last executing test programs: 8.887887852s ago: executing program 3 (id=1083): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0x2, 0x10000000000002a, 0x0) socket(0x27, 0x800, 0xa5) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r0, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r1, 0x27fff) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) socket(0x15, 0xa, 0x5) syz_clone(0x40000000, 0x0, 0x25, 0x0, 0x0, 0x0) ioperm$auto(0x3, 0x7fffffffffffffff, 0x144) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0x1a, 0x6, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) socket(0x2, 0x3, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="09032dbd7000fcdbdf15260000000800070065000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 7.402968654s ago: executing program 2 (id=1088): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) mmap$auto(0xfffffffffffffffc, 0x20009, 0x4000000000df, 0x40000000000eb1, r0, 0x7ffc) r1 = socket(0x2, 0x2, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) ioctl$auto_SG_GET_SG_TABLESIZE(r2, 0x227f, &(0x7f00000001c0)) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/mounts\x00', 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) unshare$auto(0x40000080) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000000), r1) r5 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x5, 0x37, 0x10000}) sendmmsg$auto(r5, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000100)={&(0x7f00000003c0), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) ioctl$auto(0x3, 0x80108907, 0x38) lsm_list_modules$auto(0x0, 0x0, 0x0) 6.802584242s ago: executing program 2 (id=1090): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0) openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/kernel/debug/o2hb/failed_regions\x00', 0x200, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}}) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000440)={{@inferred, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9", @raw=0x2}, 0x0, @iec958={"15a2efc2d3924d554f9814e38bcc84af07a18f8b739d1f06", "a85427ff70455fde648eff0148d9981bdfad7ad3c7a0149f7ac7b52eafa482a5534c2b189e11b1850033c47bc4d5ef8484223aaf5cdf275c0d485b701bfe944a5b7dd0e922c8311d7c2b5ed8f6ac4a065ba0cc686a2bae512eb2980c9035cb1db1c570a5aa1a6e6a4209658f258fa1d6c61411a5b075f7599e3fc8f6d15b5ef46510a3d0e8e2438971b181b384d3f35c611cec", 0x0, "265fab37"}, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188ba00ab57d5d73b094925aa928ca41e93023ab4510269ed900009a7895fd181a33375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea81f7e333cf1c9da590b3fea1258074885c899d75cd52751f9be959d90fa5c200"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4ec800, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x1a3780, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x572f14dc, 0x80000000, 0x80000000, 0x0, 0x7, 0x6d3e, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x3, 0xd, 0xffffffbf, 0x948b, 0x0, 0x15f4da0a, 0x41000000003, 0x9, 0x62, 0x8000001b, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x814) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) 6.639893628s ago: executing program 3 (id=1091): socket(0x2a, 0x80000, 0x0) openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ubifs/chk_fs\x00', 0x100, 0x0) mmap$auto(0x7fff, 0x81, 0x7, 0xeb1, 0xfffffffffffffffa, 0xffffffffffff0000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) pipe$auto(0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bdi/43:192/wb_stats\x00', 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180), 0x9}, 0xb) prctl$auto(0xffff7fff, 0x16, 0x0, 0x2, 0xa) r0 = socket(0x18, 0x2, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/pcmC1D0p\x00', 0x1, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="681281f6", @ANYRES16=r1, @ANYBLOB="000325bd7000fcdbdf2505000000"], 0x14}, 0x1, 0x0, 0x0, 0x48c3}, 0x200c0085) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000001080)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x40100, 0x0) mmap$auto(0x6, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x1b) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x1) 5.642846782s ago: executing program 0 (id=1092): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xca, &(0x7f0000000340)='\x04>2\x1b!\xe2\x00\x94\xf2\xa2\x00\x00z\x0e\x8d\xea!\xbc\xf8*\x84(rw\xee\x9c\xb4,\xdaW\x0f\xef7\xbf\n|\x9a\xd9\xc3\xe7%\xeb\x1b\xd0\xc4\xc0\xae\xf6\xdf\x90,\x84\x12o4\a\x87\xe6\xe6\x17t\xb3<\xed\x91*\x8a#\x938D\xb6s\x9f\x14\xd4\x97\fY\xad5\xf5\xe9Iv\xe0\xd9\xfd\xff\x02idN\x94\x81\xc3\xa6\xb1\x11pM->0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) 4.686217904s ago: executing program 3 (id=1094): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) readlink$auto(0x0, 0x0, 0x800) keyctl$auto(0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x101) bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000180)=@link_detach, 0xff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8002) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10b402, 0x0) pread64$auto(r0, 0x0, 0x100000001, 0x100) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/net/dev_snmp6/wlan0\x00', 0xc0000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/hid/drivers/hid-udraw/new_id\x00', 0xa8902, 0x0) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x204080, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400004, 0x8, 0x9b78, 0xffffffffffffffff, 0x8000) ioctl$auto_RTC_PARAM_GET(0xffffffffffffffff, 0x40187013, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) 4.281348318s ago: executing program 0 (id=1095): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x8d, 0x20009, 0x4000000000df, 0x11, r0, 0x3) r1 = prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffafff) mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) getsockopt$auto_SO_WIFI_STATUS(r1, 0x1, 0x29, &(0x7f00000000c0)='(/)\xa1\x94**])\x00', &(0x7f00000001c0)=0x2) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/kvm/irq_exits\x00', 0x2100, 0x0) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) r5 = open(&(0x7f0000000280)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x20102, 0x100) write$auto(r5, 0x0, 0xaf0) ioctl$auto_NS_GET_TGID_FROM_PIDNS(r3, 0x8004b707, &(0x7f0000000080)=0xbb7) read$auto_stat_fops_per_vm_kvm_main(r4, 0x0, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x400020009, 0x10000000000df, 0x13, 0x8000000401, 0x7fffffffffffffff) semctl$auto_SETALL(0x2, 0x6, 0x11, 0xb1c) 4.272626106s ago: executing program 2 (id=1096): mmap$auto(0x0, 0x4, 0x10004000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b7f, 0x2, 0x8000) madvise$auto(0xfffffffffffffff9, 0x1f0, 0x7f) madvise$auto(0x0, 0xffffff7fffff0005, 0x8) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0xc0402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40103d0b, 0x0) r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x200007, 0x8) mmap$auto(0x6, 0x1ff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7fff) timer_create$auto(0xb, 0x0, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/fs/ext4/sda1/lifetime_write_kbytes\x00', 0x0, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) adjtimex$auto(&(0x7f0000000500)={0x3ffa34bb, 0x0, 0xfffffffffffffff5, 0xffffffffffffffff, 0x3, 0x9, 0x26ab, 0x0, 0x8, 0xa, 0x0, {0x9, 0x3}, 0x10, 0x5, 0xffffffffffffffff, 0x8, 0x0, 0x5, 0x8, 0x8001, 0x51b, 0x3}) open_tree_attr$auto(r1, &(0x7f00000002c0)='./file0\x00', 0x4, &(0x7f0000000300)={0x800, 0x7, 0x1, @raw=0x7}, 0x200) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), r3) capget$auto(&(0x7f0000000140)={0x2}, &(0x7f0000000180)={0x3, 0x9, 0x200}) unshare$auto(0x1) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f00000001c0)={"fc780d68d3e52d2c060bb6f5d066bacfb627790aa8a64480ad1f1ec85108b5ce", 0x1, 0x8, 0x763, 0x401, 0x5}) socket(0x0, 0x800, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) 3.681669831s ago: executing program 3 (id=1097): mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socket(0x15, 0x5, 0x0) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) (async) setsockopt$auto(0x3, 0x114, 0x7, 0x0, 0xa0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) getpgid$auto(0x1) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r0 = socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1fee0, 0x3, 0x6, 0xfffffffffffffffe, 0x3, 0x5, 0x5, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x8, 0x800, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23c, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd]}, 0x1fe, 0x82) (async) socket(0x2, 0x801, 0x106) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) r1 = socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) setsockopt$auto(r0, 0x11, 0xa, 0x0, 0x8) 2.606089006s ago: executing program 3 (id=1099): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_CQM(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="60120000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fddbdf253f00000042125e80120157803b38694e6b0fca720453224d88a2393983143415c642e3c360ab48d694e21204e89b4c8ab7d4be6f1bd65055c54d3fedb9b4591e6ee6576b1f011e23c80c6ea478e8f3da21f26ade35148398f2ef3e09640a60c3c91182270b133cd2c31dc32b05b5ee01b088c4974eef13d2e4f95cb2ac0310e4be67d9c413ba544ba9032697b70cfabb60ec8054e108535328bdec1e0b739a64b91ce719be7daf4bef038618c8fccd0944385a98747f2a7268f08864bda87a2213c48acc5e6c42979968e0f3768eb883808e04e10e569b844eaaeaa3189ba059a1cceea2c7c642a436757dd6815ec3f1582f74e9dee4e0f7e472575ed6621d42aeaa18af25da7d3268e408003100", @ANYRES32=0x0, @ANYBLOB="080081000700000000000400058008002600", @ANYRES32=0x0, @ANYBLOB="67a34f3643a24c499e4c63b8933bc03715b91d650cbaa8940368ce12126cb0aac0004ecf7aa17f73a3580b834e2e6b914d225f52f74ac0fea28df7265abd3ee736be519502d1717de6cd8673330df94952258d016e7ea44db5c61bf50173c5f714008eb6ba9a3ec87482ad4433f20ae1aeaef535a29b40dc43a545955f7c53b5bc1c64e04a1f25edacecc1e88d36cbcfde4c02e45b5a5d96c28b396e509d080083007f000001140083000000000000000000000000000000000164100080081001800400e6804f9d3286f5dc37e371f2459a3d66ebdfbc0ffda4cd833e918c26af5fd11a1099cf1bafb1021a26bac24ecbd707760cd870c1561769fa8c7e9a939af2db3a623ac30c74e2d416fb9af4b9f936e69756ea46e2ca2b5fd29901458eba4ec4f39bec5c9948a29368c214eec7410d0117d0eeb576c3a522600b452fb976eb7e0fa7d306778d000bc42187176a9921361dd2a35d73b58cfc18c6692d74059fda389d16c17708dda577c841913e44028f9421866c3b5f2fdfe6cec6dca9949c9565b7819064e6d58eb88c6f3206013985acbc070726d3a18ede631b42b63e48e22bb3eb3310ce27ed3d87788dadd5b689768f5d9a1851f571a532595e242e8193fb161d541cf6cf8b33d1ac2f50cb54486d88af170aaad39514a106b69034e566a8683dee50b27ad1197cd43d4e1f86a11056f50af8a2a22712534dddb5038f30e7f9ed9931d73f18a01c2ae5be38a9d7997e9ce58d870cb1053a892e1b121f1a3ddc5f77d0e8732f2831d4cdc963f0914b6571a42c8f84b3f5f56b00903a820a383aae4d18152b4971974fe87c021438e2c83a0fc7aea2b928292d41bffe9c8a0530e5100e1d758d4ae7400bade7a8f8e5bcec452c0956ff05cac08c513de68f87ba7c43ab2296ee307bd1974d277b6a1bd9ea8e8aae39fa1cbafaedd754b6ffa0a1be7bcd1ee8a21d951eb5817fb3cb8f6fe6de3ef17cd5e2732914ce89185bce0cefdaeecd0d11d6857d798411db6e54e4a4541fecd51b8e182d068ce78ee082dcd94c0d82533dfde08ec897128faad32bb46685ddc3ec95472aba2dfb8a9b74352bd81faeb23cdc62115b88c4d48f65c5039e333c02dfbfcd742852cc9ad54274cd3917137de8e8e9ab7b73b64f86051d996f7574b5f66eb9bdfa7c28350aa1e5358c54de919fd9b0b8b9cb6742f91611ab6fa32f7e26d5f031e3826edd4e9a1d8b4683a983b9b5c31ee73bf5e534e0f076c7da397d47274c2ccfc5fbac9c94d219858ecf9cbec11ab987cd5e3efe607670f2075045f7fa76aa8b0e39a58b11efdf611c8ab9fe1ca4d16487f88bd4d144fe32315a1b006986c392bb2159ec69a6315ee61b97f49e24046859d019ac7d55782a3a1eacf3e09c61270e20a74125d574083bf57a8ea7fd4b3408c66d3a9d8ae40020ae1032a119234507dff4bb5dbf5fc434adcb01730ed5d88fe385012bd2d043291420576e36c0368a0a57cfa58319209402c836b06bfcc5f3a715075df18cd8e4eba8918aefa03bb0581df7ef430ce922f046cf7342f70b1902c9456196ef2e2ef606a4f2278d6ebc5b982af304aadc47e3481e4300d5ef1c2c4677cd370219ce8f5b88f33ff139fa5a102311406746af4d69a579fb19f633b58cf80205774514138392b42d1a49c24f6976380fc388073299b78e495e278d227288534bfea710bf44e2284ae5906324839004b6540d4fa7e866e8aa91707a63193fa955ec5d673c1a9cbe5eb056a53f60a067f998234dd10cdd6eb234af4e898bc31a0f64ffb774f09748a2eb2289bec50ddb5b06b11e08512dc7bfcfa4c4bbaa842a439d9db5b182ad749d23a461a83f530d1aadbe103726f6dcebb044486578acb34ad7390c691e564fde7289ad818797e4363d995a3828a67218b7374e3f02f023a3aa92c7e5dcdc179efc2407a49d3e7a8c6e0edde033e3060482163291eafdeff6a2dd194ac208ebb82827bcb60188ec9b71192c4b7843729fbb65f049e11640aab0ddbb6544d75f36f5961e68c02edd3892cb24a6b25c426ce7e6b104498087e47f67b786596fa7c02ce1956b710ca5df9282509378faa646312186495863807b7e2f47cdef0fb21579576b2700ae11c2db7b2d04fbdcb677e67db4e33dc017d7eba07392c80653193d42e9f4159db3fa71808971730c3b1906721b14939751da8d370c3909bab48a518ac61da7132b5ba284b94ca521d178057c747b55bca88545e7dcbc2a06933e12be65efa79d822853132e87f7c6539a127a501abb2421c8365e486b6ac9bf955dbe1643fa5faf8267de3f92e64feaed768b088ca5c8104bd09823fd38a119c73b0d208a608f80091736e0e1817373e87d1bcfd1be5e7a78735505d5dc023312da6cbd0d41d0594c94d2cd0235b81a56420f98e8ae22c4cd66c0c22a4aa584cfdaa441492e3c8432c0c64b00a59c6f7daf490ddce33e44a7f86012ab1c6c3a97802c7b966c6aa4e8c22d7db072680bcb0bad0cf81f03b48908ef8eb096af0ad1c1a8cd1e5a76cfda5ff3d30c4a5750b241ca655b7c68e9b1a1813fce539b5621aa6a969ea4984ea6e8dddff49ff16446fbcceee05d516917b90ac1d4e9638081ceaabbd41cbcb541a993b8e89999b9c8ee6148f1b2c1ade6270a871f1f3f683ebd9b391628977f27795566999932898f3a227ac1c725a34c201d8fc1405bed0d91d83348e0b3e3be09e0cf49f4148dca0c8373983714da584224a0ff37d051e6722b9c5669a295b812ce8d2e7b4f1bea4a28acc0fd647304de5bb8a9de4d56167b4ab4362729ae33dc43a1f50d51aa07e60d352b471d332610d9110d08905497a56cff0e65cfdab5c125ab8bef8e0bf6fc70755dacac1454c57e93c188d29f00612a15cd26fc3b46552c95410dd81bf1b772ac179ee25a4f4117792c7bf2177d93d636d66822487b34f215b8c9fae1884230b3ee022414ccd52faace045206de9d67f3ef8e6e134492e70ebcb0a0db67ff838ef9943393a1e21c2681efedb3f60ad7555d8e65bb1e67b17bfb2b5a596fb0d9afccad7a720d5f868e6f534dbddb19004021d5f28146d1d96a35e311d3f28a05538904893929a5e69dfa508753a08871721a35b93c2d6b71ab97c58b6a6460c246587a8a6acc165a39f8f83be478a9616ba720ade7dbe21eee9ff9c83acca284d75aff38747ecbff40d9972718e514069895bbc8264a5df1ba92817c79d2b2743dbe6ddf484d0bc6fa888d22a1e562ba7eb72d06f9a8269280c87aa228e110fa12c3efebcaa2061857e0e791a8f696f8bcdb5322151a158c181ec9eb6fc6c6a1b21915acc940dc479d3124039162b4bec71f59a60dd6fa52e01d370f1d128baa6013f242f81b342097a46bbb719c0fcda1e96f640df394b52970d83f9ff4c17032d2c678175ca0a67fcf96827c03d947775465fb215aeb3e7a2e61b894b8a708e19d723e0a3b5092ad53996493a19d45da7045bacae2bc5ece379309504101d06225dbe2a06338f390cad72dca28ff9ad86eeffab2e4217df4d22a81cb1f9a232233ccc4fa07f972e02efae6d6cca4d6ccb70de3f67d5f9a4935ee24f12468879fcfaa9521696efdf0f262d362ecfd4fcaa66102985b1b99f576d7a80deb0e0e7a7b1ca10ad804df3c5e15d0b9a42cc5313aec9e1fa6e5a80d653291988f03cb2404f8874925f4279a20af1d821533c6af18e9ef618b6588d28dc030f98ed32a1b74cc6dfad2548d1469efd6107f3ca178870f2e894d48c962a57d87ad290fbce440ccc9b34f0b0ee2a562efbc33cbf7469af40ef44c4eb55f48c9780bbf338d367a7979c8f689960d7f80689631209bf7700c86839c225e4e5ef374cb92252c3e6ea3d95badfee2e0bd2546005a19572ef18b97010714b3eebc25309d7b01af6786e96208126ab0ec4820e75ce420db45f8264e0acbe063a7c340ced860d2f85fd140460c9b64fd949abd41c47a96dba2d589e6c38dda1a94b67dcd37c3af44a84531cbceafb65591edb2bc21b74d79b59a29037dedf6f37e3527509d5b28031f3072611deaa62682a58c4a77ad959b61dfcd1fd2a617afb91c9d29ef358a70841df7313c6d52601160b061165c4851e1497ac6162165d4558e0c18b8217a4f656873dad090659faa4936267d4322cc973762e1e4c9dc232dab90d2b682d57d115b47be4fd093ece7844b5bdac07efbad8f21864fc2496ab3448e9e7a22dc80aeeab304a1b7bdba03ba196511da60c615aed3b1ccf0622852b8fdc53ac1ca4b29f469a2f4a2ae9482853fa23377c27903cc820abcf350e5df4e00b4a004ed0178b837308a5a5d8eb74027d37076a6ac68a48b0b28c8fa333528a40d83c64bf9017db8294afb806be56be448f5375d88b3983fe4b0f02caa27bb6e7ddbbcdb70ad825e230b765fd621791cfe1c4231f5ba2c1368df7d85f05b71ca7e6fe034356a0b75ee8841a308a11cefff15ed855417e51f908c580647d7e808be4d246ac3cdfeeb859e1a01a1336b5ec5bce4e6ab8952069280b6387304dcdbcfb5810e46d090bfab07d9f07744ddc913e7e9488496fa4ba849b458667aa7b445e9aeea9a6f79fc1c58a44f5dd3a21b9e1eb7c35407be193c51e98120608142c68e21974406e1778701d7ff45ceb5a8b9f905b811e61e035def42570ddc4cfd4a616704f8f37d454a0146895e6460b696e5c0a0e471843ebacdadb9acecaab4f26695a2e51b0c7de7b827aadaf15b6fa4689c1d79eb8c15b9305fae6f280a9c81c3f6e6c40e9cfa48f61ba119f247a3cb62fb972168d3d169efecda069a6247f55fee3a91c6fb732004437b1a8a19b38ef806bbd70af4f2387b635b37be1fe926c3c5312d9a48b1ee3f43ae973489a52a759a9e205ef6016973950e80d75bbbfc21e5e705dcfbb3247d26dcbb189127527c4b1c70259eb091511e88aa93e106b948715acca28d2b88169c156ac62a09caa132ffcce3ea40123dbe79a5ecdfbbd3bf980728bc7b98e9ccb7892b6996a8c009b0ed2f7c69c35c50ddfb2df05e875e3bce83c96d2ddd522e822f3f9128a7d80adf62b1871403950c4ab03da3f2fe31b8c1414ecf2489e0718b68bd660510c6cdc65bb893eebd4ad81b4ffd93ee20aa6533e8476e542f095bdff331f467accff8866fea9191a7b73b47008067f2fc43cf4ffc0fdaa0035bc44c7a9147c136b76b059ba33551069be8fe76b0422e26365443ffbd54c21d3c33fccf41a3a267de5d204de4c5da2c62df6bedd553a20780e6510a4ba3bc1a0cdfd26b2ff9f359d83e53daa232f06392a10217382ce20f9732b181877b9a8c39d2f52629c682e11ca6cec671b2c11eb8e11ce3ec52cfe857ee0cf6cccacf70de2d3f5fad104ba578b7a543907ac30d19a0042a8d0844665e4118f6bec03b15cb3541553f0aba726f4884521ac4b8d6270787e9a9e6466e9186f579d22b84305c3a5ba884e0be911ce87c16490de860dbcaf3abc83ea9cc9ee7650b629a0a75bf21d7601eb23ba719b01e44cf6571b21e4cb3ecd07ef2b20e37fd7f6367d6dba9fec5a565e01d89e1046f346e94185ad1097df8663cfbb49c4c0deab6afb339bfc393d9670bb2d38ed372bdea496a7c4e9be26bf74b3f242bd544e55c81c022237d8084df1df66e697c7e72731e752609f8bad9059241e8b8c778e4a19da51067d61c1da151df71089dee888b7b6dd2079c2e2de548b0a9a4e1d8fb61ba64b05dfb8fb31875f8f95df18c2c54c3cc38e3733bbf3608cc47c65d9fab1f8c2ee78a407dc0431e3097e2a95e881c5c70cd66e9bdece8201173bbe1a251f5a7ef40ecc31cf1b0d3f0100fc486c25dbc6b976e1ab30194639b9250b5efa4d2c4a6d22d92541e155ee669d54fd59487cc5d67c69c1c05517c399ae3e734e8b1fd43c4e1a17bf27ef926cabdee9aaf06776b6ce7f3ae034958df4e41a346be04931df9cc5c713a5f6c4cc28263a8c57da46dfd11da13906d562c5c38c1bcb92b3f7873d72d8f14605ff80f1db1452f76ed29775e6a7e01ecd21a3a3db9798d4c1322d1ea55724b20c7c8f853be621c1af3a440f8664ccd9dabdd4d99aa06046c70d088b08f07c52fbdc13be7c68fc9e96507ba7d78e0affcd8d011ddd818b6df6bb92a62a485193841dd0ff0c0888d57b6ec262ec7ca942ae603b7e9a9a05c10e7b36b0c00548008007900e0000002000008000300", @ANYRES32=r3], 0x1260}, 0x1, 0x0, 0x0, 0x1}, 0x8000000) connect$auto(0x3, 0x0, 0x58) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, 0xffffffffffffffff) (async) ioperm$auto(0xc5, 0x4, 0x2) gettimeofday$auto(0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) r4 = socket(0x2c, 0x3, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) bind$auto(r4, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r4, &(0x7f00000000c0)='\x95\x8f\x90\xbb\xba\xe2\xe4s&&^3*\xec\xcc\x1e\xcaz\x8f_\xe8\x9ax\x9fw\x97\xf4\xed<;\x1f$]CY', 0x4) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) (async) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/module/kvm_intel/parameters/vmentry_l1d_flush\x00', 0x82942, 0x0) sendfile$auto(r5, r5, 0x0, 0x200) 2.24081377s ago: executing program 1 (id=1100): semctl$auto(0xfffffff6, 0x5, 0x5, 0xfffffffff7effffe) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) pwrite64$auto(r0, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x00\x00', 0x7, 0x3) socket(0x2, 0x5, 0x0) listen$auto(0x3, 0x83) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sched_getattr$auto(0x0, &(0x7f0000000000)={0x5, 0x80000001, 0x2, 0xc19, 0x1, 0x0, 0xfffffffffffffff8, 0x4, 0xfff, 0x1}, 0xfff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x3ff, 0xffffffffffffffff, 0x8001) mmap$auto(0x0, 0x801004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) getpgid(0x0) socket(0xa, 0x801, 0x106) 2.198955156s ago: executing program 2 (id=1101): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xca, &(0x7f0000000340)='\x04>2\x1b!\xe2\x00\x94\xf2\xa2\x00\x00z\x0e\x8d\xea!\xbc\xf8*\x84(rw\xee\x9c\xb4,\xdaW\x0f\xef7\xbf\n|\x9a\xd9\xc3\xe7%\xeb\x1b\xd0\xc4\xc0\xae\xf6\xdf\x90,\x84\x12o4\a\x87\xe6\xe6\x17t\xb3<\xed\x91*\x8a#\x938D\xb6s\x9f\x14\xd4\x97\fY\xad5\xf5\xe9Iv\xe0\xd9\xfd\xff\x02idN\x94\x81\xc3\xa6\xb1\x11pM->0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) 1.403055867s ago: executing program 3 (id=1105): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = socket(0x2, 0x1, 0x106) sendmsg$auto_OVS_VPORT_CMD_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000021}, 0x20000000) r1 = socket(0x2a, 0x5, 0x4) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000240), 0x1}, 0x3) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wg1\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x20, r6, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_CABLE_TEST_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r8 = getuid() r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x11, r9, 0x4, 0x0) ptrace$auto(0x8, r9, 0xfffffffffffffffa, 0x8) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x430, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @ETHTOOL_A_DEBUG_HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xffa}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x24d6}]}, @ETHTOOL_A_DEBUG_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x377, 0x2, 0x0, 0x1, [@nested={0x202, 0x112, 0x0, 0x1, [@typed={0x26, 0xf, 0x0, 0x0, @uid=r8}, @generic="a7527aad5df2872269eaca530afa559967effe6def40c8551fcbae8afea9549999e3eda70bcb77f5da3b1b5bf54f1442b5e7acfb42df47a182537bbd9290c4a156f4ddc255795d74f7c868907a419e580a209bba884aff181c38c918f358338f971ddad8de4c47ecff0e3818d43f6b73881c91de0c85ee264c96db06103a5ce7dc2f97d4d1af7fe6d52f2743e95c9cc78ad52866c1892798c1eda70250", @generic="6a4ef862b5185f6fff4ebbd938b80ff1a58ff86a24300a96d8569fe1cca5fc5b5dd4620c9f07cc0393a78128c8dcb042b541a801a91ae82298cf2098f54578ec7155121f5df3990b0eb7f40dd82003b54dc8ee862d5ddfa81a4e6bf10fc6653957b0691a7d3dd631b46d8e61239fe1b95fa0e569d1bc6ef6ad87aa712ab9cdbf3ce0dfd90cc29f1075f750a0741e1a4f07", @nested={0x4, 0x122}, @generic="4d69618e66a790120c3856714586336e88fd15d16e7806ac34219f7207728314a602a1dbfac7d5e7c5363ff6010ac087025b2e634fdf5bf34bd7888d98869c0f0e3ca3fe63584f78f0bf2ba906cbb12ca8fcadd1960a36862bac9a79aabe01573ba5ff43e258c6e8970d3bbf76f7359e9fdd59ff6b0b5ee861913c46f72e9ba8fb647cb50cf3a485cba2c061768778b25e24aa249c3e6537974a20a17fb6aae351b900cbe04f1f72", @typed={0x8, 0x62, 0x0, 0x0, @fd=r0}, @typed={0x8, 0x8e, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @typed={0x8, 0x25, 0x0, 0x0, @ipv4=@rand_addr=0x2}, @nested={0x4, 0x7}]}, @generic="c5e3dfae11b09e4edac5201c8ef87cc237f323902714f32f905ef77e95f610b6ab7c9c0740c696d154b64bc7480c3050907ecb6a8ece9e0b69c6126cd8ae0df19f48e9089e3ce401ee80ffb314209b3f1b0b5baad2e82512a4e88dd5b051c32350f9a637961a7312a767985b76cefef08a94eb8493fa2374030a25ffa0af46c69bfd6ba2c500b34604d76a4f692d36fb34d84958a5d460a0755fcb6e061c84810e93197992ab18", @generic="87c1d4993b5342f86deee41d6c7a47e5691347aadc8e2931a2d8460a90c3badf19765eae2afbea383007ab0f44757d074d2963acc12a06d74595a83cbfb82e97ceb5d61fc423c8edb192559e084b84f0b154cfc3a240e520e209882465f632efd2d2c984320fb9e5", @typed={0x45, 0x71, 0x0, 0x0, @str='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00'}, @typed={0x8, 0xac, 0x0, 0x0, @pid=r9}, @typed={0x4, 0x4f}, @nested={0xc, 0x6e, 0x0, 0x1, [@typed={0x8, 0xe7, 0x0, 0x0, @ipv4=@multicast1}]}]}]}, 0x430}, 0x1, 0x0, 0x0, 0x40}, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x20499d, 0x9) 920.566083ms ago: executing program 2 (id=1106): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x103002, 0x0) ioctl$auto_SG_SET_TIMEOUT2(r0, 0x2201, &(0x7f0000000000)) r1 = socket(0x2, 0x1, 0x106) socket(0x18, 0x5, 0x2) mmap$auto(0x192, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0xb) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) setsockopt$auto(r1, 0x1, 0x9, 0x0, 0xeb66) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, 0x0, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c) unshare$auto(0x40000080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/mode\x00', 0x121102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x7fffffff) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000140)=""/1, 0x1) setsockopt$auto(0x400000000000003, 0x20000029, 0x21b, 0x0, 0x3) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x4) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB=' 6\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fcdbdf25030000000400"], 0x3620}, 0x1, 0x0, 0x0, 0x20000055}, 0x200400d0) select$auto(0x2, &(0x7f00000001c0)={[0x0, 0xfffffffffffffffd, 0x5, 0x800, 0xffffffff, 0x4, 0x2, 0x3f0, 0x5, 0x1, 0x100000000, 0x3, 0x9, 0x8, 0x6, 0xa4]}, &(0x7f0000000240)={[0x0, 0xb, 0x3, 0x5893ff0d, 0x6, 0x2, 0x5, 0x6, 0x1, 0x9, 0x2, 0x2, 0x7f, 0x8, 0xff, 0x34]}, &(0x7f00000002c0)={[0x5, 0x2, 0x3ff, 0x6, 0x7, 0x2a86, 0x60, 0x8000000000000001, 0x6, 0xe8d7, 0x4, 0xb, 0x9, 0x100000000, 0x0, 0x40]}, &(0x7f0000000100)={0x8, 0x3}) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) 785.302427ms ago: executing program 1 (id=1107): mmap$auto(0x0, 0xe986, 0xdb, 0xeb1, 0x401, 0x8000) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0xd5, "36a210d97d4c9f6bd4aafa4ed15fdb9c571daf044ae6ff089930def80ce28999", @raw=0x5}) ioctl$auto_SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000040)=0x8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r2, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd700002dcdf00001800018014000200766574940bfb8c7e2e99b529ef68305f000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) r3 = socket(0x2, 0x3, 0x100) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a00010000000000000000000600070001"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='&'], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci2/hci2:200/power/control\x00', 0x507080, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="e5b726bd7000fcdbdd251900000018000188140002006e657464657673696d30000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0) ioctl$auto_USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0xfffc, 0x8c53, 0x0, 0x1, 0x0}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'batadv0\x00'}) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r7, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) r8 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r8, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) close_range$auto(r7, 0xfffffffffffff000, 0x2) 559.695272ms ago: executing program 1 (id=1108): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/authorized\x00', 0x0, 0x0) lseek$auto(0x3, 0x908, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x109b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x182, 0x0) pread64$auto(r0, &(0x7f0000000080)='*{\x00', 0x488, 0x7) ioperm$auto(0xff, 0x1000, 0x8) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0) socket(0x10, 0x2, 0x6) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x48400, 0x41) fchmod$auto(r1, 0x7439) setreuid$auto(0x4, 0x8) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0xfee) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x80, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0x5b0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 423.182317ms ago: executing program 0 (id=1109): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x83, 0x0, 0x0) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r1, 0x9210641f, 0xd) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) pwrite64$auto(r2, 0x0, 0x4, 0x3) 286.786343ms ago: executing program 1 (id=1110): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xca, &(0x7f0000000340)='\x04>2\x1b!\xe2\x00\x94\xf2\xa2\x00\x00z\x0e\x8d\xea!\xbc\xf8*\x84(rw\xee\x9c\xb4,\xdaW\x0f\xef7\xbf\n|\x9a\xd9\xc3\xe7%\xeb\x1b\xd0\xc4\xc0\xae\xf6\xdf\x90,\x84\x12o4\a\x87\xe6\xe6\x17t\xb3<\xed\x91*\x8a#\x938D\xb6s\x9f\x14\xd4\x97\fY\xad5\xf5\xe9Iv\xe0\xd9\xfd\xff\x02idN\x94\x81\xc3\xa6\xb1\x11pM-> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.452850][ T6661] RSP: 002b:00007f5f64dcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 178.452887][ T6661] RAX: ffffffffffffffda RBX: 00007f5f641b6080 RCX: 00007f5f63f8e929 [ 178.452909][ T6661] RDX: 0000000000040000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 178.452932][ T6661] RBP: 00007f5f64010b39 R08: 0000000000000000 R09: 0000000000000000 [ 178.452953][ T6661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.452973][ T6661] R13: 0000000000000000 R14: 00007f5f641b6080 R15: 00007ffc3cc38908 [ 178.453016][ T6661] [ 179.327935][ T30] audit: type=1806 audit(4294967306.770:3): xattr="." res=0 [ 179.687295][ T5759] Process accounting resumed [ 181.910092][ T6706] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 182.326825][ T6712] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 183.523042][ T6732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.155'. [ 185.419742][ T30] audit: type=1804 audit(4294967312.860:4): pid=6770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.161" name="/newroot/35/file0" dev="tmpfs" ino=202 res=1 errno=0 [ 185.513948][ T30] audit: type=1800 audit(4294967312.860:5): pid=6770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.161" name="file0" dev="tmpfs" ino=202 res=0 errno=0 [ 187.703598][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.712154][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.740499][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.756148][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.782893][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.795599][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.806032][ T6816] netlink: 4 bytes leftover after parsing attributes in process `syz.2.169'. [ 187.808798][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.821639][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.153503][ T6817] hub 8-0:1.0: USB hub found [ 188.215642][ T6817] hub 8-0:1.0: 1 port detected [ 190.196830][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 190.203559][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 190.221983][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 190.228317][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 190.237879][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 190.244566][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 190.257131][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 190.263642][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 190.545940][ T6857] ecryptfs_parse_packet_length: Error parsing packet length [ 190.569909][ T6857] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 191.774496][ T6890] syz.0.179 uses obsolete (PF_INET,SOCK_PACKET) [ 192.393416][ T6900] netlink: 28 bytes leftover after parsing attributes in process `syz.3.182'. [ 193.392862][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.399818][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.442907][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.449299][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.458655][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.465686][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.475658][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.482998][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.872167][ T6924] FAULT_INJECTION: forcing a failure. [ 194.872167][ T6924] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 194.980259][ T6924] CPU: 0 UID: 0 PID: 6924 Comm: syz.1.188 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 194.980307][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 194.980327][ T6924] Call Trace: [ 194.980338][ T6924] [ 194.980351][ T6924] dump_stack_lvl+0x16c/0x1f0 [ 194.980409][ T6924] should_fail_ex+0x512/0x640 [ 194.980464][ T6924] should_fail_alloc_page+0xe7/0x130 [ 194.980508][ T6924] prepare_alloc_pages+0x3c2/0x610 [ 194.980548][ T6924] ? rcu_is_watching+0x12/0xc0 [ 194.980586][ T6924] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 194.980645][ T6924] ? rcu_is_watching+0x12/0xc0 [ 194.980678][ T6924] ? trace_mm_page_alloc+0x11f/0x1a0 [ 194.980716][ T6924] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 194.980767][ T6924] ? stack_trace_save+0x8e/0xc0 [ 194.980804][ T6924] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 194.980878][ T6924] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 194.980928][ T6924] ? __get_vm_area_node+0x1ca/0x330 [ 194.980966][ T6924] ? vmap+0x135/0x320 [ 194.980999][ T6924] ? relay_open_buf.part.0+0x445/0xc80 [ 194.981039][ T6924] ? relay_open+0x653/0xad0 [ 194.981076][ T6924] ? do_blk_trace_setup+0x503/0xb50 [ 194.981106][ T6924] ? blk_trace_setup+0xed/0x1b0 [ 194.981138][ T6924] ? blk_trace_ioctl+0x146/0x280 [ 194.981174][ T6924] ? blkdev_ioctl+0x108/0x6d0 [ 194.981226][ T6924] alloc_pages_bulk_noprof+0x71c/0x1410 [ 194.981276][ T6924] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 194.981329][ T6924] ? policy_nodemask+0xea/0x4e0 [ 194.981388][ T6924] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 194.981441][ T6924] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 194.981500][ T6924] kasan_populate_vmalloc+0xf1/0x1f0 [ 194.981556][ T6924] alloc_vmap_area+0x959/0x29c0 [ 194.981612][ T6924] ? __pfx_alloc_vmap_area+0x10/0x10 [ 194.981660][ T6924] __get_vm_area_node+0x1ca/0x330 [ 194.981703][ T6924] ? relay_open_buf.part.0+0x445/0xc80 [ 194.981746][ T6924] get_vm_area_caller+0x71/0xa0 [ 194.981784][ T6924] ? relay_open_buf.part.0+0x445/0xc80 [ 194.981829][ T6924] vmap+0x135/0x320 [ 194.981867][ T6924] ? __pfx_vmap+0x10/0x10 [ 194.981900][ T6924] ? trace_kmem_cache_alloc+0xb0/0xc0 [ 194.981934][ T6924] ? relay_open_buf.part.0+0x194/0xc80 [ 194.981987][ T6924] relay_open_buf.part.0+0x445/0xc80 [ 194.982044][ T6924] relay_open+0x653/0xad0 [ 194.982087][ T6924] ? debugfs_create_file_full+0x41/0x60 [ 194.982135][ T6924] do_blk_trace_setup+0x503/0xb50 [ 194.982178][ T6924] blk_trace_setup+0xed/0x1b0 [ 194.982223][ T6924] ? __pfx_blk_trace_setup+0x10/0x10 [ 194.982258][ T6924] ? __pfx_snprintf+0x10/0x10 [ 194.982327][ T6924] blk_trace_ioctl+0x146/0x280 [ 194.982365][ T6924] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 194.982410][ T6924] ? find_held_lock+0x2b/0x80 [ 194.982442][ T6924] ? hook_file_ioctl_common+0x145/0x410 [ 194.982489][ T6924] blkdev_ioctl+0x108/0x6d0 [ 194.982526][ T6924] ? __pfx_blkdev_ioctl+0x10/0x10 [ 194.982569][ T6924] ? __pfx_blkdev_ioctl+0x10/0x10 [ 194.982610][ T6924] __x64_sys_ioctl+0x18b/0x210 [ 194.982653][ T6924] do_syscall_64+0xcd/0x490 [ 194.982707][ T6924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.982742][ T6924] RIP: 0033:0x7f5f63f8e929 [ 194.982768][ T6924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.982800][ T6924] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 194.982832][ T6924] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 194.982854][ T6924] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000007 [ 194.982874][ T6924] RBP: 00007f5f64010b39 R08: 0000000000000000 R09: 0000000000000000 [ 194.982892][ T6924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.982911][ T6924] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 194.982953][ T6924] [ 195.721280][ T6933] FAULT_INJECTION: forcing a failure. [ 195.721280][ T6933] name failslab, interval 1, probability 0, space 0, times 0 [ 195.817154][ T6933] CPU: 0 UID: 0 PID: 6933 Comm: syz.0.190 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 195.817220][ T6933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 195.817237][ T6933] Call Trace: [ 195.817246][ T6933] [ 195.817258][ T6933] dump_stack_lvl+0x16c/0x1f0 [ 195.817312][ T6933] should_fail_ex+0x512/0x640 [ 195.817364][ T6933] ? __kmalloc_noprof+0xbf/0x510 [ 195.817415][ T6933] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 195.817460][ T6933] should_failslab+0xc2/0x120 [ 195.817490][ T6933] __kmalloc_noprof+0xd2/0x510 [ 195.817549][ T6933] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 195.817603][ T6933] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 195.817648][ T6933] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 195.817690][ T6933] ? trace_cap_capable+0x18d/0x200 [ 195.817730][ T6933] ? bpf_lsm_capable+0x9/0x10 [ 195.817770][ T6933] ? security_capable+0x7e/0x260 [ 195.817823][ T6933] ? ns_capable+0xd7/0x110 [ 195.817859][ T6933] genl_rcv_msg+0x55c/0x800 [ 195.817906][ T6933] ? __pfx_genl_rcv_msg+0x10/0x10 [ 195.817945][ T6933] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 195.817992][ T6933] ? __pfx_nl80211_get_key+0x10/0x10 [ 195.818037][ T6933] ? __pfx_nl80211_post_doit+0x10/0x10 [ 195.818108][ T6933] netlink_rcv_skb+0x158/0x420 [ 195.818143][ T6933] ? __pfx_genl_rcv_msg+0x10/0x10 [ 195.818186][ T6933] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 195.818239][ T6933] ? netlink_deliver_tap+0x1ae/0xd30 [ 195.818278][ T6933] genl_rcv+0x28/0x40 [ 195.818314][ T6933] netlink_unicast+0x53d/0x7f0 [ 195.818355][ T6933] ? __pfx_netlink_unicast+0x10/0x10 [ 195.818410][ T6933] netlink_sendmsg+0x8d1/0xdd0 [ 195.818453][ T6933] ? __pfx_netlink_sendmsg+0x10/0x10 [ 195.818504][ T6933] ____sys_sendmsg+0xa98/0xc70 [ 195.818544][ T6933] ? copy_msghdr_from_user+0x10a/0x160 [ 195.818593][ T6933] ? __pfx_____sys_sendmsg+0x10/0x10 [ 195.818650][ T6933] ___sys_sendmsg+0x134/0x1d0 [ 195.818703][ T6933] ? __pfx____sys_sendmsg+0x10/0x10 [ 195.818749][ T6933] ? __lock_acquire+0x622/0x1c90 [ 195.818843][ T6933] __sys_sendmsg+0x16d/0x220 [ 195.818894][ T6933] ? __pfx___sys_sendmsg+0x10/0x10 [ 195.818972][ T6933] do_syscall_64+0xcd/0x490 [ 195.819024][ T6933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.819057][ T6933] RIP: 0033:0x7fa93cf8e929 [ 195.819081][ T6933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.819111][ T6933] RSP: 002b:00007fa93ddc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 195.819139][ T6933] RAX: ffffffffffffffda RBX: 00007fa93d1b5fa0 RCX: 00007fa93cf8e929 [ 195.819157][ T6933] RDX: 0000000000000890 RSI: 0000200000000340 RDI: 0000000000000004 [ 195.819174][ T6933] RBP: 00007fa93ddc3090 R08: 0000000000000000 R09: 0000000000000000 [ 195.819191][ T6933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 195.819207][ T6933] R13: 0000000000000000 R14: 00007fa93d1b5fa0 R15: 00007ffc0c48a408 [ 195.819242][ T6933] [ 198.291605][ T6956] netlink: 28 bytes leftover after parsing attributes in process `syz.3.197'. [ 198.314903][ T6951] syz.1.196 (6951) used greatest stack depth: 17976 bytes left [ 198.373524][ T6956] team_slave_0: entered allmulticast mode [ 198.628558][ T6965] hub 8-0:1.0: USB hub found [ 198.634223][ T6965] hub 8-0:1.0: 1 port detected [ 199.120489][ T6973] syz.1.202 (6973): attempted to duplicate a private mapping with mremap. This is not supported. [ 199.445068][ T6981] FAULT_INJECTION: forcing a failure. [ 199.445068][ T6981] name fail_futex, interval 1, probability 0, space 0, times 1 [ 199.476284][ T6981] CPU: 0 UID: 0 PID: 6981 Comm: syz.0.205 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 199.476332][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.476351][ T6981] Call Trace: [ 199.476362][ T6981] [ 199.476375][ T6981] dump_stack_lvl+0x16c/0x1f0 [ 199.476434][ T6981] should_fail_ex+0x512/0x640 [ 199.476490][ T6981] get_futex_key+0x1d0/0x1540 [ 199.476536][ T6981] ? __pfx_get_futex_key+0x10/0x10 [ 199.476573][ T6981] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 199.476620][ T6981] ? __get_unmapped_area+0x267/0x440 [ 199.476663][ T6981] futex_wake+0xea/0x530 [ 199.476716][ T6981] ? __pfx_futex_wake+0x10/0x10 [ 199.476774][ T6981] ? up_write+0x1b2/0x520 [ 199.476830][ T6981] do_futex+0x1e3/0x350 [ 199.476896][ T6981] ? __pfx_do_futex+0x10/0x10 [ 199.476950][ T6981] __x64_sys_futex+0x1e0/0x4c0 [ 199.476999][ T6981] ? __pfx___x64_sys_futex+0x10/0x10 [ 199.477048][ T6981] ? ksys_mmap_pgoff+0x85/0x5c0 [ 199.477083][ T6981] ? xfd_validate_state+0x61/0x180 [ 199.477125][ T6981] ? __pfx_ksys_write+0x10/0x10 [ 199.477186][ T6981] do_syscall_64+0xcd/0x490 [ 199.477242][ T6981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.477276][ T6981] RIP: 0033:0x7fa93cf8e929 [ 199.477303][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.477335][ T6981] RSP: 002b:00007fa93ddc30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 199.477366][ T6981] RAX: ffffffffffffffda RBX: 00007fa93d1b5fa8 RCX: 00007fa93cf8e929 [ 199.477388][ T6981] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa93d1b5fac [ 199.477409][ T6981] RBP: 00007fa93d1b5fa0 R08: 00007fa93ddc4000 R09: 0000000000000000 [ 199.477430][ T6981] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fa93d1b5fac [ 199.477451][ T6981] R13: 0000000000000000 R14: 00007ffc0c48a320 R15: 00007ffc0c48a408 [ 199.477492][ T6981] [ 199.670099][ C0] vkms_vblank_simulate: vblank timer overrun [ 199.848329][ T6983] FAULT_INJECTION: forcing a failure. [ 199.848329][ T6983] name failslab, interval 1, probability 0, space 0, times 0 [ 199.861388][ T6983] CPU: 0 UID: 0 PID: 6983 Comm: syz.3.204 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 199.861430][ T6983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.861448][ T6983] Call Trace: [ 199.861459][ T6983] [ 199.861470][ T6983] dump_stack_lvl+0x16c/0x1f0 [ 199.861523][ T6983] should_fail_ex+0x512/0x640 [ 199.861562][ T6983] ? fs_reclaim_acquire+0xae/0x150 [ 199.861597][ T6983] should_failslab+0xc2/0x120 [ 199.861623][ T6983] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 199.861666][ T6983] ? security_inode_alloc+0x3b/0x2b0 [ 199.861700][ T6983] security_inode_alloc+0x3b/0x2b0 [ 199.861730][ T6983] inode_init_always_gfp+0xce4/0x1030 [ 199.861775][ T6983] alloc_inode+0x86/0x240 [ 199.861803][ T6983] new_inode+0x22/0x1c0 [ 199.861833][ T6983] shmem_get_inode+0x19a/0xfb0 [ 199.861872][ T6983] shmem_tmpfile+0x58/0x180 [ 199.861903][ T6983] vfs_tmpfile+0x2bb/0x890 [ 199.861950][ T6983] path_openat+0x1683/0x2cb0 [ 199.861986][ T6983] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.862026][ T6983] ? __pfx_path_openat+0x10/0x10 [ 199.862087][ T6983] do_filp_open+0x20b/0x470 [ 199.862132][ T6983] ? __pfx_do_filp_open+0x10/0x10 [ 199.862198][ T6983] ? _raw_spin_unlock+0x28/0x50 [ 199.862233][ T6983] ? alloc_fd+0x471/0x7d0 [ 199.862279][ T6983] do_sys_openat2+0x11b/0x1d0 [ 199.862311][ T6983] ? __pfx_do_sys_openat2+0x10/0x10 [ 199.862355][ T6983] __x64_sys_open+0x153/0x1e0 [ 199.862386][ T6983] ? __pfx___x64_sys_open+0x10/0x10 [ 199.862424][ T6983] ? rcu_is_watching+0x12/0xc0 [ 199.862454][ T6983] do_syscall_64+0xcd/0x490 [ 199.862498][ T6983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.862525][ T6983] RIP: 0033:0x7f7da538e929 [ 199.862547][ T6983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.862573][ T6983] RSP: 002b:00007f7da628d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 199.862599][ T6983] RAX: ffffffffffffffda RBX: 00007f7da55b6080 RCX: 00007f7da538e929 [ 199.862618][ T6983] RDX: 0000000000000408 RSI: 0000000000591002 RDI: 0000200000000100 [ 199.862636][ T6983] RBP: 00007f7da5410b39 R08: 0000000000000000 R09: 0000000000000000 [ 199.862653][ T6983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.862670][ T6983] R13: 0000000000000000 R14: 00007f7da55b6080 R15: 00007ffd42627e88 [ 199.862706][ T6983] [ 200.104040][ C0] vkms_vblank_simulate: vblank timer overrun [ 201.783837][ T7007] : Can't lookup blockdev [ 203.723011][ T7034] netlink: 'syz.1.216': attribute type 1 has an invalid length. [ 203.833048][ T7036] netlink: 334 bytes leftover after parsing attributes in process `syz.2.217'. [ 204.114733][ T7039] netlink: 4 bytes leftover after parsing attributes in process `syz.1.218'. [ 204.674555][ T5880] Process accounting resumed [ 205.428400][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.434961][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.514421][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.520888][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.546239][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.555317][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.571907][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.579136][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.661818][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.668270][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.250442][ T7059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.224'. [ 206.374822][ T7066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.223'. [ 207.112588][ T7085] hub 8-0:1.0: USB hub found [ 207.117717][ T7085] hub 8-0:1.0: 1 port detected [ 208.888832][ T30] audit: type=1326 audit(4294967336.330:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7104 comm="syz.2.233" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc01778e929 code=0x0 [ 208.910294][ C0] vkms_vblank_simulate: vblank timer overrun [ 210.993553][ T7127] netlink: 28 bytes leftover after parsing attributes in process `syz.1.238'. [ 211.234842][ T7131] netlink: 28 bytes leftover after parsing attributes in process `syz.1.240'. [ 211.270960][ T5150] Bluetooth: hci2: command 0x0c1a tx timeout [ 211.277362][ T1208] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 211.615032][ T7139] [U]  [ 211.618075][ T7139] [U] [ 211.620831][ T7139] [U] [ 211.623581][ T7139] [U] [ 211.627768][ T7139] [U] [ 211.630633][ T7139] [U] [ 211.633375][ T7139] [U] [ 211.636261][ T7139] [U] [ 211.803956][ T7139] [U] [ 211.806724][ T7139] [U] [ 211.809451][ T7139] [U] [ 211.812275][ T7139] [U] [ 212.028401][ T7144] [U] [ 213.275811][ T7156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.247'. [ 213.299057][ T7158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.248'. [ 213.349797][ T5150] Bluetooth: hci2: command 0x0c1a tx timeout [ 213.350815][ T1208] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 213.879900][ T7176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.252'. [ 214.083410][ T7183] hub 8-0:1.0: USB hub found [ 214.083801][ T7183] hub 8-0:1.0: 1 port detected [ 214.317498][ T7188] FAULT_INJECTION: forcing a failure. [ 214.317498][ T7188] name failslab, interval 1, probability 0, space 0, times 0 [ 214.317592][ T7188] CPU: 1 UID: 0 PID: 7188 Comm: syz.3.253 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 214.317631][ T7188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 214.317650][ T7188] Call Trace: [ 214.317660][ T7188] [ 214.317672][ T7188] dump_stack_lvl+0x16c/0x1f0 [ 214.317730][ T7188] should_fail_ex+0x512/0x640 [ 214.317871][ T7188] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 214.317929][ T7188] should_failslab+0xc2/0x120 [ 214.317961][ T7188] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 214.318012][ T7188] ? find_held_lock+0x2b/0x80 [ 214.318043][ T7188] ? __d_alloc+0x31/0xaa0 [ 214.318101][ T7188] __d_alloc+0x31/0xaa0 [ 214.318151][ T7188] ? __d_lookup+0x266/0x4a0 [ 214.318191][ T7188] d_alloc+0x4a/0x1e0 [ 214.318244][ T7188] lookup_one_qstr_excl_raw.part.0+0x96/0x160 [ 214.318280][ T7188] ? lookup_dcache+0x66/0x170 [ 214.318318][ T7188] lookup_one_qstr_excl+0x3e/0x120 [ 214.318357][ T7188] filename_create+0x1e7/0x4a0 [ 214.318401][ T7188] ? __pfx_filename_create+0x10/0x10 [ 214.318450][ T7188] ? __might_fault+0xe3/0x190 [ 214.318496][ T7188] ? __might_fault+0xe3/0x190 [ 214.318541][ T7188] ? __might_fault+0x13b/0x190 [ 214.318595][ T7188] do_mknodat+0x18a/0x5d0 [ 214.318646][ T7188] ? __pfx_do_mknodat+0x10/0x10 [ 214.318691][ T7188] ? getname_flags.part.0+0x1c5/0x550 [ 214.318737][ T7188] __x64_sys_mknod+0x87/0xb0 [ 214.318796][ T7188] do_syscall_64+0xcd/0x490 [ 214.318851][ T7188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.318885][ T7188] RIP: 0033:0x7f7da538e929 [ 214.318909][ T7188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.318940][ T7188] RSP: 002b:00007f7da624b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 214.318969][ T7188] RAX: ffffffffffffffda RBX: 00007f7da55b6240 RCX: 00007f7da538e929 [ 214.318989][ T7188] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 214.319006][ T7188] RBP: 00007f7da5410b39 R08: 0000000000000000 R09: 0000000000000000 [ 214.319025][ T7188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.319042][ T7188] R13: 0000000000000000 R14: 00007f7da55b6240 R15: 00007ffd42627e88 [ 214.319082][ T7188] [ 214.359972][ T7188] ICMPv6: process `syz.3.253' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 214.962399][ T7204] FAULT_INJECTION: forcing a failure. [ 214.962399][ T7204] name failslab, interval 1, probability 0, space 0, times 0 [ 214.962495][ T7204] CPU: 0 UID: 0 PID: 7204 Comm: syz.1.260 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 214.962530][ T7204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 214.962547][ T7204] Call Trace: [ 214.962556][ T7204] [ 214.962568][ T7204] dump_stack_lvl+0x16c/0x1f0 [ 214.962617][ T7204] should_fail_ex+0x512/0x640 [ 214.962660][ T7204] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 214.962711][ T7204] should_failslab+0xc2/0x120 [ 214.962739][ T7204] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 214.962781][ T7204] ? mas_alloc_nodes+0x18b/0x8b0 [ 214.962826][ T7204] mas_alloc_nodes+0x18b/0x8b0 [ 214.962875][ T7204] mas_node_count_gfp+0x105/0x130 [ 214.962920][ T7204] mas_preallocate+0x7e0/0xde0 [ 214.962959][ T7204] ? __pfx_mas_preallocate+0x10/0x10 [ 214.963016][ T7204] ? vma_merge_new_range+0x37f/0xa00 [ 214.963057][ T7204] ? vm_area_alloc+0x1f/0x160 [ 214.963097][ T7204] ? lockdep_init_map_type+0x5c/0x280 [ 214.963143][ T7204] __mmap_region+0x1104/0x25e0 [ 214.963194][ T7204] ? __pfx___mmap_region+0x10/0x10 [ 214.963250][ T7204] ? is_bpf_text_address+0x8a/0x1a0 [ 214.963291][ T7204] ? bpf_ksym_find+0x124/0x1c0 [ 214.963323][ T7204] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 214.963358][ T7204] ? is_bpf_text_address+0x94/0x1a0 [ 214.963399][ T7204] ? kernel_text_address+0x8d/0x100 [ 214.963446][ T7204] ? __kernel_text_address+0xd/0x40 [ 214.963559][ T7204] ? trace_cap_capable+0x18d/0x200 [ 214.963602][ T7204] mmap_region+0x32b/0x3f0 [ 214.963657][ T7204] do_mmap+0xa3e/0x1210 [ 214.963699][ T7204] ? __pfx_do_mmap+0x10/0x10 [ 214.963734][ T7204] ? __pfx_down_write_killable+0x10/0x10 [ 214.963774][ T7204] vm_mmap_pgoff+0x281/0x450 [ 214.963808][ T7204] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 214.963841][ T7204] ? __fget_files+0x20e/0x3c0 [ 214.963883][ T7204] ksys_mmap_pgoff+0x32c/0x5c0 [ 214.963911][ T7204] ? __pfx_ksys_write+0x10/0x10 [ 214.963952][ T7204] __x64_sys_mmap+0x125/0x190 [ 214.964002][ T7204] do_syscall_64+0xcd/0x490 [ 214.964047][ T7204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.964073][ T7204] RIP: 0033:0x7f5f63f8e929 [ 214.964095][ T7204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.964121][ T7204] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 214.964146][ T7204] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 214.964164][ T7204] RDX: 0000000000000ffb RSI: 0000000000000009 RDI: 0000000000000000 [ 214.964180][ T7204] RBP: 00007f5f64ded090 R08: 0000000000000003 R09: 0000000000000000 [ 214.964195][ T7204] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 214.964211][ T7204] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 214.964246][ T7204] [ 215.511200][ T5150] Bluetooth: hci2: command 0x0c1a tx timeout [ 215.523220][ T1208] Bluetooth: hci2: Opcode 0x0406 failed: -110 [ 215.762801][ T7213] Console: switching to colour VGA+ 80x25 [ 216.590073][ T7227] netlink: 28 bytes leftover after parsing attributes in process `syz.1.265'. [ 217.022285][ T30] audit: type=1326 audit(4294967344.470:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7234 comm="syz.1.268" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5f63f8e929 code=0x0 [ 218.309175][ T7250] netlink: 20 bytes leftover after parsing attributes in process `syz.0.272'. [ 218.335607][ T7250] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 219.756852][ T7277] FAULT_INJECTION: forcing a failure. [ 219.756852][ T7277] name failslab, interval 1, probability 0, space 0, times 0 [ 219.787199][ T7277] CPU: 0 UID: 0 PID: 7277 Comm: syz.0.276 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 219.787245][ T7277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 219.787262][ T7277] Call Trace: [ 219.787272][ T7277] [ 219.787283][ T7277] dump_stack_lvl+0x16c/0x1f0 [ 219.787336][ T7277] should_fail_ex+0x512/0x640 [ 219.787376][ T7277] ? __kvmalloc_node_noprof+0x124/0x620 [ 219.787420][ T7277] should_failslab+0xc2/0x120 [ 219.787446][ T7277] __kvmalloc_node_noprof+0x137/0x620 [ 219.787483][ T7277] ? sk_alloc+0x566/0xc20 [ 219.787521][ T7277] ? tap_open+0x385/0x1170 [ 219.787560][ T7277] ? tap_open+0x385/0x1170 [ 219.787591][ T7277] tap_open+0x385/0x1170 [ 219.787621][ T7277] ? __pfx_tap_open+0x10/0x10 [ 219.787648][ T7277] chrdev_open+0x231/0x6a0 [ 219.787690][ T7277] ? __pfx_apparmor_file_open+0x10/0x10 [ 219.787725][ T7277] ? __pfx_chrdev_open+0x10/0x10 [ 219.787769][ T7277] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 219.787812][ T7277] do_dentry_open+0x744/0x1c10 [ 219.787853][ T7277] ? __pfx_chrdev_open+0x10/0x10 [ 219.787902][ T7277] vfs_open+0x82/0x3f0 [ 219.787934][ T7277] path_openat+0x1de4/0x2cb0 [ 219.787985][ T7277] ? __pfx_path_openat+0x10/0x10 [ 219.788026][ T7277] ? __lock_acquire+0xb8a/0x1c90 [ 219.788066][ T7277] do_filp_open+0x20b/0x470 [ 219.788110][ T7277] ? __pfx_do_filp_open+0x10/0x10 [ 219.788175][ T7277] ? alloc_fd+0x471/0x7d0 [ 219.788220][ T7277] do_sys_openat2+0x11b/0x1d0 [ 219.788254][ T7277] ? __pfx_do_sys_openat2+0x10/0x10 [ 219.788297][ T7277] __x64_sys_openat+0x174/0x210 [ 219.788329][ T7277] ? __pfx___x64_sys_openat+0x10/0x10 [ 219.788374][ T7277] do_syscall_64+0xcd/0x490 [ 219.788419][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.788446][ T7277] RIP: 0033:0x7fa93cf8e929 [ 219.788467][ T7277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.788494][ T7277] RSP: 002b:00007fa93dda2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 219.788519][ T7277] RAX: ffffffffffffffda RBX: 00007fa93d1b6080 RCX: 00007fa93cf8e929 [ 219.788537][ T7277] RDX: 0000000000020000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 219.788554][ T7277] RBP: 00007fa93d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 219.788575][ T7277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.788590][ T7277] R13: 0000000000000000 R14: 00007fa93d1b6080 R15: 00007ffc0c48a408 [ 219.788624][ T7277] [ 220.391647][ T7289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.278'. [ 221.153769][ T7297] FAULT_INJECTION: forcing a failure. [ 221.153769][ T7297] name failslab, interval 1, probability 0, space 0, times 0 [ 221.241269][ T7297] CPU: 0 UID: 0 PID: 7297 Comm: syz.3.280 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 221.241310][ T7297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.241328][ T7297] Call Trace: [ 221.241338][ T7297] [ 221.241350][ T7297] dump_stack_lvl+0x16c/0x1f0 [ 221.241405][ T7297] should_fail_ex+0x512/0x640 [ 221.241451][ T7297] ? fs_reclaim_acquire+0xae/0x150 [ 221.241491][ T7297] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 221.241536][ T7297] should_failslab+0xc2/0x120 [ 221.241567][ T7297] __kmalloc_noprof+0xd2/0x510 [ 221.241625][ T7297] tomoyo_realpath_from_path+0xc2/0x6e0 [ 221.241675][ T7297] ? tomoyo_profile+0x47/0x60 [ 221.241728][ T7297] tomoyo_path_number_perm+0x245/0x580 [ 221.241765][ T7297] ? tomoyo_path_number_perm+0x237/0x580 [ 221.241807][ T7297] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 221.241848][ T7297] ? find_held_lock+0x2b/0x80 [ 221.241918][ T7297] ? find_held_lock+0x2b/0x80 [ 221.241948][ T7297] ? hook_file_ioctl_common+0x145/0x410 [ 221.241993][ T7297] ? __fget_files+0x20e/0x3c0 [ 221.242044][ T7297] security_file_ioctl+0x9b/0x240 [ 221.242087][ T7297] __x64_sys_ioctl+0xb7/0x210 [ 221.242129][ T7297] do_syscall_64+0xcd/0x490 [ 221.242184][ T7297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.242217][ T7297] RIP: 0033:0x7f7da538e929 [ 221.242242][ T7297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.242278][ T7297] RSP: 002b:00007f7da628d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 221.242311][ T7297] RAX: ffffffffffffffda RBX: 00007f7da55b6080 RCX: 00007f7da538e929 [ 221.242330][ T7297] RDX: 0000000000000038 RSI: 00000000402c542c RDI: 0000000000000003 [ 221.242347][ T7297] RBP: 00007f7da628d090 R08: 0000000000000000 R09: 0000000000000000 [ 221.242365][ T7297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.242381][ T7297] R13: 0000000000000000 R14: 00007f7da55b6080 R15: 00007ffd42627e88 [ 221.242421][ T7297] [ 221.451723][ T7297] ERROR: Out of memory at tomoyo_realpath_from_path. [ 221.945363][ T7304] random: crng reseeded on system resumption [ 223.642004][ T7316] kexec: Could not allocate control_code_buffer [ 226.675033][ T7388] netlink: 12 bytes leftover after parsing attributes in process `syz.1.297'. [ 226.750345][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 226.761431][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 226.775262][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 226.785805][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 226.815155][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 226.855576][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 226.873543][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 226.895167][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 229.116583][ T7404] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 229.141547][ T7404] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 229.211332][ T7404] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 229.255903][ T7404] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 229.281354][ T7404] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 229.313343][ T7404] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 229.340034][ T7404] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 229.357810][ T7404] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 229.398153][ T7404] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 229.451822][ T5759] Process accounting resumed [ 231.136301][ T5901] Process accounting resumed [ 231.192354][ T5150] Bluetooth: hci0: command 0x0c1a tx timeout [ 231.272432][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 231.352411][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 231.693119][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 231.710289][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 231.720055][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 231.726967][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 231.745663][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 231.752021][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 231.764293][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 231.770675][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 232.533510][ T30] audit: type=1326 audit(4294967359.966:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.312" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7da538e929 code=0x0 [ 232.805103][ T7490] FAULT_INJECTION: forcing a failure. [ 232.805103][ T7490] name failslab, interval 1, probability 0, space 0, times 0 [ 232.884107][ T7490] CPU: 1 UID: 0 PID: 7490 Comm: syz.2.314 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 232.884150][ T7490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 232.884167][ T7490] Call Trace: [ 232.884194][ T7490] [ 232.884205][ T7490] dump_stack_lvl+0x16c/0x1f0 [ 232.884271][ T7490] should_fail_ex+0x512/0x640 [ 232.884317][ T7490] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 232.884365][ T7490] should_failslab+0xc2/0x120 [ 232.884395][ T7490] __kmalloc_cache_noprof+0x6a/0x3e0 [ 232.884436][ T7490] ? lockdep_hardirqs_on+0x7c/0x110 [ 232.884483][ T7490] ? alloc_fs_context+0x57/0x9c0 [ 232.884532][ T7490] alloc_fs_context+0x57/0x9c0 [ 232.884587][ T7490] __x64_sys_fsopen+0xeb/0x240 [ 232.884619][ T7490] do_syscall_64+0xcd/0x490 [ 232.884673][ T7490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.884706][ T7490] RIP: 0033:0x7fc01778e929 [ 232.884730][ T7490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.884759][ T7490] RSP: 002b:00007fc018608038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 232.884791][ T7490] RAX: ffffffffffffffda RBX: 00007fc0179b5fa0 RCX: 00007fc01778e929 [ 232.884810][ T7490] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 232.884826][ T7490] RBP: 00007fc018608090 R08: 0000000000000000 R09: 0000000000000000 [ 232.884843][ T7490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.884860][ T7490] R13: 0000000000000000 R14: 00007fc0179b5fa0 R15: 00007ffc645d84c8 [ 232.884898][ T7490] [ 233.274287][ T5150] Bluetooth: hci0: command 0x0c1a tx timeout [ 233.353308][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 233.443263][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 233.739043][ T30] audit: type=1326 audit(4294967361.176:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7496 comm="syz.1.318" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5f63f8e929 code=0x0 [ 235.034130][ T1208] Process accounting resumed [ 235.288774][ T7518] netlink: 28 bytes leftover after parsing attributes in process `syz.1.322'. [ 235.358277][ T5150] Bluetooth: hci0: command 0x0c1a tx timeout [ 235.435368][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 235.515428][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 236.195378][ T30] audit: type=1326 audit(4294967363.615:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.2.325" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc01778e929 code=0x0 [ 237.498108][ T7543] vhci_hcd: invalid port number 16 [ 237.503292][ T7543] vhci_hcd: invalid port number 16 [ 237.749001][ T30] audit: type=1326 audit(4294967365.184:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7547 comm="syz.0.329" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa93cf8e929 code=0x0 [ 239.460965][ T30] audit: type=1326 audit(4294967366.883:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7575 comm="syz.2.335" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc01778e929 code=0x0 [ 239.830568][ T7573] netlink: 28 bytes leftover after parsing attributes in process `syz.0.333'. [ 239.906510][ T5759] Process accounting resumed [ 242.885699][ T7599] can: request_module (can-proto-0) failed. [ 246.386277][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 246.399863][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 246.411797][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 246.418194][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 246.427764][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 246.435229][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 246.443817][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 246.450347][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 247.816943][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 247.823536][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 247.923907][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 247.932218][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 247.989192][ T10] Process accounting resumed [ 248.056915][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.063607][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 248.077633][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.084406][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 250.205821][ T7700] random: crng reseeded on system resumption [ 251.135954][ T30] audit: type=1326 audit(4294967378.567:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7713 comm="syz.0.365" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa93cf8e929 code=0x0 [ 252.897526][ T7734] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 253.478649][ T7729] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 253.568657][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 253.575194][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 253.584970][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 253.591315][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 253.622357][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 253.630784][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 253.674943][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 253.681304][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 254.535871][ T7767] netlink: 28 bytes leftover after parsing attributes in process `syz.1.373'. [ 255.506832][ T7786] ======================================================= [ 255.506832][ T7786] WARNING: The mand mount option has been deprecated and [ 255.506832][ T7786] and is ignored by this kernel. Remove the mand [ 255.506832][ T7786] option from the mount to silence this warning. [ 255.506832][ T7786] ======================================================= [ 255.623955][ T7775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.375'. [ 255.687844][ T7786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.375'. [ 255.795946][ T7775] FAULT_INJECTION: forcing a failure. [ 255.795946][ T7775] name failslab, interval 1, probability 0, space 0, times 0 [ 255.952352][ T7775] CPU: 1 UID: 0 PID: 7775 Comm: syz.1.375 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 255.952401][ T7775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 255.952435][ T7775] Call Trace: [ 255.952446][ T7775] [ 255.952459][ T7775] dump_stack_lvl+0x16c/0x1f0 [ 255.952516][ T7775] should_fail_ex+0x512/0x640 [ 255.952565][ T7775] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 255.952621][ T7775] should_failslab+0xc2/0x120 [ 255.952653][ T7775] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 255.952705][ T7775] ? mas_alloc_nodes+0x18b/0x8b0 [ 255.952756][ T7775] mas_alloc_nodes+0x18b/0x8b0 [ 255.952811][ T7775] mas_node_count_gfp+0x105/0x130 [ 255.952862][ T7775] mas_preallocate+0x7e0/0xde0 [ 255.952903][ T7775] ? __pfx_mas_preallocate+0x10/0x10 [ 255.952948][ T7775] ? vma_merge_new_range+0x37f/0xa00 [ 255.952995][ T7775] ? vm_area_alloc+0x1f/0x160 [ 255.953040][ T7775] ? lockdep_init_map_type+0x5c/0x280 [ 255.953091][ T7775] __mmap_region+0x1104/0x25e0 [ 255.953145][ T7775] ? __pfx___mmap_region+0x10/0x10 [ 255.953195][ T7775] ? rcu_is_watching+0x12/0xc0 [ 255.953235][ T7775] ? rcu_is_watching+0x12/0xc0 [ 255.953266][ T7775] ? trace_sched_exit_tp+0xde/0x130 [ 255.953306][ T7775] ? __schedule+0x1181/0x5de0 [ 255.953386][ T7775] ? __pfx___schedule+0x10/0x10 [ 255.953483][ T7775] ? trace_cap_capable+0x18d/0x200 [ 255.953530][ T7775] mmap_region+0x1ab/0x3f0 [ 255.953582][ T7775] ? __get_unmapped_area+0x267/0x440 [ 255.953625][ T7775] do_mmap+0xa3e/0x1210 [ 255.953670][ T7775] ? __pfx_do_mmap+0x10/0x10 [ 255.953708][ T7775] ? __pfx_down_write_killable+0x10/0x10 [ 255.953753][ T7775] vm_mmap_pgoff+0x281/0x450 [ 255.953796][ T7775] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 255.953840][ T7775] ? __x64_sys_futex+0x1e0/0x4c0 [ 255.953879][ T7775] ? __x64_sys_futex+0x1e9/0x4c0 [ 255.953926][ T7775] ksys_mmap_pgoff+0x7d/0x5c0 [ 255.953960][ T7775] ? xfd_validate_state+0x61/0x180 [ 255.954001][ T7775] ? __pfx_ksys_write+0x10/0x10 [ 255.954054][ T7775] __x64_sys_mmap+0x125/0x190 [ 255.954105][ T7775] do_syscall_64+0xcd/0x490 [ 255.954161][ T7775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.954195][ T7775] RIP: 0033:0x7f5f63f8e929 [ 255.954222][ T7775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.954254][ T7775] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 255.954285][ T7775] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 255.954307][ T7775] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 255.954337][ T7775] RBP: 00007f5f64010b39 R08: fffffffffffffffa R09: 0000000000008000 [ 255.954359][ T7775] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 255.954380][ T7775] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 255.954424][ T7775] [ 256.302908][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.321744][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.521239][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.537325][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.563914][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.587969][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.630263][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.640273][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.222510][ T2153] Process accounting resumed [ 261.672005][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.678609][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.718980][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.727547][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.743373][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.749935][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.768963][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.777109][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.816874][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.838820][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.847210][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.885227][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.894919][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.910510][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.919464][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.925786][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.442358][ T7869] zswap: compressor not available [ 264.176716][ T30] audit: type=1326 audit(4294967391.601:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7888 comm="syz.2.394" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc01778e929 code=0x0 [ 266.365490][ T10] Process accounting resumed [ 266.982469][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.988929][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.752688][ T7926] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 267.800463][ T5924] Process accounting resumed [ 271.279296][ T7990] FAULT_INJECTION: forcing a failure. [ 271.279296][ T7990] name failslab, interval 1, probability 0, space 0, times 0 [ 271.353031][ T5924] Process accounting resumed [ 271.377647][ T7990] CPU: 0 UID: 0 PID: 7990 Comm: syz.1.410 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 271.377690][ T7990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 271.377709][ T7990] Call Trace: [ 271.377720][ T7990] [ 271.377734][ T7990] dump_stack_lvl+0x16c/0x1f0 [ 271.377794][ T7990] should_fail_ex+0x512/0x640 [ 271.377844][ T7990] ? fs_reclaim_acquire+0xae/0x150 [ 271.377888][ T7990] ? tomoyo_encode2+0x100/0x3e0 [ 271.377932][ T7990] should_failslab+0xc2/0x120 [ 271.377964][ T7990] __kmalloc_noprof+0xd2/0x510 [ 271.378036][ T7990] tomoyo_encode2+0x100/0x3e0 [ 271.378091][ T7990] tomoyo_encode+0x29/0x50 [ 271.378137][ T7990] tomoyo_realpath_from_path+0x18f/0x6e0 [ 271.378191][ T7990] ? tomoyo_profile+0x47/0x60 [ 271.378248][ T7990] tomoyo_path_perm+0x274/0x460 [ 271.378285][ T7990] ? tomoyo_path_perm+0x260/0x460 [ 271.378327][ T7990] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 271.378413][ T7990] ? __pfx_ima_file_check+0x10/0x10 [ 271.378462][ T7990] ? hook_file_truncate+0xc7/0x250 [ 271.378510][ T7990] security_file_truncate+0x84/0x1e0 [ 271.378557][ T7990] path_openat+0xc10/0x2cb0 [ 271.378622][ T7990] ? __pfx_path_openat+0x10/0x10 [ 271.378675][ T7990] ? __lock_acquire+0xb8a/0x1c90 [ 271.378725][ T7990] do_filp_open+0x20b/0x470 [ 271.378774][ T7990] ? __pfx_do_filp_open+0x10/0x10 [ 271.378854][ T7990] ? alloc_fd+0x471/0x7d0 [ 271.378913][ T7990] do_sys_openat2+0x11b/0x1d0 [ 271.378952][ T7990] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.378987][ T7990] ? __sock_release+0x20b/0x270 [ 271.379130][ T7990] __x64_sys_openat+0x174/0x210 [ 271.379171][ T7990] ? __pfx___x64_sys_openat+0x10/0x10 [ 271.379229][ T7990] do_syscall_64+0xcd/0x490 [ 271.379286][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.379321][ T7990] RIP: 0033:0x7f5f63f8e929 [ 271.379350][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.379382][ T7990] RSP: 002b:00007f5f64dcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 271.379414][ T7990] RAX: ffffffffffffffda RBX: 00007f5f641b6080 RCX: 00007f5f63f8e929 [ 271.379435][ T7990] RDX: 000000000000061f RSI: 0000200000000040 RDI: ffffffffffffff9c [ 271.379455][ T7990] RBP: 00007f5f64010b39 R08: 0000000000000000 R09: 0000000000000000 [ 271.379475][ T7990] R10: 000000000000ffff R11: 0000000000000246 R12: 0000000000000000 [ 271.379494][ T7990] R13: 0000000000000000 R14: 00007f5f641b6080 R15: 00007ffc3cc38908 [ 271.379534][ T7990] [ 271.379565][ T7990] ERROR: Out of memory at tomoyo_realpath_from_path. [ 272.663711][ T1208] Process accounting resumed [ 273.721168][ T8035] Invalid ELF header magic: != ELF [ 274.014624][ T8037] zswap: compressor not available [ 275.692792][ T30] audit: type=1326 audit(4294967403.105:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8069 comm="syz.1.423" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5f63f8e929 code=0x0 [ 278.147798][ T10] Process accounting resumed [ 279.416914][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 279.423584][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 279.433254][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 279.439844][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 279.517090][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 279.523505][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 279.546793][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 279.553202][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 283.199993][ T30] audit: type=1804 audit(4294967410.621:16): pid=8195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.441" name="/newroot/108/file0" dev="tmpfs" ino=594 res=1 errno=0 [ 283.252998][ T30] audit: type=1800 audit(4294967410.671:17): pid=8195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.441" name="file0" dev="tmpfs" ino=594 res=0 errno=0 [ 288.324922][ T8277] zswap: compressor not available [ 291.024216][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.043020][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.068509][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.087049][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.109709][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.126614][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.158827][ T30] audit: type=1326 audit(4294967418.567:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8322 comm="syz.1.456" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5f63f8e929 code=0x0 [ 291.540459][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.547506][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 292.825863][ T10] Process accounting resumed [ 293.378196][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 293.390443][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 293.410907][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 293.430616][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 293.443193][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 293.449723][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 293.461142][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 293.469379][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.918109][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.927953][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 297.033141][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 297.039574][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 297.068919][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 297.075606][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 297.236076][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 297.245170][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 298.328178][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.471'. [ 298.658027][ T10] Process accounting resumed [ 299.328029][ T8435] program syz.2.473 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 299.820492][ T8445] Invalid ELF header magic: != ELF [ 300.191638][ T8449] netlink: 186 bytes leftover after parsing attributes in process `syz.0.478'. [ 305.840294][ T8521] netlink: 28 bytes leftover after parsing attributes in process `syz.1.494'. [ 306.255402][ T8536] device-mapper: ioctl: only supply one of name or uuid, cmd(12) [ 306.381642][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 306.393770][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 306.402931][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 306.409247][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 306.433549][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 306.455358][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 306.477859][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 306.485191][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 307.663497][ T8555] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 308.250696][ T8566] syz_tun: tun_chr_ioctl cmd 1074025678 [ 308.258032][ T8566] syz_tun: group set to 23693 [ 312.522095][ T8631] zswap: compressor not available [ 312.973181][ T8623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 313.047888][ T8623] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 313.063163][ T8623] memcg:ffff88805c14a901 [ 313.091985][ T8623] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 313.100164][ T8623] page_type: f5(slab) [ 313.106770][ T8623] raw: 00fff00000000040 ffff88801dee4280 ffffea0001eee400 dead000000000004 [ 313.115950][ T8623] raw: 0000000000000000 00000000000a000a 00000000f5000000 ffff88805c14a901 [ 313.124785][ T8623] head: 00fff00000000040 ffff88801dee4280 ffffea0001eee400 dead000000000004 [ 313.133721][ T8623] head: 0000000000000000 00000000000a000a 00000000f5000000 ffff88805c14a901 [ 313.143132][ T8623] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 313.152541][ T8623] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 313.161689][ T8623] page dumped because: unmovable page [ 313.181153][ T8623] page_owner tracks the page as allocated [ 313.200347][ T8623] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5831, tgid 5831 (syz-executor), ts 213588387505, free_ts 213583279453 [ 313.234282][ T8623] post_alloc_hook+0x1c0/0x230 [ 313.239132][ T8623] get_page_from_freelist+0x1321/0x3890 [ 313.277373][ T8623] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 313.335694][ T8623] alloc_pages_mpol+0x1fb/0x550 [ 313.344397][ T8623] new_slab+0x23b/0x330 [ 313.348689][ T8623] ___slab_alloc+0xd9c/0x1940 [ 313.389265][ T8623] __slab_alloc.constprop.0+0x56/0xb0 [ 313.413321][ T8623] kmem_cache_alloc_noprof+0xef/0x3b0 [ 313.418863][ T8623] sk_prot_alloc+0x60/0x2a0 [ 313.463365][ T8623] sk_alloc+0x36/0xc20 [ 313.467577][ T8623] inet_create+0x3a1/0x1090 [ 313.472168][ T8623] __sock_create+0x338/0x8d0 [ 313.489329][ T8623] __sys_socket+0x14d/0x260 [ 313.500226][ T8623] __x64_sys_socket+0x72/0xb0 [ 313.510358][ T8623] do_syscall_64+0xcd/0x490 [ 313.518104][ T8623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.528126][ T8623] page last free pid 5819 tgid 5819 stack trace: [ 313.538851][ T8623] __free_frozen_pages+0x7fe/0x1180 [ 313.558460][ T8623] __folio_put+0x329/0x450 [ 313.568594][ T8623] skb_release_data+0x7fb/0x9c0 [ 313.588341][ T8623] __kfree_skb+0x4f/0x70 [ 313.626693][ T8623] tcp_ack+0x19b2/0x5c90 [ 313.631079][ T8623] tcp_rcv_established+0xda1/0x22e0 [ 313.648571][ T8623] tcp_v4_do_rcv+0x5ca/0xa90 [ 313.653343][ T8623] __release_sock+0x31b/0x400 [ 313.658215][ T8623] release_sock+0x5a/0x220 [ 313.662731][ T8623] tcp_sendmsg+0x38/0x50 [ 313.667329][ T8623] inet_sendmsg+0xb9/0x140 [ 313.671966][ T8623] sock_write_iter+0x4aa/0x5b0 [ 313.676888][ T8623] vfs_write+0x6c4/0x1150 [ 313.682055][ T8623] ksys_write+0x1f8/0x250 [ 313.688616][ T8623] do_syscall_64+0xcd/0x490 [ 313.693311][ T8623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.571348][ T1208] Process accounting resumed [ 315.630928][ T10] Process accounting resumed [ 316.112300][ T8672] sctp: failed to load transform for md5: -4 [ 318.769924][ T8725] netlink: 28 bytes leftover after parsing attributes in process `syz.3.528'. [ 319.054719][ T30] audit: type=1326 audit(4294967446.443:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8733 comm="syz.3.530" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7da538e929 code=0x0 [ 322.317999][ T8782] netlink: 28 bytes leftover after parsing attributes in process `syz.0.539'. [ 322.649328][ T8782] team0: Port device team_slave_1 removed [ 324.021208][ T8801] netlink: 10 bytes leftover after parsing attributes in process `syz.2.544'. [ 324.709391][ T8812] zswap: compressor not available [ 326.785362][ T8838] ecryptfs_parse_packet_length: Error parsing packet length [ 326.860221][ T8838] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 328.447118][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 328.456875][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.469260][ T8867] netlink: 13 bytes leftover after parsing attributes in process `syz.1.558'. [ 329.124439][ T8870] zswap: compressor not available [ 329.847559][ T8900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'. [ 330.402007][ T2153] Process accounting resumed [ 330.477067][ T10] Process accounting resumed [ 336.777814][ T2153] Process accounting resumed [ 337.379943][ T9013] FAULT_INJECTION: forcing a failure. [ 337.379943][ T9013] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 337.401048][ T9013] CPU: 1 UID: 0 PID: 9013 Comm: syz.3.586 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 337.401090][ T9013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 337.401107][ T9013] Call Trace: [ 337.401117][ T9013] [ 337.401129][ T9013] dump_stack_lvl+0x16c/0x1f0 [ 337.401184][ T9013] should_fail_ex+0x512/0x640 [ 337.401238][ T9013] _copy_to_user+0x32/0xd0 [ 337.401293][ T9013] simple_read_from_buffer+0xcb/0x170 [ 337.401338][ T9013] proc_fail_nth_read+0x197/0x270 [ 337.401378][ T9013] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.401428][ T9013] ? rw_verify_area+0xcf/0x680 [ 337.401469][ T9013] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.401507][ T9013] vfs_read+0x1e4/0xc60 [ 337.401558][ T9013] ? __pfx___mutex_lock+0x10/0x10 [ 337.401609][ T9013] ? __pfx_vfs_read+0x10/0x10 [ 337.401666][ T9013] ? __fget_files+0x20e/0x3c0 [ 337.401725][ T9013] ksys_read+0x12a/0x250 [ 337.401770][ T9013] ? __pfx_ksys_read+0x10/0x10 [ 337.401830][ T9013] do_syscall_64+0xcd/0x490 [ 337.401884][ T9013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.401918][ T9013] RIP: 0033:0x7f7da538d33c [ 337.401942][ T9013] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 337.401972][ T9013] RSP: 002b:00007f7da62ae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 337.402001][ T9013] RAX: ffffffffffffffda RBX: 00007f7da55b5fa0 RCX: 00007f7da538d33c [ 337.402020][ T9013] RDX: 000000000000000f RSI: 00007f7da62ae0a0 RDI: 0000000000000004 [ 337.402038][ T9013] RBP: 00007f7da62ae090 R08: 0000000000000000 R09: 0000000000000000 [ 337.402055][ T9013] R10: 000000000000413e R11: 0000000000000246 R12: 0000000000000001 [ 337.402072][ T9013] R13: 0000000000000000 R14: 00007f7da55b5fa0 R15: 00007ffd42627e88 [ 337.402112][ T9013] [ 337.586324][ C1] vkms_vblank_simulate: vblank timer overrun [ 338.562808][ T9029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78010 [ 338.766075][ T9029] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 338.810965][ T30] audit: type=1326 audit(4294967466.196:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9038 comm="syz.0.589" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa93cf8e929 code=0x0 [ 338.930124][ T9029] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 339.057892][ T9029] page_type: f5(slab) [ 339.062520][ T9029] raw: 00fff00000000040 ffff88801b842000 0000000000000000 dead000000000001 [ 339.116024][ T1208] Process accounting resumed [ 339.496369][ T9029] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 339.619283][ T9029] head: 00fff00000000040 ffff88801b842000 0000000000000000 dead000000000001 [ 339.749721][ T9029] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 339.823422][ T9029] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff [ 339.867034][ T9029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 339.875808][ T9029] page dumped because: unmovable page [ 339.966664][ T9029] page_owner tracks the page as allocated [ 339.972531][ T9029] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6643, tgid 6641 (syz.1.139), ts 177707326065, free_ts 175934046166 [ 340.086247][ T9029] post_alloc_hook+0x1c0/0x230 [ 340.093523][ T9029] get_page_from_freelist+0x1321/0x3890 [ 340.101243][ T9029] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 340.135730][ T9029] alloc_pages_mpol+0x1fb/0x550 [ 340.160549][ T9029] new_slab+0x23b/0x330 [ 340.164825][ T9029] ___slab_alloc+0xd9c/0x1940 [ 340.171624][ T9029] __slab_alloc.constprop.0+0x56/0xb0 [ 340.179328][ T9029] __kmalloc_cache_noprof+0xfb/0x3e0 [ 340.184734][ T9029] rxrpc_alloc_connection+0xa3/0x770 [ 340.192828][ T9029] rxrpc_prealloc_service_connection+0x26/0x390 [ 340.200181][ T9029] rxrpc_service_prealloc_one+0x2c7/0xfd0 [ 340.206002][ T9029] rxrpc_kernel_charge_accept+0xcd/0x110 [ 340.214732][ T9029] afs_charge_preallocation+0xc6/0x320 [ 340.220995][ T9029] afs_open_socket+0x323/0x400 [ 340.226115][ T9029] afs_net_init+0x825/0xb00 [ 340.231130][ T9029] ops_init+0x1df/0x5f0 [ 340.235381][ T9029] page last free pid 5831 tgid 5831 stack trace: [ 340.241944][ T9029] __free_frozen_pages+0x7fe/0x1180 [ 340.247523][ T9029] __put_partials+0x16d/0x1c0 [ 340.252291][ T9029] qlist_free_all+0x4d/0x120 [ 340.272365][ T9029] kasan_quarantine_reduce+0x195/0x1e0 [ 340.296848][ T9029] __kasan_slab_alloc+0x69/0x90 [ 340.301845][ T9029] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 340.307542][ T9029] vm_area_dup+0x27/0x8d0 [ 340.318378][ T9029] dup_mmap+0x877/0x21d0 [ 340.341310][ T9029] copy_process+0x4081/0x76a0 [ 340.421939][ T9029] kernel_clone+0xfc/0x960 [ 340.459816][ T9029] __do_sys_clone+0xce/0x120 [ 340.464521][ T9029] do_syscall_64+0xcd/0x490 [ 340.469495][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.299615][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.601'. [ 346.301899][ T9149] zswap: compressor not available [ 348.333680][ T5924] Process accounting resumed [ 352.047224][ T5150] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 353.263701][ T9272] zswap: compressor not available [ 353.477606][ T5880] Process accounting resumed [ 353.625568][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'. [ 354.038486][ T9296] FAULT_INJECTION: forcing a failure. [ 354.038486][ T9296] name failslab, interval 1, probability 0, space 0, times 0 [ 354.080741][ T9296] CPU: 0 UID: 0 PID: 9296 Comm: syz.1.634 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 354.080785][ T9296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 354.080803][ T9296] Call Trace: [ 354.080812][ T9296] [ 354.080823][ T9296] dump_stack_lvl+0x16c/0x1f0 [ 354.080877][ T9296] should_fail_ex+0x512/0x640 [ 354.080921][ T9296] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 354.080969][ T9296] should_failslab+0xc2/0x120 [ 354.080998][ T9296] __kmalloc_cache_noprof+0x6a/0x3e0 [ 354.081042][ T9296] ? alloc_pipe_info+0x10e/0x590 [ 354.081106][ T9296] alloc_pipe_info+0x10e/0x590 [ 354.081165][ T9296] splice_direct_to_actor+0x77d/0xa30 [ 354.081209][ T9296] ? __pfx_direct_splice_actor+0x10/0x10 [ 354.081255][ T9296] ? __pfx_aa_file_perm+0x10/0x10 [ 354.081300][ T9296] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 354.081339][ T9296] ? get_pid_task+0xfc/0x250 [ 354.081392][ T9296] do_splice_direct+0x174/0x240 [ 354.081433][ T9296] ? __pfx_do_splice_direct+0x10/0x10 [ 354.081475][ T9296] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 354.081521][ T9296] ? rw_verify_area+0xcf/0x680 [ 354.081565][ T9296] do_sendfile+0xb06/0xe50 [ 354.081616][ T9296] ? __pfx_do_sendfile+0x10/0x10 [ 354.081660][ T9296] ? __fget_files+0x20e/0x3c0 [ 354.081714][ T9296] __x64_sys_sendfile64+0x1d8/0x220 [ 354.081744][ T9296] ? ksys_write+0x1ac/0x250 [ 354.081788][ T9296] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 354.081825][ T9296] do_syscall_64+0xcd/0x490 [ 354.081877][ T9296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.081910][ T9296] RIP: 0033:0x7f5f63f8e929 [ 354.081934][ T9296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.081963][ T9296] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 354.081990][ T9296] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 354.082009][ T9296] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 354.082026][ T9296] RBP: 00007f5f64ded090 R08: 0000000000000000 R09: 0000000000000000 [ 354.082044][ T9296] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 354.082061][ T9296] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 354.082109][ T9296] [ 354.473808][ T9302] ubi0: attaching mtd0 [ 354.560182][ T9302] ubi0: scanning is finished [ 354.603911][ T9302] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 354.821456][ T9302] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 357.494309][ T1208] Process accounting resumed [ 358.102639][ T9357] netlink: 28 bytes leftover after parsing attributes in process `syz.3.646'. [ 358.275903][ T9365] netlink: 13832 bytes leftover after parsing attributes in process `syz.0.647'. [ 358.546874][ T9372] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 358.622527][ T9372] FAULT_INJECTION: forcing a failure. [ 358.622527][ T9372] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 358.717796][ T9372] CPU: 0 UID: 0 PID: 9372 Comm: syz.3.648 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 358.717839][ T9372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 358.717857][ T9372] Call Trace: [ 358.717869][ T9372] [ 358.717881][ T9372] dump_stack_lvl+0x16c/0x1f0 [ 358.717938][ T9372] should_fail_ex+0x512/0x640 [ 358.717993][ T9372] should_fail_alloc_page+0xe7/0x130 [ 358.718028][ T9372] prepare_alloc_pages+0x3c2/0x610 [ 358.718067][ T9372] ? rcu_is_watching+0x12/0xc0 [ 358.718105][ T9372] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 358.718160][ T9372] ? __lock_acquire+0xb8a/0x1c90 [ 358.718220][ T9372] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 358.718272][ T9372] ? do_raw_spin_lock+0x12c/0x2b0 [ 358.718324][ T9372] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 358.718376][ T9372] ? find_held_lock+0x2b/0x80 [ 358.718421][ T9372] ? __lock_acquire+0xb8a/0x1c90 [ 358.718464][ T9372] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 358.718518][ T9372] ? policy_nodemask+0xea/0x4e0 [ 358.718575][ T9372] alloc_pages_mpol+0x1fb/0x550 [ 358.718609][ T9372] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 358.718653][ T9372] folio_alloc_mpol_noprof+0x36/0x2f0 [ 358.718694][ T9372] shmem_alloc_folio+0x135/0x160 [ 358.718748][ T9372] shmem_alloc_and_add_folio+0x499/0xc20 [ 358.718806][ T9372] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 358.718860][ T9372] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 358.718917][ T9372] shmem_get_folio_gfp+0x67f/0x1600 [ 358.718976][ T9372] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 358.719028][ T9372] ? __lock_acquire+0x622/0x1c90 [ 358.719076][ T9372] shmem_fault+0x1fe/0xa30 [ 358.719127][ T9372] ? __pfx_shmem_fault+0x10/0x10 [ 358.719183][ T9372] ? __lock_acquire+0xb8a/0x1c90 [ 358.719237][ T9372] __do_fault+0x10a/0x490 [ 358.719288][ T9372] ? __pfx_filemap_map_pages+0x10/0x10 [ 358.719340][ T9372] __handle_mm_fault+0x374c/0x5490 [ 358.719396][ T9372] ? __pfx___handle_mm_fault+0x10/0x10 [ 358.719442][ T9372] ? __pte_offset_map_lock+0x174/0x310 [ 358.719477][ T9372] ? find_held_lock+0x2b/0x80 [ 358.719507][ T9372] ? find_held_lock+0x2b/0x80 [ 358.719550][ T9372] ? follow_page_pte+0x3af/0x14c0 [ 358.719597][ T9372] handle_mm_fault+0x589/0xd10 [ 358.719650][ T9372] __get_user_pages+0x589/0x3b80 [ 358.719705][ T9372] ? __pfx___get_user_pages+0x10/0x10 [ 358.719750][ T9372] ? __pfx_down_read_killable+0x10/0x10 [ 358.719787][ T9372] ? __lock_acquire+0xb8a/0x1c90 [ 358.719839][ T9372] faultin_page_range+0x249/0x980 [ 358.719889][ T9372] madvise_do_behavior+0x268/0x3f0 [ 358.719930][ T9372] ? __pfx_madvise_do_behavior+0x10/0x10 [ 358.719992][ T9372] do_madvise+0x161/0x230 [ 358.720027][ T9372] ? __pfx_do_madvise+0x10/0x10 [ 358.720083][ T9372] ? xfd_validate_state+0x61/0x180 [ 358.720124][ T9372] ? __pfx_do_writev+0x10/0x10 [ 358.720176][ T9372] __x64_sys_madvise+0xa9/0x110 [ 358.720211][ T9372] ? lockdep_hardirqs_on+0x7c/0x110 [ 358.720261][ T9372] do_syscall_64+0xcd/0x490 [ 358.720316][ T9372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.720351][ T9372] RIP: 0033:0x7f7da538e929 [ 358.720377][ T9372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.720408][ T9372] RSP: 002b:00007f7da62ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 358.720438][ T9372] RAX: ffffffffffffffda RBX: 00007f7da55b5fa0 RCX: 00007f7da538e929 [ 358.720460][ T9372] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 358.720479][ T9372] RBP: 00007f7da5410b39 R08: 0000000000000000 R09: 0000000000000000 [ 358.720497][ T9372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.720515][ T9372] R13: 0000000000000000 R14: 00007f7da55b5fa0 R15: 00007ffd42627e88 [ 358.720556][ T9372] [ 369.609143][ T5150] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 370.221661][ T30] audit: type=1326 audit(4294967497.591:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.3.678" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7da538e929 code=0x0 [ 372.060175][ T9561] FAULT_INJECTION: forcing a failure. [ 372.060175][ T9561] name failslab, interval 1, probability 0, space 0, times 0 [ 372.099465][ T9561] CPU: 1 UID: 0 PID: 9561 Comm: syz.3.682 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 372.099513][ T9561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 372.099532][ T9561] Call Trace: [ 372.099544][ T9561] [ 372.099556][ T9561] dump_stack_lvl+0x16c/0x1f0 [ 372.099625][ T9561] should_fail_ex+0x512/0x640 [ 372.099672][ T9561] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 372.099727][ T9561] should_failslab+0xc2/0x120 [ 372.099760][ T9561] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 372.099813][ T9561] ? __kernfs_new_node+0xd2/0x8e0 [ 372.099865][ T9561] __kernfs_new_node+0xd2/0x8e0 [ 372.099916][ T9561] ? __pfx___kernfs_new_node+0x10/0x10 [ 372.099975][ T9561] ? find_held_lock+0x2b/0x80 [ 372.100010][ T9561] ? kernfs_root+0xee/0x2a0 [ 372.100066][ T9561] kernfs_new_node+0x13c/0x1e0 [ 372.100125][ T9561] __kernfs_create_file+0x53/0x350 [ 372.100168][ T9561] sysfs_add_file_mode_ns+0x207/0x3c0 [ 372.100224][ T9561] internal_create_group+0x578/0xf30 [ 372.100285][ T9561] ? __pfx_internal_create_group+0x10/0x10 [ 372.100342][ T9561] ? kernfs_create_link+0x1bd/0x240 [ 372.100387][ T9561] internal_create_groups+0x9d/0x150 [ 372.100440][ T9561] device_add+0x77f/0x1a70 [ 372.100480][ T9561] ? __pfx_device_add+0x10/0x10 [ 372.100514][ T9561] ? lockdep_init_map_type+0x5c/0x280 [ 372.100562][ T9561] ? __init_waitqueue_head+0xca/0x150 [ 372.100634][ T9561] netdev_register_kobject+0x182/0x3a0 [ 372.100679][ T9561] register_netdevice+0x13dc/0x2270 [ 372.100718][ T9561] ? idr_alloc+0xdd/0x130 [ 372.100765][ T9561] ? __pfx_register_netdevice+0x10/0x10 [ 372.100812][ T9561] ppp_dev_configure+0x99b/0xc80 [ 372.100863][ T9561] ppp_ioctl+0x17e0/0x2660 [ 372.100906][ T9561] ? find_held_lock+0x2b/0x80 [ 372.100938][ T9561] ? __pfx_ppp_ioctl+0x10/0x10 [ 372.100985][ T9561] ? __fget_files+0x20e/0x3c0 [ 372.101039][ T9561] ? __pfx_ppp_ioctl+0x10/0x10 [ 372.101081][ T9561] __x64_sys_ioctl+0x18b/0x210 [ 372.101124][ T9561] do_syscall_64+0xcd/0x490 [ 372.101187][ T9561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.101222][ T9561] RIP: 0033:0x7f7da538e929 [ 372.101248][ T9561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.101280][ T9561] RSP: 002b:00007f7da62ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 372.101310][ T9561] RAX: ffffffffffffffda RBX: 00007f7da55b5fa0 RCX: 00007f7da538e929 [ 372.101332][ T9561] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000009 [ 372.101351][ T9561] RBP: 00007f7da5410b39 R08: 0000000000000000 R09: 0000000000000000 [ 372.101371][ T9561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.101390][ T9561] R13: 0000000000000000 R14: 00007f7da55b5fa0 R15: 00007ffd42627e88 [ 372.101432][ T9561] [ 373.100891][ T5880] Process accounting resumed [ 376.617212][ T9628] FAULT_INJECTION: forcing a failure. [ 376.617212][ T9628] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 376.698450][ T9628] CPU: 1 UID: 0 PID: 9628 Comm: syz.1.694 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 376.698494][ T9628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 376.698511][ T9628] Call Trace: [ 376.698521][ T9628] [ 376.698533][ T9628] dump_stack_lvl+0x16c/0x1f0 [ 376.698587][ T9628] should_fail_ex+0x512/0x640 [ 376.698639][ T9628] _copy_to_user+0x32/0xd0 [ 376.698690][ T9628] simple_read_from_buffer+0xcb/0x170 [ 376.698734][ T9628] proc_fail_nth_read+0x197/0x270 [ 376.698778][ T9628] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 376.698818][ T9628] ? rw_verify_area+0xcf/0x680 [ 376.698858][ T9628] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 376.698894][ T9628] vfs_read+0x1e4/0xc60 [ 376.698942][ T9628] ? __pfx___mutex_lock+0x10/0x10 [ 376.698991][ T9628] ? __pfx_vfs_read+0x10/0x10 [ 376.699046][ T9628] ? __fget_files+0x20e/0x3c0 [ 376.699101][ T9628] ksys_read+0x12a/0x250 [ 376.699151][ T9628] ? __pfx_ksys_read+0x10/0x10 [ 376.699208][ T9628] do_syscall_64+0xcd/0x490 [ 376.699261][ T9628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.699293][ T9628] RIP: 0033:0x7f5f63f8d33c [ 376.699317][ T9628] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 376.699347][ T9628] RSP: 002b:00007f5f64ded030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 376.699375][ T9628] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8d33c [ 376.699394][ T9628] RDX: 000000000000000f RSI: 00007f5f64ded0a0 RDI: 0000000000000004 [ 376.699494][ T9628] RBP: 00007f5f64ded090 R08: 0000000000000000 R09: 0000000000000000 [ 376.699523][ T9628] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 376.699542][ T9628] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 376.699587][ T9628] [ 379.687988][ T9661] FAULT_INJECTION: forcing a failure. [ 379.687988][ T9661] name failslab, interval 1, probability 0, space 0, times 0 [ 379.700838][ T9661] CPU: 0 UID: 0 PID: 9661 Comm: syz.3.700 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 379.700884][ T9661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 379.700901][ T9661] Call Trace: [ 379.700910][ T9661] [ 379.700921][ T9661] dump_stack_lvl+0x16c/0x1f0 [ 379.700975][ T9661] should_fail_ex+0x512/0x640 [ 379.701021][ T9661] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 379.701075][ T9661] should_failslab+0xc2/0x120 [ 379.701105][ T9661] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 379.701158][ T9661] ? __pfx_stack_trace_save+0x10/0x10 [ 379.701192][ T9661] ? __alloc_skb+0x2b2/0x380 [ 379.701245][ T9661] __alloc_skb+0x2b2/0x380 [ 379.701289][ T9661] ? __pfx___alloc_skb+0x10/0x10 [ 379.701343][ T9661] ? __lock_acquire+0xb8a/0x1c90 [ 379.701391][ T9661] netlink_alloc_large_skb+0x69/0x130 [ 379.701429][ T9661] netlink_sendmsg+0x6a1/0xdd0 [ 379.701471][ T9661] ? __pfx_netlink_sendmsg+0x10/0x10 [ 379.701521][ T9661] ____sys_sendmsg+0xa98/0xc70 [ 379.701560][ T9661] ? copy_msghdr_from_user+0x10a/0x160 [ 379.701609][ T9661] ? __pfx_____sys_sendmsg+0x10/0x10 [ 379.701642][ T9661] ? lockdep_hardirqs_on+0x7c/0x110 [ 379.701696][ T9661] ? kfree+0x2b4/0x4d0 [ 379.701751][ T9661] ? __pfx__kstrtoull+0x10/0x10 [ 379.701787][ T9661] ? ___sys_sendmsg+0x141/0x1d0 [ 379.701843][ T9661] ___sys_sendmsg+0x134/0x1d0 [ 379.701899][ T9661] ? __pfx____sys_sendmsg+0x10/0x10 [ 379.701988][ T9661] ? __pfx___might_resched+0x10/0x10 [ 379.702031][ T9661] __sys_sendmmsg+0x200/0x420 [ 379.702086][ T9661] ? __pfx___sys_sendmmsg+0x10/0x10 [ 379.702152][ T9661] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 379.702222][ T9661] ? fput+0x70/0xf0 [ 379.702251][ T9661] ? ksys_write+0x1ac/0x250 [ 379.702297][ T9661] ? __pfx_ksys_write+0x10/0x10 [ 379.702350][ T9661] __x64_sys_sendmmsg+0x9c/0x100 [ 379.702399][ T9661] ? lockdep_hardirqs_on+0x7c/0x110 [ 379.702447][ T9661] do_syscall_64+0xcd/0x490 [ 379.702500][ T9661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.702533][ T9661] RIP: 0033:0x7f7da538e929 [ 379.702557][ T9661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.702587][ T9661] RSP: 002b:00007f7da62ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 379.702616][ T9661] RAX: ffffffffffffffda RBX: 00007f7da55b5fa0 RCX: 00007f7da538e929 [ 379.702635][ T9661] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 379.702653][ T9661] RBP: 00007f7da62ae090 R08: 0000000000000000 R09: 0000000000000000 [ 379.702671][ T9661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 379.702689][ T9661] R13: 0000000000000000 R14: 00007f7da55b5fa0 R15: 00007ffd42627e88 [ 379.702728][ T9661] [ 380.192956][ T30] audit: type=1326 audit(4294967507.556:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9664 comm="syz.0.702" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa93cf8e929 code=0x0 [ 380.282523][ T9670] FAULT_INJECTION: forcing a failure. [ 380.282523][ T9670] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 380.295980][ T9670] CPU: 0 UID: 0 PID: 9670 Comm: syz.3.704 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 380.296018][ T9670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 380.296035][ T9670] Call Trace: [ 380.296045][ T9670] [ 380.296056][ T9670] dump_stack_lvl+0x16c/0x1f0 [ 380.296105][ T9670] should_fail_ex+0x512/0x640 [ 380.296149][ T9670] should_fail_alloc_page+0xe7/0x130 [ 380.296178][ T9670] prepare_alloc_pages+0x3c2/0x610 [ 380.296216][ T9670] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 380.296260][ T9670] ? copy_splice_read+0x1a8/0xba0 [ 380.296293][ T9670] ? stack_trace_save+0x8e/0xc0 [ 380.296338][ T9670] ? __pfx_stack_trace_save+0x10/0x10 [ 380.296373][ T9670] ? stack_depot_save_flags+0x28/0xa40 [ 380.296429][ T9670] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 380.296473][ T9670] ? kasan_save_stack+0x33/0x60 [ 380.296515][ T9670] ? __kasan_kmalloc+0xaa/0xb0 [ 380.296562][ T9670] ? copy_splice_read+0x1a8/0xba0 [ 380.296597][ T9670] ? do_splice_read+0x285/0x370 [ 380.296631][ T9670] ? splice_direct_to_actor+0x2a1/0xa30 [ 380.296667][ T9670] ? do_splice_direct+0x174/0x240 [ 380.296702][ T9670] ? do_sendfile+0xb06/0xe50 [ 380.296741][ T9670] ? __x64_sys_sendfile64+0x1d8/0x220 [ 380.296767][ T9670] ? do_syscall_64+0xcd/0x490 [ 380.296857][ T9670] alloc_pages_bulk_noprof+0x71c/0x1410 [ 380.296927][ T9670] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 380.296986][ T9670] ? trace_kmalloc+0x2b/0xd0 [ 380.297016][ T9670] ? __kmalloc_noprof+0x242/0x510 [ 380.297123][ T9670] copy_splice_read+0x1e1/0xba0 [ 380.297176][ T9670] ? __pfx_copy_splice_read+0x10/0x10 [ 380.297222][ T9670] ? look_up_lock_class+0x59/0x150 [ 380.297274][ T9670] ? lockdep_init_map_type+0x5c/0x280 [ 380.297319][ T9670] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 380.297367][ T9670] ? __pfx_copy_splice_read+0x10/0x10 [ 380.297407][ T9670] do_splice_read+0x285/0x370 [ 380.297452][ T9670] splice_direct_to_actor+0x2a1/0xa30 [ 380.297498][ T9670] ? __pfx_direct_splice_actor+0x10/0x10 [ 380.297547][ T9670] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 380.297587][ T9670] ? get_pid_task+0xfc/0x250 [ 380.297641][ T9670] do_splice_direct+0x174/0x240 [ 380.297683][ T9670] ? __pfx_do_splice_direct+0x10/0x10 [ 380.297727][ T9670] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 380.297776][ T9670] ? rw_verify_area+0xcf/0x680 [ 380.297866][ T9670] do_sendfile+0xb06/0xe50 [ 380.297918][ T9670] ? __pfx_do_sendfile+0x10/0x10 [ 380.297964][ T9670] ? __fget_files+0x20e/0x3c0 [ 380.298020][ T9670] __x64_sys_sendfile64+0x1d8/0x220 [ 380.298057][ T9670] ? ksys_write+0x1ac/0x250 [ 380.298103][ T9670] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 380.298148][ T9670] do_syscall_64+0xcd/0x490 [ 380.298204][ T9670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.298239][ T9670] RIP: 0033:0x7f7da538e929 [ 380.298265][ T9670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 380.298295][ T9670] RSP: 002b:00007f7da62ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 380.298331][ T9670] RAX: ffffffffffffffda RBX: 00007f7da55b5fa0 RCX: 00007f7da538e929 [ 380.298351][ T9670] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 380.298369][ T9670] RBP: 00007f7da62ae090 R08: 0000000000000000 R09: 0000000000000000 [ 380.298387][ T9670] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 380.298405][ T9670] R13: 0000000000000000 R14: 00007f7da55b5fa0 R15: 00007ffd42627e88 [ 380.298445][ T9670] [ 381.955406][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 381.962056][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.976605][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 381.984163][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.995584][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.002166][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.012262][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.020180][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.848480][ T9698] random: crng reseeded on system resumption [ 384.230571][ T30] audit: type=1326 audit(4294967511.594:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9713 comm="syz.3.715" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7da538e929 code=0x0 [ 385.247448][ T1208] Process accounting resumed [ 386.186821][ T9744] sctp: [Deprecated]: syz.1.720 (pid 9744) Use of int in maxseg socket option. [ 386.186821][ T9744] Use struct sctp_assoc_value instead [ 386.604653][ T9751] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[9751] [ 386.734159][ T9751] FAULT_INJECTION: forcing a failure. [ 386.734159][ T9751] name fail_futex, interval 1, probability 0, space 0, times 0 [ 386.789218][ T9751] CPU: 1 UID: 0 PID: 9751 Comm: syz.1.722 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 386.789318][ T9751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 386.789336][ T9751] Call Trace: [ 386.789346][ T9751] [ 386.789359][ T9751] dump_stack_lvl+0x16c/0x1f0 [ 386.789414][ T9751] should_fail_ex+0x512/0x640 [ 386.789477][ T9751] get_futex_key+0x1d0/0x1540 [ 386.789521][ T9751] ? do_syscall_64+0x3f6/0x490 [ 386.789570][ T9751] ? __pfx_get_futex_key+0x10/0x10 [ 386.789622][ T9751] futex_wake+0xea/0x530 [ 386.789670][ T9751] ? __pfx_futex_wake+0x10/0x10 [ 386.789734][ T9751] do_futex+0x1e3/0x350 [ 386.789777][ T9751] ? __pfx_do_futex+0x10/0x10 [ 386.789819][ T9751] ? __pfx___might_resched+0x10/0x10 [ 386.789856][ T9751] __x64_sys_futex+0x1e0/0x4c0 [ 386.789895][ T9751] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 386.789935][ T9751] ? __pfx___x64_sys_futex+0x10/0x10 [ 386.789974][ T9751] ? xfd_validate_state+0x61/0x180 [ 386.790027][ T9751] do_syscall_64+0xcd/0x490 [ 386.790078][ T9751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 386.790110][ T9751] RIP: 0033:0x7f5f63f8e929 [ 386.790134][ T9751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 386.790165][ T9751] RSP: 002b:00007f5f64ded0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 386.790195][ T9751] RAX: ffffffffffffffda RBX: 00007f5f641b5fa8 RCX: 00007f5f63f8e929 [ 386.790216][ T9751] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5f641b5fac [ 386.790237][ T9751] RBP: 00007f5f641b5fa0 R08: 00007f5f64dee000 R09: 0000000000000000 [ 386.790257][ T9751] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f5f641b5fac [ 386.790278][ T9751] R13: 0000000000000000 R14: 00007ffc3cc38820 R15: 00007ffc3cc38908 [ 386.790328][ T9751] [ 387.426429][ T9763] sp0: Synchronizing with TNC [ 388.790013][ T9774] zswap: compressor not available [ 389.365065][ T9788] FAULT_INJECTION: forcing a failure. [ 389.365065][ T9788] name failslab, interval 1, probability 0, space 0, times 0 [ 389.401969][ T9788] CPU: 1 UID: 0 PID: 9788 Comm: syz.2.730 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 389.402012][ T9788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 389.402029][ T9788] Call Trace: [ 389.402039][ T9788] [ 389.402051][ T9788] dump_stack_lvl+0x16c/0x1f0 [ 389.402105][ T9788] should_fail_ex+0x512/0x640 [ 389.402157][ T9788] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 389.402203][ T9788] should_failslab+0xc2/0x120 [ 389.402233][ T9788] __kmalloc_cache_noprof+0x6a/0x3e0 [ 389.402276][ T9788] ? alloc_pipe_info+0x10e/0x590 [ 389.402332][ T9788] alloc_pipe_info+0x10e/0x590 [ 389.402386][ T9788] splice_direct_to_actor+0x77d/0xa30 [ 389.402431][ T9788] ? __pfx_direct_splice_actor+0x10/0x10 [ 389.402478][ T9788] ? __pfx_aa_file_perm+0x10/0x10 [ 389.402522][ T9788] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 389.402562][ T9788] ? get_pid_task+0xfc/0x250 [ 389.402615][ T9788] do_splice_direct+0x174/0x240 [ 389.402658][ T9788] ? __pfx_do_splice_direct+0x10/0x10 [ 389.402701][ T9788] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 389.402749][ T9788] ? rw_verify_area+0xcf/0x680 [ 389.402794][ T9788] do_sendfile+0xb06/0xe50 [ 389.402845][ T9788] ? __pfx_do_sendfile+0x10/0x10 [ 389.402889][ T9788] ? __fget_files+0x20e/0x3c0 [ 389.402943][ T9788] __x64_sys_sendfile64+0x1d8/0x220 [ 389.402973][ T9788] ? ksys_write+0x1ac/0x250 [ 389.403017][ T9788] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 389.403059][ T9788] do_syscall_64+0xcd/0x490 [ 389.403114][ T9788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.403153][ T9788] RIP: 0033:0x7fc01778e929 [ 389.403178][ T9788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.403210][ T9788] RSP: 002b:00007fc018608038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 389.403239][ T9788] RAX: ffffffffffffffda RBX: 00007fc0179b5fa0 RCX: 00007fc01778e929 [ 389.403258][ T9788] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 389.403275][ T9788] RBP: 00007fc018608090 R08: 0000000000000000 R09: 0000000000000000 [ 389.403292][ T9788] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 389.403309][ T9788] R13: 0000000000000000 R14: 00007fc0179b5fa0 R15: 00007ffc645d84c8 [ 389.403348][ T9788] [ 389.941263][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.947718][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.951553][ T9756] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 389.994325][ T9756] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 390.000564][ T9756] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 390.015636][ T9756] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 390.210096][ T30] audit: type=1326 audit(4294967517.571:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.2.731" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc01778e929 code=0x0 [ 390.240601][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 392.082508][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 392.088719][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 392.093147][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 392.701286][ T30] audit: type=1800 audit(4294967520.059:25): pid=9830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.740" name="dbroot" dev="configfs" ino=20056 res=0 errno=0 [ 392.727974][ T9830] db_root: not a directory: /dev/audio1 [ 393.166745][ T9826] zswap: compressor not available [ 397.559445][ T10] Process accounting resumed [ 397.625533][ T9892] QAT: failed to copy from user cfg_data. [ 397.913559][ T9900] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 397.925676][ T9900] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 398.510587][ T9897] zswap: compressor not available [ 399.416243][ T10] Process accounting resumed [ 402.140209][ T5924] Process accounting resumed [ 403.938276][ T2153] Process accounting resumed [ 403.952404][ T1208] Process accounting resumed [ 405.306382][ T9994] FAULT_INJECTION: forcing a failure. [ 405.306382][ T9994] name failslab, interval 1, probability 0, space 0, times 0 [ 405.390450][ T9994] CPU: 1 UID: 0 PID: 9994 Comm: syz.1.766 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 405.390497][ T9994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 405.390517][ T9994] Call Trace: [ 405.390527][ T9994] [ 405.390540][ T9994] dump_stack_lvl+0x16c/0x1f0 [ 405.390600][ T9994] should_fail_ex+0x512/0x640 [ 405.390648][ T9994] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 405.390698][ T9994] should_failslab+0xc2/0x120 [ 405.390731][ T9994] __kmalloc_cache_noprof+0x6a/0x3e0 [ 405.390777][ T9994] ? mpi_alloc+0x46/0x230 [ 405.390816][ T9994] ? mpi_normalize+0xc9/0x100 [ 405.390854][ T9994] mpi_alloc+0x46/0x230 [ 405.390894][ T9994] rsa_check_payload+0x3b/0xc0 [ 405.390947][ T9994] rsa_enc+0x198/0x3b0 [ 405.391000][ T9994] ? __pfx_rsa_enc+0x10/0x10 [ 405.391059][ T9994] ? __virt_addr_valid+0x81/0x610 [ 405.391093][ T9994] ? __phys_addr+0xe8/0x180 [ 405.391127][ T9994] ? sg_init_one+0xf5/0x1b0 [ 405.391174][ T9994] rsassa_pkcs1_verify+0x4ff/0xb60 [ 405.391224][ T9994] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 405.391282][ T9994] ? rsa_max_size+0xd/0x70 [ 405.391330][ T9994] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 405.391372][ T9994] public_key_verify_signature+0x672/0x970 [ 405.391421][ T9994] ? __pfx_public_key_verify_signature+0x10/0x10 [ 405.391499][ T9994] x509_check_for_self_signed+0x31a/0x500 [ 405.391551][ T9994] x509_cert_parse+0x5f8/0x900 [ 405.391589][ T9994] ? kasan_save_stack+0x42/0x60 [ 405.391635][ T9994] ? kasan_save_stack+0x33/0x60 [ 405.391680][ T9994] ? kasan_save_track+0x14/0x30 [ 405.391730][ T9994] pkcs7_extract_cert+0xa4/0x320 [ 405.391782][ T9994] asn1_ber_decoder+0xc5f/0x1df0 [ 405.391853][ T9994] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 405.391938][ T9994] pkcs7_parse_message+0x288/0x720 [ 405.391993][ T9994] verify_pkcs7_signature+0x30/0xa0 [ 405.392041][ T9994] valid_regdb+0x215/0x590 [ 405.392080][ T9994] ? __pfx___mutex_lock+0x10/0x10 [ 405.392136][ T9994] ? __pfx_valid_regdb+0x10/0x10 [ 405.392181][ T9994] reg_reload_regdb+0x11e/0x460 [ 405.392224][ T9994] ? __pfx_reg_reload_regdb+0x10/0x10 [ 405.392266][ T9994] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 405.392315][ T9994] ? nl80211_pre_doit+0x1b0/0xb10 [ 405.392371][ T9994] genl_family_rcv_msg_doit+0x209/0x2f0 [ 405.392420][ T9994] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 405.392461][ T9994] ? rcu_is_watching+0x12/0xc0 [ 405.392509][ T9994] ? bpf_lsm_capable+0x9/0x10 [ 405.392549][ T9994] ? security_capable+0x7e/0x260 [ 405.392613][ T9994] genl_rcv_msg+0x55c/0x800 [ 405.392661][ T9994] ? __pfx_genl_rcv_msg+0x10/0x10 [ 405.392704][ T9994] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 405.392753][ T9994] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 405.392791][ T9994] ? __pfx_nl80211_post_doit+0x10/0x10 [ 405.392859][ T9994] netlink_rcv_skb+0x158/0x420 [ 405.392896][ T9994] ? __pfx_genl_rcv_msg+0x10/0x10 [ 405.392941][ T9994] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 405.392996][ T9994] ? netlink_deliver_tap+0x1ae/0xd30 [ 405.393044][ T9994] genl_rcv+0x28/0x40 [ 405.393082][ T9994] netlink_unicast+0x53d/0x7f0 [ 405.393124][ T9994] ? __pfx_netlink_unicast+0x10/0x10 [ 405.393173][ T9994] netlink_sendmsg+0x8d1/0xdd0 [ 405.393218][ T9994] ? __pfx_netlink_sendmsg+0x10/0x10 [ 405.393273][ T9994] ____sys_sendmsg+0xa98/0xc70 [ 405.393315][ T9994] ? copy_msghdr_from_user+0x10a/0x160 [ 405.393368][ T9994] ? __pfx_____sys_sendmsg+0x10/0x10 [ 405.393417][ T9994] ? __pfx_futex_wake_mark+0x10/0x10 [ 405.393472][ T9994] ___sys_sendmsg+0x134/0x1d0 [ 405.393525][ T9994] ? __pfx____sys_sendmsg+0x10/0x10 [ 405.393572][ T9994] ? __lock_acquire+0x622/0x1c90 [ 405.393667][ T9994] __sys_sendmsg+0x16d/0x220 [ 405.393722][ T9994] ? __pfx___sys_sendmsg+0x10/0x10 [ 405.393775][ T9994] ? __x64_sys_futex+0x1e0/0x4c0 [ 405.393842][ T9994] do_syscall_64+0xcd/0x490 [ 405.393902][ T9994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.393938][ T9994] RIP: 0033:0x7f5f63f8e929 [ 405.393965][ T9994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.394000][ T9994] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 405.394039][ T9994] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 405.394062][ T9994] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 405.394083][ T9994] RBP: 00007f5f64010b39 R08: 0000000000000000 R09: 0000000000000000 [ 405.394104][ T9994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 405.394124][ T9994] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 405.394166][ T9994] [ 409.751639][T10052] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 410.511738][ T5880] Process accounting resumed [ 414.231891][T10083] netlink: 28 bytes leftover after parsing attributes in process `syz.1.782'. [ 415.444616][T10116] netlink: 330 bytes leftover after parsing attributes in process `syz.3.787'. [ 416.854662][T10129] netlink: 25 bytes leftover after parsing attributes in process `syz.0.790'. [ 420.803060][ T5880] Process accounting resumed [ 428.206985][T10316] netlink: 28 bytes leftover after parsing attributes in process `syz.1.819'. [ 431.024326][T10361] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 431.226137][T10364] FAULT_INJECTION: forcing a failure. [ 431.226137][T10364] name failslab, interval 1, probability 0, space 0, times 0 [ 431.278699][T10364] CPU: 1 UID: 0 PID: 10364 Comm: syz.2.827 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 431.278742][T10364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 431.278760][T10364] Call Trace: [ 431.278770][T10364] [ 431.278782][T10364] dump_stack_lvl+0x16c/0x1f0 [ 431.278837][T10364] should_fail_ex+0x512/0x640 [ 431.278883][T10364] ? __kvmalloc_node_noprof+0x124/0x620 [ 431.278937][T10364] should_failslab+0xc2/0x120 [ 431.278969][T10364] __kvmalloc_node_noprof+0x137/0x620 [ 431.279017][T10364] ? alloc_pages_bulk_noprof+0xa67/0x1410 [ 431.279064][T10364] ? seq_read_iter+0x826/0x12c0 [ 431.279113][T10364] ? seq_read_iter+0x826/0x12c0 [ 431.279150][T10364] seq_read_iter+0x826/0x12c0 [ 431.279191][T10364] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 431.279255][T10364] kernfs_fop_read_iter+0x40f/0x5a0 [ 431.279299][T10364] copy_splice_read+0x615/0xba0 [ 431.279347][T10364] ? __mutex_lock+0x1ca/0xb90 [ 431.279401][T10364] ? __pfx_copy_splice_read+0x10/0x10 [ 431.279447][T10364] ? __pfx___mutex_lock+0x10/0x10 [ 431.279509][T10364] ? __fget_files+0x204/0x3c0 [ 431.279557][T10364] ? __pfx_copy_splice_read+0x10/0x10 [ 431.279607][T10364] do_splice_read+0x285/0x370 [ 431.279652][T10364] splice_file_to_pipe+0x109/0x120 [ 431.279702][T10364] do_sendfile+0x400/0xe50 [ 431.279756][T10364] ? __pfx_do_sendfile+0x10/0x10 [ 431.279802][T10364] ? __fget_files+0x20e/0x3c0 [ 431.279858][T10364] __x64_sys_sendfile64+0x1d8/0x220 [ 431.279888][T10364] ? ksys_write+0x1ac/0x250 [ 431.279935][T10364] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 431.279981][T10364] do_syscall_64+0xcd/0x490 [ 431.280036][T10364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.280069][T10364] RIP: 0033:0x7fc01778e929 [ 431.280095][T10364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.280125][T10364] RSP: 002b:00007fc018608038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 431.280155][T10364] RAX: ffffffffffffffda RBX: 00007fc0179b5fa0 RCX: 00007fc01778e929 [ 431.280177][T10364] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 431.280197][T10364] RBP: 00007fc018608090 R08: 0000000000000000 R09: 0000000000000000 [ 431.280217][T10364] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001 [ 431.280236][T10364] R13: 0000000000000000 R14: 00007fc0179b5fa0 R15: 00007ffc645d84c8 [ 431.280279][T10364] [ 432.294221][T10366] GUP no longer grows the stack in syz.1.828 (10366): 14000-401000 (4000) [ 432.324962][T10366] CPU: 0 UID: 0 PID: 10366 Comm: syz.1.828 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 432.325008][T10366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 432.325027][T10366] Call Trace: [ 432.325037][T10366] [ 432.325049][T10366] dump_stack_lvl+0x16c/0x1f0 [ 432.325105][T10366] gup_vma_lookup+0x1d2/0x220 [ 432.325141][T10366] __get_user_pages+0x271/0x3b80 [ 432.325188][T10366] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 432.325241][T10366] ? kasan_save_stack+0x42/0x60 [ 432.325288][T10366] ? __pfx___get_user_pages+0x10/0x10 [ 432.325326][T10366] ? register_lock_class+0x41/0x4c0 [ 432.325372][T10366] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 432.325426][T10366] ? do_syscall_64+0xcd/0x490 [ 432.325491][T10366] __gup_longterm_locked+0x20d/0x1840 [ 432.325533][T10366] ? __lock_acquire+0xb8a/0x1c90 [ 432.325585][T10366] ? __pfx___gup_longterm_locked+0x10/0x10 [ 432.325645][T10366] pin_user_pages_remote+0xed/0x140 [ 432.325687][T10366] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 432.325724][T10366] ? mm_access+0x22d/0x2e0 [ 432.325776][T10366] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 432.325860][T10366] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 432.325921][T10366] ? iovec_from_user+0xbb/0x140 [ 432.325994][T10366] ? iovec_from_user+0xbb/0x140 [ 432.326051][T10366] process_vm_rw+0x216/0x2c0 [ 432.326109][T10366] ? __pfx_process_vm_rw+0x10/0x10 [ 432.326216][T10366] ? xfd_validate_state+0x61/0x180 [ 432.326267][T10366] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 432.326325][T10366] ? do_syscall_64+0x91/0x490 [ 432.326377][T10366] ? lockdep_hardirqs_on+0x7c/0x110 [ 432.326427][T10366] do_syscall_64+0xcd/0x490 [ 432.326483][T10366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.326517][T10366] RIP: 0033:0x7f5f63f8e929 [ 432.326545][T10366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.326578][T10366] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 432.326610][T10366] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 432.326633][T10366] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000340 [ 432.326655][T10366] RBP: 00007f5f64010b39 R08: 0000000000000003 R09: 0000000000000000 [ 432.326676][T10366] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 432.326697][T10366] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 432.326741][T10366] [ 434.592975][T10407] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 438.222356][T10463] syz_tun: tun_chr_ioctl cmd 1074025681 [ 439.961793][T10506] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 440.575067][T10519] netlink: 13832 bytes leftover after parsing attributes in process `syz.1.856'. [ 442.963753][T10527] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 442.978526][T10527] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 443.006872][T10527] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 443.028154][T10527] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 443.458330][ T5150] Bluetooth: hci0: command 0x0c1a tx timeout [ 444.353131][T10572] netlink: 28 bytes leftover after parsing attributes in process `syz.2.864'. [ 444.546413][T10574] netlink: 'syz.2.864': attribute type 11 has an invalid length. [ 445.059121][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 445.059142][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 445.059191][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 446.205595][T10589] FAULT_INJECTION: forcing a failure. [ 446.205595][T10589] name failslab, interval 1, probability 0, space 0, times 0 [ 446.255553][T10589] CPU: 1 UID: 0 PID: 10589 Comm: syz.0.869 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 446.255611][T10589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 446.255631][T10589] Call Trace: [ 446.255642][T10589] [ 446.255654][T10589] dump_stack_lvl+0x16c/0x1f0 [ 446.255710][T10589] should_fail_ex+0x512/0x640 [ 446.255757][T10589] ? fs_reclaim_acquire+0xae/0x150 [ 446.255800][T10589] ? security_inode_init_security+0x13f/0x390 [ 446.255850][T10589] should_failslab+0xc2/0x120 [ 446.255925][T10589] __kmalloc_noprof+0xd2/0x510 [ 446.255983][T10589] security_inode_init_security+0x13f/0x390 [ 446.256036][T10589] ? __pfx_shmem_initxattrs+0x10/0x10 [ 446.256081][T10589] ? __pfx_security_inode_init_security+0x10/0x10 [ 446.256157][T10589] ? shmem_get_inode+0x73a/0xfb0 [ 446.256202][T10589] shmem_symlink+0x135/0x9f0 [ 446.256260][T10589] ? __pfx_shmem_symlink+0x10/0x10 [ 446.256312][T10589] ? bpf_lsm_inode_permission+0x9/0x10 [ 446.256344][T10589] ? security_inode_permission+0xbf/0x260 [ 446.256388][T10589] ? inode_permission+0x156/0x630 [ 446.256431][T10589] vfs_symlink+0x400/0x680 [ 446.256478][T10589] do_symlinkat+0x261/0x310 [ 446.256535][T10589] ? __pfx_do_symlinkat+0x10/0x10 [ 446.256598][T10589] ? getname_flags.part.0+0x1c5/0x550 [ 446.256646][T10589] __x64_sys_symlink+0x75/0x90 [ 446.256703][T10589] do_syscall_64+0xcd/0x490 [ 446.256763][T10589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.256798][T10589] RIP: 0033:0x7fa93cf8e929 [ 446.256826][T10589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.256859][T10589] RSP: 002b:00007fa93ddc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 446.256892][T10589] RAX: ffffffffffffffda RBX: 00007fa93d1b5fa0 RCX: 00007fa93cf8e929 [ 446.256915][T10589] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 446.256935][T10589] RBP: 00007fa93d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 446.256957][T10589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.256977][T10589] R13: 0000000000000000 R14: 00007fa93d1b5fa0 R15: 00007ffc0c48a408 [ 446.257022][T10589] [ 447.152194][T10606] ubi0: attaching mtd0 [ 447.291754][T10606] ubi0: scanning is finished [ 447.345277][T10606] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 447.939642][T10606] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 451.393318][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 451.399794][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 453.505734][T10674] zswap: compressor not available [ 454.389588][T10698] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1868854125.115.0), cmd(1) [ 454.599766][T10697] netlink: 'syz.0.889': attribute type 2 has an invalid length. [ 455.814661][ T30] audit: type=1804 audit(4294967310.894:26): pid=10710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.893" name="/newroot/221/file0" dev="tmpfs" ino=1177 res=1 errno=0 [ 455.871313][ T30] audit: type=1800 audit(4294967310.894:27): pid=10710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.893" name="file0" dev="tmpfs" ino=1177 res=0 errno=0 [ 457.987490][T10735] mkiss: ax0: crc mode is auto. [ 461.404261][ T30] audit: type=1326 audit(4294967300.949:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10760 comm="syz.3.905" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7da538e929 code=0x0 [ 461.990261][T10778] netlink: 4 bytes leftover after parsing attributes in process `syz.2.906'. [ 462.585664][T10786] netlink: 'syz.2.909': attribute type 16 has an invalid length. [ 462.825397][T10786] netlink: 'syz.2.909': attribute type 17 has an invalid length. [ 462.840596][T10786] netlink: 'syz.2.909': attribute type 19 has an invalid length. [ 462.906166][T10786] netlink: 94 bytes leftover after parsing attributes in process `syz.2.909'. [ 466.772476][T10829] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1868854125.115.0), cmd(1) [ 469.907093][ T5833] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 470.312382][T10897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.930'. [ 470.866966][T10906] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 475.384358][T10951] netlink: 330 bytes leftover after parsing attributes in process `syz.0.943'. [ 477.774236][T11002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.953'. [ 477.951162][T11005] binder: 11004:11005 unknown command 3 [ 477.962951][T11005] binder: 11004:11005 ioctl c0306201 0 returned -22 [ 481.137765][T11036] ecryptfs_parse_packet_length: Error parsing packet length [ 481.169084][T11036] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 483.191292][T11061] sd 0:0:1:0: PR command failed: 1026 [ 483.215632][T11061] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 483.246279][T11064] hub 8-0:1.0: USB hub found [ 483.252476][T11061] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 483.291760][T11064] hub 8-0:1.0: 1 port detected [ 483.810607][T11070] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 486.094652][T11105] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 486.163770][T11098] relay: one or more items not logged [item size (56) > sub-buffer size (4)] [ 487.060973][T11111] FAULT_INJECTION: forcing a failure. [ 487.060973][T11111] name failslab, interval 1, probability 0, space 0, times 0 [ 487.080943][T11111] CPU: 1 UID: 0 PID: 11111 Comm: syz.1.977 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 487.080988][T11111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 487.081007][T11111] Call Trace: [ 487.081017][T11111] [ 487.081030][T11111] dump_stack_lvl+0x16c/0x1f0 [ 487.081090][T11111] should_fail_ex+0x512/0x640 [ 487.081148][T11111] should_failslab+0xc2/0x120 [ 487.081190][T11111] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 487.081243][T11111] ? skb_clone+0x190/0x3f0 [ 487.081303][T11111] skb_clone+0x190/0x3f0 [ 487.081357][T11111] netlink_deliver_tap+0xabd/0xd30 [ 487.081402][T11111] netlink_unicast+0x6b2/0x7f0 [ 487.081445][T11111] ? __pfx_netlink_unicast+0x10/0x10 [ 487.081494][T11111] netlink_ack+0x696/0xb80 [ 487.081544][T11111] netlink_rcv_skb+0x332/0x420 [ 487.081581][T11111] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 487.081627][T11111] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 487.081683][T11111] ? ns_capable+0xd7/0x110 [ 487.081724][T11111] nfnetlink_rcv+0x1b3/0x430 [ 487.081768][T11111] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 487.081810][T11111] ? netlink_deliver_tap+0x1ae/0xd30 [ 487.081852][T11111] netlink_unicast+0x53d/0x7f0 [ 487.081894][T11111] ? __pfx_netlink_unicast+0x10/0x10 [ 487.081931][T11111] ? __build_skb_around+0x278/0x3b0 [ 487.081975][T11111] ? is_vmalloc_addr+0x86/0xa0 [ 487.082035][T11111] netlink_sendmsg+0x8d1/0xdd0 [ 487.082080][T11111] ? __pfx_netlink_sendmsg+0x10/0x10 [ 487.082144][T11111] sock_write_iter+0x4fc/0x5b0 [ 487.082194][T11111] ? __pfx_sock_write_iter+0x10/0x10 [ 487.082251][T11111] ? bpf_lsm_file_permission+0x9/0x10 [ 487.082287][T11111] ? security_file_permission+0x71/0x210 [ 487.082334][T11111] ? rw_verify_area+0xcf/0x680 [ 487.082381][T11111] vfs_write+0x6c4/0x1150 [ 487.082430][T11111] ? __pfx_sock_write_iter+0x10/0x10 [ 487.082474][T11111] ? __pfx_vfs_write+0x10/0x10 [ 487.082519][T11111] ? find_held_lock+0x2b/0x80 [ 487.082581][T11111] ksys_write+0x1f8/0x250 [ 487.082628][T11111] ? __pfx_ksys_write+0x10/0x10 [ 487.082687][T11111] do_syscall_64+0xcd/0x490 [ 487.082743][T11111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.082775][T11111] RIP: 0033:0x7f5f63f8e929 [ 487.082801][T11111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 487.082831][T11111] RSP: 002b:00007f5f64dcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 487.082861][T11111] RAX: ffffffffffffffda RBX: 00007f5f641b6080 RCX: 00007f5f63f8e929 [ 487.082884][T11111] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002 [ 487.082904][T11111] RBP: 00007f5f64010b39 R08: 0000000000000000 R09: 0000000000000000 [ 487.082923][T11111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 487.082942][T11111] R13: 0000000000000000 R14: 00007f5f641b6080 R15: 00007ffc3cc38908 [ 487.082986][T11111] [ 489.132857][T11142] syz.1.983 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 490.796405][T11165] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 491.036685][T11166] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 491.196823][T11165] netlink: 8 bytes leftover after parsing attributes in process `syz.3.988'. [ 494.643053][T11226] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 494.920674][T11229] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 496.883654][T11266] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 497.054546][ T30] audit: type=1326 audit(4294967321.249:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.2.1007" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc01778e929 code=0x0 [ 503.164081][T11344] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1021'. [ 503.888889][T11363] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 504.519684][T11364] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 510.261581][T11454] Invalid ELF header magic: != ELF [ 511.015719][T11456] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1038'. [ 512.837647][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.844129][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 517.830525][T11550] can: request_module (can-proto-0) failed. [ 520.214946][T11581] FAULT_INJECTION: forcing a failure. [ 520.214946][T11581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 520.251863][T11581] CPU: 1 UID: 0 PID: 11581 Comm: syz.0.1065 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 520.251896][T11581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 520.251910][T11581] Call Trace: [ 520.251917][T11581] [ 520.251926][T11581] dump_stack_lvl+0x16c/0x1f0 [ 520.251966][T11581] should_fail_ex+0x512/0x640 [ 520.252005][T11581] _copy_from_iter+0x29f/0x16f0 [ 520.252043][T11581] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 520.252082][T11581] ? __pfx__copy_from_iter+0x10/0x10 [ 520.252132][T11581] ? alloc_pages_mpol+0x25a/0x550 [ 520.252156][T11581] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 520.252183][T11581] copy_page_from_iter+0xde/0x180 [ 520.252223][T11581] anon_pipe_write+0xbe7/0x1a70 [ 520.252271][T11581] ? __pfx_anon_pipe_write+0x10/0x10 [ 520.252308][T11581] ? apparmor_file_permission+0x251/0x400 [ 520.252344][T11581] ? bpf_lsm_file_permission+0x9/0x10 [ 520.252377][T11581] ? security_file_permission+0x71/0x210 [ 520.252422][T11581] ? rw_verify_area+0xcf/0x680 [ 520.252465][T11581] vfs_write+0x6c4/0x1150 [ 520.252497][T11581] ? __pfx_anon_pipe_write+0x10/0x10 [ 520.252535][T11581] ? __pfx_vfs_write+0x10/0x10 [ 520.252565][T11581] ? find_held_lock+0x2b/0x80 [ 520.252607][T11581] ksys_write+0x1f8/0x250 [ 520.252639][T11581] ? __pfx_ksys_write+0x10/0x10 [ 520.252680][T11581] do_syscall_64+0xcd/0x490 [ 520.252720][T11581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.252754][T11581] RIP: 0033:0x7fa93cf8e929 [ 520.252778][T11581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 520.252809][T11581] RSP: 002b:00007fa93dda2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 520.252840][T11581] RAX: ffffffffffffffda RBX: 00007fa93d1b6080 RCX: 00007fa93cf8e929 [ 520.252861][T11581] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 520.252885][T11581] RBP: 00007fa93dda2090 R08: 0000000000000000 R09: 0000000000000000 [ 520.252903][T11581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 520.252921][T11581] R13: 0000000000000000 R14: 00007fa93d1b6080 R15: 00007ffc0c48a408 [ 520.252962][T11581] [ 520.466258][ C1] vkms_vblank_simulate: vblank timer overrun [ 521.350406][T11596] FAULT_INJECTION: forcing a failure. [ 521.350406][T11596] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 521.423973][T11596] CPU: 0 UID: 0 PID: 11596 Comm: syz.0.1068 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 521.424013][T11596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 521.424028][T11596] Call Trace: [ 521.424036][T11596] [ 521.424045][T11596] dump_stack_lvl+0x16c/0x1f0 [ 521.424086][T11596] should_fail_ex+0x512/0x640 [ 521.424125][T11596] _copy_from_user+0x2e/0xd0 [ 521.424163][T11596] kstrtouint_from_user+0xd6/0x1d0 [ 521.424192][T11596] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 521.424226][T11596] ? get_pid_task+0xfc/0x250 [ 521.424264][T11596] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 521.424291][T11596] proc_fail_nth_write+0x83/0x250 [ 521.424319][T11596] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 521.424349][T11596] ? iov_iter_advance+0x1e3/0x6c0 [ 521.424390][T11596] vfs_writev+0x5dc/0xde0 [ 521.424420][T11596] ? __pfx___mutex_trylock_common+0x10/0x10 [ 521.424462][T11596] ? __pfx_vfs_writev+0x10/0x10 [ 521.424493][T11596] ? __mutex_lock+0x1ca/0xb90 [ 521.424529][T11596] ? kmem_cache_free+0x2d1/0x4d0 [ 521.424567][T11596] ? __pfx___mutex_lock+0x10/0x10 [ 521.424615][T11596] ? __fget_files+0x20e/0x3c0 [ 521.424655][T11596] ? do_writev+0x132/0x340 [ 521.424683][T11596] do_writev+0x132/0x340 [ 521.424714][T11596] ? __pfx_do_writev+0x10/0x10 [ 521.424754][T11596] do_syscall_64+0xcd/0x490 [ 521.424793][T11596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.424817][T11596] RIP: 0033:0x7fa93cf8e929 [ 521.424835][T11596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 521.424859][T11596] RSP: 002b:00007fa93ddc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 521.424881][T11596] RAX: ffffffffffffffda RBX: 00007fa93d1b5fa0 RCX: 00007fa93cf8e929 [ 521.424897][T11596] RDX: 0000000000000003 RSI: 0000200000000200 RDI: 0000000000000005 [ 521.424911][T11596] RBP: 00007fa93d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 521.424925][T11596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 521.424939][T11596] R13: 0000000000000000 R14: 00007fa93d1b5fa0 R15: 00007ffc0c48a408 [ 521.424968][T11596] [ 523.788458][T11651] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1077'. [ 525.027015][T11672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1081'. [ 525.116429][T11671] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1080'. [ 526.127667][T11692] FAULT_INJECTION: forcing a failure. [ 526.127667][T11692] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 526.217183][T11692] CPU: 0 UID: 0 PID: 11692 Comm: syz.2.1085 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 526.217227][T11692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 526.217244][T11692] Call Trace: [ 526.217254][T11692] [ 526.217266][T11692] dump_stack_lvl+0x16c/0x1f0 [ 526.217317][T11692] should_fail_ex+0x512/0x640 [ 526.217367][T11692] _copy_to_user+0x32/0xd0 [ 526.217418][T11692] pagemap_read+0x52c/0x890 [ 526.217465][T11692] ? __pfx_pagemap_read+0x10/0x10 [ 526.217510][T11692] ? iov_iter_advance+0x1e3/0x6c0 [ 526.217555][T11692] ? rw_verify_area+0xcf/0x680 [ 526.217594][T11692] ? __pfx_pagemap_read+0x10/0x10 [ 526.217632][T11692] vfs_readv+0x5c1/0x8b0 [ 526.217680][T11692] ? __pfx_vfs_readv+0x10/0x10 [ 526.217718][T11692] ? __mutex_lock+0x1ca/0xb90 [ 526.217774][T11692] ? __pfx___mutex_lock+0x10/0x10 [ 526.217836][T11692] ? __fget_files+0x20e/0x3c0 [ 526.217884][T11692] ? __fget_files+0x140/0x3c0 [ 526.217928][T11692] ? do_readv+0x132/0x340 [ 526.217959][T11692] do_readv+0x132/0x340 [ 526.217993][T11692] ? __pfx_do_readv+0x10/0x10 [ 526.218038][T11692] do_syscall_64+0xcd/0x490 [ 526.218082][T11692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.218110][T11692] RIP: 0033:0x7fc01778e929 [ 526.218133][T11692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 526.218161][T11692] RSP: 002b:00007fc0185e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 526.218191][T11692] RAX: ffffffffffffffda RBX: 00007fc0179b6080 RCX: 00007fc01778e929 [ 526.218209][T11692] RDX: 0000000000000006 RSI: 0000200000000400 RDI: 0000000000000003 [ 526.218226][T11692] RBP: 00007fc0185e7090 R08: 0000000000000000 R09: 0000000000000000 [ 526.218243][T11692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.218259][T11692] R13: 0000000000000000 R14: 00007fc0179b6080 R15: 00007ffc645d84c8 [ 526.218294][T11692] [ 526.969742][T11701] FAULT_INJECTION: forcing a failure. [ 526.969742][T11701] name failslab, interval 1, probability 0, space 0, times 0 [ 527.013013][T11701] CPU: 1 UID: 0 PID: 11701 Comm: syz.2.1088 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 527.013047][T11701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 527.013062][T11701] Call Trace: [ 527.013070][T11701] [ 527.013078][T11701] dump_stack_lvl+0x16c/0x1f0 [ 527.013119][T11701] should_fail_ex+0x512/0x640 [ 527.013153][T11701] ? __kmalloc_noprof+0xbf/0x510 [ 527.013190][T11701] ? xfrm_hash_alloc+0xd1/0x100 [ 527.013222][T11701] should_failslab+0xc2/0x120 [ 527.013244][T11701] __kmalloc_noprof+0xd2/0x510 [ 527.013278][T11701] ? xfrm_state_init+0x377/0x630 [ 527.013308][T11701] ? xfrm_state_init+0x331/0x630 [ 527.013344][T11701] xfrm_hash_alloc+0xd1/0x100 [ 527.013377][T11701] xfrm_net_init+0x35f/0xcc0 [ 527.013417][T11701] ? __pfx_xfrm_net_init+0x10/0x10 [ 527.013451][T11701] ops_init+0x1df/0x5f0 [ 527.013477][T11701] setup_net+0x1ff/0x510 [ 527.013505][T11701] ? lockdep_init_map_type+0x5c/0x280 [ 527.013539][T11701] ? __pfx_setup_net+0x10/0x10 [ 527.013563][T11701] ? debug_mutex_init+0x37/0x70 [ 527.013589][T11701] copy_net_ns+0x2a6/0x5f0 [ 527.013617][T11701] create_new_namespaces+0x3ea/0xa90 [ 527.013650][T11701] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 527.013678][T11701] ksys_unshare+0x45b/0xa40 [ 527.013710][T11701] ? __pfx_ksys_unshare+0x10/0x10 [ 527.013742][T11701] ? xfd_validate_state+0x61/0x180 [ 527.013782][T11701] __x64_sys_unshare+0x31/0x40 [ 527.013812][T11701] do_syscall_64+0xcd/0x490 [ 527.013851][T11701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.013875][T11701] RIP: 0033:0x7fc01778e929 [ 527.013894][T11701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.013918][T11701] RSP: 002b:00007fc018608038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 527.013939][T11701] RAX: ffffffffffffffda RBX: 00007fc0179b5fa0 RCX: 00007fc01778e929 [ 527.013955][T11701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 527.013969][T11701] RBP: 00007fc017810b39 R08: 0000000000000000 R09: 0000000000000000 [ 527.013983][T11701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.013997][T11701] R13: 0000000000000000 R14: 00007fc0179b5fa0 R15: 00007ffc645d84c8 [ 527.014031][T11701] [ 529.153373][T11723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1093'. [ 529.948618][T11728] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1094'. [ 531.034038][T11740] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1097'. [ 531.722274][T11749] netlink: 'syz.3.1099': attribute type 5 has an invalid length. [ 532.688994][T11772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1104'. [ 533.544255][T11785] netlink: 13832 bytes leftover after parsing attributes in process `syz.2.1106'. [ 534.304026][T11800] FAULT_INJECTION: forcing a failure. [ 534.304026][T11800] name failslab, interval 1, probability 0, space 0, times 0 [ 534.382864][T11800] CPU: 0 UID: 0 PID: 11800 Comm: syz.1.1112 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 534.382909][T11800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 534.382928][T11800] Call Trace: [ 534.382938][T11800] [ 534.382951][T11800] dump_stack_lvl+0x16c/0x1f0 [ 534.383009][T11800] should_fail_ex+0x512/0x640 [ 534.383056][T11800] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 534.383104][T11800] should_failslab+0xc2/0x120 [ 534.383141][T11800] __kmalloc_cache_noprof+0x6a/0x3e0 [ 534.383183][T11800] ? rcu_is_watching+0x12/0xc0 [ 534.383215][T11800] ? s_start+0x7b/0x320 [ 534.383264][T11800] s_start+0x7b/0x320 [ 534.383313][T11800] traverse.part.0.constprop.0+0xac/0x640 [ 534.383370][T11800] seq_read_iter+0x932/0x12c0 [ 534.383426][T11800] seq_read+0x39e/0x4e0 [ 534.383459][T11800] ? __pfx_seq_read+0x10/0x10 [ 534.383493][T11800] ? get_pid_task+0xfc/0x250 [ 534.383544][T11800] ? rw_verify_area+0xcf/0x680 [ 534.383576][T11800] ? __pfx_seq_read+0x10/0x10 [ 534.383609][T11800] vfs_read+0x1e4/0xc60 [ 534.383653][T11800] ? __pfx_vfs_read+0x10/0x10 [ 534.383687][T11800] ? find_held_lock+0x2b/0x80 [ 534.383713][T11800] ? __fget_files+0x204/0x3c0 [ 534.383754][T11800] ? __fget_files+0x20e/0x3c0 [ 534.383788][T11800] ? __fget_files+0x140/0x3c0 [ 534.383833][T11800] __x64_sys_pread64+0x1eb/0x250 [ 534.383873][T11800] ? __pfx___x64_sys_pread64+0x10/0x10 [ 534.383925][T11800] do_syscall_64+0xcd/0x490 [ 534.383969][T11800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.383996][T11800] RIP: 0033:0x7f5f63f8e929 [ 534.384018][T11800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.384044][T11800] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 534.384069][T11800] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 534.384087][T11800] RDX: 000000000000c404 RSI: 0000000000000000 RDI: 0000000000000003 [ 534.384103][T11800] RBP: 00007f5f64ded090 R08: 0000000000000000 R09: 0000000000000000 [ 534.384119][T11800] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 534.384142][T11800] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 534.384175][T11800] [ 534.384762][T11800] [ 534.608395][T11800] ===================================== [ 534.613953][T11800] WARNING: bad unlock balance detected! [ 534.619512][T11800] 6.16.0-rc4-syzkaller #0 Not tainted [ 534.624922][T11800] ------------------------------------- [ 534.630477][T11800] syz.1.1112/11800 is trying to release lock (event_mutex) at: [ 534.638053][T11800] [] traverse.part.0.constprop.0+0x2c0/0x640 [ 534.645639][T11800] but there are no more locks to release! [ 534.651372][T11800] [ 534.651372][T11800] other info that might help us debug this: [ 534.659447][T11800] 1 lock held by syz.1.1112/11800: [ 534.664574][T11800] #0: ffff888033991540 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0 [ 534.673510][T11800] [ 534.673510][T11800] stack backtrace: [ 534.679419][T11800] CPU: 0 UID: 0 PID: 11800 Comm: syz.1.1112 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) [ 534.679452][T11800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 534.679467][T11800] Call Trace: [ 534.679477][T11800] [ 534.679487][T11800] dump_stack_lvl+0x116/0x1f0 [ 534.679528][T11800] ? traverse.part.0.constprop.0+0x2c0/0x640 [ 534.679562][T11800] print_unlock_imbalance_bug+0x11b/0x130 [ 534.679595][T11800] ? traverse.part.0.constprop.0+0x2c0/0x640 [ 534.679628][T11800] lock_release+0x242/0x2f0 [ 534.679659][T11800] ? put_cpu_partial+0x170/0x220 [ 534.679695][T11800] __mutex_unlock_slowpath+0xa2/0x6a0 [ 534.679737][T11800] ? kasan_quarantine_reduce+0x1b9/0x1e0 [ 534.679778][T11800] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 534.679821][T11800] ? rcu_is_watching+0x12/0xc0 [ 534.679846][T11800] ? kfree+0x24f/0x4d0 [ 534.679876][T11800] ? s_start+0x28c/0x320 [ 534.679914][T11800] traverse.part.0.constprop.0+0x2c0/0x640 [ 534.679955][T11800] seq_read_iter+0x932/0x12c0 [ 534.679992][T11800] seq_read+0x39e/0x4e0 [ 534.680022][T11800] ? __pfx_seq_read+0x10/0x10 [ 534.680053][T11800] ? get_pid_task+0xfc/0x250 [ 534.680095][T11800] ? rw_verify_area+0xcf/0x680 [ 534.680126][T11800] ? __pfx_seq_read+0x10/0x10 [ 534.680157][T11800] vfs_read+0x1e4/0xc60 [ 534.680201][T11800] ? __pfx_vfs_read+0x10/0x10 [ 534.680234][T11800] ? find_held_lock+0x2b/0x80 [ 534.680259][T11800] ? __fget_files+0x204/0x3c0 [ 534.680295][T11800] ? __fget_files+0x20e/0x3c0 [ 534.680328][T11800] ? __fget_files+0x140/0x3c0 [ 534.680367][T11800] __x64_sys_pread64+0x1eb/0x250 [ 534.680405][T11800] ? __pfx___x64_sys_pread64+0x10/0x10 [ 534.680449][T11800] do_syscall_64+0xcd/0x490 [ 534.680491][T11800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.680518][T11800] RIP: 0033:0x7f5f63f8e929 [ 534.680538][T11800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.680564][T11800] RSP: 002b:00007f5f64ded038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 534.680588][T11800] RAX: ffffffffffffffda RBX: 00007f5f641b5fa0 RCX: 00007f5f63f8e929 [ 534.680606][T11800] RDX: 000000000000c404 RSI: 0000000000000000 RDI: 0000000000000003 [ 534.680621][T11800] RBP: 00007f5f64ded090 R08: 0000000000000000 R09: 0000000000000000 [ 534.680637][T11800] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 534.680653][T11800] R13: 0000000000000000 R14: 00007f5f641b5fa0 R15: 00007ffc3cc38908 [ 534.680678][T11800]