last executing test programs: 7.152172219s ago: executing program 0 (id=1688): unshare$auto(0x40000080) mmap$auto(0x0, 0xc, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004540), r0) sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700001dcdf250200000004000a8008000800", @ANYRES32=0x0, @ANYBLOB="bab3f1cf2f89fdf738f8db9fe2b3a4a06350cf61610baa31519018d7cb52f4ccea9e4e20abb7dfa78d52d2f004e2dd9a72f73564369240ca354b86f97ebac48624cc1a4749b546e8671c9eb9dce7de629f072f067dfc9c212570d6bb724096b9a6f46fff05bb31220d312afbaf1f96f4541ad52373466f3b14141ceeaddd1690f2692546d09869474ee760db8d267747bf06f327"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x240400c0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x20103, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.controllers\x00', 0x2, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001100)=""/4111, 0x100f) getpid() linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x400) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="281e000006aec20f9b600e57a2eab630e44618f0396d9c025de3757370b35e4b95f237a73692630994fce41ef400000000", @ANYRES16=0x0, @ANYBLOB="02002dbd7000fedbdf254f00000008006100010000000500f6000100000004008e00"], 0x28}, 0x1, 0x0, 0x0, 0x440c1}, 0x800) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x2, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, 0x0, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf, @raw=0x98}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r4, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/midi2\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 6.185298692s ago: executing program 0 (id=1692): mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181702, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r1, 0x1269, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) socket(0x29, 0x2, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0xd) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) sched_get_priority_min$auto(0x40) 6.184576686s ago: executing program 3 (id=1693): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$auto(r1, 0x0, 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) read$auto(r0, 0x0, 0x2000000000007) mmap$auto(0x1f00, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto_SOUND_MIXER_READ_RECSRC(0xffffffffffffffff, 0x80044dff, &(0x7f00000012c0)) 4.977766937s ago: executing program 0 (id=1695): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) ioctl$auto(r0, 0x4b65, 0x7) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f00000000c0)={0x7ff, 0x0, 0x101, 0x9d75}) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x8, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x3, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000001240)='4', 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x80, 0x0) mmap$auto(0x81, 0x9, 0xc5c7, 0x16, r4, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) 4.861596038s ago: executing program 3 (id=1696): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680), 0x0) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) 4.390531676s ago: executing program 1 (id=1698): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) ioctl$auto(r0, 0x4b65, 0x7) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f00000000c0)={0x7ff, 0x0, 0x101, 0x9d75}) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x8, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x3, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000001240)='4', 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x80, 0x0) mmap$auto(0x81, 0x9, 0xc5c7, 0x16, r4, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) 4.25697476s ago: executing program 2 (id=1699): r0 = socket(0x2, 0x3, 0xa) connect$auto(r0, &(0x7f0000000080)=@l2tp={0x2, 0x0, @loopback}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioperm$auto(0x5, 0x4, 0x800005) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x10c942, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_START_OLD(r2, 0x5420, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r3, 0x402, 0x2) ioctl$auto_SNDCTL_TMR_CONTINUE(r1, 0x5404, 0x0) io_uring_setup$auto(0x6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, 0x0, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) 3.89547893s ago: executing program 0 (id=1700): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x11, 0x3, 0x9) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) get_robust_list$auto(0x0, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) setsockopt$auto(r0, 0x6a, 0x5, 0x0, 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0xa, 0x3) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) sendmsg$auto_KSMBD_EVENT_SHARE_CONFIG_RESPONSE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x0, 0x20, 0x70bd2a, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x15}, 0x14) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r2, @ANYBLOB="0a0005000180c200000e00000a0001000180c200", @ANYRES32=r2, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.77741269s ago: executing program 3 (id=1701): unshare$auto(0x40000080) mmap$auto(0x0, 0xc, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004540), r0) sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700001dcdf250200000004000a8008000800", @ANYRES32=0x0, @ANYBLOB="bab3f1cf2f89fdf738f8db9fe2b3a4a06350cf61610baa31519018d7cb52f4ccea9e4e20abb7dfa78d52d2f004e2dd9a72f73564369240ca354b86f97ebac48624cc1a4749b546e8671c9eb9dce7de629f072f067dfc9c212570d6bb724096b9a6f46fff05bb31220d312afbaf1f96f4541ad52373466f3b14141ceeaddd1690f2692546d09869474ee760db8d267747bf06f327"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x240400c0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x20103, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.controllers\x00', 0x2, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001100)=""/4111, 0x100f) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x400) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="281e000006aec20f9b600e57a2eab630e44618f0396d9c025de3757370b35e4b95f237a73692630994fce41ef400000000", @ANYRES16=0x0, @ANYBLOB="02002dbd7000fedbdf254f00000008006100010000000500f6000100000004008e00"], 0x28}, 0x1, 0x0, 0x0, 0x440c1}, 0x800) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x2, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, 0x0, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf, @raw=0x98}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r4, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/midi2\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 3.453238838s ago: executing program 0 (id=1702): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x801, 0x106) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0x19, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r1, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfdf3) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0), 0x55) read$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.375435769s ago: executing program 1 (id=1703): socket(0xa, 0x3, 0x3b) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b8162d21, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000180)={{0x8, 0xee01, 0xffffffffffffffff, 0x5, 0x400, 0xffffd0b2, 0x1}, &(0x7f0000000100)=0x8, &(0x7f0000000140)=0x4, 0x8, 0x5, 0xe17, 0x7ff, 0xb2, 0xb0, 0x0, 0x5, @inferred, @inferred=0xffffffffffffffff}) keyctl$auto(0x19, 0x0, r1, r2, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x2, 0x20000020009, 0x7, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0xffffffffffffffff, 0x3, r0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x407, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3b, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x200000, 0x60) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x88002, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.367163071s ago: executing program 2 (id=1704): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x11, 0x3, 0x9) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) get_robust_list$auto(0x0, 0x0, 0x0) r1 = socket(0x1d, 0x2, 0x6) setsockopt$auto(r1, 0x6a, 0x5, 0x0, 0x3) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x9, 0xd, 0x8fd6, 0x4bb, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x2, 0x400000000000001, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x17f, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0xa, 0x3) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) sendmsg$auto_KSMBD_EVENT_SHARE_CONFIG_RESPONSE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x15}, 0x14) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r3, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r3, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x4, 0x1) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000380)={"4bbaaaeba6169abdc1237a5b8d3b80f794f9e6bd5e7dc99a12a34f652057a8b6", 0xf77a, 0xfffffffc, 0x7, 0x1, 0x4}) 2.821411234s ago: executing program 3 (id=1705): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/console\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000440)="671d26", 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x22000, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x88900, 0x0) readv$auto(r1, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) mmap$auto(0x1, 0x6020009, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x8003) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x7, &(0x7f0000000180), 0x1) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200]}, 0x1fe, 0x81) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.583971214s ago: executing program 2 (id=1706): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) socket(0x29, 0x2, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x9, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x100000000000007, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto_lockdown_ops_lockdown(0xffffffffffffffff, &(0x7f0000000080)="a3c72e71ed506a221381f0538fef", 0xe) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/config/nullb/features\x00', 0x80280, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) 2.518172357s ago: executing program 0 (id=1707): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(r0, 0x8, 0x100000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000ff0000030004020000060007040080000300000000", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000300000008000200", @ANYRES32=0x0, @ANYBLOB="0800030001"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40008d0) socket(0x2, 0x3, 0x100) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) ioctl$auto_TIOCVHANGUP(0xffffffffffffffff, 0x5437, &(0x7f0000000240)="95c67dc82c7f492508ca739576f9100e99ca2cc17df415a6be47a0aa55cca354ae3e437cf6426f4c681007b3936d50f652110447c1fcd444541bfb0ad2ab3205259ea443ece07341f400c567e1fff325e666d021a3520e35548f07beeb01b43771dc5d6908f9a59d8563b497314dd8a21761ada2a8a81f61de07394984f1bf809c2943f7a01aa3123645f2a12d32b79e0ea6a612a09c4294bfdf8769adbb24bc8fb86ff3c8e2e6ae477ed8a39a90a0a050771da4573cec4d907146c4fadacc7c9bbff5249353177788f7cbad27b9008414ad0559842ddad4035d26e716bdbf44efe1e379104bb89a0d643bcf34d72ce16c3254be9d56657c016478b5808ee911684c77113e437c46c1554c095fc4ff4e223dad2fa8c5659d820933d6ebaa9eb04531f4968ff0ce45052d464c2fba85990d55d806214763ccdcec44aee705f86a56c815009ad7e671a72e72ce88e22c950bafd5ac9cb75aa845ab042ad79e4be16d624e1fae989b2898a7b1172a06cffeddc0d7dcf767c98c9a3713847622266900ee9baaacde57121eb6a85a5c315906116cd84ab8d3f976d52561cbd9544ef9f0aac8d3d7e07c131d24258a09f4520092ecb7bee147f928b38c95f785c562069a437a89f2935a6ec019940d5d3b2b1270b1caf36b1c4b399db2860d136fe7832a27eb8f47d58f3dbe6de6bfa54a6db0a83e91831012aa48f62ee259575558ce42182df6ded3122a0aec01cf57ad2399f9919f6183928a0fc14ea58d4b8309f5005b8beb8a8ceb581508f226ce6e2e8f54644eb01ae1fa4f97267cbe8ee22f3ff24983d31737d1d653f66a894409784611d53a36a42bba2425deabb346be44c15b8978012be6dd6373b9417a24e8ace4ab9a24cc14c33e596f395207e4cd5a7e3d213cce1e66b3329ca1eaa7f2c718797a05355ca68123ac2e19c07b068e377ea5b5b0c52b2b14ee779b8d43cacd7a355fc1cb6b26e515d1a224e2108cbe2bc4ddf055bfb787e57e8c6723c7445d687a6747e6223211f53875fa6218fe1dbbc73cb4a96b0d0f2e827e8f54b33fcb0ef629d0398c2b8a694e1c46d7937bc906fc6817325965f6c1f1c6ced17deaf8f5a94660bc8432cb20a29b50b0fba9242abf59efb632b49b0913078dfbcd464b071da305b510186561eeb63bf009e38eb31d7138dd5efcd37c08b4d3f5b095bac49c724607202a7db4d23bccabea182e1be09288e6787a21727b7a71e70b77460d66ff08b820c691845f6ca68f2d24c398f215a031b3") statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x759, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000005, 0x384, 0x9, 0xb10, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x7, 0x0, 0x2, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x196fc46e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}, 0x1fa, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd05, &(0x7f00000001c0)) 2.164316295s ago: executing program 1 (id=1708): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x18, 0x5, 0x1) socket(0xa, 0x1, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop11\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev2\x00', 0x2000, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x1e2142, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.pressure\x00', 0x42802, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) 1.852724593s ago: executing program 3 (id=1709): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) ioctl$auto(r0, 0x4b65, 0x7) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f00000000c0)={0x7ff, 0x0, 0x101, 0x9d75}) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x8, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x3, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000001240)='4', 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x80, 0x0) mmap$auto(0x81, 0x9, 0xc5c7, 0x16, r4, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) 1.714320685s ago: executing program 1 (id=1710): openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) socketpair$auto(0x9, 0x2, 0xb, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto(0x3, 0x540b, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 1.272264783s ago: executing program 2 (id=1711): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x11, 0x3, 0x9) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) get_robust_list$auto(0x0, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) setsockopt$auto(r0, 0x6a, 0x5, 0x0, 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0xa, 0x3) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) sendmsg$auto_KSMBD_EVENT_SHARE_CONFIG_RESPONSE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x0, 0x20, 0x70bd2a, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x15}, 0x14) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r2, @ANYBLOB="0a0005000180c200000e00000a0001000180c200", @ANYRES32=r2, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 739.986339ms ago: executing program 2 (id=1712): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) ioctl$auto(r0, 0x4b65, 0x7) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f00000000c0)={0x7ff, 0x0, 0x101, 0x9d75}) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x8, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x3, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000001240)='4', 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x80, 0x0) mmap$auto(0x81, 0x9, 0xc5c7, 0x16, r4, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) 689.497923ms ago: executing program 1 (id=1713): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/kernel/random/boot_id\x00', 0x0, 0x0) getegid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x31, 0x8000, 0x1ffde, 0x1, 0x2, 0x1, 0x9, 0x3, 0x5, 0x8, 0x3002, 0x9, 0xb, 0x80010002, 0x80, 0xd8f9, 0x0, 0x7, 0x2, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xfc, &(0x7f0000000100)={0x0, 0xfc6}, 0x2, 0x0, 0x7, 0x3}, 0x800}, 0x7, 0x4008) getxattrat$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0xb91) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0xffd8) 162.208691ms ago: executing program 1 (id=1714): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8955, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) mincore$auto(0x1000, 0x8001, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4b9b3f30", 0x25) setrlimit$auto(0x8, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) shmctl$auto_IPC_RMID(0x5, 0x0, &(0x7f0000000380)={{0x81, 0xffffffffffffffff, 0x0, 0x5, 0x6, 0x1, 0x1}, 0xfffffff7, 0x3, 0x3, 0x8, @inferred, @raw=0x9, 0x2, 0x0, &(0x7f0000000280)="aa757d70f1f09bd8eaa9", &(0x7f0000001680)="08749ff4df35b75598629815e764e8491468fdee9079bd455261f3c12af31e72dd791e875cd7b47f19b1f97db7ffc84a8b8cfb1a797248310467b7aeb0f74733b23e7571d2878ceecbaaf91127b7dad93fcf0ece1ab11340072b43d017cd7186e2edad8471949f0e47b7b643dbcb9db8a8fde30ae065eb190136a96660eb14e7c34717b80e50f2a82e82c81ed70773c0ca0369a3da197a95c26bd775695b59799231eb84f9279387a7012a8dd7ce9838d92ff0776d2ce8c68c1b6b5836c68da3627d29"}) 162.055933ms ago: executing program 3 (id=1715): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop1/queue/scheduler\x00', 0xa001, 0x0) r0 = socket(0x22, 0x2, 0x24) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) close_range$auto(0x2, 0x8, 0x0) getsockopt$auto(r0, 0x3, 0x1, 0x0, 0x0) r2 = socket(0x1e, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x0, 0x2}}, 0x66) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r4) sendmsg$auto_TASKSTATS_CMD_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010a2bbd7000fbdbdf25010000000e0004004e2d4e3a", @ANYRESHEX], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) r6 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r3) sendmsg$auto_TIPC_NL_NET_SET(r3, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x20, r6, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid=0xee00}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2) r7 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r7, 0x29, 0x4d, 0x0, 0x20) 0s ago: executing program 2 (id=1716): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) ioctl$auto(r0, 0x4b65, 0x7) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x8, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x3, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000001240)='4', 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x80, 0x0) mmap$auto(0x81, 0x9, 0xc5c7, 0x16, r3, 0x40) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): 385.236079][T10344] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 385.236094][T10344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 385.236109][T10344] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 385.236142][T10344] [ 385.423294][ C1] vkms_vblank_simulate: vblank timer overrun [ 385.693437][T10351] FAULT_INJECTION: forcing a failure. [ 385.693437][T10351] name failslab, interval 1, probability 0, space 0, times 0 [ 385.714990][T10351] CPU: 1 UID: 0 PID: 10351 Comm: syz.2.867 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 385.715026][T10351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 385.715039][T10351] Call Trace: [ 385.715047][T10351] [ 385.715057][T10351] dump_stack_lvl+0x16c/0x1f0 [ 385.715091][T10351] should_fail_ex+0x512/0x640 [ 385.715122][T10351] ? fs_reclaim_acquire+0xae/0x150 [ 385.715159][T10351] should_failslab+0xc2/0x120 [ 385.715191][T10351] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 385.715221][T10351] ? security_inode_alloc+0x3b/0x2b0 [ 385.715250][T10351] security_inode_alloc+0x3b/0x2b0 [ 385.715275][T10351] inode_init_always_gfp+0xce4/0x1030 [ 385.715311][T10351] alloc_inode+0x86/0x240 [ 385.715344][T10351] sock_alloc+0x40/0x280 [ 385.715374][T10351] __sock_create+0xc1/0x8d0 [ 385.715415][T10351] __sys_socket+0x14d/0x260 [ 385.715450][T10351] ? __pfx___sys_socket+0x10/0x10 [ 385.715480][T10351] ? xfd_validate_state+0x61/0x180 [ 385.715510][T10351] ? __pfx_ksys_write+0x10/0x10 [ 385.715537][T10351] __x64_sys_socket+0x72/0xb0 [ 385.715566][T10351] ? lockdep_hardirqs_on+0x7c/0x110 [ 385.715589][T10351] do_syscall_64+0xcd/0x490 [ 385.715619][T10351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.715643][T10351] RIP: 0033:0x7f838f58ebe9 [ 385.715664][T10351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 385.715688][T10351] RSP: 002b:00007f83904a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 385.715712][T10351] RAX: ffffffffffffffda RBX: 00007f838f7b5fa0 RCX: 00007f838f58ebe9 [ 385.715730][T10351] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 385.715744][T10351] RBP: 00007f838f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 385.715758][T10351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 385.715772][T10351] R13: 00007f838f7b6038 R14: 00007f838f7b5fa0 R15: 00007ffceb166cd8 [ 385.715804][T10351] [ 385.715846][T10351] socket: no more sockets [ 386.404204][T10356] netlink: 338 bytes leftover after parsing attributes in process `syz.1.868'. [ 386.529481][T10345] netlink: 342 bytes leftover after parsing attributes in process `syz.3.864'. [ 387.045501][T10373] netlink: 'syz.3.872': attribute type 1 has an invalid length. [ 387.342448][T10385] netlink: 330 bytes leftover after parsing attributes in process `syz.0.874'. [ 388.062191][T10398] Device name cannot be null; rc = [-22] [ 388.878251][T10418] netlink: 330 bytes leftover after parsing attributes in process `syz.2.883'. [ 389.673646][T10435] netlink: 330 bytes leftover after parsing attributes in process `syz.0.885'. [ 390.533481][T10445] FAULT_INJECTION: forcing a failure. [ 390.533481][T10445] name fail_futex, interval 1, probability 0, space 0, times 0 [ 390.575825][T10445] CPU: 0 UID: 0 PID: 10445 Comm: syz.0.888 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 390.575849][T10445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 390.575859][T10445] Call Trace: [ 390.575865][T10445] [ 390.575871][T10445] dump_stack_lvl+0x16c/0x1f0 [ 390.575893][T10445] should_fail_ex+0x512/0x640 [ 390.575915][T10445] get_futex_key+0x1d0/0x1560 [ 390.575935][T10445] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 390.575955][T10445] ? __pfx_get_futex_key+0x10/0x10 [ 390.575975][T10445] ? blk_finish_plug+0x53/0xa0 [ 390.575988][T10445] ? madvise_do_behavior+0x1f4/0x530 [ 390.576009][T10445] futex_wake+0xea/0x530 [ 390.576031][T10445] ? __pfx_futex_wake+0x10/0x10 [ 390.576049][T10445] ? up_write+0x1b2/0x520 [ 390.576071][T10445] ? madvise_unlock+0x7c/0x220 [ 390.576092][T10445] do_futex+0x1e3/0x350 [ 390.576110][T10445] ? __pfx_do_futex+0x10/0x10 [ 390.576132][T10445] __x64_sys_futex+0x1e0/0x4c0 [ 390.576152][T10445] ? __pfx___x64_sys_futex+0x10/0x10 [ 390.576170][T10445] ? xfd_validate_state+0x61/0x180 [ 390.576190][T10445] ? __pfx_ksys_write+0x10/0x10 [ 390.576212][T10445] do_syscall_64+0xcd/0x490 [ 390.576229][T10445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.576243][T10445] RIP: 0033:0x7fc43b78ebe9 [ 390.576255][T10445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 390.576269][T10445] RSP: 002b:00007fc43c5c50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 390.576283][T10445] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa8 RCX: 00007fc43b78ebe9 [ 390.576292][T10445] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc43b9b5fac [ 390.576301][T10445] RBP: 00007fc43b9b5fa0 R08: 00007fc43c5c6000 R09: 0000000000000000 [ 390.576310][T10445] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 390.576318][T10445] R13: 00007fc43b9b6038 R14: 00007ffd5e32c650 R15: 00007ffd5e32c738 [ 390.576336][T10445] [ 390.819669][T10424] netlink: 342 bytes leftover after parsing attributes in process `syz.2.884'. [ 390.870242][T10424] netlink: 342 bytes leftover after parsing attributes in process `syz.2.884'. [ 390.881926][T10424] netlink: 218 bytes leftover after parsing attributes in process `syz.2.884'. [ 391.871270][T10476] netlink: 330 bytes leftover after parsing attributes in process `syz.0.898'. [ 392.001292][T10471] netlink: 342 bytes leftover after parsing attributes in process `syz.2.897'. [ 392.046751][T10471] netlink: 342 bytes leftover after parsing attributes in process `syz.2.897'. [ 393.238328][T10489] netlink: 342 bytes leftover after parsing attributes in process `syz.3.902'. [ 393.743721][T10511] FAULT_INJECTION: forcing a failure. [ 393.743721][T10511] name failslab, interval 1, probability 0, space 0, times 0 [ 393.792814][T10511] CPU: 0 UID: 0 PID: 10511 Comm: syz.1.910 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 393.792849][T10511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.792858][T10511] Call Trace: [ 393.792864][T10511] [ 393.792870][T10511] dump_stack_lvl+0x16c/0x1f0 [ 393.792890][T10511] should_fail_ex+0x512/0x640 [ 393.792908][T10511] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 393.792934][T10511] should_failslab+0xc2/0x120 [ 393.792953][T10511] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 393.792971][T10511] ? alloc_inode+0xc3/0x240 [ 393.792995][T10511] alloc_inode+0xc3/0x240 [ 393.793014][T10511] path_from_stashed+0x25b/0x750 [ 393.793030][T10511] ? alloc_fd+0x471/0x7d0 [ 393.793047][T10511] pidfs_alloc_file+0xf8/0x290 [ 393.793061][T10511] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 393.793077][T10511] ? _raw_spin_unlock_irq+0x23/0x50 [ 393.793092][T10511] pidfd_prepare+0x129/0x200 [ 393.793111][T10511] __x64_sys_pidfd_open+0x105/0x1a0 [ 393.793133][T10511] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 393.793155][T10511] ? rcu_is_watching+0x12/0xc0 [ 393.793171][T10511] do_syscall_64+0xcd/0x490 [ 393.793191][T10511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.793205][T10511] RIP: 0033:0x7f7fe898ebe9 [ 393.793217][T10511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.793230][T10511] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 393.793244][T10511] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 393.793253][T10511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 393.793261][T10511] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 393.793269][T10511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.793278][T10511] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 393.793296][T10511] [ 394.003966][T10497] netlink: 342 bytes leftover after parsing attributes in process `syz.2.904'. [ 394.014261][T10497] netlink: 342 bytes leftover after parsing attributes in process `syz.2.904'. [ 394.032704][T10497] netlink: 222 bytes leftover after parsing attributes in process `syz.2.904'. g&[ 394.778197][T10529] netlink: 'syz.1.913': attribute type 33 has an invalid length. [ 394.930245][ T30] audit: type=1800 audit(6049581211.929:14): pid=10540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.918" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 395.609813][T10555] syz.0.923 (10555): /proc/10554/oom_adj is deprecated, please use /proc/10554/oom_score_adj instead. [ 395.704013][T10559] program syz.3.925 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 395.839269][T10561] ima: policy update failed [ 395.845102][T10550] netlink: 342 bytes leftover after parsing attributes in process `syz.2.920'. [ 395.887941][T10550] netlink: 342 bytes leftover after parsing attributes in process `syz.2.920'. [ 395.918033][ T30] audit: type=1802 audit(6049581212.899:15): pid=10561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.926" res=0 errno=0 g&[ 396.318907][T10574] netlink: 'syz.3.930': attribute type 33 has an invalid length. [ 396.516031][T10560] netlink: 342 bytes leftover after parsing attributes in process `syz.1.924'. [ 396.612800][T10560] netlink: 342 bytes leftover after parsing attributes in process `syz.1.924'. [ 396.666208][T10580] netlink: 330 bytes leftover after parsing attributes in process `syz.2.932'. [ 397.519971][T10593] netlink: 330 bytes leftover after parsing attributes in process `syz.1.936'. g&[ 398.994745][T10608] __nla_validate_parse: 1 callbacks suppressed [ 398.994760][T10608] netlink: 342 bytes leftover after parsing attributes in process `syz.3.941'. [ 399.317492][T10636] netlink: 330 bytes leftover after parsing attributes in process `syz.0.949'. [ 399.452415][T10640] FAULT_INJECTION: forcing a failure. [ 399.452415][T10640] name failslab, interval 1, probability 0, space 0, times 0 [ 399.490618][T10640] CPU: 1 UID: 0 PID: 10640 Comm: syz.3.951 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 399.490655][T10640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 399.490671][T10640] Call Trace: [ 399.490679][T10640] [ 399.490689][T10640] dump_stack_lvl+0x16c/0x1f0 [ 399.490723][T10640] should_fail_ex+0x512/0x640 [ 399.490752][T10640] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 399.490787][T10640] should_failslab+0xc2/0x120 [ 399.490820][T10640] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 399.490851][T10640] ? alloc_inode+0xc3/0x240 [ 399.490888][T10640] alloc_inode+0xc3/0x240 [ 399.490921][T10640] alloc_anon_inode+0x28/0x3e0 [ 399.490951][T10640] anon_inode_make_secure_inode+0x31/0x140 [ 399.490984][T10640] __anon_inode_getfile+0x1cf/0x280 [ 399.491018][T10640] new_userfaultfd+0x25e/0x3d0 [ 399.491053][T10640] __x64_sys_userfaultfd+0x4b/0xb0 [ 399.491079][T10640] do_syscall_64+0xcd/0x490 [ 399.491108][T10640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.491134][T10640] RIP: 0033:0x7f4605d8ebe9 [ 399.491154][T10640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 399.491178][T10640] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 399.491202][T10640] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 399.491219][T10640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 399.491233][T10640] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 399.491248][T10640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 399.491263][T10640] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 399.491296][T10640] [ 399.884730][T10645] binder: BINDER_SET_CONTEXT_MGR already set [ 399.912461][T10645] binder: 10644:10645 ioctl 4018620d 9 returned -16 [ 400.878189][T10663] random: crng reseeded on system resumption [ 401.770098][T10666] netlink: 342 bytes leftover after parsing attributes in process `syz.3.958'. [ 401.791971][T10666] netlink: 206 bytes leftover after parsing attributes in process `syz.3.958'. [ 404.303748][T10714] netlink: 342 bytes leftover after parsing attributes in process `syz.2.972'. [ 404.382996][T10735] netlink: 342 bytes leftover after parsing attributes in process `syz.2.972'. [ 404.410919][T10714] netlink: 222 bytes leftover after parsing attributes in process `syz.2.972'. [ 404.728127][T10732] netlink: 342 bytes leftover after parsing attributes in process `syz.0.977'. [ 404.997705][T10751] netlink: 330 bytes leftover after parsing attributes in process `syz.2.980'. g&[ 407.034046][T10794] netlink: 330 bytes leftover after parsing attributes in process `syz.2.994'. [ 407.396974][T10812] netlink: 330 bytes leftover after parsing attributes in process `syz.0.995'. [ 408.670843][T10843] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1005'. [ 409.303956][T10864] mmap: syz.1.1014 (10864) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. g&[ 410.058347][T10884] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1020'. [ 412.291777][T10925] FAULT_INJECTION: forcing a failure. [ 412.291777][T10925] name failslab, interval 1, probability 0, space 0, times 0 [ 412.346494][T10925] CPU: 0 UID: 0 PID: 10925 Comm: syz.3.1030 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 412.346518][T10925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 412.346528][T10925] Call Trace: [ 412.346533][T10925] [ 412.346540][T10925] dump_stack_lvl+0x16c/0x1f0 [ 412.346562][T10925] should_fail_ex+0x512/0x640 [ 412.346580][T10925] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 412.346598][T10925] should_failslab+0xc2/0x120 [ 412.346618][T10925] __kmalloc_cache_noprof+0x6a/0x3e0 [ 412.346633][T10925] ? _raw_spin_unlock+0x28/0x50 [ 412.346645][T10925] ? snd_ctl_open+0x174/0x5f0 [ 412.346662][T10925] snd_ctl_open+0x174/0x5f0 [ 412.346677][T10925] ? __pfx_snd_ctl_open+0x10/0x10 [ 412.346691][T10925] snd_open+0x22a/0x4c0 [ 412.346709][T10925] ? __pfx_snd_open+0x10/0x10 [ 412.346724][T10925] chrdev_open+0x231/0x6a0 [ 412.346742][T10925] ? __pfx_apparmor_file_open+0x10/0x10 [ 412.346765][T10925] ? __pfx_chrdev_open+0x10/0x10 [ 412.346783][T10925] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 412.346803][T10925] do_dentry_open+0x97f/0x1530 [ 412.346820][T10925] ? __pfx_chrdev_open+0x10/0x10 [ 412.346841][T10925] vfs_open+0x82/0x3f0 [ 412.346863][T10925] path_openat+0x1de4/0x2cb0 [ 412.346886][T10925] ? __pfx_path_openat+0x10/0x10 [ 412.346907][T10925] do_filp_open+0x20b/0x470 [ 412.346924][T10925] ? __pfx_do_filp_open+0x10/0x10 [ 412.346953][T10925] ? alloc_fd+0x471/0x7d0 [ 412.346973][T10925] do_sys_openat2+0x11b/0x1d0 [ 412.346994][T10925] ? __pfx_do_sys_openat2+0x10/0x10 [ 412.347021][T10925] __x64_sys_openat+0x174/0x210 [ 412.347043][T10925] ? __pfx___x64_sys_openat+0x10/0x10 [ 412.347071][T10925] do_syscall_64+0xcd/0x490 [ 412.347088][T10925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.347103][T10925] RIP: 0033:0x7f4605d8ebe9 [ 412.347115][T10925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.347129][T10925] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 412.347143][T10925] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 412.347152][T10925] RDX: 0000000000000802 RSI: 00002000000010c0 RDI: ffffffffffffff9c [ 412.347161][T10925] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 412.347169][T10925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.347177][T10925] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 412.347196][T10925] [ 412.855637][T10933] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1031'. g&[ 414.398671][T10965] sd 0:0:1:0: PR command failed: 1026 [ 414.439122][T10965] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 414.447479][T10965] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 415.943439][ T5875] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 415.943478][ T5875] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 415.962136][ T5875] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 415.962231][ T5875] Bluetooth: hci1: adv larger than maximum supported [ 415.970617][ T5875] Bluetooth: hci1: adv larger than maximum supported [ 415.979174][ T5875] Bluetooth: hci1: Malformed LE Event: 0x0d [ 417.678384][T11042] FAULT_INJECTION: forcing a failure. [ 417.678384][T11042] name failslab, interval 1, probability 0, space 0, times 0 [ 417.716370][T11042] CPU: 1 UID: 0 PID: 11042 Comm: syz.0.1066 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 417.716411][T11042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 417.716427][T11042] Call Trace: [ 417.716437][T11042] [ 417.716448][T11042] dump_stack_lvl+0x16c/0x1f0 [ 417.716483][T11042] should_fail_ex+0x512/0x640 [ 417.716519][T11042] ? __kmalloc_noprof+0xbf/0x510 [ 417.716552][T11042] ? snd_midi_event_new+0xa1/0x210 [ 417.716591][T11042] should_failslab+0xc2/0x120 [ 417.716626][T11042] __kmalloc_noprof+0xd2/0x510 [ 417.716664][T11042] snd_midi_event_new+0xa1/0x210 [ 417.716696][T11042] snd_virmidi_output_open+0x106/0x670 [ 417.716743][T11042] open_substream+0x478/0x990 [ 417.716794][T11042] rawmidi_open_priv+0x543/0x6e0 [ 417.716825][T11042] snd_rawmidi_open+0x4cc/0xbf0 [ 417.716859][T11042] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 417.716887][T11042] ? __pfx_default_wake_function+0x10/0x10 [ 417.716923][T11042] ? kobject_get_unless_zero+0x156/0x1e0 [ 417.716965][T11042] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 417.716990][T11042] snd_open+0x22a/0x4c0 [ 417.717022][T11042] ? __pfx_snd_open+0x10/0x10 [ 417.717137][T11042] chrdev_open+0x231/0x6a0 [ 417.717175][T11042] ? __pfx_apparmor_file_open+0x10/0x10 [ 417.717215][T11042] ? __pfx_chrdev_open+0x10/0x10 [ 417.717250][T11042] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 417.717289][T11042] do_dentry_open+0x97f/0x1530 [ 417.717321][T11042] ? __pfx_chrdev_open+0x10/0x10 [ 417.717361][T11042] vfs_open+0x82/0x3f0 [ 417.717401][T11042] path_openat+0x1de4/0x2cb0 [ 417.717444][T11042] ? __pfx_path_openat+0x10/0x10 [ 417.717484][T11042] do_filp_open+0x20b/0x470 [ 417.717515][T11042] ? __pfx_do_filp_open+0x10/0x10 [ 417.717574][T11042] ? alloc_fd+0x471/0x7d0 [ 417.717616][T11042] do_sys_openat2+0x11b/0x1d0 [ 417.717652][T11042] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.717707][T11042] __x64_sys_openat+0x174/0x210 [ 417.717747][T11042] ? __pfx___x64_sys_openat+0x10/0x10 [ 417.717793][T11042] do_syscall_64+0xcd/0x490 [ 417.717824][T11042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.717850][T11042] RIP: 0033:0x7fc43b78ebe9 [ 417.717873][T11042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.717898][T11042] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.717922][T11042] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 417.717939][T11042] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 417.717954][T11042] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 417.717970][T11042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.717983][T11042] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 417.718018][T11042] g&[ 423.373832][T11141] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1096'. g&[ 426.397910][T11196] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1110'. [ 426.407876][T11196] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1110'. g&[ 427.261343][T11236] FAULT_INJECTION: forcing a failure. [ 427.261343][T11236] name failslab, interval 1, probability 0, space 0, times 0 [ 427.261409][T11236] CPU: 1 UID: 0 PID: 11236 Comm: syz.0.1123 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 427.261443][T11236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 427.261459][T11236] Call Trace: [ 427.261467][T11236] [ 427.261477][T11236] dump_stack_lvl+0x16c/0x1f0 [ 427.261511][T11236] should_fail_ex+0x512/0x640 [ 427.261547][T11236] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 427.261578][T11236] should_failslab+0xc2/0x120 [ 427.261611][T11236] __kmalloc_cache_noprof+0x6a/0x3e0 [ 427.261638][T11236] ? ipv4_mib_init_net+0x263/0x5f0 [ 427.261677][T11236] ipv4_mib_init_net+0x263/0x5f0 [ 427.261710][T11236] ? __pfx_igmp_net_init+0x10/0x10 [ 427.261747][T11236] ? __pfx_ipv4_mib_init_net+0x10/0x10 [ 427.261779][T11236] ops_init+0x1e2/0x5f0 [ 427.261813][T11236] setup_net+0x10f/0x380 [ 427.261837][T11236] ? lockdep_init_map_type+0x5c/0x280 [ 427.261871][T11236] ? __pfx_setup_net+0x10/0x10 [ 427.261909][T11236] ? debug_mutex_init+0x37/0x70 [ 427.261940][T11236] copy_net_ns+0x2a6/0x5f0 [ 427.261976][T11236] create_new_namespaces+0x3ea/0xa90 [ 427.262014][T11236] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 427.262045][T11236] ksys_unshare+0x45b/0xa40 [ 427.262078][T11236] ? __pfx_ksys_unshare+0x10/0x10 [ 427.262112][T11236] ? xfd_validate_state+0x61/0x180 [ 427.262156][T11236] __x64_sys_unshare+0x31/0x40 [ 427.262186][T11236] do_syscall_64+0xcd/0x490 [ 427.262216][T11236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.262242][T11236] RIP: 0033:0x7fc43b78ebe9 [ 427.262262][T11236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.262287][T11236] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 427.262311][T11236] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 427.262329][T11236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 427.262345][T11236] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 427.262360][T11236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.262374][T11236] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 427.262410][T11236] [ 428.416064][T11246] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1126'. [ 428.494192][T11256] FAULT_INJECTION: forcing a failure. [ 428.494192][T11256] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 428.575401][T11256] CPU: 0 UID: 0 PID: 11256 Comm: syz.2.1129 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 428.575441][T11256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 428.575456][T11256] Call Trace: [ 428.575465][T11256] [ 428.575475][T11256] dump_stack_lvl+0x16c/0x1f0 [ 428.575510][T11256] should_fail_ex+0x512/0x640 [ 428.575544][T11256] _copy_to_user+0x32/0xd0 [ 428.575580][T11256] put_user_ifreq+0x72/0xc0 [ 428.575612][T11256] sock_do_ioctl+0x230/0x280 [ 428.575643][T11256] ? __pfx_sock_do_ioctl+0x10/0x10 [ 428.575684][T11256] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 428.575730][T11256] sock_ioctl+0x227/0x6b0 [ 428.575764][T11256] ? __pfx_sock_ioctl+0x10/0x10 [ 428.575795][T11256] ? hook_file_ioctl_common+0x145/0x410 [ 428.575833][T11256] ? __fget_files+0x20e/0x3c0 [ 428.575874][T11256] ? __pfx_sock_ioctl+0x10/0x10 [ 428.575912][T11256] __x64_sys_ioctl+0x18e/0x210 [ 428.575953][T11256] do_syscall_64+0xcd/0x490 [ 428.575986][T11256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.576011][T11256] RIP: 0033:0x7f838f58ebe9 [ 428.576032][T11256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.576058][T11256] RSP: 002b:00007f83904a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 428.576084][T11256] RAX: ffffffffffffffda RBX: 00007f838f7b5fa0 RCX: 00007f838f58ebe9 [ 428.576101][T11256] RDX: 0000200000001300 RSI: 0000000000008933 RDI: 0000000000000005 [ 428.576117][T11256] RBP: 00007f838f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 428.576133][T11256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.576148][T11256] R13: 00007f838f7b6038 R14: 00007f838f7b5fa0 R15: 00007ffceb166cd8 [ 428.576182][T11256] [ 428.761535][ C0] vkms_vblank_simulate: vblank timer overrun [ 428.889604][T11251] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1127'. [ 429.698732][T11266] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1131'. [ 429.711838][T11266] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1131'. g&[ 432.259922][T11320] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1147'. [ 433.266395][T11350] FAULT_INJECTION: forcing a failure. [ 433.266395][T11350] name failslab, interval 1, probability 0, space 0, times 0 [ 433.283500][T11350] CPU: 1 UID: 0 PID: 11350 Comm: syz.0.1154 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 433.283525][T11350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 433.283534][T11350] Call Trace: [ 433.283540][T11350] [ 433.283547][T11350] dump_stack_lvl+0x16c/0x1f0 [ 433.283570][T11350] should_fail_ex+0x512/0x640 [ 433.283587][T11350] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 433.283607][T11350] should_failslab+0xc2/0x120 [ 433.283627][T11350] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 433.283645][T11350] ? mas_alloc_nodes+0x18b/0x8b0 [ 433.283661][T11350] mas_alloc_nodes+0x18b/0x8b0 [ 433.283677][T11350] mas_node_count_gfp+0x105/0x130 [ 433.283692][T11350] mas_preallocate+0x7e0/0xde0 [ 433.283714][T11350] ? __memcg_slab_post_alloc_hook+0x482/0x960 [ 433.283739][T11350] ? __pfx_mas_preallocate+0x10/0x10 [ 433.283762][T11350] ? anon_vma_name+0x81/0x2f0 [ 433.283786][T11350] __split_vma+0x34a/0x1070 [ 433.283805][T11350] ? __pfx___split_vma+0x10/0x10 [ 433.283826][T11350] ? __lock_acquire+0x62e/0x1ce0 [ 433.283849][T11350] vma_modify+0x16dc/0x2030 [ 433.283868][T11350] ? find_held_lock+0x2b/0x80 [ 433.283881][T11350] ? __pfx_vma_modify+0x10/0x10 [ 433.283901][T11350] vma_modify_flags+0x212/0x2d0 [ 433.283917][T11350] ? __pfx_vma_modify_flags+0x10/0x10 [ 433.283946][T11350] mlock_fixup+0x27c/0xe50 [ 433.283962][T11350] ? mas_find+0x156/0x6d0 [ 433.283979][T11350] apply_vma_lock_flags+0x261/0x390 [ 433.283997][T11350] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 433.284013][T11350] ? __pfx___might_resched+0x10/0x10 [ 433.284034][T11350] ? __pfx_down_write_killable+0x10/0x10 [ 433.284052][T11350] ? do_futex+0x122/0x350 [ 433.284072][T11350] do_mlock+0x2ac/0x810 [ 433.284086][T11350] ? __pfx___might_resched+0x10/0x10 [ 433.284102][T11350] ? __pfx_do_mlock+0x10/0x10 [ 433.284116][T11350] ? __x64_sys_futex+0x1e0/0x4c0 [ 433.284132][T11350] ? __x64_sys_futex+0x1e9/0x4c0 [ 433.284149][T11350] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 433.284166][T11350] ? xfd_validate_state+0x61/0x180 [ 433.284186][T11350] ? __pfx_do_writev+0x10/0x10 [ 433.284205][T11350] __x64_sys_mlock+0x59/0x80 [ 433.284221][T11350] do_syscall_64+0xcd/0x490 [ 433.284238][T11350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.284253][T11350] RIP: 0033:0x7fc43b78ebe9 [ 433.284266][T11350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.284279][T11350] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 433.284294][T11350] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 433.284304][T11350] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000fbe8 [ 433.284312][T11350] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 433.284321][T11350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.284331][T11350] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 433.284351][T11350] [ 434.276176][T11366] FAULT_INJECTION: forcing a failure. [ 434.276176][T11366] name failslab, interval 1, probability 0, space 0, times 0 [ 434.289186][T11366] CPU: 0 UID: 0 PID: 11366 Comm: syz.3.1159 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 434.289209][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 434.289219][T11366] Call Trace: [ 434.289225][T11366] [ 434.289232][T11366] dump_stack_lvl+0x16c/0x1f0 [ 434.289254][T11366] should_fail_ex+0x512/0x640 [ 434.289273][T11366] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 434.289295][T11366] should_failslab+0xc2/0x120 [ 434.289315][T11366] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 434.289333][T11366] ? lockdep_hardirqs_on+0x7c/0x110 [ 434.289348][T11366] ? xfrm4_net_init+0x9e/0x1c0 [ 434.289363][T11366] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 434.289378][T11366] ? __pfx_xfrm4_net_init+0x10/0x10 [ 434.289393][T11366] kmemdup_noprof+0x29/0x60 [ 434.289410][T11366] xfrm4_net_init+0x9e/0x1c0 [ 434.289426][T11366] ? __pfx_xfrm4_net_init+0x10/0x10 [ 434.289440][T11366] ops_init+0x1e2/0x5f0 [ 434.289458][T11366] setup_net+0x10f/0x380 [ 434.289473][T11366] ? lockdep_init_map_type+0x5c/0x280 [ 434.289494][T11366] ? __pfx_setup_net+0x10/0x10 [ 434.289511][T11366] ? debug_mutex_init+0x37/0x70 [ 434.289528][T11366] copy_net_ns+0x2a6/0x5f0 [ 434.289547][T11366] create_new_namespaces+0x3ea/0xa90 [ 434.289568][T11366] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 434.289586][T11366] ksys_unshare+0x45b/0xa40 [ 434.289605][T11366] ? __pfx_ksys_unshare+0x10/0x10 [ 434.289634][T11366] ? xfd_validate_state+0x61/0x180 [ 434.289674][T11366] __x64_sys_unshare+0x31/0x40 [ 434.289694][T11366] do_syscall_64+0xcd/0x490 [ 434.289712][T11366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.289727][T11366] RIP: 0033:0x7f4605d8ebe9 [ 434.289744][T11366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.289759][T11366] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 434.289774][T11366] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 434.289784][T11366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 434.289793][T11366] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 434.289802][T11366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.289811][T11366] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 434.289830][T11366] [ 435.049577][T11378] futex_wake_op: syz.2.1163 tries to shift op by -2048; fix this program [ 435.069910][T11378] futex_wake_op: syz.2.1163 tries to shift op by -2048; fix this program [ 436.247059][T11400] FAULT_INJECTION: forcing a failure. [ 436.247059][T11400] name failslab, interval 1, probability 0, space 0, times 0 [ 436.273860][T11400] CPU: 0 UID: 0 PID: 11400 Comm: syz.0.1169 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 436.273885][T11400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 436.273894][T11400] Call Trace: [ 436.273908][T11400] [ 436.273914][T11400] dump_stack_lvl+0x16c/0x1f0 [ 436.273936][T11400] should_fail_ex+0x512/0x640 [ 436.273953][T11400] ? __kmalloc_noprof+0xbf/0x510 [ 436.273973][T11400] ? vb2_core_allocated_buffers_storage+0xc4/0x220 [ 436.273994][T11400] should_failslab+0xc2/0x120 [ 436.274013][T11400] __kmalloc_noprof+0xd2/0x510 [ 436.274034][T11400] vb2_core_allocated_buffers_storage+0xc4/0x220 [ 436.274056][T11400] vb2_core_reqbufs+0x398/0xfe0 [ 436.274079][T11400] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 436.274109][T11400] __vb2_init_fileio+0x3f1/0x1100 [ 436.274136][T11400] ? __pfx___futex_wait+0x10/0x10 [ 436.274157][T11400] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 436.274171][T11400] ? lockdep_hardirqs_on+0x7c/0x110 [ 436.274189][T11400] __vb2_perform_fileio+0x9c2/0x1660 [ 436.274215][T11400] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 436.274241][T11400] vb2_fop_write+0x207/0x3f0 [ 436.274263][T11400] v4l2_write+0x229/0x360 [ 436.274278][T11400] ? __pfx_v4l2_write+0x10/0x10 [ 436.274291][T11400] vfs_write+0x29d/0x1150 [ 436.274311][T11400] ? __pfx_vfs_write+0x10/0x10 [ 436.274325][T11400] ? find_held_lock+0x2b/0x80 [ 436.274340][T11400] ? __fget_files+0x204/0x3c0 [ 436.274358][T11400] ? __fget_files+0x20e/0x3c0 [ 436.274384][T11400] ksys_write+0x12a/0x250 [ 436.274400][T11400] ? __pfx_ksys_write+0x10/0x10 [ 436.274422][T11400] do_syscall_64+0xcd/0x490 [ 436.274439][T11400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.274454][T11400] RIP: 0033:0x7fc43b78ebe9 [ 436.274467][T11400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.274481][T11400] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 436.274495][T11400] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 436.274505][T11400] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005 [ 436.274513][T11400] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 436.274521][T11400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.274529][T11400] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 436.274548][T11400] [ 436.648633][T11405] FAULT_INJECTION: forcing a failure. [ 436.648633][T11405] name failslab, interval 1, probability 0, space 0, times 0 [ 436.679354][T11406] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1170'. [ 436.704668][T11405] CPU: 1 UID: 0 PID: 11405 Comm: syz.0.1171 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 436.704712][T11405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 436.704728][T11405] Call Trace: [ 436.704737][T11405] [ 436.704747][T11405] dump_stack_lvl+0x16c/0x1f0 [ 436.704779][T11405] should_fail_ex+0x512/0x640 [ 436.704808][T11405] ? __kmalloc_noprof+0xbf/0x510 [ 436.704839][T11405] ? __register_sysctl_table+0xb3/0x1900 [ 436.704873][T11405] should_failslab+0xc2/0x120 [ 436.704905][T11405] __kmalloc_noprof+0xd2/0x510 [ 436.704942][T11405] __register_sysctl_table+0xb3/0x1900 [ 436.704977][T11405] ? is_module_address+0x5f/0xf0 [ 436.705011][T11405] ? __pfx___register_sysctl_table+0x10/0x10 [ 436.705041][T11405] ? is_module_address+0x69/0xf0 [ 436.705072][T11405] ? register_net_sysctl_sz+0x228/0x3e0 [ 436.705110][T11405] __devinet_sysctl_register+0x1b9/0x360 [ 436.705149][T11405] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 436.705185][T11405] ? devinet_init_net+0xeb/0x910 [ 436.705217][T11405] ? __asan_memcpy+0x3c/0x60 [ 436.705247][T11405] devinet_init_net+0x347/0x910 [ 436.705281][T11405] ? __pfx_devinet_init_net+0x10/0x10 [ 436.705321][T11405] ops_init+0x1e2/0x5f0 [ 436.705357][T11405] setup_net+0x10f/0x380 [ 436.705382][T11405] ? lockdep_init_map_type+0x5c/0x280 [ 436.705415][T11405] ? __pfx_setup_net+0x10/0x10 [ 436.705445][T11405] ? debug_mutex_init+0x37/0x70 [ 436.705474][T11405] copy_net_ns+0x2a6/0x5f0 [ 436.705509][T11405] create_new_namespaces+0x3ea/0xa90 [ 436.705547][T11405] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 436.705580][T11405] ksys_unshare+0x45b/0xa40 [ 436.705613][T11405] ? __pfx_ksys_unshare+0x10/0x10 [ 436.705647][T11405] ? xfd_validate_state+0x61/0x180 [ 436.705693][T11405] __x64_sys_unshare+0x31/0x40 [ 436.705725][T11405] do_syscall_64+0xcd/0x490 [ 436.705756][T11405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.705782][T11405] RIP: 0033:0x7fc43b78ebe9 [ 436.705803][T11405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.705827][T11405] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 436.705853][T11405] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 436.705871][T11405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 436.705887][T11405] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 436.705903][T11405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.705918][T11405] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 436.705955][T11405] g&[ 438.493268][T11442] FAULT_INJECTION: forcing a failure. [ 438.493268][T11442] name failslab, interval 1, probability 0, space 0, times 0 [ 438.599581][T11442] CPU: 1 UID: 0 PID: 11442 Comm: syz.1.1183 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 438.599620][T11442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 438.599634][T11442] Call Trace: [ 438.599643][T11442] [ 438.599654][T11442] dump_stack_lvl+0x16c/0x1f0 [ 438.599688][T11442] should_fail_ex+0x512/0x640 [ 438.599718][T11442] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 438.599750][T11442] should_failslab+0xc2/0x120 [ 438.599780][T11442] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 438.599808][T11442] ? alloc_vfsmnt+0x23/0x6b0 [ 438.599844][T11442] alloc_vfsmnt+0x23/0x6b0 [ 438.599875][T11442] clone_mnt+0x6d/0xbf0 [ 438.599894][T11442] ? copy_mnt_ns+0x1a9/0xac0 [ 438.599928][T11442] copy_tree+0x31d/0xbd0 [ 438.599962][T11442] copy_mnt_ns+0x1a9/0xac0 [ 438.599987][T11442] ? trace_kmem_cache_alloc+0x28/0xc0 [ 438.600024][T11442] ? create_new_namespaces+0x30/0xa90 [ 438.600059][T11442] create_new_namespaces+0xd3/0xa90 [ 438.600085][T11442] ? bpf_lsm_capable+0x9/0x10 [ 438.600106][T11442] ? security_capable+0x7e/0x260 [ 438.600158][T11442] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 438.600187][T11442] ksys_unshare+0x45b/0xa40 [ 438.600218][T11442] ? __pfx_ksys_unshare+0x10/0x10 [ 438.600248][T11442] ? xfd_validate_state+0x61/0x180 [ 438.600293][T11442] __x64_sys_unshare+0x31/0x40 [ 438.600324][T11442] do_syscall_64+0xcd/0x490 [ 438.600355][T11442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.600381][T11442] RIP: 0033:0x7f7fe898ebe9 [ 438.600402][T11442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.600430][T11442] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 438.600455][T11442] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 438.600473][T11442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 438.600489][T11442] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 438.600504][T11442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.600519][T11442] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 438.600554][T11442] [ 439.238010][T11432] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1179'. [ 439.509918][T11439] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1181'. [ 439.521719][T11439] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1181'. [ 440.806484][T11468] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1191'. [ 440.963719][T11485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1194'. [ 441.006234][T11485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1194'. g&[ 441.491036][T11502] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1197'. [ 442.292326][T11499] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1198'. [ 443.824297][T11532] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1204'. [ 443.846462][T11532] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1204'. [ 444.932739][T11548] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1209'. [ 445.352311][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.371632][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 g&[ 446.561449][T11621] FAULT_INJECTION: forcing a failure. [ 446.561449][T11621] name failslab, interval 1, probability 0, space 0, times 0 [ 446.612371][T11623] FAULT_INJECTION: forcing a failure. [ 446.612371][T11623] name failslab, interval 1, probability 0, space 0, times 0 [ 446.635111][T11621] CPU: 0 UID: 0 PID: 11621 Comm: syz.1.1225 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 446.635151][T11621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 446.635167][T11621] Call Trace: [ 446.635177][T11621] [ 446.635188][T11621] dump_stack_lvl+0x16c/0x1f0 [ 446.635222][T11621] should_fail_ex+0x512/0x640 [ 446.635253][T11621] ? __kmalloc_noprof+0xbf/0x510 [ 446.635287][T11621] ? vb2_core_allocated_buffers_storage+0x184/0x220 [ 446.635324][T11621] should_failslab+0xc2/0x120 [ 446.635358][T11621] __kmalloc_noprof+0xd2/0x510 [ 446.635396][T11621] vb2_core_allocated_buffers_storage+0x184/0x220 [ 446.635441][T11621] vb2_core_reqbufs+0x398/0xfe0 [ 446.635485][T11621] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 446.635545][T11621] __vb2_init_fileio+0x3f1/0x1100 [ 446.635585][T11621] ? __pfx___futex_wait+0x10/0x10 [ 446.635629][T11621] __vb2_perform_fileio+0x9c2/0x1660 [ 446.635673][T11621] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 446.635721][T11621] vb2_fop_write+0x207/0x3f0 [ 446.635760][T11621] v4l2_write+0x229/0x360 [ 446.635789][T11621] ? __pfx_v4l2_write+0x10/0x10 [ 446.635813][T11621] vfs_write+0x29d/0x1150 [ 446.635851][T11621] ? __pfx_vfs_write+0x10/0x10 [ 446.635877][T11621] ? find_held_lock+0x2b/0x80 [ 446.635904][T11621] ? __fget_files+0x204/0x3c0 [ 446.635938][T11621] ? __fget_files+0x20e/0x3c0 [ 446.635976][T11621] ksys_write+0x12a/0x250 [ 446.636005][T11621] ? __pfx_ksys_write+0x10/0x10 [ 446.636046][T11621] do_syscall_64+0xcd/0x490 [ 446.636078][T11621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.636104][T11621] RIP: 0033:0x7f7fe898ebe9 [ 446.636126][T11621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.636149][T11621] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 446.636174][T11621] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 446.636191][T11621] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005 [ 446.636207][T11621] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 446.636222][T11621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.636238][T11621] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 446.636275][T11621] [ 446.911711][T11623] CPU: 0 UID: 0 PID: 11623 Comm: syz.3.1226 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 446.911751][T11623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 446.911764][T11623] Call Trace: [ 446.911773][T11623] [ 446.911782][T11623] dump_stack_lvl+0x16c/0x1f0 [ 446.911817][T11623] should_fail_ex+0x512/0x640 [ 446.911848][T11623] ? __kmalloc_noprof+0xbf/0x510 [ 446.911884][T11623] ? quirks_param_set+0x200/0x750 [ 446.911911][T11623] should_failslab+0xc2/0x120 [ 446.911942][T11623] __kmalloc_noprof+0xd2/0x510 [ 446.911981][T11623] quirks_param_set+0x200/0x750 [ 446.912012][T11623] ? __pfx_quirks_param_set+0x10/0x10 [ 446.912056][T11623] param_attr_store+0x199/0x300 [ 446.912088][T11623] ? __pfx_param_attr_store+0x10/0x10 [ 446.912114][T11623] module_attr_store+0x58/0x80 [ 446.912148][T11623] ? __pfx_module_attr_store+0x10/0x10 [ 446.912173][T11623] sysfs_kf_write+0xf2/0x150 [ 446.912205][T11623] kernfs_fop_write_iter+0x354/0x510 [ 446.912226][T11623] ? __pfx_sysfs_kf_write+0x10/0x10 [ 446.912254][T11623] vfs_write+0x6c4/0x1150 [ 446.912282][T11623] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 446.912310][T11623] ? __pfx___mutex_lock+0x10/0x10 [ 446.912337][T11623] ? __pfx_vfs_write+0x10/0x10 [ 446.912385][T11623] ksys_write+0x12a/0x250 [ 446.912409][T11623] ? __pfx_ksys_write+0x10/0x10 [ 446.912445][T11623] do_syscall_64+0xcd/0x490 [ 446.912472][T11623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.912497][T11623] RIP: 0033:0x7f4605d8ebe9 [ 446.912518][T11623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.912540][T11623] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 446.912566][T11623] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 446.912584][T11623] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 446.912601][T11623] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 446.912618][T11623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.912632][T11623] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 446.912668][T11623] [ 447.349796][T11633] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1229'. [ 447.639967][T11640] FAULT_INJECTION: forcing a failure. [ 447.639967][T11640] name failslab, interval 1, probability 0, space 0, times 0 [ 447.707947][T11640] CPU: 1 UID: 0 PID: 11640 Comm: syz.1.1231 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 447.707972][T11640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 447.707982][T11640] Call Trace: [ 447.707988][T11640] [ 447.707994][T11640] dump_stack_lvl+0x16c/0x1f0 [ 447.708016][T11640] should_fail_ex+0x512/0x640 [ 447.708035][T11640] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 447.708053][T11640] should_failslab+0xc2/0x120 [ 447.708072][T11640] __kmalloc_cache_noprof+0x6a/0x3e0 [ 447.708087][T11640] ? apply_subsystem_event_filter+0x567/0x17e0 [ 447.708111][T11640] apply_subsystem_event_filter+0x567/0x17e0 [ 447.708135][T11640] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 447.708157][T11640] ? _copy_from_user+0x59/0xd0 [ 447.708178][T11640] subsystem_filter_write+0x95/0x120 [ 447.708197][T11640] ? __pfx_subsystem_filter_write+0x10/0x10 [ 447.708214][T11640] vfs_write+0x29d/0x1150 [ 447.708233][T11640] ? __pfx___mutex_lock+0x10/0x10 [ 447.708249][T11640] ? __pfx_vfs_write+0x10/0x10 [ 447.708270][T11640] ? __fget_files+0x20e/0x3c0 [ 447.708291][T11640] ksys_write+0x12a/0x250 [ 447.708307][T11640] ? __pfx_ksys_write+0x10/0x10 [ 447.708338][T11640] do_syscall_64+0xcd/0x490 [ 447.708356][T11640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 447.708371][T11640] RIP: 0033:0x7f7fe898ebe9 [ 447.708383][T11640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 447.708397][T11640] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 447.708411][T11640] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 447.708420][T11640] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 447.708428][T11640] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 447.708437][T11640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 447.708444][T11640] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 447.708463][T11640] [ 448.048108][T11645] syz.0.1232 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 448.634670][T11664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1239'. [ 448.647214][T11664] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1239'. [ 449.645471][T11689] FAULT_INJECTION: forcing a failure. [ 449.645471][T11689] name failslab, interval 1, probability 0, space 0, times 0 [ 449.658539][T11689] CPU: 0 UID: 0 PID: 11689 Comm: syz.0.1246 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 449.658562][T11689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 449.658571][T11689] Call Trace: [ 449.658577][T11689] [ 449.658584][T11689] dump_stack_lvl+0x116/0x1f0 [ 449.658605][T11689] should_fail_ex+0x512/0x640 [ 449.658627][T11689] should_failslab+0xc2/0x120 [ 449.658646][T11689] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 449.658664][T11689] ? __send_signal_locked+0x159/0x12c0 [ 449.658678][T11689] ? sig_get_ucounts+0x1c0/0x5b0 [ 449.658700][T11689] __send_signal_locked+0x159/0x12c0 [ 449.658719][T11689] send_sig+0xd7/0x170 [ 449.658735][T11689] ? __pfx_send_sig+0x10/0x10 [ 449.658752][T11689] ? __pfx_woken_wake_function+0x10/0x10 [ 449.658775][T11689] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 449.658794][T11689] sk_stream_error+0xb8/0x120 [ 449.658817][T11689] tcp_sendmsg_locked+0xe9e/0x42a0 [ 449.658842][T11689] ? __lock_acquire+0xb97/0x1ce0 [ 449.658866][T11689] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 449.658886][T11689] ? do_raw_spin_lock+0x12c/0x2b0 [ 449.658907][T11689] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 449.658932][T11689] ? __local_bh_enable_ip+0xa4/0x120 [ 449.658951][T11689] tcp_sendmsg+0x2e/0x50 [ 449.658969][T11689] ? __pfx_tcp_sendmsg+0x10/0x10 [ 449.658987][T11689] inet_sendmsg+0xb9/0x140 [ 449.659008][T11689] sock_write_iter+0x4aa/0x5b0 [ 449.659027][T11689] ? __pfx_sock_write_iter+0x10/0x10 [ 449.659052][T11689] ? bpf_lsm_file_permission+0x9/0x10 [ 449.659073][T11689] ? security_file_permission+0x71/0x210 [ 449.659090][T11689] ? rw_verify_area+0xcf/0x6c0 [ 449.659106][T11689] vfs_write+0x6c4/0x1150 [ 449.659122][T11689] ? __pfx_sock_write_iter+0x10/0x10 [ 449.659143][T11689] ? __pfx_vfs_write+0x10/0x10 [ 449.659168][T11689] ? find_held_lock+0x2b/0x80 [ 449.659194][T11689] ksys_write+0x1f8/0x250 [ 449.659211][T11689] ? __pfx_ksys_write+0x10/0x10 [ 449.659233][T11689] do_syscall_64+0xcd/0x490 [ 449.659252][T11689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.659276][T11689] RIP: 0033:0x7fc43b78ebe9 [ 449.659290][T11689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.659303][T11689] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 449.659318][T11689] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 449.659328][T11689] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 449.659336][T11689] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 449.659345][T11689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 449.659353][T11689] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 449.659372][T11689] [ 449.931461][ C0] vkms_vblank_simulate: vblank timer overrun [ 450.304527][T11696] FAULT_INJECTION: forcing a failure. [ 450.304527][T11696] name fail_futex, interval 1, probability 0, space 0, times 0 [ 450.365736][T11696] CPU: 1 UID: 0 PID: 11696 Comm: syz.0.1248 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 450.365780][T11696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 450.365796][T11696] Call Trace: [ 450.365803][T11696] [ 450.365812][T11696] dump_stack_lvl+0x16c/0x1f0 [ 450.365854][T11696] should_fail_ex+0x512/0x640 [ 450.365888][T11696] get_futex_key+0x1d0/0x1560 [ 450.365923][T11696] ? __pfx_get_futex_key+0x10/0x10 [ 450.365950][T11696] ? inet_sendmsg+0xc0/0x140 [ 450.365986][T11696] ? sock_write_iter+0x325/0x5b0 [ 450.366025][T11696] futex_wait_setup+0x9d/0x550 [ 450.366079][T11696] __futex_wait+0x194/0x2f0 [ 450.366119][T11696] ? __pfx___futex_wait+0x10/0x10 [ 450.366162][T11696] ? __pfx_futex_wake_mark+0x10/0x10 [ 450.366206][T11696] ? futex_private_hash_put+0x176/0x300 [ 450.366242][T11696] ? futex_private_hash_put+0x18a/0x300 [ 450.366276][T11696] futex_wait+0xe8/0x380 [ 450.366312][T11696] ? __pfx_futex_wait+0x10/0x10 [ 450.366345][T11696] ? __lock_acquire+0x62e/0x1ce0 [ 450.366397][T11696] do_futex+0x229/0x350 [ 450.366429][T11696] ? __pfx_do_futex+0x10/0x10 [ 450.366470][T11696] __x64_sys_futex+0x1e0/0x4c0 [ 450.366506][T11696] ? __pfx___x64_sys_futex+0x10/0x10 [ 450.366538][T11696] ? __pfx_do_writev+0x10/0x10 [ 450.366576][T11696] do_syscall_64+0xcd/0x490 [ 450.366608][T11696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.366633][T11696] RIP: 0033:0x7fc43b78ebe9 [ 450.366655][T11696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.366680][T11696] RSP: 002b:00007fc43c5c50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 450.366705][T11696] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa8 RCX: 00007fc43b78ebe9 [ 450.366723][T11696] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc43b9b5fa8 [ 450.366739][T11696] RBP: 00007fc43b9b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 450.366755][T11696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 450.366770][T11696] R13: 00007fc43b9b6038 R14: 00007ffd5e32c650 R15: 00007ffd5e32c738 [ 450.366805][T11696] [ 450.630481][T11698] FAULT_INJECTION: forcing a failure. [ 450.630481][T11698] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 450.647287][T11698] CPU: 1 UID: 0 PID: 11698 Comm: syz.3.1249 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 450.647327][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 450.647342][T11698] Call Trace: [ 450.647352][T11698] [ 450.647362][T11698] dump_stack_lvl+0x16c/0x1f0 [ 450.647396][T11698] should_fail_ex+0x512/0x640 [ 450.647434][T11698] should_fail_alloc_page+0xe7/0x130 [ 450.647471][T11698] prepare_alloc_pages+0x3c2/0x610 [ 450.647514][T11698] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 450.647562][T11698] ? mas_find+0x156/0x6d0 [ 450.647590][T11698] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 450.647644][T11698] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 450.647678][T11698] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 450.647715][T11698] ? policy_nodemask+0xea/0x4e0 [ 450.647751][T11698] alloc_pages_mpol+0x1fb/0x550 [ 450.647785][T11698] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 450.647827][T11698] alloc_pages_noprof+0x131/0x390 [ 450.647860][T11698] __pmd_alloc+0x3b/0x930 [ 450.647890][T11698] ? find_held_lock+0x2b/0x80 [ 450.647919][T11698] __handle_mm_fault+0xa06/0x2a50 [ 450.647957][T11698] ? __pfx___handle_mm_fault+0x10/0x10 [ 450.648016][T11698] handle_mm_fault+0x589/0xd10 [ 450.648051][T11698] __get_user_pages+0x551/0x34a0 [ 450.648135][T11698] ? __pfx___get_user_pages+0x10/0x10 [ 450.648184][T11698] populate_vma_page_range+0x267/0x3f0 [ 450.648227][T11698] ? __pfx_populate_vma_page_range+0x10/0x10 [ 450.648264][T11698] ? __pfx_find_vma_intersection+0x10/0x10 [ 450.648302][T11698] ? do_mmap+0x69c/0x1210 [ 450.648341][T11698] __mm_populate+0x1d8/0x380 [ 450.648379][T11698] ? __pfx___mm_populate+0x10/0x10 [ 450.648419][T11698] ? up_write+0x1b2/0x520 [ 450.648457][T11698] vm_mmap_pgoff+0x37f/0x470 [ 450.648496][T11698] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 450.648539][T11698] ? __x64_sys_futex+0x1e0/0x4c0 [ 450.648569][T11698] ? __x64_sys_futex+0x1e9/0x4c0 [ 450.648604][T11698] ksys_mmap_pgoff+0x7d/0x5c0 [ 450.648637][T11698] ? xfd_validate_state+0x61/0x180 [ 450.648670][T11698] ? __pfx_ksys_write+0x10/0x10 [ 450.648703][T11698] __x64_sys_mmap+0x125/0x190 [ 450.648744][T11698] do_syscall_64+0xcd/0x490 [ 450.648776][T11698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.648802][T11698] RIP: 0033:0x7f4605d8ebe9 [ 450.648822][T11698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.648847][T11698] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 450.648872][T11698] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 450.648889][T11698] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 450.648905][T11698] RBP: 00007f4605e11e19 R08: 0000000000000002 R09: 0000000000008000 [ 450.648921][T11698] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 450.648937][T11698] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 450.648974][T11698] [ 451.001219][T11700] FAULT_INJECTION: forcing a failure. [ 451.001219][T11700] name failslab, interval 1, probability 0, space 0, times 0 [ 451.014481][T11700] CPU: 1 UID: 0 PID: 11700 Comm: syz.0.1250 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 451.014520][T11700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 451.014534][T11700] Call Trace: [ 451.014543][T11700] [ 451.014552][T11700] dump_stack_lvl+0x16c/0x1f0 [ 451.014584][T11700] should_fail_ex+0x512/0x640 [ 451.014614][T11700] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 451.014644][T11700] should_failslab+0xc2/0x120 [ 451.014677][T11700] __kmalloc_cache_noprof+0x6a/0x3e0 [ 451.014700][T11700] ? allocate_file_region_entries+0x15b/0x620 [ 451.014727][T11700] ? allocate_file_region_entries+0x1a0/0x620 [ 451.014759][T11700] allocate_file_region_entries+0x1a0/0x620 [ 451.014800][T11700] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 451.014843][T11700] region_chg+0x85/0x140 [ 451.014871][T11700] __vma_reservation_common+0x43b/0x740 [ 451.014901][T11700] ? __pfx___vma_reservation_common+0x10/0x10 [ 451.014930][T11700] ? __pfx___might_resched+0x10/0x10 [ 451.014953][T11700] ? folio_zero_user+0x1da/0x7c0 [ 451.014989][T11700] hugetlb_fault+0x198e/0x2f40 [ 451.015020][T11700] ? __pfx_hugetlb_fault+0x10/0x10 [ 451.015062][T11700] ? find_vma+0xbf/0x140 [ 451.015093][T11700] ? __pfx_find_vma+0x10/0x10 [ 451.015124][T11700] handle_mm_fault+0xbfa/0xd10 [ 451.015148][T11700] ? __bpf_trace_exceptions+0x1/0x40 [ 451.015184][T11700] do_user_addr_fault+0x7a6/0x1370 [ 451.015222][T11700] ? rcu_is_watching+0x12/0xc0 [ 451.015248][T11700] exc_page_fault+0x5c/0xb0 [ 451.015274][T11700] asm_exc_page_fault+0x26/0x30 [ 451.015299][T11700] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 451.015331][T11700] Code: e9 14 23 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 451.015352][T11700] RSP: 0018:ffffc9000ef17db0 EFLAGS: 00050206 [ 451.015370][T11700] RAX: 000000000000002f RBX: 0000000000000005 RCX: 0000000000000005 [ 451.015384][T11700] RDX: ffffed100f4c7ca0 RSI: ffff88807a63e4fb RDI: 0000000000000000 [ 451.015396][T11700] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100f4c7c9f [ 451.015409][T11700] R10: ffff88807a63e4ff R11: 0000000000000000 R12: ffff88807a63e4fb [ 451.015422][T11700] R13: 0000000000000005 R14: 00007ffffffff000 R15: 0000000000000000 [ 451.015449][T11700] _copy_to_user+0xbb/0xd0 [ 451.015483][T11700] __do_sys_getcwd+0x483/0x930 [ 451.015522][T11700] ? __pfx___do_sys_getcwd+0x10/0x10 [ 451.015551][T11700] ? fput+0x9b/0xd0 [ 451.015585][T11700] ? xfd_validate_state+0x61/0x180 [ 451.015618][T11700] ? __pfx_ksys_write+0x10/0x10 [ 451.015658][T11700] do_syscall_64+0xcd/0x490 [ 451.015690][T11700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.015714][T11700] RIP: 0033:0x7fc43b78ebe9 [ 451.015735][T11700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.015758][T11700] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 451.015780][T11700] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 451.015797][T11700] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 451.015811][T11700] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 451.015824][T11700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.015837][T11700] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 451.015873][T11700] [ 454.091378][T11750] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1260'. [ 454.262071][T11757] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1263'. [ 454.308053][T11757] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1263'. [ 455.382743][T11795] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1271'. [ 456.803131][T11830] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1277'. [ 456.854203][T11830] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1277'. [ 457.593379][T11858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1286'. [ 457.832011][T11865] FAULT_INJECTION: forcing a failure. [ 457.832011][T11865] name failslab, interval 1, probability 0, space 0, times 0 [ 457.904521][T11865] CPU: 1 UID: 0 PID: 11865 Comm: syz.0.1288 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 457.904561][T11865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 457.904577][T11865] Call Trace: [ 457.904585][T11865] [ 457.904595][T11865] dump_stack_lvl+0x16c/0x1f0 [ 457.904629][T11865] should_fail_ex+0x512/0x640 [ 457.904658][T11865] ? fs_reclaim_acquire+0xae/0x150 [ 457.904699][T11865] ? tomoyo_encode2+0x100/0x3e0 [ 457.904731][T11865] should_failslab+0xc2/0x120 [ 457.904768][T11865] __kmalloc_noprof+0xd2/0x510 [ 457.904795][T11865] ? d_absolute_path+0x136/0x1a0 [ 457.904834][T11865] tomoyo_encode2+0x100/0x3e0 [ 457.904871][T11865] tomoyo_encode+0x29/0x50 [ 457.904899][T11865] tomoyo_realpath_from_path+0x18f/0x6e0 [ 457.904942][T11865] tomoyo_path_number_perm+0x245/0x580 [ 457.904968][T11865] ? tomoyo_path_number_perm+0x237/0x580 [ 457.904999][T11865] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 457.905039][T11865] ? __lock_acquire+0xb97/0x1ce0 [ 457.905092][T11865] ? do_raw_spin_unlock+0x172/0x230 [ 457.905129][T11865] ? _raw_spin_unlock+0x28/0x50 [ 457.905150][T11865] ? current_check_access_path+0x33c/0x460 [ 457.905197][T11865] ? __pfx_current_check_access_path+0x10/0x10 [ 457.905231][T11865] ? simple_lookup+0x105/0x1d0 [ 457.905266][T11865] tomoyo_path_mknod+0x10c/0x190 [ 457.905301][T11865] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 457.905337][T11865] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 457.905379][T11865] security_path_mknod+0x161/0x310 [ 457.905408][T11865] do_mknodat+0x239/0x5d0 [ 457.905442][T11865] ? __pfx_do_mknodat+0x10/0x10 [ 457.905469][T11865] ? getname_flags.part.0+0x1c5/0x550 [ 457.905513][T11865] __x64_sys_mknod+0x87/0xb0 [ 457.905543][T11865] do_syscall_64+0xcd/0x490 [ 457.905574][T11865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.905599][T11865] RIP: 0033:0x7fc43b78ebe9 [ 457.905620][T11865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.905645][T11865] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 457.905670][T11865] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 457.905689][T11865] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 457.905705][T11865] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 457.905721][T11865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 457.905736][T11865] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 457.905772][T11865] [ 458.157718][ C1] vkms_vblank_simulate: vblank timer overrun [ 458.175418][T11865] ERROR: Out of memory at tomoyo_realpath_from_path. [ 458.624081][T11880] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1292'. [ 459.580671][T11886] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1294'. [ 460.311656][T11904] FAULT_INJECTION: forcing a failure. [ 460.311656][T11904] name failslab, interval 1, probability 0, space 0, times 0 [ 460.337836][T11904] CPU: 1 UID: 0 PID: 11904 Comm: syz.0.1300 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 460.337877][T11904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 460.337893][T11904] Call Trace: [ 460.337903][T11904] [ 460.337914][T11904] dump_stack_lvl+0x16c/0x1f0 [ 460.337950][T11904] should_fail_ex+0x512/0x640 [ 460.337979][T11904] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 460.338013][T11904] should_failslab+0xc2/0x120 [ 460.338046][T11904] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 460.338078][T11904] ? kvm_arch_vcpu_create+0x4a1/0xb20 [ 460.338119][T11904] kvm_arch_vcpu_create+0x4a1/0xb20 [ 460.338164][T11904] kvm_vm_ioctl+0xfec/0x4000 [ 460.338205][T11904] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 460.338261][T11904] ? kasan_quarantine_put+0x10a/0x240 [ 460.338290][T11904] ? lockdep_hardirqs_on+0x7c/0x110 [ 460.338321][T11904] ? find_held_lock+0x2b/0x80 [ 460.338348][T11904] ? tomoyo_path_number_perm+0x295/0x580 [ 460.338381][T11904] ? tomoyo_path_number_perm+0x18d/0x580 [ 460.338411][T11904] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 460.338436][T11904] ? futex_wake+0x1ad/0x530 [ 460.338482][T11904] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 460.338521][T11904] ? do_vfs_ioctl+0x128/0x14f0 [ 460.338558][T11904] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 460.338606][T11904] ? find_held_lock+0x2b/0x80 [ 460.338630][T11904] ? hook_file_ioctl_common+0x145/0x410 [ 460.338667][T11904] ? __fget_files+0x20e/0x3c0 [ 460.338700][T11904] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 460.338725][T11904] __x64_sys_ioctl+0x18e/0x210 [ 460.338762][T11904] do_syscall_64+0xcd/0x490 [ 460.338791][T11904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.338817][T11904] RIP: 0033:0x7fc43b78ebe9 [ 460.338839][T11904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.338864][T11904] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.338889][T11904] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 460.338907][T11904] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 460.338923][T11904] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 460.338939][T11904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.338955][T11904] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 460.338988][T11904] [ 460.909224][T11904] kvm: failed to allocate vcpu's emulator [ 461.548767][T11905] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1299'. [ 463.063001][T11954] mkiss: ax0: crc mode is auto. [ 463.163472][T11956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1315'. [ 463.175296][T11956] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1315'. [ 463.575092][T11969] FAULT_INJECTION: forcing a failure. [ 463.575092][T11969] name failslab, interval 1, probability 0, space 0, times 0 [ 463.638126][T11969] CPU: 0 UID: 0 PID: 11969 Comm: syz.2.1319 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 463.638166][T11969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 463.638182][T11969] Call Trace: [ 463.638191][T11969] [ 463.638201][T11969] dump_stack_lvl+0x16c/0x1f0 [ 463.638237][T11969] should_fail_ex+0x512/0x640 [ 463.638268][T11969] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 463.638303][T11969] should_failslab+0xc2/0x120 [ 463.638337][T11969] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 463.638368][T11969] ? prepare_creds+0x2c/0x7d0 [ 463.638408][T11969] prepare_creds+0x2c/0x7d0 [ 463.638447][T11969] __sys_setresgid+0x4af/0x1150 [ 463.638483][T11969] do_syscall_64+0xcd/0x490 [ 463.638514][T11969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.638539][T11969] RIP: 0033:0x7f838f58ebe9 [ 463.638560][T11969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.638584][T11969] RSP: 002b:00007f83904a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000077 [ 463.638609][T11969] RAX: ffffffffffffffda RBX: 00007f838f7b5fa0 RCX: 00007f838f58ebe9 [ 463.638626][T11969] RDX: 000000000000ee00 RSI: 000000000000ee01 RDI: 000000000000ee00 [ 463.638642][T11969] RBP: 00007f838f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 463.638656][T11969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.638672][T11969] R13: 00007f838f7b6038 R14: 00007f838f7b5fa0 R15: 00007ffceb166cd8 [ 463.638707][T11969] [ 464.545650][T11982] FAULT_INJECTION: forcing a failure. [ 464.545650][T11982] name failslab, interval 1, probability 0, space 0, times 0 [ 464.576313][T11982] CPU: 0 UID: 0 PID: 11982 Comm: syz.3.1325 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 464.576338][T11982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 464.576347][T11982] Call Trace: [ 464.576353][T11982] [ 464.576360][T11982] dump_stack_lvl+0x16c/0x1f0 [ 464.576381][T11982] should_fail_ex+0x512/0x640 [ 464.576399][T11982] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 464.576420][T11982] should_failslab+0xc2/0x120 [ 464.576439][T11982] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 464.576456][T11982] ? __kernfs_new_node+0xd2/0x8e0 [ 464.576478][T11982] __kernfs_new_node+0xd2/0x8e0 [ 464.576497][T11982] ? __lock_acquire+0x62e/0x1ce0 [ 464.576516][T11982] ? __pfx___kernfs_new_node+0x10/0x10 [ 464.576539][T11982] ? find_held_lock+0x2b/0x80 [ 464.576553][T11982] ? kernfs_root+0xee/0x2a0 [ 464.576584][T11982] kernfs_new_node+0x13c/0x1e0 [ 464.576608][T11982] __kernfs_create_file+0x53/0x350 [ 464.576626][T11982] sysfs_add_file_mode_ns+0x207/0x3c0 [ 464.576648][T11982] internal_create_group+0x578/0xf30 [ 464.576673][T11982] ? __pfx_internal_create_group+0x10/0x10 [ 464.576695][T11982] ? kernfs_create_link+0x1bd/0x240 [ 464.576712][T11982] internal_create_groups+0x9d/0x150 [ 464.576732][T11982] device_add+0xf30/0x1aa0 [ 464.576754][T11982] ? __pfx_device_add+0x10/0x10 [ 464.576773][T11982] ? lockdep_init_map_type+0x5c/0x280 [ 464.576792][T11982] ? __init_waitqueue_head+0xca/0x150 [ 464.576821][T11982] netdev_register_kobject+0x1a9/0x3d0 [ 464.576844][T11982] register_netdevice+0x13dc/0x2270 [ 464.576866][T11982] ? __pfx_register_netdevice+0x10/0x10 [ 464.576882][T11982] ? rcu_is_watching+0x12/0xc0 [ 464.576896][T11982] ? trace_kmalloc+0x2b/0xd0 [ 464.576914][T11982] ? __kmalloc_noprof+0x242/0x510 [ 464.576933][T11982] register_netdev+0x34/0x50 [ 464.576949][T11982] mkiss_open+0x4cd/0x9a0 [ 464.576970][T11982] ? __pfx_mkiss_open+0x10/0x10 [ 464.576990][T11982] tty_ldisc_open+0x9c/0x120 [ 464.577005][T11982] tty_set_ldisc+0x32b/0x780 [ 464.577023][T11982] tty_ioctl+0xc2e/0x1680 [ 464.577040][T11982] ? __pfx_tty_ioctl+0x10/0x10 [ 464.577062][T11982] ? find_held_lock+0x2b/0x80 [ 464.577075][T11982] ? hook_file_ioctl_common+0x145/0x410 [ 464.577095][T11982] ? __fget_files+0x20e/0x3c0 [ 464.577114][T11982] ? __pfx_tty_ioctl+0x10/0x10 [ 464.577130][T11982] __x64_sys_ioctl+0x18e/0x210 [ 464.577153][T11982] do_syscall_64+0xcd/0x490 [ 464.577172][T11982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.577187][T11982] RIP: 0033:0x7f4605d8ebe9 [ 464.577202][T11982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 464.577216][T11982] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 464.577230][T11982] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 464.577240][T11982] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 464.577249][T11982] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 464.577258][T11982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 464.577267][T11982] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 464.577287][T11982] [ 464.959600][T11971] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1320'. [ 465.094740][T11978] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1323'. [ 465.107878][T11978] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1323'. [ 465.509301][T12000] FAULT_INJECTION: forcing a failure. [ 465.509301][T12000] name failslab, interval 1, probability 0, space 0, times 0 [ 465.529817][T12000] CPU: 1 UID: 0 PID: 12000 Comm: syz.1.1329 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 465.529856][T12000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 465.529871][T12000] Call Trace: [ 465.529880][T12000] [ 465.529889][T12000] dump_stack_lvl+0x16c/0x1f0 [ 465.529921][T12000] should_fail_ex+0x512/0x640 [ 465.529948][T12000] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 465.529973][T12000] should_failslab+0xc2/0x120 [ 465.530001][T12000] __kmalloc_cache_noprof+0x6a/0x3e0 [ 465.530023][T12000] ? sctp_auth_init_hmacs+0xf2/0x440 [ 465.530048][T12000] sctp_auth_init_hmacs+0xf2/0x440 [ 465.530069][T12000] ? kasan_save_track+0x14/0x30 [ 465.530094][T12000] sctp_auth_init+0x90/0x570 [ 465.530119][T12000] sctp_setsockopt+0xa371/0xb870 [ 465.530150][T12000] ? __pfx_sctp_setsockopt+0x10/0x10 [ 465.530174][T12000] ? find_held_lock+0x2b/0x80 [ 465.530197][T12000] ? aa_sock_opt_perm+0xfd/0x1c0 [ 465.530224][T12000] ? sock_common_setsockopt+0x2e/0xf0 [ 465.530249][T12000] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 465.530277][T12000] do_sock_setsockopt+0xf3/0x1d0 [ 465.530305][T12000] __sys_setsockopt+0x120/0x1a0 [ 465.530330][T12000] __x64_sys_setsockopt+0xbd/0x160 [ 465.530349][T12000] ? do_syscall_64+0x91/0x490 [ 465.530370][T12000] ? lockdep_hardirqs_on+0x7c/0x110 [ 465.530390][T12000] do_syscall_64+0xcd/0x490 [ 465.530414][T12000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.530435][T12000] RIP: 0033:0x7f7fe898ebe9 [ 465.530451][T12000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 465.530471][T12000] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 465.530491][T12000] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 465.530504][T12000] RDX: 0000000000000081 RSI: 0000010000000084 RDI: 0000000000000003 [ 465.530516][T12000] RBP: 00007f7fe8a11e19 R08: 0000000000000008 R09: 0000000000000000 [ 465.530528][T12000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.530540][T12000] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 465.530577][T12000] [ 466.543425][T12027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1339'. [ 466.621697][T12030] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1339'. [ 467.396926][T12041] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1350'. [ 467.446562][T12041] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1350'. [ 467.490714][T12044] FAULT_INJECTION: forcing a failure. [ 467.490714][T12044] name failslab, interval 1, probability 0, space 0, times 0 [ 467.506934][T12044] CPU: 0 UID: 0 PID: 12044 Comm: syz.3.1343 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 467.506973][T12044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 467.506988][T12044] Call Trace: [ 467.506997][T12044] [ 467.507007][T12044] dump_stack_lvl+0x16c/0x1f0 [ 467.507043][T12044] should_fail_ex+0x512/0x640 [ 467.507073][T12044] ? fs_reclaim_acquire+0xae/0x150 [ 467.507115][T12044] ? tomoyo_encode2+0x100/0x3e0 [ 467.507143][T12044] should_failslab+0xc2/0x120 [ 467.507175][T12044] __kmalloc_noprof+0xd2/0x510 [ 467.507204][T12044] ? d_absolute_path+0x136/0x1a0 [ 467.507245][T12044] tomoyo_encode2+0x100/0x3e0 [ 467.507281][T12044] tomoyo_encode+0x29/0x50 [ 467.507309][T12044] tomoyo_realpath_from_path+0x18f/0x6e0 [ 467.507351][T12044] tomoyo_path_number_perm+0x245/0x580 [ 467.507376][T12044] ? tomoyo_path_number_perm+0x237/0x580 [ 467.507406][T12044] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 467.507446][T12044] ? __lock_acquire+0xb97/0x1ce0 [ 467.507500][T12044] ? do_raw_spin_unlock+0x172/0x230 [ 467.507537][T12044] ? _raw_spin_unlock+0x28/0x50 [ 467.507559][T12044] ? current_check_access_path+0x33c/0x460 [ 467.507593][T12044] ? __pfx_current_check_access_path+0x10/0x10 [ 467.507635][T12044] ? simple_lookup+0x105/0x1d0 [ 467.507668][T12044] tomoyo_path_mknod+0x10c/0x190 [ 467.507705][T12044] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 467.507742][T12044] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 467.507784][T12044] security_path_mknod+0x161/0x310 [ 467.507813][T12044] do_mknodat+0x239/0x5d0 [ 467.507848][T12044] ? __pfx_do_mknodat+0x10/0x10 [ 467.507875][T12044] ? getname_flags.part.0+0x1c5/0x550 [ 467.507922][T12044] __x64_sys_mknod+0x87/0xb0 [ 467.507952][T12044] do_syscall_64+0xcd/0x490 [ 467.507984][T12044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.508010][T12044] RIP: 0033:0x7f4605d8ebe9 [ 467.508031][T12044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.508055][T12044] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 467.508079][T12044] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 467.508096][T12044] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 467.508113][T12044] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 467.508127][T12044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 467.508142][T12044] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 467.508178][T12044] [ 467.508204][T12044] ERROR: Out of memory at tomoyo_realpath_from_path. [ 469.444489][T12078] FAULT_INJECTION: forcing a failure. [ 469.444489][T12078] name fail_futex, interval 1, probability 0, space 0, times 0 [ 469.461090][T12078] CPU: 0 UID: 0 PID: 12078 Comm: syz.0.1353 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 469.461130][T12078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 469.461146][T12078] Call Trace: [ 469.461155][T12078] [ 469.461165][T12078] dump_stack_lvl+0x16c/0x1f0 [ 469.461201][T12078] should_fail_ex+0x512/0x640 [ 469.461237][T12078] get_futex_key+0x1d0/0x1560 [ 469.461271][T12078] ? prepare_creds+0x56f/0x7d0 [ 469.461307][T12078] ? __do_sys_landlock_restrict_self+0x67d/0x910 [ 469.461357][T12078] ? __pfx_get_futex_key+0x10/0x10 [ 469.461401][T12078] futex_wake+0xea/0x530 [ 469.461443][T12078] ? __pfx_futex_wake+0x10/0x10 [ 469.461500][T12078] do_futex+0x1e3/0x350 [ 469.461533][T12078] ? __pfx_do_futex+0x10/0x10 [ 469.461565][T12078] ? trace_kmalloc+0x2b/0xd0 [ 469.461597][T12078] ? __kmalloc_noprof+0x242/0x510 [ 469.461631][T12078] __x64_sys_futex+0x1e0/0x4c0 [ 469.461667][T12078] ? __pfx___x64_sys_futex+0x10/0x10 [ 469.461698][T12078] ? prepare_creds+0x583/0x7d0 [ 469.461743][T12078] do_syscall_64+0xcd/0x490 [ 469.461774][T12078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.461800][T12078] RIP: 0033:0x7fc43b78ebe9 [ 469.461821][T12078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 469.461845][T12078] RSP: 002b:00007fc43c5c50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 469.461871][T12078] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa8 RCX: 00007fc43b78ebe9 [ 469.461889][T12078] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc43b9b5fac [ 469.461906][T12078] RBP: 00007fc43b9b5fa0 R08: 00007fc43c5c6000 R09: 0000000000000000 [ 469.461929][T12078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 469.461944][T12078] R13: 00007fc43b9b6038 R14: 00007ffd5e32c650 R15: 00007ffd5e32c738 [ 469.461978][T12078] [ 472.315835][ T5875] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 472.315874][ T5875] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 472.332730][ T5875] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 476.047640][T12198] FAULT_INJECTION: forcing a failure. [ 476.047640][T12198] name failslab, interval 1, probability 0, space 0, times 0 [ 476.094914][T12198] CPU: 1 UID: 0 PID: 12198 Comm: syz.2.1390 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 476.094956][T12198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 476.094973][T12198] Call Trace: [ 476.094984][T12198] [ 476.094995][T12198] dump_stack_lvl+0x16c/0x1f0 [ 476.095030][T12198] should_fail_ex+0x512/0x640 [ 476.095061][T12198] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 476.095092][T12198] should_failslab+0xc2/0x120 [ 476.095124][T12198] __kmalloc_cache_noprof+0x6a/0x3e0 [ 476.095149][T12198] ? do_raw_spin_lock+0x12c/0x2b0 [ 476.095185][T12198] ? single_open+0x4d/0x1f0 [ 476.095224][T12198] ? __pfx_tracing_clock_show+0x10/0x10 [ 476.095249][T12198] single_open+0x4d/0x1f0 [ 476.095290][T12198] tracing_clock_open+0xa7/0x100 [ 476.095328][T12198] do_dentry_open+0x97f/0x1530 [ 476.095360][T12198] ? __pfx_tracing_clock_open+0x10/0x10 [ 476.095402][T12198] vfs_open+0x82/0x3f0 [ 476.095442][T12198] path_openat+0x1de4/0x2cb0 [ 476.095484][T12198] ? __pfx_path_openat+0x10/0x10 [ 476.095524][T12198] do_filp_open+0x20b/0x470 [ 476.095554][T12198] ? __pfx_do_filp_open+0x10/0x10 [ 476.095610][T12198] ? alloc_fd+0x471/0x7d0 [ 476.095655][T12198] do_sys_openat2+0x11b/0x1d0 [ 476.095693][T12198] ? __pfx_do_sys_openat2+0x10/0x10 [ 476.095746][T12198] __x64_sys_openat+0x174/0x210 [ 476.095785][T12198] ? __pfx___x64_sys_openat+0x10/0x10 [ 476.095839][T12198] do_syscall_64+0xcd/0x490 [ 476.095871][T12198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 476.095897][T12198] RIP: 0033:0x7f838f58ebe9 [ 476.095920][T12198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 476.095944][T12198] RSP: 002b:00007f83904a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 476.095970][T12198] RAX: ffffffffffffffda RBX: 00007f838f7b5fa0 RCX: 00007f838f58ebe9 [ 476.095988][T12198] RDX: 0000000000020180 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 476.096006][T12198] RBP: 00007f838f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 476.096022][T12198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 476.096038][T12198] R13: 00007f838f7b6038 R14: 00007f838f7b5fa0 R15: 00007ffceb166cd8 [ 476.096075][T12198] [ 476.932439][T12214] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 479.061228][T12253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1404'. [ 479.071921][T12253] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1404'. [ 479.084243][T12250] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1405'. g&[ 480.551565][T12261] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1407'. [ 480.600879][T12261] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1407'. [ 483.942774][T12329] FAULT_INJECTION: forcing a failure. [ 483.942774][T12329] name failslab, interval 1, probability 0, space 0, times 0 [ 484.237930][T12329] CPU: 1 UID: 0 PID: 12329 Comm: syz.0.1426 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 484.237981][T12329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 484.237997][T12329] Call Trace: [ 484.238006][T12329] [ 484.238017][T12329] dump_stack_lvl+0x16c/0x1f0 [ 484.238051][T12329] should_fail_ex+0x512/0x640 [ 484.238082][T12329] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 484.238116][T12329] should_failslab+0xc2/0x120 [ 484.238149][T12329] __kmalloc_cache_node_noprof+0x6d/0x420 [ 484.238178][T12329] ? lockdep_init_map_type+0x5c/0x280 [ 484.238219][T12329] ? __alloc_workqueue+0x506/0x1810 [ 484.238254][T12329] __alloc_workqueue+0x506/0x1810 [ 484.238288][T12329] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 484.238319][T12329] alloc_workqueue_noprof+0xd2/0x200 [ 484.238352][T12329] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 484.238394][T12329] ? __pfx___debug_object_init+0x10/0x10 [ 484.238441][T12329] nci_register_device+0x394/0xb80 [ 484.238481][T12329] ? __pfx_nci_register_device+0x10/0x10 [ 484.238523][T12329] ? lockdep_init_map_type+0x5c/0x280 [ 484.238563][T12329] virtual_ncidev_open+0x141/0x220 [ 484.238602][T12329] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 484.238638][T12329] misc_open+0x35a/0x420 [ 484.238675][T12329] ? __pfx_misc_open+0x10/0x10 [ 484.238709][T12329] chrdev_open+0x231/0x6a0 [ 484.238738][T12329] ? __pfx_apparmor_file_open+0x10/0x10 [ 484.238771][T12329] ? __pfx_chrdev_open+0x10/0x10 [ 484.238805][T12329] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 484.238838][T12329] do_dentry_open+0x97f/0x1530 [ 484.238866][T12329] ? __pfx_chrdev_open+0x10/0x10 [ 484.238904][T12329] vfs_open+0x82/0x3f0 [ 484.238944][T12329] path_openat+0x1de4/0x2cb0 [ 484.238992][T12329] ? __pfx_path_openat+0x10/0x10 [ 484.239035][T12329] do_filp_open+0x20b/0x470 [ 484.239068][T12329] ? __pfx_do_filp_open+0x10/0x10 [ 484.239122][T12329] ? alloc_fd+0x471/0x7d0 [ 484.239155][T12329] do_sys_openat2+0x11b/0x1d0 [ 484.239197][T12329] ? __pfx_do_sys_openat2+0x10/0x10 [ 484.239250][T12329] __x64_sys_openat+0x174/0x210 [ 484.239290][T12329] ? __pfx___x64_sys_openat+0x10/0x10 [ 484.239345][T12329] do_syscall_64+0xcd/0x490 [ 484.239377][T12329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.239404][T12329] RIP: 0033:0x7fc43b78ebe9 [ 484.239427][T12329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.239454][T12329] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 484.239480][T12329] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 484.239499][T12329] RDX: 0000000000000002 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 484.239514][T12329] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 484.239529][T12329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.239544][T12329] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 484.239580][T12329] [ 485.408127][T12356] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1434'. [ 485.435110][T12357] random: crng reseeded on system resumption [ 486.192197][T12373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1442'. [ 486.215374][T12373] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1442'. [ 486.370438][T12377] FAULT_INJECTION: forcing a failure. [ 486.370438][T12377] name failslab, interval 1, probability 0, space 0, times 0 [ 486.396442][T12377] CPU: 0 UID: 0 PID: 12377 Comm: syz.3.1443 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 486.396481][T12377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 486.396497][T12377] Call Trace: [ 486.396505][T12377] [ 486.396516][T12377] dump_stack_lvl+0x16c/0x1f0 [ 486.396551][T12377] should_fail_ex+0x512/0x640 [ 486.396581][T12377] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 486.396616][T12377] should_failslab+0xc2/0x120 [ 486.396648][T12377] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 486.396689][T12377] ? __alloc_skb+0x2b2/0x380 [ 486.396721][T12377] __alloc_skb+0x2b2/0x380 [ 486.396746][T12377] ? __pfx___alloc_skb+0x10/0x10 [ 486.396778][T12377] ? netlink_has_listeners+0x20f/0x430 [ 486.396813][T12377] alloc_uevent_skb+0x7d/0x210 [ 486.396850][T12377] kobject_uevent_env+0xca4/0x1870 [ 486.396891][T12377] ? bus_to_subsys+0x131/0x160 [ 486.396935][T12377] device_add+0x10dd/0x1aa0 [ 486.396975][T12377] ? __pfx_device_add+0x10/0x10 [ 486.397025][T12377] device_create_groups_vargs+0x1f8/0x270 [ 486.397066][T12377] device_create+0xed/0x130 [ 486.397101][T12377] ? __pfx_device_create+0x10/0x10 [ 486.397138][T12377] ? do_init_timer+0xc9/0x110 [ 486.397169][T12377] ? ieee80211_roc_setup+0x136/0x270 [ 486.397207][T12377] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 486.397242][T12377] mac80211_hwsim_new_radio+0x369/0x54d0 [ 486.397297][T12377] ? __asan_memset+0x23/0x50 [ 486.397324][T12377] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 486.397372][T12377] hwsim_new_radio_nl+0xb51/0x12c0 [ 486.397415][T12377] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 486.397463][T12377] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 486.397498][T12377] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 486.397541][T12377] genl_family_rcv_msg_doit+0x206/0x2f0 [ 486.397578][T12377] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 486.397625][T12377] ? bpf_lsm_capable+0x9/0x10 [ 486.397647][T12377] ? security_capable+0x7e/0x260 [ 486.397695][T12377] ? ns_capable+0xd7/0x110 [ 486.397726][T12377] genl_rcv_msg+0x55c/0x800 [ 486.397765][T12377] ? __pfx_genl_rcv_msg+0x10/0x10 [ 486.397800][T12377] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 486.397851][T12377] netlink_rcv_skb+0x155/0x420 [ 486.397880][T12377] ? __pfx_genl_rcv_msg+0x10/0x10 [ 486.397914][T12377] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 486.397959][T12377] ? netlink_deliver_tap+0x1ae/0xd30 [ 486.397993][T12377] genl_rcv+0x28/0x40 [ 486.398020][T12377] netlink_unicast+0x5aa/0x870 [ 486.398054][T12377] ? __pfx_netlink_unicast+0x10/0x10 [ 486.398083][T12377] ? __pfx___might_resched+0x10/0x10 [ 486.398107][T12377] ? __lock_acquire+0xb97/0x1ce0 [ 486.398150][T12377] netlink_sendmsg+0x8d1/0xdd0 [ 486.398185][T12377] ? __pfx_netlink_sendmsg+0x10/0x10 [ 486.398219][T12377] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 486.398262][T12377] ____sys_sendmsg+0xa95/0xc70 [ 486.398298][T12377] ? copy_msghdr_from_user+0x10a/0x160 [ 486.398324][T12377] ? __pfx_____sys_sendmsg+0x10/0x10 [ 486.398377][T12377] ___sys_sendmsg+0x134/0x1d0 [ 486.398407][T12377] ? __pfx____sys_sendmsg+0x10/0x10 [ 486.398485][T12377] __sys_sendmsg+0x16d/0x220 [ 486.398513][T12377] ? __pfx___sys_sendmsg+0x10/0x10 [ 486.398540][T12377] ? __x64_sys_futex+0x1e0/0x4c0 [ 486.398595][T12377] do_syscall_64+0xcd/0x490 [ 486.398627][T12377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.398661][T12377] RIP: 0033:0x7f4605d8ebe9 [ 486.398683][T12377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.398710][T12377] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 486.398735][T12377] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 486.398753][T12377] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 486.398770][T12377] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 486.398786][T12377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.398802][T12377] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 486.398840][T12377] g&[ 487.492442][T12388] random: crng reseeded on system resumption [ 488.450566][T12407] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1451'. [ 488.624643][T12409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1454'. [ 488.687806][T12409] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1454'. [ 489.649049][T12429] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1459'. g&[ 490.290026][T12445] random: crng reseeded on system resumption [ 490.369244][T12446] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1465'. [ 491.149265][T12450] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 491.647759][T12456] FAULT_INJECTION: forcing a failure. [ 491.647759][T12456] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 491.722606][T12456] CPU: 1 UID: 0 PID: 12456 Comm: syz.1.1468 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 491.722647][T12456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 491.722663][T12456] Call Trace: [ 491.722672][T12456] [ 491.722682][T12456] dump_stack_lvl+0x16c/0x1f0 [ 491.722718][T12456] should_fail_ex+0x512/0x640 [ 491.722753][T12456] should_fail_alloc_page+0xe7/0x130 [ 491.722790][T12456] prepare_alloc_pages+0x3c2/0x610 [ 491.722832][T12456] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 491.722868][T12456] ? __lock_acquire+0x62e/0x1ce0 [ 491.722907][T12456] ? __lock_acquire+0x62e/0x1ce0 [ 491.722939][T12456] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 491.722986][T12456] ? find_held_lock+0x2b/0x80 [ 491.723014][T12456] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 491.723052][T12456] ? policy_nodemask+0xea/0x4e0 [ 491.723087][T12456] alloc_pages_mpol+0x1fb/0x550 [ 491.723118][T12456] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 491.723156][T12456] folio_alloc_mpol_noprof+0x36/0x2f0 [ 491.723192][T12456] shmem_alloc_folio+0x135/0x160 [ 491.723229][T12456] shmem_alloc_and_add_folio+0x499/0xc20 [ 491.723265][T12456] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 491.723298][T12456] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 491.723331][T12456] shmem_get_folio_gfp+0x67f/0x1600 [ 491.723369][T12456] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 491.723401][T12456] ? filemap_map_pages+0xf58/0x1670 [ 491.723435][T12456] shmem_fault+0x1fe/0xa30 [ 491.723477][T12456] ? __pfx_shmem_fault+0x10/0x10 [ 491.723513][T12456] ? __pfx_filemap_map_pages+0x10/0x10 [ 491.723555][T12456] ? __pfx_filemap_map_pages+0x10/0x10 [ 491.723583][T12456] __do_fault+0x10a/0x490 [ 491.723615][T12456] ? __pfx_filemap_map_pages+0x10/0x10 [ 491.723642][T12456] do_pte_missing+0xf50/0x3ba0 [ 491.723669][T12456] ? find_held_lock+0x2b/0x80 [ 491.723694][T12456] ? __handle_mm_fault+0x14fd/0x2a50 [ 491.723726][T12456] __handle_mm_fault+0x152a/0x2a50 [ 491.723757][T12456] ? mt_find+0x3ef/0xa30 [ 491.723789][T12456] ? __pfx___handle_mm_fault+0x10/0x10 [ 491.723814][T12456] ? __pfx_mt_find+0x10/0x10 [ 491.723864][T12456] ? find_vma+0xbf/0x140 [ 491.723895][T12456] ? __pfx_find_vma+0x10/0x10 [ 491.723930][T12456] handle_mm_fault+0x589/0xd10 [ 491.723958][T12456] ? __bpf_trace_exceptions+0x1/0x40 [ 491.723997][T12456] do_user_addr_fault+0x7a6/0x1370 [ 491.724038][T12456] ? rcu_is_watching+0x12/0xc0 [ 491.724068][T12456] exc_page_fault+0x5c/0xb0 [ 491.724096][T12456] asm_exc_page_fault+0x26/0x30 [ 491.724121][T12456] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 491.724157][T12456] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 491.724183][T12456] RSP: 0018:ffffc900030b7830 EFLAGS: 00050206 [ 491.724204][T12456] RAX: 0000000000000001 RBX: 0000000000007114 RCX: 0000000000006114 [ 491.724219][T12456] RDX: ffffed100f271e23 RSI: 0000000000001000 RDI: ffff888079389000 [ 491.724236][T12456] RBP: 0000000000007114 R08: 0000000000000001 R09: ffffed100f271e22 [ 491.724252][T12456] R10: ffff88807938f113 R11: 0000000000000000 R12: 0000000000000000 [ 491.724268][T12456] R13: ffffc900030b7d80 R14: ffff888079388000 R15: 0000000000000000 [ 491.724304][T12456] _copy_from_iter+0x4eb/0x16f0 [ 491.724345][T12456] ? rcu_is_watching+0x12/0xc0 [ 491.724371][T12456] ? __pfx__copy_from_iter+0x10/0x10 [ 491.724401][T12456] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 491.724431][T12456] ? __asan_memset+0x23/0x50 [ 491.724457][T12456] ? __build_skb_around+0x278/0x3b0 [ 491.724503][T12456] ? is_vmalloc_addr+0x86/0xa0 [ 491.724537][T12456] netlink_sendmsg+0x829/0xdd0 [ 491.724574][T12456] ? __pfx_netlink_sendmsg+0x10/0x10 [ 491.724607][T12456] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 491.724651][T12456] sock_write_iter+0x4ff/0x5b0 [ 491.724686][T12456] ? __pfx_sock_write_iter+0x10/0x10 [ 491.724734][T12456] ? __futex_wait+0x24c/0x2f0 [ 491.724772][T12456] ? copy_iovec_from_user+0x131/0x170 [ 491.724803][T12456] do_iter_readv_writev+0x657/0x950 [ 491.724831][T12456] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 491.724861][T12456] ? bpf_lsm_file_permission+0x9/0x10 [ 491.724893][T12456] ? security_file_permission+0x71/0x210 [ 491.724922][T12456] ? rw_verify_area+0xcf/0x6c0 [ 491.724950][T12456] vfs_writev+0x35f/0xde0 [ 491.724979][T12456] ? __lock_acquire+0x62e/0x1ce0 [ 491.725013][T12456] ? __pfx_vfs_writev+0x10/0x10 [ 491.725065][T12456] ? __fget_files+0x20e/0x3c0 [ 491.725097][T12456] ? do_writev+0x28c/0x340 [ 491.725117][T12456] do_writev+0x28c/0x340 [ 491.725142][T12456] ? __pfx_do_writev+0x10/0x10 [ 491.725178][T12456] do_syscall_64+0xcd/0x490 [ 491.725208][T12456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.725233][T12456] RIP: 0033:0x7f7fe898ebe9 [ 491.725254][T12456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 491.725278][T12456] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 491.725301][T12456] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 491.725317][T12456] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 491.725332][T12456] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 491.725347][T12456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 491.725362][T12456] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 491.725396][T12456] [ 493.070294][T12472] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1471'. [ 493.285524][T12477] [U]  [ 493.288643][T12477] [U] [ 493.291351][T12477] [U] [ 493.294056][T12477] [U] [ 493.314450][T12477] [U] [ 493.317210][T12477] [U] [ 493.319931][T12477] [U] [ 493.322643][T12477] [U] [ 493.337211][T12477] [U] [ 493.339962][T12477] [U] [ 493.342692][T12477] [U] [ 493.345416][T12477] [U] [ 493.371045][T12485] bridge0: port 3(bond0) entered blocking state [ 493.371889][T12477] [U] [ 493.380066][T12477] [U] [ 493.382797][T12477] [U] [ 493.384976][T12485] bridge0: port 3(bond0) entered disabled state [ 493.385766][T12477] [U] [ 493.392167][T12485] bond0: entered allmulticast mode [ 493.410125][T12485] bond_slave_0: entered allmulticast mode [ 493.420046][T12485] bond_slave_1: entered allmulticast mode [ 493.429977][T12485] bond0: entered promiscuous mode [ 493.438626][T12485] bond_slave_0: entered promiscuous mode [ 493.445120][T12477] [U] [ 493.447847][T12477] [U] [ 493.450568][T12477] [U] [ 493.451735][T12485] bond_slave_1: entered promiscuous mode [ 493.453283][T12477] [U] [ 493.464159][T12477] [U] [ 493.466888][T12477] [U] [ 493.469609][T12477] [U] [ 493.472412][T12477] [U] [ 493.473845][T12485] bridge0: port 3(bond0) entered blocking state [ 493.481947][T12485] bridge0: port 3(bond0) entered forwarding state [ 493.496289][T12477] [U] [ 493.499049][T12477] [U] [ 493.501762][T12477] [U] [ 493.504560][T12477] [U] [ 493.515177][T12477] [U] [ 493.517926][T12477] [U] [ 493.520620][T12477] [U] [ 493.523312][T12477] [U] [ 493.539276][T12477] [U] [ 493.542033][T12477] [U] [ 493.544749][T12477] [U] [ 493.547462][T12477] [U] [ 493.558916][T12477] [U] [ 493.561809][T12477] [U] [ 493.564607][T12477] [U] [ 493.567318][T12477] [U] [ 493.571207][T12477] [U] [ 493.573974][T12477] [U] [ 493.576687][T12477] [U] [ 493.579403][T12477] [U] [ 493.583141][T12477] [U] [ 493.585871][T12477] [U] [ 493.588562][T12477] [U] [ 493.591256][T12477] [U] [ 493.610040][T12477] [U] [ 493.612791][T12477] [U] [ 493.615504][T12477] [U] [ 493.618215][T12477] [U] [ 493.645672][T12477] [U] [ 493.648415][T12477] [U] [ 493.651111][T12477] [U] [ 493.653795][T12477] [U] [ 493.689912][T12477] [U] [ 493.692667][T12477] [U] [ 493.695480][T12477] [U] [ 493.698279][T12477] [U] [ 493.705620][T12477] [U] [ 493.708388][T12477] [U] [ 493.711110][T12477] [U] [ 493.713871][T12477] [U] [ 493.717485][T12477] [U] [ 493.720218][T12477] [U] [ 493.722929][T12477] [U] [ 493.725649][T12477] [U] [ 493.729236][T12477] [U] [ 493.732025][T12477] [U] [ 493.734731][T12477] [U] [ 493.737452][T12477] [U] [ 493.743673][T12477] [U] [ 493.746419][T12477] [U] [ 493.749136][T12477] [U] [ 493.751850][T12477] [U] [ 493.755666][T12477] [U] [ 493.758400][T12477] [U] [ 493.761115][T12477] [U] [ 493.763811][T12477] [U] [ 493.767920][T12477] [U] [ 493.770627][T12477] [U] [ 493.773315][T12477] [U] [ 493.776023][T12477] [U] [ 493.778912][T12477] [U] [ 493.781622][T12477] [U] [ 493.784301][T12477] [U] [ 493.786992][T12477] [U] [ 493.789906][T12477] [U] [ 493.792607][T12477] [U] [ 493.795314][T12477] [U] [ 493.798013][T12477] [U] [ 493.800886][T12477] [U] [ 493.803585][T12477] [U] [ 493.806265][T12477] [U] [ 493.808965][T12477] [U] [ 493.811845][T12477] [U] [ 493.814646][T12477] [U] [ 493.817449][T12477] [U] [ 493.820148][T12477] [U] [ 493.823025][T12477] [U] [ 493.825746][T12477] [U] [ 493.828449][T12477] [U] [ 493.831133][T12477] [U] [ 493.834104][T12477] [U] [ 493.836832][T12477] [U] [ 493.839528][T12477] [U] [ 493.842298][T12477] [U] [ 493.845356][T12477] [U] [ 493.848065][T12477] [U] [ 493.850755][T12477] [U] [ 493.853435][T12477] [U] [ 493.856451][T12477] [U] [ 493.859144][T12477] [U] [ 493.861832][T12477] [U] [ 493.864526][T12477] [U] [ 493.868031][T12477] [U] [ 493.870747][T12477] [U] [ 493.873426][T12477] [U] [ 493.876203][T12477] [U] [ 493.879086][T12477] [U] [ 493.881797][T12477] [U] [ 493.884591][T12477] [U] [ 493.887294][T12477] [U] [ 493.890179][T12477] [U] [ 493.892985][T12477] [U] [ 493.895682][T12477] [U] [ 493.903158][T12476] [U] [ 494.450807][T12499] serio: Serial port pty6 [ 495.054276][T12512] serio: Serial port pty6 [ 495.670438][T12524] sp0: Synchronizing with TNC [ 495.898906][T12517] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1484'. [ 496.089190][T12523] sp0: Synchronizing with TNC [ 497.881838][T12570] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1497'. [ 500.946975][T12623] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1507'. [ 503.365276][T12672] FAULT_INJECTION: forcing a failure. [ 503.365276][T12672] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 503.522207][T12672] CPU: 1 UID: 0 PID: 12672 Comm: syz.0.1519 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 503.522249][T12672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 503.522266][T12672] Call Trace: [ 503.522274][T12672] [ 503.522285][T12672] dump_stack_lvl+0x16c/0x1f0 [ 503.522322][T12672] should_fail_ex+0x512/0x640 [ 503.522358][T12672] _copy_from_iter+0x29f/0x16f0 [ 503.522398][T12672] ? rcu_is_watching+0x12/0xc0 [ 503.522425][T12672] ? __pfx__copy_from_iter+0x10/0x10 [ 503.522456][T12672] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 503.522488][T12672] ? __asan_memset+0x23/0x50 [ 503.522512][T12672] ? __build_skb_around+0x278/0x3b0 [ 503.522550][T12672] ? is_vmalloc_addr+0x86/0xa0 [ 503.522584][T12672] netlink_sendmsg+0x829/0xdd0 [ 503.522620][T12672] ? __pfx_netlink_sendmsg+0x10/0x10 [ 503.522653][T12672] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 503.522697][T12672] ____sys_sendmsg+0xa95/0xc70 [ 503.522731][T12672] ? copy_msghdr_from_user+0x10a/0x160 [ 503.522757][T12672] ? __pfx_____sys_sendmsg+0x10/0x10 [ 503.522798][T12672] ? __pfx_futex_wake_mark+0x10/0x10 [ 503.522839][T12672] ___sys_sendmsg+0x134/0x1d0 [ 503.522868][T12672] ? __pfx____sys_sendmsg+0x10/0x10 [ 503.522930][T12672] __sys_sendmsg+0x16d/0x220 [ 503.522954][T12672] ? __pfx___sys_sendmsg+0x10/0x10 [ 503.522980][T12672] ? __x64_sys_futex+0x1e0/0x4c0 [ 503.523032][T12672] do_syscall_64+0xcd/0x490 [ 503.523065][T12672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.523092][T12672] RIP: 0033:0x7fc43b78ebe9 [ 503.523125][T12672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.523153][T12672] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 503.523180][T12672] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 503.523198][T12672] RDX: 0000000000000004 RSI: 0000200000000100 RDI: 0000000000000005 [ 503.523215][T12672] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 503.523232][T12672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 503.523248][T12672] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 503.523283][T12672] [ 503.765830][T12673] serio: Serial port pty6 g&[ 506.763310][T12716] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1536'. [ 506.766683][T12715] random: crng reseeded on system resumption [ 506.790767][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.797217][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.898273][T12718] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1530'. g&[ 509.665467][T12758] FAULT_INJECTION: forcing a failure. [ 509.665467][T12758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 509.691517][T12758] CPU: 1 UID: 14 PID: 12758 Comm: syz.0.1541 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 509.691564][T12758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 509.691579][T12758] Call Trace: [ 509.691587][T12758] [ 509.691597][T12758] dump_stack_lvl+0x16c/0x1f0 [ 509.691629][T12758] should_fail_ex+0x512/0x640 [ 509.691662][T12758] _copy_from_user+0x2e/0xd0 [ 509.691695][T12758] copy_msghdr_from_user+0x98/0x160 [ 509.691723][T12758] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 509.691755][T12758] ? kfree+0x24f/0x4d0 [ 509.691779][T12758] ? futex_unqueue+0x133/0x2c0 [ 509.691812][T12758] ___sys_sendmsg+0xfe/0x1d0 [ 509.691839][T12758] ? __pfx____sys_sendmsg+0x10/0x10 [ 509.691896][T12758] ? __pfx___might_resched+0x10/0x10 [ 509.691931][T12758] __sys_sendmmsg+0x200/0x420 [ 509.691962][T12758] ? __pfx___sys_sendmmsg+0x10/0x10 [ 509.691988][T12758] ? ip4_datagram_connect+0x38/0x50 [ 509.692031][T12758] ? __pfx_do_futex+0x10/0x10 [ 509.692084][T12758] ? xfd_validate_state+0x61/0x180 [ 509.692127][T12758] __x64_sys_sendmmsg+0x9c/0x100 [ 509.692154][T12758] ? lockdep_hardirqs_on+0x7c/0x110 [ 509.692181][T12758] do_syscall_64+0xcd/0x490 [ 509.692211][T12758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.692237][T12758] RIP: 0033:0x7fc43b78ebe9 [ 509.692257][T12758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.692282][T12758] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 509.692307][T12758] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 509.692325][T12758] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 509.692341][T12758] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 509.692357][T12758] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000000 [ 509.692373][T12758] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 509.692408][T12758] [ 511.113953][T12778] binder: 12776:12778 ioctl 5380 2000000000c0 returned -22 [ 511.178634][T12778] sd 0:0:1:0: PR command failed: 1026 [ 511.189104][T12778] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 511.210733][T12778] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 512.804297][T12809] netlink: 531 bytes leftover after parsing attributes in process `syz.3.1554'. [ 513.476946][T12829] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1556'. g&g&[ 517.681847][T12884] ima: policy update failed [ 517.690468][ T30] audit: type=1802 audit(6049581334.689:16): pid=12884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1573" res=0 errno=0 [ 520.412851][T12947] 0x000200000001-0xa29656a63616329 : "" [ 520.422155][T12947] mtd: partition "" is out of reach -- disabled [ 520.718521][T12947] ftl_cs: FTL header not found. [ 521.770721][T12966] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1599'. [ 521.787949][T12966] hsr_slave_0: left promiscuous mode [ 521.798435][T12966] hsr_slave_1: left promiscuous mode [ 523.718608][T13002] __vm_enough_memory: pid: 13002, comm: syz.2.1600, bytes: 4398046511104 not enough memory for the allocation [ 527.264341][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802983d800: rx timeout, send abort [ 527.279856][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802983d800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 527.412414][T13055] netlink: 531 bytes leftover after parsing attributes in process `syz.1.1610'. g&[ 528.348303][T13075] netlink: 'syz.0.1615': attribute type 33 has an invalid length. [ 528.746936][T13085] netlink: 182 bytes leftover after parsing attributes in process `syz.3.1618'. g&[ 531.960833][T13154] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1632'. [ 532.149319][T13154] hsr_slave_0: left promiscuous mode [ 532.158542][T13154] hsr_slave_1: left promiscuous mode [ 533.011372][T13151] kexec: Could not allocate control_code_buffer [ 533.577621][T13177] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1638'. [ 536.093097][T13214] usb usb36: usbfs: process 13214 (syz.3.1646) did not claim interface 0 before use [ 536.290652][T13220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1649'. [ 536.676792][T13227] FAULT_INJECTION: forcing a failure. [ 536.676792][T13227] name failslab, interval 1, probability 0, space 0, times 0 [ 536.746425][T13227] CPU: 0 UID: 0 PID: 13227 Comm: syz.1.1650 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 536.746467][T13227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 536.746483][T13227] Call Trace: [ 536.746492][T13227] [ 536.746503][T13227] dump_stack_lvl+0x16c/0x1f0 [ 536.746538][T13227] should_fail_ex+0x512/0x640 [ 536.746563][T13227] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 536.746603][T13227] should_failslab+0xc2/0x120 [ 536.746632][T13227] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 536.746660][T13227] ? alloc_inode+0x61/0x240 [ 536.746697][T13227] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 536.746718][T13227] alloc_inode+0x61/0x240 [ 536.746751][T13227] new_inode+0x22/0x1c0 [ 536.746787][T13227] __debugfs_create_file+0x11c/0x6b0 [ 536.746817][T13227] debugfs_create_file_full+0x41/0x60 [ 536.746848][T13227] ref_tracker_dir_debugfs+0x19d/0x290 [ 536.746878][T13227] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 536.746941][T13227] ? lockdep_init_map_type+0x5c/0x280 [ 536.746979][T13227] preinit_net+0x296/0x8f0 [ 536.747008][T13227] copy_net_ns+0x1da/0x5f0 [ 536.747042][T13227] create_new_namespaces+0x3ea/0xa90 [ 536.747078][T13227] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 536.747108][T13227] ksys_unshare+0x45b/0xa40 [ 536.747140][T13227] ? __pfx_ksys_unshare+0x10/0x10 [ 536.747172][T13227] ? xfd_validate_state+0x61/0x180 [ 536.747216][T13227] __x64_sys_unshare+0x31/0x40 [ 536.747246][T13227] do_syscall_64+0xcd/0x490 [ 536.747276][T13227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.747300][T13227] RIP: 0033:0x7f7fe898ebe9 [ 536.747321][T13227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 536.747345][T13227] RSP: 002b:00007f7fe9826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 536.747368][T13227] RAX: ffffffffffffffda RBX: 00007f7fe8bb5fa0 RCX: 00007f7fe898ebe9 [ 536.747386][T13227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 536.747409][T13227] RBP: 00007f7fe8a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 536.747424][T13227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 536.747444][T13227] R13: 00007f7fe8bb6038 R14: 00007f7fe8bb5fa0 R15: 00007fff24127bb8 [ 536.747479][T13227] [ 536.747574][T13227] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88807869c9f0' [ 540.607676][T13279] tipc: can't start tipc send workqueue [ 540.871328][T13304] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1662'. g&[ 541.319464][T13311] FAULT_INJECTION: forcing a failure. [ 541.319464][T13311] name failslab, interval 1, probability 0, space 0, times 0 [ 541.345045][T13311] CPU: 0 UID: 0 PID: 13311 Comm: syz.0.1665 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 541.345086][T13311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 541.345099][T13311] Call Trace: [ 541.345107][T13311] [ 541.345116][T13311] dump_stack_lvl+0x16c/0x1f0 [ 541.345147][T13311] should_fail_ex+0x512/0x640 [ 541.345177][T13311] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 541.345214][T13311] should_failslab+0xc2/0x120 [ 541.345245][T13311] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 541.345276][T13311] ? kfree+0x24f/0x4d0 [ 541.345298][T13311] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 541.345335][T13311] krealloc_noprof+0x159/0x3a0 [ 541.345361][T13311] ? krealloc_noprof+0x1b4/0x3a0 [ 541.345393][T13311] snd_pcm_hw_rule_add+0x414/0x5a0 [ 541.345421][T13311] ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10 [ 541.345453][T13311] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 541.345479][T13311] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 541.345509][T13311] ? lockdep_init_map_type+0x5c/0x280 [ 541.345540][T13311] ? debug_mutex_init+0x37/0x70 [ 541.345563][T13311] ? snd_pcm_attach_substream+0x89d/0xd60 [ 541.345594][T13311] snd_pcm_open_substream+0x92c/0x17f0 [ 541.345636][T13311] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 541.345682][T13311] snd_pcm_oss_open+0x735/0x1400 [ 541.345728][T13311] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 541.345762][T13311] ? __lock_acquire+0xb97/0x1ce0 [ 541.345793][T13311] ? __pfx_default_wake_function+0x10/0x10 [ 541.345820][T13311] ? __lock_acquire+0xb97/0x1ce0 [ 541.345858][T13311] ? do_raw_spin_lock+0x12c/0x2b0 [ 541.345895][T13311] ? soundcore_open+0x35a/0x580 [ 541.345926][T13311] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 541.345959][T13311] soundcore_open+0x409/0x580 [ 541.345991][T13311] ? __pfx_soundcore_open+0x10/0x10 [ 541.346028][T13311] chrdev_open+0x231/0x6a0 [ 541.346061][T13311] ? __pfx_apparmor_file_open+0x10/0x10 [ 541.346097][T13311] ? __pfx_chrdev_open+0x10/0x10 [ 541.346126][T13311] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 541.346153][T13311] do_dentry_open+0x97f/0x1530 [ 541.346181][T13311] ? __pfx_chrdev_open+0x10/0x10 [ 541.346216][T13311] vfs_open+0x82/0x3f0 [ 541.346254][T13311] path_openat+0x1de4/0x2cb0 [ 541.346293][T13311] ? __pfx_path_openat+0x10/0x10 [ 541.346331][T13311] do_filp_open+0x20b/0x470 [ 541.346360][T13311] ? __pfx_do_filp_open+0x10/0x10 [ 541.346417][T13311] ? alloc_fd+0x471/0x7d0 [ 541.346455][T13311] do_sys_openat2+0x11b/0x1d0 [ 541.346490][T13311] ? __pfx_do_sys_openat2+0x10/0x10 [ 541.346542][T13311] __x64_sys_openat+0x174/0x210 [ 541.346579][T13311] ? __pfx___x64_sys_openat+0x10/0x10 [ 541.346632][T13311] do_syscall_64+0xcd/0x490 [ 541.346664][T13311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.346690][T13311] RIP: 0033:0x7fc43b78ebe9 [ 541.346713][T13311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.346738][T13311] RSP: 002b:00007fc43c5c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 541.346763][T13311] RAX: ffffffffffffffda RBX: 00007fc43b9b5fa0 RCX: 00007fc43b78ebe9 [ 541.346779][T13311] RDX: 0000000000020942 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 541.346796][T13311] RBP: 00007fc43b811e19 R08: 0000000000000000 R09: 0000000000000000 [ 541.346811][T13311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.346827][T13311] R13: 00007fc43b9b6038 R14: 00007fc43b9b5fa0 R15: 00007ffd5e32c738 [ 541.346863][T13311] [ 541.775612][T13316] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 543.183411][ T30] audit: type=1800 audit(6049581360.179:17): pid=13342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1673" name="features" dev="configfs" ino=40140 res=0 errno=0 [ 543.432343][T13346] can0: slcan on pty233. [ 543.548362][T13345] can0 (unregistered): slcan off pty233. [ 544.151154][T13361] FAULT_INJECTION: forcing a failure. [ 544.151154][T13361] name failslab, interval 1, probability 0, space 0, times 0 [ 544.180058][T13361] CPU: 1 UID: 0 PID: 13361 Comm: syz.2.1677 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 544.180095][T13361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 544.180111][T13361] Call Trace: [ 544.180119][T13361] [ 544.180129][T13361] dump_stack_lvl+0x16c/0x1f0 [ 544.180163][T13361] should_fail_ex+0x512/0x640 [ 544.180193][T13361] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 544.180230][T13361] should_failslab+0xc2/0x120 [ 544.180263][T13361] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 544.180293][T13361] ? kfree+0x24f/0x4d0 [ 544.180315][T13361] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 544.180349][T13361] krealloc_noprof+0x159/0x3a0 [ 544.180374][T13361] ? krealloc_noprof+0x1b4/0x3a0 [ 544.180402][T13361] snd_pcm_hw_rule_add+0x414/0x5a0 [ 544.180432][T13361] ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10 [ 544.180464][T13361] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 544.180502][T13361] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 544.180534][T13361] ? lockdep_init_map_type+0x5c/0x280 [ 544.180568][T13361] ? debug_mutex_init+0x37/0x70 [ 544.180591][T13361] ? snd_pcm_attach_substream+0x89d/0xd60 [ 544.180623][T13361] snd_pcm_open_substream+0x92c/0x17f0 [ 544.180665][T13361] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 544.180714][T13361] snd_pcm_oss_open+0x735/0x1400 [ 544.180760][T13361] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 544.180793][T13361] ? __lock_acquire+0xb97/0x1ce0 [ 544.180825][T13361] ? __pfx_default_wake_function+0x10/0x10 [ 544.180852][T13361] ? __lock_acquire+0xb97/0x1ce0 [ 544.180891][T13361] ? do_raw_spin_lock+0x12c/0x2b0 [ 544.180930][T13361] ? soundcore_open+0x35a/0x580 [ 544.180959][T13361] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 544.180994][T13361] soundcore_open+0x409/0x580 [ 544.181024][T13361] ? __pfx_soundcore_open+0x10/0x10 [ 544.181053][T13361] chrdev_open+0x231/0x6a0 [ 544.181083][T13361] ? __pfx_apparmor_file_open+0x10/0x10 [ 544.181119][T13361] ? __pfx_chrdev_open+0x10/0x10 [ 544.181160][T13361] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 544.181197][T13361] do_dentry_open+0x97f/0x1530 [ 544.181226][T13361] ? __pfx_chrdev_open+0x10/0x10 [ 544.181255][T13361] vfs_open+0x82/0x3f0 [ 544.181291][T13361] path_openat+0x1de4/0x2cb0 [ 544.181332][T13361] ? __pfx_path_openat+0x10/0x10 [ 544.181369][T13361] do_filp_open+0x20b/0x470 [ 544.181398][T13361] ? __pfx_do_filp_open+0x10/0x10 [ 544.181454][T13361] ? alloc_fd+0x471/0x7d0 [ 544.181500][T13361] do_sys_openat2+0x11b/0x1d0 [ 544.181541][T13361] ? __pfx_do_sys_openat2+0x10/0x10 [ 544.181590][T13361] __x64_sys_openat+0x174/0x210 [ 544.181627][T13361] ? __pfx___x64_sys_openat+0x10/0x10 [ 544.181675][T13361] do_syscall_64+0xcd/0x490 [ 544.181703][T13361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 544.181727][T13361] RIP: 0033:0x7f838f58ebe9 [ 544.181747][T13361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 544.181771][T13361] RSP: 002b:00007f83904a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 544.181794][T13361] RAX: ffffffffffffffda RBX: 00007f838f7b5fa0 RCX: 00007f838f58ebe9 [ 544.181810][T13361] RDX: 0000000000020942 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 544.181826][T13361] RBP: 00007f838f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 544.181841][T13361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 544.181855][T13361] R13: 00007f838f7b6038 R14: 00007f838f7b5fa0 R15: 00007ffceb166cd8 [ 544.181890][T13361] [ 546.978773][T13416] FAULT_INJECTION: forcing a failure. [ 546.978773][T13416] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 547.065995][T13416] CPU: 0 UID: 0 PID: 13416 Comm: syz.3.1686 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 547.066036][T13416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 547.066052][T13416] Call Trace: [ 547.066061][T13416] [ 547.066070][T13416] dump_stack_lvl+0x16c/0x1f0 [ 547.066106][T13416] should_fail_ex+0x512/0x640 [ 547.066142][T13416] should_fail_alloc_page+0xe7/0x130 [ 547.066179][T13416] prepare_alloc_pages+0x3c2/0x610 [ 547.066224][T13416] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 547.066256][T13416] ? __pfx_stack_trace_save+0x10/0x10 [ 547.066285][T13416] ? stack_depot_save_flags+0x29/0x9c0 [ 547.066323][T13416] ? kasan_save_stack+0x42/0x60 [ 547.066349][T13416] ? kasan_save_stack+0x33/0x60 [ 547.066374][T13416] ? kasan_save_track+0x14/0x30 [ 547.066404][T13416] ? __kasan_kmalloc+0xaa/0xb0 [ 547.066433][T13416] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 547.066463][T13416] ? subsystem_filter_write+0x95/0x120 [ 547.066497][T13416] ? ksys_write+0x12a/0x250 [ 547.066526][T13416] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.066573][T13416] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 547.066618][T13416] ? policy_nodemask+0xea/0x4e0 [ 547.066654][T13416] alloc_pages_mpol+0x1fb/0x550 [ 547.066686][T13416] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 547.066727][T13416] ___kmalloc_large_node+0xed/0x160 [ 547.066762][T13416] __kmalloc_large_noprof+0x1c/0x70 [ 547.066792][T13416] append_filter_err+0x8f/0x5e0 [ 547.066819][T13416] apply_subsystem_event_filter+0x75a/0x17e0 [ 547.066854][T13416] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 547.066885][T13416] ? _copy_from_user+0x59/0xd0 [ 547.066914][T13416] subsystem_filter_write+0x95/0x120 [ 547.066940][T13416] ? __pfx_subsystem_filter_write+0x10/0x10 [ 547.066964][T13416] vfs_write+0x29d/0x1150 [ 547.066991][T13416] ? __pfx___mutex_lock+0x10/0x10 [ 547.067013][T13416] ? __pfx_vfs_write+0x10/0x10 [ 547.067043][T13416] ? __fget_files+0x20e/0x3c0 [ 547.067073][T13416] ksys_write+0x12a/0x250 [ 547.067095][T13416] ? __pfx_ksys_write+0x10/0x10 [ 547.067126][T13416] do_syscall_64+0xcd/0x490 [ 547.067151][T13416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.067170][T13416] RIP: 0033:0x7f4605d8ebe9 [ 547.067187][T13416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.067206][T13416] RSP: 002b:00007f4606c58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 547.067226][T13416] RAX: ffffffffffffffda RBX: 00007f4605fb6090 RCX: 00007f4605d8ebe9 [ 547.067240][T13416] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 547.067253][T13416] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 547.067266][T13416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.067278][T13416] R13: 00007f4605fb6128 R14: 00007f4605fb6090 R15: 00007fff75827c48 [ 547.067308][T13416] [ 548.106399][T13434] __vm_enough_memory: pid: 13434, comm: syz.1.1691, bytes: 4398046511104 not enough memory for the allocation [ 548.212304][ C1] sd 0:0:1:0: [sda] tag#3153 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 548.222747][ C1] sd 0:0:1:0: [sda] tag#3153 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 548.867935][T13439] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 548.991505][T13446] 0x000200000001-0xa29656a63616329 : "" [ 549.023066][T13446] mtd: partition "" is out of reach -- disabled [ 549.442119][T13446] ftl_cs: FTL header not found. [ 550.199868][T13459] random: crng reseeded on system resumption g&[ 552.662001][ T30] audit: type=1800 audit(6049581369.659:18): pid=13514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1706" name="features" dev="configfs" ino=40429 res=0 errno=0 [ 552.697202][T13515] __vm_enough_memory: pid: 13515, comm: syz.0.1707, bytes: 4398046511104 not enough memory for the allocation [ 554.339319][T13537] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1713'. [ 554.885216][T13548] delete_channel: no stack [ 554.920040][T13547] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1714'. [ 554.978218][T13544] [ 554.980685][T13544] ====================================================== [ 554.987706][T13544] WARNING: possible circular locking dependency detected [ 554.994754][T13544] 6.16.0-syzkaller-11952-g6e64f4580381 #0 Not tainted [ 555.001545][T13544] ------------------------------------------------------ [ 555.008561][T13544] syz.3.1715/13544 is trying to acquire lock: [ 555.014703][T13544] ffff888026212358 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x103/0x400 [ 555.024165][T13544] [ 555.024165][T13544] but task is already holding lock: [ 555.031529][T13544] ffff888026211e18 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 555.042862][T13544] [ 555.042862][T13544] which lock already depends on the new lock. [ 555.042862][T13544] [ 555.053262][T13544] [ 555.053262][T13544] the existing dependency chain (in reverse order) is: [ 555.062267][T13544] [ 555.062267][T13544] -> #3 (&q->q_usage_counter(io)#18){++++}-{0:0}: [ 555.070882][T13544] blk_alloc_queue+0x619/0x760 [ 555.076272][T13544] blk_mq_alloc_queue+0x172/0x280 [ 555.082162][T13544] __blk_mq_alloc_disk+0x29/0x120 [ 555.087702][T13544] loop_add+0x490/0xb70 [ 555.092384][T13544] loop_init+0x164/0x270 [ 555.097320][T13544] do_one_initcall+0x120/0x6e0 [ 555.102613][T13544] kernel_init_freeable+0x5c2/0x910 [ 555.108336][T13544] kernel_init+0x1c/0x2b0 [ 555.113199][T13544] ret_from_fork+0x5d7/0x6f0 [ 555.118321][T13544] ret_from_fork_asm+0x1a/0x30 [ 555.123603][T13544] [ 555.123603][T13544] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 555.130811][T13544] fs_reclaim_acquire+0x102/0x150 [ 555.136360][T13544] prepare_alloc_pages+0x162/0x610 [ 555.141993][T13544] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 555.148403][T13544] __alloc_pages_noprof+0xb/0x1b0 [ 555.153946][T13544] pcpu_populate_chunk+0x110/0xb00 [ 555.159661][T13544] pcpu_alloc_noprof+0x86a/0x1470 [ 555.165203][T13544] bpf_map_alloc_percpu+0x9a/0x4b0 [ 555.170933][T13544] htab_map_alloc+0x10ca/0x1570 [ 555.176300][T13544] map_create+0x58f/0x1f80 [ 555.181237][T13544] __sys_bpf+0x44d2/0x4de0 [ 555.186175][T13544] __x64_sys_bpf+0x78/0xc0 [ 555.191290][T13544] do_syscall_64+0xcd/0x490 [ 555.196311][T13544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.202723][T13544] [ 555.202723][T13544] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 555.210543][T13544] __mutex_lock+0x193/0x10b0 [ 555.215652][T13544] pcpu_alloc_noprof+0xb4c/0x1470 [ 555.221389][T13544] sbitmap_init_node+0x2fd/0x770 [ 555.226882][T13544] sbitmap_queue_init_node+0x41/0x560 [ 555.232786][T13544] blk_mq_init_tags+0x12d/0x2b0 [ 555.238164][T13544] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 555.244268][T13544] blk_mq_init_sched+0x30c/0x610 [ 555.249772][T13544] elevator_switch+0x1e1/0x7f0 [ 555.255079][T13544] elevator_change+0x2ac/0x400 [ 555.260365][T13544] elevator_set_default+0x2c4/0x360 [ 555.266083][T13544] blk_register_queue+0x393/0x4f0 [ 555.271649][T13544] __add_disk+0x74a/0xf00 [ 555.276507][T13544] add_disk_fwnode+0x13f/0x5d0 [ 555.281806][T13544] nbd_dev_add+0x783/0xbb0 [ 555.286912][T13544] nbd_init+0x181/0x320 [ 555.291790][T13544] do_one_initcall+0x120/0x6e0 [ 555.297098][T13544] kernel_init_freeable+0x5c2/0x910 [ 555.302825][T13544] kernel_init+0x1c/0x2b0 [ 555.307683][T13544] ret_from_fork+0x5d7/0x6f0 [ 555.312794][T13544] ret_from_fork_asm+0x1a/0x30 [ 555.318072][T13544] [ 555.318072][T13544] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 555.326060][T13544] __lock_acquire+0x12a6/0x1ce0 [ 555.331431][T13544] lock_acquire+0x179/0x350 [ 555.336454][T13544] __mutex_lock+0x193/0x10b0 [ 555.341558][T13544] elevator_change+0x103/0x400 [ 555.346838][T13544] elv_iosched_store+0x2eb/0x3a0 [ 555.352297][T13544] queue_attr_store+0x26b/0x310 [ 555.357674][T13544] sysfs_kf_write+0xf2/0x150 [ 555.362773][T13544] kernfs_fop_write_iter+0x354/0x510 [ 555.368665][T13544] vfs_write+0x6c4/0x1150 [ 555.373519][T13544] ksys_write+0x12a/0x250 [ 555.378357][T13544] do_syscall_64+0xcd/0x490 [ 555.383374][T13544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.389781][T13544] [ 555.389781][T13544] other info that might help us debug this: [ 555.389781][T13544] [ 555.399991][T13544] Chain exists of: [ 555.399991][T13544] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#18 [ 555.399991][T13544] [ 555.413816][T13544] Possible unsafe locking scenario: [ 555.413816][T13544] [ 555.421340][T13544] CPU0 CPU1 [ 555.426704][T13544] ---- ---- [ 555.432062][T13544] lock(&q->q_usage_counter(io)#18); [ 555.437443][T13544] lock(fs_reclaim); [ 555.443934][T13544] lock(&q->q_usage_counter(io)#18); [ 555.451831][T13544] lock(&q->elevator_lock); [ 555.456411][T13544] [ 555.456411][T13544] *** DEADLOCK *** [ 555.456411][T13544] [ 555.464553][T13544] 7 locks held by syz.3.1715/13544: [ 555.469735][T13544] #0: ffff88807c5d97b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 555.478801][T13544] #1: ffff888024d70428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 555.487968][T13544] #2: ffff888059111488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 555.497916][T13544] #3: ffff888025636c38 (kn->active#156){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 555.508017][T13544] #4: ffff888026230368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: elv_iosched_store+0x337/0x3a0 [ 555.518647][T13544] #5: ffff888026211e18 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 555.530350][T13544] #6: ffff888026211e50 (&q->q_usage_counter(queue)#23){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 555.542306][T13544] [ 555.542306][T13544] stack backtrace: [ 555.548207][T13544] CPU: 0 UID: 0 PID: 13544 Comm: syz.3.1715 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) [ 555.548237][T13544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 555.548249][T13544] Call Trace: [ 555.548258][T13544] [ 555.548266][T13544] dump_stack_lvl+0x116/0x1f0 [ 555.548292][T13544] print_circular_bug+0x275/0x350 [ 555.548318][T13544] check_noncircular+0x14c/0x170 [ 555.548344][T13544] __lock_acquire+0x12a6/0x1ce0 [ 555.548381][T13544] lock_acquire+0x179/0x350 [ 555.548404][T13544] ? elevator_change+0x103/0x400 [ 555.548432][T13544] ? __pfx___might_resched+0x10/0x10 [ 555.548453][T13544] ? elevator_change+0x103/0x400 [ 555.548477][T13544] __mutex_lock+0x193/0x10b0 [ 555.548498][T13544] ? elevator_change+0x103/0x400 [ 555.548528][T13544] ? enable_work+0x245/0x340 [ 555.548545][T13544] ? __pfx_xa_find_after+0x10/0x10 [ 555.548570][T13544] ? __pfx___mutex_lock+0x10/0x10 [ 555.548593][T13544] ? blk_mq_cancel_work_sync+0xd8/0x110 [ 555.548615][T13544] ? __pfx_blk_mq_cancel_work_sync+0x10/0x10 [ 555.548638][T13544] ? elevator_change+0x103/0x400 [ 555.548663][T13544] elevator_change+0x103/0x400 [ 555.548690][T13544] elv_iosched_store+0x2eb/0x3a0 [ 555.548717][T13544] ? __pfx_elv_iosched_store+0x10/0x10 [ 555.548748][T13544] ? __mutex_trylock_common+0xe9/0x250 [ 555.548774][T13544] ? __pfx_elv_iosched_store+0x10/0x10 [ 555.548801][T13544] queue_attr_store+0x26b/0x310 [ 555.548825][T13544] ? __pfx_queue_attr_store+0x10/0x10 [ 555.548853][T13544] ? find_held_lock+0x2b/0x80 [ 555.548870][T13544] ? sysfs_file_kobj+0xe4/0x290 [ 555.548892][T13544] ? __pfx_queue_attr_store+0x10/0x10 [ 555.548914][T13544] sysfs_kf_write+0xf2/0x150 [ 555.548934][T13544] kernfs_fop_write_iter+0x354/0x510 [ 555.548952][T13544] ? __pfx_sysfs_kf_write+0x10/0x10 [ 555.548972][T13544] vfs_write+0x6c4/0x1150 [ 555.548995][T13544] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 555.549014][T13544] ? __pfx___mutex_lock+0x10/0x10 [ 555.549033][T13544] ? __pfx_vfs_write+0x10/0x10 [ 555.549061][T13544] ksys_write+0x12a/0x250 [ 555.549082][T13544] ? __pfx_ksys_write+0x10/0x10 [ 555.549105][T13544] do_syscall_64+0xcd/0x490 [ 555.549128][T13544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.549147][T13544] RIP: 0033:0x7f4605d8ebe9 [ 555.549164][T13544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 555.549182][T13544] RSP: 002b:00007f4606c79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 555.549201][T13544] RAX: ffffffffffffffda RBX: 00007f4605fb5fa0 RCX: 00007f4605d8ebe9 [ 555.549214][T13544] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 555.549226][T13544] RBP: 00007f4605e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 555.549237][T13544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.549249][T13544] R13: 00007f4605fb6038 R14: 00007f4605fb5fa0 R15: 00007fff75827c48 [ 555.549267][T13544] [ 555.889170][T13544] tipc: Started in network mode [ 555.894381][T13544] tipc: Node identity ee00, cluster identity 4711 [ 555.903260][T13544] tipc: Node number set to 60928