last executing test programs: 9.606154402s ago: executing program 3 (id=2870): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x406, 0x0) poll$auto(&(0x7f0000000d40)={0x3, 0x3, 0xa}, 0x5, 0x3fc) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x7ffffffe, 0xa, 0x0, 0x46) mmap$auto(0x2, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a) r1 = socket(0xa, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000180)={{&(0x7f0000000040), 0xb8, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x9}, 0x1, 0x8008) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x4763d53a, 0x2e, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/bond_slave_1/proxy_qlen\x00', 0x7) r2 = openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) read$auto_l2cap_debugfs_fops_(r2, &(0x7f0000000040)=""/160, 0xa0) 8.032084819s ago: executing program 3 (id=2878): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x2a840, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x1a, 0x4, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x0, 0xffffffffffffffff) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0xd49) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) unshare$auto(0x40000080) mmap$auto(0x40000000007, 0x20009, 0x5, 0xc157, r0, 0x8) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1000002, 0xf, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) shmat$auto(0x0, &(0x7f00000025c0)='/{/[\n\x00', 0x70ee) mq_open$auto(&(0x7f0000000180)='/H\xce\xd6xy\xc4\x98\n\x00\x00\x00\x00\x00\x00\x00', 0x5, 0x0, 0x0) socket(0x11, 0x80003, 0xf) close_range$auto(0xffffffffffffffff, r2, 0x2) open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) select$auto(0xe, 0x0, 0x0, &(0x7f00000000c0)={[0x1ff, 0x6, 0x9, 0x1, 0x3, 0x6, 0x15f4da0a, 0xa, 0x3, 0xffffffffffffffff, 0x7ffffffd, 0x87, 0x6d3f, 0x9, 0x1, 0x8000]}, 0x0) socket(0x1e, 0xa, 0x9) mmap$auto(0xffffffffffff8001, 0x80000000000000b, 0x3, 0x9b72, r1, 0x8000) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) getsockopt$auto(0x3, 0x200000000001, 0x19, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 6.984551138s ago: executing program 2 (id=2883): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8}) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x415441, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r1 = socket(0x22, 0x1, 0x100) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$auto_SW_SYNC_GET_DEADLINE(r2, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r2}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x2000000000001, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00', 0x0}) r8 = getpid() sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012bbd7000fedbdf250100000008000900", @ANYRES32=r7, @ANYBLOB="050001000000000008000200", @ANYRES32=r8, @ANYBLOB="0805000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901) getsockopt$auto_SO_LOCK_FILTER(r6, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$auto_psample(0x0, r5) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r5, 0x0, 0x801) mmap$auto(0x8, 0x20009, 0x3, 0xffffffff, 0x405, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r9 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r9, 0x40186f40, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) 5.555210564s ago: executing program 3 (id=2886): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x4, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x5, 0x100000003, 0x100000001, 0x6, 0x1ff, 0x100000000, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0xfff, 0x80000001, 0x1]}, 0x0, &(0x7f0000000280)={0x10006, 0xcc}) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r2 = socket(0x23, 0x5, 0x0) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r2, 0x0, 0x80) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioctl$auto(0x3, 0x541b, 0x74) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) fcntl$auto_F_SETFD(r0, 0x2, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 5.520059049s ago: executing program 2 (id=2887): r0 = openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) read$auto_l2cap_debugfs_fops_(r0, &(0x7f0000000040)=""/160, 0xa0) 5.331059323s ago: executing program 2 (id=2888): mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) mmap$auto(0x0, 0x6, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0, 0x0) mmap$auto(0x0, 0x40000a, 0xdb, 0x10010, 0x2, 0x8003) r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000480)='/proc/asound/card1/cable#0\x00', 0x1, 0x0) r1 = socket(0x26, 0x1, 0x5c) write$auto_cachefiles_daemon_fops_internal(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0xfffffffffffffff7, 0x1fffffff, 0x40000, 0x401000000eb4, 0xffffffffffffffff, 0x800000000009) clock_nanosleep$auto(0x0, 0x1000, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3a8044}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc814}, 0x10) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r2) connect$auto(0xffffffffffffffff, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 4.642629419s ago: executing program 0 (id=2891): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x406, 0x0) poll$auto(&(0x7f0000000d40)={0x3, 0x3, 0xa}, 0x5, 0x3fc) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x7ffffffe, 0xa, 0x0, 0x46) mmap$auto(0x2, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a) r1 = socket(0xa, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000180)={{&(0x7f0000000040), 0xb8, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x9}, 0x1, 0x8008) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x4763d53a, 0x2e, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/bond_slave_1/proxy_qlen\x00', 0x7) r2 = openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) read$auto_l2cap_debugfs_fops_(r2, &(0x7f0000000040)=""/160, 0xa0) 3.386851014s ago: executing program 3 (id=2892): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r0, r1, 0x0, 0x1000200) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x9, 0x2, 0x7, 0x16, r2, 0x2) r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r2, &(0x7f00000000c0)="0218a8317de78a86569096b02d7c60217e7d6f1f048db9bdcd2a5050f1a4910c2ea434da6324116241f4929196e4ec76e8145a15199e808cca9e82d6f05f4ff4da32c0397469fd7bb3b99258d601821870a2e5e2d62a4870f50d821866b0c7671a2c4f6a92fa19db1843ad3948959794cb7371faf218977d725b8a65850618f6015e188a5da5fc6ccbde0851aff7ef018c3f72656f99fa606b3390a9bbb561060a92bbc8c17bd3f36dcf6c02c457137196167b3a76e26590f3f496789e3421b92249d4071a74c938f9b7b5f9579643cdb94fee63e1aa288d2eb6c2414dbe54d7aaaba98d31c368cfe02d4c9019dd588175f2a7f2e81caa62b57484a4f627", 0xfe) ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) r5 = socketcall$auto_SYS_SOCKET(0x1, 0x0) r6 = socket(0x10, 0x2, 0x0) splice$auto(r6, 0x0, r5, &(0x7f00000001c0)=0x9, 0x2, 0x1) sendfile$auto(r4, r4, 0x0, 0x3) 2.98397635s ago: executing program 2 (id=2894): setxattrat$auto(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x0, 0x10) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00') setns(r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0xb5, 0x200, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) bpf$auto(0x1b, &(0x7f0000000380)=@task_fd_query={0x0, 0xffffffffffffffff, 0x2, 0x5, 0x4, 0x8, 0xffffffffffffffff, 0x8}, 0x92) 2.829176713s ago: executing program 0 (id=2895): clone$auto(0xffffffffffffffff, 0xf7, &(0x7f0000000040)=0x3, &(0x7f0000000080)=0x6, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0) write$auto(r0, &(0x7f00000001c0)='-\x001c\xc2.b\x97\x1a\xf4\xd8\x1a\x1c\xb2\x9db\xb1\xec\xdeGDr=\xc2\xdc\xdf\x8cg\xa10Fzk\x86bd\xfc\x19\x96y\x9cYy\xc1\xc4\xf1\x0fH\x0f2\xa6\xbd\x9b\xe8\x97\xb0>,\xbf\xb8Kje\x05\xc4\xf8\x01\xd3]\x7f\xb8\x83S\xaf\xc5\xceZZlTO\xf5\x81`$\xec=|1\x05\xa9\x95Q\xf6\a\x81)\x94\xdaJ.\x04\xf2\xd7O\xa7=u1\xcd$\x17(t\xa4.\x1d\xfd\xf1\xc8e\x9c\xb4k\xfd\x94+B\x17o\\>4\xb7d5\a\xef\xb6\xe5F\xba\xf9Q\xdb\xd0\xb5\xa6\x1b\\\x0e\xb7\xab\xc3\x7fO`\x0e\x15\xca\x01z\xc23\xa1\x03\xdd@\xf3', 0xfdef) r1 = socket(0x2, 0x5, 0x0) close_range$auto(r1, 0x8, 0x0) socket(0xa, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040), 0x5) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r2) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x3c, r3, 0x1, 0x70bd26, 0x25dbdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x4}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x3c}, 0x1, 0x300, 0x0, 0x24000040}, 0x2004c840) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/ati_remote2/parameters/mode_mask\x00', 0x80401, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) r5 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x141080, 0x0) read$auto_ftrace_set_event_notrace_pid_fops_trace_events(r5, &(0x7f0000000400)=""/43, 0x2b) sendfile$auto(0xffffffffffffffff, r4, 0x0, 0x1000200) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/pm_debug_messages\x00', 0xa0440, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000280), r1) sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r7, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="00022bbd700000"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x1bef8a3657dd5a1a) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000080)=""/64, 0x40) r9 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r9, &(0x7f0000000040)="1f91f2c3881f4610e18d5fc5e5bfd9800e9b4b", 0x13) sendmsg$auto_NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x6}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0xbf}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) 2.699248187s ago: executing program 2 (id=2896): r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000000), 0x280080, 0x0) setsockopt$auto_SO_TIMESTAMPING_OLD(r0, 0x7, 0x25, &(0x7f0000000040)=']/^.', 0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x60, r2, 0x2, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_FLAG_BEST={0x4}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_BLA_ADDRESS={0xa, 0x1f, @broadcast}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="04b9575c115b"}, @BATADV_ATTR_TPMETER_RESULT={0x5, 0xa, 0x10}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}, @BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0x4}, @BATADV_ATTR_BLA_CRC={0x6}, @BATADV_ATTR_MCAST_FLAGS={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x40) mmap$auto(0x6, 0x8000, 0x1, 0x14, r0, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r1) shmctl$auto_SHM_STAT(0x2c, 0xd, &(0x7f0000000300)={{0x3, 0xffffffffffffffff, 0xee00, 0x8, 0x7f, 0xffffdf14, 0x3}, 0xc8f, 0xffffffff, 0x8, 0x4, @inferred=0xffffffffffffffff, @raw=0x2, 0x1ff, 0x0, &(0x7f0000000280)="5c709333bf052ccd", &(0x7f00000002c0)="764c9705c77b3acfd89831a445f9369f4b850271"}) r6 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000380)=0x85d8) shmctl$auto_IPC_INFO(0x3, 0x3, &(0x7f0000000540)={{0x81, 0x0, 0xee00, 0x1ff, 0x4, 0x0, 0x9}, 0x9, 0x2, 0x7, 0x9, @raw=0x23e, @inferred, 0x45, 0x0, &(0x7f00000003c0)="d9c762594a71010e9004c1cb12597245a6dc99c928e8592f12bfc5b9a1b7593f8dad380041917f43b6be395d09e679fa81a7954e8323c1ff2f54922843fc95b27f70253bea3a1e963faaf9e64151c4ef40e63841fb294cc5fcf48e55a7e8a7788ab67418331b2c281d90223806a289d858b89daceaacfffe1a626559afae3d19a5f4403209c036b3c1b3", &(0x7f0000000480)="00925782b9f4eef891381dbfb751abaed178b6a911bde05781378468074cd531ea0cfe7ac892188f42b5019e6336e8b5861bb0598f0f87741c1a1347cc3402507b30b761e8847ac0b56b51845bbdee7d052167805da0133200cd18a1e5aadb62e5b4952268d82b2637536fcc34409982c74238260d2a6b591ef519d590a7e65ef057627e15977733c4"}) r9 = fcntl$auto_F_GETOWN(r0, 0x9, 0x9) r10 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f00000005c0)={@_si_pad}, 0x1ff, &(0x7f0000000640)={{0xd, 0x101}, {0x7, 0x8}, 0x101, 0x8, 0x3, 0x4, 0x4ab4, 0x2, 0x4, 0x8, 0x2a856e00, 0x0, 0x0, 0xfffffffffffffffa, 0x4, 0x80}) r11 = waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000700)={@_si_pad}, 0xa5, &(0x7f0000000780)={{0x7fff, 0x4}, {0xdf3, 0xc54b}, 0x1, 0x5, 0x7ff, 0x3, 0x3, 0x7, 0x4, 0x5, 0x34, 0x0, 0xbe, 0x5, 0x7, 0x46d7}) r12 = getsid$auto(0xffffffffffffffff) r13 = getuid() sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000001500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000014c0)={&(0x7f0000000840)={0xc60, r3, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x7f}, @NL80211_ATTR_SCAN_FREQUENCIES={0x6a4, 0x2c, 0x0, 0x1, [@typed={0x8, 0x85, 0x0, 0x0, @uid=r4}, @nested={0x88, 0x28, 0x0, 0x1, [@generic="f446a5c7aee6b9bc51746c988d87d31a5bf25ac41fd0a65b93473404a59ce669f0679e92c6b8ffaab3c8854050ad0fe4aaa354ae0d5f840add81ad026d60b2bce27719bc6486afce86df6db9d257ebcf4a1d117025ed33023987eb0430e374304093288651a0468b69daa0e66185917237fbe7373de59ea98aaff5d123ca5fac", @nested={0x4, 0x82}]}, @nested={0x1d1, 0xa6, 0x0, 0x1, [@generic="45709aaf66f20bad1e4fd7fff3863eb7db6a1b2ecc352da3abadcd51cc0299528a6c04b9676a55d0f931fd042dde92fe7dc0118228e2cbe26ef95deb979dedbe33e15c48133ae6af7c8f6ae7be86764fe8020e3d2e6c432f60c1b8792692a8ddf96f255cc15e4ed7cf4c26f4ab95f954c97bc28d56072b04b6959e12313240d280a7559ee6e3395fcc5b58c1fdab4ced5c01ae41298e90a4e86cf69e862ecbd5bd79457d9bff47efd9089f84e8c77ba041528539d114edfb2318d07973796a59dad9a9da6817f89f4afad672ecabc35ff66a490e3081eac46d9789bc4f5c1483514559b5d6818a2f413f408087f0127c2cc356e66172", @generic="968e76b1fdeca7a60603645f974090d94d73313323123f9b1eabf3569c03ec0978e0a94019ad8d86c6001d78587667d880d30e7411d98d94b847f7a9c3c387985886e308a9ea45e7af4d9744856c66d4c3dfc8eb35a5af8827c35f7af77fe86038a36c5ec4c951ed2b545f53c06cd3285a3eb9d8a812e6ac5eae0aef93e1a78e9fb90179359c1bc1718f68e479eeb96433f0de431096c20946925dfa56776c1fd187262c1222988562c92a7bf86628", @nested={0x4, 0xc}, @nested={0x4}, @typed={0x8, 0x102, 0x0, 0x0, @ipv4=@multicast1}, @typed={0xc, 0x2e, 0x0, 0x0, @u64=0x61a506ad}, @typed={0xc, 0x1c, 0x0, 0x0, @u64=0x9}]}, @nested={0xa4, 0xd, 0x0, 0x1, [@generic="dddf80385e7b2e24cd5e6515551eb7bffe91d54e817007657d0c50adb91e274323104fec877f23558c4f044983e0ff0f12173838185f90b44d76295ebe69e3fd57f3645a4537b80051c284f23c0140ae648e4893751f427f6e37e6bb4c262cea1f22d62a5286a59e38383796f29d7ba5bb0959219580641780f6ab0bbb71fa9c", @typed={0xa, 0xdb, 0x0, 0x0, @str='\xff\xff\xff\xff\xff\xff'}, @nested={0x4, 0x382}, @typed={0x8, 0x2f, 0x0, 0x0, @u32=0x7}, @typed={0x8, 0x146, 0x0, 0x0, @pid=r6}]}, @nested={0x291, 0x59, 0x0, 0x1, [@generic="364bdbe80522a872c7b35315050e0c6aaa1dfcc80672fd1d740cc86b51aa5bdd76dec503a01b09a02e4a33e47dd634d36219524c4c77523c9dd7d98ec0789199a86b3d657a105260547f3c597d7d1dad6d1f7f6e714391ed160c53a6986451556ccd0fbaa38fd1f48df6b14fd1e610c0aedac6cc057e6796df3936f028a8e6b468f2a72bb5af1bcce26919de5e66c809cb162dc75672ae1618e178b09f2a01", @generic="d2790ce83c9854051f1d94ff8f549aa9c1d938ccfc325f6fad90c9511bc9296a383eb816312191", @typed={0xc, 0x83, 0x0, 0x0, @u64=0x1}, @typed={0x8, 0x4b, 0x0, 0x0, @uid=r7}, @generic="b709b1d2e3d05d4546ba1ad91e1913f36c3457908b69953d23ea0447f60ad43f6b155023187e6f9bc18040350bf7bfe4d39e", @generic="4574c656f4da4de0728f77bc75252709923384b94d66ea9dd5834ecd398150e4c71bee28857b81a759e99fb52450f7f7d8260ff07c99150a6e08fdbd0103a9e7b4aee3c2dab4c4aa720295701052055c80c1f477f9cffcf8ee41d456b72d1e9cb9e895069c0367d1212b3497b215ca90f5596e01f0cc1980dce688df88876d806189935c58b3674dec5197500a85520aa9", @typed={0xef, 0x84, 0x0, 0x0, @binary="91ea95dfcb4831eea92bef68fd423da5fde8717643ef9e7e0ec24c4b0f771777261901e26eeb6f17421c6f287ac3a028d18591e908acbd17631c78fe78be6573999a6674cdaa26803d385030fde4290e8924d19bf5b06565ff35d6700cddfe8384f7b1749dca090a1099ece5a4865529b4d3f39ebe3757026b52a23ea1d02fbacb04a25c5c6d127d78a9628e240627790ffd1cc85d80a8c93240e0b7f2862f1ed19e8d26aa33b17bc86a9d974cfa53b4831a0def991ee071f36ea35943e6350093ec95c2bc1dc3bfcbf18743e9bcfe2fb7d411d21bb133c520f7f45932d6218a6e822ea2441a00eee77ce6"}]}, @typed={0x8, 0xd3, 0x0, 0x0, @fd=r0}, @nested={0xfa, 0x115, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @pid=r9}, @generic="45ab01d12b27700636a075ff89ffb7e4771fc0a3ab7a01105600519e74fd4173210af6039a26e5d03aae99749bc2c865e814b315b1794c76624ff8d3481f319940cf58384e152591af630b9293e4df9bb87f4bd5fbe9d43e4b4a266320c5650998c2d4f6ab82019e9c62e7a21688eb9b92bc56fb585eb70478935aec4885f0bf3c141f2207d65336500d28e82a73e686c029816aebd45f45c88ed3458df92d5266fe1a15b90c5c092620197b0a84ad5da075d611233e4e147ff000fba12cb46c7ae0930f5627188246a93d93c0b316f95585e4f3973bc788e110a4566d0857b5e71d", @nested={0x4, 0x5c}, @typed={0x8, 0x5d, 0x0, 0x0, @ipv4=@local}]}]}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_SUPPORTED_SELECTORS={0xc, 0x14e, "02a9c50bbebe2b33"}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x6c, 0xac, "bf34d2573c6704d0c8b611ae31cc0cbab4b3de5112ae367b6fc2c62485b8cf66197ae1a5896cf3555011f552577634e8d992e871c72ef4e68bdfcf4fc63c3e9292d1f701ab26fc0be0fa0e7624bb59cf3552d32037298182963b935b1e1c9c05103092c897c524ec"}, @NL80211_ATTR_SCAN_FREQ_KHZ={0x504, 0x124, 0x0, 0x1, [@nested={0x205, 0x44, 0x0, 0x1, [@generic="ad20fc218a5b4be8c4abf3f134848072a5cd08c014883238674d0a9d90657ff5a59feb4574d761ab827c878d88fd57c02f99dd389c4e4b30474e80a46a5ef44d32d2193e74f9b60f6d5370453b7c8097edd1de474cbee195d1a9c236dffcc65940618c1b62109a7f81c50adca88698f2882d300c0615797889521127c2272b5f71540cd9908e8d75062e890398ac87a4f4c26afefb", @typed={0x86, 0xa8, 0x0, 0x0, @binary="15461ae0b93c7013045ca49e88c369b1d5328ef34cef83069a53797caf3f8063f475a41b3609c50634e9928bd9afa9739fe75c0af7bfcd72df07915bf6b88f9e1bcc84a6897834115921d4c6d162aa4a8b799ad5b940ef564b9e84cb5591fcad389fd76bb471dd4a2acee7d1298347c5f6eee56f12461b0aaef3563fd7d1cf3c00be"}, @generic="7c5fca6dcf0299fd42c99b4b6e471374c39325930f78238f13162bf23befa0c7df8a33960694299b096d54d9f091ab49c438557de42cc23caa1957bdb3a6918770691637bb643163c473561a98786c36ba99fcd08f8a05260dc899506f5a1a94697885f33edb2ea20bf381aa33f112d436b399ee3d1a92020c88e75aa6c684c0065652c091bc1998a0bb2c7d5c6626301cf1768e592f2daef5493f6550f0573a3efa467683e3ab9886292ea93b415128f0a3ec3c51e46d689fd2c8b5bd8cb1353213d9e8985dbd5f66d2dd33d75684efc60cff25", @nested={0x4, 0x113}, @typed={0x8, 0x61, 0x0, 0x0, @pid=r10}, @nested={0x4, 0x13c}]}, @generic="e1c556a7a6d1ecbda64bdcb8f9295d9cd07cd4de0dbf1f2ca822428924de2ab99b2aefde672fa665a71a91b018899f8e8272d9014848e06c01a6b1e1fc5236dfc8203622794b6c6569cfc4900c6d39aa0e0a0ada350739c9cec72f1e2df0d5fe6b115c613dc7b09c826332859c3f4c49e0d2a681b2966f486a894c6aaa87e843316d5848418baedf78aaa8e9", @nested={0x1ee, 0x10c, 0x0, 0x1, [@typed={0x8, 0xe5, 0x0, 0x0, @fd=r1}, @generic="02c164b52ddbe110799ce9a7a1a1566922be4644de96044d504310962d53173658e02fb709bf7b7f2682d5b0293805c1366ef544c338bf098b50b1ae2e997cbd7f558b8864af031881a5acf35c4213ab2511552aba2c43b6611e26f0a3afcde3a2e59dabdec930027c1bf4dc8199e2c18d8585d6104e00be8738dae928b7fd51cb766c5b9707080aedf64643479b1bd537ec1883a8e8d4edd0f246e6301ce1c14ca3bb40aeb18bdd3c06d6e9cf73e8a686fad3484a844a49674c1afd8b8569f94c9e057ac80d6a0a6700789a44bbe48d345d89b984452efb65e2808ed3ff0ffd9679867bc2f803b716f126b798ae927c051ab6a4ef", @typed={0x14, 0x2, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0x1}, @generic="3fced903bc84d479aced12845343037084e676fd5ed5ecaf8947ae50f43733143d0478811f4553fb3066fc92b3fa1cd11781b9a1876c63cfcb422ef20b73bc9902e65cc1a7c04e30c099481b255da5d13c3b7eb1a44d9a1958c7bb6991d1cdf4059f8c6dc22dd1f2058c0360ed6b96928b7947", @typed={0x8, 0x145, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x29, 0x0, 0x0, @u32=0x200}, @generic="9b645cf261380a18bf025c7d8fa15fa64cd2d68b4173e2e71ae420f80b4ba596a16fe08e9ea73824a691f05602736149354eee3ad20ee5bc7ed7bc81d61bdf7cfe3c2a6877152fe37f36274830e41af8e5d5"]}, @typed={0x8, 0x151, 0x0, 0x0, @pid=r11}, @nested={0x2f, 0xd3, 0x0, 0x1, [@typed={0x8, 0x133, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0xb}}, @typed={0x8, 0x49, 0x0, 0x0, @pid=r12}, @generic="f9e79f5a13b04e37380f3bbc913b8634b4dfdd", @typed={0x8, 0x120, 0x0, 0x0, @u32=0x80000001}]}, @nested={0x41, 0xd9, 0x0, 0x1, [@typed={0x8, 0xa3, 0x0, 0x0, @uid=r13}, @typed={0x14, 0x7d, 0x0, 0x0, @ipv6=@remote}, @nested={0x4, 0x54}, @generic="040d42f5d209e0c7a84d16972f9958224c870c3248974dc2efbf42cac8"]}]}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x10}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x9}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x40}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x3}]}, 0xc60}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000001600)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000015c0)={&(0x7f0000001580)={0x28, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@OVS_PACKET_ATTR_HASH={0xc, 0xb, 0x9}, @OVS_PACKET_ATTR_MRU={0x6, 0x9, 0x91c}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000001640)={0x1, 0x8, [{r0, 0x0, 0x1, 0x800}, {r1, 0x0, 0xff, 0x4}, {r0, 0x0, 0x3, 0x5}]}) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(r16, &(0x7f0000001800)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000017c0)={&(0x7f0000001700)={0xa0, 0x0, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x1}, @IEEE802154_ATTR_CHANNEL_PAGE_LIST={0x84, 0x1e, "6f64fa17166505693517e50138cc253b4b0e2bc476880047a3346b9bd2d197f932f592f85a13c36bd4022fde23c518aa52c340280875fb31439918b33d6d27fba37a83da1cc3f2319be9df9b2d66c2494c6736f00a76c32011454fefced22e1a927378c43ad24f31cd650b24b8a7cb19846c3f2a44aeb2acb172382caf9b3b52"}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8800}, 0x8080) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000018c0)={{0x1, r4, r8, 0x3ffc0000, 0xfffffffd, 0xd4, 0x7}, 0x2, 0x5, 0x0, 0x1, @raw=0xfffffffe, @inferred=r5, 0x11, 0x0, &(0x7f0000001840)="03ab552a96c2a14208828cb569", &(0x7f0000001880)="fa5aae0e5e48c0be4c901ad2933f206d2784ce5757c3e055d6af1d7d94b1cc434a3527d7f0d6a43b28c79cd921bc10826b31c9364612a0b7840bd7"}) r18 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000001940), 0x100, 0x0) accept$auto(r18, &(0x7f0000001980)=@generic={0x1a, "b67c2a09dfa9a0bc5e1c8bf8a8ff"}, &(0x7f00000019c0)=0x9) write$auto_evm_xattr_ops_evm_secfs(r15, &(0x7f0000001a00)="ac6122e807450e26ce3c247314b1e0e9bab8377c10d0098e74438f713f8823052e5926bc81baa75e2ae5d12466a23b5af3a57bf0dc813c64278609640490e331844a141e9b6a2f2109", 0x49) ioctl$auto(r14, 0x5, r14) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000001a80), 0x20c800, 0x0) shmctl$auto_SHM_LOCK(0x3, 0xb, &(0x7f0000001b80)={{0x3, r4, r17, 0x6, 0x8, 0x5, 0x101}, 0x1, 0x4, 0x9, 0x8, @raw=0xda, @inferred=r6, 0x4, 0x0, &(0x7f0000001ac0)="5e7356021475732f1074d46b247d7819f2181f23509c7519c5a7ee7f67a9e860928727cb7997e73a94d4a8dabf0b66ef8df8a9248f8ae5a63f5e1173bfa793658220f94b93f637c7ee978bfdacadead366f06c36f5368ddcd975792d7cf27a3701d1", &(0x7f0000001b40)="58006497de67762c42d74855e7a5f50bf39f8ed043bb27df36f7c590d496dfbc452a23e462a1cd36e2063c13f373ef1c1b"}) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001c00)='/sys/kernel/security/tomoyo/stat\x00', 0x48000, 0x0) pwritev2$auto(r18, &(0x7f0000001c80)={&(0x7f0000001c40)="184e70f346ca55187740adef063b0bde583a526f8382fe", 0x2}, 0x6, 0x5, 0x9, 0x6) r19 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_WG_CMD_GET_DEVICE(r19, &(0x7f0000001e40)={&(0x7f0000001cc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001d40)={0x98, 0x0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@WGDEVICE_A_PUBLIC_KEY={0x81, 0x4, "caf075c56b1319762baac8aeffbb503b23625b7081fc7b1ce85bbfc1df6ba12a9d2b4b36873e24610773e4d94db854a2b1844255030b90881df15174e470c3ed0906e25522cd385096c3f979a96439f64114188ab07147cea01456b117305f6fbe773c8d6789021fff0b9efb641be0b83ed5c44b5c856e5e160d1c81e7"}]}, 0x98}, 0x1, 0x0, 0x0, 0x40014}, 0x4008005) 2.458394718s ago: executing program 2 (id=2898): mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000000), 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0xaa482, 0x0) ioctl$auto(r0, 0x40104d14, r0) ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) pread64$auto(0xffffffffffffffff, 0x0, 0x3, 0x8) open(&(0x7f0000000080)='./file0\x00', 0x2020c0, 0x44) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x101000, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/250, 0xfa) 2.449004996s ago: executing program 1 (id=2899): r0 = bpf$auto_BPF_OBJ_GET(0x7, &(0x7f0000000000)=@enable_stats, 0x1e) r1 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f00000000c0)=0xffffffffffffffff) r2 = wait4$auto(0xffffffffffffffff, &(0x7f0000000140)=0x9, 0x0, &(0x7f0000000180)={{0x4, 0x1}, {0x6e34, 0x40}, 0x9, 0x0, 0x3, 0x4, 0x7, 0x63, 0x959, 0xffffffffffffffb5, 0x3, 0x0, 0x2, 0x4, 0x0, 0xf2}) sendmsg$auto_NBD_CMD_DISCONNECT(r1, &(0x7f00000015c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001580)={&(0x7f0000000240)={0x1340, 0x0, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_SOCKETS={0x1305, 0x7, 0x0, 0x1, [@generic="b1c8a23a9145421d8f294763e2184b3e426ae91a89820b8e1a25f8638f83da3ca794276d68330cd525504b869d42d8f7d6dcdd32582471", @generic="0b153873f8c08694b721e491f767d21200f4e52993bf0ffda30a0bec991d682776ac3548a9123874f58b19a9afd8a7a268bd6bbd98cf19cc88cb8554c312466480e941b6effd3376a14aadcf98903a510adbb288eef825562fea96d1985e08419ef08933884be49e491eb4bf6fa76055e92bdbcb3157321789fc22e6a842ff8633d7f7a1e8abc81f4f832121855f8482c517d17ae3df0ff53556f5fc017853b8", @typed={0x8, 0x4c, 0x0, 0x0, @pid=r2}, @nested={0x110a, 0x29, 0x0, 0x1, [@typed={0x8, 0x85, 0x0, 0x0, @u32=0x7b4}, @generic="7cdae48415231dd622eef75d66be25b74277730b0c6027a1e34fdc8f560f29c2373d6999d77749f819c6040760279262ef517c8ed1744ae28274e84b88897da43739aec79fa6c59a6910b8de48003f13d942b582439ef4738b81b8d37ff51621f3fa5cb8a8df1dae390b2c6457c332993eb5bf402c395d0740a44ea6adf32c928d8b7dc88c07a1ce29f2388752a179d5ac7817922af6bfdd989bf5f53d2b86ebf626b8ac6864f9e3affd8ee4d4a420ee43ff03002774a5ce9d41e8333c74b810e98c8f0a4ec7d23ec8863b1f732883d4fe0e5e8aeef7ecf30204367c89062eb0b3ce68129819d79c2ad55982af32", @generic="3878e54b3c39311e5652e869d5676c59a4c7cdb534163f780d8ae09708a33f2289b009d461a9ba18fae6ce3a43f17edcb49dc1ac17755f15dc1063240e300d532fa43bacd86b2f22ac85130504319e4e896fe4b64821802a2c8621c07d15964de71255690863305702e0d2aad1ccc4679d55fbe7c387362a7a7fec492140c3f08b8b960ab2bbd037280352ba86adc96bd714c782cb2ae73ac8ef3245f712e151fc33dd1d76327d9a5a4a6b9fdc9d9bbc55ba16185dceb77e8046be148daea70c7c863d2f2d7bca5d92dd9dd909fb15eb447857b92105d10e707600cc07a4cb4dcb5afb18613f893c92399e9d9ac5858038283dac45b615aa4c4756f2413eba96f3d792923aff3d044e24674ad0c3f5103b7c4fbf7c192fec78f29ebfbdf1bbf4d079a3bebe020202c6a646b9d9f377a1b702314695daab7f216b7b7e43915afb4f52e8e73f3a9581e6c39f31dcb52668a9519912fadd7743c8ab7160e8dacad70118aa98663e54cd632f6757966c9171326c287887de851f4f604691cf890e3cdba9615c0e656b85070ad5fb72e377015a25630d54abd5963b2f63794de99d1ae766e63bcdadad5b231378bcc29b4a1a00c4d283e2119c8d5238926bdeef77de71d7fdb50dd15a383753c5b42bafa1a268352e1d4cdcb5d58af734600ba339caaa85a491172945755c1724f4f9993257cb93e702ba30687c751a8c40167072fe97ca52346b224fb09f428482782c34e14ea03ff68b1eae3b9232f90b6abf07f4143ca4c3654bb770d4ac2e1277cedb4783dac86b91fdca893ee61a6e3dadf185ff42f1283288ddb0b69df482acf445286362ea02bedc646bda6973d13926a25ee18f9dd54b2cfccd95b01546c854336f9ecfcedfafa5b6615844c770fad68e1a213c41892141f680051e9a89824d65c3da9c5579d26e7a47956b2fe32c8036a7a696d13b7983cd821c4f3568aaeb37268acc1c2e5d4dd8d9e244d4f6d159e9322c552edae713699e6e25e36438a35714346dbfc03d44fbd5b7239ce7f4efa02d2eff3fe0d81c13ddd9dcb2bb0dd50e11de710870bbfe640d658f5c1b07daeb2f8aa8b05e3537cac3c6e0b969ddb22cc7b8ade3b00323a1cff75d5612302038b1678bcf6d72567b41192f0b02067faa4b6c6bf6c6c9375a27e7d57835b7421ba6a27ff329aa1a3a5dc2dd84b534c32d2aad3dee37df48332af70d9035c0678b3900f6f42502fce1b28f42b343952e37ddda314e1aef7b1875c03370d238834803e8428e8ce1b2a87d079efea1647177461d5382d664cdc118eb819cde1bdd49b515c28495b367ef610a359c0b9953e9e0f83fa8cc19f0c6962e8eaf1d4275c2393f3464836cb11b3c094a9c6a6263cb1b9e55ceb5b96d32b8feb5b6b3ee47df32be96c9ce26a8ca03e08d1f0fca6cf0fa52910d938caeb34e0c3c56ffa4abeff678c4add51d685a8721dd4b1fb652f5ebf35d2c926fd1c51dfb594c975855909e9fb562f0825d5bd822bd1181c1d2c2a1e696a81c49272b06384e9017a6404a54d111fd0def0facb63e0bca71cfea99e6398982ae591397af784f1e9a25a6c1c5f400725a5a2ef8d26c7c8f0862f548d9da40ec8043b13873e4884d1e029c234b1a7ff4b465a6ecec21ef46e7a113caccdeb0ad1f89ac3be764210c3c4f55f777880f7bb55f417d77b6e00449d26006ad1700c5437217d2caca7e07d5313bb1ca6f9614f3f816be5b4743d4777276e461080d13142823127380d1ba9641f07eec57dfdff0f7b0ee38d7993e3901530ab9cf130f9b3ca0ef606e0f714c8f0013969123cd86165a31d09d42a501ebdcd179c295f30a22f6423cccf5d41c79a0842241223814a6d8703442dfbe843aaf69c40b5e769f357d3313fcbfa4057062fff0a0257781385d0504e3ea099eecb55229c6d982b80b531d12469b26d14cba1a248feae8b7e624d65d9031b8fb4c526e7973d8b0757dfbfef030c28fbf299aa7af65a9ad5fd7bff251a3f08b549dace78fb71045beebbfced3c29925fe2abcba6d4cd2d9583ac40afec4e8d641ff7c7fa5b576465bfd926b75854616c5b05d9a06a30c25c74053ca620c7ec19c0468198cfbbdb0036f108b7e8eb7160dfbbb7acca39699f5c6d0a019117f721e08b8379b40dab543beb9c8daba74775a164a09207c53a9c2022c02fa950a1a0a9f78e00cd639f0e777dcf05f5e4d5fe776ae1610ae27185fbc3e324c876860368044bc227710d7f182d8916ee9f992accc1ae2275ad42d9d48ff8113a01bce6e71615c5282adb90330ecab114139eaae49dcabcaee73aea02166db3ef091badd2341a50e81bc7d5789ab41d2b7dcc91151ddf00d2fd6c833d3d9d321ad42445092eb3c8d450ec6f78703c52aa034083295e801b9a1b41d34cd98760dde8c0bf4e8c4a3f4f7ce80336bd173824ee382fce8c04274a527d1a189f664d7f2144f78baf8377447908d697978c7afeb5a9cc43827b4330cf07215aa5bfdac6ed59eb720c688597c50b623a201b7043b1ebbc174ff30bfabbb9015843c317ebabebd4abb1df7202042971cdad5f7cd799ce04c4651434fa2eb2de8fd363837a332c5d25e5a101e1ec23b4083ceb1b31d42ffa227fe3113015600cfa17010680728329300d6d4b23b6a70693e385fef2212685d6f85f8ee764f34cf5d62bc4954e73bd68b1b566e5fe17ed19664a3a734c4ae337da864e630bad0232ff9df84b1756104c1bba2fb6ca676feb007edd0e05148b5b291dcdcb3bc90fe548c08a814a9d2f5e7e812c792236d2987eaaabca8045e57ae03e832dedf866657422f03b406dfcf4e563ab54c569d4e9c88e6959a81d4781361a79d1ef5f064286bca6ba076af3a7120b76b4451ae5dd5782ec04693d3c974db33d42b56a9f0e7ac007cec115fba3ef4a5e536f2178da7efb1b6c4d1836da855249a2d460ad770a437044b3b39e4b560de3e0d53ee9cf988b4c7eeba3fc08dd926b3b5b8b8011123e8c2328f61085a5e9971eeb799bf88694acadd7f8249dd09f75005e52c73964032f5fa3d1c08d65091cf276636acac4ec21a97b3cfb184a12b049577413b10c8b02a1095fa2e7839cadbf608ab52fbc168c97e43212e1ea3e3fdd09943befd321a8eecafbfb9170fe45e8a6cc0c1ea009e4ae2ff581cd292b2003b41c48f8f62299a4d62e1829953116aef5b360f129914e6e07d1830ac3e646a8b1589712770a993d7ded2666450efedace4ec7767ed956aa0a9a8452372d9582061857cf64b850c4c5187bc8d17cf2aa3ab8915c15b2e4e5f6f0e487b80694a0d0793a1830cc7a4ca144a3e65dfca6b2bbaaf834f3753225ee8ff710b6994ea2f7f6999f7f735239c8d7160861532a3046bdb5a03c92824e0ed51d6088b1e452d7ecc1efbb9e805899ac93d66d52917939d0207488e0dac92db896359199f34ba554f34e2e585654d5c852d0c95c04ac7d0b8c40ac17ccd6c1037212ca94dcc32f7d74dc20c2970f1b0d62105f3551f67400381f65d213da0540d2f3f0ffe5aaebf3c1d23a74af2311dd5e437280112e2b9135af3320a5e5efc965f2afd3a4225bf7e6609f21ec65c4282d9eb4e3ad11101133a79144089e41f9485f8402da3aa3ce241047096aa14729e902d353a6b7c8d8b0d67a0082e10aba936bf764aad092912e157f15fe2543e3e5c9fb535b6a1ab562f296aa161259e8c5da00d7de8601b1fd7ee1aa3f4990e227191c2d4d83bdedd3e1125b77bb67056e63bb9ea5df9ad5cc3070346153640a88fcbad705437440c740eac6fadd60c0771938a70575d9d7472ab7f9259e7cbbf3ec33758ad87a8f149bc97ac74208d1d1306324876027fd2c9e8f283ae5dce189280c61b3b84ccb65fb70dd607ef73fab42bfc435b0493b39ac229521c7bbc5ce37fd0de25c1e56be96be5c1e1a600cf5a86632d968a24f52323a35d1bf4592a0f99f5d9304ad0127a2771bb9c097d70a17dce4b0a6a54c0116c93a32c38a4d9ab95dc9fb70f6afecd41a2ba79a96c8f7123e03575ad401d1b70903b5690f22d4389d1e139084039247b6cd740606c6feb9b0420c1cb2a1c7ea0d2fd793ff704f0ae8ffb29cc4d9287c58484439d425345e36b1bf53ac15ad38a973203cd3d2ce4fe0ae48d0983c21e1f3651a6854489231034f77e5ccbe69080d55039c1204b6d515df69b110d20c4aaffa2f141e73dcba85721872df042e940f1ba480292eea32939d64de1ded9d5921116649caea4201d9e0b48ba51eab118a01260a1b8b1608a5413d6f9079afc28cfd5e4f7051fb5fd1e04987b11194dcef14b0f3e2c2edbef46adf46742e8ffe49f71ca2b2c7a57b8e6c20b27211ed58651e1ac4de09f7594d2edb34b6dd6b66e8ed1438046d318bb93374d774c8821748b95eb977e51c69924f3172fc09b104e7bef995227525841c31306f987a6421699323382e2465a3ad5d531c2df659593e05ce298d37cfd31db32a566af8e97f75c2f98b63cd2817a1dd79883c6cfc17492c543af7774eb5a48b8edb71b641a0f7f19a6e4c4a028d946ea9829b2fb0ffa213776d84d7eeb7bce4656b730e50fde4df33bff6458cf8e7d305d650b2f530ff76d70b95978295d1396cffb3ea2e1d9d8264da5453e6fcd8ef2438dc6c5f95e874de86ca92a45ebfaac71746d79467cbb29bdb0b743e3ed56cc8c416d5ad5e47a666b9c5b3f340e37bcaf73390cd1f1684ece9843befb1dd42247d8de81d6e25d58d1204895ca71d82ef246fe0898e0c0aa4cffdd2a53e999b9f832e235f306366d3beb66d9d729c6ba7d3c24e4beb3ab96e3f27d36eb4e1af45dd70b01ceb3d1363cb1f383c32986df3f8682f0d229360c9587727f12d9d0934210647dd039b1d5d90545adf561b09384d9a0e13f52afe85635ddbafdbd3c82c02ef03fe086e7bf791354af3b2cfa07b6c346309be1f89a766edd3e2c7b76f712a449b7ab946390917d53aa3c3aaa726a1ec0deb9eb41fb3aaee53d763441a1a053bd5cc1172b7eab912e684ea4c50c4f0f735646ceafc10e09b8177ba2e196bd7e943223461eac6aa4ed83ec3a0fdef97c83569ac79ec368fd8afe686ee4859e8d4d0f9fe208cdea7c3c64dc99291cdc98c2909976f4bdfa8ad1a91f1f85ae27f9e1fb3068b6a5a2521f932872ee3234094b3003e55245ab671941c81dd7ba21c02423c95e2476c10f6dd4efd210261c7ff5e08720957e841d5168189616392aad5d395f60fb798ddb5b8a3aa5101d0a8e9885f25cce9c6c58570c461954c8c24574b02fbb41493b7e8735fbc1d0427b47d5325679b91a425c59aee910022bca9629dcc37b3ddb334aebda6f07ad1c5ec233e1af07c3fc47cd50d425591142f530ed82534cb184aab122d198bfec2f58bcb8d86b4030d2636f315742958e5e36010a8250680525995c88a39249e8384dee64a410703a5aaccffcbc11696a6c4405abd76591340f7cc175b45c7c05b480dc2f2ee97809557330bbac316b8c6daaa35ebbee21c3dd2aa3b416941acbf62395722877ec9173565a9502817e3e7a74a16321157d4bbde206a74e5000da862e5acdf61532acf30e05ce69f2c3f457fefa00ccc3e478679eccb21bdaf0c5088029b5f51a200b48786b05ae74d45e0950edc38c8c28ca0a88d3312e360dd3d204e62a3364db51253cb8b5738416b62d198749a3e627b0f5cc35e01dd770f041b24d87fb06f988d263a5cafdb33f9af02dc240041a60dd9d018c7a4536d5ec961c95122dd4023408ba876b208ed441ad5d48fb985f5200aae5b81f6d843c9c4521", @nested={0x4, 0x8b}, @typed={0x8, 0xf8, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x3a}}, @nested={0x4, 0x107}]}, @generic="3e38f14514f7b5", @generic="0a50f678db7d1df9a48a9de3d1e7e2bb2fb976b08975b7c7966e9598fc1743dd823d905d38f6f8f8fde8b440b4ba6d0510bd348578147b6a6cd91dff97704b69ab021ce0d1f0c18a9a42b8a272f17075d23b5f9fec026124e65ed0c6ae9a98fe2d20620692139c1ec772de6e7572a214f94c0dc7f5922909f39189511335a98da445943dd2ad0f68d0c37ca535121d9ef8b3eea91bef0f87e6", @generic="16aebe3004a2c45da57fc6473260e9fd49f55898c05e8b9eafdb914641e9164b708642bd67e15e17bdf5337b5212186d43063f66097e866866db4a59f521a22436c77e500abccc269fbe10785516fc6f489827d59e9209ffd105798737b1752b361fe03397aad6cd7561c016a43275e65b24", @nested={0x4, 0x38}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x4}]}, 0x1340}, 0x1, 0x0, 0x0, 0x4000810}, 0x4000080) mknod$auto(&(0x7f0000001600)='./file0\x00', 0x0, 0xf0000000) shmctl$auto_SHM_STAT(0x10001, 0xd, &(0x7f0000001740)={{0x0, 0xee01, 0xee01, 0x81, 0xde8, 0x5, 0x1bb}, 0x73, 0x5, 0xc99c, 0x9, @inferred=r2, @raw=0x2c8, 0x7, 0x0, &(0x7f0000001640)="c30e3a78e75c3e796fc81ab463455feeaa7587dc917b044957bc5462fe1493b6f39971d5126d0b747f9f1b6617a75b39e67de5be8b00c16cec832bbe5d5875f7331fcc1344867e183b24762b0e2d0593100d56f3c824a457bb9e8c951fe9944c0874c746454cf8abc67e88a6210794051b8b811f751c0bffaa67", &(0x7f00000016c0)="8e35ef68db975a14603547928e6907a86ef407179ed77daed1d640809c90cc7a490bf8316bec5a60e5b2d9100998d3742c74a6e8857256bd812aae997f9fa871baccf9"}) rt_tgsigqueueinfo$auto(r2, r2, 0x55af984d, &(0x7f00000017c0)={@siginfo_0_0={0x9, 0x3, 0x4, @_sigchld={r2, r3, 0x10001, 0x114, 0x1}}}) write$auto_tomoyo_operations_securityfs_if(r0, &(0x7f0000001840)="698b6371cd15e48480e08e07df93e14ab10ac5b2c9a066283120d3dc9527f0cc9ff956346f4e7131b7e0fad6bb6a3940ac0e9ade20f8205816df102c238ab8293b4aa16161c023460c951dc8a7fd3b1aaa31757cb33d8fca6ed3cb96122e7bacad599072855603287bf3e22083a9795e39af6a8e6476260c7a4d040581a200c184034fa7b746d5d544d2e1", 0x8b) r5 = openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000001900), 0x2000, 0x0) getsockopt$auto_SO_MEMINFO(r5, 0xa, 0x37, &(0x7f0000001940)='-#\x00', &(0x7f0000001980)=0x3a9e) r6 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f00000019c0)='/sys/kernel/debug/tracing/buffer_percent\x00', 0x40, 0x0) r7 = wait4$auto(r4, &(0x7f0000001a00)=0x7, 0xbeba, &(0x7f0000001a40)={{0x3b1, 0x4}, {0xffffffff, 0x4}, 0xfff, 0x5, 0x8, 0x8, 0x0, 0x2, 0x38a, 0x4, 0x6d72, 0x10, 0x7fff, 0xffffffffa5ff6896, 0xa927, 0x6}) r8 = waitid$auto_P_ALL(0x0, 0x81, &(0x7f0000001b00)={@_si_pad}, 0x8, &(0x7f0000001b80)={{0x6, 0x3ad}, {0x7, 0x100}, 0xda82, 0x2, 0x1ff, 0x1, 0x100000001, 0x7f, 0x10001, 0x9, 0x38, 0x9, 0x4, 0xe7b7, 0x2, 0x1}) r9 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000001c40), 0x260040, 0x0) setpgid$auto(r8, r7) getrusage$auto(0x5, &(0x7f0000001c80)={{0x4, 0x80000000}, {0x0, 0x8000000000000001}, 0x7, 0x0, 0x9, 0x4, 0x9, 0x100000001, 0x1, 0xffffffffffffffff, 0x6, 0x7, 0x0, 0x10001, 0x7, 0x4d22}) read$auto_kernel_debug_fops_orangefs_debugfs(r5, &(0x7f0000001d40)=""/36, 0x24) getrusage$auto(0x6, &(0x7f0000001d80)={{0x7534, 0x800}, {0x81, 0x80000001}, 0x3, 0x7, 0x1, 0x2, 0x5, 0x20000000000, 0x1, 0x8, 0x5, 0x5, 0x6c, 0x1, 0xffff, 0x7}) writev$auto(r9, &(0x7f0000001f40)={&(0x7f0000001e40)="28bd6b8d1c73acf539fb18f58a3e8c2b4534fd5ddf5718d6745e8f10ab28c44efd92d5b34c1eec570cf704587a0654a1f249f566de573d9c8ffb2a6b22d813e39a5a2cfc84977d5036e2c072fb90b46c6acdb082a12523b68a6fc4c42f7ebc382311979053bcc6a8211ac3be01e307b6a15f31bb15a39a548bb0597bf97eabd8657b1d405c2e137dd1727917df2cb8816238b31e8d061840cdc0aadd05b61e09e9fdfa66c1cb6f63325e343f4c1354f20182989ad68cee3f47e502073aa5f1c244309da778cfa725d7b580715d577a23f21e8ac39d346d219a5b3db68096836e690d55251ece11738aa73bae20a38995b50309", 0xd3f9}, 0x7f) mmap$auto(0x6, 0x9, 0x1, 0x12, r6, 0xa186) readv$auto(r5, &(0x7f0000002080)={&(0x7f0000001f80)="b8917c157160710ab025d14a0614447be1589dbd2b76c7243a08dec88326579142353a3cf9fbf2fb204007e3d568d78332f3c8e61e32aa61c72ff3e025f3e00e3077498d345df5f8a77916f532bff5cecff5e02eade1edeb3d3205c2a6c64273f83a0559ca7bb39053acec0df1c1a7793dd0a365c41027e7112922b65a33b68a020508b93d0a27e3b0ebf14cd5592b12e464d0f4228f945f0806fd77112612523d6dead2dab655766c9c56f2abab2649fb0242548cb7a4c0cf50531cdec4db316bbadd42fc4ef41aaffd4c2ea62ed3c7912190fe05f1260f07cc87bc1dce8171becf7b9ab83e20b907708c187006647819486febcd4c95a3b418ac91541dcb", 0x3}, 0x9) r10 = openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f00000020c0)='/sys/devices/virtual/bluetooth/hci1/rfkill6\x00', 0x16400, 0x0) pread64$auto(r10, &(0x7f0000002100)='\x00', 0xffffffff80000000, 0xce) getrusage$auto_RUSAGE_CHILDREN(0xffffffffffffffff, &(0x7f0000002140)={{0x6, 0x6d93}, {0x8, 0x8}, 0x0, 0x6, 0x9, 0xff, 0x6, 0x7, 0xfffffffffffff000, 0x1, 0x7ff, 0x100, 0x0, 0x10001, 0xffffffffffff0000, 0x9}) sendmsg$auto_OVS_VPORT_CMD_NEW(r1, &(0x7f0000002300)={&(0x7f0000002200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000022c0)={&(0x7f0000002240)={0x5c, 0x0, 0xb22, 0x70bd25, 0x25dfdbfd, {}, [@OVS_VPORT_ATTR_NAME={0x2d, 0x3, '/sys/kernel/debug/tracing/buffer_percent\x00'}, @OVS_VPORT_ATTR_UPCALL_PID={0x17, 0x5, "6dbf250927628014ac3860b7f0612d474298e1"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40c0}, 0x40c4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000024c0)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002480)={&(0x7f0000002380)={0xf4, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_HE_6GHZ_CAPABILITY={0xc0, 0x125, "3259fbf8dd96c7a88f2d9f474c9e36579a5095e73bd4f25a3ab6498c213e061c54bf2f129feb38fb4e07a2462844a22b50c018ce5b78c3208c1686b837a4e7ef2af69059a3c0a8797dfea8d9855b2d93ac8fc85d7847c6055dc04e3fcb05612a04fac9b41113c9e26aff1f3774130018cb02709de1a4ab663177f75f8a123cc823a5e2298a309256d4fcc578477d46cc97582ee0e66445bfac7b6005048ef95f4bec7846a22bffd1b9fcbf2593d17746954d53ee638ed7238db71ff3"}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0xc}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0xfc}]}, 0xf4}, 0x1, 0x0, 0x0, 0x40000}, 0x24004049) setitimer$auto(0x6, &(0x7f0000002500)={{0x7fff}, {0x4, 0x3}}, &(0x7f0000002540)={{0x9, 0x100000001}, {0x2, 0x1}}) mmap$auto(0x1, 0x2, 0x5, 0x1ff, r6, 0x100) fsconfig$auto_XFS_DAX_INODE(r9, 0x7, &(0x7f0000002580)='^]}&}!$$&-\xa0]^.:-$+]#\'\x00', &(0x7f00000025c0)="4449ef19b9877099609d13fb521c9e244662f92e4aaa90b2b362755d69b243097612610dfb808bb779112cdc24af99718bc62bc83878b94e963d8c7ebfa09ab260e79486c3b0ec75af22ddfd9f512f00c845468ca91f869f56b113fc512a60624968b65b7ede23325faa2a99d3995929b8097e6381ff0de339db6c06fb2a68b7613af709eef2c4e4f95e73d558b41ecc94ea379a1587d5250be40a3f446fc64c9a44af38a3718b073e5a2fc02d31", 0x0) prctl$auto_PR_SET_MM_ENV_END(0xff, 0xb, r2, 0x7, 0x80) 2.326399567s ago: executing program 1 (id=2900): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="130026bd7000ffffffff0200000008000300", @ANYRES32=r2, @ANYBLOB="08000c01"], 0x24}, 0x1, 0x0, 0x0, 0x440c0}, 0x20040894) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x7, 0x5) 2.023375939s ago: executing program 0 (id=2901): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/nfc/nfc0/rfkill0/soft\x00', 0xa001, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.clone_children\x00', 0xb02, 0x0) sendfile$auto(r0, r1, 0x0, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.4/usb5/descriptors\x00', 0x18b940, 0x0) readv$auto(0x3, &(0x7f0000000600)={&(0x7f0000000540), 0xc}, 0x1da) munmap$auto(0x0, 0x9) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 1.995478631s ago: executing program 1 (id=2902): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) r0 = socket(0x29, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b03, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000180)=""/239, 0xef) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/memory.numa_stat\x00', 0x40080, 0x0) read$auto(r2, 0x0, 0x20) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x5, 0x0, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800) close_range$auto(0x2, r0, 0x0) r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto_proc_mem_operations_base(r3, 0x0, 0x0) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) 1.824484988s ago: executing program 0 (id=2903): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(r1, &(0x7f00000058c0)={0x0, 0x0, &(0x7f0000005880)={&(0x7f0000005800)={0x20, r0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, 0x7fff}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008050}, 0x80) ioctl$auto_VHOST_SET_VRING_ERR2(0xffffffffffffffff, 0x4008af22, &(0x7f00000001c0)={0x7ff, r1}) close_range$auto(r2, r2, 0x4) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') ioctl$auto(0x1, 0x890b, 0x8) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000140)={{0x0, 0x2, 0x200800, 0x1, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e1ca6300ea"}) fcntl$auto(0x0, 0x404, 0x8001) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r5, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x5}, @NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x6000}, 0x0) 1.795312203s ago: executing program 3 (id=2904): socket(0x10, 0x2, 0x4) futex$auto(0x0, 0x8c, 0x1, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(0xffffffffffffffff, 0x3304, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) ioperm$auto(0x7, 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socket(0x2, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000001000000, 0x400000004) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) 1.235500442s ago: executing program 0 (id=2905): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_NEW_KEY(r1, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000240)=ANY=[@ANYBLOB="68bcec6e5d887f4ae5be95cdb70000000000000000986348ddba46f7ddc7278a67e20b97f3b553f94903fab6415b06825e0d6d8bda8d77a5757fb27e95b4c4f502c3b3a9e83f079929e05f7a87bf6f6c7ee500885adc8198b546efae9bade2ceec40b9d58d", @ANYRES16=r0, @ANYBLOB="010029bd7000fddbdf250b00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x901, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages\x00', 0xe8202, 0x0) sendfile$auto(r3, r3, 0x0, 0xcd) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab/kmalloc-64/objects\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000008c0)=""/61, 0x3d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) memfd_create$auto(0x0, 0xe) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nbd10\x00', 0x1206c2, 0x0) write$auto(r6, &(0x7f0000000000)='//\xf2\x00', 0x80000000) ioctl$auto_BLKRRPART(r5, 0x125f, 0x0) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffa, 0xe983, 0xdf, 0xeb1, r2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10004, 0x7, 0x0) socket(0x2, 0x2, 0x0) epoll_create$auto(0x4) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r7, 0x5425, 0x0) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptywa\x00', 0x40a000, 0x0) ioctl$auto_TCFLSH2(r8, 0x5408, 0x0) mremap$auto(0x200000, 0x7, 0x3fd6, 0x2, 0x20000004) 1.007699385s ago: executing program 1 (id=2906): mmap$auto(0x0, 0xe883, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, &(0x7f0000000880)=0x5) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/erspan0/statistics/rx_over_errors\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/44, 0x2c) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) semctl$auto(0x7, 0x2, 0x13, 0xa) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x4b72, r2) 794.310358ms ago: executing program 3 (id=2907): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x10, 0x80004, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000abd7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) mmap$auto(0x0, 0x200006, 0x4, 0x14, 0x602, 0x300000000000) madvise$auto(0x0, 0x2003f0, 0x18) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4, @old_map_fd=r3}, 0xa3) mmap$auto(0x5, 0x4020008, 0xa, 0x40eb1, 0xffffffffffffffff, 0x8007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x3ff, 0xd, 0x4001, 0x49a19303, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0xcbe, 0xfffffe01, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r5, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) 685.440782ms ago: executing program 1 (id=2908): r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/name\x00', 0x971b02, 0x0) r1 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x90\xc0\xba\xc0u\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u&\x81I6\v\xcc\x00\x00\x00\x00\x00\x00\x00\x00', 0x400062, 0xfffc, 0x0) mmap$auto(0xfffffffff8, 0xa, 0x8, 0x7427c1bb, r0, 0xfff) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r2, 0x542f, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x2, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x2) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) unshare$auto(0x40000080) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x23, 0xc, 0x2008, 0x9, 0x0) ioperm$auto(0x5, 0x1, 0x3) tee$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/orangefs/acache/hard_limit\x00', 0x142, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000140)=""/156, 0x9c) setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x0) ioctl$auto(r4, 0x5608, 0x7) 143.743857ms ago: executing program 0 (id=2909): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffd, &(0x7f0000000080)={0x0, 0x1}, 0xa, 0x0, 0x4, 0x401}, 0xed7138c}, 0xfffffffd, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 1 (id=2910): clone$auto(0xffffffffffffffff, 0xf7, &(0x7f0000000040)=0x3, &(0x7f0000000080)=0x6, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0) write$auto(r0, &(0x7f00000001c0)='-\x001c\xc2.b\x97\x1a\xf4\xd8\x1a\x1c\xb2\x9db\xb1\xec\xdeGDr=\xc2\xdc\xdf\x8cg\xa10Fzk\x86bd\xfc\x19\x96y\x9cYy\xc1\xc4\xf1\x0fH\x0f2\xa6\xbd\x9b\xe8\x97\xb0>,\xbf\xb8Kje\x05\xc4\xf8\x01\xd3]\x7f\xb8\x83S\xaf\xc5\xceZZlTO\xf5\x81`$\xec=|1\x05\xa9\x95Q\xf6\a\x81)\x94\xdaJ.\x04\xf2\xd7O\xa7=u1\xcd$\x17(t\xa4.\x1d\xfd\xf1\xc8e\x9c\xb4k\xfd\x94+B\x17o\\>4\xb7d5\a\xef\xb6\xe5F\xba\xf9Q\xdb\xd0\xb5\xa6\x1b\\\x0e\xb7\xab\xc3\x7fO`\x0e\x15\xca\x01z\xc23\xa1\x03\xdd@\xf3', 0xfdef) r1 = socket(0x2, 0x5, 0x0) close_range$auto(r1, 0x8, 0x0) socket(0xa, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040), 0x5) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r2) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x3c, r3, 0x1, 0x70bd26, 0x25dbdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x4}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x3c}, 0x1, 0x300, 0x0, 0x24000040}, 0x2004c840) write$auto(0xffffffffffffffff, 0x0, 0x800f) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) r5 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x141080, 0x0) read$auto_ftrace_set_event_notrace_pid_fops_trace_events(r5, &(0x7f0000000400)=""/43, 0x2b) sendfile$auto(0xffffffffffffffff, r4, 0x0, 0x1000200) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/pm_debug_messages\x00', 0xa0440, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000280), r1) sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r7, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="00022bbd700000"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x1bef8a3657dd5a1a) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000080)=""/64, 0x40) r9 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r9, &(0x7f0000000040)="1f91f2c3881f4610e18d5fc5e5bfd9800e9b4b", 0x13) sendmsg$auto_NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x6}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0xbf}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) kernel console output (not intermixed with test programs): .152436][T14365] RSP: 002b:00007f7da6534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 594.152451][T14365] RAX: ffffffffffffffda RBX: 00007f7da59b5fa0 RCX: 00007f7da578ebe9 [ 594.152460][T14365] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 594.152469][T14365] RBP: 00007f7da5811e19 R08: 0000000000000401 R09: 0000000000008000 [ 594.152478][T14365] R10: 0000001000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 594.152487][T14365] R13: 00007f7da59b6038 R14: 00007f7da59b5fa0 R15: 00007ffe76a14858 [ 594.152505][T14365] [ 594.445781][ C1] vkms_vblank_simulate: vblank timer overrun [ 595.942304][T14397] FAULT_INJECTION: forcing a failure. [ 595.942304][T14397] name failslab, interval 1, probability 0, space 0, times 0 [ 596.037561][T14397] CPU: 1 UID: 0 PID: 14397 Comm: syz.2.1807 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 596.037597][T14397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 596.037611][T14397] Call Trace: [ 596.037619][T14397] [ 596.037629][T14397] dump_stack_lvl+0x16c/0x1f0 [ 596.037672][T14397] should_fail_ex+0x512/0x640 [ 596.037703][T14397] ? fs_reclaim_acquire+0xae/0x150 [ 596.037738][T14397] ? tomoyo_encode2+0x100/0x3e0 [ 596.037767][T14397] should_failslab+0xc2/0x120 [ 596.037797][T14397] __kmalloc_noprof+0xd2/0x510 [ 596.037834][T14397] tomoyo_encode2+0x100/0x3e0 [ 596.037869][T14397] tomoyo_encode+0x29/0x50 [ 596.037898][T14397] tomoyo_realpath_from_path+0x18f/0x6e0 [ 596.037934][T14397] ? tomoyo_profile+0x47/0x60 [ 596.037972][T14397] tomoyo_path_number_perm+0x245/0x580 [ 596.038000][T14397] ? tomoyo_path_number_perm+0x237/0x580 [ 596.038031][T14397] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 596.038061][T14397] ? find_held_lock+0x2b/0x80 [ 596.038121][T14397] ? hook_file_ioctl_common+0x145/0x410 [ 596.038167][T14397] security_file_ioctl+0x9b/0x240 [ 596.038198][T14397] __x64_sys_ioctl+0xb7/0x210 [ 596.038236][T14397] do_syscall_64+0xcd/0x490 [ 596.038268][T14397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.038294][T14397] RIP: 0033:0x7f409498ebe9 [ 596.038314][T14397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.038337][T14397] RSP: 002b:00007f4095768038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 596.038362][T14397] RAX: ffffffffffffffda RBX: 00007f4094bb5fa0 RCX: 00007f409498ebe9 [ 596.038379][T14397] RDX: 0000000000000008 RSI: 000000000000890b RDI: 0000000000000001 [ 596.038393][T14397] RBP: 00007f4095768090 R08: 0000000000000000 R09: 0000000000000000 [ 596.038407][T14397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 596.038421][T14397] R13: 00007f4094bb6038 R14: 00007f4094bb5fa0 R15: 00007fff3c08e718 [ 596.038455][T14397] [ 596.100937][T14397] ERROR: Out of memory at tomoyo_realpath_from_path. [ 596.104143][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.261565][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.267721][ C1] hrtimer: interrupt took 222378518 ns [ 596.367771][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.661054][T14404] ptrace attach of "./syz-executor exec"[5869] was attempted by "./syz-executor exec"[14404] [ 599.047503][T14454] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 599.311471][T14460] netlink: zone id is out of range [ 599.316710][T14460] netlink: zone id is out of range [ 599.396607][ T8966] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 599.837598][T14463] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1823'. [ 600.206547][T14473] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1825'. [ 600.921850][T14482] [U] [ 601.099557][T14485] : Can't lookup blockdev [ 601.161523][T14485] FAULT_INJECTION: forcing a failure. [ 601.161523][T14485] name failslab, interval 1, probability 0, space 0, times 0 [ 601.205958][T14485] CPU: 0 UID: 0 PID: 14485 Comm: syz.1.1829 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 601.205995][T14485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 601.206007][T14485] Call Trace: [ 601.206014][T14485] [ 601.206020][T14485] dump_stack_lvl+0x16c/0x1f0 [ 601.206045][T14485] should_fail_ex+0x512/0x640 [ 601.206067][T14485] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 601.206087][T14485] should_failslab+0xc2/0x120 [ 601.206106][T14485] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 601.206122][T14485] ? __pfx_stack_trace_save+0x10/0x10 [ 601.206138][T14485] ? __d_alloc+0x32/0xae0 [ 601.206157][T14485] __d_alloc+0x32/0xae0 [ 601.206180][T14485] d_alloc_parallel+0x111/0x1480 [ 601.206205][T14485] ? find_held_lock+0x2b/0x80 [ 601.206221][T14485] ? __pfx_d_alloc_parallel+0x10/0x10 [ 601.206244][T14485] ? __d_lookup+0x266/0x4a0 [ 601.206269][T14485] lookup_open.isra.0+0x665/0x1580 [ 601.206288][T14485] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 601.206312][T14485] ? __pfx_down_write+0x10/0x10 [ 601.206330][T14485] ? mnt_get_write_access+0x20c/0x300 [ 601.206353][T14485] path_openat+0x893/0x2cb0 [ 601.206375][T14485] ? __pfx_path_openat+0x10/0x10 [ 601.206397][T14485] do_filp_open+0x20b/0x470 [ 601.206414][T14485] ? __pfx_do_filp_open+0x10/0x10 [ 601.206444][T14485] ? alloc_fd+0x471/0x7d0 [ 601.206464][T14485] do_sys_openat2+0x11b/0x1d0 [ 601.206484][T14485] ? __pfx_do_sys_openat2+0x10/0x10 [ 601.206505][T14485] ? find_held_lock+0x2b/0x80 [ 601.206523][T14485] __x64_sys_openat+0x174/0x210 [ 601.206544][T14485] ? __pfx___x64_sys_openat+0x10/0x10 [ 601.206573][T14485] do_syscall_64+0xcd/0x490 [ 601.206592][T14485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.206607][T14485] RIP: 0033:0x7fbfd658ebe9 [ 601.206619][T14485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 601.206633][T14485] RSP: 002b:00007fbfd7371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 601.206647][T14485] RAX: ffffffffffffffda RBX: 00007fbfd67b5fa0 RCX: 00007fbfd658ebe9 [ 601.206656][T14485] RDX: 000000000006a742 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 601.206665][T14485] RBP: 00007fbfd6611e19 R08: 0000000000000000 R09: 0000000000000000 [ 601.206673][T14485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.206681][T14485] R13: 00007fbfd67b6038 R14: 00007fbfd67b5fa0 R15: 00007ffce1df6ac8 [ 601.206701][T14485] [ 604.171207][T14520] kAFS: Invalid Command on /proc/fs/afs/cells file [ 604.220397][T14469] delete_channel: no stack [ 604.277033][T14541] netlink: 'syz.2.1845': attribute type 1 has an invalid length. [ 604.299154][T14541] netlink: 'syz.2.1845': attribute type 6 has an invalid length. [ 604.654859][T14546] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 604.661667][T14546] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 610.700363][T14646] random: crng reseeded on system resumption [ 611.660886][T14663] FAULT_INJECTION: forcing a failure. [ 611.660886][T14663] name failslab, interval 1, probability 0, space 0, times 0 [ 611.726818][T14663] CPU: 0 UID: 0 PID: 14663 Comm: syz.2.1875 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 611.726845][T14663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 611.726855][T14663] Call Trace: [ 611.726860][T14663] [ 611.726867][T14663] dump_stack_lvl+0x16c/0x1f0 [ 611.726891][T14663] should_fail_ex+0x512/0x640 [ 611.727087][T14663] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 611.727115][T14663] should_failslab+0xc2/0x120 [ 611.727136][T14663] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 611.727154][T14663] ? __d_alloc+0x32/0xae0 [ 611.727175][T14663] __d_alloc+0x32/0xae0 [ 611.727194][T14663] d_alloc_pseudo+0x1c/0xc0 [ 611.727215][T14663] alloc_file_pseudo+0xcf/0x230 [ 611.727237][T14663] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 611.727269][T14663] __shmem_file_setup+0x1a3/0x330 [ 611.727287][T14663] shmem_zero_setup+0x93/0x1a0 [ 611.727306][T14663] __mmap_region+0x2081/0x27b0 [ 611.727326][T14663] ? __pfx___mmap_region+0x10/0x10 [ 611.727342][T14663] ? find_held_lock+0x2b/0x80 [ 611.727361][T14663] ? finish_task_switch.isra.0+0x221/0xc10 [ 611.727377][T14663] ? lockdep_hardirqs_on+0x7c/0x110 [ 611.727403][T14663] ? finish_task_switch.isra.0+0x221/0xc10 [ 611.727420][T14663] ? rcu_is_watching+0x12/0xc0 [ 611.727435][T14663] ? trace_sched_exit_tp+0xd1/0x120 [ 611.727459][T14663] ? __schedule+0x11a3/0x5de0 [ 611.727481][T14663] ? __pfx___schedule+0x10/0x10 [ 611.727520][T14663] ? trace_cap_capable+0x18d/0x200 [ 611.727542][T14663] mmap_region+0x1ab/0x3f0 [ 611.727559][T14663] ? __get_unmapped_area+0x267/0x440 [ 611.727582][T14663] do_mmap+0xa3e/0x1210 [ 611.727605][T14663] ? __pfx_do_mmap+0x10/0x10 [ 611.727625][T14663] ? __pfx_down_write_killable+0x10/0x10 [ 611.727649][T14663] vm_mmap_pgoff+0x29e/0x470 [ 611.727673][T14663] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 611.727693][T14663] ? preempt_schedule_common+0x44/0xc0 [ 611.727712][T14663] ? __x64_sys_futex+0x1e0/0x4c0 [ 611.727730][T14663] ? __x64_sys_futex+0x1e9/0x4c0 [ 611.727751][T14663] ksys_mmap_pgoff+0x7d/0x5c0 [ 611.727771][T14663] ? xfd_validate_state+0x61/0x180 [ 611.727792][T14663] ? __pfx_ksys_write+0x10/0x10 [ 611.727811][T14663] __x64_sys_mmap+0x125/0x190 [ 611.727836][T14663] do_syscall_64+0xcd/0x490 [ 611.727858][T14663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.727875][T14663] RIP: 0033:0x7f409498ebe9 [ 611.727889][T14663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 611.727905][T14663] RSP: 002b:00007f4095768038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 611.727921][T14663] RAX: ffffffffffffffda RBX: 00007f4094bb5fa0 RCX: 00007f409498ebe9 [ 611.727932][T14663] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 611.727941][T14663] RBP: 00007f4094a11e19 R08: 0000000000000401 R09: 0000000000008000 [ 611.727951][T14663] R10: 0000001000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 611.727961][T14663] R13: 00007f4094bb6038 R14: 00007f4094bb5fa0 R15: 00007fff3c08e718 [ 611.727981][T14663] [ 612.658404][T14679] sysfs_service_op_show: Client not running :-5: [ 615.071043][T14726] FAULT_INJECTION: forcing a failure. [ 615.071043][T14726] name failslab, interval 1, probability 0, space 0, times 0 [ 615.102085][T14726] CPU: 1 UID: 0 PID: 14726 Comm: syz.0.1894 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 615.102122][T14726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 615.102140][T14726] Call Trace: [ 615.102147][T14726] [ 615.102157][T14726] dump_stack_lvl+0x16c/0x1f0 [ 615.102192][T14726] should_fail_ex+0x512/0x640 [ 615.102226][T14726] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 615.102258][T14726] should_failslab+0xc2/0x120 [ 615.102290][T14726] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 615.102318][T14726] ? d_instantiate+0x77/0x90 [ 615.102347][T14726] ? alloc_empty_file+0x55/0x1e0 [ 615.102386][T14726] alloc_empty_file+0x55/0x1e0 [ 615.102421][T14726] alloc_file_pseudo+0x13a/0x230 [ 615.102458][T14726] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 615.102505][T14726] __shmem_file_setup+0x1a3/0x330 [ 615.102536][T14726] shmem_zero_setup+0x93/0x1a0 [ 615.102568][T14726] __mmap_region+0x2081/0x27b0 [ 615.102610][T14726] ? lock_acquire+0x179/0x350 [ 615.102643][T14726] ? __pfx___mmap_region+0x10/0x10 [ 615.102680][T14726] ? lockdep_hardirqs_on+0x7c/0x110 [ 615.102709][T14726] ? finish_task_switch.isra.0+0x221/0xc10 [ 615.102738][T14726] ? rcu_is_watching+0x12/0xc0 [ 615.102764][T14726] ? trace_sched_exit_tp+0xd1/0x120 [ 615.102800][T14726] ? __schedule+0x11a3/0x5de0 [ 615.102887][T14726] ? trace_cap_capable+0x18d/0x200 [ 615.102923][T14726] mmap_region+0x1ab/0x3f0 [ 615.102949][T14726] ? __get_unmapped_area+0x267/0x440 [ 615.102987][T14726] do_mmap+0xa3e/0x1210 [ 615.103023][T14726] ? __pfx_do_mmap+0x10/0x10 [ 615.103056][T14726] ? __pfx_down_write_killable+0x10/0x10 [ 615.103097][T14726] vm_mmap_pgoff+0x29e/0x470 [ 615.103135][T14726] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 615.103171][T14726] ? __x64_sys_futex+0x1e0/0x4c0 [ 615.103197][T14726] ? __x64_sys_futex+0x1e9/0x4c0 [ 615.103226][T14726] ksys_mmap_pgoff+0x7d/0x5c0 [ 615.103258][T14726] ? xfd_validate_state+0x61/0x180 [ 615.103285][T14726] ? __pfx_ksys_write+0x10/0x10 [ 615.103317][T14726] __x64_sys_mmap+0x125/0x190 [ 615.103356][T14726] do_syscall_64+0xcd/0x490 [ 615.103388][T14726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.103412][T14726] RIP: 0033:0x7f7da578ebe9 [ 615.103434][T14726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.103460][T14726] RSP: 002b:00007f7da6534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 615.103485][T14726] RAX: ffffffffffffffda RBX: 00007f7da59b5fa0 RCX: 00007f7da578ebe9 [ 615.103503][T14726] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 615.103518][T14726] RBP: 00007f7da5811e19 R08: 0000000000000401 R09: 0000000000008000 [ 615.103535][T14726] R10: 0000001000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 615.103551][T14726] R13: 00007f7da59b6038 R14: 00007f7da59b5fa0 R15: 00007ffe76a14858 [ 615.103586][T14726] [ 619.040421][T14792] FAULT_INJECTION: forcing a failure. [ 619.040421][T14792] name failslab, interval 1, probability 0, space 0, times 0 [ 619.099855][T14792] CPU: 0 UID: 0 PID: 14792 Comm: syz.2.1909 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 619.099881][T14792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 619.099890][T14792] Call Trace: [ 619.099896][T14792] [ 619.099902][T14792] dump_stack_lvl+0x16c/0x1f0 [ 619.099925][T14792] should_fail_ex+0x512/0x640 [ 619.099945][T14792] ? __kvmalloc_node_noprof+0x124/0x620 [ 619.099964][T14792] should_failslab+0xc2/0x120 [ 619.099983][T14792] __kvmalloc_node_noprof+0x137/0x620 [ 619.099999][T14792] ? __pfx___mutex_lock+0x10/0x10 [ 619.100017][T14792] ? traverse.part.0.constprop.0+0x392/0x640 [ 619.100036][T14792] ? traverse.part.0.constprop.0+0x392/0x640 [ 619.100050][T14792] traverse.part.0.constprop.0+0x392/0x640 [ 619.100070][T14792] seq_read_iter+0x932/0x12c0 [ 619.100092][T14792] proc_reg_read_iter+0x220/0x310 [ 619.100113][T14792] vfs_read+0x8bf/0xcf0 [ 619.100133][T14792] ? __pfx_vfs_read+0x10/0x10 [ 619.100147][T14792] ? find_held_lock+0x2b/0x80 [ 619.100173][T14792] __x64_sys_pread64+0x1eb/0x250 [ 619.100191][T14792] ? __pfx___x64_sys_pread64+0x10/0x10 [ 619.100213][T14792] do_syscall_64+0xcd/0x490 [ 619.100239][T14792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.100254][T14792] RIP: 0033:0x7f409498ebe9 [ 619.100266][T14792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 619.100280][T14792] RSP: 002b:00007f4095768038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 619.100295][T14792] RAX: ffffffffffffffda RBX: 00007f4094bb5fa0 RCX: 00007f409498ebe9 [ 619.100304][T14792] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003 [ 619.100313][T14792] RBP: 00007f4095768090 R08: 0000000000000000 R09: 0000000000000000 [ 619.100321][T14792] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 619.100330][T14792] R13: 00007f4094bb6038 R14: 00007f4094bb5fa0 R15: 00007fff3c08e718 [ 619.100348][T14792] [ 619.392727][T14795] program syz.1.1908 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 620.431725][T14819] FAULT_INJECTION: forcing a failure. [ 620.431725][T14819] name failslab, interval 1, probability 0, space 0, times 0 [ 620.446072][T14819] CPU: 1 UID: 0 PID: 14819 Comm: syz.0.1915 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 620.446107][T14819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 620.446122][T14819] Call Trace: [ 620.446129][T14819] [ 620.446140][T14819] dump_stack_lvl+0x16c/0x1f0 [ 620.446179][T14819] should_fail_ex+0x512/0x640 [ 620.446212][T14819] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 620.446244][T14819] should_failslab+0xc2/0x120 [ 620.446274][T14819] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 620.446303][T14819] ? key_alloc+0xbef/0x1330 [ 620.446341][T14819] key_alloc+0xbef/0x1330 [ 620.446394][T14819] ? __pfx_key_alloc+0x10/0x10 [ 620.446438][T14819] keyring_alloc+0x44/0xc0 [ 620.446478][T14819] keyctl_get_persistent+0x6a8/0x8c0 [ 620.446517][T14819] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 620.446571][T14819] ? __x64_sys_futex+0x1e0/0x4c0 [ 620.446604][T14819] ? __x64_sys_futex+0x1e9/0x4c0 [ 620.446643][T14819] ? xfd_validate_state+0x61/0x180 [ 620.446686][T14819] __do_sys_keyctl+0x1a9/0x590 [ 620.446716][T14819] do_syscall_64+0xcd/0x490 [ 620.446750][T14819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.446776][T14819] RIP: 0033:0x7f7da578ebe9 [ 620.446797][T14819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 620.446822][T14819] RSP: 002b:00007f7da6534038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 620.446847][T14819] RAX: ffffffffffffffda RBX: 00007f7da59b5fa0 RCX: 00007f7da578ebe9 [ 620.446864][T14819] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000016 [ 620.446882][T14819] RBP: 00007f7da5811e19 R08: 0000000000000001 R09: 0000000000000000 [ 620.446898][T14819] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 620.446914][T14819] R13: 00007f7da59b6038 R14: 00007f7da59b5fa0 R15: 00007ffe76a14858 [ 620.446951][T14819] [ 620.539920][T14807] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 620.920029][T14828] ptrace attach of "./syz-executor exec"[5869] was attempted by "./syz-executor exec"[14828] [ 625.886568][T14872] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1929'. [ 626.167119][T14912] FAULT_INJECTION: forcing a failure. [ 626.167119][T14912] name failslab, interval 1, probability 0, space 0, times 0 [ 626.183683][T14912] CPU: 1 UID: 0 PID: 14912 Comm: syz.2.1938 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 626.183725][T14912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 626.183741][T14912] Call Trace: [ 626.183750][T14912] [ 626.183762][T14912] dump_stack_lvl+0x16c/0x1f0 [ 626.183801][T14912] should_fail_ex+0x512/0x640 [ 626.183838][T14912] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 626.183875][T14912] should_failslab+0xc2/0x120 [ 626.183910][T14912] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 626.183942][T14912] ? __d_alloc+0x32/0xae0 [ 626.183977][T14912] __d_alloc+0x32/0xae0 [ 626.184012][T14912] d_alloc_pseudo+0x1c/0xc0 [ 626.184048][T14912] alloc_file_pseudo+0xcf/0x230 [ 626.184087][T14912] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 626.184134][T14912] __shmem_file_setup+0x1a3/0x330 [ 626.184166][T14912] shmem_zero_setup+0x93/0x1a0 [ 626.184198][T14912] __mmap_region+0x2081/0x27b0 [ 626.184230][T14912] ? finish_task_switch.isra.0+0x21c/0xc10 [ 626.184257][T14912] ? __pfx___mmap_region+0x10/0x10 [ 626.184285][T14912] ? rcu_is_watching+0x12/0xc0 [ 626.184319][T14912] ? rcu_is_watching+0x12/0xc0 [ 626.184345][T14912] ? trace_sched_exit_tp+0xd1/0x120 [ 626.184384][T14912] ? __schedule+0x11a3/0x5de0 [ 626.184417][T14912] ? __lock_acquire+0x62e/0x1ce0 [ 626.184472][T14912] ? __pfx___schedule+0x10/0x10 [ 626.184542][T14912] ? trace_cap_capable+0x18d/0x200 [ 626.184590][T14912] mmap_region+0x1ab/0x3f0 [ 626.184621][T14912] ? __get_unmapped_area+0x267/0x440 [ 626.184658][T14912] do_mmap+0xa3e/0x1210 [ 626.184700][T14912] ? __pfx_do_mmap+0x10/0x10 [ 626.184734][T14912] ? __pfx_down_write_killable+0x10/0x10 [ 626.184777][T14912] vm_mmap_pgoff+0x29e/0x470 [ 626.184818][T14912] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 626.184860][T14912] ? __x64_sys_futex+0x1e0/0x4c0 [ 626.184890][T14912] ? __x64_sys_futex+0x1e9/0x4c0 [ 626.184926][T14912] ksys_mmap_pgoff+0x7d/0x5c0 [ 626.184959][T14912] ? xfd_validate_state+0x61/0x180 [ 626.184992][T14912] ? __pfx_ksys_write+0x10/0x10 [ 626.185026][T14912] __x64_sys_mmap+0x125/0x190 [ 626.185067][T14912] do_syscall_64+0xcd/0x490 [ 626.185100][T14912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.185127][T14912] RIP: 0033:0x7f409498ebe9 [ 626.185149][T14912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 626.185175][T14912] RSP: 002b:00007f4095768038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 626.185200][T14912] RAX: ffffffffffffffda RBX: 00007f4094bb5fa0 RCX: 00007f409498ebe9 [ 626.185218][T14912] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 626.185234][T14912] RBP: 00007f4094a11e19 R08: 0000000000000401 R09: 0000000000008000 [ 626.185251][T14912] R10: 0000001000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 626.185266][T14912] R13: 00007f4094bb6038 R14: 00007f4094bb5fa0 R15: 00007fff3c08e718 [ 626.185302][T14912] [ 626.833297][T14915] [U] [ 628.699252][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 628.705863][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.054801][T14980] [U] [ 630.243384][T14984] sysfs_service_op_show: Client not running :-5: [ 631.012064][T15004] FAULT_INJECTION: forcing a failure. [ 631.012064][T15004] name failslab, interval 1, probability 0, space 0, times 0 [ 631.057769][T15004] CPU: 0 UID: 0 PID: 15004 Comm: syz.2.1964 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 631.057820][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 631.057836][T15004] Call Trace: [ 631.057845][T15004] [ 631.057856][T15004] dump_stack_lvl+0x16c/0x1f0 [ 631.057893][T15004] should_fail_ex+0x512/0x640 [ 631.057928][T15004] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 631.057964][T15004] should_failslab+0xc2/0x120 [ 631.057999][T15004] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 631.058027][T15004] ? d_instantiate+0x77/0x90 [ 631.058054][T15004] ? alloc_empty_file+0x55/0x1e0 [ 631.058104][T15004] alloc_empty_file+0x55/0x1e0 [ 631.058143][T15004] alloc_file_pseudo+0x13a/0x230 [ 631.058180][T15004] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 631.058229][T15004] __shmem_file_setup+0x1a3/0x330 [ 631.058262][T15004] shmem_zero_setup+0x93/0x1a0 [ 631.058308][T15004] __mmap_region+0x2081/0x27b0 [ 631.058343][T15004] ? lock_acquire+0x179/0x350 [ 631.058377][T15004] ? __pfx___mmap_region+0x10/0x10 [ 631.058417][T15004] ? lockdep_hardirqs_on+0x7c/0x110 [ 631.058449][T15004] ? finish_task_switch.isra.0+0x221/0xc10 [ 631.058477][T15004] ? rcu_is_watching+0x12/0xc0 [ 631.058504][T15004] ? trace_sched_exit_tp+0xd1/0x120 [ 631.058540][T15004] ? __schedule+0x11a3/0x5de0 [ 631.058629][T15004] ? trace_cap_capable+0x18d/0x200 [ 631.058669][T15004] mmap_region+0x1ab/0x3f0 [ 631.058698][T15004] ? __get_unmapped_area+0x267/0x440 [ 631.058732][T15004] do_mmap+0xa3e/0x1210 [ 631.058771][T15004] ? __pfx_do_mmap+0x10/0x10 [ 631.058806][T15004] ? __pfx_down_write_killable+0x10/0x10 [ 631.058845][T15004] vm_mmap_pgoff+0x29e/0x470 [ 631.058885][T15004] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 631.058928][T15004] ? __x64_sys_futex+0x1e0/0x4c0 [ 631.058957][T15004] ? __x64_sys_futex+0x1e9/0x4c0 [ 631.058993][T15004] ksys_mmap_pgoff+0x7d/0x5c0 [ 631.059027][T15004] ? xfd_validate_state+0x61/0x180 [ 631.059060][T15004] ? __pfx_ksys_write+0x10/0x10 [ 631.059103][T15004] __x64_sys_mmap+0x125/0x190 [ 631.059147][T15004] do_syscall_64+0xcd/0x490 [ 631.059183][T15004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.059210][T15004] RIP: 0033:0x7f409498ebe9 [ 631.059231][T15004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 631.059256][T15004] RSP: 002b:00007f4095768038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 631.059281][T15004] RAX: ffffffffffffffda RBX: 00007f4094bb5fa0 RCX: 00007f409498ebe9 [ 631.059308][T15004] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 631.059324][T15004] RBP: 00007f4094a11e19 R08: 0000000000000401 R09: 0000000000008000 [ 631.059340][T15004] R10: 0000001000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 631.059357][T15004] R13: 00007f4094bb6038 R14: 00007f4094bb5fa0 R15: 00007fff3c08e718 [ 631.059393][T15004] [ 632.163292][T15028] HSR: entered promiscuous mode [ 632.923816][T15052] FAULT_INJECTION: forcing a failure. [ 632.923816][T15052] name failslab, interval 1, probability 0, space 0, times 0 [ 632.967082][T15052] CPU: 1 UID: 0 PID: 15052 Comm: syz.0.1978 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 632.967121][T15052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 632.967136][T15052] Call Trace: [ 632.967145][T15052] [ 632.967154][T15052] dump_stack_lvl+0x16c/0x1f0 [ 632.967200][T15052] should_fail_ex+0x512/0x640 [ 632.967231][T15052] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 632.967264][T15052] should_failslab+0xc2/0x120 [ 632.967294][T15052] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 632.967323][T15052] ? __d_alloc+0x32/0xae0 [ 632.967356][T15052] __d_alloc+0x32/0xae0 [ 632.967386][T15052] d_alloc_pseudo+0x1c/0xc0 [ 632.967415][T15052] alloc_file_pseudo+0xcf/0x230 [ 632.967448][T15052] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 632.967486][T15052] __shmem_file_setup+0x1a3/0x330 [ 632.967511][T15052] shmem_zero_setup+0x93/0x1a0 [ 632.967540][T15052] __mmap_region+0x2081/0x27b0 [ 632.967569][T15052] ? finish_task_switch.isra.0+0x21c/0xc10 [ 632.967593][T15052] ? __pfx___mmap_region+0x10/0x10 [ 632.967617][T15052] ? rcu_is_watching+0x12/0xc0 [ 632.967646][T15052] ? rcu_is_watching+0x12/0xc0 [ 632.967669][T15052] ? trace_sched_exit_tp+0xd1/0x120 [ 632.967704][T15052] ? __schedule+0x11a3/0x5de0 [ 632.967730][T15052] ? __lock_acquire+0x62e/0x1ce0 [ 632.967778][T15052] ? __pfx___schedule+0x10/0x10 [ 632.967860][T15052] ? trace_cap_capable+0x18d/0x200 [ 632.967903][T15052] mmap_region+0x1ab/0x3f0 [ 632.967934][T15052] ? __get_unmapped_area+0x267/0x440 [ 632.967973][T15052] do_mmap+0xa3e/0x1210 [ 632.968012][T15052] ? __pfx_do_mmap+0x10/0x10 [ 632.968042][T15052] ? __pfx_down_write_killable+0x10/0x10 [ 632.968080][T15052] vm_mmap_pgoff+0x29e/0x470 [ 632.968118][T15052] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 632.968157][T15052] ? __x64_sys_futex+0x1e0/0x4c0 [ 632.968193][T15052] ? __x64_sys_futex+0x1e9/0x4c0 [ 632.968227][T15052] ksys_mmap_pgoff+0x7d/0x5c0 [ 632.968257][T15052] ? xfd_validate_state+0x61/0x180 [ 632.968290][T15052] ? __pfx_ksys_write+0x10/0x10 [ 632.968322][T15052] __x64_sys_mmap+0x125/0x190 [ 632.968360][T15052] do_syscall_64+0xcd/0x490 [ 632.968392][T15052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.968417][T15052] RIP: 0033:0x7f7da578ebe9 [ 632.968439][T15052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 632.968462][T15052] RSP: 002b:00007f7da6534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 632.968485][T15052] RAX: ffffffffffffffda RBX: 00007f7da59b5fa0 RCX: 00007f7da578ebe9 [ 632.968499][T15052] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 632.968512][T15052] RBP: 00007f7da5811e19 R08: 0000000000000401 R09: 0000000000008000 [ 632.968526][T15052] R10: 0000001000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 632.968541][T15052] R13: 00007f7da59b6038 R14: 00007f7da59b5fa0 R15: 00007ffe76a14858 [ 632.968572][T15052] [ 634.010049][T15055] tty tty1: ldisc open failed (-12), clearing slot 0 [ 634.039361][T15056] tty tty12: ldisc open failed (-12), clearing slot 11 [ 634.442859][T15087] program syz.0.1988 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 635.000057][T15099] FAULT_INJECTION: forcing a failure. [ 635.000057][T15099] name failslab, interval 1, probability 0, space 0, times 0 [ 635.023978][T15099] CPU: 0 UID: 0 PID: 15099 Comm: syz.1.1991 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 635.024020][T15099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 635.024036][T15099] Call Trace: [ 635.024045][T15099] [ 635.024054][T15099] dump_stack_lvl+0x16c/0x1f0 [ 635.024093][T15099] should_fail_ex+0x512/0x640 [ 635.024127][T15099] ? __kmalloc_noprof+0xbf/0x510 [ 635.024161][T15099] ? sk_prot_alloc+0x1a8/0x2a0 [ 635.024196][T15099] should_failslab+0xc2/0x120 [ 635.024231][T15099] __kmalloc_noprof+0xd2/0x510 [ 635.024260][T15099] ? evm_inode_alloc_security+0x49/0xc0 [ 635.024295][T15099] sk_prot_alloc+0x1a8/0x2a0 [ 635.024334][T15099] sk_alloc+0x36/0xc20 [ 635.024365][T15099] __netlink_create+0x5e/0x2c0 [ 635.024398][T15099] __netlink_kernel_create+0xed/0x750 [ 635.024440][T15099] ? __pfx___netlink_kernel_create+0x10/0x10 [ 635.024483][T15099] ? __pfx_genl_pernet_init+0x10/0x10 [ 635.024519][T15099] genl_pernet_init+0xbd/0x170 [ 635.024556][T15099] ? __pfx_genl_pernet_init+0x10/0x10 [ 635.024590][T15099] ? lockdep_init_map_type+0x5c/0x280 [ 635.024624][T15099] ? __pfx_genl_rcv+0x10/0x10 [ 635.024654][T15099] ? __pfx_genl_bind+0x10/0x10 [ 635.024685][T15099] ? __pfx_genl_unbind+0x10/0x10 [ 635.024719][T15099] ? __pfx_genl_release+0x10/0x10 [ 635.024756][T15099] ? debug_mutex_init+0x37/0x70 [ 635.024786][T15099] ops_init+0x1e2/0x5f0 [ 635.024825][T15099] setup_net+0x10f/0x380 [ 635.024855][T15099] ? lockdep_init_map_type+0x5c/0x280 [ 635.024890][T15099] ? __pfx_setup_net+0x10/0x10 [ 635.024924][T15099] ? debug_mutex_init+0x37/0x70 [ 635.024954][T15099] copy_net_ns+0x2a6/0x5f0 [ 635.025002][T15099] create_new_namespaces+0x3ea/0xa90 [ 635.025041][T15099] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 635.025075][T15099] ksys_unshare+0x45b/0xa40 [ 635.025109][T15099] ? __pfx_ksys_unshare+0x10/0x10 [ 635.025144][T15099] ? xfd_validate_state+0x61/0x180 [ 635.025190][T15099] __x64_sys_unshare+0x31/0x40 [ 635.025222][T15099] do_syscall_64+0xcd/0x490 [ 635.025257][T15099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.025284][T15099] RIP: 0033:0x7fbfd658ebe9 [ 635.025305][T15099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 635.025330][T15099] RSP: 002b:00007fbfd7371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 635.025355][T15099] RAX: ffffffffffffffda RBX: 00007fbfd67b5fa0 RCX: 00007fbfd658ebe9 [ 635.025373][T15099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 635.025389][T15099] RBP: 00007fbfd6611e19 R08: 0000000000000000 R09: 0000000000000000 [ 635.025406][T15099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.025421][T15099] R13: 00007fbfd67b6038 R14: 00007fbfd67b5fa0 R15: 00007ffce1df6ac8 [ 635.025457][T15099] [ 636.293464][T15125] sysfs_service_op_show: Client not running :-5: [ 638.668173][T15152] [U] [ 639.323641][T15174] sysfs_service_op_show: Client not running :-5: [ 639.943189][T15186] FAULT_INJECTION: forcing a failure. [ 639.943189][T15186] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 640.003826][T15186] CPU: 0 UID: 0 PID: 15186 Comm: syz.1.2014 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 640.003852][T15186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 640.003861][T15186] Call Trace: [ 640.003867][T15186] [ 640.003873][T15186] dump_stack_lvl+0x16c/0x1f0 [ 640.003898][T15186] should_fail_ex+0x512/0x640 [ 640.003921][T15186] _copy_to_iter+0x29f/0x16f0 [ 640.003944][T15186] ? find_held_lock+0x2b/0x80 [ 640.003962][T15186] ? __pfx__copy_to_iter+0x10/0x10 [ 640.003982][T15186] ? _raw_spin_unlock_irq+0x23/0x50 [ 640.003997][T15186] ? lockdep_hardirqs_on+0x7c/0x110 [ 640.004014][T15186] ? _raw_spin_unlock_irq+0x2e/0x50 [ 640.004029][T15186] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 640.004050][T15186] seq_read_iter+0x719/0x12c0 [ 640.004071][T15186] proc_reg_read_iter+0x220/0x310 [ 640.004092][T15186] vfs_read+0x8bf/0xcf0 [ 640.004113][T15186] ? __pfx_vfs_read+0x10/0x10 [ 640.004127][T15186] ? find_held_lock+0x2b/0x80 [ 640.004151][T15186] __x64_sys_pread64+0x1eb/0x250 [ 640.004169][T15186] ? __pfx___x64_sys_pread64+0x10/0x10 [ 640.004191][T15186] do_syscall_64+0xcd/0x490 [ 640.004211][T15186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.004226][T15186] RIP: 0033:0x7fbfd658ebe9 [ 640.004238][T15186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.004252][T15186] RSP: 002b:00007fbfd7371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 640.004268][T15186] RAX: ffffffffffffffda RBX: 00007fbfd67b5fa0 RCX: 00007fbfd658ebe9 [ 640.004278][T15186] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003 [ 640.004286][T15186] RBP: 00007fbfd7371090 R08: 0000000000000000 R09: 0000000000000000 [ 640.004294][T15186] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 640.004303][T15186] R13: 00007fbfd67b6038 R14: 00007fbfd67b5fa0 R15: 00007ffce1df6ac8 [ 640.004326][T15186] [ 641.466084][T15205] [U] [ 642.454095][T15220] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[15220] [ 642.926613][T15241] ICMPv6: process `syz.1.2029' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 646.930983][T15285] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2037'. [ 647.513428][T15314] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2045'. [ 647.867307][T15319] ptrace attach of "./syz-executor exec"[5869] was attempted by "./syz-executor exec"[15319] [ 649.681348][T15349] sysfs_service_op_show: Client not running :-5: [ 649.770326][ T30] audit: type=1800 audit(6050075701.448:12): pid=15355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2048" name="lu_gp_id" dev="configfs" ino=53261 res=0 errno=0 [ 650.702154][T15370] random: crng reseeded on system resumption [ 651.793812][T15391] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 652.119748][T15396] netlink: 5144 bytes leftover after parsing attributes in process `syz.0.2065'. [ 652.154008][T15395] netlink: 5144 bytes leftover after parsing attributes in process `syz.0.2065'. [ 654.741256][T15427] kexec: Could not allocate control_code_buffer [ 656.321874][T15479] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[15479] [ 657.981870][T15503] random: crng reseeded on system resumption [ 658.110073][T15510] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 658.126136][T15510] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 659.224658][T15539] netlink: ct family unspecified [ 663.562906][T15610] ptrace attach of "./syz-executor exec"[5869] was attempted by "./syz-executor exec"[15610] [ 666.554698][T15663] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2125'. [ 667.290123][T15675] ptrace attach of "./syz-executor exec"[5861] was attempted by "./syz-executor exec"[15675] [ 668.280931][T15689] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 669.527357][T15712] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2140'. [ 670.208495][T15710] FAULT_INJECTION: forcing a failure. [ 670.208495][T15710] name fail_futex, interval 1, probability 0, space 0, times 0 [ 670.242138][T15710] CPU: 1 UID: 0 PID: 15710 Comm: syz.2.2139 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 670.242179][T15710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 670.242195][T15710] Call Trace: [ 670.242205][T15710] [ 670.242215][T15710] dump_stack_lvl+0x16c/0x1f0 [ 670.242251][T15710] should_fail_ex+0x512/0x640 [ 670.242286][T15710] get_futex_key+0x1d0/0x1560 [ 670.242318][T15710] ? __pfx_get_futex_key+0x10/0x10 [ 670.242344][T15710] ? __resched_curr+0x2af/0x3b0 [ 670.242378][T15710] ? __pfx___resched_curr+0x10/0x10 [ 670.242418][T15710] futex_wait_setup+0x9d/0x550 [ 670.242462][T15710] __futex_wait+0x194/0x2f0 [ 670.242497][T15710] ? __pfx___futex_wait+0x10/0x10 [ 670.242523][T15710] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 670.242539][T15710] ? lockdep_hardirqs_on+0x7c/0x110 [ 670.242558][T15710] ? __pfx_futex_wake_mark+0x10/0x10 [ 670.242598][T15710] ? futex_private_hash_put+0x176/0x300 [ 670.242630][T15710] ? futex_private_hash_put+0x18a/0x300 [ 670.242670][T15710] futex_wait+0xe8/0x380 [ 670.242703][T15710] ? __pfx_futex_wait+0x10/0x10 [ 670.242752][T15710] ? kmem_cache_free+0x2d1/0x4d0 [ 670.242769][T15710] ? fd_install+0x225/0x750 [ 670.242783][T15710] ? putname+0x154/0x1a0 [ 670.242806][T15710] do_futex+0x229/0x350 [ 670.242824][T15710] ? __pfx_do_futex+0x10/0x10 [ 670.242846][T15710] __x64_sys_futex+0x1e0/0x4c0 [ 670.242864][T15710] ? __x64_sys_openat+0x174/0x210 [ 670.242886][T15710] ? __pfx___x64_sys_futex+0x10/0x10 [ 670.242903][T15710] ? xfd_validate_state+0x61/0x180 [ 670.242940][T15710] do_syscall_64+0xcd/0x490 [ 670.242962][T15710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.242977][T15710] RIP: 0033:0x7f409498ebe9 [ 670.242990][T15710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.243004][T15710] RSP: 002b:00007f40957680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 670.243018][T15710] RAX: ffffffffffffffda RBX: 00007f4094bb5fa8 RCX: 00007f409498ebe9 [ 670.243028][T15710] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4094bb5fa8 [ 670.243037][T15710] RBP: 00007f4094bb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 670.243045][T15710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.243054][T15710] R13: 00007f4094bb6038 R14: 00007fff3c08e630 R15: 00007fff3c08e718 [ 670.243072][T15710] [ 671.622864][T15728] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 672.118723][ T30] audit: type=1800 audit(6050075723.898:13): pid=15751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2149" name="dbroot" dev="configfs" ino=54046 res=0 errno=0 [ 672.206926][T15755] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2149'. [ 672.377333][T15760] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 675.076342][T15802] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 675.138399][T15802] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 675.195329][T15802] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 676.010689][T15806] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 676.016856][T15806] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 676.043589][T15806] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 676.100361][T13662] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 676.124317][T13662] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 676.151335][T13662] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 676.160364][T13662] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 676.176878][T13662] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 676.960628][T15833] nbd: must specify an index to disconnect [ 677.171555][ T1154] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 677.398576][ T1154] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 677.437222][T15810] chnl_net:caif_netlink_parms(): no params data found [ 677.474601][T13662] Bluetooth: hci0: command 0x0c1a tx timeout [ 677.592956][ T1154] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 678.031409][T13662] Bluetooth: hci2: command 0x0c1a tx timeout [ 678.082783][ T1154] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 678.108931][T13662] Bluetooth: hci3: command 0x0c1a tx timeout [ 678.267146][T13662] Bluetooth: hci4: command tx timeout [ 678.774582][T15810] bridge0: port 1(bridge_slave_0) entered blocking state [ 678.782365][T15810] bridge0: port 1(bridge_slave_0) entered disabled state [ 678.790520][T15810] bridge_slave_0: entered allmulticast mode [ 678.806210][T15810] bridge_slave_0: entered promiscuous mode [ 678.837837][T15810] bridge0: port 2(bridge_slave_1) entered blocking state [ 678.883609][T15810] bridge0: port 2(bridge_slave_1) entered disabled state [ 678.932666][T15810] bridge_slave_1: entered allmulticast mode [ 678.940841][T15810] bridge_slave_1: entered promiscuous mode [ 679.044799][T15810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 679.095732][T15810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 679.317375][T15810] team0: Port device team_slave_0 added [ 679.418723][T15810] team0: Port device team_slave_1 added [ 679.708170][T15810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 679.715819][T15810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 679.742393][T15810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 679.769110][ T1154] hsr0: left allmulticast mode [ 679.781854][ T1154] hsr_slave_0: left allmulticast mode [ 679.814824][ T1154] hsr_slave_1: left allmulticast mode [ 679.826173][ T1154] hsr0: left promiscuous mode [ 679.837582][ T1154] bridge0: port 3(hsr0) entered disabled state [ 679.863634][ T1154] bridge_slave_1: left allmulticast mode [ 679.872060][ T1154] bridge_slave_1: left promiscuous mode [ 679.880785][ T1154] bridge0: port 2(bridge_slave_1) entered disabled state [ 679.902889][ T1154] bridge_slave_0: left allmulticast mode [ 679.920206][ T1154] bridge_slave_0: left promiscuous mode [ 679.926027][ T1154] bridge0: port 1(bridge_slave_0) entered disabled state [ 680.231610][T15875] Line length is too long: Should be less than 4094 [ 680.260670][T15876] Line length is too long: Should be less than 4094 [ 680.336595][T13662] Bluetooth: hci4: command tx timeout [ 681.357095][ T1154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 681.359950][ T1154] bond_slave_0: left allmulticast mode [ 681.364214][ T1154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 681.364868][ T1154] bond_slave_1: left allmulticast mode [ 681.366820][ T1154] bond0 (unregistering): Released all slaves [ 681.474534][T15810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 681.474558][T15810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 681.474728][T15810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 681.914653][T15810] hsr_slave_0: entered promiscuous mode [ 681.941962][T15810] hsr_slave_1: entered promiscuous mode [ 681.957162][T15810] debugfs: 'hsr0' already exists in 'hsr' [ 681.974320][T15810] Cannot create hsr debugfs directory [ 682.403796][T13662] Bluetooth: hci4: command tx timeout [ 682.763092][ T1154] hsr_slave_0: left promiscuous mode [ 682.781522][ T1154] hsr_slave_1: left promiscuous mode [ 682.798522][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 682.810833][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 682.828010][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 682.850853][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 682.896252][ T1154] veth1_macvtap: left promiscuous mode [ 683.471346][ T1154] team0 (unregistering): Port device team_slave_1 removed [ 683.530948][ T1154] team0 (unregistering): Port device team_slave_0 removed [ 684.419654][T15915] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 684.479293][T13662] Bluetooth: hci4: command tx timeout [ 685.422536][T15938] random: crng reseeded on system resumption [ 685.615429][T15810] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 685.652930][T15810] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 685.731107][T15810] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 685.759340][T15810] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 686.118830][T15810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 686.253722][T15810] 8021q: adding VLAN 0 to HW filter on device team0 [ 686.368763][ T1154] bridge0: port 1(bridge_slave_0) entered blocking state [ 686.376201][ T1154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 686.448440][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 686.455949][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 686.535879][T15959] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2188'. [ 686.561983][T15959] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2188'. [ 686.664149][T15955] netlink: ct family unspecified [ 687.398102][T15810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 687.736492][T15810] veth0_vlan: entered promiscuous mode [ 687.780389][T15810] veth1_vlan: entered promiscuous mode [ 687.876317][T15810] veth0_macvtap: entered promiscuous mode [ 687.897263][T15810] veth1_macvtap: entered promiscuous mode [ 687.985994][T15810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 688.020521][T15810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 688.265428][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.352822][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.403542][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.509236][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 689.010612][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 689.029420][T16018] random: crng reseeded on system resumption [ 689.039673][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 689.127022][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 689.144051][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 689.810152][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 689.817115][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 690.612546][T16053] ERROR: Out of memory at tomoyo_memory_ok. [ 690.937084][T16053] FAULT_INJECTION: forcing a failure. [ 690.937084][T16053] name failslab, interval 1, probability 0, space 0, times 0 [ 690.986002][T16053] CPU: 1 UID: 0 PID: 16053 Comm: syz.0.2202 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 690.986041][T16053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 690.986051][T16053] Call Trace: [ 690.986056][T16053] [ 690.986063][T16053] dump_stack_lvl+0x16c/0x1f0 [ 690.986086][T16053] should_fail_ex+0x512/0x640 [ 690.986107][T16053] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 690.986127][T16053] should_failslab+0xc2/0x120 [ 690.986148][T16053] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 690.986163][T16053] ? __proc_create+0xc3/0x8e0 [ 690.986183][T16053] ? __proc_create+0x2ce/0x8e0 [ 690.986204][T16053] __proc_create+0x2ce/0x8e0 [ 690.986224][T16053] ? __pfx___proc_create+0x10/0x10 [ 690.986247][T16053] ? _raw_write_unlock+0x28/0x50 [ 690.986262][T16053] ? proc_register+0x314/0x5f0 [ 690.986284][T16053] proc_create_reg+0x7d/0x180 [ 690.986305][T16053] ? __pfx_ip_vs_stats_show+0x10/0x10 [ 690.986323][T16053] proc_create_net_single+0x86/0x180 [ 690.986345][T16053] ? __pfx_proc_create_net_single+0x10/0x10 [ 690.986371][T16053] ip_vs_control_net_init+0x457/0x1d20 [ 690.986390][T16053] ? debug_mutex_init+0x37/0x70 [ 690.986406][T16053] __ip_vs_init+0x217/0x520 [ 690.986424][T16053] ? __pfx___ip_vs_init+0x10/0x10 [ 690.986439][T16053] ops_init+0x1e2/0x5f0 [ 690.986460][T16053] setup_net+0x10f/0x380 [ 690.986477][T16053] ? lockdep_init_map_type+0x5c/0x280 [ 690.986514][T16053] ? __pfx_setup_net+0x10/0x10 [ 690.986533][T16053] ? debug_mutex_init+0x37/0x70 [ 690.986549][T16053] copy_net_ns+0x2a6/0x5f0 [ 690.986571][T16053] create_new_namespaces+0x3ea/0xa90 [ 690.986591][T16053] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 690.986609][T16053] ksys_unshare+0x45b/0xa40 [ 690.986629][T16053] ? __pfx_ksys_unshare+0x10/0x10 [ 690.986648][T16053] ? xfd_validate_state+0x61/0x180 [ 690.986684][T16053] __x64_sys_unshare+0x31/0x40 [ 690.986704][T16053] do_syscall_64+0xcd/0x490 [ 690.986725][T16053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.986741][T16053] RIP: 0033:0x7f7da578ebe9 [ 690.986754][T16053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.986768][T16053] RSP: 002b:00007f7da6534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 690.986783][T16053] RAX: ffffffffffffffda RBX: 00007f7da59b5fa0 RCX: 00007f7da578ebe9 [ 690.986793][T16053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 690.986801][T16053] RBP: 00007f7da5811e19 R08: 0000000000000000 R09: 0000000000000000 [ 690.986810][T16053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.986819][T16053] R13: 00007f7da59b6038 R14: 00007f7da59b5fa0 R15: 00007ffe76a14858 [ 690.986838][T16053] [ 692.655207][T16098] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 692.661420][T16098] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 692.722312][T16098] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 692.728629][T16098] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 692.741915][T16098] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 692.882107][T16098] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 693.153849][T16103] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 694.118512][T16114] ERROR: Out of memory at tomoyo_memory_ok. [ 694.653750][T13662] Bluetooth: hci0: command 0x0c1a tx timeout [ 694.659862][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 694.733814][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 694.740111][T13662] Bluetooth: hci3: command 0x0c1a tx timeout [ 695.434191][T16151] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[16151] [ 696.801569][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 696.861466][T16171] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 697.208365][T16179] could not allocate digest TFM handle [ 698.095237][T16215] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2236'. [ 698.870549][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 699.554273][T16259] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 699.558897][T16231] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 699.612160][T16231] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 699.618546][T16231] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 699.642016][T16231] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 700.041703][T16267] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 700.860047][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 701.655646][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 701.661863][T13662] Bluetooth: hci3: command 0x0c1a tx timeout [ 701.661874][T10793] Bluetooth: hci2: command 0x0c1a tx timeout [ 704.247413][T16325] ptrace attach of "./syz-executor exec"[15810] was attempted by "./syz-executor exec"[16325] [ 705.277710][T16368] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 708.113534][T16404] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[16404] [ 708.459037][T16429] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[16429] [ 709.781836][T16440] random: crng reseeded on system resumption [ 711.094899][T16467] [U] [ 713.269584][T16485] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[16485] [ 714.327501][T16513] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input23 [ 715.604925][T16522] zswap: compressor not available [ 716.365484][T16543] random: crng reseeded on system resumption [ 716.885782][T16555] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 718.489121][T16595] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 720.562551][T16631] bridge0: port 3(hsr0) entered blocking state [ 720.569100][T16631] bridge0: port 3(hsr0) entered disabled state [ 720.600936][T16631] hsr0: entered allmulticast mode [ 720.624035][T16631] hsr_slave_0: entered allmulticast mode [ 720.644845][T16631] hsr_slave_1: entered allmulticast mode [ 720.679916][T16631] hsr0: entered promiscuous mode [ 720.705766][T16631] bridge0: port 3(hsr0) entered blocking state [ 720.712147][T16631] bridge0: port 3(hsr0) entered forwarding state [ 722.611540][T16671] random: crng reseeded on system resumption [ 723.864097][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 723.883297][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 723.893289][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 723.907888][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 723.916172][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 724.221040][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 724.467676][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 724.612844][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 724.679591][T16690] chnl_net:caif_netlink_parms(): no params data found [ 725.051372][T16690] bridge0: port 1(bridge_slave_0) entered blocking state [ 725.111048][T16690] bridge0: port 1(bridge_slave_0) entered disabled state [ 725.119547][T16690] bridge_slave_0: entered allmulticast mode [ 725.142787][T16690] bridge_slave_0: entered promiscuous mode [ 725.158970][T16690] bridge0: port 2(bridge_slave_1) entered blocking state [ 725.166332][T16690] bridge0: port 2(bridge_slave_1) entered disabled state [ 725.173730][T16690] bridge_slave_1: entered allmulticast mode [ 725.182055][T16690] bridge_slave_1: entered promiscuous mode [ 725.220023][ T49] netdevsim netdevsim15 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.465904][T16690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 725.484451][T16690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 725.928750][T16690] team0: Port device team_slave_0 added [ 725.935965][ T51] Bluetooth: hci0: command tx timeout [ 725.950912][T16690] team0: Port device team_slave_1 added [ 726.143572][T16690] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 726.187865][T16690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 726.214323][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.282676][T16690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 726.307044][T16690] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 726.314125][T16690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 726.340285][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.630544][T16690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 726.673499][ T49] hsr0: left allmulticast mode [ 726.723547][ T49] hsr_slave_0: left allmulticast mode [ 726.729171][ T49] hsr_slave_1: left allmulticast mode [ 726.740721][ T49] hsr0: left promiscuous mode [ 726.745712][ T49] bridge0: port 2(hsr0) entered disabled state [ 726.755497][ T49] bridge_slave_0: left allmulticast mode [ 726.767399][ T49] bridge_slave_0: left promiscuous mode [ 726.805284][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 727.609673][T16751] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[16751] [ 727.995873][ T51] Bluetooth: hci0: command tx timeout [ 728.190429][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 728.201348][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 728.211784][ T49] bond0 (unregistering): Released all slaves [ 728.405237][ T49] HfR: left promiscuous mode [ 728.432994][T16690] hsr_slave_0: entered promiscuous mode [ 728.439857][T16690] hsr_slave_1: entered promiscuous mode [ 728.446804][T16690] debugfs: 'hsr0' already exists in 'hsr' [ 728.452644][T16690] Cannot create hsr debugfs directory [ 729.129155][ T49] hsr_slave_0: left promiscuous mode [ 729.136453][ T49] hsr_slave_1: left promiscuous mode [ 729.151158][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 729.184212][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 729.247330][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 729.276836][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 729.356234][ T49] veth1_vlan: left promiscuous mode [ 729.372108][ T49] veth0_vlan: left promiscuous mode [ 730.068519][ T51] Bluetooth: hci0: command tx timeout [ 730.104128][ T49] team0 (unregistering): Port device team_slave_1 removed [ 730.152988][ T49] team0 (unregistering): Port device team_slave_0 removed [ 731.259268][T16787] random: crng reseeded on system resumption [ 731.643286][T16793] FAULT_INJECTION: forcing a failure. [ 731.643286][T16793] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 731.643379][T16793] CPU: 1 UID: 0 PID: 16793 Comm: syz.2.2356 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 731.643416][T16793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 731.643432][T16793] Call Trace: [ 731.643442][T16793] [ 731.643452][T16793] dump_stack_lvl+0x16c/0x1f0 [ 731.643491][T16793] should_fail_ex+0x512/0x640 [ 731.643532][T16793] should_fail_alloc_page+0xe7/0x130 [ 731.643570][T16793] prepare_alloc_pages+0x3c2/0x610 [ 731.643618][T16793] ? rcu_is_watching+0x12/0xc0 [ 731.643647][T16793] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 731.643682][T16793] ? rcu_is_watching+0x12/0xc0 [ 731.643707][T16793] ? trace_mm_page_alloc+0x11f/0x1a0 [ 731.643745][T16793] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 731.643776][T16793] ? stack_trace_save+0x8e/0xc0 [ 731.643805][T16793] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 731.643844][T16793] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 731.643869][T16793] ? __get_vm_area_node+0x1ca/0x330 [ 731.643904][T16793] ? __vmalloc_node_noprof+0xad/0xf0 [ 731.643940][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.643969][T16793] ? snd_dma_alloc_dir_pages+0x151/0x240 [ 731.643995][T16793] ? do_alloc_pages+0x136/0x2d0 [ 731.644019][T16793] ? snd_pcm_lib_malloc_pages+0x3df/0x980 [ 731.644046][T16793] ? snd_pcm_hw_params+0x1656/0x1ba0 [ 731.644072][T16793] ? snd_pcm_kernel_ioctl+0x147/0x2e0 [ 731.644103][T16793] ? do_syscall_64+0xcd/0x490 [ 731.644132][T16793] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.644166][T16793] alloc_pages_bulk_noprof+0x71c/0x1410 [ 731.644197][T16793] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 731.644237][T16793] ? policy_nodemask+0xea/0x4e0 [ 731.644273][T16793] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 731.644306][T16793] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 731.644356][T16793] kasan_populate_vmalloc+0xf1/0x1f0 [ 731.644392][T16793] alloc_vmap_area+0x959/0x29c0 [ 731.644450][T16793] ? __pfx_alloc_vmap_area+0x10/0x10 [ 731.644500][T16793] __get_vm_area_node+0x1ca/0x330 [ 731.644546][T16793] __vmalloc_node_range_noprof+0x271/0x14b0 [ 731.644595][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.644630][T16793] ? __pfx___mutex_trylock_common+0x10/0x10 [ 731.644671][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.644701][T16793] ? rcu_is_watching+0x12/0xc0 [ 731.644727][T16793] ? trace_contention_end+0xdd/0x130 [ 731.644764][T16793] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 731.644810][T16793] ? __mutex_unlock_slowpath+0x163/0x800 [ 731.644845][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.644870][T16793] __vmalloc_node_noprof+0xad/0xf0 [ 731.644909][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.644937][T16793] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 731.644970][T16793] __snd_dma_alloc_pages+0x53/0x90 [ 731.645000][T16793] snd_dma_alloc_dir_pages+0x151/0x240 [ 731.645033][T16793] do_alloc_pages+0x136/0x2d0 [ 731.645066][T16793] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 731.645101][T16793] snd_pcm_hw_params+0x1656/0x1ba0 [ 731.645136][T16793] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 731.645165][T16793] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 731.645211][T16793] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 731.645252][T16793] ? __asan_memset+0x23/0x50 [ 731.645281][T16793] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 731.645313][T16793] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 731.645371][T16793] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 731.645414][T16793] ? __pfx___mutex_lock+0x10/0x10 [ 731.645471][T16793] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 731.645512][T16793] snd_pcm_oss_set_trigger.isra.0+0x32/0x6b0 [ 731.645558][T16793] snd_pcm_oss_ioctl+0x1d0f/0x37a0 [ 731.645616][T16793] ? find_held_lock+0x2b/0x80 [ 731.645643][T16793] ? hook_file_ioctl_common+0x145/0x410 [ 731.645680][T16793] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 731.645711][T16793] ? __fget_files+0x20e/0x3c0 [ 731.645745][T16793] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 731.645772][T16793] __x64_sys_ioctl+0x18e/0x210 [ 731.645824][T16793] do_syscall_64+0xcd/0x490 [ 731.645860][T16793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.645888][T16793] RIP: 0033:0x7f409498ebe9 [ 731.645911][T16793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.645938][T16793] RSP: 002b:00007f4095747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 731.645965][T16793] RAX: ffffffffffffffda RBX: 00007f4094bb6090 RCX: 00007f409498ebe9 [ 731.645983][T16793] RDX: 0000200000000040 RSI: 0000000040045010 RDI: 0000000000000008 [ 731.645997][T16793] RBP: 00007f4094a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 731.646016][T16793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.646030][T16793] R13: 00007f4094bb6128 R14: 00007f4094bb6090 R15: 00007fff3c08e718 [ 731.646066][T16793] [ 731.704888][T16793] syz.2.2356: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 731.705336][T16793] CPU: 1 UID: 0 PID: 16793 Comm: syz.2.2356 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 731.705371][T16793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 731.705387][T16793] Call Trace: [ 731.705395][T16793] [ 731.705406][T16793] dump_stack_lvl+0x16c/0x1f0 [ 731.705443][T16793] warn_alloc+0x248/0x3a0 [ 731.705476][T16793] ? __pfx_warn_alloc+0x10/0x10 [ 731.705510][T16793] ? kfree+0x2b4/0x4d0 [ 731.705543][T16793] ? __get_vm_area_node+0x208/0x330 [ 731.705587][T16793] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 731.705640][T16793] ? __pfx___mutex_trylock_common+0x10/0x10 [ 731.705674][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.705701][T16793] ? rcu_is_watching+0x12/0xc0 [ 731.705727][T16793] ? trace_contention_end+0xdd/0x130 [ 731.705761][T16793] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 731.705807][T16793] ? __mutex_unlock_slowpath+0x163/0x800 [ 731.705842][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.705865][T16793] __vmalloc_node_noprof+0xad/0xf0 [ 731.705899][T16793] ? __snd_dma_alloc_pages+0x53/0x90 [ 731.705923][T16793] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 731.705952][T16793] __snd_dma_alloc_pages+0x53/0x90 [ 731.705979][T16793] snd_dma_alloc_dir_pages+0x151/0x240 [ 731.706012][T16793] do_alloc_pages+0x136/0x2d0 [ 731.706040][T16793] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 731.706070][T16793] snd_pcm_hw_params+0x1656/0x1ba0 [ 731.706103][T16793] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 731.706131][T16793] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 731.706175][T16793] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 731.706214][T16793] ? __asan_memset+0x23/0x50 [ 731.706243][T16793] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 731.706273][T16793] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 731.706324][T16793] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 731.706361][T16793] ? __pfx___mutex_lock+0x10/0x10 [ 731.706411][T16793] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 731.706451][T16793] snd_pcm_oss_set_trigger.isra.0+0x32/0x6b0 [ 731.706495][T16793] snd_pcm_oss_ioctl+0x1d0f/0x37a0 [ 731.706517][T16793] ? find_held_lock+0x2b/0x80 [ 731.706539][T16793] ? hook_file_ioctl_common+0x145/0x410 [ 731.706569][T16793] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 731.706596][T16793] ? __fget_files+0x20e/0x3c0 [ 731.706638][T16793] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 731.706666][T16793] __x64_sys_ioctl+0x18e/0x210 [ 731.706706][T16793] do_syscall_64+0xcd/0x490 [ 731.706746][T16793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.706769][T16793] RIP: 0033:0x7f409498ebe9 [ 731.706790][T16793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.706816][T16793] RSP: 002b:00007f4095747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 731.706839][T16793] RAX: ffffffffffffffda RBX: 00007f4094bb6090 RCX: 00007f409498ebe9 [ 731.706855][T16793] RDX: 0000200000000040 RSI: 0000000040045010 RDI: 0000000000000008 [ 731.706871][T16793] RBP: 00007f4094a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 731.706885][T16793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.706898][T16793] R13: 00007f4094bb6128 R14: 00007f4094bb6090 R15: 00007fff3c08e718 [ 731.706929][T16793] [ 731.707188][T16793] Mem-Info: [ 731.707205][T16793] active_anon:4948 inactive_anon:8940 isolated_anon:0 [ 731.707205][T16793] active_file:23779 inactive_file:41410 isolated_file:0 [ 731.707205][T16793] unevictable:768 dirty:512 writeback:0 [ 731.707205][T16793] slab_reclaimable:11839 slab_unreclaimable:92707 [ 731.707205][T16793] mapped:27002 shmem:1371 pagetables:1244 [ 731.707205][T16793] sec_pagetables:0 bounce:0 [ 731.707205][T16793] kernel_misc_reclaimable:0 [ 731.707205][T16793] free:1306099 free_pcp:12058 free_cma:0 [ 731.707269][T16793] Node 0 active_anon:19792kB inactive_anon:35760kB active_file:95116kB inactive_file:165508kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108008kB dirty:2048kB writeback:0kB shmem:3948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11304kB pagetables:4832kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 731.707335][T16793] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 731.707398][T16793] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 731.707472][T16793] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 731.707523][T16793] Node 0 DMA32 free:1299480kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19744kB inactive_anon:35760kB active_file:93872kB inactive_file:165436kB unevictable:1536kB writepending:2048kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:48204kB local_pcp:18644kB free_cma:0kB [ 731.707598][T16793] lowmem_reserve[]: 0 0 1 1 1 [ 731.707660][T16793] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:1244kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 731.707728][T16793] lowmem_reserve[]: 0 0 0 0 0 [ 731.707772][T16793] Node 1 Normal free:3909544kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 731.707847][T16793] lowmem_reserve[]: 0 0 0 0 0 [ 731.707895][T16793] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 731.708090][T16793] Node 0 DMA32: 452*4kB (UME) 305*8kB (UME) 312*16kB (UME) 838*32kB (UME) 554*64kB (ME) 182*128kB (UME) 96*256kB (UME) 85*512kB (UM) 62*1024kB (UME) 8*2048kB (UM) 258*4096kB (UM) = 1299544kB [ 731.708319][T16793] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 731.708479][T16793] Node 1 Normal: 152*4kB (UME) 43*8kB (UME) 47*16kB (UME) 192*32kB (UME) 86*64kB (UME) 31*128kB (UME) 10*256kB (UME) 5*512kB (UM) 2*1024kB (ME) 1*2048kB (E) 948*4096kB (M) = 3909544kB [ 731.708721][T16793] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 731.708743][T16793] Node 0 hugepages_total=4 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB [ 731.708763][T16793] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 731.708784][T16793] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 731.708804][T16793] 66599 total pagecache pages [ 731.708815][T16793] 43 pages in swap cache [ 731.708825][T16793] Free swap = 124816kB [ 731.708835][T16793] Total swap = 124996kB [ 731.708845][T16793] 2097051 pages RAM [ 731.708855][T16793] 0 pages HighMem/MovableOnly [ 731.708863][T16793] 430185 pages reserved [ 731.708872][T16793] 0 pages cma reserved [ 732.145648][ T51] Bluetooth: hci0: command tx timeout [ 732.812068][T16690] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 732.817739][T16690] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 732.826759][T16690] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 732.850990][T16690] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 733.087466][T16690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 733.155292][T16690] 8021q: adding VLAN 0 to HW filter on device team0 [ 733.202704][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 733.202855][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 733.221715][ T8965] bridge0: port 2(bridge_slave_1) entered blocking state [ 733.221832][ T8965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 733.528417][T16690] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 734.311731][T16690] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 734.956603][T16829] tty tty12: ldisc open failed (-12), clearing slot 11 [ 735.450651][T16690] veth0_vlan: entered promiscuous mode [ 735.656866][T16690] veth1_vlan: entered promiscuous mode [ 735.741137][T16690] veth0_macvtap: entered promiscuous mode [ 735.776947][T16690] veth1_macvtap: entered promiscuous mode [ 735.828289][T16690] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 735.868110][T16690] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 736.020437][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.103962][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.151094][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.226588][ T8966] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 737.054801][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 737.054829][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 737.394165][ T3487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 737.394190][ T3487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 737.750329][T16913] random: crng reseeded on system resumption [ 739.566815][T16928] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[16928] [ 743.467194][T17027] sysfs_service_op_show: Client not running :-5: [ 744.857829][T17070] [U] [ 746.042664][T17099] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078000000 pfn:0x78000 [ 746.083862][T17099] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 746.111304][T17099] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 746.129625][T17099] raw: ffff888078000000 0000000000000000 00000001ffffffff 0000000000000000 [ 746.138287][T17099] page dumped because: unmovable page [ 746.192680][T17099] page_owner tracks the page as allocated [ 746.228954][T17099] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 10431, tgid 10431 (syz.2.937), ts 368457382418, free_ts 367787635260 [ 746.299594][T17099] post_alloc_hook+0x1c0/0x230 [ 746.304679][T17099] get_page_from_freelist+0x132b/0x38e0 [ 746.378436][T17099] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 746.384432][T17099] alloc_pages_mpol+0x1fb/0x550 [ 746.638873][T17099] alloc_pages_noprof+0x131/0x390 [ 746.671169][T17099] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 746.678202][T17099] __vmalloc_node_noprof+0xad/0xf0 [ 746.683555][T17099] copy_process+0x2c70/0x7690 [ 746.689171][T17099] kernel_clone+0xfc/0x930 [ 746.693980][T17099] __do_sys_clone3+0x212/0x290 [ 746.702326][T17099] do_syscall_64+0xcd/0x490 [ 746.708613][T17099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.715382][T17099] page last free pid 15 tgid 15 stack trace: [ 746.722523][T17099] __free_frozen_pages+0x7d5/0x10f0 [ 746.729244][T17099] rcu_core+0x79c/0x1530 [ 746.733654][T17099] handle_softirqs+0x219/0x8e0 [ 746.739072][T17099] run_ksoftirqd+0x3a/0x60 [ 746.744035][T17099] smpboot_thread_fn+0x3f4/0xae0 [ 746.816064][T17099] kthread+0x3c5/0x780 [ 746.821012][T17099] ret_from_fork+0x5d4/0x6f0 [ 746.826995][T17099] ret_from_fork_asm+0x1a/0x30 [ 746.860051][T17080] netlink: ct family unspecified [ 746.888194][T17099] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2400'. [ 750.924090][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 750.930588][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 751.989969][T17204] FAULT_INJECTION: forcing a failure. [ 751.989969][T17204] name failslab, interval 1, probability 0, space 0, times 0 [ 752.002821][T17204] CPU: 0 UID: 0 PID: 17204 Comm: syz.3.2416 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 752.002860][T17204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 752.002877][T17204] Call Trace: [ 752.002885][T17204] [ 752.002896][T17204] dump_stack_lvl+0x16c/0x1f0 [ 752.002940][T17204] should_fail_ex+0x512/0x640 [ 752.002975][T17204] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 752.003006][T17204] should_failslab+0xc2/0x120 [ 752.003038][T17204] __kmalloc_cache_noprof+0x6a/0x3e0 [ 752.003065][T17204] ? fsnotify_alloc_group+0x92/0x330 [ 752.003099][T17204] fsnotify_alloc_group+0x92/0x330 [ 752.003129][T17204] do_inotify_init+0x49/0x5f0 [ 752.003160][T17204] ? rcu_is_watching+0x12/0xc0 [ 752.003188][T17204] __x64_sys_inotify_init1+0x30/0x40 [ 752.003222][T17204] do_syscall_64+0xcd/0x490 [ 752.003257][T17204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.003283][T17204] RIP: 0033:0x7f745018ebe9 [ 752.003305][T17204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.003329][T17204] RSP: 002b:00007f74510b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 752.003354][T17204] RAX: ffffffffffffffda RBX: 00007f74503b5fa0 RCX: 00007f745018ebe9 [ 752.003371][T17204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0003000000000000 [ 752.003386][T17204] RBP: 00007f7450211e19 R08: 0000000000000000 R09: 0000000000000000 [ 752.003402][T17204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.003417][T17204] R13: 00007f74503b6038 R14: 00007f74503b5fa0 R15: 00007ffcc0929048 [ 752.003452][T17204] [ 752.693568][T17217] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 753.187072][T17233] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 753.349275][T17233] random: crng reseeded on system resumption [ 756.726033][T17267] ptrace attach of "./syz-executor exec"[15810] was attempted by "./syz-executor exec"[17267] [ 756.745534][T13662] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 756.764733][T13662] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 756.813781][T13662] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 756.854371][T13662] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 756.863914][T13662] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 757.116052][ T8965] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.299955][ T8965] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.472101][ T8965] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.611481][ T8965] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 758.403081][T17310] sysfs_service_op_show: Client not running :-5: [ 758.787869][T17312] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 758.990437][T13662] Bluetooth: hci1: command tx timeout [ 759.035128][ T8965] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 759.053320][ T8965] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 759.063913][ T8965] bond0 (unregistering): Released all slaves [ 759.079538][T17276] chnl_net:caif_netlink_parms(): no params data found [ 759.290623][ T8965] tipc: Left network mode [ 759.773536][T17276] bridge0: port 1(bridge_slave_0) entered blocking state [ 759.785485][T17276] bridge0: port 1(bridge_slave_0) entered disabled state [ 759.796734][T17276] bridge_slave_0: entered allmulticast mode [ 759.805029][T17337] ptrace attach of "./syz-executor exec"[15810] was attempted by "./syz-executor exec"[17337] [ 759.817752][T17276] bridge_slave_0: entered promiscuous mode [ 759.829546][T17276] bridge0: port 2(bridge_slave_1) entered blocking state [ 759.837024][T17276] bridge0: port 2(bridge_slave_1) entered disabled state [ 759.852883][T17276] bridge_slave_1: entered allmulticast mode [ 759.868841][T17276] bridge_slave_1: entered promiscuous mode [ 760.434984][T17344] ptrace attach of "./syz-executor exec"[5863] was attempted by "./syz-executor exec"[17344] [ 760.534858][T17276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 760.575608][ T8965] hsr_slave_0: left promiscuous mode [ 760.589459][ T8965] hsr_slave_1: left promiscuous mode [ 760.597279][ T8965] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 760.626617][ T8965] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 760.643287][ T8965] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 760.650951][ T8965] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 760.681165][ T8965] veth1_macvtap: left promiscuous mode [ 760.687074][ T8965] veth0_macvtap: left promiscuous mode [ 760.693288][ T8965] veth1_vlan: left promiscuous mode [ 760.698953][ T8965] veth0_vlan: left promiscuous mode [ 761.024371][T13662] Bluetooth: hci1: command tx timeout [ 761.366062][ T8965] team0 (unregistering): Port device team_slave_1 removed [ 761.442191][ T8965] team0 (unregistering): Port device team_slave_0 removed [ 761.978731][T17276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 762.125805][T17276] team0: Port device team_slave_0 added [ 762.159099][T17276] team0: Port device team_slave_1 added [ 762.425968][T17276] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 762.432955][T17276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 762.467609][T17276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 762.509442][T17276] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 762.543207][T17276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 762.598863][T17276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 762.989023][T17276] hsr_slave_0: entered promiscuous mode [ 763.024086][T17276] hsr_slave_1: entered promiscuous mode [ 763.050744][T17276] debugfs: 'hsr0' already exists in 'hsr' [ 763.056536][T17276] Cannot create hsr debugfs directory [ 763.089910][T13662] Bluetooth: hci1: command tx timeout [ 765.158719][T13662] Bluetooth: hci1: command tx timeout [ 765.413889][T17276] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 765.508904][T17276] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 765.576164][T17276] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 765.605626][T17276] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 766.079244][T17276] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.160605][T17276] 8021q: adding VLAN 0 to HW filter on device team0 [ 766.223656][ T70] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.231137][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state [ 766.333188][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.340697][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 767.004794][T17276] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 767.756795][T17276] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 767.905072][T17276] veth0_vlan: entered promiscuous mode [ 767.930586][T17276] veth1_vlan: entered promiscuous mode [ 768.042611][T17276] veth0_macvtap: entered promiscuous mode [ 768.083068][T17276] veth1_macvtap: entered promiscuous mode [ 768.133463][T17276] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 768.144549][T17276] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 768.291101][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.334543][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.382726][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.430620][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.464218][T17465] random: crng reseeded on system resumption [ 768.509224][T17469] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2460'. [ 768.775812][ T3487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 768.809890][ T3487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.140282][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.159022][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 770.722146][T17498] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2465'. [ 770.778734][T17500] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2465'. syzkaller syzkaller login: [ 773.113287][T17525] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[17525] [ 775.147798][T17562] random: crng reseeded on system resumption [ 776.930880][T17595] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2487'. [ 776.959354][T17595] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 776.993089][T17595] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 777.035433][T17595] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 777.073206][T17595] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 780.069435][T17630] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[17630] [ 781.519942][T17671] [U] [ 782.300021][T17686] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 783.646413][T17721] binder: 17718:17721 ioctl 40046205 0 returned -22 [ 786.447671][T17752] ptrace attach of "./syz-executor exec"[17276] was attempted by "./syz-executor exec"[17752] [ 787.234734][ T30] audit: type=1804 audit(6050075839.658:14): pid=17779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2529" name="/newroot/sys/kernel/debug/tracing/set_event_notrace_pid" dev="tracefs" ino=19 res=1 errno=0 [ 791.854397][T17871] random: crng reseeded on system resumption [ 792.334563][T17878] ======================================================= [ 792.334563][T17878] WARNING: The mand mount option has been deprecated and [ 792.334563][T17878] and is ignored by this kernel. Remove the mand [ 792.334563][T17878] option from the mount to silence this warning. [ 792.334563][T17878] ======================================================= [ 793.125537][T17899] random: crng reseeded on system resumption [ 793.273614][T17901] random: crng reseeded on system resumption [ 793.321097][T17901] FAULT_INJECTION: forcing a failure. [ 793.321097][T17901] name failslab, interval 1, probability 0, space 0, times 0 [ 793.401804][T17903] svc: failed to register nfsdv3 RPC service (errno 111). [ 793.412156][T17903] svc: failed to register nfsaclv3 RPC service (errno 111). [ 793.455453][T17909] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2559'. [ 793.459096][T17901] CPU: 1 UID: 0 PID: 17901 Comm: syz.0.2558 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 793.459132][T17901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 793.459147][T17901] Call Trace: [ 793.459155][T17901] [ 793.459164][T17901] dump_stack_lvl+0x16c/0x1f0 [ 793.459199][T17901] should_fail_ex+0x512/0x640 [ 793.459230][T17901] ? fs_reclaim_acquire+0xae/0x150 [ 793.459266][T17901] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 793.459299][T17901] should_failslab+0xc2/0x120 [ 793.459330][T17901] __kmalloc_noprof+0xd2/0x510 [ 793.459366][T17901] tomoyo_realpath_from_path+0xc2/0x6e0 [ 793.459402][T17901] ? tomoyo_profile+0x47/0x60 [ 793.459439][T17901] tomoyo_path_number_perm+0x245/0x580 [ 793.459466][T17901] ? tomoyo_path_number_perm+0x237/0x580 [ 793.459514][T17901] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 793.459544][T17901] ? find_held_lock+0x2b/0x80 [ 793.459598][T17901] ? find_held_lock+0x2b/0x80 [ 793.459620][T17901] ? hook_file_ioctl_common+0x145/0x410 [ 793.459658][T17901] ? __fget_files+0x20e/0x3c0 [ 793.459690][T17901] security_file_ioctl+0x9b/0x240 [ 793.459720][T17901] __x64_sys_ioctl+0xb7/0x210 [ 793.459757][T17901] do_syscall_64+0xcd/0x490 [ 793.459789][T17901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.459814][T17901] RIP: 0033:0x7f8e5878ebe9 [ 793.459834][T17901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 793.459856][T17901] RSP: 002b:00007f8e59664038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 793.459880][T17901] RAX: ffffffffffffffda RBX: 00007f8e589b5fa0 RCX: 00007f8e5878ebe9 [ 793.459896][T17901] RDX: 0000000000000000 RSI: 00000000400c330d RDI: 0000000000000003 [ 793.459910][T17901] RBP: 00007f8e59664090 R08: 0000000000000000 R09: 0000000000000000 [ 793.459925][T17901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 793.459939][T17901] R13: 00007f8e589b6038 R14: 00007f8e589b5fa0 R15: 00007ffd73a10868 [ 793.459971][T17901] [ 793.459986][T17901] ERROR: Out of memory at tomoyo_realpath_from_path. [ 796.329022][T17955] random: crng reseeded on system resumption [ 797.309916][T17957] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[17957] [ 801.112003][T18023] FAULT_INJECTION: forcing a failure. [ 801.112003][T18023] name failslab, interval 1, probability 0, space 0, times 0 [ 801.135135][T18021] netlink: ct family unspecified [ 801.155847][T18023] CPU: 1 UID: 0 PID: 18023 Comm: syz.0.2586 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 801.155885][T18023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 801.155900][T18023] Call Trace: [ 801.155909][T18023] [ 801.155919][T18023] dump_stack_lvl+0x16c/0x1f0 [ 801.155957][T18023] should_fail_ex+0x512/0x640 [ 801.155991][T18023] ? __kmalloc_noprof+0xbf/0x510 [ 801.156033][T18023] ? lsm_blob_alloc+0x68/0x90 [ 801.156070][T18023] should_failslab+0xc2/0x120 [ 801.156105][T18023] __kmalloc_noprof+0xd2/0x510 [ 801.156144][T18023] lsm_blob_alloc+0x68/0x90 [ 801.156180][T18023] security_sk_alloc+0x30/0x270 [ 801.156210][T18023] sk_prot_alloc+0x1c7/0x2a0 [ 801.156250][T18023] sk_alloc+0x36/0xc20 [ 801.156279][T18023] __netlink_create+0x5e/0x2c0 [ 801.156309][T18023] __netlink_kernel_create+0xed/0x750 [ 801.156343][T18023] ? __pfx___netlink_kernel_create+0x10/0x10 [ 801.156386][T18023] uevent_net_init+0xf8/0x350 [ 801.156422][T18023] ? __pfx_uevent_net_init+0x10/0x10 [ 801.156459][T18023] ? __pfx_uevent_net_rcv+0x10/0x10 [ 801.156505][T18023] ? __pfx_uevent_net_init+0x10/0x10 [ 801.156538][T18023] ops_init+0x1e2/0x5f0 [ 801.156575][T18023] setup_net+0x10f/0x380 [ 801.156605][T18023] ? lockdep_init_map_type+0x5c/0x280 [ 801.156640][T18023] ? __pfx_setup_net+0x10/0x10 [ 801.156674][T18023] ? debug_mutex_init+0x37/0x70 [ 801.156703][T18023] copy_net_ns+0x2a6/0x5f0 [ 801.156742][T18023] create_new_namespaces+0x3ea/0xa90 [ 801.156780][T18023] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 801.156812][T18023] ksys_unshare+0x45b/0xa40 [ 801.156847][T18023] ? __pfx_ksys_unshare+0x10/0x10 [ 801.156881][T18023] ? xfd_validate_state+0x61/0x180 [ 801.156927][T18023] __x64_sys_unshare+0x31/0x40 [ 801.156960][T18023] do_syscall_64+0xcd/0x490 [ 801.156994][T18023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.157030][T18023] RIP: 0033:0x7f8e5878ebe9 [ 801.157052][T18023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.157079][T18023] RSP: 002b:00007f8e59664038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 801.157105][T18023] RAX: ffffffffffffffda RBX: 00007f8e589b5fa0 RCX: 00007f8e5878ebe9 [ 801.157123][T18023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 801.157139][T18023] RBP: 00007f8e58811e19 R08: 0000000000000000 R09: 0000000000000000 [ 801.157155][T18023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 801.157170][T18023] R13: 00007f8e589b6038 R14: 00007f8e589b5fa0 R15: 00007ffd73a10868 [ 801.157206][T18023] [ 801.238727][T18023] kobject_uevent: unable to create netlink socket! syzkaller syzkaller login: [ 803.243737][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 803.262652][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 803.289234][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 803.328949][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 803.343835][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 803.489770][ T3487] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 803.815438][ T3487] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.031172][ T3487] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.277742][ T3487] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.797106][T18058] chnl_net:caif_netlink_parms(): no params data found [ 805.135991][ T3487] hsr0: left allmulticast mode [ 805.177043][ T3487] hsr_slave_0: left allmulticast mode [ 805.183487][ T3487] hsr_slave_1: left allmulticast mode [ 805.216495][ T3487] hsr0: left promiscuous mode [ 805.242255][ T3487] bridge0: port 3(hsr0) entered disabled state [ 805.317896][ T3487] bridge_slave_1: left allmulticast mode [ 805.325178][ T3487] bridge_slave_1: left promiscuous mode [ 805.455453][ T51] Bluetooth: hci2: command tx timeout [ 805.486385][ T3487] bridge0: port 2(bridge_slave_1) entered disabled state [ 805.672712][ T3487] bridge_slave_0: left allmulticast mode [ 805.678657][ T3487] bridge_slave_0: left promiscuous mode [ 805.687248][ T3487] bridge0: port 1(bridge_slave_0) entered disabled state [ 807.025230][ T3487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 807.079459][ T3487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 807.104463][ T3487] bond0 (unregistering): Released all slaves [ 807.252034][ T3487] HSR: left promiscuous mode [ 807.494807][ T51] Bluetooth: hci2: command tx timeout [ 807.629215][T18058] bridge0: port 1(bridge_slave_0) entered blocking state [ 807.665076][T18058] bridge0: port 1(bridge_slave_0) entered disabled state [ 807.672456][T18058] bridge_slave_0: entered allmulticast mode [ 807.683875][T18058] bridge_slave_0: entered promiscuous mode [ 807.797030][T18058] bridge0: port 2(bridge_slave_1) entered blocking state [ 807.813286][T18058] bridge0: port 2(bridge_slave_1) entered disabled state [ 807.820598][T18058] bridge_slave_1: entered allmulticast mode [ 807.846444][T18058] bridge_slave_1: entered promiscuous mode [ 808.053158][T18058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 808.292794][T18058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 808.520939][T18058] team0: Port device team_slave_0 added [ 808.534454][T18058] team0: Port device team_slave_1 added [ 808.569280][ T3487] hsr_slave_0: left promiscuous mode [ 808.589333][ T3487] hsr_slave_1: left promiscuous mode [ 808.600922][ T3487] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 808.620830][ T3487] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 808.673154][ T3487] veth1_macvtap: left promiscuous mode [ 808.691174][ T3487] veth0_macvtap: left promiscuous mode [ 808.697764][ T3487] veth1_vlan: left promiscuous mode [ 808.721614][ T3487] veth0_vlan: left promiscuous mode [ 809.561439][ T3487] team0 (unregistering): Port device team_slave_1 removed [ 809.568508][ T51] Bluetooth: hci2: command tx timeout [ 809.668634][ T3487] team0 (unregistering): Port device team_slave_0 removed [ 810.549790][T18162] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2615'. [ 810.566505][T18058] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 810.578932][T18058] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 810.612024][T18058] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 810.680131][T18162] bridge_slave_1: left allmulticast mode [ 810.686262][T18162] bridge_slave_1: left promiscuous mode [ 810.703737][T18162] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.716458][T18162] bridge_slave_0: left allmulticast mode [ 810.725121][T18162] bridge_slave_0: left promiscuous mode [ 810.731518][T18162] bridge0: port 1(bridge_slave_0) entered disabled state [ 810.843262][T18058] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 810.854872][T18058] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 810.894357][T18058] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 811.072788][T18171] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2617'. [ 811.085332][T18058] hsr_slave_0: entered promiscuous mode [ 811.092543][T18058] hsr_slave_1: entered promiscuous mode [ 811.634171][ T51] Bluetooth: hci2: command tx timeout [ 812.038232][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 812.045314][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 812.925655][T18058] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 812.958068][T18058] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 813.007447][T18058] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 813.042602][T18058] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 813.323191][T18058] 8021q: adding VLAN 0 to HW filter on device bond0 [ 813.350638][T18058] 8021q: adding VLAN 0 to HW filter on device team0 [ 813.392542][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 813.399897][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 813.475433][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 813.483037][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 814.436717][T18058] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 814.814830][T18058] veth0_vlan: entered promiscuous mode [ 814.866776][T18058] veth1_vlan: entered promiscuous mode [ 814.948651][T18058] veth0_macvtap: entered promiscuous mode [ 814.978073][T18058] veth1_macvtap: entered promiscuous mode [ 815.022293][T18058] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 815.071262][T18058] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 815.191443][T18267] [U] [ 815.221725][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 815.266922][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 815.319542][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 815.351491][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 815.526251][T14407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 815.564305][T14407] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 815.914119][ T3487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 815.925413][ T3487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 816.419947][T18292] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 816.436765][T18292] bridge0: port 3(hsr0) entered blocking state [ 816.443411][T18292] bridge0: port 3(hsr0) entered disabled state [ 816.450118][T18292] hsr0: entered allmulticast mode [ 816.456370][T18292] hsr_slave_0: entered allmulticast mode [ 816.462230][T18292] hsr_slave_1: entered allmulticast mode [ 816.473363][T18292] hsr0: entered promiscuous mode [ 816.482311][T18292] bridge0: port 3(hsr0) entered blocking state [ 816.488675][T18292] bridge0: port 3(hsr0) entered forwarding state [ 817.792220][T18320] [U] [ 818.580571][T18349] sysfs_service_op_show: Client not running :-5: [ 818.852793][T18332] ERROR: Out of memory at tomoyo_memory_ok. [ 820.750704][T18416] FAULT_INJECTION: forcing a failure. [ 820.750704][T18416] name failslab, interval 1, probability 0, space 0, times 0 [ 820.826489][T18416] CPU: 0 UID: 0 PID: 18416 Comm: syz.3.2645 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 820.826530][T18416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 820.826546][T18416] Call Trace: [ 820.826556][T18416] [ 820.826567][T18416] dump_stack_lvl+0x16c/0x1f0 [ 820.826605][T18416] should_fail_ex+0x512/0x640 [ 820.826641][T18416] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 820.826678][T18416] should_failslab+0xc2/0x120 [ 820.826710][T18416] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 820.826742][T18416] ? shmem_alloc_inode+0x25/0x50 [ 820.826780][T18416] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 820.826812][T18416] shmem_alloc_inode+0x25/0x50 [ 820.826844][T18416] alloc_inode+0x61/0x240 [ 820.826879][T18416] new_inode+0x22/0x1c0 [ 820.826910][T18416] ? trace_cap_capable+0x18d/0x200 [ 820.826939][T18416] shmem_get_inode+0x19a/0xfb0 [ 820.826976][T18416] ? __vm_enough_memory+0x184/0x3f0 [ 820.827014][T18416] __shmem_file_setup+0x279/0x330 [ 820.827043][T18416] shmem_zero_setup+0x93/0x1a0 [ 820.827076][T18416] __mmap_region+0x2081/0x27b0 [ 820.827108][T18416] ? lock_acquire+0x179/0x350 [ 820.827139][T18416] ? __pfx___mmap_region+0x10/0x10 [ 820.827179][T18416] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 820.827208][T18416] ? rcu_is_watching+0x12/0xc0 [ 820.827230][T18416] ? trace_sched_exit_tp+0xd1/0x120 [ 820.827263][T18416] ? __schedule+0x11a3/0x5de0 [ 820.827311][T18416] ? trace_cap_capable+0x18d/0x200 [ 820.827332][T18416] mmap_region+0x1ab/0x3f0 [ 820.827348][T18416] ? __get_unmapped_area+0x267/0x440 [ 820.827371][T18416] do_mmap+0xa3e/0x1210 [ 820.827402][T18416] ? __pfx_do_mmap+0x10/0x10 [ 820.827423][T18416] ? __pfx_down_write_killable+0x10/0x10 [ 820.827446][T18416] vm_mmap_pgoff+0x29e/0x470 [ 820.827471][T18416] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 820.827490][T18416] ? __do_sys_getcwd+0x4d6/0x930 [ 820.827516][T18416] ? __x64_sys_futex+0x1e0/0x4c0 [ 820.827533][T18416] ? __x64_sys_futex+0x1e9/0x4c0 [ 820.827552][T18416] ksys_mmap_pgoff+0x7d/0x5c0 [ 820.827571][T18416] ? xfd_validate_state+0x61/0x180 [ 820.827590][T18416] ? __pfx_ksys_write+0x10/0x10 [ 820.827609][T18416] __x64_sys_mmap+0x125/0x190 [ 820.827633][T18416] do_syscall_64+0xcd/0x490 [ 820.827651][T18416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.827666][T18416] RIP: 0033:0x7f745018ebe9 [ 820.827679][T18416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.827693][T18416] RSP: 002b:00007f74510b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 820.827707][T18416] RAX: ffffffffffffffda RBX: 00007f74503b5fa0 RCX: 00007f745018ebe9 [ 820.827717][T18416] RDX: 0000000000008000 RSI: 0000000002020009 RDI: 0000000000000000 [ 820.827726][T18416] RBP: 00007f7450211e19 R08: fffffffffffffffa R09: 0000000000008000 [ 820.827735][T18416] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 820.827744][T18416] R13: 00007f74503b6038 R14: 00007f74503b5fa0 R15: 00007ffcc0929048 [ 820.827763][T18416] [ 822.212049][T18453] [U] [ 822.939231][T18452] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input25 [ 823.819081][T18476] FAULT_INJECTION: forcing a failure. [ 823.819081][T18476] name fail_futex, interval 1, probability 0, space 0, times 0 [ 823.837930][T18476] CPU: 1 UID: 0 PID: 18476 Comm: syz.0.2658 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 823.837972][T18476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 823.837987][T18476] Call Trace: [ 823.837996][T18476] [ 823.838006][T18476] dump_stack_lvl+0x16c/0x1f0 [ 823.838044][T18476] should_fail_ex+0x512/0x640 [ 823.838084][T18476] get_futex_key+0x1d0/0x1560 [ 823.838128][T18476] ? __pfx_get_futex_key+0x10/0x10 [ 823.838175][T18476] futex_wake+0xea/0x530 [ 823.838206][T18476] ? rcu_is_watching+0x12/0xc0 [ 823.838231][T18476] ? __pfx_futex_wake+0x10/0x10 [ 823.838270][T18476] ? kmem_cache_free+0x2d1/0x4d0 [ 823.838298][T18476] ? fd_install+0x225/0x750 [ 823.838322][T18476] ? putname+0x154/0x1a0 [ 823.838359][T18476] do_futex+0x1e3/0x350 [ 823.838386][T18476] ? __pfx_do_futex+0x10/0x10 [ 823.838421][T18476] __x64_sys_futex+0x1e0/0x4c0 [ 823.838450][T18476] ? __x64_sys_openat+0x174/0x210 [ 823.838484][T18476] ? __pfx___x64_sys_futex+0x10/0x10 [ 823.838530][T18476] do_syscall_64+0xcd/0x490 [ 823.838563][T18476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.838589][T18476] RIP: 0033:0x7f8e5878ebe9 [ 823.838610][T18476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 823.838634][T18476] RSP: 002b:00007f8e596640e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 823.838660][T18476] RAX: ffffffffffffffda RBX: 00007f8e589b5fa8 RCX: 00007f8e5878ebe9 [ 823.838677][T18476] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8e589b5fac [ 823.838692][T18476] RBP: 00007f8e589b5fa0 R08: 00007f8e59665000 R09: 0000000000000000 [ 823.838708][T18476] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 823.838723][T18476] R13: 00007f8e589b6038 R14: 00007ffd73a10780 R15: 00007ffd73a10868 [ 823.838757][T18476] [ 825.237825][T18505] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input26 [ 828.030941][T18547] ERROR: Out of memory at tomoyo_memory_ok. [ 832.340759][T18609] FAULT_INJECTION: forcing a failure. [ 832.340759][T18609] name failslab, interval 1, probability 0, space 0, times 0 [ 832.357972][T18609] CPU: 1 UID: 0 PID: 18609 Comm: syz.2.2691 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 832.358008][T18609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 832.358023][T18609] Call Trace: [ 832.358033][T18609] [ 832.358041][T18609] dump_stack_lvl+0x16c/0x1f0 [ 832.358074][T18609] should_fail_ex+0x512/0x640 [ 832.358104][T18609] ? __kvmalloc_node_noprof+0x124/0x620 [ 832.358135][T18609] should_failslab+0xc2/0x120 [ 832.358165][T18609] __kvmalloc_node_noprof+0x137/0x620 [ 832.358190][T18609] ? get_pid_task+0xfc/0x250 [ 832.358222][T18609] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 832.358261][T18609] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 832.358290][T18609] file_tty_write.constprop.0+0x6ef/0x9b0 [ 832.358331][T18609] ? rw_verify_area+0xcf/0x6c0 [ 832.358360][T18609] vfs_write+0x7d0/0x11d0 [ 832.358389][T18609] ? __pfx_tty_write+0x10/0x10 [ 832.358422][T18609] ? __pfx_vfs_write+0x10/0x10 [ 832.358446][T18609] ? find_held_lock+0x2b/0x80 [ 832.358495][T18609] ksys_write+0x12a/0x250 [ 832.358522][T18609] ? __pfx_ksys_write+0x10/0x10 [ 832.358560][T18609] do_syscall_64+0xcd/0x490 [ 832.358592][T18609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 832.358618][T18609] RIP: 0033:0x7f26d5b8ebe9 [ 832.358638][T18609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 832.358661][T18609] RSP: 002b:00007f26d3df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 832.358685][T18609] RAX: ffffffffffffffda RBX: 00007f26d5db5fa0 RCX: 00007f26d5b8ebe9 [ 832.358703][T18609] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000002 [ 832.358717][T18609] RBP: 00007f26d3df6090 R08: 0000000000000000 R09: 0000000000000000 [ 832.358732][T18609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 832.358747][T18609] R13: 00007f26d5db6038 R14: 00007f26d5db5fa0 R15: 00007ffd97fcd8d8 [ 832.358782][T18609] [ 832.559719][ C1] vkms_vblank_simulate: vblank timer overrun [ 832.685989][T18615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2693'. [ 833.220570][T18632] Invalid ELF header magic: != ELF [ 833.877883][T18624] program syz.3.2697 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 835.374964][T18664] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2704'. [ 837.239457][ T51] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 839.255010][T18738] ubi0: attaching mtd0 [ 839.275080][T18738] ubi0 warning: ubi_attach: valid VID header but corrupted EC header at PEB 0 [ 839.288471][T18738] ubi0: scanning is finished [ 839.784007][T18738] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 842.242038][T18774] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[18774] [ 843.465889][T18823] ptrace attach of "./syz-executor exec"[18058] was attempted by "./syz-executor exec"[18823] [ 844.249935][T18833] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2743'. [ 847.659183][T18875] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[18875] [ 847.991827][ T30] audit: type=1326 audit(6050094243.713:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18897 comm="syz.2.2757" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f26d5b8ebe9 code=0x0 [ 848.497271][T18914] random: crng reseeded on system resumption [ 849.760795][T13662] Bluetooth: hci0: command 0x0406 tx timeout [ 850.977177][T18955] FAULT_INJECTION: forcing a failure. [ 850.977177][T18955] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 851.001089][T18955] CPU: 1 UID: 0 PID: 18955 Comm: syz.0.2771 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 851.001122][T18955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 851.001135][T18955] Call Trace: [ 851.001144][T18955] [ 851.001152][T18955] dump_stack_lvl+0x16c/0x1f0 [ 851.001187][T18955] should_fail_ex+0x512/0x640 [ 851.001223][T18955] _copy_from_iter+0x29f/0x16f0 [ 851.001266][T18955] ? __pfx__copy_from_iter+0x10/0x10 [ 851.001308][T18955] ? rcu_is_watching+0x12/0xc0 [ 851.001335][T18955] ? rcu_is_watching+0x12/0xc0 [ 851.001359][T18955] ? kfree+0x24f/0x4d0 [ 851.001380][T18955] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 851.001421][T18955] file_tty_write.constprop.0+0x488/0x9b0 [ 851.001463][T18955] vfs_write+0x7d0/0x11d0 [ 851.001492][T18955] ? __pfx_tty_write+0x10/0x10 [ 851.001524][T18955] ? __pfx_vfs_write+0x10/0x10 [ 851.001548][T18955] ? find_held_lock+0x2b/0x80 [ 851.001596][T18955] ksys_write+0x12a/0x250 [ 851.001623][T18955] ? __pfx_ksys_write+0x10/0x10 [ 851.001660][T18955] do_syscall_64+0xcd/0x490 [ 851.001694][T18955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 851.001719][T18955] RIP: 0033:0x7f8e5878ebe9 [ 851.001740][T18955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 851.001763][T18955] RSP: 002b:00007f8e59664038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 851.001787][T18955] RAX: ffffffffffffffda RBX: 00007f8e589b5fa0 RCX: 00007f8e5878ebe9 [ 851.001803][T18955] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000002 [ 851.001818][T18955] RBP: 00007f8e59664090 R08: 0000000000000000 R09: 0000000000000000 [ 851.001832][T18955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 851.001846][T18955] R13: 00007f8e589b6038 R14: 00007f8e589b5fa0 R15: 00007ffd73a10868 [ 851.001880][T18955] [ 852.552692][T18979] Console: switching to colour VGA+ 80x25 [ 854.573248][T18989] netlink: ct family unspecified [ 855.239392][T19019] bridge0: port 4(macvlan0) entered blocking state [ 855.246547][T19019] bridge0: port 4(macvlan0) entered disabled state [ 855.253281][T19019] macvlan0: entered allmulticast mode [ 855.266585][T19019] veth1_vlan: entered allmulticast mode [ 855.284889][T19019] macvlan0: entered promiscuous mode [ 855.291593][T19019] bridge0: port 4(macvlan0) entered blocking state [ 855.298473][T19019] bridge0: port 4(macvlan0) entered forwarding state [ 858.435288][T19068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2797'. [ 859.144804][T19088] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 860.284455][T19101] netlink: ct family unspecified [ 862.655804][T19136] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 863.064656][T19148] FAULT_INJECTION: forcing a failure. [ 863.064656][T19148] name failslab, interval 1, probability 0, space 0, times 0 [ 863.093202][T19148] CPU: 1 UID: 0 PID: 19148 Comm: syz.1.2819 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 863.093242][T19148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 863.093257][T19148] Call Trace: [ 863.093266][T19148] [ 863.093276][T19148] dump_stack_lvl+0x16c/0x1f0 [ 863.093313][T19148] should_fail_ex+0x512/0x640 [ 863.093347][T19148] ? __kvmalloc_node_noprof+0x124/0x620 [ 863.093377][T19148] should_failslab+0xc2/0x120 [ 863.093420][T19148] __kvmalloc_node_noprof+0x137/0x620 [ 863.093451][T19148] ? io_alloc_cache_init+0x33/0x170 [ 863.093496][T19148] ? io_alloc_cache_init+0x33/0x170 [ 863.093529][T19148] io_alloc_cache_init+0x33/0x170 [ 863.093567][T19148] io_uring_setup+0x5e1/0x2080 [ 863.093603][T19148] ? __pfx_io_uring_setup+0x10/0x10 [ 863.093633][T19148] ? do_futex+0x122/0x350 [ 863.093664][T19148] ? __pfx_do_futex+0x10/0x10 [ 863.093692][T19148] ? fput+0x9b/0xd0 [ 863.093725][T19148] ? __sys_sendmsg+0x18c/0x220 [ 863.093769][T19148] ? xfd_validate_state+0x61/0x180 [ 863.093812][T19148] __x64_sys_io_uring_setup+0xc2/0x170 [ 863.093844][T19148] do_syscall_64+0xcd/0x490 [ 863.093879][T19148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 863.093905][T19148] RIP: 0033:0x7f1eabd8ebe9 [ 863.093931][T19148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 863.093957][T19148] RSP: 002b:00007f1eacc19038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 863.093982][T19148] RAX: ffffffffffffffda RBX: 00007f1eabfb5fa0 RCX: 00007f1eabd8ebe9 [ 863.094000][T19148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 863.094015][T19148] RBP: 00007f1eabe11e19 R08: 0000000000000000 R09: 0000000000000000 [ 863.094030][T19148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 863.094045][T19148] R13: 00007f1eabfb6038 R14: 00007f1eabfb5fa0 R15: 00007ffdfc4ec878 [ 863.094080][T19148] [ 865.856865][T19179] ptrace attach of "./syz-executor exec"[16690] was attempted by "./syz-executor exec"[19179] [ 867.046294][T19217] ERROR: Out of memory at tomoyo_memory_ok. [ 868.721294][T19217] HfR: entered promiscuous mode [ 869.708042][T19239] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 869.718077][T19239] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 869.724743][T19239] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 869.746337][T19239] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 869.755629][T19239] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 869.778911][T19239] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 869.805632][T19239] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 869.812539][T19239] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 869.821751][T19239] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 870.947623][T19250] ptrace attach of "./syz-executor exec"[15810] was attempted by "./syz-executor exec"[19250] [ 871.091589][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 871.728724][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 871.798322][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 871.800007][T13662] Bluetooth: hci1: command 0x0c1a tx timeout [ 872.781398][T19297] [U] [ 872.919316][T19305] FAULT_INJECTION: forcing a failure. [ 872.919316][T19305] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 872.947907][T19305] CPU: 0 UID: 0 PID: 19305 Comm: syz.1.2857 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 872.947942][T19305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 872.947955][T19305] Call Trace: [ 872.947962][T19305] [ 872.947970][T19305] dump_stack_lvl+0x16c/0x1f0 [ 872.948003][T19305] should_fail_ex+0x512/0x640 [ 872.948040][T19305] _copy_to_user+0x32/0xd0 [ 872.948077][T19305] simple_read_from_buffer+0xcb/0x170 [ 872.948116][T19305] proc_fail_nth_read+0x197/0x240 [ 872.948143][T19305] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 872.948167][T19305] ? rw_verify_area+0xcf/0x6c0 [ 872.948188][T19305] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 872.948221][T19305] vfs_read+0x1e4/0xcf0 [ 872.948251][T19305] ? __pfx___mutex_lock+0x10/0x10 [ 872.948278][T19305] ? __pfx_vfs_read+0x10/0x10 [ 872.948310][T19305] ? __fget_files+0x20e/0x3c0 [ 872.948344][T19305] ksys_read+0x12a/0x250 [ 872.948369][T19305] ? __pfx_ksys_read+0x10/0x10 [ 872.948402][T19305] do_syscall_64+0xcd/0x490 [ 872.948429][T19305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.948450][T19305] RIP: 0033:0x7f1eabd8d5fc [ 872.948466][T19305] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 872.948485][T19305] RSP: 002b:00007f1eacc19030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 872.948503][T19305] RAX: ffffffffffffffda RBX: 00007f1eabfb5fa0 RCX: 00007f1eabd8d5fc [ 872.948516][T19305] RDX: 000000000000000f RSI: 00007f1eacc190a0 RDI: 000000000000000f [ 872.948528][T19305] RBP: 00007f1eacc19090 R08: 0000000000000000 R09: 0000000000000000 [ 872.948540][T19305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 872.948551][T19305] R13: 00007f1eabfb6038 R14: 00007f1eabfb5fa0 R15: 00007ffdfc4ec878 [ 872.948577][T19305] [ 872.948801][T19305] [U] [ 873.157422][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 873.164186][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 873.448320][T19295] ptrace attach of "./syz-executor exec"[18058] was attempted by "./syz-executor exec"[19295] [ 873.745253][T19323] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2861'. [ 873.800993][T13662] Bluetooth: hci0: command 0x0406 tx timeout [ 873.867221][T13662] Bluetooth: hci1: command 0x0c1a tx timeout [ 873.867230][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 874.410577][T19340] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2864'. [ 875.936416][T13662] Bluetooth: hci1: command 0x0c1a tx timeout [ 875.942676][T13662] Bluetooth: hci2: command 0x0c1a tx timeout [ 876.494397][T19379] FAULT_INJECTION: forcing a failure. [ 876.494397][T19379] name failslab, interval 1, probability 0, space 0, times 0 [ 876.567235][T19379] CPU: 1 UID: 0 PID: 19379 Comm: syz.1.2874 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 876.567272][T19379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 876.567286][T19379] Call Trace: [ 876.567295][T19379] [ 876.567304][T19379] dump_stack_lvl+0x16c/0x1f0 [ 876.567338][T19379] should_fail_ex+0x512/0x640 [ 876.567369][T19379] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 876.567398][T19379] should_failslab+0xc2/0x120 [ 876.567429][T19379] __kmalloc_cache_noprof+0x6a/0x3e0 [ 876.567454][T19379] ? vb2_vmalloc_alloc+0xf9/0x3f0 [ 876.567483][T19379] vb2_vmalloc_alloc+0xf9/0x3f0 [ 876.567507][T19379] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 876.567531][T19379] __vb2_queue_alloc+0x8c6/0x1280 [ 876.567584][T19379] vb2_core_reqbufs+0xa90/0xfe0 [ 876.567626][T19379] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 876.567681][T19379] __vb2_init_fileio+0x3f1/0x1100 [ 876.567703][T19379] ? __mutex_lock+0x1c4/0x10b0 [ 876.567743][T19379] __vb2_perform_fileio+0x9c2/0x1660 [ 876.567776][T19379] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 876.567800][T19379] ? get_pid_task+0xfc/0x250 [ 876.567839][T19379] vb2_fop_read+0x215/0x3e0 [ 876.567869][T19379] ? common_file_perm+0x1a9/0x340 [ 876.567903][T19379] v4l2_read+0x226/0x360 [ 876.567929][T19379] ? __pfx_v4l2_read+0x10/0x10 [ 876.567956][T19379] vfs_read+0x1e4/0xcf0 [ 876.567991][T19379] ? __pfx_vfs_read+0x10/0x10 [ 876.568014][T19379] ? find_held_lock+0x2b/0x80 [ 876.568039][T19379] ? __fget_files+0x204/0x3c0 [ 876.568070][T19379] ? __fget_files+0x20e/0x3c0 [ 876.568104][T19379] ksys_read+0x12a/0x250 [ 876.568130][T19379] ? __pfx_ksys_read+0x10/0x10 [ 876.568174][T19379] do_syscall_64+0xcd/0x490 [ 876.568206][T19379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 876.568230][T19379] RIP: 0033:0x7f1eabd8ebe9 [ 876.568249][T19379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 876.568272][T19379] RSP: 002b:00007f1eacc19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 876.568296][T19379] RAX: ffffffffffffffda RBX: 00007f1eabfb5fa0 RCX: 00007f1eabd8ebe9 [ 876.568312][T19379] RDX: 00000000000000c2 RSI: 0000200000000000 RDI: 0000000000000004 [ 876.568327][T19379] RBP: 00007f1eacc19090 R08: 0000000000000000 R09: 0000000000000000 [ 876.568341][T19379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 876.568355][T19379] R13: 00007f1eabfb6038 R14: 00007f1eabfb5fa0 R15: 00007ffdfc4ec878 [ 876.568388][T19379] [ 877.195118][ T30] audit: type=1800 audit(6050094273.065:16): pid=19389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2876" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 877.860198][T19409] FAULT_INJECTION: forcing a failure. [ 877.860198][T19409] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 877.913695][T19409] CPU: 1 UID: 0 PID: 19409 Comm: syz.2.2881 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 877.913727][T19409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 877.913741][T19409] Call Trace: [ 877.913750][T19409] [ 877.913760][T19409] dump_stack_lvl+0x16c/0x1f0 [ 877.913793][T19409] should_fail_ex+0x512/0x640 [ 877.913829][T19409] _copy_from_user+0x2e/0xd0 [ 877.913865][T19409] copy_msghdr_from_user+0x98/0x160 [ 877.913896][T19409] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 877.913941][T19409] ___sys_sendmsg+0xfe/0x1d0 [ 877.913963][T19409] ? __pfx____sys_sendmsg+0x10/0x10 [ 877.913996][T19409] ? __mutex_unlock_slowpath+0x140/0x800 [ 877.914020][T19409] __sys_sendmsg+0x16d/0x220 [ 877.914037][T19409] ? __pfx___sys_sendmsg+0x10/0x10 [ 877.914066][T19409] do_syscall_64+0xcd/0x490 [ 877.914085][T19409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 877.914107][T19409] RIP: 0033:0x7f26d5b8ebe9 [ 877.914119][T19409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 877.914133][T19409] RSP: 002b:00007f26d3df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 877.914148][T19409] RAX: ffffffffffffffda RBX: 00007f26d5db5fa0 RCX: 00007f26d5b8ebe9 [ 877.914157][T19409] RDX: 000000002004c840 RSI: 0000200000000100 RDI: 0000000000000003 [ 877.914166][T19409] RBP: 00007f26d3df6090 R08: 0000000000000000 R09: 0000000000000000 [ 877.914174][T19409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 877.914183][T19409] R13: 00007f26d5db6038 R14: 00007f26d5db5fa0 R15: 00007ffd97fcd8d8 [ 877.914200][T19409] [ 878.731169][T19420] ubi0: attaching mtd0 [ 878.911837][T19420] ubi0 warning: ubi_attach: valid VID header but corrupted EC header at PEB 0 [ 878.972385][T19420] ubi0: scanning is finished [ 879.245765][T19420] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 879.255830][T19420] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 879.265985][T19420] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 879.286382][T19420] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 879.321179][T19420] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 879.328067][T19420] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 879.404766][T19420] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1356219073 [ 879.431594][T19420] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 879.480122][T19425] ubi0: background thread "ubi_bgt0d" started, PID 19425 [ 879.551142][T19425] ubi0: scrubbed PEB 0 (LEB 2147479551:0), data moved to PEB 31 [ 881.055598][T19440] ptrace attach of "./syz-executor exec"[15810] was attempted by "./syz-executor exec"[19440] [ 881.214305][T19449] random: crng reseeded on system resumption [ 884.493222][T19512] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 884.855956][T19519] sysfs_service_op_show: Client not running :-5: [ 884.911502][T19513] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 885.200451][T19512] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] SMP KASAN PTI [ 885.212558][T19512] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [ 885.221319][T19512] CPU: 1 UID: 0 PID: 19512 Comm: syz.3.2907 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 885.240070][T19512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 885.250314][T19512] RIP: 0010:kasan_byte_accessible+0x15/0x30 [ 885.256355][T19512] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 [ 885.276274][T19512] RSP: 0018:ffffc9000bc771b8 EFLAGS: 00010286 [ 885.282437][T19512] RAX: dffffc0000000000 RBX: 0000000000000018 RCX: 0000000000000000 [ 885.290762][T19512] RDX: 0000000000000000 RSI: ffffffff8b92e32e RDI: dffffc0000000003 [ 885.299280][T19512] RBP: 0000000000000018 R08: 0000000000000001 R09: 0000000000000000 [ 885.307279][T19512] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8b92e32e [ 885.315540][T19512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 885.323722][T19512] FS: 00007f745108f6c0(0000) GS:ffff8881247c6000(0000) knlGS:0000000000000000 [ 885.332944][T19512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 885.339811][T19512] CR2: 00007f1eacc19d58 CR3: 000000005b95a000 CR4: 00000000003526f0 [ 885.347886][T19512] Call Trace: [ 885.351616][T19512] [ 885.354728][T19512] __kasan_check_byte+0x13/0x50 [ 885.359710][T19512] lock_acquire+0xfc/0x350 [ 885.364168][T19512] _raw_spin_lock+0x2e/0x40 [ 885.369202][T19512] ? __pte_offset_map_lock+0x10f/0x310 [ 885.374950][T19512] __pte_offset_map_lock+0x10f/0x310 [ 885.380355][T19512] ? __pfx___pte_offset_map_lock+0x10/0x10 [ 885.386237][T19512] unmap_page_range+0xacf/0x42c0 [ 885.391186][T19512] ? find_held_lock+0x2b/0x80 [ 885.395917][T19512] ? __pfx_unmap_page_range+0x10/0x10 [ 885.401622][T19512] unmap_single_vma.constprop.0+0x153/0x240 [ 885.407645][T19512] unmap_vmas+0x218/0x470 [ 885.411990][T19512] ? __pfx_unmap_vmas+0x10/0x10 [ 885.416868][T19512] ? mas_prev_range+0x9b/0xf0 [ 885.421578][T19512] ? __pfx_mas_prev_range+0x10/0x10 [ 885.426807][T19512] vms_clear_ptes+0x41f/0x770 [ 885.431498][T19512] ? __pfx_vms_clear_ptes+0x10/0x10 [ 885.436895][T19512] ? may_expand_vm+0xe8/0x430 [ 885.441584][T19512] __mmap_region+0x5e1/0x27b0 [ 885.446482][T19512] ? __pfx___mmap_region+0x10/0x10 [ 885.451724][T19512] ? lock_acquire+0x179/0x350 [ 885.456950][T19512] ? mark_held_locks+0x49/0x80 [ 885.462002][T19512] ? finish_task_switch.isra.0+0x221/0xc10 [ 885.467941][T19512] ? lockdep_hardirqs_on+0x7c/0x110 [ 885.473510][T19512] ? finish_task_switch.isra.0+0x221/0xc10 [ 885.479440][T19512] ? rcu_is_watching+0x12/0xc0 [ 885.484457][T19512] ? trace_sched_exit_tp+0xd1/0x120 [ 885.489690][T19512] ? __schedule+0x11a3/0x5de0 [ 885.494385][T19512] ? trace_cap_capable+0x18d/0x200 [ 885.499625][T19512] mmap_region+0x1ab/0x3f0 [ 885.504127][T19512] ? __get_unmapped_area+0x267/0x440 [ 885.509950][T19512] do_mmap+0xa3e/0x1210 [ 885.514204][T19512] ? __pfx_do_mmap+0x10/0x10 [ 885.518797][T19512] ? __pfx_down_write_killable+0x10/0x10 [ 885.524449][T19512] vm_mmap_pgoff+0x29e/0x470 [ 885.529223][T19512] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 885.534538][T19512] ? __x64_sys_futex+0x1e0/0x4c0 [ 885.539582][T19512] ? __x64_sys_futex+0x1e9/0x4c0 [ 885.544535][T19512] ksys_mmap_pgoff+0x7d/0x5c0 [ 885.549235][T19512] ? xfd_validate_state+0x61/0x180 [ 885.554609][T19512] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 885.560784][T19512] __x64_sys_mmap+0x125/0x190 [ 885.565756][T19512] do_syscall_64+0xcd/0x490 [ 885.570361][T19512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 885.576693][T19512] RIP: 0033:0x7f745018ebe9 [ 885.581115][T19512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 885.601111][T19512] RSP: 002b:00007f745108f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 885.609727][T19512] RAX: ffffffffffffffda RBX: 00007f74503b6090 RCX: 00007f745018ebe9 [ 885.617826][T19512] RDX: 00000000000000df RSI: 0000000004020009 RDI: 0000000000000000 [ 885.625807][T19512] RBP: 00007f7450211e19 R08: 0000000000000401 R09: 0000000000000000 [ 885.633877][T19512] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 885.641866][T19512] R13: 00007f74503b6128 R14: 00007f74503b6090 R15: 00007ffcc0929048 [ 885.650286][T19512] [ 885.653302][T19512] Modules linked in: [ 885.657894][T19512] ---[ end trace 0000000000000000 ]--- [ 885.663374][T19512] RIP: 0010:kasan_byte_accessible+0x15/0x30 [ 885.670168][T19512] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 [ 885.690454][T19512] RSP: 0018:ffffc9000bc771b8 EFLAGS: 00010286 [ 885.696757][T19512] RAX: dffffc0000000000 RBX: 0000000000000018 RCX: 0000000000000000 [ 885.705187][T19512] RDX: 0000000000000000 RSI: ffffffff8b92e32e RDI: dffffc0000000003 [ 885.713289][T19512] RBP: 0000000000000018 R08: 0000000000000001 R09: 0000000000000000 [ 885.721384][T19512] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8b92e32e [ 885.729677][T19512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 885.737828][T19512] FS: 00007f745108f6c0(0000) GS:ffff8881247c6000(0000) knlGS:0000000000000000 [ 885.746889][T19512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 885.753484][T19512] CR2: 00007f1eacc19d58 CR3: 000000005b95a000 CR4: 00000000003526f0 [ 885.761542][T19512] Kernel panic - not syncing: Fatal exception [ 885.768227][T19512] Kernel Offset: disabled [ 885.772655][T19512] Rebooting in 86400 seconds..