f6) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x20, r2, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE={0x4}, @HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) 45.019869137s ago: executing program 2 (id=1364): ioctl$auto_SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x88) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4040aea0, 0x0) 44.350350239s ago: executing program 2 (id=1365): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0) poll$auto(&(0x7f0000000080)={r0, 0x0, 0x5}, 0x5, 0x49) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/1:5/min_bytes\x00', 0x88282, 0x0) sendfile$auto(r1, r1, 0x0, 0x71) r2 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0) read$auto(r2, 0x0, 0x4) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/khugepaged/alloc_sleep_millisecs\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)='5', 0x1) tkill$auto(0x1, 0x7) msgrcv$auto(0xff, 0x0, 0x2400000000, 0x6, 0x6bc2cc7d) ioctl$auto_TIOCMBIC2(0xffffffffffffffff, 0x5417, &(0x7f0000000100)) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x2f5, 0x48eafc79) 43.541865269s ago: executing program 2 (id=1371): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0x1d, 0x2, 0x6) socket(0x2, 0x2, 0x1) socket(0x10, 0x2, 0x4) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/013/001\x00', 0xa101, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4, 0x1, 0x20000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) 43.0341566s ago: executing program 32 (id=1371): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0x1d, 0x2, 0x6) socket(0x2, 0x2, 0x1) socket(0x10, 0x2, 0x4) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/013/001\x00', 0xa101, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4, 0x1, 0x20000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) 11.582473321s ago: executing program 3 (id=1463): set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x1dcb, 0x18) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fsopen$auto(0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) mlockall$auto(0x7) getpeername$auto(r0, 0x0, &(0x7f00000001c0)=0x1000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) pselect6$auto(0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 9.404930135s ago: executing program 1 (id=1471): chmod$auto(0x0, 0x4) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001100)='/dev/ram14\x00', 0x359581, 0x0) ioctl$auto_BLKSECDISCARD(r0, 0x127d, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(0x3, 0x1, 0x90000800000402) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) futex_wake$auto(0x0, 0x0, 0x3, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xffd8) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x8101, 0x0, 0xd0, 0x5, 0x6, 0x0, 0x1, 0x3691, 0x0, {0x100000000, 0x10000}, 0x7ffffffffffffffe, 0x40000000000006, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x4bbd, 0xffffffffffff628e, 0xa747, 0xdeae, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_RNDADDENTROPY2(0xffffffffffffffff, 0x40085203, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 9.01662051s ago: executing program 4 (id=1472): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) getuid() openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(0xffffffffffffffff, 0x0, 0x40) shmctl$auto_IPC_RMID(0x3, 0x0, 0x0) newfstatat$auto(r0, 0x0, 0x0, 0x5) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x9, 0x7) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, r1, 0x7ffc) sendmsg$auto_IPVS_CMD_NEW_DEST(r1, 0x0, 0x10) madvise$auto(0x0, 0x2003f0, 0x18) mlock$auto(0x5, 0xffff) ioctl$auto(r1, 0x0, r0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) 8.920119827s ago: executing program 3 (id=1473): openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/mountinfo\x00', 0xe0000, 0x0) syz_clone(0x80000000, &(0x7f0000000000)="085a1056b6aa2f10d8ddee0633aea682a5ff", 0x12, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x2, 0xa) setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf8d5feacf8510"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c001) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) ioperm$auto(0x7, 0x71, 0x863) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r3, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r2) sendmsg$auto_MACSEC_CMD_UPD_TXSA(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fbdbdf250600000008000100", @ANYRES32=0x0, @ANYBLOB="2e453b2b86eb6609ac6b21859c95ef1c4960514a70c8613b16ee0a1d9d07d2fe7286fdd02c7145b82ccedbe325c98b019cf0fe4866fabde884a9e94061d34e65ee55d80c6cb3dc6493676626e1014705804fa60887b6f97ef95b7f74d7f7fb5cd2"], 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4) iopl$auto(0x3) ioperm$auto(0x5, 0x3432, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/msr/events/tsc\x00', 0x305501, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000140)=""/213, 0xd5) 8.696650467s ago: executing program 1 (id=1474): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto_snd_pcm_oss_f_reg_pcm_oss(r0, &(0x7f0000000240)="ca2aa92f10", 0x5) nanosleep$auto(0x0, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000000), 0x20100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mbind$auto(0xf000, 0x7e8, 0x1, 0x0, 0x7fff, 0x2) mbind$auto(0xffffffffffff7fff, 0x1, 0x800, 0x0, 0x5, 0x8) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/tty/ttyc2/power/runtime_active_time\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 8.267745881s ago: executing program 3 (id=1476): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) msgrcv$auto(0x0, 0x0, 0xff9, 0xfffffffffffffffc, 0xb4) msgsnd$auto(0x0, 0x0, 0x8, 0x9) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) 7.864621089s ago: executing program 4 (id=1477): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x20082, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x4, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto(0x3, r1, 0x8, 0x6) 7.400138102s ago: executing program 1 (id=1479): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x80000000, 0x0) socket(0xa, 0x5, 0x0) r3 = socket(0xa, 0x801, 0x84) connect$auto(0x3, 0x0, 0x55) listen$auto(0x3, 0x81) sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(r3, 0x0, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) accept$auto(0x3, 0x0, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000440), r0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x700000000000000, 0x0, 0x40000}, 0x24004080) 7.361209095s ago: executing program 4 (id=1480): mbind$auto(0xf000, 0x1, 0x1, 0x0, 0x7fff, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x142, 0x0) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20040045) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1e9742, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) setsockopt$auto(0xffffffffffffffff, 0x1, 0x8010, 0x0, 0xba) write$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x15, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0) pwrite64$auto(0xc8, 0x0, 0x6, 0x7a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0x1000, 0x6) mlockall$auto(0x800000000000005) pselect6$auto(0x8000, &(0x7f0000000080)={[0x800, 0xf, 0xb, 0xb9, 0x6, 0x7, 0x28, 0x80000001, 0x100, 0x8024, 0x3, 0xffffffffffff6ee4, 0x9, 0x47, 0x3, 0x40]}, &(0x7f0000000100)={[0xfffffffffffffffc, 0x8, 0x101, 0x4, 0x8, 0x0, 0x3f8b, 0xc, 0x2, 0x2, 0x5, 0x7b, 0x1, 0x800, 0x7fffffffffffffff, 0x6]}, &(0x7f0000000180)={[0x5d58, 0x7, 0xa5, 0x7f, 0xffffffffffffff60, 0x6, 0xfffffffffffffffa, 0x2001, 0x4, 0x7, 0x6, 0x8000, 0x200c, 0x101, 0x2, 0x9]}, 0x0, &(0x7f0000000240)) 6.152113763s ago: executing program 4 (id=1482): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae88, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.5/usb19/19-0:1.0/usb19-port2/location\x00', 0x509000, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, 0x0, 0x28400, 0x0) personality$auto(0xfffffffc) socket(0xa, 0x72cc81f57abc8c2d, 0x73) ppoll$auto(&(0x7f00000000c0)={0xffffffffffffffff, 0xc, 0xf7}, 0x5, &(0x7f0000000140)={0x80000000000, 0x9}, 0x0, 0x8) read$auto(r1, 0x0, 0xe8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000680), r2) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fddbcd25050000000c0001000400000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x400c084}, 0x10) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r5 = socket(0x1e, 0x1, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20c000, 0x0) r6 = io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r7 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x80382, 0x0) ioctl$auto(r7, 0xc0045627, r5) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x551182, 0x0) ioctl$auto_KVM_CREATE_VM(r8, 0xae01, 0x0) r9 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r0) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(r6, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="50000000dc4b281ec1f106774b37ffd36f3d803e520d5a78caf98f4ce5b210c73a1b333267f0f833e59b5086e93277241f1170ac2e39b568f1e5bdf13029422ad2c512b5c67958c16cb23610db2655e42b92534c05b3ce", @ANYRES16=r9, @ANYBLOB="00002bbd7000fcdbdf2520000000080001000100000000004e1ef76c93a8b19c2824001a00070000000500240008000000080005002dff00000c00060004000000000000000800"], 0x50}, 0x1, 0x0, 0x0, 0x4000841}, 0x44000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 6.144412635s ago: executing program 3 (id=1483): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder0\x00', 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) sendto$auto(r0, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, r3}, 0x36) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1d, 0x2, 0x7) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) shmctl$auto_IPC_INFO(0x9, 0x3, &(0x7f0000000240)={{0x1, 0xee01, 0xee01, 0x5, 0x80, 0x4df, 0x2}, 0x5, 0x401, 0xffffffffffffffff, 0xfffffffffffff45c, @inferred, @inferred, 0x7ff, 0x0, &(0x7f0000000000)="b91560bef0dc590231270e96f91ac2713e61842a966a63378b9cde230d0a669e7958c7f61e0df344618d549cc14245fb9bad200b2bd5fc06f66fbc239d30c40287ba0929fef66d78d65615520f3564f74690c74194", 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6}, 0x6a) sendto$auto(r4, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, r7}, 0x35) 5.791734663s ago: executing program 1 (id=1485): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) setsockopt$auto_SO_RCVMARK(r0, 0x3e76, 0x4b, &(0x7f0000000000)='+:-.K(\x00', 0x80) ioctl$auto_TCFLSH2(r0, 0x5453, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, r0, 0x2000000000000009) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000001080), 0x80400, 0x0) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r2, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fddbdf250b0000000a0002009e695f99bb0e0000"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, 0x0, 0xc004) setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000040)=""/4096, 0xfffffe82) 5.120837243s ago: executing program 4 (id=1486): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) process_mrelease$auto(r1, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x710d}, 0x8000000000000001) epoll_ctl$auto(0xffffffffffffffff, 0xb5, 0xffffffffffffffff, &(0x7f0000000100)={0x8, 0x2}) unshare$auto(0x40000080) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) close_range$auto(0x2, 0x8000, 0x0) open(&(0x7f0000002a00)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x303440, 0xc744bb10621eef98) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/wireless\x00', 0x400, 0x0) pread64$auto(r2, 0x0, 0x1ff, 0x8800000000) pread64$auto(0xffffffffffffffff, 0x0, 0x1000f42d, 0x100) r3 = timerfd_create$auto(0x8, 0x800) read$auto_ppp_device_fops_ppp_generic(r3, &(0x7f0000000100)=""/51, 0x33) getsockopt$auto_SO_INCOMING_NAPI_ID(r0, 0x3, 0x38, &(0x7f0000000000)='---)\x00', &(0x7f0000000040)=0x1caf) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f00000029c0)='/sys/kernel/debug/tracing/buffer_size_kb\x00', 0x0, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0) shmctl$auto_SHM_LOCK(0x2, 0xb, &(0x7f0000000140)={{0xffff, 0x0, 0x0, 0xe, 0x7, 0x8}, 0x45, 0xaa, 0x9, 0x0, @inferred, @raw, 0x3a, 0x0, &(0x7f0000000080), &(0x7f0000000200)="aa92e40e07213c066e0e08cd16ab0921d95a735341f248904d920867000d1c14753d8dac9a0254db4934aae0bfcbdcf5326ba3e97b190e603b531da2c4bd48fe7b2fcaffb3a5294e1d91411bfa2fb73615eea67292df8a297d29fcdd23948be628cefcae629266386ab2568aeb9b36d7b0c4b323d70e61b4a92e054f39d76fe86419b9b6f6c160bb"}) setpriority$auto(0x0, r5, 0x3) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000700)={{@raw=0x9, 0x4, 0x2, 0x5, "26cb83211ffd7f6567850e138dd717bfeb7ab5c55e35d9811b26db6e6f8c5d7d57cdda7ca056a2a31e5dfe27"}, 0x0, @integer=@value_ptr=0x0, "1cd4f43065c34bdcb5fa6160f24c5f3eb5328361438ff4cd82ad2e9771421debdad4d39a52fc70b9012aff448a8b4a75e7c5126dc116dd8f5751e93614151d5a4f55a63e9ba1ad1e6542796d2a1cd644b0d756001b66abab0c0fd3b4287befd247e5410bef4c186120b5bed4ab64ffeb4b7c5a69166021a8814332515a657e93"}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r6, 0x0, 0x9) 4.427395154s ago: executing program 4 (id=1487): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xca, 0x0, 0x1ff) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2) r1 = prctl$auto_PR_SCHED_CORE_GET(0x7fffffff, 0x0, 0xffffffffffffffff, 0x5a, 0x1) socket(0xa, 0x1, 0x100) preadv2$auto(0x3, &(0x7f0000000080)={0x0, 0x2}, 0x5, 0xffffffffffffffff, 0x7, 0x44) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'pimreg\x00'}) socket(0x1f, 0x800, 0xffffff01) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) 4.423137936s ago: executing program 1 (id=1488): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x80000000, 0x0) r3 = socket(0xa, 0x5, 0x0) r4 = socket(0xa, 0x801, 0x84) connect$auto(0x3, 0x0, 0x55) listen$auto(0x3, 0x81) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(r4, 0x0, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) accept$auto(0x3, 0x0, 0x0) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000440), r0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000cc00)={0x14, r5, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x700000000000000, 0x0, 0x40000}, 0x24004080) 4.354254329s ago: executing program 3 (id=1489): openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x40000, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x20800, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC0D0p\x00', 0xa00, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) ioctl$auto_BLKRRPART(r3, 0x125f, 0x0) open(0x0, 0x161342, 0x100) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) r4 = open(0x0, 0xeee00, 0x31) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xf, 0xa, 0x5) msgctl$auto(0x8000, 0x6, 0x0) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x2000c814}, 0x20040084) socket(0x21, 0x2, 0x2) pwrite64$auto(0xc8, 0x0, 0x4, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) creat$auto(&(0x7f0000000000)='./file0\x00', 0x0) r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) epoll_ctl$auto(r4, 0x4, r5, &(0x7f00000000c0)={0xf, 0x3a2}) 2.740793859s ago: executing program 0 (id=1490): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x6, 0x0) open(0x0, 0x22240, 0x155) io_uring_setup$auto(0x6, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x121080, 0x0) socket(0x2, 0x5, 0x0) openat$auto_stat_fops_(0xffffffffffffff9c, 0x0, 0x202802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc2dc0, 0x0) socket(0x11, 0x2, 0x14) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ppoll$auto(0x0, 0x7f, 0x0, 0x0, 0x8) 2.639796396s ago: executing program 0 (id=1491): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0xf, 0x3, 0x2) mmap$auto(0x0, 0x8, 0xba4, 0xeb1, 0x0, 0x7ffd) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) madvise$auto(0x2, 0xfffffffffffffff4, 0x7) r0 = socket(0xa, 0x1, 0x84) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv6/conf/caif0/accept_dad\x00', 0xc00, 0x0) sendfile$auto(r1, r2, 0x0, 0x800048) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000280)='/dev/etherd/discover\x00', 0x82, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0) openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/fail_page_alloc/space\x00', 0x3296c1, 0x0) write$auto_aoe_fops_aoechr(r3, &(0x7f0000000000)="760cc96d0ba177c3", 0x8) fsopen$auto(0x0, 0x1) 1.990079274s ago: executing program 0 (id=1492): socket(0xa, 0x3, 0x100) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x84) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r0, 0x4, @old_prog_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x10004, 0x7, 0x9, 0x7f, @prog_cnt=0x42c, 0x0, 0x80000001, 0xc, 0xb, 0x5}, 0x7) 1.233991904s ago: executing program 1 (id=1493): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/memory_hotplug/parameters/online_policy\x00', 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) read$auto(r0, 0x0, 0x800) r3 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = socket(0xa, 0x2, 0x0) sendto$auto(r4, 0x0, 0x402, 0xacf8, &(0x7f0000000040)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1b) syz_clone3(&(0x7f0000001280)={0x120020480, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x28880, 0x0) preadv2$auto(r5, &(0x7f0000000180)={&(0x7f0000000100)="99df8e7fbb", 0x4}, 0x4, 0x2, 0x0, 0x100) ioctl$auto_IMADDTIMER(r3, 0x80044940, 0x0) 1.172905906s ago: executing program 0 (id=1494): openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x40901, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) socket(0x2b, 0x1, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x4a801, 0x0) mmap$auto(0x2, 0x2020009, 0x3, 0xeb5, 0xfffffffffffffffb, 0x10) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x12000, 0x0) socket(0x3, 0x5, 0x5) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, 0x0, 0x810) syz_genetlink_get_family_id$auto_hsr(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/extended_iref\x00', 0x18b440, 0x0) read$auto(r1, 0x0, 0x9) r2 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r2, 0x0, 0x20000000001, 0x7fff) 331.724175ms ago: executing program 0 (id=1495): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x202, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) socket(0x1d, 0x2, 0x6) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/036/001\x00', 0x22101, 0x0) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0xf, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x80047456, 0x0) 257.337316ms ago: executing program 3 (id=1496): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x5, 0x0, 0x31638121, 0xeb1, r1, 0x60) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x710d}, 0x8000000000000001) epoll_ctl$auto(0xffffffffffffffff, 0xb5, 0xffffffffffffffff, &(0x7f0000000100)={0x8, 0x2}) unshare$auto(0x40000080) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) close_range$auto(0x2, 0x8000, 0x0) open(&(0x7f0000002a00)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x303440, 0xc744bb10621eef98) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/wireless\x00', 0x400, 0x0) pread64$auto(r2, 0x0, 0x1ff, 0x8800000000) pread64$auto(0xffffffffffffffff, 0x0, 0x1000f42d, 0x100) r3 = timerfd_create$auto(0x8, 0x800) read$auto_ppp_device_fops_ppp_generic(r3, &(0x7f0000000100)=""/51, 0x33) getsockopt$auto_SO_INCOMING_NAPI_ID(r0, 0x3, 0x38, &(0x7f0000000000)='---)\x00', &(0x7f0000000040)=0x1caf) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f00000029c0)='/sys/kernel/debug/tracing/buffer_size_kb\x00', 0x0, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0) shmctl$auto_SHM_LOCK(0x2, 0xb, &(0x7f0000000140)={{0xffff, 0x0, 0x0, 0xe, 0x7, 0x8}, 0x45, 0xaa, 0x9, 0x0, @inferred, @raw, 0x3a, 0x0, &(0x7f0000000080), &(0x7f0000000200)="aa92e40e07213c066e0e08cd16ab0921d95a735341f248904d920867000d1c14753d8dac9a0254db4934aae0bfcbdcf5326ba3e97b190e603b531da2c4bd48fe7b2fcaffb3a5294e1d91411bfa2fb73615eea67292df8a297d29fcdd23948be628cefcae629266386ab2568aeb9b36d7b0c4b323d70e61b4a92e054f39d76fe86419b9b6f6c160bb"}) setpriority$auto(0x0, r5, 0x3) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000700)={{@raw=0x9, 0x4, 0x2, 0x5, "26cb83211ffd7f6567850e138dd717bfeb7ab5c55e35d9811b26db6e6f8c5d7d57cdda7ca056a2a31e5dfe27"}, 0x0, @integer=@value_ptr=0x0, "1cd4f43065c34bdcb5fa6160f24c5f3eb5328361438ff4cd82ad2e9771421debdad4d39a52fc70b9012aff448a8b4a75e7c5126dc116dd8f5751e93614151d5a4f55a63e9ba1ad1e6542796d2a1cd644b0d756001b66abab0c0fd3b4287befd247e5410bef4c186120b5bed4ab64ffeb4b7c5a69166021a8814332515a657e93"}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r6, 0x0, 0x9) 0s ago: executing program 0 (id=1497): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80802, 0x0) socket(0x10, 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80100, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x20000, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) kernel console output (not intermixed with test programs): 070988][T11067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.071016][T11067] RIP: 0033:0x7f331f78e169 [ 589.071033][T11067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.071053][T11067] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 589.071090][T11067] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 589.071105][T11067] RDX: 0000000000143642 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 589.071119][T11067] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 589.071132][T11067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.071145][T11067] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 589.071172][T11067] [ 589.821384][T11079] FAULT_INJECTION: forcing a failure. [ 589.821384][T11079] name failslab, interval 1, probability 0, space 0, times 0 [ 589.866826][T11083] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1070'. [ 589.923528][T11079] CPU: 1 UID: 0 PID: 11079 Comm: syz.2.1069 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 589.923567][T11079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 589.923582][T11079] Call Trace: [ 589.923590][T11079] [ 589.923599][T11079] dump_stack_lvl+0x16c/0x1f0 [ 589.923639][T11079] should_fail_ex+0x512/0x640 [ 589.923667][T11079] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 589.923698][T11079] should_failslab+0xc2/0x120 [ 589.923730][T11079] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 589.923758][T11079] ? __kernfs_new_node+0xd2/0x8a0 [ 589.923786][T11079] __kernfs_new_node+0xd2/0x8a0 [ 589.923812][T11079] ? __pfx___kernfs_new_node+0x10/0x10 [ 589.923843][T11079] ? find_held_lock+0x2b/0x80 [ 589.923868][T11079] ? kernfs_root+0xee/0x2a0 [ 589.923897][T11079] kernfs_new_node+0x13c/0x1e0 [ 589.923930][T11079] __kernfs_create_file+0x53/0x350 [ 589.923966][T11079] sysfs_add_file_mode_ns+0x207/0x3c0 [ 589.924020][T11079] internal_create_group+0x578/0xf30 [ 589.924053][T11079] ? __pfx_internal_create_group+0x10/0x10 [ 589.924080][T11079] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 589.924102][T11079] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 589.924124][T11079] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 589.924150][T11079] internal_create_groups+0x9d/0x150 [ 589.924177][T11079] kobject_add_internal+0x311/0x9b0 [ 589.924220][T11079] kobject_add+0x16e/0x240 [ 589.924240][T11079] ? __pfx_kobject_add+0x10/0x10 [ 589.924276][T11079] ? __pfx_kobject_add+0x10/0x10 [ 589.924307][T11079] blk_register_queue+0x98/0x560 [ 589.924343][T11079] add_disk_fwnode+0x911/0x13a0 [ 589.924375][T11079] zram_add+0x494/0x6c0 [ 589.924400][T11079] ? __pfx_zram_add+0x10/0x10 [ 589.924442][T11079] ? find_held_lock+0x2b/0x80 [ 589.924469][T11079] ? __pfx_hot_add_show+0x10/0x10 [ 589.924492][T11079] ? __pfx_class_attr_show+0x10/0x10 [ 589.924514][T11079] hot_add_show+0x21/0x80 [ 589.924538][T11079] class_attr_show+0x6f/0xa0 [ 589.924561][T11079] sysfs_kf_seq_show+0x213/0x3e0 [ 589.924599][T11079] seq_read_iter+0x506/0x12c0 [ 589.924645][T11079] kernfs_fop_read_iter+0x40f/0x5a0 [ 589.924673][T11079] ? rw_verify_area+0xcf/0x680 [ 589.924710][T11079] vfs_read+0x8c8/0xc70 [ 589.924736][T11079] ? __pfx___mutex_lock+0x10/0x10 [ 589.924767][T11079] ? __pfx_vfs_read+0x10/0x10 [ 589.924808][T11079] ksys_read+0x12a/0x240 [ 589.924829][T11079] ? __pfx_ksys_read+0x10/0x10 [ 589.924850][T11079] ? rcu_is_watching+0x12/0xc0 [ 589.924880][T11079] do_syscall_64+0xcd/0x230 [ 589.924914][T11079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.924936][T11079] RIP: 0033:0x7f6c4c38e169 [ 589.924953][T11079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.924981][T11079] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 589.925002][T11079] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 589.925016][T11079] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 589.925030][T11079] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 589.925043][T11079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.925057][T11079] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 589.925085][T11079] [ 592.803339][T11079] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 593.223931][T11103] FAULT_INJECTION: forcing a failure. [ 593.223931][T11103] name failslab, interval 1, probability 0, space 0, times 0 [ 593.266117][T11103] CPU: 1 UID: 0 PID: 11103 Comm: syz.3.1077 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 593.266154][T11103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 593.266170][T11103] Call Trace: [ 593.266178][T11103] [ 593.266188][T11103] dump_stack_lvl+0x16c/0x1f0 [ 593.266228][T11103] should_fail_ex+0x512/0x640 [ 593.266257][T11103] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 593.266294][T11103] should_failslab+0xc2/0x120 [ 593.266327][T11103] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 593.266357][T11103] ? __kernfs_new_node+0xd2/0x8a0 [ 593.266385][T11103] __kernfs_new_node+0xd2/0x8a0 [ 593.266413][T11103] ? __pfx___kernfs_new_node+0x10/0x10 [ 593.266445][T11103] ? find_held_lock+0x2b/0x80 [ 593.266472][T11103] ? kernfs_root+0xee/0x2a0 [ 593.266502][T11103] kernfs_new_node+0x13c/0x1e0 [ 593.266531][T11103] ? kasan_save_stack+0x42/0x60 [ 593.266562][T11103] kernfs_create_dir_ns+0x4c/0x1a0 [ 593.266594][T11103] sysfs_create_dir_ns+0x13a/0x2b0 [ 593.266618][T11103] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 593.266646][T11103] ? kfree+0x252/0x4d0 [ 593.266672][T11103] kobject_add_internal+0x2c4/0x9b0 [ 593.266716][T11103] kobject_add+0x16e/0x240 [ 593.266737][T11103] ? __pfx_kobject_add+0x10/0x10 [ 593.266776][T11103] kobject_create_and_add+0x7e/0xf0 [ 593.266807][T11103] add_disk_fwnode+0x83b/0x13a0 [ 593.266844][T11103] zram_add+0x494/0x6c0 [ 593.266872][T11103] ? __pfx_zram_add+0x10/0x10 [ 593.266919][T11103] ? find_held_lock+0x2b/0x80 [ 593.266949][T11103] ? __pfx_hot_add_show+0x10/0x10 [ 593.266974][T11103] ? __pfx_class_attr_show+0x10/0x10 [ 593.266999][T11103] hot_add_show+0x21/0x80 [ 593.267026][T11103] class_attr_show+0x6f/0xa0 [ 593.267052][T11103] sysfs_kf_seq_show+0x213/0x3e0 [ 593.267095][T11103] seq_read_iter+0x506/0x12c0 [ 593.267159][T11103] kernfs_fop_read_iter+0x40f/0x5a0 [ 593.267189][T11103] ? rw_verify_area+0xcf/0x680 [ 593.267229][T11103] vfs_read+0x8c8/0xc70 [ 593.267256][T11103] ? __pfx___mutex_lock+0x10/0x10 [ 593.267290][T11103] ? __pfx_vfs_read+0x10/0x10 [ 593.267333][T11103] ksys_read+0x12a/0x240 [ 593.267355][T11103] ? __pfx_ksys_read+0x10/0x10 [ 593.267377][T11103] ? rcu_is_watching+0x12/0xc0 [ 593.267409][T11103] do_syscall_64+0xcd/0x230 [ 593.267444][T11103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.267468][T11103] RIP: 0033:0x7fe4d918e169 [ 593.267487][T11103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.267509][T11103] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 593.267531][T11103] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 593.267547][T11103] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 593.267562][T11103] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 593.267576][T11103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.267590][T11103] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 593.267621][T11103] [ 593.574466][T11103] kobject: kobject_add_internal failed for holders (error: -12 parent: zram2) [ 593.583369][T11103] kobject: kobject_create_and_add: kobject_add error: -12 [ 594.645977][T11149] FAULT_INJECTION: forcing a failure. [ 594.645977][T11149] name failslab, interval 1, probability 0, space 0, times 0 [ 594.731442][T11149] CPU: 1 UID: 0 PID: 11149 Comm: syz.0.1081 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 594.731477][T11149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 594.731493][T11149] Call Trace: [ 594.731501][T11149] [ 594.731511][T11149] dump_stack_lvl+0x16c/0x1f0 [ 594.731550][T11149] should_fail_ex+0x512/0x640 [ 594.731578][T11149] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbd0 [ 594.731620][T11149] should_failslab+0xc2/0x120 [ 594.731653][T11149] kmem_cache_alloc_bulk_noprof+0x85/0xbd0 [ 594.731687][T11149] ? trace_kmem_cache_alloc+0x28/0xc0 [ 594.731721][T11149] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 594.731750][T11149] ? mas_alloc_nodes+0x18b/0x8b0 [ 594.731784][T11149] ? mas_alloc_nodes+0x2f1/0x8b0 [ 594.731812][T11149] mas_alloc_nodes+0x2f1/0x8b0 [ 594.731848][T11149] mas_node_count_gfp+0x105/0x130 [ 594.731881][T11149] mas_preallocate+0x53e/0xcd0 [ 594.731909][T11149] ? __pfx_mas_preallocate+0x10/0x10 [ 594.731939][T11149] ? vm_area_alloc+0x1f/0x160 [ 594.731970][T11149] ? lockdep_init_map_type+0x5c/0x280 [ 594.732007][T11149] __mmap_region+0x139b/0x27c0 [ 594.732040][T11149] ? __pfx___mmap_region+0x10/0x10 [ 594.732069][T11149] ? trace_sched_exit_tp+0xde/0x130 [ 594.732119][T11149] ? __pfx___schedule+0x10/0x10 [ 594.732184][T11149] ? mm_get_unmapped_area+0x95/0xe0 [ 594.732228][T11149] mmap_region+0x1ab/0x3f0 [ 594.732263][T11149] do_mmap+0xd8e/0x11b0 [ 594.732305][T11149] ? __pfx_do_mmap+0x10/0x10 [ 594.732343][T11149] ? __pfx_down_write_killable+0x10/0x10 [ 594.732381][T11149] ? semctl_info.constprop.0+0xc9/0x450 [ 594.732412][T11149] vm_mmap_pgoff+0x281/0x450 [ 594.732454][T11149] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 594.732498][T11149] ? __x64_sys_futex+0x1e0/0x4c0 [ 594.732524][T11149] ? __x64_sys_futex+0x1e9/0x4c0 [ 594.732556][T11149] ksys_mmap_pgoff+0x7d/0x5c0 [ 594.732592][T11149] ? rcu_is_watching+0x12/0xc0 [ 594.732624][T11149] __x64_sys_mmap+0x125/0x190 [ 594.732654][T11149] do_syscall_64+0xcd/0x230 [ 594.732692][T11149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.732716][T11149] RIP: 0033:0x7fe1cd18e169 [ 594.732735][T11149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 594.732759][T11149] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 594.732781][T11149] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 594.732797][T11149] RDX: 0000000000000000 RSI: 0000000002020009 RDI: 00007ffffdfde000 [ 594.732812][T11149] RBP: 00007fe1cd210a68 R08: ffffffffffffffff R09: 0000000000008000 [ 594.732828][T11149] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 594.732843][T11149] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 594.732873][T11149] [ 595.514269][T11161] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.1096' sets config #0 [ 595.694345][T11163] FAULT_INJECTION: forcing a failure. [ 595.694345][T11163] name failslab, interval 1, probability 0, space 0, times 0 [ 595.722267][T11163] CPU: 1 UID: 0 PID: 11163 Comm: syz.3.1098 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 595.722302][T11163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 595.722316][T11163] Call Trace: [ 595.722324][T11163] [ 595.722333][T11163] dump_stack_lvl+0x16c/0x1f0 [ 595.722381][T11163] should_fail_ex+0x512/0x640 [ 595.722407][T11163] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 595.722434][T11163] should_failslab+0xc2/0x120 [ 595.722464][T11163] __kmalloc_cache_noprof+0x6a/0x3e0 [ 595.722486][T11163] ? mark_held_locks+0x49/0x80 [ 595.722515][T11163] ? kobject_create_and_add+0x4a/0xf0 [ 595.722535][T11163] ? lockdep_hardirqs_on+0x7c/0x110 [ 595.722567][T11163] kobject_create_and_add+0x4a/0xf0 [ 595.722598][T11163] add_disk_fwnode+0x83b/0x13a0 [ 595.722631][T11163] zram_add+0x494/0x6c0 [ 595.722656][T11163] ? __pfx_zram_add+0x10/0x10 [ 595.722698][T11163] ? find_held_lock+0x2b/0x80 [ 595.722725][T11163] ? __pfx_hot_add_show+0x10/0x10 [ 595.722747][T11163] ? __pfx_class_attr_show+0x10/0x10 [ 595.722788][T11163] hot_add_show+0x21/0x80 [ 595.722814][T11163] class_attr_show+0x6f/0xa0 [ 595.722839][T11163] sysfs_kf_seq_show+0x213/0x3e0 [ 595.722881][T11163] seq_read_iter+0x506/0x12c0 [ 595.722930][T11163] kernfs_fop_read_iter+0x40f/0x5a0 [ 595.722961][T11163] ? rw_verify_area+0xcf/0x680 [ 595.723000][T11163] vfs_read+0x8c8/0xc70 [ 595.723027][T11163] ? __pfx___mutex_lock+0x10/0x10 [ 595.723061][T11163] ? __pfx_vfs_read+0x10/0x10 [ 595.723104][T11163] ksys_read+0x12a/0x240 [ 595.723127][T11163] ? __pfx_ksys_read+0x10/0x10 [ 595.723149][T11163] ? rcu_is_watching+0x12/0xc0 [ 595.723180][T11163] do_syscall_64+0xcd/0x230 [ 595.723217][T11163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.723240][T11163] RIP: 0033:0x7fe4d918e169 [ 595.723257][T11163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.723280][T11163] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 595.723306][T11163] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 595.723322][T11163] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 595.723337][T11163] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 595.723351][T11163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.723365][T11163] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 595.723396][T11163] [ 596.298075][ T30] audit: type=1800 audit(6040185626.934:7): pid=11169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1100" name="dbroot" dev="configfs" ino=30164 res=0 errno=0 [ 598.302554][T11201] FAULT_INJECTION: forcing a failure. [ 598.302554][T11201] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 598.361576][T11201] CPU: 1 UID: 0 PID: 11201 Comm: syz.0.1106 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 598.361612][T11201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 598.361627][T11201] Call Trace: [ 598.361635][T11201] [ 598.361644][T11201] dump_stack_lvl+0x16c/0x1f0 [ 598.361682][T11201] should_fail_ex+0x512/0x640 [ 598.361725][T11201] _copy_to_user+0x32/0xd0 [ 598.361762][T11201] poll_select_finish+0x33a/0x6b0 [ 598.361816][T11201] ? __pfx_poll_select_finish+0x10/0x10 [ 598.361863][T11201] ? read_tsc+0x9/0x20 [ 598.361897][T11201] ? ktime_get_ts64+0x256/0x400 [ 598.361933][T11201] kern_select+0x16e/0x1e0 [ 598.361954][T11201] ? __pfx_kern_select+0x10/0x10 [ 598.361977][T11201] ? xfd_validate_state+0x5d/0x180 [ 598.362002][T11201] ? rcu_is_watching+0x12/0xc0 [ 598.362029][T11201] __x64_sys_select+0xbd/0x160 [ 598.362050][T11201] ? do_syscall_64+0x91/0x230 [ 598.362083][T11201] ? lockdep_hardirqs_on+0x7c/0x110 [ 598.362123][T11201] do_syscall_64+0xcd/0x230 [ 598.362170][T11201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.362211][T11201] RIP: 0033:0x7fe1cd18e169 [ 598.362227][T11201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 598.362253][T11201] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 598.362273][T11201] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 598.362288][T11201] RDX: 0000200000000500 RSI: 0000200000000480 RDI: 0000000000000009 [ 598.362302][T11201] RBP: 00007fe1cd210a68 R08: 0000200000000600 R09: 0000000000000000 [ 598.362315][T11201] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000000 [ 598.362330][T11201] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 598.362357][T11201] [ 599.559099][T11223] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1114'. [ 602.094428][T11243] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1118'. [ 603.456085][T11263] FAULT_INJECTION: forcing a failure. [ 603.456085][T11263] name failslab, interval 1, probability 0, space 0, times 0 [ 603.515367][T11263] CPU: 1 UID: 0 PID: 11263 Comm: syz.0.1122 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 603.515417][T11263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 603.515444][T11263] Call Trace: [ 603.515452][T11263] [ 603.515462][T11263] dump_stack_lvl+0x16c/0x1f0 [ 603.515507][T11263] should_fail_ex+0x512/0x640 [ 603.515542][T11263] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 603.515574][T11263] should_failslab+0xc2/0x120 [ 603.515609][T11263] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 603.515636][T11263] ? d_instantiate+0x77/0x90 [ 603.515663][T11263] ? alloc_empty_file_noaccount+0x23/0xd0 [ 603.515700][T11263] alloc_empty_file_noaccount+0x23/0xd0 [ 603.515733][T11263] alloc_file_pseudo_noaccount+0x13a/0x230 [ 603.515768][T11263] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 603.515800][T11263] ? iput+0xd3/0x880 [ 603.515833][T11263] bdev_file_open_by_dev+0x13e/0x210 [ 603.515863][T11263] blkdev_bszset+0x170/0x240 [ 603.515899][T11263] ? __pfx_blkdev_bszset+0x10/0x10 [ 603.515935][T11263] ? find_held_lock+0x2b/0x80 [ 603.515959][T11263] ? hook_file_ioctl_common+0x145/0x410 [ 603.515988][T11263] blkdev_ioctl+0x44e/0x6d0 [ 603.516009][T11263] ? __pfx_blkdev_ioctl+0x10/0x10 [ 603.516033][T11263] ? __pfx_blkdev_ioctl+0x10/0x10 [ 603.516055][T11263] __x64_sys_ioctl+0x190/0x200 [ 603.516091][T11263] do_syscall_64+0xcd/0x230 [ 603.516127][T11263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.516156][T11263] RIP: 0033:0x7fe1cd18e169 [ 603.516174][T11263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.516198][T11263] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 603.516220][T11263] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 603.516235][T11263] RDX: 0000200000000600 RSI: 0000000040081271 RDI: 0000000000000005 [ 603.516250][T11263] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 603.516264][T11263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 603.516278][T11263] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 603.516307][T11263] [ 604.052880][ T5853] Bluetooth: hci1: unexpected event 0x06 length: 440 > 3 [ 604.097690][T11272] FAULT_INJECTION: forcing a failure. [ 604.097690][T11272] name failslab, interval 1, probability 0, space 0, times 0 [ 604.120379][T11272] CPU: 1 UID: 0 PID: 11272 Comm: syz.3.1128 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 604.120413][T11272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 604.120428][T11272] Call Trace: [ 604.120437][T11272] [ 604.120446][T11272] dump_stack_lvl+0x16c/0x1f0 [ 604.120486][T11272] should_fail_ex+0x512/0x640 [ 604.120514][T11272] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 604.120552][T11272] should_failslab+0xc2/0x120 [ 604.120584][T11272] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 604.120617][T11272] ? __pfx___mutex_trylock_common+0x10/0x10 [ 604.120652][T11272] ? kstrdup_const+0x63/0x80 [ 604.120689][T11272] kstrdup+0x53/0x100 [ 604.120735][T11272] kstrdup_const+0x63/0x80 [ 604.120766][T11272] __kernfs_new_node+0x9b/0x8a0 [ 604.120793][T11272] ? __pfx___kernfs_new_node+0x10/0x10 [ 604.120824][T11272] ? find_held_lock+0x2b/0x80 [ 604.120849][T11272] ? kernfs_root+0xee/0x2a0 [ 604.120878][T11272] kernfs_new_node+0x13c/0x1e0 [ 604.120910][T11272] kernfs_create_link+0xcc/0x240 [ 604.120945][T11272] sysfs_do_create_link_sd+0x90/0x140 [ 604.120970][T11272] sysfs_create_link+0x61/0xc0 [ 604.120992][T11272] add_disk_fwnode+0x6bd/0x13a0 [ 604.121034][T11272] zram_add+0x494/0x6c0 [ 604.121061][T11272] ? __pfx_zram_add+0x10/0x10 [ 604.121106][T11272] ? find_held_lock+0x2b/0x80 [ 604.121135][T11272] ? __pfx_hot_add_show+0x10/0x10 [ 604.121160][T11272] ? __pfx_class_attr_show+0x10/0x10 [ 604.121184][T11272] hot_add_show+0x21/0x80 [ 604.121209][T11272] class_attr_show+0x6f/0xa0 [ 604.121235][T11272] sysfs_kf_seq_show+0x213/0x3e0 [ 604.121275][T11272] seq_read_iter+0x506/0x12c0 [ 604.121324][T11272] kernfs_fop_read_iter+0x40f/0x5a0 [ 604.121354][T11272] ? rw_verify_area+0xcf/0x680 [ 604.121393][T11272] vfs_read+0x8c8/0xc70 [ 604.121420][T11272] ? __pfx___mutex_lock+0x10/0x10 [ 604.121454][T11272] ? __pfx_vfs_read+0x10/0x10 [ 604.121497][T11272] ksys_read+0x12a/0x240 [ 604.121520][T11272] ? __pfx_ksys_read+0x10/0x10 [ 604.121542][T11272] ? rcu_is_watching+0x12/0xc0 [ 604.121574][T11272] do_syscall_64+0xcd/0x230 [ 604.121610][T11272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.121634][T11272] RIP: 0033:0x7fe4d918e169 [ 604.121652][T11272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.121676][T11272] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 604.121697][T11272] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 604.121725][T11272] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 604.121739][T11272] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 604.121752][T11272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.121765][T11272] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 604.121794][T11272] [ 606.061325][T11312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1140'. [ 606.102196][T11312] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1140'. [ 606.419033][T11318] FAULT_INJECTION: forcing a failure. [ 606.419033][T11318] name failslab, interval 1, probability 0, space 0, times 0 [ 606.462105][T11318] CPU: 1 UID: 0 PID: 11318 Comm: syz.0.1143 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 606.462140][T11318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 606.462155][T11318] Call Trace: [ 606.462163][T11318] [ 606.462172][T11318] dump_stack_lvl+0x16c/0x1f0 [ 606.462209][T11318] should_fail_ex+0x512/0x640 [ 606.462237][T11318] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 606.462270][T11318] should_failslab+0xc2/0x120 [ 606.462300][T11318] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 606.462328][T11318] ? find_held_lock+0x2b/0x80 [ 606.462353][T11318] ? alloc_inode+0xc3/0x240 [ 606.462386][T11318] alloc_inode+0xc3/0x240 [ 606.462417][T11318] alloc_anon_inode+0x28/0x3e0 [ 606.462438][T11318] ? alloc_fd+0x471/0x7d0 [ 606.462459][T11318] __anon_inode_getfile+0x1ea/0x370 [ 606.462487][T11318] new_userfaultfd+0x25e/0x3d0 [ 606.462517][T11318] __x64_sys_userfaultfd+0x4b/0xb0 [ 606.462550][T11318] do_syscall_64+0xcd/0x230 [ 606.462586][T11318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 606.462609][T11318] RIP: 0033:0x7fe1cd18e169 [ 606.462626][T11318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 606.462649][T11318] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 606.462671][T11318] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 606.462686][T11318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 606.462700][T11318] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 606.462714][T11318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 606.462728][T11318] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 606.462756][T11318] [ 606.898517][T11327] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1144'. [ 607.842443][T11341] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1149'. [ 607.888524][T11341] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1149'. [ 608.002832][T11343] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1150'. [ 611.102087][T11387] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1165'. [ 612.110959][T11395] FAULT_INJECTION: forcing a failure. [ 612.110959][T11395] name failslab, interval 1, probability 0, space 0, times 0 [ 612.178487][T11395] CPU: 1 UID: 0 PID: 11395 Comm: syz.2.1168 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 612.178528][T11395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 612.178543][T11395] Call Trace: [ 612.178551][T11395] [ 612.178560][T11395] dump_stack_lvl+0x16c/0x1f0 [ 612.178598][T11395] should_fail_ex+0x512/0x640 [ 612.178626][T11395] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 612.178668][T11395] should_failslab+0xc2/0x120 [ 612.178698][T11395] __kmalloc_cache_noprof+0x6a/0x3e0 [ 612.178732][T11395] ? fib_notifier_ops_register+0x123/0x270 [ 612.178760][T11395] ? fib_net_init+0x1a4/0x3f0 [ 612.178797][T11395] fib_net_init+0x1a4/0x3f0 [ 612.178824][T11395] ? __pfx___register_sysctl_table+0x10/0x10 [ 612.178850][T11395] ? __pfx_fib_net_init+0x10/0x10 [ 612.178877][T11395] ? lockdep_init_map_type+0x5c/0x280 [ 612.178907][T11395] ? do_init_timer+0xc9/0x110 [ 612.178932][T11395] ? devinet_init_net+0x5c2/0x910 [ 612.178964][T11395] ? __pfx_fib_net_init+0x10/0x10 [ 612.178990][T11395] ops_init+0x1df/0x5f0 [ 612.179021][T11395] setup_net+0x21e/0x850 [ 612.179052][T11395] ? __pfx_setup_net+0x10/0x10 [ 612.179079][T11395] ? lockdep_init_map_type+0x5c/0x280 [ 612.179107][T11395] ? __pfx_down_read_killable+0x10/0x10 [ 612.179129][T11395] ? debug_mutex_init+0x37/0x70 [ 612.179152][T11395] copy_net_ns+0x2a6/0x5f0 [ 612.179186][T11395] create_new_namespaces+0x3ea/0xad0 [ 612.179217][T11395] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 612.179244][T11395] ksys_unshare+0x45b/0xa40 [ 612.179274][T11395] ? __pfx_ksys_unshare+0x10/0x10 [ 612.179302][T11395] ? xfd_validate_state+0x5d/0x180 [ 612.179324][T11395] ? rcu_is_watching+0x12/0xc0 [ 612.179350][T11395] __x64_sys_unshare+0x31/0x40 [ 612.179379][T11395] do_syscall_64+0xcd/0x230 [ 612.179409][T11395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.179429][T11395] RIP: 0033:0x7f6c4c38e169 [ 612.179445][T11395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 612.179465][T11395] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 612.179485][T11395] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 612.179499][T11395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 612.179516][T11395] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 612.179528][T11395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.179544][T11395] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 612.179569][T11395] [ 612.873727][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1172'. [ 613.084853][T11406] FAULT_INJECTION: forcing a failure. [ 613.084853][T11406] name failslab, interval 1, probability 0, space 0, times 0 [ 613.140207][T11406] CPU: 1 UID: 0 PID: 11406 Comm: syz.0.1173 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 613.140243][T11406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 613.140259][T11406] Call Trace: [ 613.140268][T11406] [ 613.140277][T11406] dump_stack_lvl+0x16c/0x1f0 [ 613.140316][T11406] should_fail_ex+0x512/0x640 [ 613.140349][T11406] ? sock_kmalloc+0x111/0x170 [ 613.140385][T11406] should_failslab+0xc2/0x120 [ 613.140417][T11406] __kmalloc_noprof+0xd2/0x510 [ 613.140450][T11406] ? __might_fault+0xe3/0x190 [ 613.140479][T11406] ? __might_fault+0xe3/0x190 [ 613.140513][T11406] sock_kmalloc+0x111/0x170 [ 613.140553][T11406] ipv6_renew_options+0x328/0xb50 [ 613.140593][T11406] ? copy_from_sockptr_offset.constprop.0+0xe4/0x1a0 [ 613.140630][T11406] ? __pfx_ipv6_renew_options+0x10/0x10 [ 613.140666][T11406] ? trace_kmalloc+0x2b/0xd0 [ 613.140707][T11406] do_ipv6_setsockopt+0x19fb/0x4320 [ 613.140749][T11406] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 613.140795][T11406] ? futex_wait_queue+0x24/0x220 [ 613.140831][T11406] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 613.140858][T11406] ? futex_unqueue+0xba/0x140 [ 613.140883][T11406] ? __futex_wait+0x323/0x3c0 [ 613.140917][T11406] ? __pfx___futex_wait+0x10/0x10 [ 613.140964][T11406] ? __pfx___might_resched+0x10/0x10 [ 613.140997][T11406] ? aa_sk_perm+0x2f4/0xb10 [ 613.141028][T11406] ? ipv6_setsockopt+0xcb/0x170 [ 613.141059][T11406] ipv6_setsockopt+0xcb/0x170 [ 613.141094][T11406] udpv6_setsockopt+0x7d/0xd0 [ 613.141118][T11406] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 613.141155][T11406] do_sock_setsockopt+0x221/0x470 [ 613.141191][T11406] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 613.141254][T11406] __sys_setsockopt+0x120/0x1a0 [ 613.141289][T11406] __x64_sys_setsockopt+0xbd/0x160 [ 613.141315][T11406] ? do_syscall_64+0x91/0x230 [ 613.141346][T11406] ? lockdep_hardirqs_on+0x7c/0x110 [ 613.141375][T11406] do_syscall_64+0xcd/0x230 [ 613.141408][T11406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.141435][T11406] RIP: 0033:0x7fe1cd18e169 [ 613.141452][T11406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 613.141474][T11406] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 613.141495][T11406] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 613.141510][T11406] RDX: 0000000000000037 RSI: 0000000000000029 RDI: 0000000000000006 [ 613.141523][T11406] RBP: 00007fe1cd210a68 R08: 0000000000000110 R09: 0000000000000000 [ 613.141537][T11406] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000 [ 613.141550][T11406] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 613.141577][T11406] [ 613.914223][T11412] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1175'. [ 614.624736][T11422] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1179'. [ 615.625247][T11428] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input13 [ 615.918076][T11435] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1183'. [ 617.175510][T11460] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1192'. [ 617.229427][T11459] FAULT_INJECTION: forcing a failure. [ 617.229427][T11459] name failslab, interval 1, probability 0, space 0, times 0 [ 617.523784][T11459] CPU: 1 UID: 0 PID: 11459 Comm: syz.2.1191 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 617.523818][T11459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 617.523833][T11459] Call Trace: [ 617.523840][T11459] [ 617.523848][T11459] dump_stack_lvl+0x16c/0x1f0 [ 617.523883][T11459] should_fail_ex+0x512/0x640 [ 617.523909][T11459] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 617.523936][T11459] should_failslab+0xc2/0x120 [ 617.523965][T11459] __kmalloc_cache_noprof+0x6a/0x3e0 [ 617.523989][T11459] ? kobject_create_and_add+0x4a/0xf0 [ 617.524015][T11459] kobject_create_and_add+0x4a/0xf0 [ 617.524037][T11459] add_disk_fwnode+0x8d0/0x13a0 [ 617.524070][T11459] zram_add+0x494/0x6c0 [ 617.524095][T11459] ? __pfx_zram_add+0x10/0x10 [ 617.524137][T11459] ? find_held_lock+0x2b/0x80 [ 617.524165][T11459] ? __pfx_hot_add_show+0x10/0x10 [ 617.524195][T11459] ? __pfx_class_attr_show+0x10/0x10 [ 617.524217][T11459] hot_add_show+0x21/0x80 [ 617.524242][T11459] class_attr_show+0x6f/0xa0 [ 617.524265][T11459] sysfs_kf_seq_show+0x213/0x3e0 [ 617.524306][T11459] seq_read_iter+0x506/0x12c0 [ 617.524352][T11459] kernfs_fop_read_iter+0x40f/0x5a0 [ 617.524381][T11459] ? rw_verify_area+0xcf/0x680 [ 617.524418][T11459] vfs_read+0x8c8/0xc70 [ 617.524444][T11459] ? __pfx___mutex_lock+0x10/0x10 [ 617.524476][T11459] ? __pfx_vfs_read+0x10/0x10 [ 617.524517][T11459] ksys_read+0x12a/0x240 [ 617.524539][T11459] ? __pfx_ksys_read+0x10/0x10 [ 617.524559][T11459] ? rcu_is_watching+0x12/0xc0 [ 617.524590][T11459] do_syscall_64+0xcd/0x230 [ 617.524623][T11459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.524646][T11459] RIP: 0033:0x7f6c4c38e169 [ 617.524663][T11459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 617.524686][T11459] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 617.524706][T11459] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 617.524721][T11459] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 617.524735][T11459] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 617.524748][T11459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 617.524761][T11459] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 617.524789][T11459] [ 621.583783][T11482] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1197'. [ 623.076267][T11509] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1206'. [ 623.414979][T11509] netlink: 302 bytes leftover after parsing attributes in process `syz.1.1206'. [ 624.326706][T11530] FAULT_INJECTION: forcing a failure. [ 624.326706][T11530] name failslab, interval 1, probability 0, space 0, times 0 [ 624.398613][T11530] CPU: 1 UID: 0 PID: 11530 Comm: syz.2.1212 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 624.398646][T11530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 624.398660][T11530] Call Trace: [ 624.398667][T11530] [ 624.398675][T11530] dump_stack_lvl+0x16c/0x1f0 [ 624.398716][T11530] should_fail_ex+0x512/0x640 [ 624.398746][T11530] ? vmci_handle_arr_create+0x67/0x140 [ 624.398775][T11530] should_failslab+0xc2/0x120 [ 624.398823][T11530] __kmalloc_noprof+0xd2/0x510 [ 624.398849][T11530] ? lockdep_init_map_type+0x5c/0x280 [ 624.398885][T11530] ? lockdep_init_map_type+0x5c/0x280 [ 624.398921][T11530] vmci_handle_arr_create+0x67/0x140 [ 624.398952][T11530] vmci_ctx_create+0x22a/0x740 [ 624.398979][T11530] vmci_host_unlocked_ioctl+0x1a94/0x2010 [ 624.399013][T11530] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 624.399066][T11530] ? find_held_lock+0x2b/0x80 [ 624.399089][T11530] ? hook_file_ioctl_common+0x145/0x410 [ 624.399121][T11530] ? __fget_files+0x20e/0x3c0 [ 624.399148][T11530] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 624.399182][T11530] __x64_sys_ioctl+0x190/0x200 [ 624.399218][T11530] do_syscall_64+0xcd/0x230 [ 624.399254][T11530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.399277][T11530] RIP: 0033:0x7f6c4c38e169 [ 624.399296][T11530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.399318][T11530] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 624.399340][T11530] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 624.399356][T11530] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000003 [ 624.399370][T11530] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 624.399384][T11530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 624.399398][T11530] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 624.399427][T11530] [ 624.764520][T11534] FAULT_INJECTION: forcing a failure. [ 624.764520][T11534] name failslab, interval 1, probability 0, space 0, times 0 [ 624.777274][T11534] CPU: 1 UID: 0 PID: 11534 Comm: syz.1.1213 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 624.777306][T11534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 624.777321][T11534] Call Trace: [ 624.777329][T11534] [ 624.777338][T11534] dump_stack_lvl+0x16c/0x1f0 [ 624.777377][T11534] should_fail_ex+0x512/0x640 [ 624.777405][T11534] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 624.777438][T11534] should_failslab+0xc2/0x120 [ 624.777469][T11534] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 624.777499][T11534] ? security_file_alloc+0x34/0x2b0 [ 624.777535][T11534] security_file_alloc+0x34/0x2b0 [ 624.777569][T11534] init_file+0x93/0x4c0 [ 624.777600][T11534] alloc_empty_file_noaccount+0x3d/0xd0 [ 624.777635][T11534] alloc_file_pseudo_noaccount+0x13a/0x230 [ 624.777672][T11534] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 624.777716][T11534] ? iput+0xd3/0x880 [ 624.777753][T11534] bdev_file_open_by_dev+0x13e/0x210 [ 624.777784][T11534] blkdev_bszset+0x170/0x240 [ 624.777823][T11534] ? __pfx_blkdev_bszset+0x10/0x10 [ 624.777871][T11534] ? find_held_lock+0x2b/0x80 [ 624.777907][T11534] ? hook_file_ioctl_common+0x145/0x410 [ 624.777935][T11534] blkdev_ioctl+0x44e/0x6d0 [ 624.777954][T11534] ? __pfx_blkdev_ioctl+0x10/0x10 [ 624.777977][T11534] ? __pfx_blkdev_ioctl+0x10/0x10 [ 624.777997][T11534] __x64_sys_ioctl+0x190/0x200 [ 624.778031][T11534] do_syscall_64+0xcd/0x230 [ 624.778065][T11534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.778086][T11534] RIP: 0033:0x7f331f78e169 [ 624.778103][T11534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.778125][T11534] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 624.778145][T11534] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 624.778160][T11534] RDX: 0000200000000600 RSI: 0000000040081271 RDI: 0000000000000005 [ 624.778174][T11534] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 624.778187][T11534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 624.778200][T11534] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 624.778226][T11534] [ 625.156337][T11540] FAULT_INJECTION: forcing a failure. [ 625.156337][T11540] name fail_futex, interval 1, probability 0, space 0, times 0 [ 625.169620][T11540] CPU: 1 UID: 0 PID: 11540 Comm: syz.0.1214 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 625.169672][T11540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 625.169687][T11540] Call Trace: [ 625.169695][T11540] [ 625.169704][T11540] dump_stack_lvl+0x16c/0x1f0 [ 625.169749][T11540] should_fail_ex+0x512/0x640 [ 625.169781][T11540] get_futex_key+0x49e/0x1000 [ 625.169811][T11540] ? __pfx_get_futex_key+0x10/0x10 [ 625.169836][T11540] ? pick_eevdf+0x3be/0x5b0 [ 625.169866][T11540] ? update_curr_se+0x8b/0x270 [ 625.169898][T11540] ? update_curr+0x74/0x800 [ 625.169923][T11540] futex_wait_setup+0x78/0x290 [ 625.169963][T11540] __futex_wait+0x266/0x3c0 [ 625.169998][T11540] ? __pfx___futex_wait+0x10/0x10 [ 625.170031][T11540] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 625.170067][T11540] ? __pfx_futex_wake_mark+0x10/0x10 [ 625.170112][T11540] futex_wait+0xe8/0x380 [ 625.170144][T11540] ? __pfx_futex_wait+0x10/0x10 [ 625.170183][T11540] ? kmem_cache_free+0x2d4/0x4d0 [ 625.170209][T11540] ? fd_install+0x225/0x750 [ 625.170229][T11540] ? putname+0x154/0x1a0 [ 625.170263][T11540] do_futex+0x229/0x350 [ 625.170290][T11540] ? __pfx_do_futex+0x10/0x10 [ 625.170325][T11540] __x64_sys_futex+0x1e0/0x4c0 [ 625.170355][T11540] ? __x64_sys_openat+0x174/0x210 [ 625.170390][T11540] ? __pfx___x64_sys_futex+0x10/0x10 [ 625.170420][T11540] ? rcu_is_watching+0x12/0xc0 [ 625.170451][T11540] do_syscall_64+0xcd/0x230 [ 625.170488][T11540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.170512][T11540] RIP: 0033:0x7fe1cd18e169 [ 625.170531][T11540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 625.170555][T11540] RSP: 002b:00007fe1cdf1c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 625.170577][T11540] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa8 RCX: 00007fe1cd18e169 [ 625.170594][T11540] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe1cd3b5fa8 [ 625.170609][T11540] RBP: 00007fe1cd3b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 625.170624][T11540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe1cd3b5fac [ 625.170639][T11540] R13: 0000000000000000 R14: 00007ffc2241a860 R15: 00007ffc2241a948 [ 625.170667][T11540] [ 626.007270][T11551] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1218'. [ 626.089331][T11551] netlink: 10 bytes leftover after parsing attributes in process `syz.2.1218'. [ 626.156358][T11551] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1218'. [ 626.270247][T11554] bond0: option all_slaves_active: invalid value () [ 627.230946][T11569] netlink: 'syz.1.1225': attribute type 15 has an invalid length. [ 627.230985][T11569] netlink: 'syz.1.1225': attribute type 16 has an invalid length. [ 627.231000][T11569] netlink: 'syz.1.1225': attribute type 17 has an invalid length. [ 627.231015][T11569] netlink: 'syz.1.1225': attribute type 19 has an invalid length. [ 627.231029][T11569] netlink: 238 bytes leftover after parsing attributes in process `syz.1.1225'. [ 627.863824][T11580] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1228'. [ 628.708543][T11584] netlink: 'syz.3.1229': attribute type 4 has an invalid length. [ 628.779073][T11584] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1229'. [ 629.123341][ T5853] Bluetooth: hci0: unexpected event 0x05 length: 440 > 4 [ 629.303819][T11590] netlink: 158 bytes leftover after parsing attributes in process `syz.1.1231'. [ 629.413063][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.420777][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.832681][T11598] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1235'. [ 631.743342][T11623] FAULT_INJECTION: forcing a failure. [ 631.743342][T11623] name failslab, interval 1, probability 0, space 0, times 0 [ 631.962487][T11623] CPU: 1 UID: 0 PID: 11623 Comm: syz.2.1242 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 631.962520][T11623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 631.962534][T11623] Call Trace: [ 631.962542][T11623] [ 631.962551][T11623] dump_stack_lvl+0x16c/0x1f0 [ 631.962586][T11623] should_fail_ex+0x512/0x640 [ 631.962612][T11623] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 631.962638][T11623] should_failslab+0xc2/0x120 [ 631.962668][T11623] __kmalloc_cache_noprof+0x6a/0x3e0 [ 631.962691][T11623] ? kobject_create_and_add+0x4a/0xf0 [ 631.962717][T11623] kobject_create_and_add+0x4a/0xf0 [ 631.962757][T11623] add_disk_fwnode+0x8d0/0x13a0 [ 631.962793][T11623] zram_add+0x494/0x6c0 [ 631.962822][T11623] ? __pfx_zram_add+0x10/0x10 [ 631.962867][T11623] ? find_held_lock+0x2b/0x80 [ 631.962897][T11623] ? __pfx_hot_add_show+0x10/0x10 [ 631.962922][T11623] ? __pfx_class_attr_show+0x10/0x10 [ 631.962946][T11623] hot_add_show+0x21/0x80 [ 631.962972][T11623] class_attr_show+0x6f/0xa0 [ 631.962997][T11623] sysfs_kf_seq_show+0x213/0x3e0 [ 631.963039][T11623] seq_read_iter+0x506/0x12c0 [ 631.963087][T11623] kernfs_fop_read_iter+0x40f/0x5a0 [ 631.963117][T11623] ? rw_verify_area+0xcf/0x680 [ 631.963167][T11623] vfs_read+0x8c8/0xc70 [ 631.963192][T11623] ? __pfx___mutex_lock+0x10/0x10 [ 631.963229][T11623] ? __pfx_vfs_read+0x10/0x10 [ 631.963287][T11623] ksys_read+0x12a/0x240 [ 631.963311][T11623] ? __pfx_ksys_read+0x10/0x10 [ 631.963333][T11623] ? rcu_is_watching+0x12/0xc0 [ 631.963365][T11623] do_syscall_64+0xcd/0x230 [ 631.963401][T11623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.963424][T11623] RIP: 0033:0x7f6c4c38e169 [ 631.963442][T11623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 631.963465][T11623] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 631.963487][T11623] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 631.963502][T11623] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 631.963517][T11623] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 631.963530][T11623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 631.963544][T11623] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 631.963574][T11623] [ 632.197176][ C1] vkms_vblank_simulate: vblank timer overrun [ 634.163796][T11633] FAULT_INJECTION: forcing a failure. [ 634.163796][T11633] name failslab, interval 1, probability 0, space 0, times 0 [ 634.219552][T11633] CPU: 1 UID: 0 PID: 11633 Comm: syz.3.1245 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 634.219589][T11633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 634.219604][T11633] Call Trace: [ 634.219612][T11633] [ 634.219622][T11633] dump_stack_lvl+0x16c/0x1f0 [ 634.219661][T11633] should_fail_ex+0x512/0x640 [ 634.219690][T11633] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 634.219723][T11633] should_failslab+0xc2/0x120 [ 634.219755][T11633] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 634.219786][T11633] ? __kernfs_new_node+0xd2/0x8a0 [ 634.219814][T11633] __kernfs_new_node+0xd2/0x8a0 [ 634.219841][T11633] ? __pfx___kernfs_new_node+0x10/0x10 [ 634.219873][T11633] ? find_held_lock+0x2b/0x80 [ 634.219899][T11633] ? kernfs_root+0xee/0x2a0 [ 634.219929][T11633] kernfs_new_node+0x13c/0x1e0 [ 634.219963][T11633] kernfs_create_dir_ns+0x4c/0x1a0 [ 634.219995][T11633] sysfs_create_dir_ns+0x13a/0x2b0 [ 634.220020][T11633] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 634.220042][T11633] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 634.220067][T11633] ? kfree+0x252/0x4d0 [ 634.220098][T11633] kobject_add_internal+0x2c4/0x9b0 [ 634.220143][T11633] kobject_add+0x16e/0x240 [ 634.220165][T11633] ? __pfx_kobject_add+0x10/0x10 [ 634.220189][T11633] ? __pfx_kobject_add+0x10/0x10 [ 634.220223][T11633] blk_register_queue+0x98/0x560 [ 634.220264][T11633] add_disk_fwnode+0x911/0x13a0 [ 634.220299][T11633] zram_add+0x494/0x6c0 [ 634.220326][T11633] ? __pfx_zram_add+0x10/0x10 [ 634.220372][T11633] ? find_held_lock+0x2b/0x80 [ 634.220403][T11633] ? __pfx_hot_add_show+0x10/0x10 [ 634.220428][T11633] ? __pfx_class_attr_show+0x10/0x10 [ 634.220453][T11633] hot_add_show+0x21/0x80 [ 634.220480][T11633] class_attr_show+0x6f/0xa0 [ 634.220506][T11633] sysfs_kf_seq_show+0x213/0x3e0 [ 634.220548][T11633] seq_read_iter+0x506/0x12c0 [ 634.220599][T11633] kernfs_fop_read_iter+0x40f/0x5a0 [ 634.220631][T11633] ? rw_verify_area+0xcf/0x680 [ 634.220672][T11633] vfs_read+0x8c8/0xc70 [ 634.220700][T11633] ? __pfx___mutex_lock+0x10/0x10 [ 634.220736][T11633] ? __pfx_vfs_read+0x10/0x10 [ 634.220781][T11633] ksys_read+0x12a/0x240 [ 634.220805][T11633] ? __pfx_ksys_read+0x10/0x10 [ 634.220828][T11633] ? rcu_is_watching+0x12/0xc0 [ 634.220862][T11633] do_syscall_64+0xcd/0x230 [ 634.220899][T11633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.220923][T11633] RIP: 0033:0x7fe4d918e169 [ 634.220942][T11633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 634.220966][T11633] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 634.220990][T11633] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 634.221006][T11633] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 634.221021][T11633] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 634.221036][T11633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 634.221051][T11633] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 634.221088][T11633] [ 634.221101][T11633] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 634.480773][ C1] vkms_vblank_simulate: vblank timer overrun [ 635.255352][ T5853] Bluetooth: hci3: unexpected event 0x08 length: 11 > 4 [ 638.087668][T11677] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1258'. [ 638.444500][T11695] sctp: [Deprecated]: syz.3.1262 (pid 11695) Use of int in maxseg socket option. [ 638.444500][T11695] Use struct sctp_assoc_value instead [ 639.326743][ T5853] Bluetooth: hci0: unexpected event 0x08 length: 11 > 4 [ 642.351264][T11734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1272'. [ 642.441660][T11734] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1272'. [ 642.501618][T11734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1272'. [ 643.914051][T11748] FAULT_INJECTION: forcing a failure. [ 643.914051][T11748] name failslab, interval 1, probability 0, space 0, times 0 [ 643.971510][T11748] CPU: 1 UID: 0 PID: 11748 Comm: syz.2.1276 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 643.971546][T11748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 643.971560][T11748] Call Trace: [ 643.971568][T11748] [ 643.971578][T11748] dump_stack_lvl+0x16c/0x1f0 [ 643.971620][T11748] should_fail_ex+0x512/0x640 [ 643.971650][T11748] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 643.971678][T11748] should_failslab+0xc2/0x120 [ 643.971710][T11748] __kmalloc_cache_noprof+0x6a/0x3e0 [ 643.971735][T11748] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 643.971782][T11748] snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 643.971827][T11748] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 643.971877][T11748] snd_pcm_oss_change_params_locked+0x92b/0x3b40 [ 643.971916][T11748] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 643.971942][T11748] ? __pfx___futex_wait+0x10/0x10 [ 643.971975][T11748] ? snd_pcm_oss_read+0x379/0x760 [ 643.972017][T11748] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 643.972043][T11748] snd_pcm_oss_read+0x39b/0x760 [ 643.972068][T11748] ? security_file_permission+0x71/0x210 [ 643.972103][T11748] ? __pfx_snd_pcm_oss_read+0x10/0x10 [ 643.972130][T11748] vfs_read+0x1de/0xc70 [ 643.972160][T11748] ? __pfx_vfs_read+0x10/0x10 [ 643.972182][T11748] ? find_held_lock+0x2b/0x80 [ 643.972207][T11748] ? __fget_files+0x204/0x3c0 [ 643.972234][T11748] ? __fget_files+0x20e/0x3c0 [ 643.972265][T11748] ksys_read+0x12a/0x240 [ 643.972289][T11748] ? __pfx_ksys_read+0x10/0x10 [ 643.972311][T11748] ? rcu_is_watching+0x12/0xc0 [ 643.972343][T11748] do_syscall_64+0xcd/0x230 [ 643.972380][T11748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.972405][T11748] RIP: 0033:0x7f6c4c38e169 [ 643.972424][T11748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 643.972448][T11748] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 643.972470][T11748] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 643.972486][T11748] RDX: 000000000cefbce6 RSI: 0000000000000000 RDI: 0000000000000005 [ 643.972507][T11748] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 643.972522][T11748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 643.972536][T11748] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 643.972566][T11748] [ 646.967962][T11771] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1281'. [ 650.328035][T11788] FAULT_INJECTION: forcing a failure. [ 650.328035][T11788] name failslab, interval 1, probability 0, space 0, times 0 [ 650.461783][T11788] CPU: 1 UID: 0 PID: 11788 Comm: syz.0.1287 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 650.461819][T11788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 650.461834][T11788] Call Trace: [ 650.461842][T11788] [ 650.461851][T11788] dump_stack_lvl+0x16c/0x1f0 [ 650.461889][T11788] should_fail_ex+0x512/0x640 [ 650.461916][T11788] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 650.461948][T11788] should_failslab+0xc2/0x120 [ 650.461979][T11788] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 650.462008][T11788] ? __kernfs_new_node+0xd2/0x8a0 [ 650.462035][T11788] __kernfs_new_node+0xd2/0x8a0 [ 650.462066][T11788] ? __pfx___kernfs_new_node+0x10/0x10 [ 650.462098][T11788] ? find_held_lock+0x2b/0x80 [ 650.462123][T11788] ? kernfs_root+0xee/0x2a0 [ 650.462152][T11788] kernfs_new_node+0x13c/0x1e0 [ 650.462186][T11788] __kernfs_create_file+0x53/0x350 [ 650.462224][T11788] sysfs_add_file_mode_ns+0x207/0x3c0 [ 650.462269][T11788] internal_create_group+0x578/0xf30 [ 650.462302][T11788] ? __pfx_internal_create_group+0x10/0x10 [ 650.462328][T11788] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 650.462350][T11788] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 650.462372][T11788] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 650.462398][T11788] internal_create_groups+0x9d/0x150 [ 650.462425][T11788] kobject_add_internal+0x311/0x9b0 [ 650.462468][T11788] kobject_add+0x16e/0x240 [ 650.462489][T11788] ? __pfx_kobject_add+0x10/0x10 [ 650.462512][T11788] ? __pfx_kobject_add+0x10/0x10 [ 650.462545][T11788] blk_register_queue+0x98/0x560 [ 650.462585][T11788] add_disk_fwnode+0x911/0x13a0 [ 650.462619][T11788] zram_add+0x494/0x6c0 [ 650.462646][T11788] ? __pfx_zram_add+0x10/0x10 [ 650.462691][T11788] ? find_held_lock+0x2b/0x80 [ 650.462721][T11788] ? __pfx_hot_add_show+0x10/0x10 [ 650.462745][T11788] ? __pfx_class_attr_show+0x10/0x10 [ 650.462770][T11788] hot_add_show+0x21/0x80 [ 650.462795][T11788] class_attr_show+0x6f/0xa0 [ 650.462820][T11788] sysfs_kf_seq_show+0x213/0x3e0 [ 650.462862][T11788] seq_read_iter+0x506/0x12c0 [ 650.462911][T11788] kernfs_fop_read_iter+0x40f/0x5a0 [ 650.462942][T11788] ? rw_verify_area+0xcf/0x680 [ 650.462982][T11788] vfs_read+0x8c8/0xc70 [ 650.463009][T11788] ? __pfx___mutex_lock+0x10/0x10 [ 650.463044][T11788] ? __pfx_vfs_read+0x10/0x10 [ 650.463092][T11788] ksys_read+0x12a/0x240 [ 650.463115][T11788] ? __pfx_ksys_read+0x10/0x10 [ 650.463136][T11788] ? rcu_is_watching+0x12/0xc0 [ 650.463169][T11788] do_syscall_64+0xcd/0x230 [ 650.463205][T11788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.463229][T11788] RIP: 0033:0x7fe1cd18e169 [ 650.463248][T11788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.463271][T11788] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 650.463293][T11788] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 650.463308][T11788] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 650.463324][T11788] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 650.463338][T11788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 650.463352][T11788] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 650.463382][T11788] [ 650.786121][T11792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1288'. [ 650.830370][T11788] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 651.196276][T11804] FAULT_INJECTION: forcing a failure. [ 651.196276][T11804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 651.223322][T11804] CPU: 1 UID: 0 PID: 11804 Comm: syz.2.1291 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 651.223375][T11804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 651.223390][T11804] Call Trace: [ 651.223397][T11804] [ 651.223407][T11804] dump_stack_lvl+0x16c/0x1f0 [ 651.223456][T11804] should_fail_ex+0x512/0x640 [ 651.223487][T11804] _copy_from_iter+0x2a4/0x15b0 [ 651.223518][T11804] ? policy_nodemask+0xea/0x4e0 [ 651.223547][T11804] ? __pfx__copy_from_iter+0x10/0x10 [ 651.223579][T11804] ? alloc_pages_mpol+0x25a/0x550 [ 651.223608][T11804] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 651.223642][T11804] copy_page_from_iter+0xa5/0x120 [ 651.223672][T11804] anon_pipe_write+0xbe7/0x1a70 [ 651.223707][T11804] ? __pfx_anon_pipe_write+0x10/0x10 [ 651.223734][T11804] ? apparmor_file_permission+0x251/0x400 [ 651.223760][T11804] ? bpf_lsm_file_permission+0x9/0x10 [ 651.223781][T11804] ? security_file_permission+0x71/0x210 [ 651.223811][T11804] ? rw_verify_area+0xcf/0x680 [ 651.223867][T11804] vfs_write+0x5ba/0x1180 [ 651.223891][T11804] ? __pfx_anon_pipe_write+0x10/0x10 [ 651.223920][T11804] ? __pfx_vfs_write+0x10/0x10 [ 651.223942][T11804] ? find_held_lock+0x2b/0x80 [ 651.223984][T11804] ksys_write+0x205/0x240 [ 651.224008][T11804] ? __pfx_ksys_write+0x10/0x10 [ 651.224042][T11804] ? rcu_is_watching+0x12/0xc0 [ 651.224071][T11804] do_syscall_64+0xcd/0x230 [ 651.224104][T11804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.224126][T11804] RIP: 0033:0x7f6c4c38e169 [ 651.224143][T11804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.224165][T11804] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 651.224185][T11804] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 651.224199][T11804] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 651.224212][T11804] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 651.224225][T11804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.224238][T11804] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 651.224265][T11804] [ 654.083446][T11846] ubi0: attaching mtd0 [ 654.097052][T11845] netlink: 194 bytes leftover after parsing attributes in process `syz.3.1300'. [ 654.117891][T11846] ubi0: scanning is finished [ 654.154290][T11846] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 654.509988][T11846] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 655.408725][T11868] FAULT_INJECTION: forcing a failure. [ 655.408725][T11868] name failslab, interval 1, probability 0, space 0, times 0 [ 655.493818][T11868] CPU: 1 UID: 0 PID: 11868 Comm: syz.2.1308 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 655.493853][T11868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 655.493868][T11868] Call Trace: [ 655.493876][T11868] [ 655.493885][T11868] dump_stack_lvl+0x16c/0x1f0 [ 655.493922][T11868] should_fail_ex+0x512/0x640 [ 655.493951][T11868] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 655.493983][T11868] should_failslab+0xc2/0x120 [ 655.494015][T11868] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 655.494044][T11868] ? __kernfs_new_node+0xd2/0x8a0 [ 655.494072][T11868] __kernfs_new_node+0xd2/0x8a0 [ 655.494098][T11868] ? __pfx___kernfs_new_node+0x10/0x10 [ 655.494129][T11868] ? find_held_lock+0x2b/0x80 [ 655.494155][T11868] ? kernfs_root+0xee/0x2a0 [ 655.494184][T11868] kernfs_new_node+0x13c/0x1e0 [ 655.494216][T11868] kernfs_create_dir_ns+0x4c/0x1a0 [ 655.494248][T11868] sysfs_create_dir_ns+0x13a/0x2b0 [ 655.494271][T11868] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 655.494293][T11868] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 655.494317][T11868] ? kfree+0x252/0x4d0 [ 655.494343][T11868] kobject_add_internal+0x2c4/0x9b0 [ 655.494386][T11868] kobject_add+0x16e/0x240 [ 655.494407][T11868] ? __pfx_kobject_add+0x10/0x10 [ 655.494430][T11868] ? __pfx_kobject_add+0x10/0x10 [ 655.494463][T11868] blk_register_queue+0x98/0x560 [ 655.494503][T11868] add_disk_fwnode+0x911/0x13a0 [ 655.494537][T11868] zram_add+0x494/0x6c0 [ 655.494583][T11868] ? __pfx_zram_add+0x10/0x10 [ 655.494630][T11868] ? find_held_lock+0x2b/0x80 [ 655.494659][T11868] ? __pfx_hot_add_show+0x10/0x10 [ 655.494702][T11868] ? __pfx_class_attr_show+0x10/0x10 [ 655.494726][T11868] hot_add_show+0x21/0x80 [ 655.494758][T11868] class_attr_show+0x6f/0xa0 [ 655.494785][T11868] sysfs_kf_seq_show+0x213/0x3e0 [ 655.494828][T11868] seq_read_iter+0x506/0x12c0 [ 655.494878][T11868] kernfs_fop_read_iter+0x40f/0x5a0 [ 655.494910][T11868] ? rw_verify_area+0xcf/0x680 [ 655.494951][T11868] vfs_read+0x8c8/0xc70 [ 655.494979][T11868] ? __pfx___mutex_lock+0x10/0x10 [ 655.495015][T11868] ? __pfx_vfs_read+0x10/0x10 [ 655.495060][T11868] ksys_read+0x12a/0x240 [ 655.495083][T11868] ? __pfx_ksys_read+0x10/0x10 [ 655.495106][T11868] ? rcu_is_watching+0x12/0xc0 [ 655.495139][T11868] do_syscall_64+0xcd/0x230 [ 655.495176][T11868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.495200][T11868] RIP: 0033:0x7f6c4c38e169 [ 655.495220][T11868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.495244][T11868] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 655.495266][T11868] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 655.495282][T11868] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 655.495297][T11868] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 655.495311][T11868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.495327][T11868] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 655.495358][T11868] [ 655.495370][T11868] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 655.894268][T11870] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 656.715579][T11881] zswap: compressor not available [ 657.402102][T11874] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 658.996289][T11917] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1319'. [ 659.043455][T11919] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1319'. [ 659.078230][T11917] netlink: 290 bytes leftover after parsing attributes in process `syz.1.1319'. [ 659.322745][T11925] FAULT_INJECTION: forcing a failure. [ 659.322745][T11925] name failslab, interval 1, probability 0, space 0, times 0 [ 659.360487][T11925] CPU: 1 UID: 0 PID: 11925 Comm: syz.1.1321 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 659.360524][T11925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 659.360539][T11925] Call Trace: [ 659.360548][T11925] [ 659.360557][T11925] dump_stack_lvl+0x16c/0x1f0 [ 659.360597][T11925] should_fail_ex+0x512/0x640 [ 659.360626][T11925] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 659.360660][T11925] should_failslab+0xc2/0x120 [ 659.360691][T11925] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 659.360722][T11925] ? __kernfs_new_node+0xd2/0x8a0 [ 659.360750][T11925] __kernfs_new_node+0xd2/0x8a0 [ 659.360777][T11925] ? __pfx___kernfs_new_node+0x10/0x10 [ 659.360821][T11925] ? find_held_lock+0x2b/0x80 [ 659.360847][T11925] ? kernfs_root+0xee/0x2a0 [ 659.360876][T11925] kernfs_new_node+0x13c/0x1e0 [ 659.360908][T11925] kernfs_create_dir_ns+0x4c/0x1a0 [ 659.360940][T11925] sysfs_create_dir_ns+0x13a/0x2b0 [ 659.360963][T11925] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 659.360984][T11925] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 659.361008][T11925] ? kfree+0x252/0x4d0 [ 659.361033][T11925] kobject_add_internal+0x2c4/0x9b0 [ 659.361075][T11925] kobject_add+0x16e/0x240 [ 659.361096][T11925] ? __pfx_kobject_add+0x10/0x10 [ 659.361119][T11925] ? __pfx_kobject_add+0x10/0x10 [ 659.361152][T11925] blk_register_queue+0x98/0x560 [ 659.361190][T11925] add_disk_fwnode+0x911/0x13a0 [ 659.361225][T11925] zram_add+0x494/0x6c0 [ 659.361250][T11925] ? __pfx_zram_add+0x10/0x10 [ 659.361295][T11925] ? find_held_lock+0x2b/0x80 [ 659.361330][T11925] ? __pfx_hot_add_show+0x10/0x10 [ 659.361356][T11925] ? __pfx_class_attr_show+0x10/0x10 [ 659.361380][T11925] hot_add_show+0x21/0x80 [ 659.361406][T11925] class_attr_show+0x6f/0xa0 [ 659.361437][T11925] sysfs_kf_seq_show+0x213/0x3e0 [ 659.361482][T11925] seq_read_iter+0x506/0x12c0 [ 659.361531][T11925] kernfs_fop_read_iter+0x40f/0x5a0 [ 659.361562][T11925] ? rw_verify_area+0xcf/0x680 [ 659.361601][T11925] vfs_read+0x8c8/0xc70 [ 659.361629][T11925] ? __pfx___mutex_lock+0x10/0x10 [ 659.361662][T11925] ? __pfx_vfs_read+0x10/0x10 [ 659.361706][T11925] ksys_read+0x12a/0x240 [ 659.361728][T11925] ? __pfx_ksys_read+0x10/0x10 [ 659.361750][T11925] ? rcu_is_watching+0x12/0xc0 [ 659.361783][T11925] do_syscall_64+0xcd/0x230 [ 659.361818][T11925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.361842][T11925] RIP: 0033:0x7f331f78e169 [ 659.361861][T11925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.361884][T11925] RSP: 002b:00007f3320587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 659.361905][T11925] RAX: ffffffffffffffda RBX: 00007f331f9b6080 RCX: 00007f331f78e169 [ 659.361921][T11925] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 659.361935][T11925] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 659.361949][T11925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.361963][T11925] R13: 0000000000000000 R14: 00007f331f9b6080 R15: 00007fff8f270698 [ 659.361994][T11925] [ 659.363176][T11925] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 660.849089][T11933] Invalid logical block size (4) [ 661.083697][T11915] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 661.092559][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout [ 661.927600][T11915] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 661.935032][T11915] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 661.965269][T11915] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 662.199327][T11915] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 662.226093][T11915] CPU0 is offline. [ 663.167438][ T9589] Bluetooth: hci1: command 0x0c1a tx timeout [ 663.216083][T11980] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1331'. [ 663.476637][T11971] ima: policy update failed [ 663.481283][ T30] audit: type=1802 audit(6040185702.151:8): pid=11971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1331" res=0 errno=0 [ 663.964369][ T9589] Bluetooth: hci2: command 0x0c1a tx timeout [ 664.102256][T11990] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1334'. [ 664.203582][T11990] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 664.287470][ T9589] Bluetooth: hci3: command 0x0c1a tx timeout [ 664.317808][T11990] bridge0: port 2(bridge_slave_1) entered disabled state [ 664.325908][T11990] bridge0: port 1(bridge_slave_0) entered disabled state [ 665.067470][T12009] FAULT_INJECTION: forcing a failure. [ 665.067470][T12009] name failslab, interval 1, probability 0, space 0, times 0 [ 665.231034][T12009] CPU: 1 UID: 0 PID: 12009 Comm: syz.2.1338 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 665.231070][T12009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 665.231100][T12009] Call Trace: [ 665.231108][T12009] [ 665.231116][T12009] dump_stack_lvl+0x16c/0x1f0 [ 665.231152][T12009] should_fail_ex+0x512/0x640 [ 665.231177][T12009] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 665.231208][T12009] should_failslab+0xc2/0x120 [ 665.231236][T12009] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 665.231264][T12009] ? __kernfs_new_node+0xd2/0x8a0 [ 665.231289][T12009] __kernfs_new_node+0xd2/0x8a0 [ 665.231314][T12009] ? __pfx___kernfs_new_node+0x10/0x10 [ 665.231342][T12009] ? find_held_lock+0x2b/0x80 [ 665.231366][T12009] ? kernfs_root+0xee/0x2a0 [ 665.231393][T12009] kernfs_new_node+0x13c/0x1e0 [ 665.231424][T12009] kernfs_create_dir_ns+0x4c/0x1a0 [ 665.231452][T12009] sysfs_create_dir_ns+0x13a/0x2b0 [ 665.231474][T12009] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 665.231494][T12009] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 665.231516][T12009] ? kfree+0x252/0x4d0 [ 665.231540][T12009] kobject_add_internal+0x2c4/0x9b0 [ 665.231579][T12009] kobject_add+0x16e/0x240 [ 665.231599][T12009] ? __pfx_kobject_add+0x10/0x10 [ 665.231620][T12009] ? __pfx_kobject_add+0x10/0x10 [ 665.231650][T12009] blk_register_queue+0x98/0x560 [ 665.231687][T12009] add_disk_fwnode+0x911/0x13a0 [ 665.231719][T12009] zram_add+0x494/0x6c0 [ 665.231743][T12009] ? __pfx_zram_add+0x10/0x10 [ 665.231786][T12009] ? find_held_lock+0x2b/0x80 [ 665.231812][T12009] ? __pfx_hot_add_show+0x10/0x10 [ 665.231835][T12009] ? __pfx_class_attr_show+0x10/0x10 [ 665.231858][T12009] hot_add_show+0x21/0x80 [ 665.231883][T12009] class_attr_show+0x6f/0xa0 [ 665.231906][T12009] sysfs_kf_seq_show+0x213/0x3e0 [ 665.231945][T12009] seq_read_iter+0x506/0x12c0 [ 665.231991][T12009] kernfs_fop_read_iter+0x40f/0x5a0 [ 665.232023][T12009] ? rw_verify_area+0xcf/0x680 [ 665.232060][T12009] vfs_read+0x8c8/0xc70 [ 665.232089][T12009] ? __pfx___mutex_lock+0x10/0x10 [ 665.232121][T12009] ? __pfx_vfs_read+0x10/0x10 [ 665.232162][T12009] ksys_read+0x12a/0x240 [ 665.232184][T12009] ? __pfx_ksys_read+0x10/0x10 [ 665.232205][T12009] ? rcu_is_watching+0x12/0xc0 [ 665.232235][T12009] do_syscall_64+0xcd/0x230 [ 665.232268][T12009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.232291][T12009] RIP: 0033:0x7f6c4c38e169 [ 665.232308][T12009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.232330][T12009] RSP: 002b:00007f6c4d1ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 665.232351][T12009] RAX: ffffffffffffffda RBX: 00007f6c4c5b5fa0 RCX: 00007f6c4c38e169 [ 665.232365][T12009] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 665.232379][T12009] RBP: 00007f6c4c410a68 R08: 0000000000000000 R09: 0000000000000000 [ 665.232392][T12009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 665.232405][T12009] R13: 0000000000000000 R14: 00007f6c4c5b5fa0 R15: 00007fff796d7a28 [ 665.232433][T12009] [ 665.835422][T12015] FAULT_INJECTION: forcing a failure. [ 665.835422][T12015] name failslab, interval 1, probability 0, space 0, times 0 [ 665.848374][T12015] CPU: 1 UID: 0 PID: 12015 Comm: syz.0.1340 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 665.848402][T12015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 665.848415][T12015] Call Trace: [ 665.848422][T12015] [ 665.848430][T12015] dump_stack_lvl+0x16c/0x1f0 [ 665.848465][T12015] should_fail_ex+0x512/0x640 [ 665.848489][T12015] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 665.848520][T12015] should_failslab+0xc2/0x120 [ 665.848547][T12015] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 665.848574][T12015] ? __lock_acquire+0x5ca/0x1ba0 [ 665.848619][T12015] ? kstrdup_const+0x63/0x80 [ 665.848652][T12015] kstrdup+0x53/0x100 [ 665.848681][T12015] kstrdup_const+0x63/0x80 [ 665.848709][T12015] kvasprintf_const+0x10f/0x1a0 [ 665.848740][T12015] kobject_set_name_vargs+0x5a/0x140 [ 665.848761][T12015] kobject_init_and_add+0xe7/0x190 [ 665.848783][T12015] ? __pfx_kobject_init_and_add+0x10/0x10 [ 665.848809][T12015] ? up_write+0x1b2/0x520 [ 665.848847][T12015] sysfs_slab_add+0x18e/0x1e0 [ 665.848872][T12015] do_kmem_cache_create+0x530/0x730 [ 665.848899][T12015] ? __kmem_cache_create_args+0x205/0x390 [ 665.848928][T12015] __kmem_cache_create_args+0x225/0x390 [ 665.848957][T12015] mon_text_open+0x313/0x4f0 [ 665.848985][T12015] ? __pfx_mon_text_open+0x10/0x10 [ 665.849010][T12015] ? __debugfs_file_get+0x1fe/0x840 [ 665.849043][T12015] ? __pfx_mon_text_ctor+0x10/0x10 [ 665.849070][T12015] ? __pfx_apparmor_file_open+0x10/0x10 [ 665.849098][T12015] ? lockdown_is_locked_down+0x3f/0x130 [ 665.849129][T12015] ? bpf_lsm_locked_down+0x9/0x10 [ 665.849157][T12015] ? __pfx_mon_text_open+0x10/0x10 [ 665.849182][T12015] full_proxy_open_regular+0x1b6/0x360 [ 665.849213][T12015] do_dentry_open+0x741/0x1c10 [ 665.849237][T12015] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 665.849272][T12015] vfs_open+0x82/0x3f0 [ 665.849304][T12015] path_openat+0x1e5e/0x2d40 [ 665.849337][T12015] ? __pfx_path_openat+0x10/0x10 [ 665.849367][T12015] do_filp_open+0x20b/0x470 [ 665.849390][T12015] ? __pfx_do_filp_open+0x10/0x10 [ 665.849433][T12015] ? alloc_fd+0x471/0x7d0 [ 665.849460][T12015] do_sys_openat2+0x11b/0x1d0 [ 665.849490][T12015] ? __pfx_do_sys_openat2+0x10/0x10 [ 665.849549][T12015] __x64_sys_openat+0x174/0x210 [ 665.849587][T12015] ? __pfx___x64_sys_openat+0x10/0x10 [ 665.849622][T12015] ? rcu_is_watching+0x12/0xc0 [ 665.849686][T12015] do_syscall_64+0xcd/0x230 [ 665.849723][T12015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.849747][T12015] RIP: 0033:0x7fe1cd18e169 [ 665.849766][T12015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.849790][T12015] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 665.849812][T12015] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 665.849828][T12015] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 665.849843][T12015] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 665.849858][T12015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 665.849872][T12015] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 665.849902][T12015] [ 665.849911][T12015] kobject: can not set name properly! [ 666.223570][ T9589] Bluetooth: hci2: command 0x0c1a tx timeout [ 666.322565][T12009] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 666.388990][T12023] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1339'. [ 667.779023][T12015] SLUB: Unable to add cache mon_text_ffff88805e6b4400 to sysfs [ 671.076139][T12073] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 671.186923][T12083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1355'. [ 671.845359][T12088] FAULT_INJECTION: forcing a failure. [ 671.845359][T12088] name failslab, interval 1, probability 0, space 0, times 0 [ 671.912705][T12088] CPU: 1 UID: 0 PID: 12088 Comm: syz.3.1356 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 671.912739][T12088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 671.912753][T12088] Call Trace: [ 671.912761][T12088] [ 671.912770][T12088] dump_stack_lvl+0x16c/0x1f0 [ 671.912806][T12088] should_fail_ex+0x512/0x640 [ 671.912832][T12088] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 671.912862][T12088] should_failslab+0xc2/0x120 [ 671.912891][T12088] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 671.912919][T12088] ? __kernfs_new_node+0xd2/0x8a0 [ 671.912944][T12088] __kernfs_new_node+0xd2/0x8a0 [ 671.912969][T12088] ? __pfx___kernfs_new_node+0x10/0x10 [ 671.912998][T12088] ? find_held_lock+0x2b/0x80 [ 671.913022][T12088] ? kernfs_root+0xee/0x2a0 [ 671.913049][T12088] kernfs_new_node+0x13c/0x1e0 [ 671.913080][T12088] __kernfs_create_file+0x53/0x350 [ 671.913114][T12088] sysfs_add_file_mode_ns+0x207/0x3c0 [ 671.913157][T12088] internal_create_group+0x578/0xf30 [ 671.913186][T12088] ? __pfx_internal_create_group+0x10/0x10 [ 671.913210][T12088] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 671.913231][T12088] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 671.913251][T12088] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 671.913275][T12088] internal_create_groups+0x9d/0x150 [ 671.913301][T12088] kobject_add_internal+0x311/0x9b0 [ 671.913340][T12088] kobject_add+0x16e/0x240 [ 671.913360][T12088] ? __pfx_kobject_add+0x10/0x10 [ 671.913381][T12088] ? __pfx_kobject_add+0x10/0x10 [ 671.913412][T12088] blk_register_queue+0x98/0x560 [ 671.913448][T12088] add_disk_fwnode+0x911/0x13a0 [ 671.913481][T12088] zram_add+0x494/0x6c0 [ 671.913505][T12088] ? __pfx_zram_add+0x10/0x10 [ 671.913550][T12088] ? find_held_lock+0x2b/0x80 [ 671.913577][T12088] ? __pfx_hot_add_show+0x10/0x10 [ 671.913600][T12088] ? __pfx_class_attr_show+0x10/0x10 [ 671.913641][T12088] hot_add_show+0x21/0x80 [ 671.913684][T12088] class_attr_show+0x6f/0xa0 [ 671.913709][T12088] sysfs_kf_seq_show+0x213/0x3e0 [ 671.913751][T12088] seq_read_iter+0x506/0x12c0 [ 671.913799][T12088] kernfs_fop_read_iter+0x40f/0x5a0 [ 671.913831][T12088] ? rw_verify_area+0xcf/0x680 [ 671.913870][T12088] vfs_read+0x8c8/0xc70 [ 671.913898][T12088] ? __pfx___mutex_lock+0x10/0x10 [ 671.913933][T12088] ? __pfx_vfs_read+0x10/0x10 [ 671.913976][T12088] ksys_read+0x12a/0x240 [ 671.914000][T12088] ? __pfx_ksys_read+0x10/0x10 [ 671.914021][T12088] ? rcu_is_watching+0x12/0xc0 [ 671.914053][T12088] do_syscall_64+0xcd/0x230 [ 671.914090][T12088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 671.914113][T12088] RIP: 0033:0x7fe4d918e169 [ 671.914131][T12088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 671.914155][T12088] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 671.914176][T12088] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 671.914192][T12088] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 671.914207][T12088] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 671.914221][T12088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 671.914236][T12088] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 671.914266][T12088] [ 672.234086][ C1] vkms_vblank_simulate: vblank timer overrun [ 672.554876][T12092] HfR: entered promiscuous mode [ 672.564196][T12092] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1358'. [ 672.639617][T12082] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 673.360167][T12111] sd 0:0:1:0: PR command failed: 1026 [ 673.402957][T12111] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 673.439975][T12111] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 673.946788][T12088] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 674.678424][T12127] Process accounting resumed [ 676.958998][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 676.969231][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 676.979288][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 676.987731][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 676.997768][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 677.397145][T12164] FAULT_INJECTION: forcing a failure. [ 677.397145][T12164] name failslab, interval 1, probability 0, space 0, times 0 [ 677.933877][T12164] CPU: 1 UID: 0 PID: 12164 Comm: syz.1.1379 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 677.933913][T12164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 677.933927][T12164] Call Trace: [ 677.933935][T12164] [ 677.933944][T12164] dump_stack_lvl+0x16c/0x1f0 [ 677.933981][T12164] should_fail_ex+0x512/0x640 [ 677.934008][T12164] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 677.934040][T12164] should_failslab+0xc2/0x120 [ 677.934072][T12164] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 677.934100][T12164] ? __kernfs_new_node+0xd2/0x8a0 [ 677.934127][T12164] __kernfs_new_node+0xd2/0x8a0 [ 677.934154][T12164] ? __pfx___kernfs_new_node+0x10/0x10 [ 677.934185][T12164] ? find_held_lock+0x2b/0x80 [ 677.934210][T12164] ? kernfs_root+0xee/0x2a0 [ 677.934240][T12164] kernfs_new_node+0x13c/0x1e0 [ 677.934280][T12164] __kernfs_create_file+0x53/0x350 [ 677.934317][T12164] sysfs_add_file_mode_ns+0x207/0x3c0 [ 677.934363][T12164] sysfs_merge_group+0x1aa/0x340 [ 677.934390][T12164] ? __pfx_sysfs_merge_group+0x10/0x10 [ 677.934430][T12164] ? __pfx_dev_add_physical_location+0x10/0x10 [ 677.934467][T12164] ? bus_to_subsys+0x12d/0x160 [ 677.934497][T12164] dpm_sysfs_add+0x237/0x280 [ 677.934520][T12164] device_add+0x9a6/0x1a70 [ 677.934547][T12164] ? __pfx_device_add+0x10/0x10 [ 677.934574][T12164] ? do_raw_spin_lock+0x12c/0x2b0 [ 677.934599][T12164] add_disk_fwnode+0x468/0x13a0 [ 677.934632][T12164] zram_add+0x494/0x6c0 [ 677.934655][T12164] ? __pfx_zram_add+0x10/0x10 [ 677.934697][T12164] ? find_held_lock+0x2b/0x80 [ 677.934724][T12164] ? __pfx_hot_add_show+0x10/0x10 [ 677.934747][T12164] ? __pfx_class_attr_show+0x10/0x10 [ 677.934769][T12164] hot_add_show+0x21/0x80 [ 677.934793][T12164] class_attr_show+0x6f/0xa0 [ 677.934816][T12164] sysfs_kf_seq_show+0x213/0x3e0 [ 677.934854][T12164] seq_read_iter+0x506/0x12c0 [ 677.934900][T12164] kernfs_fop_read_iter+0x40f/0x5a0 [ 677.934928][T12164] ? rw_verify_area+0xcf/0x680 [ 677.934965][T12164] vfs_read+0x8c8/0xc70 [ 677.934991][T12164] ? __pfx___mutex_lock+0x10/0x10 [ 677.935022][T12164] ? __pfx_vfs_read+0x10/0x10 [ 677.935062][T12164] ksys_read+0x12a/0x240 [ 677.935084][T12164] ? __pfx_ksys_read+0x10/0x10 [ 677.935104][T12164] ? rcu_is_watching+0x12/0xc0 [ 677.935134][T12164] do_syscall_64+0xcd/0x230 [ 677.935168][T12164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.935189][T12164] RIP: 0033:0x7f331f78e169 [ 677.935207][T12164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 677.935228][T12164] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 677.935254][T12164] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 677.935269][T12164] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 677.935283][T12164] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 677.935297][T12164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.935310][T12164] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 677.935338][T12164] [ 678.246365][ C1] vkms_vblank_simulate: vblank timer overrun [ 679.083728][ T5853] Bluetooth: hci0: command tx timeout [ 680.887821][T12157] chnl_net:caif_netlink_parms(): no params data found [ 681.051901][T12186] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 681.163777][ T5853] Bluetooth: hci0: command tx timeout [ 681.421591][T12157] bridge0: port 1(bridge_slave_0) entered blocking state [ 681.437776][T12193] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1385'. [ 681.458253][T12157] bridge0: port 1(bridge_slave_0) entered disabled state [ 681.502301][T12196] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1385'. [ 681.513004][T12157] bridge_slave_0: entered allmulticast mode [ 681.550934][T12157] bridge_slave_0: entered promiscuous mode [ 681.590754][T12157] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.626159][T12198] program syz.3.1386 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 681.643825][T12157] bridge0: port 2(bridge_slave_1) entered disabled state [ 681.690122][T12157] bridge_slave_1: entered allmulticast mode [ 681.754954][T12157] bridge_slave_1: entered promiscuous mode [ 681.925131][T12157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 681.988210][T12206] FAULT_INJECTION: forcing a failure. [ 681.988210][T12206] name failslab, interval 1, probability 0, space 0, times 0 [ 682.020864][T12157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 682.108302][T12206] CPU: 1 UID: 0 PID: 12206 Comm: syz.3.1389 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 682.108339][T12206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 682.108353][T12206] Call Trace: [ 682.108361][T12206] [ 682.108371][T12206] dump_stack_lvl+0x16c/0x1f0 [ 682.108408][T12206] should_fail_ex+0x512/0x640 [ 682.108435][T12206] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 682.108468][T12206] should_failslab+0xc2/0x120 [ 682.108498][T12206] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 682.108528][T12206] ? __kernfs_new_node+0xd2/0x8a0 [ 682.108555][T12206] __kernfs_new_node+0xd2/0x8a0 [ 682.108581][T12206] ? __pfx___kernfs_new_node+0x10/0x10 [ 682.108612][T12206] ? find_held_lock+0x2b/0x80 [ 682.108638][T12206] ? kernfs_root+0xee/0x2a0 [ 682.108667][T12206] kernfs_new_node+0x13c/0x1e0 [ 682.108700][T12206] kernfs_create_dir_ns+0x4c/0x1a0 [ 682.108731][T12206] sysfs_create_dir_ns+0x13a/0x2b0 [ 682.108754][T12206] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 682.108776][T12206] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 682.108801][T12206] ? kfree+0x252/0x4d0 [ 682.108826][T12206] kobject_add_internal+0x2c4/0x9b0 [ 682.108868][T12206] kobject_add+0x16e/0x240 [ 682.108889][T12206] ? __pfx_kobject_add+0x10/0x10 [ 682.108912][T12206] ? __pfx_kobject_add+0x10/0x10 [ 682.108945][T12206] blk_register_queue+0x98/0x560 [ 682.108991][T12206] add_disk_fwnode+0x911/0x13a0 [ 682.109026][T12206] zram_add+0x494/0x6c0 [ 682.109053][T12206] ? __pfx_zram_add+0x10/0x10 [ 682.109099][T12206] ? find_held_lock+0x2b/0x80 [ 682.109128][T12206] ? __pfx_hot_add_show+0x10/0x10 [ 682.109153][T12206] ? __pfx_class_attr_show+0x10/0x10 [ 682.109177][T12206] hot_add_show+0x21/0x80 [ 682.109202][T12206] class_attr_show+0x6f/0xa0 [ 682.109228][T12206] sysfs_kf_seq_show+0x213/0x3e0 [ 682.109270][T12206] seq_read_iter+0x506/0x12c0 [ 682.109319][T12206] kernfs_fop_read_iter+0x40f/0x5a0 [ 682.109350][T12206] ? rw_verify_area+0xcf/0x680 [ 682.109389][T12206] vfs_read+0x8c8/0xc70 [ 682.109417][T12206] ? __pfx___mutex_lock+0x10/0x10 [ 682.109451][T12206] ? __pfx_vfs_read+0x10/0x10 [ 682.109495][T12206] ksys_read+0x12a/0x240 [ 682.109518][T12206] ? __pfx_ksys_read+0x10/0x10 [ 682.109540][T12206] ? rcu_is_watching+0x12/0xc0 [ 682.109576][T12206] do_syscall_64+0xcd/0x230 [ 682.109631][T12206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.109655][T12206] RIP: 0033:0x7fe4d918e169 [ 682.109674][T12206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 682.109699][T12206] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 682.109722][T12206] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 682.109738][T12206] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 682.109753][T12206] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 682.109768][T12206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.109782][T12206] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 682.109813][T12206] [ 682.109826][T12206] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 682.765515][T12216] FAULT_INJECTION: forcing a failure. [ 682.765515][T12216] name failslab, interval 1, probability 0, space 0, times 0 [ 682.848010][T12216] CPU: 1 UID: 0 PID: 12216 Comm: syz.0.1392 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 682.848046][T12216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 682.848061][T12216] Call Trace: [ 682.848069][T12216] [ 682.848078][T12216] dump_stack_lvl+0x16c/0x1f0 [ 682.848117][T12216] should_fail_ex+0x512/0x640 [ 682.848145][T12216] ? fs_reclaim_acquire+0xae/0x150 [ 682.848186][T12216] should_failslab+0xc2/0x120 [ 682.848218][T12216] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 682.848249][T12216] ? security_inode_alloc+0x3b/0x2b0 [ 682.848281][T12216] security_inode_alloc+0x3b/0x2b0 [ 682.848309][T12216] inode_init_always_gfp+0xce4/0x1030 [ 682.848338][T12216] alloc_inode+0x86/0x240 [ 682.848369][T12216] sock_alloc+0x40/0x280 [ 682.848406][T12216] sock_create_lite+0x82/0x120 [ 682.848444][T12216] __netlink_kernel_create+0xbd/0x750 [ 682.848481][T12216] ? __pfx___netlink_kernel_create+0x10/0x10 [ 682.848526][T12216] uevent_net_init+0xf8/0x350 [ 682.848549][T12216] ? __pfx_uevent_net_init+0x10/0x10 [ 682.848575][T12216] ? __pfx_uevent_net_rcv+0x10/0x10 [ 682.848607][T12216] ? __pfx_uevent_net_init+0x10/0x10 [ 682.848630][T12216] ops_init+0x1df/0x5f0 [ 682.848667][T12216] setup_net+0x21e/0x850 [ 682.848703][T12216] ? __pfx_setup_net+0x10/0x10 [ 682.848736][T12216] ? lockdep_init_map_type+0x5c/0x280 [ 682.848771][T12216] ? __pfx_down_read_killable+0x10/0x10 [ 682.848797][T12216] ? debug_mutex_init+0x37/0x70 [ 682.848825][T12216] copy_net_ns+0x2a6/0x5f0 [ 682.848865][T12216] create_new_namespaces+0x3ea/0xad0 [ 682.848901][T12216] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 682.848940][T12216] ksys_unshare+0x45b/0xa40 [ 682.848976][T12216] ? __pfx_ksys_unshare+0x10/0x10 [ 682.849010][T12216] ? xfd_validate_state+0x5d/0x180 [ 682.849042][T12216] ? rcu_is_watching+0x12/0xc0 [ 682.849073][T12216] __x64_sys_unshare+0x31/0x40 [ 682.849108][T12216] do_syscall_64+0xcd/0x230 [ 682.849145][T12216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.849170][T12216] RIP: 0033:0x7fe1cd18e169 [ 682.849189][T12216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 682.849214][T12216] RSP: 002b:00007fe1caff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 682.849236][T12216] RAX: ffffffffffffffda RBX: 00007fe1cd3b6080 RCX: 00007fe1cd18e169 [ 682.849252][T12216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 682.849267][T12216] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 682.849281][T12216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.849295][T12216] R13: 0000000000000000 R14: 00007fe1cd3b6080 R15: 00007ffc2241a948 [ 682.849325][T12216] [ 683.122600][T12216] kobject_uevent: unable to create netlink socket! [ 683.488596][T12157] team0: Port device team_slave_0 added [ 683.498029][ T5853] Bluetooth: hci0: command tx timeout [ 683.605352][T12157] team0: Port device team_slave_1 added [ 685.101869][T12157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 685.138103][T12157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.300187][T12157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 685.367529][T12157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 685.416314][T12157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.528614][T12157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 685.566459][ T5853] Bluetooth: hci0: command tx timeout [ 685.755158][T12231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1394'. [ 685.914655][T12230] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1396'. [ 685.927526][T12228] HfR: entered promiscuous mode [ 686.789824][T12157] hsr_slave_0: entered promiscuous mode [ 686.831196][T12157] hsr_slave_1: entered promiscuous mode [ 686.860640][T12157] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 686.892529][T12157] Cannot create hsr debugfs directory [ 687.043266][T12230] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 688.868187][T12157] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 688.944628][T12157] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 689.008924][T12157] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 689.066175][T12157] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 690.118145][T12157] 8021q: adding VLAN 0 to HW filter on device bond0 [ 690.192540][T12157] 8021q: adding VLAN 0 to HW filter on device team0 [ 690.283319][ T4491] bridge0: port 1(bridge_slave_0) entered blocking state [ 690.290531][ T4491] bridge0: port 1(bridge_slave_0) entered forwarding state [ 690.401386][ T4491] bridge0: port 2(bridge_slave_1) entered blocking state [ 690.408651][ T4491] bridge0: port 2(bridge_slave_1) entered forwarding state [ 690.609830][T12157] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 690.863990][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.875898][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.030424][T12289] FAULT_INJECTION: forcing a failure. [ 691.030424][T12289] name failslab, interval 1, probability 0, space 0, times 0 [ 691.113726][T12289] CPU: 1 UID: 0 PID: 12289 Comm: syz.3.1411 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 691.113757][T12289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 691.113771][T12289] Call Trace: [ 691.113777][T12289] [ 691.113785][T12289] dump_stack_lvl+0x16c/0x1f0 [ 691.113818][T12289] should_fail_ex+0x512/0x640 [ 691.113843][T12289] ? __kmalloc_noprof+0xbf/0x510 [ 691.113869][T12289] ? tracing_open+0x2ba/0xf90 [ 691.113888][T12289] should_failslab+0xc2/0x120 [ 691.113915][T12289] __kmalloc_noprof+0xd2/0x510 [ 691.113944][T12289] tracing_open+0x2ba/0xf90 [ 691.113965][T12289] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 691.114002][T12289] do_dentry_open+0x741/0x1c10 [ 691.114024][T12289] ? __pfx_tracing_open+0x10/0x10 [ 691.114049][T12289] vfs_open+0x82/0x3f0 [ 691.114080][T12289] path_openat+0x1e5e/0x2d40 [ 691.114111][T12289] ? __pfx_path_openat+0x10/0x10 [ 691.114138][T12289] do_filp_open+0x20b/0x470 [ 691.114160][T12289] ? __pfx_do_filp_open+0x10/0x10 [ 691.114199][T12289] ? alloc_fd+0x471/0x7d0 [ 691.114224][T12289] do_sys_openat2+0x11b/0x1d0 [ 691.114253][T12289] ? __pfx_do_sys_openat2+0x10/0x10 [ 691.114282][T12289] ? find_held_lock+0x2b/0x80 [ 691.114309][T12289] __x64_sys_openat+0x174/0x210 [ 691.114339][T12289] ? __pfx___x64_sys_openat+0x10/0x10 [ 691.114376][T12289] ? rcu_is_watching+0x12/0xc0 [ 691.114404][T12289] do_syscall_64+0xcd/0x230 [ 691.114436][T12289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.114457][T12289] RIP: 0033:0x7fe4d918e169 [ 691.114473][T12289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 691.114495][T12289] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 691.114514][T12289] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 691.114528][T12289] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 691.114542][T12289] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 691.114554][T12289] R10: 000000000000ffeb R11: 0000000000000246 R12: 0000000000000000 [ 691.114567][T12289] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 691.114592][T12289] [ 691.577547][T12157] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 691.960011][T12294] Process accounting resumed [ 692.281966][T12157] veth0_vlan: entered promiscuous mode [ 692.365343][T12157] veth1_vlan: entered promiscuous mode [ 692.510321][T12157] veth0_macvtap: entered promiscuous mode [ 692.579501][T12157] veth1_macvtap: entered promiscuous mode [ 692.692723][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 692.760665][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 692.813833][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 692.887760][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 692.937198][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 692.983752][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.024160][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.064123][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.124237][T12157] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 693.197584][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.259578][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.302978][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.339434][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.371156][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.413401][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.469276][T12157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.512765][T12157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.582770][T12157] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 693.626994][T12157] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.686682][T12157] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.735811][T12157] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 693.788576][T12157] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 694.572654][ T7911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 694.612958][ T7911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 694.736603][ T7911] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 694.782096][ T7911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 696.598378][T12369] FAULT_INJECTION: forcing a failure. [ 696.598378][T12369] name failslab, interval 1, probability 0, space 0, times 0 [ 696.675059][T12371] FAULT_INJECTION: forcing a failure. [ 696.675059][T12371] name failslab, interval 1, probability 0, space 0, times 0 [ 696.704236][T12369] CPU: 1 UID: 0 PID: 12369 Comm: syz.0.1431 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 696.704294][T12369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 696.704309][T12369] Call Trace: [ 696.704317][T12369] [ 696.704326][T12369] dump_stack_lvl+0x16c/0x1f0 [ 696.704364][T12369] should_fail_ex+0x512/0x640 [ 696.704391][T12369] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 696.704419][T12369] should_failslab+0xc2/0x120 [ 696.704450][T12369] __kmalloc_cache_noprof+0x6a/0x3e0 [ 696.704474][T12369] ? mark_held_locks+0x49/0x80 [ 696.704504][T12369] ? kobject_create_and_add+0x4a/0xf0 [ 696.704526][T12369] ? lockdep_hardirqs_on+0x7c/0x110 [ 696.704560][T12369] kobject_create_and_add+0x4a/0xf0 [ 696.704583][T12369] add_disk_fwnode+0x83b/0x13a0 [ 696.704618][T12369] zram_add+0x494/0x6c0 [ 696.704644][T12369] ? __pfx_zram_add+0x10/0x10 [ 696.704689][T12369] ? find_held_lock+0x2b/0x80 [ 696.704717][T12369] ? __pfx_hot_add_show+0x10/0x10 [ 696.704742][T12369] ? __pfx_class_attr_show+0x10/0x10 [ 696.704765][T12369] hot_add_show+0x21/0x80 [ 696.704791][T12369] class_attr_show+0x6f/0xa0 [ 696.704815][T12369] sysfs_kf_seq_show+0x213/0x3e0 [ 696.704856][T12369] seq_read_iter+0x506/0x12c0 [ 696.704905][T12369] kernfs_fop_read_iter+0x40f/0x5a0 [ 696.704935][T12369] ? rw_verify_area+0xcf/0x680 [ 696.704975][T12369] vfs_read+0x8c8/0xc70 [ 696.705002][T12369] ? __pfx___mutex_lock+0x10/0x10 [ 696.705043][T12369] ? __pfx_vfs_read+0x10/0x10 [ 696.705087][T12369] ksys_read+0x12a/0x240 [ 696.705110][T12369] ? __pfx_ksys_read+0x10/0x10 [ 696.705132][T12369] ? rcu_is_watching+0x12/0xc0 [ 696.705164][T12369] do_syscall_64+0xcd/0x230 [ 696.705199][T12369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.705223][T12369] RIP: 0033:0x7fe1cd18e169 [ 696.705241][T12369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 696.705263][T12369] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 696.705285][T12369] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 696.705301][T12369] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 696.705316][T12369] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 696.705330][T12369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 696.705344][T12369] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 696.705374][T12369] [ 697.081586][T12373] FAULT_INJECTION: forcing a failure. [ 697.081586][T12373] name failslab, interval 1, probability 0, space 0, times 0 [ 697.095197][T12373] CPU: 1 UID: 0 PID: 12373 Comm: syz.1.1433 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 697.095229][T12373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 697.095243][T12373] Call Trace: [ 697.095251][T12373] [ 697.095260][T12373] dump_stack_lvl+0x16c/0x1f0 [ 697.095296][T12373] should_fail_ex+0x512/0x640 [ 697.095323][T12373] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 697.095359][T12373] should_failslab+0xc2/0x120 [ 697.095390][T12373] __kmalloc_cache_noprof+0x6a/0x3e0 [ 697.095415][T12373] ? snd_seq_create_port+0xf7/0xad0 [ 697.095454][T12373] snd_seq_create_port+0xf7/0xad0 [ 697.095495][T12373] snd_seq_ioctl_create_port+0x253/0x950 [ 697.095530][T12373] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 697.095565][T12373] ? kasan_save_stack+0x42/0x60 [ 697.095590][T12373] ? kasan_save_stack+0x33/0x60 [ 697.095614][T12373] ? kasan_save_track+0x14/0x30 [ 697.095644][T12373] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 697.095684][T12373] create_port+0x197/0x260 [ 697.095719][T12373] ? __pfx_create_port+0x10/0x10 [ 697.095759][T12373] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 697.095783][T12373] ? __pfx_free_devinfo+0x10/0x10 [ 697.095839][T12373] ? mark_held_locks+0x49/0x80 [ 697.095871][T12373] ? _raw_spin_unlock_irq+0x23/0x50 [ 697.095903][T12373] snd_seq_oss_open+0x36c/0xa20 [ 697.095945][T12373] odev_open+0x6f/0x90 [ 697.095977][T12373] ? __pfx_odev_open+0x10/0x10 [ 697.096010][T12373] soundcore_open+0x409/0x580 [ 697.096059][T12373] ? __pfx_soundcore_open+0x10/0x10 [ 697.096089][T12373] chrdev_open+0x231/0x6a0 [ 697.096113][T12373] ? __pfx_apparmor_file_open+0x10/0x10 [ 697.096142][T12373] ? __pfx_chrdev_open+0x10/0x10 [ 697.096169][T12373] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 697.096208][T12373] do_dentry_open+0x741/0x1c10 [ 697.096233][T12373] ? __pfx_chrdev_open+0x10/0x10 [ 697.096263][T12373] vfs_open+0x82/0x3f0 [ 697.096295][T12373] path_openat+0x1e5e/0x2d40 [ 697.096327][T12373] ? __pfx_path_openat+0x10/0x10 [ 697.096364][T12373] do_filp_open+0x20b/0x470 [ 697.096387][T12373] ? __pfx_do_filp_open+0x10/0x10 [ 697.096429][T12373] ? alloc_fd+0x471/0x7d0 [ 697.096457][T12373] do_sys_openat2+0x11b/0x1d0 [ 697.096487][T12373] ? __pfx_do_sys_openat2+0x10/0x10 [ 697.096528][T12373] __x64_sys_openat+0x174/0x210 [ 697.096559][T12373] ? __pfx___x64_sys_openat+0x10/0x10 [ 697.096591][T12373] ? rcu_is_watching+0x12/0xc0 [ 697.096620][T12373] do_syscall_64+0xcd/0x230 [ 697.096653][T12373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.096675][T12373] RIP: 0033:0x7f331f78e169 [ 697.096692][T12373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.096714][T12373] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 697.096734][T12373] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 697.096749][T12373] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 697.096763][T12373] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 697.096776][T12373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.096788][T12373] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 697.096815][T12373] [ 697.096825][T12373] ALSA: seq_oss: can't create port [ 697.496328][T12371] CPU: 1 UID: 0 PID: 12371 Comm: syz.4.1432 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 697.496363][T12371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 697.496378][T12371] Call Trace: [ 697.496386][T12371] [ 697.496395][T12371] dump_stack_lvl+0x16c/0x1f0 [ 697.496432][T12371] should_fail_ex+0x512/0x640 [ 697.496460][T12371] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 697.496495][T12371] should_failslab+0xc2/0x120 [ 697.496526][T12371] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 697.496569][T12371] ? vfs_parse_fs_string+0xc3/0x150 [ 697.496596][T12371] kmemdup_nul+0x49/0xf0 [ 697.496626][T12371] vfs_parse_fs_string+0xc3/0x150 [ 697.496668][T12371] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 697.496705][T12371] ? kasan_save_track+0x14/0x30 [ 697.496733][T12371] ? tracefs_init_fs_context+0xc8/0x110 [ 697.496764][T12371] ? __pfx_tracefs_init_fs_context+0x10/0x10 [ 697.496795][T12371] ? alloc_fs_context+0x59b/0x9c0 [ 697.496822][T12371] vfs_kern_mount.part.0+0x6d/0x170 [ 697.496856][T12371] vfs_submount+0xb6/0xd0 [ 697.496887][T12371] trace_automount+0x3b/0x90 [ 697.496910][T12371] __traverse_mounts+0x192/0x790 [ 697.496943][T12371] step_into+0x5aa/0x2270 [ 697.496986][T12371] ? __pfx_step_into+0x10/0x10 [ 697.497019][T12371] ? __d_lookup+0x266/0x4a0 [ 697.497053][T12371] ? lookup_fast+0x156/0x610 [ 697.497089][T12371] walk_component+0xfc/0x5b0 [ 697.497125][T12371] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 697.497171][T12371] path_openat+0x227/0x2d40 [ 697.497192][T12371] ? __x64_sys_openat+0x174/0x210 [ 697.497233][T12371] ? __pfx_path_openat+0x10/0x10 [ 697.497262][T12371] do_filp_open+0x20b/0x470 [ 697.497285][T12371] ? __pfx_do_filp_open+0x10/0x10 [ 697.497326][T12371] ? alloc_fd+0x471/0x7d0 [ 697.497353][T12371] do_sys_openat2+0x11b/0x1d0 [ 697.497383][T12371] ? __pfx_do_sys_openat2+0x10/0x10 [ 697.497423][T12371] __x64_sys_openat+0x174/0x210 [ 697.497454][T12371] ? __pfx___x64_sys_openat+0x10/0x10 [ 697.497487][T12371] ? rcu_is_watching+0x12/0xc0 [ 697.497516][T12371] do_syscall_64+0xcd/0x230 [ 697.497549][T12371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.497571][T12371] RIP: 0033:0x7f1c7a98e169 [ 697.497588][T12371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.497610][T12371] RSP: 002b:00007f1c7b7f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 697.497630][T12371] RAX: ffffffffffffffda RBX: 00007f1c7abb5fa0 RCX: 00007f1c7a98e169 [ 697.497644][T12371] RDX: 0000000000022500 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 697.497658][T12371] RBP: 00007f1c7aa10a68 R08: 0000000000000000 R09: 0000000000000000 [ 697.497672][T12371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.497685][T12371] R13: 0000000000000000 R14: 00007f1c7abb5fa0 R15: 00007fffacf96668 [ 697.497711][T12371] [ 697.814028][T12380] FAULT_INJECTION: forcing a failure. [ 697.814028][T12380] name failslab, interval 1, probability 0, space 0, times 0 [ 697.827678][T12380] CPU: 1 UID: 0 PID: 12380 Comm: syz.3.1434 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 697.827709][T12380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 697.827733][T12380] Call Trace: [ 697.827740][T12380] [ 697.827748][T12380] dump_stack_lvl+0x16c/0x1f0 [ 697.827781][T12380] should_fail_ex+0x512/0x640 [ 697.827804][T12380] ? fs_reclaim_acquire+0xae/0x150 [ 697.827839][T12380] should_failslab+0xc2/0x120 [ 697.827866][T12380] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 697.827892][T12380] ? security_inode_alloc+0x3b/0x2b0 [ 697.827919][T12380] security_inode_alloc+0x3b/0x2b0 [ 697.827942][T12380] inode_init_always_gfp+0xce4/0x1030 [ 697.827973][T12380] alloc_inode+0x86/0x240 [ 697.828000][T12380] new_inode+0x22/0x1c0 [ 697.828029][T12380] proc_sys_make_inode+0x47/0x5c0 [ 697.828054][T12380] proc_sys_lookup+0x282/0x410 [ 697.828077][T12380] ? __pfx_proc_sys_lookup+0x10/0x10 [ 697.828102][T12380] ? lockdep_init_map_type+0x5c/0x280 [ 697.828134][T12380] ? lockdep_init_map_type+0x5c/0x280 [ 697.828167][T12380] __lookup_slow+0x24e/0x460 [ 697.828196][T12380] ? __pfx___lookup_slow+0x10/0x10 [ 697.828239][T12380] ? lookup_fast+0x156/0x610 [ 697.828269][T12380] ? _raw_spin_unlock+0x28/0x50 [ 697.828296][T12380] walk_component+0x353/0x5b0 [ 697.828329][T12380] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 697.828373][T12380] path_openat+0x227/0x2d40 [ 697.828391][T12380] ? __x64_sys_openat+0x174/0x210 [ 697.828430][T12380] ? __pfx_path_openat+0x10/0x10 [ 697.828457][T12380] do_filp_open+0x20b/0x470 [ 697.828478][T12380] ? __pfx_do_filp_open+0x10/0x10 [ 697.828518][T12380] ? alloc_fd+0x471/0x7d0 [ 697.828543][T12380] do_sys_openat2+0x11b/0x1d0 [ 697.828571][T12380] ? __pfx_do_sys_openat2+0x10/0x10 [ 697.828598][T12380] ? __sock_release+0x20b/0x270 [ 697.828636][T12380] __x64_sys_openat+0x174/0x210 [ 697.828665][T12380] ? __pfx___x64_sys_openat+0x10/0x10 [ 697.828695][T12380] ? rcu_is_watching+0x12/0xc0 [ 697.828723][T12380] do_syscall_64+0xcd/0x230 [ 697.828773][T12380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.828794][T12380] RIP: 0033:0x7fe4d918e169 [ 697.828812][T12380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.828833][T12380] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 697.828854][T12380] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 697.828868][T12380] RDX: 00000000001a3000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 697.828882][T12380] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 697.828895][T12380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.828908][T12380] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 697.828935][T12380] [ 698.414641][T12386] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 701.879804][T12420] zswap: compressor not available [ 701.914563][T12422] Setting dangerous option i915.mitigations - tainting kernel [ 703.487430][T12443] FAULT_INJECTION: forcing a failure. [ 703.487430][T12443] name failslab, interval 1, probability 0, space 0, times 0 [ 703.568638][T12443] CPU: 1 UID: 0 PID: 12443 Comm: syz.1.1453 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 703.568675][T12443] Tainted: [U]=USER [ 703.568683][T12443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 703.568695][T12443] Call Trace: [ 703.568702][T12443] [ 703.568710][T12443] dump_stack_lvl+0x16c/0x1f0 [ 703.568743][T12443] should_fail_ex+0x512/0x640 [ 703.568768][T12443] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 703.568792][T12443] should_failslab+0xc2/0x120 [ 703.568820][T12443] __kmalloc_cache_noprof+0x6a/0x3e0 [ 703.568842][T12443] ? shrinker_alloc+0xf5/0xbf0 [ 703.568874][T12443] shrinker_alloc+0xf5/0xbf0 [ 703.568904][T12443] ? mark_held_locks+0x49/0x80 [ 703.568931][T12443] ? pcpu_memcg_post_alloc_hook+0x1e/0x740 [ 703.568962][T12443] ? __pfx_shrinker_alloc+0x10/0x10 [ 703.568994][T12443] ? lockdep_init_map_type+0x5c/0x280 [ 703.569024][T12443] ? __raw_spin_lock_init+0x3a/0x110 [ 703.569056][T12443] ? __init_rwsem+0x12d/0x1b0 [ 703.569089][T12443] alloc_super+0x7c8/0xbd0 [ 703.569112][T12443] ? __pfx_test_keyed_super+0x10/0x10 [ 703.569140][T12443] sget_fc+0x116/0xc20 [ 703.569160][T12443] ? __pfx_set_anon_super_fc+0x10/0x10 [ 703.569192][T12443] ? __pfx_nfsd_fill_super+0x10/0x10 [ 703.569212][T12443] get_tree_keyed+0x59/0x1d0 [ 703.569233][T12443] vfs_get_tree+0x8b/0x340 [ 703.569263][T12443] path_mount+0x14d4/0x1f30 [ 703.569287][T12443] ? kmem_cache_free+0x2d4/0x4d0 [ 703.569310][T12443] ? __pfx_path_mount+0x10/0x10 [ 703.569336][T12443] ? putname+0x154/0x1a0 [ 703.569364][T12443] __x64_sys_mount+0x28d/0x310 [ 703.569387][T12443] ? __pfx___x64_sys_mount+0x10/0x10 [ 703.569410][T12443] ? rcu_is_watching+0x12/0xc0 [ 703.569437][T12443] do_syscall_64+0xcd/0x230 [ 703.569468][T12443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.569489][T12443] RIP: 0033:0x7f331f78e169 [ 703.569505][T12443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.569525][T12443] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 703.569544][T12443] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 703.569558][T12443] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 703.569575][T12443] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 703.569592][T12443] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 703.569604][T12443] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 703.569651][T12443] [ 703.824554][ C1] vkms_vblank_simulate: vblank timer overrun [ 704.650221][T12456] mkiss: ax0: crc mode is auto. [ 704.827262][T12452] Process accounting paused [ 705.054239][T12458] FAULT_INJECTION: forcing a failure. [ 705.054239][T12458] name failslab, interval 1, probability 0, space 0, times 0 [ 705.117757][T12458] CPU: 1 UID: 0 PID: 12458 Comm: syz.1.1457 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 705.117794][T12458] Tainted: [U]=USER [ 705.117801][T12458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 705.117814][T12458] Call Trace: [ 705.117821][T12458] [ 705.117830][T12458] dump_stack_lvl+0x16c/0x1f0 [ 705.117864][T12458] should_fail_ex+0x512/0x640 [ 705.117888][T12458] ? __kmalloc_noprof+0xbf/0x510 [ 705.117916][T12458] ? tracing_open+0x2ba/0xf90 [ 705.117936][T12458] should_failslab+0xc2/0x120 [ 705.117963][T12458] __kmalloc_noprof+0xd2/0x510 [ 705.118011][T12458] tracing_open+0x2ba/0xf90 [ 705.118033][T12458] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 705.118072][T12458] do_dentry_open+0x741/0x1c10 [ 705.118096][T12458] ? __pfx_tracing_open+0x10/0x10 [ 705.118124][T12458] vfs_open+0x82/0x3f0 [ 705.118156][T12458] path_openat+0x1e5e/0x2d40 [ 705.118189][T12458] ? __pfx_path_openat+0x10/0x10 [ 705.118219][T12458] do_filp_open+0x20b/0x470 [ 705.118242][T12458] ? __pfx_do_filp_open+0x10/0x10 [ 705.118283][T12458] ? alloc_fd+0x471/0x7d0 [ 705.118311][T12458] do_sys_openat2+0x11b/0x1d0 [ 705.118340][T12458] ? __pfx_do_sys_openat2+0x10/0x10 [ 705.118372][T12458] ? find_held_lock+0x2b/0x80 [ 705.118402][T12458] __x64_sys_openat+0x174/0x210 [ 705.118433][T12458] ? __pfx___x64_sys_openat+0x10/0x10 [ 705.118466][T12458] ? rcu_is_watching+0x12/0xc0 [ 705.118504][T12458] do_syscall_64+0xcd/0x230 [ 705.118538][T12458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.118560][T12458] RIP: 0033:0x7f331f78e169 [ 705.118577][T12458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.118599][T12458] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 705.118619][T12458] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 705.118634][T12458] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 705.118648][T12458] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 705.118661][T12458] R10: 000000000000ffeb R11: 0000000000000246 R12: 0000000000000000 [ 705.118674][T12458] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 705.118701][T12458] [ 705.348962][ C1] vkms_vblank_simulate: vblank timer overrun [ 706.833203][ C1] vcan0: j1939_tp_rxtimer: 0xffff888025ae1000: rx timeout, send abort [ 707.342464][ C1] vcan0: j1939_tp_rxtimer: 0xffff888025ae1000: abort rx timeout. Force session deactivation [ 708.105179][T12496] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1468'. [ 709.753214][T12512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1473'. [ 711.032229][T12534] FAULT_INJECTION: forcing a failure. [ 711.032229][T12534] name failslab, interval 1, probability 0, space 0, times 0 [ 711.088515][T12534] CPU: 1 UID: 0 PID: 12534 Comm: syz.1.1479 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 711.088552][T12534] Tainted: [U]=USER [ 711.088559][T12534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 711.088572][T12534] Call Trace: [ 711.088579][T12534] [ 711.088587][T12534] dump_stack_lvl+0x16c/0x1f0 [ 711.088622][T12534] should_fail_ex+0x512/0x640 [ 711.088647][T12534] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 711.088672][T12534] should_failslab+0xc2/0x120 [ 711.088699][T12534] __kmalloc_cache_noprof+0x6a/0x3e0 [ 711.088721][T12534] ? sctp_endpoint_new+0x7c/0xcd0 [ 711.088757][T12534] sctp_endpoint_new+0x7c/0xcd0 [ 711.088793][T12534] sctp_init_sock+0xe2d/0x1330 [ 711.088825][T12534] sctp_v6_init_sock+0x16/0x70 [ 711.088855][T12534] sctp_v6_create_accept_sk+0x4e0/0x730 [ 711.088880][T12534] ? __pfx_sctp_v6_create_accept_sk+0x10/0x10 [ 711.088902][T12534] sctp_accept+0x66f/0x7f0 [ 711.088937][T12534] ? __pfx_sctp_accept+0x10/0x10 [ 711.088967][T12534] ? aa_sk_perm+0x2f4/0xb10 [ 711.088991][T12534] ? __pfx_autoremove_wake_function+0x10/0x10 [ 711.089020][T12534] ? __pfx_aa_sk_perm+0x10/0x10 [ 711.089049][T12534] inet_accept+0xc4/0x180 [ 711.089072][T12534] do_accept+0x33b/0x530 [ 711.089102][T12534] ? __pfx_do_accept+0x10/0x10 [ 711.089141][T12534] __sys_accept4+0x100/0x1b0 [ 711.089164][T12534] ? __pfx___sys_accept4+0x10/0x10 [ 711.089188][T12534] ? rcu_is_watching+0x12/0xc0 [ 711.089214][T12534] __x64_sys_accept+0x74/0xb0 [ 711.089236][T12534] ? lockdep_hardirqs_on+0x7c/0x110 [ 711.089264][T12534] do_syscall_64+0xcd/0x230 [ 711.089296][T12534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.089316][T12534] RIP: 0033:0x7f331f78e169 [ 711.089333][T12534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 711.089353][T12534] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 711.089372][T12534] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 711.089385][T12534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 711.089397][T12534] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 711.089410][T12534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 711.089422][T12534] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 711.089448][T12534] [ 713.568227][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807c52b400: rx timeout, send abort [ 713.576642][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807c52b400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 713.642568][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802a0b5000: rx timeout, send abort [ 713.653758][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a0b5000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 714.074015][T12565] FAULT_INJECTION: forcing a failure. [ 714.074015][T12565] name failslab, interval 1, probability 0, space 0, times 0 [ 714.173145][T12565] CPU: 1 UID: 0 PID: 12565 Comm: syz.1.1488 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 714.173182][T12565] Tainted: [U]=USER [ 714.173189][T12565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 714.173202][T12565] Call Trace: [ 714.173210][T12565] [ 714.173218][T12565] dump_stack_lvl+0x16c/0x1f0 [ 714.173252][T12565] should_fail_ex+0x512/0x640 [ 714.173277][T12565] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 714.173302][T12565] should_failslab+0xc2/0x120 [ 714.173330][T12565] __kmalloc_cache_noprof+0x6a/0x3e0 [ 714.173351][T12565] ? __asan_memcpy+0x3c/0x60 [ 714.173370][T12565] ? sctp_auth_init_hmacs+0xf2/0x440 [ 714.173424][T12565] sctp_auth_init_hmacs+0xf2/0x440 [ 714.173459][T12565] ? sctp_bind_addr_dup+0xe8/0x130 [ 714.173490][T12565] sctp_sock_migrate+0x51a/0x12c0 [ 714.173531][T12565] ? sctp_v6_create_accept_sk+0x4fd/0x730 [ 714.173558][T12565] sctp_accept+0x692/0x7f0 [ 714.173597][T12565] ? __pfx_sctp_accept+0x10/0x10 [ 714.173629][T12565] ? aa_sk_perm+0x2f4/0xb10 [ 714.173654][T12565] ? __pfx_autoremove_wake_function+0x10/0x10 [ 714.173684][T12565] ? __pfx_aa_sk_perm+0x10/0x10 [ 714.173715][T12565] inet_accept+0xc4/0x180 [ 714.173739][T12565] do_accept+0x33b/0x530 [ 714.173766][T12565] ? __pfx_do_accept+0x10/0x10 [ 714.173806][T12565] __sys_accept4+0x100/0x1b0 [ 714.173830][T12565] ? __pfx___sys_accept4+0x10/0x10 [ 714.173854][T12565] ? rcu_is_watching+0x12/0xc0 [ 714.173882][T12565] __x64_sys_accept+0x74/0xb0 [ 714.173910][T12565] ? lockdep_hardirqs_on+0x7c/0x110 [ 714.173939][T12565] do_syscall_64+0xcd/0x230 [ 714.173972][T12565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.173994][T12565] RIP: 0033:0x7f331f78e169 [ 714.174011][T12565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 714.174033][T12565] RSP: 002b:00007f33205a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 714.174053][T12565] RAX: ffffffffffffffda RBX: 00007f331f9b5fa0 RCX: 00007f331f78e169 [ 714.174068][T12565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 714.174081][T12565] RBP: 00007f331f810a68 R08: 0000000000000000 R09: 0000000000000000 [ 714.174094][T12565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 714.174107][T12565] R13: 0000000000000000 R14: 00007f331f9b5fa0 R15: 00007fff8f270698 [ 714.174135][T12565] [ 715.203598][T12568] FAULT_INJECTION: forcing a failure. [ 715.203598][T12568] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 715.247313][T12568] CPU: 1 UID: 0 PID: 12568 Comm: syz.3.1489 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 715.247356][T12568] Tainted: [U]=USER [ 715.247365][T12568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 715.247380][T12568] Call Trace: [ 715.247388][T12568] [ 715.247398][T12568] dump_stack_lvl+0x16c/0x1f0 [ 715.247435][T12568] should_fail_ex+0x512/0x640 [ 715.247468][T12568] _copy_from_user+0x2e/0xd0 [ 715.247500][T12568] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 715.247539][T12568] snd_rawmidi_write+0x26e/0xc10 [ 715.247573][T12568] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 715.247601][T12568] ? __pfx_default_wake_function+0x10/0x10 [ 715.247630][T12568] ? bpf_lsm_file_permission+0x9/0x10 [ 715.247653][T12568] ? security_file_permission+0x71/0x210 [ 715.247687][T12568] ? rw_verify_area+0xcf/0x680 [ 715.247728][T12568] vfs_write+0x25c/0x1180 [ 715.247751][T12568] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 715.247784][T12568] ? __pfx_vfs_write+0x10/0x10 [ 715.247807][T12568] ? find_held_lock+0x2b/0x80 [ 715.247832][T12568] ? __fget_files+0x204/0x3c0 [ 715.247859][T12568] ? __fget_files+0x20e/0x3c0 [ 715.247889][T12568] ksys_write+0x205/0x240 [ 715.247920][T12568] ? __pfx_ksys_write+0x10/0x10 [ 715.247944][T12568] ? rcu_is_watching+0x12/0xc0 [ 715.247977][T12568] do_syscall_64+0xcd/0x230 [ 715.248014][T12568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.248038][T12568] RIP: 0033:0x7fe4d918e169 [ 715.248057][T12568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.248082][T12568] RSP: 002b:00007fe4d9f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 715.248105][T12568] RAX: ffffffffffffffda RBX: 00007fe4d93b5fa0 RCX: 00007fe4d918e169 [ 715.248121][T12568] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000005 [ 715.248136][T12568] RBP: 00007fe4d9210a68 R08: 0000000000000000 R09: 0000000000000000 [ 715.248151][T12568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 715.248165][T12568] R13: 0000000000000000 R14: 00007fe4d93b5fa0 R15: 00007ffe6b25a258 [ 715.248194][T12568] [ 715.711847][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.721570][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 718.416065][T12593] ================================================================== [ 718.424162][T12593] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 718.431893][T12593] Read of size 8 at addr ffff888029f0ba18 by task syz.0.1497/12593 [ 718.439784][T12593] [ 718.442148][T12593] CPU: 1 UID: 0 PID: 12593 Comm: syz.0.1497 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 718.442181][T12593] Tainted: [U]=USER [ 718.442189][T12593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 718.442202][T12593] Call Trace: [ 718.442210][T12593] [ 718.442218][T12593] dump_stack_lvl+0x116/0x1f0 [ 718.442250][T12593] print_report+0xc3/0x670 [ 718.442278][T12593] ? __virt_addr_valid+0x5e/0x590 [ 718.442307][T12593] ? __phys_addr+0xc6/0x150 [ 718.442336][T12593] ? dvb_device_open+0x36a/0x3b0 [ 718.442358][T12593] kasan_report+0xe0/0x110 [ 718.442386][T12593] ? dvb_device_open+0x36a/0x3b0 [ 718.442410][T12593] ? __pfx_dvb_device_open+0x10/0x10 [ 718.442433][T12593] dvb_device_open+0x36a/0x3b0 [ 718.442455][T12593] ? __pfx_dvb_device_open+0x10/0x10 [ 718.442477][T12593] chrdev_open+0x231/0x6a0 [ 718.442501][T12593] ? __pfx_apparmor_file_open+0x10/0x10 [ 718.442530][T12593] ? __pfx_chrdev_open+0x10/0x10 [ 718.442556][T12593] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 718.442593][T12593] do_dentry_open+0x741/0x1c10 [ 718.442623][T12593] ? __pfx_chrdev_open+0x10/0x10 [ 718.442651][T12593] vfs_open+0x82/0x3f0 [ 718.442682][T12593] path_openat+0x1e5e/0x2d40 [ 718.442709][T12593] ? __pfx_path_openat+0x10/0x10 [ 718.442735][T12593] do_filp_open+0x20b/0x470 [ 718.442757][T12593] ? __pfx_do_filp_open+0x10/0x10 [ 718.442788][T12593] ? alloc_fd+0x471/0x7d0 [ 718.442811][T12593] do_sys_openat2+0x11b/0x1d0 [ 718.442840][T12593] ? __pfx_do_sys_openat2+0x10/0x10 [ 718.442870][T12593] ? __pfx_do_sys_openat2+0x10/0x10 [ 718.442901][T12593] ? __pfx___might_resched+0x10/0x10 [ 718.442930][T12593] __x64_sys_openat+0x174/0x210 [ 718.442961][T12593] ? __pfx___x64_sys_openat+0x10/0x10 [ 718.442993][T12593] ? rcu_is_watching+0x12/0xc0 [ 718.443019][T12593] do_syscall_64+0xcd/0x230 [ 718.443071][T12593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.443095][T12593] RIP: 0033:0x7fe1cd18e169 [ 718.443113][T12593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 718.443136][T12593] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 718.443158][T12593] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 718.443174][T12593] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 718.443190][T12593] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 718.443204][T12593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 718.443219][T12593] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 718.443241][T12593] [ 718.443249][T12593] [ 718.707072][T12593] Allocated by task 1: [ 718.711140][T12593] kasan_save_stack+0x33/0x60 [ 718.715844][T12593] kasan_save_track+0x14/0x30 [ 718.720542][T12593] __kasan_kmalloc+0xaa/0xb0 [ 718.725161][T12593] dvb_register_device+0x1e4/0x2370 [ 718.730380][T12593] dvb_register_frontend+0x5a6/0x880 [ 718.735686][T12593] vidtv_bridge_probe+0x459/0xa90 [ 718.740726][T12593] platform_probe+0xff/0x1f0 [ 718.745337][T12593] really_probe+0x23e/0xa90 [ 718.749863][T12593] __driver_probe_device+0x1de/0x440 [ 718.755209][T12593] driver_probe_device+0x4c/0x1b0 [ 718.760350][T12593] __driver_attach+0x283/0x580 [ 718.765187][T12593] bus_for_each_dev+0x13b/0x1d0 [ 718.770066][T12593] bus_add_driver+0x2e9/0x690 [ 718.774767][T12593] driver_register+0x15c/0x4b0 [ 718.779553][T12593] vidtv_bridge_init+0x45/0x80 [ 718.784345][T12593] do_one_initcall+0x120/0x6e0 [ 718.789142][T12593] kernel_init_freeable+0x5c2/0x900 [ 718.794351][T12593] kernel_init+0x1c/0x2b0 [ 718.798682][T12593] ret_from_fork+0x45/0x80 [ 718.803100][T12593] ret_from_fork_asm+0x1a/0x30 [ 718.807873][T12593] [ 718.810196][T12593] Freed by task 12386: [ 718.814266][T12593] kasan_save_stack+0x33/0x60 [ 718.818962][T12593] kasan_save_track+0x14/0x30 [ 718.823643][T12593] kasan_save_free_info+0x3b/0x60 [ 718.828677][T12593] __kasan_slab_free+0x51/0x70 [ 718.833447][T12593] kfree+0x2b6/0x4d0 [ 718.837348][T12593] dvb_device_put.part.0+0x60/0x90 [ 718.842466][T12593] dvb_device_open+0x2a4/0x3b0 [ 718.847229][T12593] chrdev_open+0x231/0x6a0 [ 718.851658][T12593] do_dentry_open+0x741/0x1c10 [ 718.856433][T12593] vfs_open+0x82/0x3f0 [ 718.860542][T12593] path_openat+0x1e5e/0x2d40 [ 718.865174][T12593] do_filp_open+0x20b/0x470 [ 718.869692][T12593] do_sys_openat2+0x11b/0x1d0 [ 718.874387][T12593] __x64_sys_openat+0x174/0x210 [ 718.879301][T12593] do_syscall_64+0xcd/0x230 [ 718.883825][T12593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.889722][T12593] [ 718.892045][T12593] The buggy address belongs to the object at ffff888029f0ba00 [ 718.892045][T12593] which belongs to the cache kmalloc-256 of size 256 [ 718.906126][T12593] The buggy address is located 24 bytes inside of [ 718.906126][T12593] freed 256-byte region [ffff888029f0ba00, ffff888029f0bb00) [ 718.919845][T12593] [ 718.922173][T12593] The buggy address belongs to the physical page: [ 718.928594][T12593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29f0a [ 718.937357][T12593] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 718.945873][T12593] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 718.953466][T12593] page_type: f5(slab) [ 718.957476][T12593] raw: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 718.966064][T12593] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 718.974654][T12593] head: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 718.983450][T12593] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 718.992145][T12593] head: 00fff00000000001 ffffea0000a7c281 00000000ffffffff 00000000ffffffff [ 719.000860][T12593] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 719.009545][T12593] page dumped because: kasan: bad access detected [ 719.016018][T12593] page_owner tracks the page as allocated [ 719.021746][T12593] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 23900822680, free_ts 0 [ 719.041480][T12593] post_alloc_hook+0x181/0x1b0 [ 719.046262][T12593] get_page_from_freelist+0x135c/0x3920 [ 719.051824][T12593] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 719.057725][T12593] alloc_pages_mpol+0x1fb/0x550 [ 719.062603][T12593] new_slab+0x244/0x340 [ 719.066762][T12593] ___slab_alloc+0xd9c/0x1940 [ 719.071485][T12593] __slab_alloc.constprop.0+0x56/0xb0 [ 719.076867][T12593] __kmalloc_cache_noprof+0xfb/0x3e0 [ 719.082157][T12593] bus_add_driver+0x92/0x690 [ 719.086786][T12593] driver_register+0x15c/0x4b0 [ 719.091614][T12593] usb_register_driver+0x216/0x4d0 [ 719.096737][T12593] do_one_initcall+0x120/0x6e0 [ 719.101525][T12593] kernel_init_freeable+0x5c2/0x900 [ 719.106764][T12593] kernel_init+0x1c/0x2b0 [ 719.111109][T12593] ret_from_fork+0x45/0x80 [ 719.115530][T12593] ret_from_fork_asm+0x1a/0x30 [ 719.120323][T12593] page_owner free stack trace missing [ 719.125709][T12593] [ 719.128034][T12593] Memory state around the buggy address: [ 719.133665][T12593] ffff888029f0b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 719.141753][T12593] ffff888029f0b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 719.149821][T12593] >ffff888029f0ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 719.157901][T12593] ^ [ 719.162767][T12593] ffff888029f0ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 719.170854][T12593] ffff888029f0bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 719.178928][T12593] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 720.716764][ T7911] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 720.928220][ T7911] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 720.955855][T12593] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 720.963095][T12593] CPU: 1 UID: 0 PID: 12593 Comm: syz.0.1497 Tainted: G U 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 720.976733][T12593] Tainted: [U]=USER [ 720.980535][T12593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 720.990599][T12593] Call Trace: [ 720.993882][T12593] [ 720.996818][T12593] dump_stack_lvl+0x3d/0x1f0 [ 721.001428][T12593] panic+0x71c/0x800 [ 721.005347][T12593] ? __pfx_panic+0x10/0x10 [ 721.009782][T12593] ? mark_held_locks+0x49/0x80 [ 721.014567][T12593] ? preempt_schedule_thunk+0x16/0x30 [ 721.019945][T12593] ? dvb_device_open+0x36a/0x3b0 [ 721.024892][T12593] ? preempt_schedule_common+0x44/0xc0 [ 721.030407][T12593] ? dvb_device_open+0x36a/0x3b0 [ 721.035375][T12593] check_panic_on_warn+0xab/0xb0 [ 721.040340][T12593] end_report+0x107/0x170 [ 721.044686][T12593] kasan_report+0xee/0x110 [ 721.049119][T12593] ? dvb_device_open+0x36a/0x3b0 [ 721.054068][T12593] ? __pfx_dvb_device_open+0x10/0x10 [ 721.059361][T12593] dvb_device_open+0x36a/0x3b0 [ 721.064131][T12593] ? __pfx_dvb_device_open+0x10/0x10 [ 721.069423][T12593] chrdev_open+0x231/0x6a0 [ 721.073854][T12593] ? __pfx_apparmor_file_open+0x10/0x10 [ 721.079417][T12593] ? __pfx_chrdev_open+0x10/0x10 [ 721.084370][T12593] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 721.091171][T12593] do_dentry_open+0x741/0x1c10 [ 721.095961][T12593] ? __pfx_chrdev_open+0x10/0x10 [ 721.100917][T12593] vfs_open+0x82/0x3f0 [ 721.105055][T12593] path_openat+0x1e5e/0x2d40 [ 721.109671][T12593] ? __pfx_path_openat+0x10/0x10 [ 721.114623][T12593] do_filp_open+0x20b/0x470 [ 721.119132][T12593] ? __pfx_do_filp_open+0x10/0x10 [ 721.124172][T12593] ? alloc_fd+0x471/0x7d0 [ 721.128519][T12593] do_sys_openat2+0x11b/0x1d0 [ 721.133222][T12593] ? __pfx_do_sys_openat2+0x10/0x10 [ 721.138439][T12593] ? __pfx_do_sys_openat2+0x10/0x10 [ 721.143660][T12593] ? __pfx___might_resched+0x10/0x10 [ 721.148961][T12593] __x64_sys_openat+0x174/0x210 [ 721.153862][T12593] ? __pfx___x64_sys_openat+0x10/0x10 [ 721.159260][T12593] ? rcu_is_watching+0x12/0xc0 [ 721.164053][T12593] do_syscall_64+0xcd/0x230 [ 721.168582][T12593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.174503][T12593] RIP: 0033:0x7fe1cd18e169 [ 721.178920][T12593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 721.198571][T12593] RSP: 002b:00007fe1cdf1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 721.206989][T12593] RAX: ffffffffffffffda RBX: 00007fe1cd3b5fa0 RCX: 00007fe1cd18e169 [ 721.214961][T12593] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 721.222957][T12593] RBP: 00007fe1cd210a68 R08: 0000000000000000 R09: 0000000000000000 [ 721.230932][T12593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 721.238905][T12593] R13: 0000000000000000 R14: 00007fe1cd3b5fa0 R15: 00007ffc2241a948 [ 721.246909][T12593] [ 721.249989][T12593] Kernel Offset: disabled [ 721.254356][T12593] Rebooting in 86400 seconds..