last executing test programs: 7.836004004s ago: executing program 2 (id=2108): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, 0x0, 0x4004010) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de39066555baed365ef3"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) brk$auto(0xffffffffffffff66) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000300)="352c8efa618c0bcf83a4ebdb278754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1c61fef8e0e24e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c31e0f3a31c079ae368fd33dfdfc97f40f7f", 0x78) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000200), 0x84200, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="cc00", @ANYRES16=r3, @ANYBLOB="01002dbd7000fcdbdf256f0000000500d5000500000008001f01060000009e00bd004c59080974edf6e2f7df838fc99571f987047ddd4500b8d4eb66ab1c3eb74de348f2527e80024987ed12f626e267080de8ea6039ac549cb1f5a877d62de0757e764a0231e7ef8647883e3bfb0b5297c36eb225267f0fb849f9fdbf50233dedcf85441d4fe6ca9de163d3a565f0c2ff599c0308af4a0f01a34a1961eba6aea679d7f16f3ad2cb9ebce2bd74e094fbaabec699f5e3aed9eb26075e00000500d20008000000b0acbec656a5a93455b224772ae945dd3fca78967e215b3f1e4dde2bffc3bfd9932d83d208d986a93e26982d51a8f2d2a59f0b83988b5ded03cdf59d85bb537f6707b099fda65a1fcbb36a905ceb5f9342014f96f1b2286ab5c2aebe607ce6911d71fdbe4e42e63c1d3ba59a7ee34cb71457c5174d491ce3a626887f2bd26d8456be36dfecd165e3fc98e5c5c6cf4ce56de5abf7d523aaff54273a366183abe1305627ab5a28cc1ecce217619e143ba1f977"], 0xcc}, 0x1, 0x0, 0x0, 0x4040}, 0xc000) mmap$auto(0x8, 0x2, 0xea2, 0x24f0c8f3, r1, 0xda3) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) fstatfs$auto(r5, 0x0) 7.441794624s ago: executing program 3 (id=2111): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}}) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0)) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x9, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @bytes=@data_ptr=&(0x7f00000000c0)='\x9e*:-$$\x00', "528d458095d42b72adda0cac2d45bdaacfc82245992af763188ba00ab57d5d73b094925aa928ca41e93023ab4510269ed959a79a7895fd181a33375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea81f7e333cf1c9da590b3fea1258074885c899d75cd52751f9be959d90fa5c200"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1a3780, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x201, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x1000000003, 0x9, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x814) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_ETHTOOL_MSG_RSS_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010329bd700002dcdf2524"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x40044010) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002bbd7000fddbdf3a04000000050011002e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4044820) 7.262709684s ago: executing program 1 (id=2112): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioperm$auto(0x400, 0x7f, 0xd) semctl$auto(0x0, 0xe3, 0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r1, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/215, 0xd7) read$auto(0xffffffffffffffff, 0x0, 0x20) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@generic={0xa, "2c551d000000ff00"}, 0x66) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002f40), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000003080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004800}, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) write$auto(r3, &(0x7f0000000040)='#\x00', 0xff4b) 5.574447207s ago: executing program 3 (id=2114): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) write$auto_proc_fault_inject_operations_base(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(r0, &(0x7f0000000340)=""/253, 0xfd) timer_create$auto(0x3, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0) 5.372472273s ago: executing program 2 (id=2115): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x100140, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"0900ed00", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6552", "f34cae3a", "10a991b3", ["1ae8fc7996e08d5c6b51d880", '\x00', "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0xfffffffffffffffe, 0x7, 0x4) madvise$auto(0x0, 0x2003f0, 0x15) socket(0x2, 0x1, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8) renameat2$auto(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file1\x00', 0x1) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3) renameat2$auto(r4, &(0x7f0000000200)='./file0\x00', r4, &(0x7f0000000240)='./file1\x00', 0x2) 5.371754194s ago: executing program 1 (id=2123): r0 = socket$nl_generic(0x11, 0x3, 0x10) bind$auto(r0, &(0x7f0000000200)=@generic={0x11, "00030f00"}, 0x80) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) unshare$auto(0x40000080) futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82800, 0x0) ioctl$auto_HPET_EPI(r2, 0x6804, 0x0) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r3, 0x40046109, &(0x7f0000002c40)=0xf0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r3, 0x7, &(0x7f0000000140)={@siginfo_0_0={0x2, 0x81, 0x1, @_sigfault={&(0x7f0000000100)="a77a9bba02", @_perf={0x8, 0x0, 0x2}}}}, 0x2) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, 0x0, 0x20100, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000580)='/dev/media16\x00', 0x200, 0x0) flistxattr$auto(r4, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) 5.181714517s ago: executing program 0 (id=2116): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) write$auto_tty_fops_tty_io(r0, &(0x7f0000000280)="352c8efa618c0bcf83a4ebdb278754", 0xf) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x500, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(r3, 0x0, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0) 4.681678026s ago: executing program 1 (id=2117): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x441) socket(0xa, 0x3, 0x3b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.368896137s ago: executing program 3 (id=2118): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x340000000000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r1 = socket(0x2, 0x801, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', 0x0}) r4 = geteuid() sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)={0x30, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0xc, 0x25, 0x0, 0x1, [@typed={0x8, 0xda, 0x0, 0x0, @uid=r4}]}, @NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@nested={0x4, 0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x814}, 0x80) ioprio_get$auto(0x360, r4) read$auto(r0, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0x2) write$auto(0x3, 0x0, 0xffd8) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioprio_set$auto(0x3, 0x0, 0x4b34) madvise$auto(0x1ffff000, 0x7, 0x100000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) fsopen$auto(0x0, 0x96) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000010c0)=""/4096, 0x1000) 3.744775273s ago: executing program 2 (id=2119): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x441) socket(0xa, 0x3, 0x3b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.557430313s ago: executing program 1 (id=2120): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) timerfd_create$auto(0x9, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/49, 0x31) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, &(0x7f0000000000)={0x8, [0x2, 0xffffffff, 0x80000000], [{0x80, 0x2, 0x1, 0x1, 0x1}, {0x8000, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x6, 0x0, 0x1, 0x1}, {0x95, 0x400, 0x1, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x1}, {0x9, 0xfffffffe, 0x1, 0x1}, {0x1, 0xc1f, 0x1, 0x0, 0x1}, {0x2, 0xfe, 0x1, 0x0, 0x0, 0x1}, {0x3ff, 0x1, 0x0, 0x1, 0x1}, {0xc12, 0x5, 0x1, 0x0, 0x1}, {0x7ff, 0x4d3c, 0x0, 0x0, 0x1}, {0x2, 0x9, 0x1, 0x1, 0x1}], 0x7f, 0xfff, 0x3, 0x3, 0x6, 0x9, 0x80000000, "64b91cc75e50f9bfb73422d302bb9262ca4383f3137e87364ff62cfa69013312b39e05e3bb4c990e99e06e310552976c2f5b0732887c3a8873bae9024b524de3"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r0, &(0x7f00000001c0)={&(0x7f0000000100)="6044bb67f5459d8e4e1e504b25452ef3e83b0b52c8f49e50044485180830a1ed51282827b917476d5ad380335434bdb1c564508879b5e5d57f2e26b641f809355a93e70dbfaf2f0b63d20cbc16247dc38b5b9a471f4ae0e2e7ba7d1b81eb247c8f12d9dc892059ba5533480195d2cf6ae62b01db81c6a987ae4049f3c8a3792bfa2ffd7fe02e4488d3f8cb44073a7975173dbeb67b1bbce6f6dbdd6b06f4236720ac56b65894942276743116", 0x4}, 0x3) ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, 0x0) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000540)={0x0, 0x6, "7636151d9b02ba4db36efb8adaeb205490055c8160618a793bc0ef02be6b53ab874d163664e76626154e19585266b4280ac77b4953f03208c9d0d81de29f87c95b44caf734b5f2e59f69b0fe4a5494f48d5300607cd488d34e391975e1aa7743568be0d261cfaa4f9b6174c390954234be5d151787f0c9c66dc02b5a5a89a56682d58f67fb6efb456c4569af2df4c3e2fe0f9223c43727d728cc77183d2ceb9a4b6797048cd4d028ae420b7deabcd6b4a367d87ec44bbe2522223a45c3c8c504c1bae057da778451ca39ef604724c73e5f577cda46ab42dd3392401d1c9bf8ba15c8299371980687c12430b63a504592439e0580a6f2a60bed1efbb23b7596b3"}) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x27111}, 0x8) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x2, 0x9, 0x2, 0x6]}, 0x0) 3.55677492s ago: executing program 0 (id=2129): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x441) socket(0xa, 0x3, 0x3b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.541256561s ago: executing program 3 (id=2121): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) 2.488587676s ago: executing program 0 (id=2122): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x441) socket(0xa, 0x3, 0x3b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.480611419s ago: executing program 2 (id=2124): socket(0x2d, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x100, 0x0) socket(0xa, 0x80803, 0x6) socket(0x2b, 0x1, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x42080, 0x0) socket(0x10, 0x2, 0x14) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) memfd_create$auto(0x0, 0x2) socket(0xa, 0x2, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x8800) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 2.229553325s ago: executing program 2 (id=2125): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) unshare$auto(0x40000080) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/smbd_receive_credit_max\x00', 0x100, 0x0) pread64$auto(r0, 0x0, 0x200000000006, 0x20fe) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) socket(0x10, 0x2, 0x0) bpf$auto(0x10, 0x0, 0x7) write$auto(0xca, &(0x7f00000002c0)='\x04=\x01\r\xfb\a\x00\x00\x00\x00\x00\x00\x00\xa2\x00\x00\xccb\xc9\x19AWL\x00\b2\xa7e\xbd\x97\x9c\x05z\xccs\xba\xa2,&\xe9\x11\xfe{ai\x8a\x86V \x8eb=OJC\xaf.D\x8f\x97\x03g*\x1c\x98~\x15\xc3\\\xcbed\xff\xb1\x92~\x89S\"\xdac\x99\xf7!\a\xfb\xf8Vf\x18\xc8\xbbu\xcd\xf6\x80\x92\xa9\xda(\xa2\x93p\n\xe5t\x1b$\x9f\xa3\x1a\x82\x06\x12\xa6\a\"\xba\x8a\x88t\xf2A\xb9g$H\xcc\xc7\x8eoi\xf5\x02\n\"\xdf9\xa5>\x91\xf2\xde\xa8\xd3\x9f\x9d\xba6\xc0\xcb!w\a\xdd\xbb\xf1kox\x04\xe8a\x93\xf3\x12eE]\f\a\xf7N\xb7\x85\a\xf1+\x05\xe7\xb5\xa9m-+(\xaf\xf9\xa4r\x0fX~\v\xa7\xf3\x9cD\t\x80\x8b\x9d6\x1f\xdc\xc4y\x1d\x9a\xff\x0e\xbb\x8c^\xb9\x06\xcd\xa1\xf9\xec\xc1\xc3\xd7\x0fr\x16Hf\xb5\x17\x10\xf9\x03H\x19\x1a\xa8\xd1\xad\xa2\xd3\xe7\xa7\x883Y\x7fS\x80|\x9e\x91O\xca@\xe45\x80\x95\xdf\xdbn\x01\xde\xfd\vH\xfc\xe6o\xf5\x1c\x034\xf5\xd8\xb1}JX{\xf0\x89\x1d\xb5P`j\x10I\xf2\x16PQ\x85\xa7\t\x98\x1c\xe2Y\xa1\x03\x9b\xdd4VQF\x8d\xc9\xa5\fm\xca\xfd\x92\n\\\xf8\xb5C\xce\xa9\xdc\xddg\x8e2x\xde\xdf\x14zd\x01s\xaa\xd7v\xfa\xe3\x99\v|2', 0x2d9) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) gettid() openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.max.descendants\x00', 0x22022, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) select$auto(0x40, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x2, 0x3, 0x64, 0x200, 0x5, 0x6d3e, 0x9, 0x401, 0x6]}, 0x0) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000080), 0x40000000001243}, 0xa, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 2.157099747s ago: executing program 1 (id=2126): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(0x3, 0xc038563c, 0x38) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x6, 0x2, 0x80000000) sendmmsg$auto(0x3, 0x0, 0x2000004, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) set_mempolicy$auto(0x4006, &(0x7f0000000000)=0xa, 0x7) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) io_uring_setup$auto(0xfff, 0x0) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2002, 0x6, 0x7, 0x4, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c4b, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xfd, 0x1, 0x52, 0x5, 0x1, 0x40, 0x2, 0x8, 0x100000000}}) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000002480)='/dev/midi2\x00', 0x2841, 0x0) writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000040), 0x8}, 0x5) ioctl$auto(r1, 0x5, r1) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x94, r2, 0x0, 0x70bd25, 0x25dfdbfd, {}, [@NFC_ATTR_VENDOR_DATA={0x80, 0x1f, "68fe21f934abcbdf4013c805d3d440b8ca22986ccb1dca83fdeb92440c1d3272253f99543f76a910097118f4b89eea3f46e894dd71e86f3ae61389da6d4878c83e183e730bb894f2f194a3136660ec0191ba1f04eeea0b9900a52c66e4a28c83913571a8379fec5997f4dad68b223039f88e917aae28481c4e92045b"}]}, 0x94}, 0x1, 0x0, 0x0, 0x801}, 0x0) ioctl$auto(r1, 0x4004af07, 0xffffffffffffffff) 1.363750511s ago: executing program 0 (id=2127): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40002, 0x0) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(0x3, 0x0, 0x18) r0 = socket(0x15, 0x5, 0x0) setsockopt$auto_SO_BUSY_POLL_BUDGET(r0, 0x1, 0x46, 0x0, 0x94) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 786.889839ms ago: executing program 1 (id=2128): r0 = set_tid_address$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = fcntl$auto(0x3, 0x4, 0xa553) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000180)='/:$]\x00', 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0x5, 0x13, 0x2, 0xab3) open(0x0, 0x7ffd, 0x12) sendmmsg$auto(r1, &(0x7f0000001440)={{&(0x7f0000000380)="439ba951bfb7625d6e0e9642c0ca86db695ca7e7e00164ffedbbc13fa78ba722e7e0446e74cc2de0fe6e1f1715083c38359e5f93adae10ff847fbcb1b8a2b449c8f384194b733c4abd04572f0f35a6f7005d6ab995debbd7d24ce0cad94ab8827733b339949c8fdc71eba71f383c8fab2d671c10ac45e72378c1da8796920095d6df2ae33c67ba0ea05db3cd8e10fd4224353b4808fe", 0xc, &(0x7f0000000080)={&(0x7f0000000040)="ee244346ec2fe64f5765dfa6df636f459b644404192db23e4c6ce2dd74264525", 0x1}, 0x3, &(0x7f0000000440)="609e9916526626488620c6d0a09eedfbe7ea541bcb074630bde17077efc40d4d8bb919980d954b893cfdef06a54dd7ef1a1b06814bfda91ab2bea11870d61b99fb87151f46c068df5ffa5f69418cde9e614efa490ae4c2e85ab41dc24abb53ec9ca668dd117b5e6d494b04abadd8f8993887f27190a8cd233baa673cda2752e005669658216c24b0be447f6818ed0888053cf36db8c88d977b7a56614b32e1713c48d9f52e3537bb14aa2599423afa550519a58aa5308a807c2f1c0a362c0fb01e2e82057daf0af205e6e33e54a68bb56b5cc2421544867b48ce42b8f63ea566cbf0888b704e81fe06e80abdef7926abe7c575ef1284cb6fadbe9ee7e4f39ce40548da5fc4ede532c27ba1ec1e76217473c2c5354accbb0b15aa3052eb0dc778cf7948649202812e46f85519616e74aa2427dab77de6682d1ce75a97b29704de69d3877244a9fe93466a13a6add92220b0fd8206fb5f4bb0c3d42d102776f701f81cd70fffc419f82444427ae01dcb44a525058c99b91292e25631dde21f5886c7a4f268acf5a4f7569950093680b787ac07d22d9cbd15757075a6ddd627844a48cfc3ced6157075777cde554e06f42019c7f0fbdd0f7aa530e0d80697b159126a0d55debf448f1d2d2a3f1b8fb6e9c069c1e3cbce7034233e78222efb58fdbbc5a003ba4372ae4011268a198a421f6f3f16a80b03a301bb93a377e62fda2046e42455201d79a0dc1bf3a5c25fa5cd237a97486f36a318c96f2a35af8d7c2aef0383bf075a800704131397c1fc14965d54a9ac6952b645c71a76dea570c74e1a8a88971f53e12b6d474a9998e41f79e1538f18ac7972d5b31caf73936582af83be4914d56c22a8d1d089a5ceae1472dfeb4c37a21646f4d6da94bc323eed6a57febfbd1321e4434e8fd25cd62aba0f73a2cd253e66551057b5f8b1c0df5219b20ec22619ed049d7570cfdfe769b5c5e5994219cdb299fdca29953f2911a2f390c781a501763c7cc3f0358c85de8f4a92995d7fe6868d67cbc895671942e296ee27001a0537f221f267bee03a1c03e103f7b90ebb82d00a2aba6888d54c6cb35bb8190cd7403a5f1565b83cba212930255f8aaefb51a7fa1d0b38fedcee6f56ec52fc9cc51f41961eaf526889561932954bc5c6d44be1fb4fd255cb8dffa27a624ddd351db7d4b54cb02433ce1e977336e00077a9a31f51d82be6327e8b80037e2a2eefdd9a5fa4982ebd9c920a86f72345837f5fa1282dbd7b01dc91db768d415934b1caa497743acf2fae1ea1b3988e7ed8773afa8a126036ea690f6e2f997847294069e764e957c1c99e5f9a0272c9b091c8217839b461499ee0065d61b6be0270511991cc92220f6c0f1f46dce798b5cd0d3fbb89ce5f1922126fa5371612368cc52bdc2b84be64199f9e9afa6942f5f92db7c24d6791680e9cb761a04e29d3bb87e4d0f24682a798bed6dc408ccc23a814e9e6bbdf8ff63ebfd46c7b3c9b32b5686e3fe1c428484a538d92d72fbfae35c76b365465d596d18063e254d4f7364f7f0947fa210d765d6e56d01e11ba78f5e838c0b98f48ef280b63a93edd585a3621942344fb6dcbd1a8912359a47d16729e2581b32813c2636d290e3475fba6048bd9e0a92c40d113c2d9a572d3e2eb069d0380ea5f8fb0add41fe5efce231616f8ca1c25f85aabcf824e2ee711ec085fd6badbbc170506355c03e249853113c5663443200a85ebef6c8f1bcf41a20a3913685f86a26cb7cb9e4e0db034e65873e02f24ffd85e3275f93d29b4abb9e05bca2b81ec823ab616da7ef0b3ac78041c121bbb60c2d86147f5056c2786e86cec883a7ecebd7017e6c2cf79cfd0544dc9aa8b25637ed0c482c39e64b60dd5f8b29beffba7ac8dbdb064957028c656bfc83bff5d5846cd94770c9d67c357ccb0440b02da5225dc75fe32bac2837acad385cd297320cff5002ce32d8dd9643de20931723b1d6207a5c9ad97007945f779b338bd6618d1d8662aedc34240cac1c06dd9d7bbdcf9ff969da1c17b1fd420bf212355d7363710b4e47cf3b65826ae238dbf9ce96dfe2340dd4d0ece32663b1af73d711a805445c3a2c7668ad96ccab49225075d71de8686c7804805a8119ad6bb04b700d3c0719b65e94001a63fb3becfaddbba365f0e489c85676dc22df3e221c4b28f6a44440355757481627d5d09cd3d8b5470c10c76414d536723e58858be051a0710f1ccdc270608ac616886215b086615f4c397f3d7f268d57ac94362bddd781a7f6510a65c4efe8fd96bbb50ec7ffd4dc5eaafdb302f6e3eb6ec2a873829dcf420d4cc7533d50ffa4f509e72e86fb4e452afc633c0004fa8c97497f24b7771530045aa52f857406f3039f32d411e6f11cbed68aae78ecf1716380010407621d1dde9705c05f471e08dda4d16a75ae40f677e2738bf47253194b080e54422e3e1e5dacaf5e86f716773af7caeb91dbe24439416a930ccd69bffd413cf3f6c05b18ab2b09a48a025bad88afda173bf84a15f63711f7084cf2fcfc955c9b799ca00b2900bdecbeab34f7eaf3553b9dca06fa7704b7a605957be079390226f0281ac5ff5acfbe2d06923a8c5f0c26b2665a0a97ca8987b7614b9e047c0f9028a2c65ed52f50dec151b1d8133a99f2de85e659dba1c2780db3eb23c5170d763083b5d0f9d4bf7d0369c96c49e59170f73a7abb290ecb337034fdecba39d671d73951862237449f75e6406b69f6d498e3a7218ff8d035bb78ec7683587f8bc68407bc7589881dfb684f5926ee2e9451b435073f7b95f6f8fc0b7f55b57add3e4d1cd04de5d7f531cedd4ff96d1938917b75e0043ed8093a27f6febad6b292fe67784d6f61bfa4196f30f1765c09580a81727e1aa89484e3c0a1c458ff8491ec5c997bad96f17569c633b28567eece389538338ffd6d0e82bd9b9e5b5baca2d902af620c4ed33ee42c6e3312ad2482348775ff28be57c737c2bd51134439bacc6232639611b180d82bb78baf8940590a7dd4562c5fb9a91925482de4a7416ca63df78c9a9e2bd729cf55da12f9a5a3d15ef5cab1e1c138c45239dbf7b4df7171d2a7ab79c7e6d13ba3fb0b04751c5f86f838889dbfa164c3b6033dfcff9012a260655f27d103460a9b61ea0d4f1d8e53b658e40b20873b20e25c2ac7f996a226ff8377147c32e93459ebb0645f9ca954298b520b4a4903f546b959e742dc4de01880a5e46ee3f78ebe3eea024a1986a4d558950c45ec5e2cf660b255066d1d6f7cae805cb1ae54e43adeba91fdd0ff178a9d8ff3900a8d79ec195d0d9d66431066c346813c9cbb9579d412c953168834a4e4f3ab5da9763ba1861e3053ea1888f4d28e9a53c7fc514a1e6ad9c31e40f6c4bc5869cd33b889251eb48844e5dbc2971def7f3d0d9657b46a3008d80c7d0a7044e2039f45c1dcbf4b36435c0bdca3f979cbba1cb18f65cae4646846c10623d82ca24344417e98acff990f7084bc7839be875dbd1080361567db51378992e13856bf3ac9937b43be8685af244c83bed76c39dddfeff44e8aabb874ad8b07a9517a3e90134776696947d86aae360e808d7b1184329ee879db8714b3de177521874a00aec4949f706b34c23281d5d00abc81de1e9463d7c67c5f97a0839aced19473ddfbe2a89750efaa34601cdb1f3c246aeb75cb853c4c473c12ca26c607be8646d7756935d6e38c788ef98be604efacf244556b01c2d57c930c7a39bbf4a9fb72fd373ed8bbcd030e776a6e550a9d803069ef6b429d7ecce7a41c67131e610aca9ddcec4b8053e352c58bb57ad58fa9e24120e6ce29ee4af25de367ee305419f8a27a11d3e942232bf7b892019d78664bb2c404c5299a4028af124fd98f2a4c8feae7175639a58e334c82a2943fc0e8c4e14d56a0bd4a9998998f44c82de2a4a22e2baf18b4468866a37d541efcda410cf3f686e4732a54645c4d86fdbd06b91618d125a7529e8d19741453e0c9e586e661d1b21a9f2ad24542014000299663908d0ea5df84ca22a717913735b1be551b885a3edbdce14c901e840cb62f38c7866625cecf7a7305a11355a664a6203f3c3b366960b48512767ad903029ada4831fe8a31b92eb9463ef802d7471b61488bcfaed593cce69bbda0753b6d7c953b002409e9f8bc799829e53182ba238524415bca69a7d10a38062c18a23dbf8a64ad8daeda5d09db746922a1cd80673526a892f6421e3533608e05bad6e2f85234beb57ff7cd5e5eb904a0e3f82bac16382c0f27e4bdadee1fce4c248f2f9eb005dac87093188d7c85dfdbf58b217c175c605c4add2e8e7f3aeccefa3e6a42d4f6f3403847f57d2019ed73dcd23375f6c54073c5e1a5dd77f6587abbade6d1f23c36113b753d6e5db157f4665dd3bf01029d7e6ceeaa1e0f75db2bb52c3edf132883bbab91b5354639150abcba1b36bcb3d90a98c4a749560a1a54e16d1b863d6a3fdb0fdaf8d12fb9d4a90caed30d476c165082ee198f9b08dddf8bad9618afd52687a2477ce4ac80d02dbd405a99a0f01675ef8f1644f3a5aae40bf79a68b9cc0bc6c4f0308b6d72b6ffa7fea71d6c7cb8f2e8a0ad22766e70d36c6db23a62a813dfc1defddb3831d7e8741fd1708882ae9e10c2853c2b365d2117f7168cb6e0d608eb7375019140d559f1af54af4892570baf3ebcf6c86ed3b343d3cb7596100eea6e2ec660a1ab32a550fbcbd2a910a9b7550d619fcd48c90fc3b6515db286b0278b2c1b5b5bbb42db1d4fddb7bac72d8367ec327807f64ae7493e7bc663a320c91d8592f0966619487fd4290910101c7a329014df99ba856281ba7711ffc2ccaa30301735c66f8e3eb8d226f11d23cc119d1a7a23a3750be5f90cd86960e7f915066272d3a242106f06b16f446dcb6d70c68e246e214c9f542a737f835127564c34bf09994a94c9008a70adba97e5f7322025b4c5add3fd8ff2aa9981559e7b4334a1df5668b56683aaa3791372fe67c2b5559bd476f5d25d23d19c66bb88b6a878097f0ed4452b8eb3c22a9bb0f84c906283448f39a76cfdfc3f5eef13e61005e60c48886b31918570d43af0ac3ea2f53c7c5409d13fa0fd7c43f41e1757c629af126bb048d1e9acf7ef527795ee85d81c38da097b1a07776a4cee8dcd858f9e167069aefdd7c240726aaa8322d40f6ba63c14122b83250386da16fe00036044b2380d34f9772e5234c5207dd73046929be61d9f3c2eea39dc9fa4293d53350796ca78d7d50b796233dcbbd96c0e5655f3a07072498d6dd58b4580827cf17719127bb36a9746575c1e35ba2c473a31ff00dc086f9364f9aa6d9606db24d7c0f71d28f6e48f828cfa3ed5a7d0ed7bff0e214e317a5f4684f23140cc28f8a9761a0a223a486547139f9d7e6b3d66c20ea6279e5e72b48f3937865e2ad457bccf0190a31eb1f1f09704ec934cbb6bcce8f8a6832ebef6ec04fde3230ead98c01e64c42a478c4ba928150d4db47ca0b5f5e6ec345e86f6a5f2f1a40e7c09686bf7714b814a7b4a4063f916cefc371024813edcd377321dd18b16143de030a321ce7d8a7cacb5bd5e28860f52bcb01eb9bab55223d7da7db286f2189622e2f49757c1bea731794a8f09f779ba575ee05ae6ace3c93270ce2ff2b2a0af931f8c9cd773eb969116e862d5eda9a44ea092896bb9a9275b4d152ca8e9069557a9ff13d4623f2811decf2193a27c949713fee0f95e11974caa598b6885f7074f18c8d680f560a411d3bc7fb58bb3909539e4661a4ca82e806b8504ab3e030d01cc64cd1e4365313799177d8fb3a82418c", 0x8ac, 0x5}, 0x375}, 0x8, 0x8) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) unshare$auto(0x20000080) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) io_uring_setup$auto(0x4c2, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) 783.636934ms ago: executing program 2 (id=2130): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x441) socket(0xa, 0x3, 0x3b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 694.490273ms ago: executing program 3 (id=2131): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) socket(0x2c, 0x3, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socket(0xa, 0x2, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r0 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x8, @old_prog_fd=r0}, 0xa3) bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0xff, 0xffffff01, 0x9, 0x6, @count=0xfffffff1, 0x0, 0x80000000, 0xc, 0x0, 0x7}, 0x9) 420.596146ms ago: executing program 0 (id=2132): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0xc, 0x0, 0x4) close_range$auto(0x2, 0xa, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) getsockopt$auto_SO_BUSY_POLL(r1, 0x9, 0x2e, &(0x7f0000000280)='$^%*/%{:!/-:\x00', &(0x7f00000002c0)=0xffff8001) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/boot_params/data\x00', 0x2c40, 0x0) r3 = socketpair$auto(0x80, 0xf, 0x2, &(0x7f0000000100)=0x4) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) ioctl$auto(r2, 0xc008ae67, r4) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) r5 = pidfd_open$auto(0x1, 0x0) read$auto_trace_time_stamp_mode_fops_trace(r3, &(0x7f0000000180)=""/216, 0xd8) setns(r5, 0x60020000) umount2$auto(&(0x7f0000000000)='.\x00', 0x8) r6 = openat$auto_u32_array_fops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim4/ports/2/udp_ports_table1\x00', 0x20000, 0x0) read$auto_u32_array_fops_file(r6, &(0x7f0000000040)=""/154, 0x9a) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x288141, 0x0) ioctl$auto_SNDCTL_DSP_GETOPTR(r7, 0x800c5012, &(0x7f0000000180)) 141.959473ms ago: executing program 0 (id=2133): syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x441) socket(0xa, 0x3, 0x3b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1c, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 3 (id=2134): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = socket(0x2b, 0x1, 0x1) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto(r0, 0x8983, 0x4) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020006, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x1) sched_setaffinity$auto(0x0, 0x9899, 0x0) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  syzkaller syzkaller login: [ 559.596875][T11966] FAULT_INJECTION: forcing a failure. [ 559.596875][T11966] name failslab, interval 1, probability 0, space 0, times 0 [ 559.645340][T11966] CPU: 1 UID: 0 PID: 11966 Comm: syz.0.1348 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 559.645385][T11966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 559.645404][T11966] Call Trace: [ 559.645415][T11966] [ 559.645426][T11966] dump_stack_lvl+0x16c/0x1f0 [ 559.645478][T11966] should_fail_ex+0x512/0x640 [ 559.645522][T11966] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 559.645593][T11966] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 559.645627][T11966] should_failslab+0xc2/0x120 [ 559.645658][T11966] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 559.645709][T11966] ? mempool_init_node+0x320/0x760 [ 559.645746][T11966] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 559.645780][T11966] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 559.645816][T11966] mempool_init_node+0x320/0x760 [ 559.645861][T11966] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 559.645895][T11966] ? __pfx_mempool_free_slab+0x10/0x10 [ 559.645931][T11966] mempool_init_noprof+0x3a/0x50 [ 559.645973][T11966] bioset_init+0x37a/0x880 [ 559.646007][T11966] ? __pfx_bioset_init+0x10/0x10 [ 559.646056][T11966] __alloc_disk_node+0x83/0x630 [ 559.646108][T11966] __blk_mq_alloc_disk+0x89/0x120 [ 559.646156][T11966] loop_add+0x49e/0xb70 [ 559.646190][T11966] ? do_vfs_ioctl+0x523/0x1a60 [ 559.646226][T11966] ? __pfx_loop_add+0x10/0x10 [ 559.646266][T11966] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 559.646333][T11966] ? find_held_lock+0x2b/0x80 [ 559.646372][T11966] loop_control_ioctl+0x13e/0x630 [ 559.646411][T11966] ? __pfx_loop_control_ioctl+0x10/0x10 [ 559.646455][T11966] ? __pfx_loop_control_ioctl+0x10/0x10 [ 559.646495][T11966] __x64_sys_ioctl+0x18b/0x210 [ 559.646538][T11966] do_syscall_64+0xcd/0x490 [ 559.646586][T11966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.646616][T11966] RIP: 0033:0x7f3e5b58e929 [ 559.646639][T11966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.646665][T11966] RSP: 002b:00007f3e5c403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 559.646692][T11966] RAX: ffffffffffffffda RBX: 00007f3e5b7b5fa0 RCX: 00007f3e5b58e929 [ 559.646711][T11966] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 559.646728][T11966] RBP: 00007f3e5b610b39 R08: 0000000000000000 R09: 0000000000000000 [ 559.646746][T11966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 559.646762][T11966] R13: 0000000000000000 R14: 00007f3e5b7b5fa0 R15: 00007ffdd8e04b28 [ 559.646796][T11966] [ 566.160507][T12053] FAULT_INJECTION: forcing a failure. [ 566.160507][T12053] name failslab, interval 1, probability 0, space 0, times 0 [ 566.221340][T12053] CPU: 0 UID: 0 PID: 12053 Comm: syz.2.1364 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 566.221387][T12053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 566.221407][T12053] Call Trace: [ 566.221417][T12053] [ 566.221429][T12053] dump_stack_lvl+0x16c/0x1f0 [ 566.221489][T12053] should_fail_ex+0x512/0x640 [ 566.221535][T12053] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 566.221583][T12053] should_failslab+0xc2/0x120 [ 566.221614][T12053] __kmalloc_cache_noprof+0x6a/0x3e0 [ 566.221658][T12053] ? slhc_init+0x7d/0x570 [ 566.221713][T12053] slhc_init+0x7d/0x570 [ 566.221752][T12053] ? kasan_save_track+0x14/0x30 [ 566.221804][T12053] slip_open+0x8ee/0x1150 [ 566.221844][T12053] ? __pfx_n_tty_close+0x10/0x10 [ 566.221883][T12053] ? __pfx_slip_open+0x10/0x10 [ 566.221921][T12053] ? down_write+0x14d/0x200 [ 566.221956][T12053] ? __pfx_slip_open+0x10/0x10 [ 566.221996][T12053] tty_ldisc_open+0x9f/0x120 [ 566.222040][T12053] tty_set_ldisc+0x32b/0x780 [ 566.222092][T12053] tty_ioctl+0xc2e/0x1640 [ 566.222142][T12053] ? __pfx_tty_ioctl+0x10/0x10 [ 566.222205][T12053] ? find_held_lock+0x2b/0x80 [ 566.222236][T12053] ? hook_file_ioctl_common+0x145/0x410 [ 566.222281][T12053] ? __fget_files+0x20e/0x3c0 [ 566.222332][T12053] ? __pfx_tty_ioctl+0x10/0x10 [ 566.222382][T12053] __x64_sys_ioctl+0x18b/0x210 [ 566.222423][T12053] do_syscall_64+0xcd/0x490 [ 566.222476][T12053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.222510][T12053] RIP: 0033:0x7febdc58e929 [ 566.222536][T12053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 566.222568][T12053] RSP: 002b:00007febdd32f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 566.222599][T12053] RAX: ffffffffffffffda RBX: 00007febdc7b5fa0 RCX: 00007febdc58e929 [ 566.222621][T12053] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000a [ 566.222641][T12053] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 566.222660][T12053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 566.222678][T12053] R13: 0000000000000000 R14: 00007febdc7b5fa0 R15: 00007fff57875178 [ 566.222736][T12053] [ 567.727698][T12075] FAULT_INJECTION: forcing a failure. [ 567.727698][T12075] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 567.870904][T12075] CPU: 0 UID: 0 PID: 12075 Comm: syz.0.1369 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 567.870950][T12075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 567.870967][T12075] Call Trace: [ 567.870977][T12075] [ 567.870990][T12075] dump_stack_lvl+0x16c/0x1f0 [ 567.871043][T12075] should_fail_ex+0x512/0x640 [ 567.871089][T12075] should_fail_alloc_page+0xe7/0x130 [ 567.871118][T12075] prepare_alloc_pages+0x3c2/0x610 [ 567.871151][T12075] ? __lock_acquire+0x622/0x1c90 [ 567.871192][T12075] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 567.871247][T12075] ? find_held_lock+0x2b/0x80 [ 567.871274][T12075] ? mtree_load+0x309/0xa40 [ 567.871313][T12075] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 567.871360][T12075] ? mtree_load+0x325/0xa40 [ 567.871408][T12075] ? __up_read+0x1f8/0x750 [ 567.871450][T12075] ? __pfx___up_read+0x10/0x10 [ 567.871488][T12075] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 567.871533][T12075] ? policy_nodemask+0xea/0x4e0 [ 567.871570][T12075] alloc_pages_mpol+0x1fb/0x550 [ 567.871600][T12075] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 567.871626][T12075] ? do_raw_spin_lock+0x12c/0x2b0 [ 567.871669][T12075] ? __pfx___access_remote_vm+0x10/0x10 [ 567.871722][T12075] alloc_pages_noprof+0x131/0x390 [ 567.871749][T12075] get_free_pages_noprof+0x10/0xb0 [ 567.871777][T12075] proc_pid_cmdline_read+0x46d/0x900 [ 567.871816][T12075] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 567.871853][T12075] ? rw_verify_area+0xcf/0x680 [ 567.871888][T12075] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 567.871922][T12075] vfs_read+0x1e4/0xc60 [ 567.871966][T12075] ? __pfx___mutex_lock+0x10/0x10 [ 567.872009][T12075] ? __pfx_vfs_read+0x10/0x10 [ 567.872056][T12075] ? __fget_files+0x20e/0x3c0 [ 567.872103][T12075] ksys_read+0x12a/0x250 [ 567.872141][T12075] ? __pfx_ksys_read+0x10/0x10 [ 567.872190][T12075] do_syscall_64+0xcd/0x490 [ 567.872235][T12075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.872264][T12075] RIP: 0033:0x7f3e5b58e929 [ 567.872286][T12075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.872315][T12075] RSP: 002b:00007f3e5c403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 567.872342][T12075] RAX: ffffffffffffffda RBX: 00007f3e5b7b5fa0 RCX: 00007f3e5b58e929 [ 567.872361][T12075] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000007 [ 567.872378][T12075] RBP: 00007f3e5b610b39 R08: 0000000000000000 R09: 0000000000000000 [ 567.872394][T12075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 567.872411][T12075] R13: 0000000000000000 R14: 00007f3e5b7b5fa0 R15: 00007ffdd8e04b28 [ 567.872445][T12075] [ 569.053030][T12082] random: crng reseeded on system resumption [ 570.094224][T12095] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1373'. [ 570.269252][T12098] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 570.862674][T12099] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 573.213436][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.220301][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.890168][T12149] random: crng reseeded on system resumption [ 575.257715][T12162] tipc: Started in network mode [ 575.306728][T12162] tipc: Node identity ee00, cluster identity 4711 [ 575.391856][T12162] tipc: Node number set to 60928 [ 578.621430][T12199] FAULT_INJECTION: forcing a failure. [ 578.621430][T12199] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 578.686723][T12199] CPU: 0 UID: 0 PID: 12199 Comm: syz.2.1395 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 578.686783][T12199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 578.686804][T12199] Call Trace: [ 578.686814][T12199] [ 578.686826][T12199] dump_stack_lvl+0x16c/0x1f0 [ 578.686879][T12199] should_fail_ex+0x512/0x640 [ 578.686931][T12199] should_fail_alloc_page+0xe7/0x130 [ 578.686966][T12199] prepare_alloc_pages+0x3c2/0x610 [ 578.687004][T12199] ? __lock_acquire+0x622/0x1c90 [ 578.687051][T12199] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 578.687114][T12199] ? find_held_lock+0x2b/0x80 [ 578.687147][T12199] ? mtree_load+0x309/0xa40 [ 578.687190][T12199] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 578.687243][T12199] ? mtree_load+0x325/0xa40 [ 578.687299][T12199] ? __up_read+0x1f8/0x750 [ 578.687345][T12199] ? __pfx___up_read+0x10/0x10 [ 578.687389][T12199] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 578.687438][T12199] ? policy_nodemask+0xea/0x4e0 [ 578.687470][T12199] alloc_pages_mpol+0x1fb/0x550 [ 578.687500][T12199] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 578.687529][T12199] ? do_raw_spin_lock+0x12c/0x2b0 [ 578.687575][T12199] ? __pfx___access_remote_vm+0x10/0x10 [ 578.687629][T12199] alloc_pages_noprof+0x131/0x390 [ 578.687659][T12199] get_free_pages_noprof+0x10/0xb0 [ 578.687691][T12199] proc_pid_cmdline_read+0x46d/0x900 [ 578.687746][T12199] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 578.687789][T12199] ? rw_verify_area+0xcf/0x680 [ 578.687828][T12199] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 578.687868][T12199] vfs_read+0x1e4/0xc60 [ 578.687917][T12199] ? __pfx___mutex_lock+0x10/0x10 [ 578.687964][T12199] ? __pfx_vfs_read+0x10/0x10 [ 578.688013][T12199] ? __fget_files+0x20e/0x3c0 [ 578.688059][T12199] ksys_read+0x12a/0x250 [ 578.688098][T12199] ? __pfx_ksys_read+0x10/0x10 [ 578.688145][T12199] do_syscall_64+0xcd/0x490 [ 578.688189][T12199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.688215][T12199] RIP: 0033:0x7febdc58e929 [ 578.688236][T12199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.688262][T12199] RSP: 002b:00007febdd32f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 578.688287][T12199] RAX: ffffffffffffffda RBX: 00007febdc7b5fa0 RCX: 00007febdc58e929 [ 578.688305][T12199] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000007 [ 578.688321][T12199] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 578.688337][T12199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 578.688353][T12199] R13: 0000000000000000 R14: 00007febdc7b5fa0 R15: 00007fff57875178 [ 578.688385][T12199] [ 580.491423][T12219] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input26 [ 580.596624][T12214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1397'. [ 581.647137][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 581.653507][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 581.666765][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 581.673300][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 581.687135][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 581.694197][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 581.706840][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 581.722910][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 582.654955][T12236] FAULT_INJECTION: forcing a failure. [ 582.654955][T12236] name failslab, interval 1, probability 0, space 0, times 0 [ 582.743489][T12236] CPU: 1 UID: 0 PID: 12236 Comm: syz.0.1401 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 582.743536][T12236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 582.743557][T12236] Call Trace: [ 582.743568][T12236] [ 582.743581][T12236] dump_stack_lvl+0x16c/0x1f0 [ 582.743638][T12236] should_fail_ex+0x512/0x640 [ 582.743685][T12236] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 582.743735][T12236] should_failslab+0xc2/0x120 [ 582.743767][T12236] __kmalloc_cache_noprof+0x6a/0x3e0 [ 582.743812][T12236] ? lockdep_init_map_type+0x5c/0x280 [ 582.743857][T12236] ? slip_open+0x846/0x1150 [ 582.743896][T12236] ? do_init_timer+0xc9/0x110 [ 582.743935][T12236] slip_open+0x846/0x1150 [ 582.743977][T12236] ? __pfx_n_tty_close+0x10/0x10 [ 582.744013][T12236] ? find_held_lock+0x2b/0x80 [ 582.744043][T12236] ? __pfx_slip_open+0x10/0x10 [ 582.744083][T12236] ? down_write+0x14d/0x200 [ 582.744117][T12236] ? __pfx_slip_open+0x10/0x10 [ 582.744157][T12236] tty_ldisc_open+0x9f/0x120 [ 582.744203][T12236] tty_set_ldisc+0x32b/0x780 [ 582.744255][T12236] tty_ioctl+0xc2e/0x1640 [ 582.744307][T12236] ? __pfx_tty_ioctl+0x10/0x10 [ 582.744373][T12236] ? find_held_lock+0x2b/0x80 [ 582.744416][T12236] ? hook_file_ioctl_common+0x145/0x410 [ 582.744463][T12236] ? __fget_files+0x20e/0x3c0 [ 582.744521][T12236] ? __pfx_tty_ioctl+0x10/0x10 [ 582.744575][T12236] __x64_sys_ioctl+0x18b/0x210 [ 582.744619][T12236] do_syscall_64+0xcd/0x490 [ 582.744674][T12236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.744707][T12236] RIP: 0033:0x7f3e5b58e929 [ 582.744733][T12236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.744765][T12236] RSP: 002b:00007f3e5c403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 582.744797][T12236] RAX: ffffffffffffffda RBX: 00007f3e5b7b5fa0 RCX: 00007f3e5b58e929 [ 582.744818][T12236] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000a [ 582.744837][T12236] RBP: 00007f3e5b610b39 R08: 0000000000000000 R09: 0000000000000000 [ 582.744857][T12236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 582.744877][T12236] R13: 0000000000000000 R14: 00007f3e5b7b5fa0 R15: 00007ffdd8e04b28 [ 582.744920][T12236] [ 586.235897][T12289] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1410'. [ 587.730160][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.737445][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 587.754472][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.761140][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 587.774276][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.782145][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 587.808178][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.815076][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 589.285249][T12327] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 589.868571][T12328] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 592.150199][T12353] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1421'. [ 594.466989][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 594.473719][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 594.495323][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 594.506874][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 594.545881][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 594.656438][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 594.685312][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 594.703416][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 598.617063][T12428] Invalid ELF header magic: != ELF [ 603.295358][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.314933][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.341371][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.350359][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.386157][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.392615][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.411938][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.418520][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.964428][T12484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1449'. [ 604.104222][T12484] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1449'. [ 610.626957][T12542] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1457'. [ 613.662694][T12570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1464'. [ 613.727351][T12570] HfR: entered promiscuous mode [ 615.061798][T12582] FAULT_INJECTION: forcing a failure. [ 615.061798][T12582] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 615.134952][T12582] CPU: 0 UID: 0 PID: 12582 Comm: syz.3.1468 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 615.134989][T12582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 615.135004][T12582] Call Trace: [ 615.135012][T12582] [ 615.135021][T12582] dump_stack_lvl+0x16c/0x1f0 [ 615.135066][T12582] should_fail_ex+0x512/0x640 [ 615.135108][T12582] should_fail_alloc_page+0xe7/0x130 [ 615.135134][T12582] prepare_alloc_pages+0x3c2/0x610 [ 615.135164][T12582] ? __lock_acquire+0x622/0x1c90 [ 615.135220][T12582] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 615.135271][T12582] ? find_held_lock+0x2b/0x80 [ 615.135296][T12582] ? mtree_load+0x309/0xa40 [ 615.135332][T12582] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 615.135378][T12582] ? mtree_load+0x325/0xa40 [ 615.135423][T12582] ? __up_read+0x1f8/0x750 [ 615.135460][T12582] ? __pfx___up_read+0x10/0x10 [ 615.135497][T12582] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 615.135537][T12582] ? policy_nodemask+0xea/0x4e0 [ 615.135563][T12582] alloc_pages_mpol+0x1fb/0x550 [ 615.135608][T12582] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 615.135637][T12582] ? do_raw_spin_lock+0x12c/0x2b0 [ 615.135686][T12582] ? __pfx___access_remote_vm+0x10/0x10 [ 615.135740][T12582] alloc_pages_noprof+0x131/0x390 [ 615.135769][T12582] get_free_pages_noprof+0x10/0xb0 [ 615.135810][T12582] proc_pid_cmdline_read+0x46d/0x900 [ 615.135861][T12582] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 615.135899][T12582] ? rw_verify_area+0xcf/0x680 [ 615.135936][T12582] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 615.135973][T12582] vfs_read+0x1e4/0xc60 [ 615.136021][T12582] ? __pfx___mutex_lock+0x10/0x10 [ 615.136071][T12582] ? __pfx_vfs_read+0x10/0x10 [ 615.136129][T12582] ? __fget_files+0x20e/0x3c0 [ 615.136186][T12582] ksys_read+0x12a/0x250 [ 615.136230][T12582] ? __pfx_ksys_read+0x10/0x10 [ 615.136282][T12582] do_syscall_64+0xcd/0x490 [ 615.136335][T12582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.136367][T12582] RIP: 0033:0x7f0e9658e929 [ 615.136393][T12582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.136425][T12582] RSP: 002b:00007f0e973c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 615.136456][T12582] RAX: ffffffffffffffda RBX: 00007f0e967b5fa0 RCX: 00007f0e9658e929 [ 615.136476][T12582] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000007 [ 615.136497][T12582] RBP: 00007f0e96610b39 R08: 0000000000000000 R09: 0000000000000000 [ 615.136516][T12582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.136535][T12582] R13: 0000000000000000 R14: 00007f0e967b5fa0 R15: 00007ffc9e1d4e68 [ 615.136574][T12582] [ 626.293850][T12719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1492'. [ 626.324978][T12719] geneve1: entered promiscuous mode [ 626.371520][T12719] geneve1: entered allmulticast mode [ 626.403806][T12719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1492'. [ 630.371160][T12753] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma? [ 630.546543][T12760] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1501'. [ 631.545135][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 631.566414][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.575103][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 631.639256][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.681469][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 631.687877][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.713498][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 631.728480][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 634.621173][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.627970][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.786053][T12807] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1506'. [ 635.795346][T12807] geneve1: entered promiscuous mode [ 635.796819][T12804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1507'. [ 635.801401][T12807] geneve1: entered allmulticast mode [ 635.853331][T12807] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1506'. [ 636.738074][T12823] bond0: option all_slaves_active: invalid value (10) [ 637.341851][T12823] FAULT_INJECTION: forcing a failure. [ 637.341851][T12823] name failslab, interval 1, probability 0, space 0, times 0 [ 637.358460][T12823] CPU: 0 UID: 0 PID: 12823 Comm: syz.0.1510 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 637.358503][T12823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 637.358521][T12823] Call Trace: [ 637.358530][T12823] [ 637.358541][T12823] dump_stack_lvl+0x16c/0x1f0 [ 637.358609][T12823] should_fail_ex+0x512/0x640 [ 637.358654][T12823] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 637.358706][T12823] should_failslab+0xc2/0x120 [ 637.358736][T12823] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 637.358782][T12823] ? __pfx_acct_collect+0x10/0x10 [ 637.358829][T12823] ? taskstats_exit+0x654/0xbe0 [ 637.358880][T12823] taskstats_exit+0x654/0xbe0 [ 637.358929][T12823] ? __pfx_taskstats_exit+0x10/0x10 [ 637.358986][T12823] do_exit+0x5d9/0x2bd0 [ 637.359036][T12823] ? __pfx_do_exit+0x10/0x10 [ 637.359079][T12823] ? do_raw_spin_lock+0x12c/0x2b0 [ 637.359127][T12823] ? find_held_lock+0x2b/0x80 [ 637.359163][T12823] do_group_exit+0xd3/0x2a0 [ 637.359208][T12823] get_signal+0x2673/0x26d0 [ 637.359259][T12823] ? __pfx_get_signal+0x10/0x10 [ 637.359292][T12823] ? do_futex+0x122/0x350 [ 637.359331][T12823] ? __pfx_do_futex+0x10/0x10 [ 637.359372][T12823] arch_do_signal_or_restart+0x8f/0x790 [ 637.359411][T12823] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 637.359469][T12823] ? xfd_validate_state+0x61/0x180 [ 637.359509][T12823] ? __pfx_do_pwritev+0x10/0x10 [ 637.359561][T12823] exit_to_user_mode_loop+0x84/0x110 [ 637.359612][T12823] do_syscall_64+0x3f6/0x490 [ 637.359664][T12823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.359696][T12823] RIP: 0033:0x7f3e5b58e929 [ 637.359733][T12823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.359763][T12823] RSP: 002b:00007f3e5c3e20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 637.359792][T12823] RAX: fffffffffffffe00 RBX: 00007f3e5b7b6088 RCX: 00007f3e5b58e929 [ 637.359812][T12823] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3e5b7b6088 [ 637.359831][T12823] RBP: 00007f3e5b7b6080 R08: 0000000000000000 R09: 0000000000000000 [ 637.359848][T12823] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3e5b7b608c [ 637.359867][T12823] R13: 0000000000000000 R14: 00007ffdd8e04a40 R15: 00007ffdd8e04b28 [ 637.359906][T12823] [ 639.032416][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 639.062546][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 639.071466][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 639.081988][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 639.097974][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 639.104294][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 639.118255][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 639.124666][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 643.891566][ T5843] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 646.663245][T12941] phram: parameter too long [ 647.119050][T12944] input: 00 [ 647.119050][T12944] as /devices/virtual/input/input32 [ 647.140589][T12944] FAULT_INJECTION: forcing a failure. [ 647.140589][T12944] name failslab, interval 1, probability 0, space 0, times 0 [ 647.155864][T12944] CPU: 1 UID: 0 PID: 12944 Comm: syz.0.1534 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 647.155912][T12944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 647.155932][T12944] Call Trace: [ 647.155942][T12944] [ 647.155955][T12944] dump_stack_lvl+0x16c/0x1f0 [ 647.156010][T12944] should_fail_ex+0x512/0x640 [ 647.156056][T12944] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 647.156113][T12944] should_failslab+0xc2/0x120 [ 647.156144][T12944] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 647.156198][T12944] ? kasprintf+0xc7/0x100 [ 647.156233][T12944] kvasprintf+0xbc/0x160 [ 647.156262][T12944] ? __pfx_kvasprintf+0x10/0x10 [ 647.156309][T12944] kasprintf+0xc7/0x100 [ 647.156338][T12944] ? __pfx_kasprintf+0x10/0x10 [ 647.156385][T12944] ? __pfx_input_devnode+0x10/0x10 [ 647.156420][T12944] device_get_devnode+0x163/0x2c0 [ 647.156460][T12944] devtmpfs_create_node+0xf1/0x230 [ 647.156512][T12944] ? __pfx_devtmpfs_create_node+0x10/0x10 [ 647.156565][T12944] ? up_write+0x1b2/0x520 [ 647.156638][T12944] ? kernfs_create_link+0x1bd/0x240 [ 647.156676][T12944] ? kernfs_put+0x35/0x60 [ 647.156722][T12944] ? sysfs_do_create_link_sd+0xbb/0x140 [ 647.156772][T12944] device_add+0x10bd/0x1a70 [ 647.156810][T12944] ? __pfx_device_add+0x10/0x10 [ 647.156840][T12944] ? __pfx_exact_lock+0x10/0x10 [ 647.156895][T12944] ? kobject_get+0xbb/0x150 [ 647.156950][T12944] cdev_device_add+0xc2/0x1e0 [ 647.157002][T12944] evdev_connect+0x3a4/0x4c0 [ 647.157048][T12944] input_attach_handler.isra.0+0x181/0x260 [ 647.157097][T12944] input_register_device+0xa84/0x1130 [ 647.157146][T12944] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 647.157184][T12944] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 647.157228][T12944] ? find_held_lock+0x2b/0x80 [ 647.157280][T12944] ? __pfx_uinput_ioctl+0x10/0x10 [ 647.157312][T12944] __x64_sys_ioctl+0x18b/0x210 [ 647.157353][T12944] do_syscall_64+0xcd/0x490 [ 647.157404][T12944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.157437][T12944] RIP: 0033:0x7f3e5b58e929 [ 647.157462][T12944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.157495][T12944] RSP: 002b:00007f3e5c403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 647.157526][T12944] RAX: ffffffffffffffda RBX: 00007f3e5b7b5fa0 RCX: 00007f3e5b58e929 [ 647.157547][T12944] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006 [ 647.157566][T12944] RBP: 00007f3e5b610b39 R08: 0000000000000000 R09: 0000000000000000 [ 647.157592][T12944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.157611][T12944] R13: 0000000000000000 R14: 00007f3e5b7b5fa0 R15: 00007ffdd8e04b28 [ 647.157653][T12944] [ 648.267266][T12958] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma? [ 648.362133][T12962] FAULT_INJECTION: forcing a failure. [ 648.362133][T12962] name failslab, interval 1, probability 0, space 0, times 0 [ 648.471301][T12965] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1536'. [ 648.740737][T12962] CPU: 1 UID: 0 PID: 12962 Comm: syz.2.1538 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 648.740782][T12962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 648.740801][T12962] Call Trace: [ 648.740811][T12962] [ 648.740823][T12962] dump_stack_lvl+0x16c/0x1f0 [ 648.740876][T12962] should_fail_ex+0x512/0x640 [ 648.740919][T12962] ? __kmalloc_noprof+0xbf/0x510 [ 648.740967][T12962] ? ptp_open+0x103/0x520 [ 648.741000][T12962] should_failslab+0xc2/0x120 [ 648.741030][T12962] __kmalloc_noprof+0xd2/0x510 [ 648.741087][T12962] ptp_open+0x103/0x520 [ 648.741128][T12962] ? __pfx_ptp_open+0x10/0x10 [ 648.741177][T12962] ? __pfx_ptp_open+0x10/0x10 [ 648.741212][T12962] posix_clock_open+0x17b/0x290 [ 648.741248][T12962] ? __pfx_posix_clock_open+0x10/0x10 [ 648.741282][T12962] chrdev_open+0x231/0x6a0 [ 648.741329][T12962] ? __pfx_apparmor_file_open+0x10/0x10 [ 648.741368][T12962] ? __pfx_chrdev_open+0x10/0x10 [ 648.741419][T12962] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 648.741479][T12962] do_dentry_open+0x744/0x1c10 [ 648.741546][T12962] ? __pfx_chrdev_open+0x10/0x10 [ 648.741605][T12962] vfs_open+0x82/0x3f0 [ 648.741657][T12962] path_openat+0x1de4/0x2cb0 [ 648.741717][T12962] ? __pfx_path_openat+0x10/0x10 [ 648.741765][T12962] ? __lock_acquire+0xb8a/0x1c90 [ 648.741811][T12962] do_filp_open+0x20b/0x470 [ 648.741856][T12962] ? __pfx_do_filp_open+0x10/0x10 [ 648.741933][T12962] ? alloc_fd+0x471/0x7d0 [ 648.741987][T12962] do_sys_openat2+0x11b/0x1d0 [ 648.742021][T12962] ? __pfx_do_sys_openat2+0x10/0x10 [ 648.742073][T12962] __x64_sys_openat+0x174/0x210 [ 648.742108][T12962] ? __pfx___x64_sys_openat+0x10/0x10 [ 648.742162][T12962] do_syscall_64+0xcd/0x490 [ 648.742212][T12962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.742242][T12962] RIP: 0033:0x7febdc58e929 [ 648.742266][T12962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.742297][T12962] RSP: 002b:00007febdd30e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 648.742325][T12962] RAX: ffffffffffffffda RBX: 00007febdc7b6080 RCX: 00007febdc58e929 [ 648.742345][T12962] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 648.742364][T12962] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 648.742382][T12962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.742399][T12962] R13: 0000000000000000 R14: 00007febdc7b6080 R15: 00007fff57875178 [ 648.742438][T12962] [ 650.219607][ T51] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 652.433092][T12994] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 652.439753][T12994] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 652.550298][T12994] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 652.610017][T12994] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 652.644266][T12994] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 652.670422][T12994] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 653.355921][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 653.527916][T13014] sd 0:0:1:0: PR command failed: 1026 [ 653.535565][T13014] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 653.554985][T13014] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 654.608449][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 654.687442][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 654.697139][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 654.822051][T13023] Invalid ELF header magic: != ELF [ 655.411795][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 656.689081][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 656.837326][T13034] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 656.846886][T13034] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 656.853260][T13034] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 656.931884][T13034] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 657.329143][T13052] HfR: entered promiscuous mode [ 657.429239][T13052] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1552'. [ 657.475131][T13057] FAULT_INJECTION: forcing a failure. [ 657.475131][T13057] name failslab, interval 1, probability 0, space 0, times 0 [ 657.478392][T13052] openvswitch: HfR: Dropping previously announced user features [ 657.545867][T13057] CPU: 0 UID: 0 PID: 13057 Comm: syz.3.1550 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 657.545912][T13057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 657.545931][T13057] Call Trace: [ 657.545941][T13057] [ 657.545957][T13057] dump_stack_lvl+0x16c/0x1f0 [ 657.546011][T13057] should_fail_ex+0x512/0x640 [ 657.546055][T13057] ? __kmalloc_noprof+0xbf/0x510 [ 657.546104][T13057] ? ptp_open+0x103/0x520 [ 657.546137][T13057] should_failslab+0xc2/0x120 [ 657.546166][T13057] __kmalloc_noprof+0xd2/0x510 [ 657.546221][T13057] ptp_open+0x103/0x520 [ 657.546262][T13057] ? __pfx_ptp_open+0x10/0x10 [ 657.546309][T13057] ? __pfx_ptp_open+0x10/0x10 [ 657.546344][T13057] posix_clock_open+0x17b/0x290 [ 657.546381][T13057] ? __pfx_posix_clock_open+0x10/0x10 [ 657.546415][T13057] chrdev_open+0x231/0x6a0 [ 657.546462][T13057] ? __pfx_apparmor_file_open+0x10/0x10 [ 657.546501][T13057] ? __pfx_chrdev_open+0x10/0x10 [ 657.546553][T13057] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 657.546602][T13057] do_dentry_open+0x744/0x1c10 [ 657.546649][T13057] ? __pfx_chrdev_open+0x10/0x10 [ 657.546704][T13057] vfs_open+0x82/0x3f0 [ 657.546743][T13057] path_openat+0x1de4/0x2cb0 [ 657.546800][T13057] ? __pfx_path_openat+0x10/0x10 [ 657.546859][T13057] ? __lock_acquire+0xb8a/0x1c90 [ 657.546906][T13057] do_filp_open+0x20b/0x470 [ 657.546952][T13057] ? __pfx_do_filp_open+0x10/0x10 [ 657.547023][T13057] ? alloc_fd+0x471/0x7d0 [ 657.547075][T13057] do_sys_openat2+0x11b/0x1d0 [ 657.547109][T13057] ? __pfx_do_sys_openat2+0x10/0x10 [ 657.547159][T13057] __x64_sys_openat+0x174/0x210 [ 657.547194][T13057] ? __pfx___x64_sys_openat+0x10/0x10 [ 657.547247][T13057] do_syscall_64+0xcd/0x490 [ 657.547299][T13057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.547331][T13057] RIP: 0033:0x7f0e9658e929 [ 657.547356][T13057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.547386][T13057] RSP: 002b:00007f0e973a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 657.547415][T13057] RAX: ffffffffffffffda RBX: 00007f0e967b6080 RCX: 00007f0e9658e929 [ 657.547435][T13057] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 657.547454][T13057] RBP: 00007f0e96610b39 R08: 0000000000000000 R09: 0000000000000000 [ 657.547472][T13057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.547490][T13057] R13: 0000000000000000 R14: 00007f0e967b6080 R15: 00007ffc9e1d4e68 [ 657.547528][T13057] [ 658.049146][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 658.925298][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 658.931445][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 658.937811][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 660.574751][T13087] phram: parameter too long [ 661.802807][T13100] netlink: 296 bytes leftover after parsing attributes in process `syz.3.1561'. [ 664.918073][T13142] openvswitch: HfR: Dropping previously announced user features [ 664.938079][T13143] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1566'. [ 665.436632][T13143] openvswitch: HfR: Dropping previously announced user features [ 675.338095][T13196] delete_channel: no stack [ 675.906713][T13257] random: crng reseeded on system resumption [ 677.841934][T13268] Invalid ELF header magic: != ELF [ 681.734691][T13318] random: crng reseeded on system resumption [ 691.973079][T13426] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1624'. [ 693.127274][T13441] random: crng reseeded on system resumption [ 696.029823][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 696.040009][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 700.160540][T13508] random: crng reseeded on system resumption [ 703.476838][T13549] Invalid ELF header magic: != ELF [ 704.739948][ T5837] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 705.439429][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 705.454468][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 705.507129][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 705.514025][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 705.566862][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 705.575359][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 705.606860][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 705.615746][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 707.525124][ T5837] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 709.100305][T13598] FAULT_INJECTION: forcing a failure. [ 709.100305][T13598] name failslab, interval 1, probability 0, space 0, times 0 [ 709.131343][T13598] CPU: 1 UID: 0 PID: 13598 Comm: syz.3.1655 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 709.131377][T13598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 709.131391][T13598] Call Trace: [ 709.131398][T13598] [ 709.131407][T13598] dump_stack_lvl+0x16c/0x1f0 [ 709.131454][T13598] should_fail_ex+0x512/0x640 [ 709.131499][T13598] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 709.131552][T13598] should_failslab+0xc2/0x120 [ 709.131580][T13598] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 709.131614][T13598] ? __kernfs_new_node+0xd2/0x8e0 [ 709.131650][T13598] __kernfs_new_node+0xd2/0x8e0 [ 709.131684][T13598] ? __pfx___kernfs_new_node+0x10/0x10 [ 709.131725][T13598] ? find_held_lock+0x2b/0x80 [ 709.131748][T13598] ? kernfs_root+0xee/0x2a0 [ 709.131784][T13598] kernfs_new_node+0x13c/0x1e0 [ 709.131819][T13598] ? net_ns_get_ownership+0xf8/0x1b0 [ 709.131859][T13598] kernfs_create_dir_ns+0x4c/0x1a0 [ 709.131898][T13598] internal_create_group+0x34d/0xf30 [ 709.131938][T13598] ? __pfx_internal_create_group+0x10/0x10 [ 709.131976][T13598] ? kernfs_create_link+0x1bd/0x240 [ 709.132005][T13598] internal_create_groups+0x9d/0x150 [ 709.132041][T13598] device_add+0xf30/0x1a70 [ 709.132067][T13598] ? __pfx_device_add+0x10/0x10 [ 709.132090][T13598] ? lockdep_init_map_type+0x5c/0x280 [ 709.132122][T13598] ? __init_waitqueue_head+0xca/0x150 [ 709.132164][T13598] netdev_register_kobject+0x182/0x3a0 [ 709.132193][T13598] register_netdevice+0x13dc/0x2270 [ 709.132221][T13598] ? __pfx_register_netdevice+0x10/0x10 [ 709.132252][T13598] __ip_tunnel_create+0x540/0x6e0 [ 709.132281][T13598] ? __pfx___ip_tunnel_create+0x10/0x10 [ 709.132315][T13598] ip_tunnel_init_net+0x22f/0x7d0 [ 709.132346][T13598] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 709.132390][T13598] ? trace_kmalloc+0x2b/0xd0 [ 709.132410][T13598] ? __kmalloc_noprof+0x242/0x510 [ 709.132446][T13598] ? lockdep_init_map_type+0x5c/0x280 [ 709.132478][T13598] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 709.132514][T13598] ops_init+0x1df/0x5f0 [ 709.132550][T13598] setup_net+0x1ff/0x510 [ 709.132568][T13598] ? lockdep_init_map_type+0x5c/0x280 [ 709.132597][T13598] ? __pfx_setup_net+0x10/0x10 [ 709.132618][T13598] ? debug_mutex_init+0x37/0x70 [ 709.132640][T13598] copy_net_ns+0x2a6/0x5f0 [ 709.132665][T13598] create_new_namespaces+0x3ea/0xa90 [ 709.132696][T13598] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 709.132722][T13598] ksys_unshare+0x45b/0xa40 [ 709.132750][T13598] ? __pfx_ksys_unshare+0x10/0x10 [ 709.132788][T13598] __x64_sys_unshare+0x31/0x40 [ 709.132815][T13598] do_syscall_64+0xcd/0x490 [ 709.132851][T13598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.132873][T13598] RIP: 0033:0x7f0e9658e929 [ 709.132890][T13598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.132912][T13598] RSP: 002b:00007f0e973c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 709.132932][T13598] RAX: ffffffffffffffda RBX: 00007f0e967b5fa0 RCX: 00007f0e9658e929 [ 709.132946][T13598] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 709.132959][T13598] RBP: 00007f0e96610b39 R08: 0000000000000000 R09: 0000000000000000 [ 709.132971][T13598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.132984][T13598] R13: 0000000000000000 R14: 00007f0e967b5fa0 R15: 00007ffc9e1d4e68 [ 709.133010][T13598] [ 713.302745][T13638] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[13638] [ 715.400193][ T5837] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 716.207416][T13673] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 722.506304][T13748] Invalid ELF header magic: != ELF [ 724.872953][T13782] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1696'. [ 724.964865][T13782] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1696'. [ 725.044393][ T30] audit: type=1800 audit(4294967732.058:19): pid=13792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1687" name="dbroot" dev="configfs" ino=90636 res=0 errno=0 [ 726.607646][T13808] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1693'. [ 726.880442][T13808] bond0: (slave bond_slave_0): Releasing backup interface [ 728.994574][T13830] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1698'. [ 729.258608][T13830] netlink: 262 bytes leftover after parsing attributes in process `syz.2.1698'. [ 729.623283][T13839] Invalid ELF header magic: != ELF [ 734.608340][T13878] hub 8-0:1.0: USB hub found [ 734.617615][T13878] hub 8-0:1.0: 1 port detected [ 735.705945][T13884] Invalid ELF header magic: != ELF [ 737.561644][ T30] audit: type=1804 audit(4294967744.568:20): pid=13910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1714" name="/newroot/425/file0" dev="tmpfs" ino=2257 res=1 errno=0 [ 737.673410][ T30] audit: type=1800 audit(4294967744.568:21): pid=13910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1714" name="file0" dev="tmpfs" ino=2257 res=0 errno=0 [ 738.193666][T13920] netlink: 'syz.1.1716': attribute type 2 has an invalid length. [ 741.650721][T13942] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 741.658457][T13942] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 741.671980][T13942] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 741.687050][T13942] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 741.717565][T13942] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 742.821679][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 743.175571][T13985] Invalid ELF header magic: != ELF [ 743.711702][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 743.712457][T13071] Bluetooth: hci1: command 0x0c1a tx timeout [ 743.717797][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 745.314242][T14005] GUP no longer grows the stack in syz.3.1731 (14005): 14000-401000 (4000) [ 745.401909][T14005] CPU: 1 UID: 0 PID: 14005 Comm: syz.3.1731 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 745.401954][T14005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 745.401973][T14005] Call Trace: [ 745.401983][T14005] [ 745.401995][T14005] dump_stack_lvl+0x16c/0x1f0 [ 745.402047][T14005] gup_vma_lookup+0x1d2/0x220 [ 745.402083][T14005] __get_user_pages+0x271/0x3b80 [ 745.402147][T14005] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 745.402200][T14005] ? kasan_save_stack+0x42/0x60 [ 745.402247][T14005] ? __pfx___get_user_pages+0x10/0x10 [ 745.402280][T14005] ? register_lock_class+0x41/0x4c0 [ 745.402322][T14005] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 745.402373][T14005] ? do_syscall_64+0xcd/0x490 [ 745.402431][T14005] __gup_longterm_locked+0x20d/0x1840 [ 745.402469][T14005] ? __lock_acquire+0xb8a/0x1c90 [ 745.402516][T14005] ? __pfx___gup_longterm_locked+0x10/0x10 [ 745.402591][T14005] pin_user_pages_remote+0xed/0x140 [ 745.402631][T14005] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 745.402662][T14005] ? mm_access+0x22d/0x2e0 [ 745.402711][T14005] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 745.402778][T14005] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 745.402828][T14005] ? iovec_from_user+0xbb/0x140 [ 745.402904][T14005] ? iovec_from_user+0xbb/0x140 [ 745.402959][T14005] process_vm_rw+0x216/0x2c0 [ 745.403012][T14005] ? __pfx_process_vm_rw+0x10/0x10 [ 745.403142][T14005] ? __pfx_task_mm_cid_work+0x10/0x10 [ 745.403195][T14005] ? xfd_validate_state+0x61/0x180 [ 745.403241][T14005] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 745.403294][T14005] ? do_syscall_64+0x91/0x490 [ 745.403352][T14005] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.403393][T14005] do_syscall_64+0xcd/0x490 [ 745.403441][T14005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.403471][T14005] RIP: 0033:0x7f0e9658e929 [ 745.403495][T14005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.403525][T14005] RSP: 002b:00007f0e973a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 745.403562][T14005] RAX: ffffffffffffffda RBX: 00007f0e967b6080 RCX: 00007f0e9658e929 [ 745.403581][T14005] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 000000000000068a [ 745.403599][T14005] RBP: 00007f0e96610b39 R08: 0000000000000003 R09: 0000000000000000 [ 745.403617][T14005] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 745.403634][T14005] R13: 0000000000000000 R14: 00007f0e967b6080 R15: 00007ffc9e1d4e68 [ 745.403672][T14005] [ 745.792058][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 748.166303][T14035] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1736'. [ 749.434040][ T30] audit: type=1800 audit(4294967764.454:22): pid=14043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1737" name="dbroot" dev="configfs" ino=96523 res=0 errno=0 [ 752.523678][T14083] hub 8-0:1.0: USB hub found [ 752.532453][T14083] hub 8-0:1.0: 1 port detected [ 753.971391][T14100] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1747'. [ 754.093444][T14104] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1747'. [ 754.872630][T14116] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1750'. [ 754.967959][T14117] netlink: 102 bytes leftover after parsing attributes in process `syz.1.1750'. [ 757.473410][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 757.480041][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 758.283346][T14123] kafs: addr_prefs: Invalid Command [ 759.040307][T14153] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1759'. [ 759.174487][T14153] bond0: (slave bond_slave_0): Releasing backup interface [ 759.182649][T14153] bond_slave_0 (unregistering): left promiscuous mode [ 759.629398][ T30] audit: type=1804 audit(4294967774.644:23): pid=14166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1760" name="file0" dev="tmpfs" ino=2581 res=1 errno=0 [ 759.841676][ T30] audit: type=1800 audit(4294967774.644:24): pid=14166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1760" name="file0" dev="tmpfs" ino=2581 res=0 errno=0 [ 760.042804][T14168] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1761'. [ 760.161725][T14168] netlink: 110 bytes leftover after parsing attributes in process `syz.3.1761'. [ 760.860606][T14170] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[14170] [ 762.011337][T14181] Console: switching to colour frame buffer device 128x48 [ 762.379609][T14184] zswap: compressor not available [ 765.053974][T14229] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1772'. [ 767.350743][ T30] audit: type=1800 audit(4294967790.338:25): pid=14250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1775" name="dbroot" dev="configfs" ino=101498 res=0 errno=0 [ 769.351871][ T5837] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 772.351627][T14285] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 772.361882][T14285] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 772.367956][T14285] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 772.486468][T14285] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 772.524302][T14285] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 773.041631][T14311] kafs: addr_prefs: Invalid Command [ 773.061595][T13071] Bluetooth: hci0: command 0x0c1a tx timeout [ 773.658498][T14321] FAULT_INJECTION: forcing a failure. [ 773.658498][T14321] name failslab, interval 1, probability 0, space 0, times 0 [ 773.722928][T14321] CPU: 1 UID: 0 PID: 14321 Comm: syz.2.1789 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 773.722970][T14321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 773.722988][T14321] Call Trace: [ 773.722998][T14321] [ 773.723011][T14321] dump_stack_lvl+0x16c/0x1f0 [ 773.723062][T14321] should_fail_ex+0x512/0x640 [ 773.723103][T14321] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 773.723148][T14321] should_failslab+0xc2/0x120 [ 773.723173][T14321] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 773.723218][T14321] ? __d_alloc+0x31/0xaa0 [ 773.723267][T14321] __d_alloc+0x31/0xaa0 [ 773.723311][T14321] ? __pfx_pidfs_register_pid+0x10/0x10 [ 773.723359][T14321] d_alloc_pseudo+0x1c/0xc0 [ 773.723393][T14321] alloc_file_pseudo+0xcf/0x230 [ 773.723428][T14321] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 773.723461][T14321] ? __pfx_unix_socketpair+0x10/0x10 [ 773.723507][T14321] sock_alloc_file+0x50/0x210 [ 773.723537][T14321] __sys_socketpair+0x31c/0x5a0 [ 773.723576][T14321] ? __pfx___sys_socketpair+0x10/0x10 [ 773.723615][T14321] ? xfd_validate_state+0x61/0x180 [ 773.723650][T14321] ? do_execveat_common.isra.0+0x4c6/0x610 [ 773.723699][T14321] __x64_sys_socketpair+0x96/0x100 [ 773.723736][T14321] ? lockdep_hardirqs_on+0x7c/0x110 [ 773.723779][T14321] do_syscall_64+0xcd/0x490 [ 773.723828][T14321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 773.723858][T14321] RIP: 0033:0x7febdc58e929 [ 773.723881][T14321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 773.723916][T14321] RSP: 002b:00007febdd32f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 773.723944][T14321] RAX: ffffffffffffffda RBX: 00007febdc7b5fa0 RCX: 00007febdc58e929 [ 773.723964][T14321] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 773.723982][T14321] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 773.723999][T14321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 773.724017][T14321] R13: 0000000000000000 R14: 00007febdc7b5fa0 R15: 00007fff57875178 [ 773.724054][T14321] [ 774.421757][T13071] Bluetooth: hci2: command 0x0c1a tx timeout [ 774.421812][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 774.507656][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 776.581863][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 777.402305][T14359] zswap: compressor not available [ 782.422003][ T5837] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 787.412655][T13071] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 791.313658][T14516] netlink: 'syz.0.1832': attribute type 2 has an invalid length. [ 797.300471][T14566] kafs: addr_prefs: Invalid Command [ 802.953149][T14637] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1847'. [ 803.144182][T14637] team_slave_0: entered allmulticast mode [ 807.313514][T14671] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 807.320254][T14671] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 807.326422][T14671] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 807.362853][T14671] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 807.368983][T14671] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 807.457264][T14671] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 808.770031][T13071] Bluetooth: hci0: command 0x0c1a tx timeout [ 809.382313][T13071] Bluetooth: hci1: command 0x0c1a tx timeout [ 809.391895][T13071] Bluetooth: hci2: command 0x0c1a tx timeout [ 809.461684][T13071] Bluetooth: hci3: command 0x0c1a tx timeout [ 810.297338][ T30] audit: type=1804 audit(4294967833.298:26): pid=14704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1853" name="/newroot/437/file0" dev="tmpfs" ino=2323 res=1 errno=0 [ 810.391699][ T30] audit: type=1800 audit(4294967833.298:27): pid=14704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1853" name="file0" dev="tmpfs" ino=2323 res=0 errno=0 [ 811.483269][T13071] Bluetooth: hci2: command 0x0c1a tx timeout [ 811.489340][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 814.674957][T14734] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 815.472854][T14760] FAULT_INJECTION: forcing a failure. [ 815.472854][T14760] name failslab, interval 1, probability 0, space 0, times 0 [ 815.535343][T14760] CPU: 1 UID: 0 PID: 14760 Comm: syz.2.1869 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 815.535391][T14760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 815.535410][T14760] Call Trace: [ 815.535421][T14760] [ 815.535432][T14760] dump_stack_lvl+0x16c/0x1f0 [ 815.535484][T14760] should_fail_ex+0x512/0x640 [ 815.535529][T14760] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 815.535581][T14760] should_failslab+0xc2/0x120 [ 815.535612][T14760] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 815.535669][T14760] ? lockdep_init_map_type+0x5c/0x280 [ 815.535726][T14760] ? seq_open+0x55/0x170 [ 815.535764][T14760] seq_open+0x55/0x170 [ 815.535798][T14760] kernfs_fop_open+0x59f/0xda0 [ 815.535832][T14760] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 815.535905][T14760] do_dentry_open+0x744/0x1c10 [ 815.535955][T14760] ? __pfx_kernfs_fop_open+0x10/0x10 [ 815.535997][T14760] vfs_open+0x82/0x3f0 [ 815.536044][T14760] path_openat+0x1de4/0x2cb0 [ 815.536104][T14760] ? __pfx_path_openat+0x10/0x10 [ 815.536152][T14760] ? __lock_acquire+0xb8a/0x1c90 [ 815.536217][T14760] do_filp_open+0x20b/0x470 [ 815.536264][T14760] ? __pfx_do_filp_open+0x10/0x10 [ 815.536342][T14760] ? alloc_fd+0x471/0x7d0 [ 815.536398][T14760] do_sys_openat2+0x11b/0x1d0 [ 815.536433][T14760] ? __pfx_do_sys_openat2+0x10/0x10 [ 815.536485][T14760] __x64_sys_openat+0x174/0x210 [ 815.536523][T14760] ? __pfx___x64_sys_openat+0x10/0x10 [ 815.536578][T14760] do_syscall_64+0xcd/0x490 [ 815.536634][T14760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.536666][T14760] RIP: 0033:0x7febdc58e929 [ 815.536693][T14760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.536726][T14760] RSP: 002b:00007febdd30e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 815.536756][T14760] RAX: ffffffffffffffda RBX: 00007febdc7b6080 RCX: 00007febdc58e929 [ 815.536778][T14760] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 815.536799][T14760] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 815.536818][T14760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 815.536837][T14760] R13: 0000000000000000 R14: 00007febdc7b6080 R15: 00007fff57875178 [ 815.536878][T14760] [ 818.885023][T14789] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[14789] [ 818.927918][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 818.934392][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 826.678886][T14861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1885'. [ 827.827043][T14881] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[14881] [ 829.071611][T14894] [ 830.397623][T14911] FAULT_INJECTION: forcing a failure. [ 830.397623][T14911] name failslab, interval 1, probability 0, space 0, times 0 [ 830.511986][T14911] CPU: 1 UID: 0 PID: 14911 Comm: syz.2.1895 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 830.512033][T14911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 830.512052][T14911] Call Trace: [ 830.512062][T14911] [ 830.512073][T14911] dump_stack_lvl+0x16c/0x1f0 [ 830.512137][T14911] should_fail_ex+0x512/0x640 [ 830.512180][T14911] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 830.512224][T14911] should_failslab+0xc2/0x120 [ 830.512252][T14911] __kmalloc_cache_noprof+0x6a/0x3e0 [ 830.512292][T14911] ? cuse_channel_open+0x1de/0x7f0 [ 830.512337][T14911] cuse_channel_open+0x1de/0x7f0 [ 830.512376][T14911] ? __pfx_cuse_channel_open+0x10/0x10 [ 830.512417][T14911] misc_open+0x35d/0x420 [ 830.512453][T14911] ? __pfx_misc_open+0x10/0x10 [ 830.512488][T14911] chrdev_open+0x231/0x6a0 [ 830.512532][T14911] ? __pfx_apparmor_file_open+0x10/0x10 [ 830.512570][T14911] ? __pfx_chrdev_open+0x10/0x10 [ 830.512620][T14911] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 830.512667][T14911] do_dentry_open+0x744/0x1c10 [ 830.512712][T14911] ? __pfx_chrdev_open+0x10/0x10 [ 830.512765][T14911] vfs_open+0x82/0x3f0 [ 830.512801][T14911] path_openat+0x1de4/0x2cb0 [ 830.512854][T14911] ? __pfx_path_openat+0x10/0x10 [ 830.512899][T14911] ? __lock_acquire+0xb8a/0x1c90 [ 830.512942][T14911] do_filp_open+0x20b/0x470 [ 830.512985][T14911] ? __pfx_do_filp_open+0x10/0x10 [ 830.513055][T14911] ? alloc_fd+0x471/0x7d0 [ 830.513112][T14911] do_sys_openat2+0x11b/0x1d0 [ 830.513144][T14911] ? __pfx_do_sys_openat2+0x10/0x10 [ 830.513193][T14911] __x64_sys_openat+0x174/0x210 [ 830.513226][T14911] ? __pfx___x64_sys_openat+0x10/0x10 [ 830.513276][T14911] do_syscall_64+0xcd/0x490 [ 830.513323][T14911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 830.513353][T14911] RIP: 0033:0x7febdc58e929 [ 830.513377][T14911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 830.513407][T14911] RSP: 002b:00007febdd30e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 830.513435][T14911] RAX: ffffffffffffffda RBX: 00007febdc7b6080 RCX: 00007febdc58e929 [ 830.513455][T14911] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 830.513473][T14911] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 830.513490][T14911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 830.513508][T14911] R13: 0000000000000000 R14: 00007febdc7b6080 R15: 00007fff57875178 [ 830.513546][T14911] [ 832.137987][T14928] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 833.911797][T14938] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 833.934793][T14938] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 833.966357][T14938] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 834.004426][T14938] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 834.626520][T14962] FAULT_INJECTION: forcing a failure. [ 834.626520][T14962] name failslab, interval 1, probability 0, space 0, times 0 [ 834.681978][T14962] CPU: 0 UID: 0 PID: 14962 Comm: syz.2.1905 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 834.682024][T14962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 834.682044][T14962] Call Trace: [ 834.682054][T14962] [ 834.682066][T14962] dump_stack_lvl+0x16c/0x1f0 [ 834.682118][T14962] should_fail_ex+0x512/0x640 [ 834.682164][T14962] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 834.682215][T14962] should_failslab+0xc2/0x120 [ 834.682245][T14962] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 834.682292][T14962] ? security_file_alloc+0x34/0x2b0 [ 834.682339][T14962] security_file_alloc+0x34/0x2b0 [ 834.682380][T14962] init_file+0x93/0x4c0 [ 834.682411][T14962] alloc_empty_file+0x73/0x1e0 [ 834.682445][T14962] alloc_file_pseudo+0x13a/0x230 [ 834.682481][T14962] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 834.682515][T14962] ? alloc_fd+0x471/0x7d0 [ 834.682563][T14962] sock_alloc_file+0x50/0x210 [ 834.682595][T14962] __sys_socket+0x1c0/0x260 [ 834.682635][T14962] ? __pfx___sys_socket+0x10/0x10 [ 834.682674][T14962] ? xfd_validate_state+0x61/0x180 [ 834.682714][T14962] ? __task_pid_nr_ns+0x17c/0x500 [ 834.682765][T14962] __x64_sys_socket+0x72/0xb0 [ 834.682800][T14962] ? lockdep_hardirqs_on+0x7c/0x110 [ 834.682846][T14962] do_syscall_64+0xcd/0x490 [ 834.682905][T14962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.682938][T14962] RIP: 0033:0x7febdc58e929 [ 834.682964][T14962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 834.682994][T14962] RSP: 002b:00007febdd32f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 834.683025][T14962] RAX: ffffffffffffffda RBX: 00007febdc7b5fa0 RCX: 00007febdc58e929 [ 834.683045][T14962] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a [ 834.683063][T14962] RBP: 00007febdc610b39 R08: 0000000000000000 R09: 0000000000000000 [ 834.683082][T14962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 834.683101][T14962] R13: 0000000000000000 R14: 00007febdc7b5fa0 R15: 00007fff57875178 [ 834.683141][T14962] [ 835.095793][T13071] Bluetooth: hci0: command 0x0c1a tx timeout [ 835.941704][T13071] Bluetooth: hci2: command 0x0c1a tx timeout [ 836.031716][T13071] Bluetooth: hci3: command 0x0c1a tx timeout [ 836.032111][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 836.201996][T14977] can: request_module (can-proto-0) failed. [ 836.207115][T14987] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input33 [ 840.593782][T15039] ima: policy update failed [ 840.598567][ T30] audit: type=1802 audit(4294967863.608:28): pid=15039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1921" res=0 errno=0 [ 840.633635][T15039] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1921'. [ 853.840656][T15186] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 857.412510][T15242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1962'. [ 868.214816][T15310] kexec: Could not allocate control_code_buffer [ 874.028077][T15409] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 880.345302][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.352328][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 884.875678][T15519] netlink: 'syz.1.2019': attribute type 1 has an invalid length. [ 884.890341][T15519] netlink: 33 bytes leftover after parsing attributes in process `syz.1.2019'. [ 885.579558][T15495] kexec: Could not allocate control_code_buffer [ 889.814031][T15568] sd 0:0:1:0: PR command failed: 1026 [ 889.860446][T15568] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 889.919529][T15568] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 899.898356][T15678] sd 0:0:1:0: PR command failed: 1026 [ 899.904179][T15678] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 899.911323][T15678] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 907.138198][T15739] kexec: Could not allocate control_code_buffer [ 914.745657][T15810] kexec: Could not allocate control_code_buffer [ 924.571411][T15924] kexec: Could not allocate control_code_buffer [ 932.369914][T16035] ima: policy update failed [ 932.380207][T16035] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2124'. [ 932.381818][ T30] audit: type=1802 audit(4294967955.388:29): pid=16035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2124" res=0 errno=0 [ 932.957520][ T5837] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 933.840011][T16043] kexec: Could not allocate control_code_buffer [ 934.715599][ T5827] ------------[ cut here ]------------ [ 934.721765][ T5827] ODEBUG: free active (active state 0) object: ffff888033e012d8 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 934.797552][ T5827] WARNING: CPU: 1 PID: 5827 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 934.807256][ T5827] Modules linked in: [ 934.811179][ T5827] CPU: 1 UID: 0 PID: 5827 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 934.823468][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 934.833626][ T5827] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 934.839459][ T5827] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 80 76 15 8c 4c 89 e6 48 c7 c7 00 6b 15 8c e8 5f 75 9c fc 90 <0f> 0b 90 90 58 83 05 76 34 ca 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 934.859327][ T5827] RSP: 0018:ffffc90003e2f988 EFLAGS: 00010286 [ 934.865488][ T5827] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1a8 [ 934.873499][ T5827] RDX: ffff8880289abc00 RSI: ffffffff817aa1b5 RDI: 0000000000000001 [ 934.881617][ T5827] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 934.889608][ T5827] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c1571a0 [ 934.897934][ T5827] R13: ffffffff8bafe840 R14: ffffffff8a880fd0 R15: ffffc90003e2fa88 [ 934.906405][ T5827] FS: 0000000000000000(0000) GS:ffff888124860000(0000) knlGS:0000000000000000 [ 934.915817][ T5827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 934.923020][ T5827] CR2: 00007f20b9f35e9c CR3: 000000007b07e000 CR4: 00000000003526f0 [ 934.931055][ T5827] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 934.939625][ T5827] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 934.948326][ T5827] Call Trace: [ 934.952108][ T5827] [ 934.955115][ T5827] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 934.960647][ T5827] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 934.967005][ T5827] debug_check_no_obj_freed+0x4b7/0x600 [ 934.972764][ T5827] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 934.978897][ T5827] ? rcu_is_watching+0x12/0xc0 [ 934.984000][ T5827] ? kmem_cache_free+0x2d1/0x4d0 [ 934.989019][ T5827] kfree+0x28f/0x4d0 [ 934.993052][ T5827] ? hci_release_dev+0x4d8/0x600 [ 934.998081][ T5827] hci_release_dev+0x4d8/0x600 [ 935.002954][ T5827] ? __pfx_hci_release_dev+0x10/0x10 [ 935.008315][ T5827] ? rcu_is_watching+0x12/0xc0 [ 935.013253][ T5827] ? kfree+0x24f/0x4d0 [ 935.017398][ T5827] bt_host_release+0x6a/0xb0 [ 935.022084][ T5827] ? __pfx_bt_host_release+0x10/0x10 [ 935.027432][ T5827] device_release+0xa1/0x240 [ 935.032132][ T5827] kobject_put+0x1e7/0x5a0 [ 935.036637][ T5827] ? __pfx_vhci_release+0x10/0x10 [ 935.041782][ T5827] put_device+0x1f/0x30 [ 935.046178][ T5827] vhci_release+0x81/0xf0 [ 935.050599][ T5827] __fput+0x402/0xb70 [ 935.054691][ T5827] task_work_run+0x14d/0x240 [ 935.059361][ T5827] ? __pfx_task_work_run+0x10/0x10 [ 935.064646][ T5827] ? switch_task_namespaces+0xeb/0x100 [ 935.070192][ T5827] do_exit+0x86c/0x2bd0 [ 935.074574][ T5827] ? do_raw_spin_lock+0x12c/0x2b0 [ 935.079858][ T5827] ? __pfx_do_exit+0x10/0x10 [ 935.084556][ T5827] ? rcu_is_watching+0x12/0xc0 [ 935.089398][ T5827] do_group_exit+0xd3/0x2a0 [ 935.093992][ T5827] __x64_sys_exit_group+0x3e/0x50 [ 935.099074][ T5827] x64_sys_call+0x1530/0x1730 [ 935.103866][ T5827] do_syscall_64+0xcd/0x490 [ 935.108457][ T5827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.114450][ T5827] RIP: 0033:0x7f3e5b58e929 [ 935.118916][ T5827] Code: Unable to access opcode bytes at 0x7f3e5b58e8ff. [ 935.126050][ T5827] RSP: 002b:00007ffdd8e04d88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 935.134584][ T5827] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3e5b58e929 [ 935.142918][ T5827] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 935.151139][ T5827] RBP: 00007f3e5b61230f R08: 00007ffdd8e02b26 R09: 00000000000927c0 [ 935.159217][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 935.167316][ T5827] R13: 00000000000927c0 R14: 00000000000e4300 R15: 00007ffdd8e04f40 [ 935.175412][ T5827] [ 935.178485][ T5827] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 935.185811][ T5827] CPU: 1 UID: 0 PID: 5827 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 935.198018][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 935.208121][ T5827] Call Trace: [ 935.211420][ T5827] [ 935.214383][ T5827] dump_stack_lvl+0x3d/0x1f0 [ 935.219030][ T5827] panic+0x71c/0x800 [ 935.223064][ T5827] ? __pfx_panic+0x10/0x10 [ 935.227533][ T5827] ? show_trace_log_lvl+0x29b/0x3e0 [ 935.232813][ T5827] ? check_panic_on_warn+0x1f/0xb0 [ 935.237973][ T5827] ? debug_print_object+0x1a2/0x2b0 [ 935.243202][ T5827] check_panic_on_warn+0xab/0xb0 [ 935.248185][ T5827] __warn+0xf6/0x3c0 [ 935.252130][ T5827] ? debug_print_object+0x1a2/0x2b0 [ 935.257370][ T5827] report_bug+0x3c3/0x580 [ 935.261759][ T5827] ? debug_print_object+0x1a2/0x2b0 [ 935.267143][ T5827] handle_bug+0x184/0x210 [ 935.271512][ T5827] exc_invalid_op+0x17/0x50 [ 935.276051][ T5827] asm_exc_invalid_op+0x1a/0x20 [ 935.280932][ T5827] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 935.286772][ T5827] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 80 76 15 8c 4c 89 e6 48 c7 c7 00 6b 15 8c e8 5f 75 9c fc 90 <0f> 0b 90 90 58 83 05 76 34 ca 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 935.306413][ T5827] RSP: 0018:ffffc90003e2f988 EFLAGS: 00010286 [ 935.312524][ T5827] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1a8 [ 935.320517][ T5827] RDX: ffff8880289abc00 RSI: ffffffff817aa1b5 RDI: 0000000000000001 [ 935.328526][ T5827] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 935.336531][ T5827] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c1571a0 [ 935.344528][ T5827] R13: ffffffff8bafe840 R14: ffffffff8a880fd0 R15: ffffc90003e2fa88 [ 935.352530][ T5827] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 935.358055][ T5827] ? __warn_printk+0x198/0x350 [ 935.362864][ T5827] ? __warn_printk+0x1a5/0x350 [ 935.367668][ T5827] ? debug_print_object+0x1a1/0x2b0 [ 935.372888][ T5827] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 935.378380][ T5827] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 935.384245][ T5827] debug_check_no_obj_freed+0x4b7/0x600 [ 935.389868][ T5827] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 935.395983][ T5827] ? rcu_is_watching+0x12/0xc0 [ 935.400778][ T5827] ? kmem_cache_free+0x2d1/0x4d0 [ 935.405767][ T5827] kfree+0x28f/0x4d0 [ 935.409700][ T5827] ? hci_release_dev+0x4d8/0x600 [ 935.414693][ T5827] hci_release_dev+0x4d8/0x600 [ 935.419498][ T5827] ? __pfx_hci_release_dev+0x10/0x10 [ 935.424835][ T5827] ? rcu_is_watching+0x12/0xc0 [ 935.429642][ T5827] ? kfree+0x24f/0x4d0 [ 935.433754][ T5827] bt_host_release+0x6a/0xb0 [ 935.438367][ T5827] ? __pfx_bt_host_release+0x10/0x10 [ 935.443694][ T5827] device_release+0xa1/0x240 [ 935.448334][ T5827] kobject_put+0x1e7/0x5a0 [ 935.452803][ T5827] ? __pfx_vhci_release+0x10/0x10 [ 935.457876][ T5827] put_device+0x1f/0x30 [ 935.462061][ T5827] vhci_release+0x81/0xf0 [ 935.466442][ T5827] __fput+0x402/0xb70 [ 935.470460][ T5827] task_work_run+0x14d/0x240 [ 935.475087][ T5827] ? __pfx_task_work_run+0x10/0x10 [ 935.480233][ T5827] ? switch_task_namespaces+0xeb/0x100 [ 935.485734][ T5827] do_exit+0x86c/0x2bd0 [ 935.489931][ T5827] ? do_raw_spin_lock+0x12c/0x2b0 [ 935.495000][ T5827] ? __pfx_do_exit+0x10/0x10 [ 935.499648][ T5827] ? rcu_is_watching+0x12/0xc0 [ 935.504463][ T5827] do_group_exit+0xd3/0x2a0 [ 935.509035][ T5827] __x64_sys_exit_group+0x3e/0x50 [ 935.514116][ T5827] x64_sys_call+0x1530/0x1730 [ 935.518837][ T5827] do_syscall_64+0xcd/0x490 [ 935.523398][ T5827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.529332][ T5827] RIP: 0033:0x7f3e5b58e929 [ 935.533780][ T5827] Code: Unable to access opcode bytes at 0x7f3e5b58e8ff. [ 935.540835][ T5827] RSP: 002b:00007ffdd8e04d88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 935.549396][ T5827] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3e5b58e929 [ 935.557417][ T5827] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 935.565422][ T5827] RBP: 00007f3e5b61230f R08: 00007ffdd8e02b26 R09: 00000000000927c0 [ 935.573427][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 935.581426][ T5827] R13: 00000000000927c0 R14: 00000000000e4300 R15: 00007ffdd8e04f40 [ 935.589442][ T5827] [ 935.592839][ T5827] Kernel Offset: disabled [ 935.597191][ T5827] Rebooting in 86400 seconds..