last executing test programs: 9.491081445s ago: executing program 1 (id=7189): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000280)="352c8efa618c0bcf83", 0x9) mmap$auto(0x0, 0x6, 0x2, 0x40eb4, r1, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) io_uring_setup$auto(0x1, 0x0) getpid() r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x48080, 0x0) fcntl$auto(0x3, 0x4, 0xa553) sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000165c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 8.118376616s ago: executing program 3 (id=7193): socket(0x2, 0x5, 0x0) sendto$auto(0x3, 0x0, 0xe70, 0x3, &(0x7f0000000200), 0xfffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x7fffffffffffffff, 0x4, 0x0, 0x5, 0xe) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x8502, 0x0) write$auto(r2, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) read$auto_clk_dump_fops_(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) getpeername$auto(r0, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff}, &(0x7f00000000c0)=0x4) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/v4l-subdev0\x00', 0x200000, 0x0) madvise$auto(0x0, 0xf663, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r4, &(0x7f0000000200)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="94000000", @ANYRES16], 0x94}}, 0x40080) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) ioctl$auto_FIFREEZE(r3, 0xc0045878, 0xfff) 7.400710341s ago: executing program 1 (id=7195): r0 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x80800, 0x0) r1 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) read$auto_ptdump_curusr_fops_(r1, &(0x7f0000000040)=""/15, 0xf) shmctl$auto_SHM_STAT_ANY(0xc, 0xf, &(0x7f0000000340)={{0x4, 0xee01, 0xee01, 0x80, 0x80, 0xfffffff8, 0x7fff}, 0x6, 0x6, 0x9, 0xcd, @raw=0x1000, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000140), &(0x7f00000001c0)="87206c8b1b7fb37ea771ea589f1cc62e50c829c4f476b9a871da5fa138fc6a8e9d3abf7923207febe7156f057d500ce28e1d6e85afd5dda59cc211366f02e34e48cb0cc453875ba6170dcf5fac74747d7abd0c42e078a66dc862672efa45dc431117ee473f0585befeab640e2f4a7db1"}) fstat$auto(r0, &(0x7f0000000440)={0x2, 0x7, 0xffffffffffff2073, 0x4, 0xee01, r2, 0x0, 0x401, 0x2, 0x10000, 0x5a5b, 0x10000, 0x1, 0x5, 0x6, 0x800, 0xffffffff}) socket(0xa, 0x6, 0x3f) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) r3 = clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x100000009) connect$auto(r0, 0x0, 0x58) r4 = prctl$auto(0x3e, 0x10000, r3, 0xe, 0x5) mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, 0x0) ioctl$auto(0x3, 0xc0303e03, r5) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, 0x0, 0x0) open_tree$auto(r4, &(0x7f0000000080)='./file0\x00', 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) set_mempolicy$auto(0x5, &(0x7f0000000280)=0xfffffffffffffffb, 0x3) 7.029147187s ago: executing program 3 (id=7198): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5ee) readahead$auto(r1, 0x4, 0x4) sysfs$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(r0, &(0x7f00000001c0)={{0x0, 0x5, &(0x7f0000000300)={0x0, 0x8101}, 0x400000000000000, 0x0, 0x5, 0x7ffffffe}}, 0x3, 0x948, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) mprotect$auto(0x0, 0xe6a, 0x6) mmap$auto(0xffffffffffffffff, 0x20009, 0x20004000000000e0, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto(r4, 0x80dc5521, r3) semctl$auto_GETNCNT(0x0, 0x7f, 0xe, 0xa8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x3, 0x3, 0xfffff151) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@raw=0x3, 0x100110d, 0xffff, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa00000000e1800000000000000000040000660e070100", @raw=0x8}, 0x6, 0x0, 0x4, @inferred, @integer64={0x6, 0x4, 0x6}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) mmap$auto(0x800000000000001, 0x8020006, 0x4000000002df, 0xeb1, r3, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r2) 5.956733305s ago: executing program 3 (id=7202): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5ee) readahead$auto(r1, 0x4, 0x4) sysfs$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(r0, &(0x7f00000001c0)={{0x0, 0x5, &(0x7f0000000300)={0x0, 0x8101}, 0x400000000000000, 0x0, 0x5, 0x7ffffffe}}, 0x3, 0x948, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c00038005000180030000000400028008"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) mprotect$auto(0x0, 0xe6a, 0x6) mmap$auto(0xffffffffffffffff, 0x20009, 0x20004000000000e0, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto(r5, 0x80dc5521, r4) semctl$auto_GETNCNT(0x0, 0x7f, 0xe, 0xa8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x3, 0x3, 0xfffff151) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@raw=0x3, 0x100110d, 0xffff, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa00000000e1800000000000000000040000660e070100", @raw=0x8}, 0x6, 0x0, 0x4, @inferred, @integer64={0x6, 0x4, 0x6}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) mmap$auto(0x800000000000001, 0x8020006, 0x4000000002df, 0xeb1, r4, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r2) 5.906237952s ago: executing program 0 (id=7203): r0 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x80800, 0x0) r1 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) read$auto_ptdump_curusr_fops_(r1, &(0x7f0000000040)=""/15, 0xf) shmctl$auto_SHM_STAT_ANY(0xc, 0xf, &(0x7f0000000340)={{0x4, 0xee01, 0xee01, 0x80, 0x80, 0xfffffff8, 0x7fff}, 0x6, 0x6, 0x9, 0xcd, @raw=0x1000, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000140), &(0x7f00000001c0)="87206c8b1b7fb37ea771ea589f1cc62e50c829c4f476b9a871da5fa138fc6a8e9d3abf7923207febe7156f057d500ce28e1d6e85afd5dda59cc211366f02e34e48cb0cc453875ba6170dcf5fac74747d7abd0c42e078a66dc862672efa45dc431117ee473f0585befeab640e2f4a7db1"}) fstat$auto(r0, &(0x7f0000000440)={0x2, 0x7, 0xffffffffffff2073, 0x4, 0xee01, r2, 0x0, 0x401, 0x2, 0x10000, 0x5a5b, 0x10000, 0x1, 0x5, 0x6, 0x800, 0xffffffff}) socket(0xa, 0x6, 0x3f) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) r3 = clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x100000009) connect$auto(r0, 0x0, 0x58) prctl$auto(0x3e, 0x10000, r3, 0xe, 0x5) mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, 0x0) ioctl$auto(0x3, 0xc0303e03, r4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40200, 0x0) 5.28295907s ago: executing program 2 (id=7204): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040840}, 0x94) mmap$auto(0x0, 0x20009, 0xfffffffffffffffb, 0xeb1, 0x401, 0x40000000008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/mem\x00', 0x1950c1, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='('], 0x28}}, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x42, 0x20) r1 = open_tree$auto(r0, 0x0, 0x1001) statx$auto(r1, 0x0, 0x4001000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) 5.176483082s ago: executing program 2 (id=7205): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) socket(0x15, 0x5, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x2, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xc02, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x2, 0x0) (fail_nth: 8) 4.599510287s ago: executing program 2 (id=7206): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop12\x00', 0x8200, 0x0) fadvise64$auto(r0, 0x4a, 0x400000000000006, 0x5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0x0, 0x0) r1 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x0) execveat$auto(r1, 0x0, 0x0, 0x0, 0x11000) ioctl$auto_SNDCTL_DSP_GETIPTR(r1, 0x800c5011, &(0x7f0000000100)="d6ed362b75b48a09425a5a0ed8625279f9d075372dd32fa8ca2a1b7689552703be0272fd6efce39000da1cf23142ac36f3da62496cf3a0112557976d94c1dfb0ac3013dc3ba3cd6eeaf655335de6881902070410c866c73ff82ebda106") mmap$auto(0xfffffffffffffffd, 0xc37, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = io_uring_setup$auto(0x8, 0x0) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_CLAIM_PORT(r3, 0x80045518, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000280)) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) socket(0x10, 0x2, 0xf) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40000421}, 0x4044011) acct$auto(&(0x7f0000000040)='/dev/mtd0\x00') mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendfile$auto(r2, 0xffffffffffffffff, 0x0, 0x5) r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0xc00, 0x0) ioctl$auto_EVIOCSMASK(r5, 0x40104593, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.378052215s ago: executing program 3 (id=7207): socket(0x2, 0x5, 0x0) sendto$auto(0x3, 0x0, 0xe70, 0x3, &(0x7f0000000200), 0xfffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x7fffffffffffffff, 0x4, 0x0, 0x5, 0xe) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x8502, 0x0) write$auto(r2, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) read$auto_clk_dump_fops_(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) getpeername$auto(r0, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff}, &(0x7f00000000c0)=0x4) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/v4l-subdev0\x00', 0x200000, 0x0) madvise$auto(0x0, 0xf663, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r4, &(0x7f0000000200)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="94000000", @ANYRES16], 0x94}}, 0x40080) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) ioctl$auto_FIFREEZE(r3, 0xc0045878, 0xfff) 4.147908456s ago: executing program 1 (id=7208): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop12\x00', 0x8200, 0x0) fadvise64$auto(r0, 0x4a, 0x400000000000006, 0x5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0x0, 0x0) r1 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x0) execveat$auto(r1, 0x0, 0x0, 0x0, 0x11000) ioctl$auto_SNDCTL_DSP_GETIPTR(r1, 0x800c5011, &(0x7f0000000100)="d6ed362b75b48a09425a5a0ed8625279f9d075372dd32fa8ca2a1b7689552703be0272fd6efce39000da1cf23142ac36f3da62496cf3a0112557976d94c1dfb0ac3013dc3ba3cd6eeaf655335de6881902070410c866c73ff82ebda106") mmap$auto(0xfffffffffffffffd, 0xc37, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = io_uring_setup$auto(0x8, 0x0) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_CLAIM_PORT(r3, 0x80045518, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto_TIOCSTI2(r4, 0x5412, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) socket(0x10, 0x2, 0xf) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40000421}, 0x4044011) acct$auto(&(0x7f0000000040)='/dev/mtd0\x00') mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendfile$auto(r2, 0xffffffffffffffff, 0x0, 0x5) r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0xc00, 0x0) ioctl$auto_EVIOCSMASK(r5, 0x40104593, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.842588776s ago: executing program 2 (id=7209): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0xfffffffe, 0x10000000000002a, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f2568353"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) socket(0x2a, 0x800, 0x2d2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose13/dev_port\x00', 0x8c00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/134, 0x86) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) sendmsg$auto_NL80211_CMD_VENDOR(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) 3.578882172s ago: executing program 3 (id=7210): socket(0x2, 0x5, 0x0) sendto$auto(0x3, 0x0, 0xe70, 0x3, &(0x7f0000000200), 0xfffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x7fffffffffffffff, 0x4, 0x0, 0x5, 0xe) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x8502, 0x0) write$auto(r2, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) read$auto_clk_dump_fops_(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) getpeername$auto(r0, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff}, &(0x7f00000000c0)=0x4) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/v4l-subdev0\x00', 0x200000, 0x0) madvise$auto(0x0, 0xf663, 0x15) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000200)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="94000000", @ANYRES16], 0x94}}, 0x40080) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x100000009, 0x7) 3.231195829s ago: executing program 1 (id=7211): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5ee) readahead$auto(r1, 0x4, 0x4) sysfs$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(r0, &(0x7f00000001c0)={{0x0, 0x5, &(0x7f0000000300)={0x0, 0x8101}, 0x400000000000000, 0x0, 0x5, 0x7ffffffe}}, 0x3, 0x948, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) mprotect$auto(0x0, 0xe6a, 0x6) mmap$auto(0xffffffffffffffff, 0x20009, 0x20004000000000e0, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto(r4, 0x80dc5521, r3) semctl$auto_GETNCNT(0x0, 0x7f, 0xe, 0xa8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x3, 0x3, 0xfffff151) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@raw=0x3, 0x100110d, 0xffff, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa00000000e1800000000000000000040000660e070100", @raw=0x8}, 0x6, 0x0, 0x4, @inferred, @integer64={0x6, 0x4, 0x6}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) mmap$auto(0x800000000000001, 0x8020006, 0x4000000002df, 0xeb1, r3, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r2) 3.125719827s ago: executing program 0 (id=7212): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x5, 0x5, 0x10004) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001800), 0x101101, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x159240, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) sendfile$auto(r4, r4, 0x0, 0x7) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) r5 = ioctl$auto_TUNSETVNETLE2(r3, 0x400454dc, &(0x7f00000000c0)=0xfffffffd) open(&(0x7f0000000140)='./file0\x00', 0x161342, 0x100) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfdef) lseek$auto(0x3, 0x2, 0x4) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r5, 0x7a4, 0x0) ioctl$auto_IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, 0x0) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0xc0781, 0x0) openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r6, 0x0, 0x0) 2.861318655s ago: executing program 0 (id=7213): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040840}, 0x94) mmap$auto(0x0, 0x20009, 0xfffffffffffffffb, 0xeb1, 0x401, 0x40000000008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/mem\x00', 0x1950c1, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x42, 0x20) r1 = open_tree$auto(r0, 0x0, 0x1001) statx$auto(r1, 0x0, 0x4001000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) 2.713374843s ago: executing program 0 (id=7214): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x8, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) r1 = socket(0xa, 0x1, 0x84) setsockopt$auto(r1, 0x0, 0x40, 0x0, 0x10000) ioctl$auto_VHOST_SET_VRING_KICK2(0xffffffffffffffff, 0x4008af20, &(0x7f0000000080)={0x0, r0}) ioctl$auto_SOUND_PCM_READ_FILTER(r2, 0x80045007, &(0x7f0000000280)="052b2a97d457129f11040fed0f2c08880c9599248710651a9b22e6ebbf9fc754f9c457b0dc1a93ec23417c6641215e07fe4de5761edad2cc2cada2e8a38e35cc70821807125db8ebfcd4d7589fe242744382d12411efa85dacdc6922a96038656e1d937091b7634eec91690e526ff02ff0160ba13638e51eb3baee0138cd88c3ef0f95fed2ab262310669a3a0f1b63888fc815a6ab203e92702843a4800bc0e68ac33528c558291c9b188587f6764d1a325f035d666911f8902e69ce37d6951c27b9fbc8c2d7d628fb9617979543ae720266fddfe684a1004675ed82b0f3f0e66b4665e6b941ea32f757daf17a8df537ee38dec4") 2.627380024s ago: executing program 2 (id=7215): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x2b202, 0x0) mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r0, 0x0) clone$auto(0x8000, 0xad5, 0x0, 0x0, 0x20200) 2.421698696s ago: executing program 1 (id=7216): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5ee) readahead$auto(r1, 0x4, 0x4) sysfs$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(r0, &(0x7f00000001c0)={{0x0, 0x5, &(0x7f0000000300)={0x0, 0x8101}, 0x400000000000000, 0x0, 0x5, 0x7ffffffe}}, 0x3, 0x948, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c00038005000180030000000400028008"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) mprotect$auto(0x0, 0xe6a, 0x6) mmap$auto(0xffffffffffffffff, 0x20009, 0x20004000000000e0, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto(r5, 0x80dc5521, r4) semctl$auto_GETNCNT(0x0, 0x7f, 0xe, 0xa8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x3, 0x3, 0xfffff151) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@raw=0x3, 0x100110d, 0xffff, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa00000000e1800000000000000000040000660e070100", @raw=0x8}, 0x6, 0x0, 0x4, @inferred, @integer64={0x6, 0x4, 0x6}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) mmap$auto(0x800000000000001, 0x8020006, 0x4000000002df, 0xeb1, r4, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r2) 2.359348563s ago: executing program 2 (id=7217): mmap$auto(0x0, 0x2000b, 0x4, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) socket(0x28, 0x5, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/packet\x00', 0x400, 0x0) pread64$auto(r0, 0x0, 0x1ff, 0x8800000000) socketpair$auto(0x1e, 0x1, 0x0, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0xa200, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(r1, 0x8910, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/execdomains\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000040)=""/36, 0x24) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/rdma_readwrite_threshold\x00', 0x48041, 0x0) write$auto(r3, 0x0, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) msync$auto(0x1ffff000, 0x0, 0x400000004) memfd_create$auto(0x0, 0xe) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001180)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xfdf3) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) 2.30533791s ago: executing program 3 (id=7218): r0 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x80800, 0x0) r1 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) read$auto_ptdump_curusr_fops_(r1, &(0x7f0000000040)=""/15, 0xf) shmctl$auto_SHM_STAT_ANY(0xc, 0xf, &(0x7f0000000340)={{0x4, 0xee01, 0xee01, 0x80, 0x80, 0xfffffff8, 0x7fff}, 0x6, 0x6, 0x9, 0xcd, @raw=0x1000, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000140), &(0x7f00000001c0)="87206c8b1b7fb37ea771ea589f1cc62e50c829c4f476b9a871da5fa138fc6a8e9d3abf7923207febe7156f057d500ce28e1d6e85afd5dda59cc211366f02e34e48cb0cc453875ba6170dcf5fac74747d7abd0c42e078a66dc862672efa45dc431117ee473f0585befeab640e2f4a7db1"}) fstat$auto(r0, &(0x7f0000000440)={0x2, 0x7, 0xffffffffffff2073, 0x4, 0xee01, r2, 0x0, 0x401, 0x2, 0x10000, 0x5a5b, 0x10000, 0x1, 0x5, 0x6, 0x800, 0xffffffff}) socket(0xa, 0x6, 0x3f) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) r3 = clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x100000009) connect$auto(r0, 0x0, 0x58) prctl$auto(0x3e, 0x10000, r3, 0xe, 0x5) mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40200, 0x0) 1.708196018s ago: executing program 1 (id=7219): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0xfffffffe, 0x10000000000002a, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f2568353"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) socket(0x2a, 0x800, 0x2d2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose13/dev_port\x00', 0x8c00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/134, 0x86) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) sendmsg$auto_NL80211_CMD_VENDOR(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) 1.660622919s ago: executing program 0 (id=7220): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0xfffffffe, 0x10000000000002a, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b165498937eb7396525f9be44e1d5455f2fb0e9b0d79a2b05104239ddb65afabac40f2568353"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) socket(0x2a, 0x800, 0x2d2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose13/dev_port\x00', 0x8c00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/134, 0x86) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) sendmsg$auto_NL80211_CMD_VENDOR(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) 0s ago: executing program 0 (id=7222): mmap$auto(0x80000000, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffc00) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={&(0x7f0000000780)="4c1200030000000000a3677337f9ecba075f6bba441b1011", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x1}, 0x1a000, 0x100) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x28800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r1, 0x0, 0x20008000) ioctl$auto_USB_RAW_IOCTL_INIT(r1, 0x41015500, &(0x7f0000000300)={"a76c89da35292932e24224484f2271d2dd7179185cecc180861e3f02b70ae2fa336848a0c202887f2b3b2dc2c0528d32b6fe7cbddb3cdc6940c823e570116457a5f0ae5eee34e9a432f11ebe8f4799aee50dcc9a4671c2520c3c6cfd7fbd66c3c88ec943d3917c3f58caf2ba4ef591dba761771b44f18f98abe0940e8d24bd58", "b81950d1b2d3a8fbb686c7cb5abd734b791473d31101bef07d1729397b2c8895daf66ede38021e42c9b266832e30a080d433c413fb6e8c3512e17f654cedc2a8d57a3b7cac766a6694ee01bc01fcebf67911106c649703f5562a648c82daebd61fdc3524fea30f3f18908c005dd8cf03ad3c428cac94e249e32ac2ae761fdaaf", 0x6}) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r2, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x11, 0x3, 0x9) capset$auto(0x0, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000200) unshare$auto(0x40000080) kernel console output (not intermixed with test programs): 85][ T1768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2201.820498][ T1768] Call Trace: [ 2201.820507][ T1768] [ 2201.820517][ T1768] dump_stack_lvl+0x16c/0x1f0 [ 2201.820557][ T1768] should_fail_ex+0x512/0x640 [ 2201.820591][ T1768] ? fs_reclaim_acquire+0xae/0x150 [ 2201.820621][ T1768] ? tomoyo_encode2+0x100/0x3e0 [ 2201.820650][ T1768] should_failslab+0xc2/0x120 [ 2201.820675][ T1768] __kmalloc_noprof+0xd2/0x510 [ 2201.820709][ T1768] ? d_absolute_path+0x136/0x1a0 [ 2201.820741][ T1768] tomoyo_encode2+0x100/0x3e0 [ 2201.820784][ T1768] tomoyo_encode+0x29/0x50 [ 2201.820813][ T1768] tomoyo_realpath_from_path+0x18f/0x6e0 [ 2201.820852][ T1768] tomoyo_path_number_perm+0x245/0x580 [ 2201.820876][ T1768] ? tomoyo_path_number_perm+0x237/0x580 [ 2201.820906][ T1768] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2201.820932][ T1768] ? find_held_lock+0x2b/0x80 [ 2201.820985][ T1768] ? find_held_lock+0x2b/0x80 [ 2201.821005][ T1768] ? hook_file_ioctl_common+0x145/0x410 [ 2201.821042][ T1768] ? __fget_files+0x20e/0x3c0 [ 2201.821077][ T1768] security_file_ioctl+0x9b/0x240 [ 2201.821106][ T1768] __x64_sys_ioctl+0xb7/0x210 [ 2201.821136][ T1768] do_syscall_64+0xcd/0x490 [ 2201.821173][ T1768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2201.821195][ T1768] RIP: 0033:0x7fc7eaf8e929 [ 2201.821213][ T1768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2201.821235][ T1768] RSP: 002b:00007fc7ebdae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2201.821257][ T1768] RAX: ffffffffffffffda RBX: 00007fc7eb1b6240 RCX: 00007fc7eaf8e929 [ 2201.821273][ T1768] RDX: 0000200000000540 RSI: 00000000c0481273 RDI: 0000000000000002 [ 2201.821287][ T1768] RBP: 00007fc7ebdae090 R08: 0000000000000000 R09: 0000000000000000 [ 2201.821301][ T1768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2201.821314][ T1768] R13: 0000000000000000 R14: 00007fc7eb1b6240 R15: 00007ffc6449fa38 [ 2201.821348][ T1768] [ 2202.045222][ T1768] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2207.110360][ T1831] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5933'. [ 2207.235225][ T1829] ptrace attach of "./syz-executor exec"[1833] was attempted by "./syz-executor exec"[1829] [ 2208.086360][ T1848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5935'. [ 2209.945421][ T1876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5943'. [ 2210.262458][ T1882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5944'. [ 2213.960004][ T1941] ptrace attach of "./syz-executor exec"[1944] was attempted by "./syz-executor exec"[1941] [ 2217.451570][ T1986] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5964'. [ 2217.519156][ T1986] hub 8-0:1.0: USB hub found [ 2217.540704][ T1986] hub 8-0:1.0: 1 port detected [ 2221.657212][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2221.657279][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2225.006738][ T2110] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5990'. [ 2227.997612][ T2155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6000'. [ 2231.134842][ T2206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6011'. [ 2240.301969][ T2352] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6038'. [ 2243.695549][ T2415] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6050'. [ 2244.880042][ T2445] netlink: 330 bytes leftover after parsing attributes in process `syz.0.6057'. [ 2245.733965][ T2457] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6060'. [ 2247.276305][ T2488] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6066'. [ 2247.578509][ T2497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6068'. [ 2252.166722][ T2580] ptrace attach of "./syz-executor exec"[2581] was attempted by "./syz-executor exec"[2580] [ 2252.249895][ T2583] ptrace attach of "./syz-executor exec"[2584] was attempted by "./syz-executor exec"[2583] [ 2252.581168][ T2591] ptrace attach of "./syz-executor exec"[2594] was attempted by "./syz-executor exec"[2591] [ 2253.425475][ T2590] FAULT_INJECTION: forcing a failure. [ 2253.425475][ T2590] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.491329][ T2590] CPU: 0 UID: 0 PID: 2590 Comm: syz.3.6084 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2253.491354][ T2590] Tainted: [U]=USER [ 2253.491359][ T2590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2253.491368][ T2590] Call Trace: [ 2253.491374][ T2590] [ 2253.491380][ T2590] dump_stack_lvl+0x16c/0x1f0 [ 2253.491408][ T2590] should_fail_ex+0x512/0x640 [ 2253.491428][ T2590] ? fs_reclaim_acquire+0xae/0x150 [ 2253.491447][ T2590] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2253.491466][ T2590] should_failslab+0xc2/0x120 [ 2253.491480][ T2590] __kmalloc_noprof+0xd2/0x510 [ 2253.491505][ T2590] tomoyo_realpath_from_path+0xc2/0x6e0 [ 2253.491530][ T2590] tomoyo_get_exe+0x63/0xa0 [ 2253.491544][ T2590] tomoyo_write_control+0x689/0x1430 [ 2253.491580][ T2590] ? __pfx_tomoyo_write_control+0x10/0x10 [ 2253.491607][ T2590] ? __pfx_tomoyo_write+0x10/0x10 [ 2253.491625][ T2590] vfs_write+0x29d/0x1150 [ 2253.491648][ T2590] ? __pfx___mutex_lock+0x10/0x10 [ 2253.491670][ T2590] ? __pfx_vfs_write+0x10/0x10 [ 2253.491694][ T2590] ? __fget_files+0x20e/0x3c0 [ 2253.491719][ T2590] ksys_write+0x12a/0x250 [ 2253.491738][ T2590] ? __pfx_ksys_write+0x10/0x10 [ 2253.491762][ T2590] do_syscall_64+0xcd/0x490 [ 2253.491786][ T2590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2253.491801][ T2590] RIP: 0033:0x7f4d4c98e929 [ 2253.491813][ T2590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2253.491827][ T2590] RSP: 002b:00007f4d4d87c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2253.491840][ T2590] RAX: ffffffffffffffda RBX: 00007f4d4cbb6080 RCX: 00007f4d4c98e929 [ 2253.491850][ T2590] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 2253.491858][ T2590] RBP: 00007f4d4d87c090 R08: 0000000000000000 R09: 0000000000000000 [ 2253.491866][ T2590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2253.491875][ T2590] R13: 0000000000000000 R14: 00007f4d4cbb6080 R15: 00007ffe841e9238 [ 2253.491894][ T2590] [ 2253.493394][ T2590] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2263.462807][ T2793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6118'. [ 2266.701214][ T2871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6129'. [ 2270.329496][ T2927] FAULT_INJECTION: forcing a failure. [ 2270.329496][ T2927] name failslab, interval 1, probability 0, space 0, times 0 [ 2270.350500][ T2927] CPU: 0 UID: 0 PID: 2927 Comm: syz.2.6141 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2270.350543][ T2927] Tainted: [U]=USER [ 2270.350552][ T2927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2270.350567][ T2927] Call Trace: [ 2270.350577][ T2927] [ 2270.350588][ T2927] dump_stack_lvl+0x16c/0x1f0 [ 2270.350633][ T2927] should_fail_ex+0x512/0x640 [ 2270.350668][ T2927] ? __kvmalloc_node_noprof+0x124/0x620 [ 2270.350708][ T2927] should_failslab+0xc2/0x120 [ 2270.350734][ T2927] __kvmalloc_node_noprof+0x137/0x620 [ 2270.350772][ T2927] ? v4l2_ctrl_new+0x97d/0x2180 [ 2270.350816][ T2927] ? v4l2_ctrl_new+0x97d/0x2180 [ 2270.350851][ T2927] v4l2_ctrl_new+0x97d/0x2180 [ 2270.350891][ T2927] ? __ia32_sys_fchown+0x60/0xb0 [ 2270.350928][ T2927] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 2270.350977][ T2927] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2270.351020][ T2927] v4l2_ctrl_new_std+0x1be/0x290 [ 2270.351069][ T2927] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 2270.351112][ T2927] ? rcu_is_watching+0x12/0xc0 [ 2270.351139][ T2927] ? trace_kmalloc+0x2b/0xd0 [ 2270.351163][ T2927] ? __kvmalloc_node_noprof+0x298/0x620 [ 2270.351200][ T2927] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 2270.351242][ T2927] ? media_request_object_init+0x100/0x180 [ 2270.351279][ T2927] vicodec_open+0x1d0/0xf90 [ 2270.351330][ T2927] v4l2_open+0x222/0x490 [ 2270.351367][ T2927] ? __pfx_v4l2_open+0x10/0x10 [ 2270.351402][ T2927] chrdev_open+0x231/0x6a0 [ 2270.351441][ T2927] ? __pfx_apparmor_file_open+0x10/0x10 [ 2270.351474][ T2927] ? __pfx_chrdev_open+0x10/0x10 [ 2270.351515][ T2927] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 2270.351555][ T2927] do_dentry_open+0x744/0x1c10 [ 2270.351592][ T2927] ? __pfx_chrdev_open+0x10/0x10 [ 2270.351637][ T2927] vfs_open+0x82/0x3f0 [ 2270.351670][ T2927] path_openat+0x1de4/0x2cb0 [ 2270.351718][ T2927] ? __pfx_path_openat+0x10/0x10 [ 2270.351757][ T2927] ? __lock_acquire+0xb8a/0x1c90 [ 2270.351795][ T2927] do_filp_open+0x20b/0x470 [ 2270.351832][ T2927] ? __pfx_do_filp_open+0x10/0x10 [ 2270.351895][ T2927] ? alloc_fd+0x471/0x7d0 [ 2270.351940][ T2927] do_sys_openat2+0x11b/0x1d0 [ 2270.351968][ T2927] ? __pfx_do_sys_openat2+0x10/0x10 [ 2270.352012][ T2927] __x64_sys_openat+0x174/0x210 [ 2270.352042][ T2927] ? __pfx___x64_sys_openat+0x10/0x10 [ 2270.352086][ T2927] do_syscall_64+0xcd/0x490 [ 2270.352128][ T2927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2270.352155][ T2927] RIP: 0033:0x7fdf81b8e929 [ 2270.352177][ T2927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2270.352202][ T2927] RSP: 002b:00007fdf829f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2270.352227][ T2927] RAX: ffffffffffffffda RBX: 00007fdf81db6160 RCX: 00007fdf81b8e929 [ 2270.352245][ T2927] RDX: 00000000000c4400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2270.352263][ T2927] RBP: 00007fdf81c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2270.352280][ T2927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2270.352296][ T2927] R13: 0000000000000000 R14: 00007fdf81db6160 R15: 00007ffeaabbb258 [ 2270.352341][ T2927] [ 2271.190679][ T2934] ima: policy update failed [ 2271.199007][ T30] audit: type=1802 audit(4294973113.303:31): pid=2934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.6145" res=0 errno=0 [ 2271.232684][ T2934] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6145'. [ 2271.325342][ T2939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6146'. [ 2271.633961][ T2949] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6156'. [ 2271.926874][ T2957] FAULT_INJECTION: forcing a failure. [ 2271.926874][ T2957] name failslab, interval 1, probability 0, space 0, times 0 [ 2271.961133][ T2957] CPU: 1 UID: 0 PID: 2957 Comm: syz.2.6150 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2271.961175][ T2957] Tainted: [U]=USER [ 2271.961195][ T2957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2271.961210][ T2957] Call Trace: [ 2271.961219][ T2957] [ 2271.961229][ T2957] dump_stack_lvl+0x16c/0x1f0 [ 2271.961273][ T2957] should_fail_ex+0x512/0x640 [ 2271.961312][ T2957] should_failslab+0xc2/0x120 [ 2271.961337][ T2957] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 2271.961374][ T2957] ? zswap_store+0x839/0x25a0 [ 2271.961409][ T2957] zswap_store+0x839/0x25a0 [ 2271.961450][ T2957] ? __pfx_zswap_store+0x10/0x10 [ 2271.961478][ T2957] ? do_raw_spin_lock+0x12c/0x2b0 [ 2271.961514][ T2957] ? find_held_lock+0x2b/0x80 [ 2271.961539][ T2957] ? folio_free_swap+0x171/0x580 [ 2271.961579][ T2957] ? do_raw_spin_unlock+0x172/0x230 [ 2271.961614][ T2957] ? swp_swap_info+0xce/0x130 [ 2271.961638][ T2957] ? __pfx_swp_swap_info+0x10/0x10 [ 2271.961671][ T2957] swap_writeout+0x38e/0xfe0 [ 2271.961700][ T2957] ? folio_clear_dirty_for_io+0x112/0x810 [ 2271.961732][ T2957] ? __pfx_swap_writeout+0x10/0x10 [ 2271.961761][ T2957] pageout+0x38f/0xa50 [ 2271.961792][ T2957] ? __pfx_pageout+0x10/0x10 [ 2271.961818][ T2957] ? mark_held_locks+0x49/0x80 [ 2271.961890][ T2957] ? on_each_cpu_cond_mask+0x5a/0x90 [ 2271.961918][ T2957] ? arch_tlbbatch_flush+0x18c/0x370 [ 2271.961956][ T2957] shrink_folio_list+0x2f4d/0x3fc0 [ 2271.962000][ T2957] ? __pfx_shrink_folio_list+0x10/0x10 [ 2271.962037][ T2957] ? __lock_acquire+0x622/0x1c90 [ 2271.962118][ T2957] ? unwind_get_return_address+0x59/0xa0 [ 2271.962155][ T2957] ? arch_stack_walk+0x88/0x100 [ 2271.962212][ T2957] reclaim_folio_list+0xda/0x5d0 [ 2271.962247][ T2957] ? css_rstat_updated+0x9d/0xd30 [ 2271.962275][ T2957] ? __pfx_reclaim_folio_list+0x10/0x10 [ 2271.962324][ T2957] ? lru_gen_update_size+0x543/0xe10 [ 2271.962365][ T2957] ? lru_gen_del_folio+0x32b/0x540 [ 2271.962400][ T2957] reclaim_pages+0x47b/0x650 [ 2271.962437][ T2957] ? __pfx_reclaim_pages+0x10/0x10 [ 2271.962468][ T2957] ? find_held_lock+0x2b/0x80 [ 2271.962493][ T2957] ? madvise_cold_or_pageout_pte_range+0x5fb/0x2180 [ 2271.962529][ T2957] madvise_cold_or_pageout_pte_range+0x1437/0x2180 [ 2271.962573][ T2957] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 2271.962604][ T2957] ? __lock_acquire+0x622/0x1c90 [ 2271.962645][ T2957] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 2271.962676][ T2957] walk_pgd_range+0xc56/0x1f60 [ 2271.962738][ T2957] ? __pfx_walk_pgd_range+0x10/0x10 [ 2271.962786][ T2957] __walk_page_range+0x163/0x820 [ 2271.962827][ T2957] ? find_vma+0xbf/0x140 [ 2271.962852][ T2957] ? __pfx_find_vma+0x10/0x10 [ 2271.962880][ T2957] ? walk_page_test+0x9b/0x180 [ 2271.962918][ T2957] walk_page_range_mm+0x54d/0x8a0 [ 2271.962961][ T2957] ? __pfx_walk_page_range_mm+0x10/0x10 [ 2271.963004][ T2957] ? find_held_lock+0x2b/0x80 [ 2271.963029][ T2957] ? mlock_drain_local+0x22d/0x4f0 [ 2271.963082][ T2957] walk_page_range+0x63/0x90 [ 2271.963123][ T2957] madvise_pageout+0x254/0x540 [ 2271.963152][ T2957] ? __pfx_madvise_pageout+0x10/0x10 [ 2271.963203][ T2957] ? mtree_range_walk+0x718/0xc00 [ 2271.963237][ T2957] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2271.963282][ T2957] madvise_vma_behavior+0x460/0x2420 [ 2271.963310][ T2957] ? mas_prev_setup.constprop.0+0x81/0x830 [ 2271.963350][ T2957] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 2271.963378][ T2957] ? __pfx_mas_prev+0x10/0x10 [ 2271.963423][ T2957] ? find_vma_prev+0xda/0x160 [ 2271.963450][ T2957] ? __pfx_find_vma_prev+0x10/0x10 [ 2271.963498][ T2957] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 2271.963524][ T2957] madvise_walk_vmas+0x1d1/0x2c0 [ 2271.963551][ T2957] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 2271.963587][ T2957] madvise_do_behavior+0x15d/0x3f0 [ 2271.963619][ T2957] ? __pfx_madvise_do_behavior+0x10/0x10 [ 2271.963669][ T2957] do_madvise+0x161/0x230 [ 2271.963696][ T2957] ? __pfx_do_madvise+0x10/0x10 [ 2271.963722][ T2957] ? find_held_lock+0x2b/0x80 [ 2271.963761][ T2957] ? xfd_validate_state+0x61/0x180 [ 2271.963802][ T2957] __x64_sys_madvise+0xa9/0x110 [ 2271.963829][ T2957] ? lockdep_hardirqs_on+0x7c/0x110 [ 2271.963865][ T2957] do_syscall_64+0xcd/0x490 [ 2271.963905][ T2957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2271.963931][ T2957] RIP: 0033:0x7fdf81b8e929 [ 2271.963953][ T2957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2271.963978][ T2957] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 2271.964002][ T2957] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2271.964020][ T2957] RDX: 0000000000000015 RSI: 0000000000000005 RDI: 0000000000000000 [ 2271.964036][ T2957] RBP: 00007fdf81c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2271.964052][ T2957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2271.964069][ T2957] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2271.964105][ T2957] [ 2275.374452][ T2625] udevd[2625]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 2275.390754][ T3005] udevd[3005]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 2277.503000][ T3044] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6168'. [ 2277.678484][ T3047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6169'. [ 2279.843058][ T3090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6179'. [ 2281.451327][ T3116] FAULT_INJECTION: forcing a failure. [ 2281.451327][ T3116] name failslab, interval 1, probability 0, space 0, times 0 [ 2281.478204][ T3116] CPU: 0 UID: 0 PID: 3116 Comm: syz.3.6183 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2281.478229][ T3116] Tainted: [U]=USER [ 2281.478234][ T3116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2281.478243][ T3116] Call Trace: [ 2281.478248][ T3116] [ 2281.478255][ T3116] dump_stack_lvl+0x16c/0x1f0 [ 2281.478281][ T3116] should_fail_ex+0x512/0x640 [ 2281.478301][ T3116] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2281.478324][ T3116] should_failslab+0xc2/0x120 [ 2281.478338][ T3116] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2281.478357][ T3116] ? __pfx_apparmor_file_open+0x10/0x10 [ 2281.478375][ T3116] ? proc_reg_open+0x21d/0x610 [ 2281.478397][ T3116] proc_reg_open+0x21d/0x610 [ 2281.478417][ T3116] do_dentry_open+0x744/0x1c10 [ 2281.478437][ T3116] ? __pfx_proc_reg_open+0x10/0x10 [ 2281.478460][ T3116] vfs_open+0x82/0x3f0 [ 2281.478477][ T3116] path_openat+0x1de4/0x2cb0 [ 2281.478503][ T3116] ? __pfx_path_openat+0x10/0x10 [ 2281.478523][ T3116] ? __lock_acquire+0xb8a/0x1c90 [ 2281.478546][ T3116] do_filp_open+0x20b/0x470 [ 2281.478568][ T3116] ? __pfx_do_filp_open+0x10/0x10 [ 2281.478601][ T3116] ? alloc_fd+0x471/0x7d0 [ 2281.478624][ T3116] do_sys_openat2+0x11b/0x1d0 [ 2281.478639][ T3116] ? __pfx_do_sys_openat2+0x10/0x10 [ 2281.478661][ T3116] __x64_sys_openat+0x174/0x210 [ 2281.478677][ T3116] ? __pfx___x64_sys_openat+0x10/0x10 [ 2281.478701][ T3116] do_syscall_64+0xcd/0x490 [ 2281.478723][ T3116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2281.478738][ T3116] RIP: 0033:0x7f4d4c98e929 [ 2281.478750][ T3116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2281.478763][ T3116] RSP: 002b:00007f4d4d89d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2281.478777][ T3116] RAX: ffffffffffffffda RBX: 00007f4d4cbb5fa0 RCX: 00007f4d4c98e929 [ 2281.478787][ T3116] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2281.478810][ T3116] RBP: 00007f4d4ca10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2281.478826][ T3116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2281.478840][ T3116] R13: 0000000000000000 R14: 00007f4d4cbb5fa0 R15: 00007ffe841e9238 [ 2281.478871][ T3116] [ 2283.066817][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2283.073396][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2286.528999][ T3191] udevd[3191]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 2286.543511][ T3142] udevd[3142]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 2294.703916][ T3318] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6236'. [ 2294.870663][ T30] audit: type=1326 audit(4294973136.985:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3323 comm="syz.1.6238" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd7e2f8e929 code=0x0 [ 2296.184227][ T3346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6243'. [ 2296.702709][ T3356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6246'. [ 2299.083963][ T3400] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6255'. [ 2303.397574][ T3453] ptrace attach of "./syz-executor exec"[3454] was attempted by "./syz-executor exec"[3453] [ 2303.679074][ T3457] FAULT_INJECTION: forcing a failure. [ 2303.679074][ T3457] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2303.704867][ T3457] CPU: 0 UID: 0 PID: 3457 Comm: syz.2.6269 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2303.704906][ T3457] Tainted: [U]=USER [ 2303.704914][ T3457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2303.704928][ T3457] Call Trace: [ 2303.704937][ T3457] [ 2303.704946][ T3457] dump_stack_lvl+0x16c/0x1f0 [ 2303.704980][ T3457] should_fail_ex+0x512/0x640 [ 2303.705003][ T3457] _copy_to_user+0x32/0xd0 [ 2303.705026][ T3457] tomoyo_flush+0x161/0x520 [ 2303.705050][ T3457] tomoyo_set_string+0xaf/0xe0 [ 2303.705070][ T3457] tomoyo_read_domain+0x5cd/0x9e0 [ 2303.705102][ T3457] tomoyo_read_control+0x29c/0x540 [ 2303.705125][ T3457] ? __pfx_tomoyo_read+0x10/0x10 [ 2303.705145][ T3457] vfs_read+0x1e4/0xc60 [ 2303.705167][ T3457] ? __pfx___mutex_lock+0x10/0x10 [ 2303.705189][ T3457] ? __pfx_vfs_read+0x10/0x10 [ 2303.705213][ T3457] ? __fget_files+0x20e/0x3c0 [ 2303.705237][ T3457] ksys_read+0x12a/0x250 [ 2303.705256][ T3457] ? __pfx_ksys_read+0x10/0x10 [ 2303.705280][ T3457] do_syscall_64+0xcd/0x490 [ 2303.705302][ T3457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2303.705317][ T3457] RIP: 0033:0x7fdf81b8e929 [ 2303.705329][ T3457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2303.705343][ T3457] RSP: 002b:00007fdf82a12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2303.705357][ T3457] RAX: ffffffffffffffda RBX: 00007fdf81db6080 RCX: 00007fdf81b8e929 [ 2303.705366][ T3457] RDX: 000000000000b4d3 RSI: 0000000000000000 RDI: 0000000000000008 [ 2303.705375][ T3457] RBP: 00007fdf82a12090 R08: 0000000000000000 R09: 0000000000000000 [ 2303.705383][ T3457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2303.705391][ T3457] R13: 0000000000000000 R14: 00007fdf81db6080 R15: 00007ffeaabbb258 [ 2303.705410][ T3457] [ 2305.296151][ T3487] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6276'. [ 2308.058890][ T3530] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6286'. [ 2308.368429][ T3535] ptrace attach of "./syz-executor exec"[3537] was attempted by "./syz-executor exec"[3535] [ 2308.682010][ T3539] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 2310.063986][ T3567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6295'. [ 2310.327446][ T3572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6296'. [ 2320.401171][ T30] audit: type=1326 audit(4294973162.518:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3701 comm="syz.1.6329" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd7e2f8e929 code=0x0 [ 2322.785283][ T3734] FAULT_INJECTION: forcing a failure. [ 2322.785283][ T3734] name failslab, interval 1, probability 0, space 0, times 0 [ 2322.834687][ T3734] CPU: 0 UID: 0 PID: 3734 Comm: syz.3.6335 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2322.834715][ T3734] Tainted: [U]=USER [ 2322.834720][ T3734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2322.834729][ T3734] Call Trace: [ 2322.834735][ T3734] [ 2322.834742][ T3734] dump_stack_lvl+0x16c/0x1f0 [ 2322.834768][ T3734] should_fail_ex+0x512/0x640 [ 2322.834788][ T3734] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2322.834812][ T3734] should_failslab+0xc2/0x120 [ 2322.834826][ T3734] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2322.834847][ T3734] ? security_file_alloc+0x34/0x2b0 [ 2322.834868][ T3734] security_file_alloc+0x34/0x2b0 [ 2322.834886][ T3734] init_file+0x93/0x4c0 [ 2322.834900][ T3734] alloc_empty_file+0x73/0x1e0 [ 2322.834916][ T3734] path_openat+0xda/0x2cb0 [ 2322.834934][ T3734] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2322.834964][ T3734] ? __pfx_path_openat+0x10/0x10 [ 2322.834985][ T3734] ? __lock_acquire+0xb8a/0x1c90 [ 2322.835007][ T3734] do_filp_open+0x20b/0x470 [ 2322.835027][ T3734] ? __pfx_do_filp_open+0x10/0x10 [ 2322.835061][ T3734] ? alloc_fd+0x471/0x7d0 [ 2322.835085][ T3734] do_sys_openat2+0x11b/0x1d0 [ 2322.835100][ T3734] ? __pfx_do_sys_openat2+0x10/0x10 [ 2322.835123][ T3734] __x64_sys_openat+0x174/0x210 [ 2322.835139][ T3734] ? __pfx___x64_sys_openat+0x10/0x10 [ 2322.835162][ T3734] do_syscall_64+0xcd/0x490 [ 2322.835185][ T3734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2322.835199][ T3734] RIP: 0033:0x7f4d4c98e929 [ 2322.835212][ T3734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2322.835226][ T3734] RSP: 002b:00007f4d4d87c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2322.835240][ T3734] RAX: ffffffffffffffda RBX: 00007f4d4cbb6080 RCX: 00007f4d4c98e929 [ 2322.835250][ T3734] RDX: 00000000000c4400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2322.835259][ T3734] RBP: 00007f4d4ca10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2322.835268][ T3734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2322.835276][ T3734] R13: 0000000000000000 R14: 00007f4d4cbb6080 R15: 00007ffe841e9238 [ 2322.835294][ T3734] [ 2323.611137][ T3757] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6340'. [ 2324.688837][ T3771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6345'. [ 2324.913933][ T3775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6355'. [ 2326.398799][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2327.577066][ T3822] vivid-003: ================= START STATUS ================= [ 2327.581372][ T3823] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6358'. [ 2327.611128][ T3822] vivid-003: Radio HW Seek Mode: Bounded [ 2327.616821][ T3822] vivid-003: Radio Programmable HW Seek: false [ 2327.625079][ T3822] vivid-003: RDS Rx I/O Mode: Block I/O [ 2327.631027][ T3822] vivid-003: Generate RBDS Instead of RDS: false [ 2327.638962][ T3822] vivid-003: RDS Reception: true [ 2327.645807][ T3822] vivid-003: RDS Program Type: 0 inactive [ 2327.694857][ T3822] vivid-003: RDS PS Name: inactive [ 2327.700672][ T3822] vivid-003: RDS Radio Text: inactive [ 2327.700698][ T3822] vivid-003: RDS Traffic Announcement: false inactive [ 2327.700719][ T3822] vivid-003: RDS Traffic Program: false inactive [ 2327.700738][ T3822] vivid-003: RDS Music: false inactive [ 2327.700758][ T3822] vivid-003: ================== END STATUS ================== [ 2328.834207][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2330.431250][ T3864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6369'. [ 2330.833264][ T3871] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6371'. [ 2332.439705][ T3888] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6378'. [ 2334.330283][ T3929] FAULT_INJECTION: forcing a failure. [ 2334.330283][ T3929] name failslab, interval 1, probability 0, space 0, times 0 [ 2334.343069][ T3929] CPU: 0 UID: 0 PID: 3929 Comm: syz.1.6384 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2334.343094][ T3929] Tainted: [U]=USER [ 2334.343099][ T3929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2334.343108][ T3929] Call Trace: [ 2334.343113][ T3929] [ 2334.343119][ T3929] dump_stack_lvl+0x16c/0x1f0 [ 2334.343150][ T3929] should_fail_ex+0x512/0x640 [ 2334.343170][ T3929] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2334.343193][ T3929] should_failslab+0xc2/0x120 [ 2334.343207][ T3929] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2334.343228][ T3929] ? getname_flags.part.0+0x4c/0x550 [ 2334.343246][ T3929] getname_flags.part.0+0x4c/0x550 [ 2334.343264][ T3929] getname_flags+0x93/0xf0 [ 2334.343282][ T3929] do_sys_openat2+0xb8/0x1d0 [ 2334.343297][ T3929] ? __pfx_do_sys_openat2+0x10/0x10 [ 2334.343320][ T3929] __x64_sys_openat+0x174/0x210 [ 2334.343336][ T3929] ? __pfx___x64_sys_openat+0x10/0x10 [ 2334.343358][ T3929] do_syscall_64+0xcd/0x490 [ 2334.343381][ T3929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2334.343395][ T3929] RIP: 0033:0x7fd7e2f8e929 [ 2334.343407][ T3929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2334.343420][ T3929] RSP: 002b:00007fd7e3d32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2334.343434][ T3929] RAX: ffffffffffffffda RBX: 00007fd7e31b6080 RCX: 00007fd7e2f8e929 [ 2334.343444][ T3929] RDX: 00000000000c4400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2334.343453][ T3929] RBP: 00007fd7e3010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2334.343461][ T3929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2334.343470][ T3929] R13: 0000000000000000 R14: 00007fd7e31b6080 R15: 00007ffd0c601578 [ 2334.343488][ T3929] [ 2334.661151][ T3935] binder: BINDER_SET_CONTEXT_MGR already set [ 2334.669056][ T3935] binder: 3934:3935 ioctl 40046207 0 returned -16 [ 2335.077599][ T3944] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6389'. [ 2343.787219][ T4083] binder: BINDER_SET_CONTEXT_MGR already set [ 2343.795081][ T4083] binder: 4082:4083 ioctl 40046207 0 returned -16 [ 2344.503936][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2344.517764][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2346.722230][ T4129] mmap: syz.3.6435 (4129): VmData 45883392 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 2349.411523][ T4164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6450'. [ 2349.776038][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2356.646939][ T4291] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(13) [ 2357.774879][ T4307] can: request_module (can-proto-0) failed. [ 2358.622766][ T4326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6481'. [ 2358.964825][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2360.194345][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2362.147641][ T4390] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078006000 pfn:0x78000 [ 2362.165512][ T4390] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 2362.175538][ T4390] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 2362.183288][ T4390] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 2362.194882][ T4390] raw: ffff888078006000 0000000000000000 00000008ffffffff 0000000000000000 [ 2362.203637][ T4390] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 2362.212342][ T4390] head: ffff888078006000 0000000000000000 00000008ffffffff 0000000000000000 [ 2362.221242][ T4390] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 2362.231147][ T4390] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 2362.270341][ T4390] page dumped because: unmovable page [ 2362.279896][ T4390] page_owner tracks the page as allocated [ 2362.285843][ T4390] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 0, tgid 0 (swapper/1), ts 69758751066, free_ts 69753577203 [ 2362.310962][ T4390] post_alloc_hook+0x1c0/0x230 [ 2362.321142][ T4390] get_page_from_freelist+0x1321/0x3890 [ 2362.403403][ T4390] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 2362.403451][ T4390] alloc_pages_mpol+0x1fb/0x550 [ 2362.403476][ T4390] alloc_pages_noprof+0x131/0x390 [ 2362.403500][ T4390] skb_page_frag_refill+0x186/0x5a0 [ 2362.403530][ T4390] try_fill_recv+0x7e4/0x28a0 [ 2362.403559][ T4390] virtnet_poll+0x1984/0x3c30 [ 2362.403588][ T4390] __napi_poll.constprop.0+0xb7/0x550 [ 2362.403624][ T4390] net_rx_action+0xa9f/0xfe0 [ 2362.403658][ T4390] handle_softirqs+0x219/0x8e0 [ 2362.403684][ T4390] __irq_exit_rcu+0x109/0x170 [ 2362.403711][ T4390] irq_exit_rcu+0x9/0x30 [ 2362.403737][ T4390] common_interrupt+0xbf/0xe0 [ 2362.403766][ T4390] asm_common_interrupt+0x26/0x40 [ 2362.403792][ T4390] page last free pid 0 tgid 0 stack trace: [ 2362.403809][ T4390] __free_frozen_pages+0x7fe/0x1180 [ 2362.403840][ T4390] __folio_put+0x329/0x450 [ 2362.403877][ T4390] skb_release_data+0x7fb/0x9c0 [ 2362.403915][ T4390] napi_consume_skb+0x15a/0x220 [ 2362.403943][ T4390] net_rx_action+0x47f/0xfe0 [ 2362.403975][ T4390] handle_softirqs+0x219/0x8e0 [ 2362.404002][ T4390] __irq_exit_rcu+0x109/0x170 [ 2362.404028][ T4390] irq_exit_rcu+0x9/0x30 [ 2362.404053][ T4390] common_interrupt+0xbf/0xe0 [ 2362.404082][ T4390] asm_common_interrupt+0x26/0x40 [ 2366.276487][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2366.537713][ T4450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 2366.934637][ T4459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6508'. [ 2367.551207][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2367.614072][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2369.850202][ T4508] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6519'. [ 2370.825462][ T4525] FAULT_INJECTION: forcing a failure. [ 2370.825462][ T4525] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2370.847938][ T4525] CPU: 0 UID: 0 PID: 4525 Comm: syz.1.6525 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2370.847975][ T4525] Tainted: [U]=USER [ 2370.847983][ T4525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2370.847997][ T4525] Call Trace: [ 2370.848005][ T4525] [ 2370.848015][ T4525] dump_stack_lvl+0x16c/0x1f0 [ 2370.848057][ T4525] should_fail_ex+0x512/0x640 [ 2370.848096][ T4525] _copy_to_user+0x32/0xd0 [ 2370.848135][ T4525] simple_read_from_buffer+0xcb/0x170 [ 2370.848169][ T4525] proc_fail_nth_read+0x197/0x270 [ 2370.848199][ T4525] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2370.848230][ T4525] ? rw_verify_area+0xcf/0x680 [ 2370.848260][ T4525] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2370.848288][ T4525] vfs_read+0x1e4/0xc60 [ 2370.848325][ T4525] ? __pfx___mutex_lock+0x10/0x10 [ 2370.848361][ T4525] ? __pfx_vfs_read+0x10/0x10 [ 2370.848412][ T4525] ? __fget_files+0x20e/0x3c0 [ 2370.848455][ T4525] ksys_read+0x12a/0x250 [ 2370.848486][ T4525] ? __pfx_ksys_read+0x10/0x10 [ 2370.848529][ T4525] do_syscall_64+0xcd/0x490 [ 2370.848571][ T4525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2370.848597][ T4525] RIP: 0033:0x7fd7e2f8d33c [ 2370.848618][ T4525] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2370.848640][ T4525] RSP: 002b:00007fd7e3d53030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2370.848664][ T4525] RAX: ffffffffffffffda RBX: 00007fd7e31b5fa0 RCX: 00007fd7e2f8d33c [ 2370.848681][ T4525] RDX: 000000000000000f RSI: 00007fd7e3d530a0 RDI: 0000000000000004 [ 2370.848697][ T4525] RBP: 00007fd7e3d53090 R08: 0000000000000000 R09: 0000000000000000 [ 2370.848711][ T4525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2370.848726][ T4525] R13: 0000000000000000 R14: 00007fd7e31b5fa0 R15: 00007ffd0c601578 [ 2370.848762][ T4525] [ 2374.973654][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2375.744277][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2376.212091][ T4596] netlink: 7 bytes leftover after parsing attributes in process `syz.1.6533'. [ 2381.705169][ T4692] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68 [ 2381.865799][ T4700] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6555'. [ 2383.278771][ T4716] tc_dump_action: action bad kind [ 2385.686185][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2388.305551][ T4791] FAULT_INJECTION: forcing a failure. [ 2388.305551][ T4791] name failslab, interval 1, probability 0, space 0, times 0 [ 2388.305579][ T4791] CPU: 1 UID: 0 PID: 4791 Comm: syz.1.6576 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2388.305602][ T4791] Tainted: [U]=USER [ 2388.305609][ T4791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2388.305623][ T4791] Call Trace: [ 2388.305630][ T4791] [ 2388.305639][ T4791] dump_stack_lvl+0x16c/0x1f0 [ 2388.305677][ T4791] should_fail_ex+0x512/0x640 [ 2388.305709][ T4791] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 2388.305743][ T4791] should_failslab+0xc2/0x120 [ 2388.305766][ T4791] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2388.305785][ T4791] ? alloc_pipe_info+0x10e/0x590 [ 2388.305808][ T4791] alloc_pipe_info+0x10e/0x590 [ 2388.305830][ T4791] splice_direct_to_actor+0x77d/0xa30 [ 2388.305850][ T4791] ? __pfx_direct_splice_actor+0x10/0x10 [ 2388.305869][ T4791] ? __pfx_aa_file_perm+0x10/0x10 [ 2388.305889][ T4791] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2388.305906][ T4791] ? get_pid_task+0xfc/0x250 [ 2388.305929][ T4791] do_splice_direct+0x174/0x240 [ 2388.305946][ T4791] ? __pfx_do_splice_direct+0x10/0x10 [ 2388.305964][ T4791] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2388.305982][ T4791] ? bpf_lsm_file_permission+0x9/0x10 [ 2388.305997][ T4791] ? security_file_permission+0x71/0x210 [ 2388.306015][ T4791] ? rw_verify_area+0xcf/0x680 [ 2388.306034][ T4791] do_sendfile+0xb06/0xe50 [ 2388.306055][ T4791] ? __pfx_do_sendfile+0x10/0x10 [ 2388.306074][ T4791] ? __fget_files+0x20e/0x3c0 [ 2388.306098][ T4791] __x64_sys_sendfile64+0x1d8/0x220 [ 2388.306110][ T4791] ? ksys_write+0x1ac/0x250 [ 2388.306128][ T4791] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2388.306147][ T4791] do_syscall_64+0xcd/0x490 [ 2388.306172][ T4791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2388.306186][ T4791] RIP: 0033:0x7fd7e2f8e929 [ 2388.306198][ T4791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2388.306212][ T4791] RSP: 002b:00007fd7e3d53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2388.306226][ T4791] RAX: ffffffffffffffda RBX: 00007fd7e31b5fa0 RCX: 00007fd7e2f8e929 [ 2388.306236][ T4791] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 2388.306244][ T4791] RBP: 00007fd7e3d53090 R08: 0000000000000000 R09: 0000000000000000 [ 2388.306253][ T4791] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000001 [ 2388.306261][ T4791] R13: 0000000000000000 R14: 00007fd7e31b5fa0 R15: 00007ffd0c601578 [ 2388.306278][ T4791] [ 2388.547667][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2390.029362][ T4814] netlink: 7 bytes leftover after parsing attributes in process `syz.3.6580'. [ 2390.290701][ T4820] tc_dump_action: action bad kind [ 2391.664783][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2392.808590][ T4862] FAULT_INJECTION: forcing a failure. [ 2392.808590][ T4862] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2392.868724][ T4862] CPU: 0 UID: 0 PID: 4862 Comm: syz.0.6595 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2392.868766][ T4862] Tainted: [U]=USER [ 2392.868774][ T4862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2392.868788][ T4862] Call Trace: [ 2392.868796][ T4862] [ 2392.868806][ T4862] dump_stack_lvl+0x16c/0x1f0 [ 2392.868847][ T4862] should_fail_ex+0x512/0x640 [ 2392.868891][ T4862] _copy_from_user+0x2e/0xd0 [ 2392.868928][ T4862] memdup_user+0x6b/0xe0 [ 2392.868964][ T4862] strndup_user+0x78/0xe0 [ 2392.869000][ T4862] __x64_sys_mount+0x180/0x310 [ 2392.869037][ T4862] ? __pfx___x64_sys_mount+0x10/0x10 [ 2392.869082][ T4862] do_syscall_64+0xcd/0x490 [ 2392.869120][ T4862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2392.869145][ T4862] RIP: 0033:0x7fc7eaf8e929 [ 2392.869165][ T4862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2392.869189][ T4862] RSP: 002b:00007fc7ebe11038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2392.869213][ T4862] RAX: ffffffffffffffda RBX: 00007fc7eb1b5fa0 RCX: 00007fc7eaf8e929 [ 2392.869230][ T4862] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000200000000000 [ 2392.869247][ T4862] RBP: 00007fc7ebe11090 R08: 0000000000000000 R09: 0000000000000000 [ 2392.869262][ T4862] R10: 000000000000be0a R11: 0000000000000246 R12: 0000000000000001 [ 2392.869277][ T4862] R13: 0000000000000000 R14: 00007fc7eb1b5fa0 R15: 00007ffc6449fa38 [ 2392.869311][ T4862] [ 2394.294280][ T4888] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1385 with max blocks 3 with error 117 [ 2394.311469][ T4888] EXT4-fs (sda1): This should not happen!! Data will be lost [ 2394.311469][ T4888] [ 2395.270634][ T4903] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6601'. [ 2396.677497][ T4927] ptrace attach of "./syz-executor exec"[4929] was attempted by "./syz-executor exec"[4927] [ 2396.818128][ T4932] ptrace attach of "./syz-executor exec"[4934] was attempted by "./syz-executor exec"[4932] [ 2402.230558][ T5031] FAULT_INJECTION: forcing a failure. [ 2402.230558][ T5031] name failslab, interval 1, probability 0, space 0, times 0 [ 2402.301945][ T5031] CPU: 1 UID: 0 PID: 5031 Comm: syz.0.6627 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2402.301987][ T5031] Tainted: [U]=USER [ 2402.301996][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2402.302011][ T5031] Call Trace: [ 2402.302021][ T5031] [ 2402.302031][ T5031] dump_stack_lvl+0x16c/0x1f0 [ 2402.302076][ T5031] should_fail_ex+0x512/0x640 [ 2402.302111][ T5031] ? __kvmalloc_node_noprof+0x124/0x620 [ 2402.302150][ T5031] should_failslab+0xc2/0x120 [ 2402.302174][ T5031] __kvmalloc_node_noprof+0x137/0x620 [ 2402.302219][ T5031] ? lockdep_init_map_type+0x5c/0x280 [ 2402.302252][ T5031] ? open_substream+0x30c/0x9b0 [ 2402.302288][ T5031] ? open_substream+0x30c/0x9b0 [ 2402.302311][ T5031] ? open_substream+0x19a/0x9b0 [ 2402.302334][ T5031] open_substream+0x30c/0x9b0 [ 2402.302367][ T5031] rawmidi_open_priv+0x543/0x6e0 [ 2402.302405][ T5031] snd_rawmidi_open+0x4cc/0xbf0 [ 2402.302443][ T5031] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 2402.302478][ T5031] ? __pfx_default_wake_function+0x10/0x10 [ 2402.302508][ T5031] ? kobject_get_unless_zero+0x156/0x1e0 [ 2402.302538][ T5031] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 2402.302570][ T5031] snd_open+0x1fe/0x450 [ 2402.302595][ T5031] ? __pfx_snd_open+0x10/0x10 [ 2402.302618][ T5031] chrdev_open+0x231/0x6a0 [ 2402.302655][ T5031] ? __pfx_apparmor_file_open+0x10/0x10 [ 2402.302687][ T5031] ? __pfx_chrdev_open+0x10/0x10 [ 2402.302727][ T5031] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 2402.302769][ T5031] do_dentry_open+0x744/0x1c10 [ 2402.302807][ T5031] ? __pfx_chrdev_open+0x10/0x10 [ 2402.302848][ T5031] vfs_open+0x82/0x3f0 [ 2402.302880][ T5031] path_openat+0x1de4/0x2cb0 [ 2402.302928][ T5031] ? __pfx_path_openat+0x10/0x10 [ 2402.302970][ T5031] ? __lock_acquire+0xb8a/0x1c90 [ 2402.303009][ T5031] do_filp_open+0x20b/0x470 [ 2402.303043][ T5031] ? __pfx_do_filp_open+0x10/0x10 [ 2402.303104][ T5031] ? alloc_fd+0x471/0x7d0 [ 2402.303148][ T5031] do_sys_openat2+0x11b/0x1d0 [ 2402.303175][ T5031] ? __pfx_do_sys_openat2+0x10/0x10 [ 2402.303225][ T5031] __x64_sys_openat+0x174/0x210 [ 2402.303255][ T5031] ? __pfx___x64_sys_openat+0x10/0x10 [ 2402.303301][ T5031] do_syscall_64+0xcd/0x490 [ 2402.303343][ T5031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2402.303370][ T5031] RIP: 0033:0x7fc7eaf8e929 [ 2402.303392][ T5031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2402.303416][ T5031] RSP: 002b:00007fc7ebe11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2402.303441][ T5031] RAX: ffffffffffffffda RBX: 00007fc7eb1b5fa0 RCX: 00007fc7eaf8e929 [ 2402.303459][ T5031] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2402.303476][ T5031] RBP: 00007fc7eb010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2402.303493][ T5031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2402.303508][ T5031] R13: 0000000000000000 R14: 00007fc7eb1b5fa0 R15: 00007ffc6449fa38 [ 2402.303543][ T5031] [ 2403.596076][ T5040] FAULT_INJECTION: forcing a failure. [ 2403.596076][ T5040] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2403.658150][ T5040] CPU: 0 UID: 0 PID: 5040 Comm: syz.0.6629 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2403.658194][ T5040] Tainted: [U]=USER [ 2403.658203][ T5040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2403.658220][ T5040] Call Trace: [ 2403.658229][ T5040] [ 2403.658241][ T5040] dump_stack_lvl+0x16c/0x1f0 [ 2403.658286][ T5040] should_fail_ex+0x512/0x640 [ 2403.658329][ T5040] should_fail_alloc_page+0xe7/0x130 [ 2403.658366][ T5040] prepare_alloc_pages+0x3c2/0x610 [ 2403.658399][ T5040] ? rcu_is_watching+0x12/0xc0 [ 2403.658431][ T5040] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2403.658475][ T5040] ? rcu_is_watching+0x12/0xc0 [ 2403.658503][ T5040] ? trace_mm_page_alloc+0x11f/0x1a0 [ 2403.658534][ T5040] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 2403.658581][ T5040] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2403.658623][ T5040] ? is_bpf_text_address+0x8a/0x1a0 [ 2403.658658][ T5040] ? bpf_ksym_find+0x124/0x1c0 [ 2403.658690][ T5040] ? is_bpf_text_address+0x94/0x1a0 [ 2403.658727][ T5040] ? __kernel_text_address+0xd/0x40 [ 2403.658765][ T5040] ? unwind_get_return_address+0x59/0xa0 [ 2403.658817][ T5040] alloc_pages_bulk_noprof+0x71c/0x1410 [ 2403.658854][ T5040] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2403.658895][ T5040] ? policy_nodemask+0xea/0x4e0 [ 2403.658939][ T5040] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 2403.658979][ T5040] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 2403.659020][ T5040] kasan_populate_vmalloc+0xf1/0x1f0 [ 2403.659064][ T5040] alloc_vmap_area+0x959/0x29c0 [ 2403.659107][ T5040] ? __pfx_alloc_vmap_area+0x10/0x10 [ 2403.659145][ T5040] __get_vm_area_node+0x1ca/0x330 [ 2403.659183][ T5040] __vmalloc_node_range_noprof+0x271/0x14b0 [ 2403.659217][ T5040] ? htab_map_alloc+0x44b/0x1570 [ 2403.659253][ T5040] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 2403.659297][ T5040] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2403.659341][ T5040] ? htab_map_alloc+0x44b/0x1570 [ 2403.659386][ T5040] ? mark_held_locks+0x49/0x80 [ 2403.659424][ T5040] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2403.659459][ T5040] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 2403.659505][ T5040] ? htab_map_alloc+0x44b/0x1570 [ 2403.659539][ T5040] __bpf_map_area_alloc+0x12e/0x200 [ 2403.659566][ T5040] ? htab_map_alloc+0x44b/0x1570 [ 2403.659608][ T5040] htab_map_alloc+0x44b/0x1570 [ 2403.659653][ T5040] ? htab_map_alloc_check+0x2f2/0x430 [ 2403.659696][ T5040] map_create+0x58f/0x1db0 [ 2403.659745][ T5040] ? __pfx_map_create+0x10/0x10 [ 2403.659780][ T5040] ? __might_fault+0xe3/0x190 [ 2403.659815][ T5040] ? __might_fault+0xe3/0x190 [ 2403.659849][ T5040] ? __might_fault+0x13b/0x190 [ 2403.659906][ T5040] __sys_bpf+0x47cc/0x4d80 [ 2403.659945][ T5040] ? __pfx_futex_wake+0x10/0x10 [ 2403.659987][ T5040] ? __pfx___sys_bpf+0x10/0x10 [ 2403.660026][ T5040] ? ksys_write+0x190/0x250 [ 2403.660069][ T5040] ? do_futex+0x122/0x350 [ 2403.660101][ T5040] ? __pfx_do_futex+0x10/0x10 [ 2403.660145][ T5040] ? fput+0x70/0xf0 [ 2403.660168][ T5040] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 2403.660202][ T5040] ? syscall_user_dispatch+0x78/0x140 [ 2403.660247][ T5040] __x64_sys_bpf+0x78/0xc0 [ 2403.660274][ T5040] do_syscall_64+0xcd/0x490 [ 2403.660315][ T5040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2403.660343][ T5040] RIP: 0033:0x7fc7eaf8e929 [ 2403.660371][ T5040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2403.660399][ T5040] RSP: 002b:00007fc7ebdf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2403.660425][ T5040] RAX: ffffffffffffffda RBX: 00007fc7eb1b6080 RCX: 00007fc7eaf8e929 [ 2403.660445][ T5040] RDX: 0000000000000098 RSI: 0000200000000100 RDI: 0000000000000000 [ 2403.660462][ T5040] RBP: 00007fc7eb010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2403.660480][ T5040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2403.660497][ T5040] R13: 0000000000000000 R14: 00007fc7eb1b6080 R15: 00007ffc6449fa38 [ 2403.660532][ T5040] [ 2405.887681][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2405.898029][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2408.962792][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2410.230506][ T5125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6649'. [ 2412.507849][ T5188] tc_dump_action: action bad kind [ 2414.725091][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2415.116586][ T5252] FAULT_INJECTION: forcing a failure. [ 2415.116586][ T5252] name failslab, interval 1, probability 0, space 0, times 0 [ 2415.187946][ T5252] CPU: 1 UID: 0 PID: 5252 Comm: syz.0.6669 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2415.187987][ T5252] Tainted: [U]=USER [ 2415.187995][ T5252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2415.188009][ T5252] Call Trace: [ 2415.188018][ T5252] [ 2415.188028][ T5252] dump_stack_lvl+0x16c/0x1f0 [ 2415.188069][ T5252] should_fail_ex+0x512/0x640 [ 2415.188102][ T5252] ? fs_reclaim_acquire+0xae/0x150 [ 2415.188132][ T5252] ? tomoyo_encode2+0x100/0x3e0 [ 2415.188162][ T5252] should_failslab+0xc2/0x120 [ 2415.188185][ T5252] __kmalloc_noprof+0xd2/0x510 [ 2415.188220][ T5252] ? d_absolute_path+0x136/0x1a0 [ 2415.188250][ T5252] tomoyo_encode2+0x100/0x3e0 [ 2415.188287][ T5252] tomoyo_encode+0x29/0x50 [ 2415.188334][ T5252] tomoyo_realpath_from_path+0x18f/0x6e0 [ 2415.188378][ T5252] tomoyo_path_number_perm+0x245/0x580 [ 2415.188404][ T5252] ? tomoyo_path_number_perm+0x237/0x580 [ 2415.188436][ T5252] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2415.188464][ T5252] ? find_held_lock+0x2b/0x80 [ 2415.188518][ T5252] ? find_held_lock+0x2b/0x80 [ 2415.188541][ T5252] ? hook_file_ioctl_common+0x145/0x410 [ 2415.188574][ T5252] ? __fget_files+0x20e/0x3c0 [ 2415.188612][ T5252] security_file_ioctl+0x9b/0x240 [ 2415.188643][ T5252] __x64_sys_ioctl+0xb7/0x210 [ 2415.188675][ T5252] do_syscall_64+0xcd/0x490 [ 2415.188713][ T5252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2415.188739][ T5252] RIP: 0033:0x7fc7eaf8e929 [ 2415.188759][ T5252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2415.188783][ T5252] RSP: 002b:00007fc7ebdf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2415.188807][ T5252] RAX: ffffffffffffffda RBX: 00007fc7eb1b6080 RCX: 00007fc7eaf8e929 [ 2415.188824][ T5252] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000003 [ 2415.188840][ T5252] RBP: 00007fc7ebdf0090 R08: 0000000000000000 R09: 0000000000000000 [ 2415.188855][ T5252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2415.188870][ T5252] R13: 0000000000000001 R14: 00007fc7eb1b6080 R15: 00007ffc6449fa38 [ 2415.188904][ T5252] [ 2415.188927][ T5252] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2416.619879][ T5268] Invalid ELF header magic: != ELF [ 2418.235750][ T5839] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 2419.940362][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2420.369856][ T5333] : Can't lookup blockdev [ 2422.954435][ T5365] : Can't lookup blockdev [ 2422.963588][ T5365] FAULT_INJECTION: forcing a failure. [ 2422.963588][ T5365] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2422.977702][ T5365] CPU: 1 UID: 0 PID: 5365 Comm: syz.2.6694 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2422.977741][ T5365] Tainted: [U]=USER [ 2422.977750][ T5365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2422.977784][ T5365] Call Trace: [ 2422.977793][ T5365] [ 2422.977803][ T5365] dump_stack_lvl+0x16c/0x1f0 [ 2422.977845][ T5365] should_fail_ex+0x512/0x640 [ 2422.977884][ T5365] _copy_from_user+0x2e/0xd0 [ 2422.977922][ T5365] cec_ioctl+0x2da/0x2970 [ 2422.977960][ T5365] ? __pfx_cec_ioctl+0x10/0x10 [ 2422.977995][ T5365] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2422.978022][ T5365] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2422.978060][ T5365] ? do_vfs_ioctl+0x523/0x1a60 [ 2422.978089][ T5365] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 2422.978141][ T5365] ? __pfx___might_resched+0x10/0x10 [ 2422.978167][ T5365] ? hook_file_ioctl_common+0x145/0x410 [ 2422.978209][ T5365] ? __pfx_cec_ioctl+0x10/0x10 [ 2422.978243][ T5365] __x64_sys_ioctl+0x18b/0x210 [ 2422.978274][ T5365] do_syscall_64+0xcd/0x490 [ 2422.978313][ T5365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2422.978338][ T5365] RIP: 0033:0x7fdf81b8e929 [ 2422.978358][ T5365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2422.978382][ T5365] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2422.978405][ T5365] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2422.978422][ T5365] RDX: 0000200000000100 RSI: 00000000c05c6104 RDI: 0000000000000003 [ 2422.978438][ T5365] RBP: 00007fdf82a33090 R08: 0000000000000000 R09: 0000000000000000 [ 2422.978453][ T5365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2422.978468][ T5365] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2422.978502][ T5365] [ 2424.867062][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2425.312054][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2427.016564][ T5429] FAULT_INJECTION: forcing a failure. [ 2427.016564][ T5429] name failslab, interval 1, probability 0, space 0, times 0 [ 2427.038943][ T5429] CPU: 0 UID: 0 PID: 5429 Comm: syz.0.6707 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2427.038984][ T5429] Tainted: [U]=USER [ 2427.038992][ T5429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2427.039007][ T5429] Call Trace: [ 2427.039016][ T5429] [ 2427.039026][ T5429] dump_stack_lvl+0x16c/0x1f0 [ 2427.039066][ T5429] should_fail_ex+0x512/0x640 [ 2427.039098][ T5429] ? __kmalloc_noprof+0xbf/0x510 [ 2427.039136][ T5429] ? read_page_owner+0x5f1/0x1570 [ 2427.039168][ T5429] should_failslab+0xc2/0x120 [ 2427.039192][ T5429] __kmalloc_noprof+0xd2/0x510 [ 2427.039223][ T5429] ? page_ext_put+0x3e/0xd0 [ 2427.039265][ T5429] read_page_owner+0x5f1/0x1570 [ 2427.039306][ T5429] ? __pfx_read_page_owner+0x10/0x10 [ 2427.039345][ T5429] ? find_held_lock+0x2b/0x80 [ 2427.039370][ T5429] ? get_pid_task+0xfc/0x250 [ 2427.039399][ T5429] ? __debugfs_file_get+0x1fe/0x840 [ 2427.039422][ T5429] ? __pfx___debugfs_file_get+0x10/0x10 [ 2427.039455][ T5429] full_proxy_read+0x13c/0x200 [ 2427.039477][ T5429] ? __pfx_full_proxy_read+0x10/0x10 [ 2427.039501][ T5429] vfs_read+0x1e4/0xc60 [ 2427.039539][ T5429] ? __pfx_vfs_read+0x10/0x10 [ 2427.039566][ T5429] ? find_held_lock+0x2b/0x80 [ 2427.039590][ T5429] ? __fget_files+0x204/0x3c0 [ 2427.039625][ T5429] ? __fget_files+0x20e/0x3c0 [ 2427.039653][ T5429] ? __fget_files+0x140/0x3c0 [ 2427.039692][ T5429] __x64_sys_pread64+0x1eb/0x250 [ 2427.039727][ T5429] ? __pfx___x64_sys_pread64+0x10/0x10 [ 2427.039779][ T5429] do_syscall_64+0xcd/0x490 [ 2427.039818][ T5429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2427.039843][ T5429] RIP: 0033:0x7fc7eaf8e929 [ 2427.039863][ T5429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2427.039886][ T5429] RSP: 002b:00007fc7ebe11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 2427.039910][ T5429] RAX: ffffffffffffffda RBX: 00007fc7eb1b5fa0 RCX: 00007fc7eaf8e929 [ 2427.039923][ T5429] RDX: 0000020000000001 RSI: 0000000000000000 RDI: 0000000000000004 [ 2427.039938][ T5429] RBP: 00007fc7ebe11090 R08: 0000000000000000 R09: 0000000000000000 [ 2427.039953][ T5429] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 2427.039969][ T5429] R13: 0000000000000000 R14: 00007fc7eb1b5fa0 R15: 00007ffc6449fa38 [ 2427.040001][ T5429] [ 2427.722549][ T5441] Invalid ELF header magic: != ELF [ 2429.619240][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2433.871856][ T5517] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6725'. [ 2433.892827][ T5517] FAULT_INJECTION: forcing a failure. [ 2433.892827][ T5517] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2433.906227][ T5517] CPU: 0 UID: 0 PID: 5517 Comm: syz.2.6725 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2433.906271][ T5517] Tainted: [U]=USER [ 2433.906280][ T5517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2433.906294][ T5517] Call Trace: [ 2433.906303][ T5517] [ 2433.906313][ T5517] dump_stack_lvl+0x16c/0x1f0 [ 2433.906353][ T5517] should_fail_ex+0x512/0x640 [ 2433.906392][ T5517] _copy_from_user+0x2e/0xd0 [ 2433.906429][ T5517] copy_msghdr_from_user+0x98/0x160 [ 2433.906465][ T5517] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2433.906508][ T5517] ? __lock_acquire+0x622/0x1c90 [ 2433.906545][ T5517] ___sys_recvmsg+0xdb/0x1a0 [ 2433.906580][ T5517] ? __pfx____sys_recvmsg+0x10/0x10 [ 2433.906619][ T5517] ? find_held_lock+0x2b/0x80 [ 2433.906664][ T5517] do_recvmmsg+0x2fe/0x750 [ 2433.906704][ T5517] ? __pfx_do_recvmmsg+0x10/0x10 [ 2433.906746][ T5517] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 2433.906792][ T5517] ? __fget_files+0x20e/0x3c0 [ 2433.906832][ T5517] __x64_sys_recvmmsg+0x22a/0x280 [ 2433.906869][ T5517] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 2433.906916][ T5517] do_syscall_64+0xcd/0x490 [ 2433.906953][ T5517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2433.906979][ T5517] RIP: 0033:0x7fdf81b8e929 [ 2433.906999][ T5517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2433.907020][ T5517] RSP: 002b:00007fdf82a12038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2433.907043][ T5517] RAX: ffffffffffffffda RBX: 00007fdf81db6080 RCX: 00007fdf81b8e929 [ 2433.907059][ T5517] RDX: 000000000000016d RSI: 0000200000000100 RDI: 0000000000000006 [ 2433.907089][ T5517] RBP: 00007fdf82a12090 R08: 0000000000000000 R09: 0000000000000000 [ 2433.907104][ T5517] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 2433.907118][ T5517] R13: 0000000000000000 R14: 00007fdf81db6080 R15: 00007ffeaabbb258 [ 2433.907151][ T5517] [ 2437.089399][ T5563] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6733'. [ 2437.184521][ T5565] netlink: 266 bytes leftover after parsing attributes in process `syz.0.6736'. [ 2437.288295][ T5565] IPv6: NLM_F_CREATE should be specified when creating new route [ 2439.765003][ T5589] FAULT_INJECTION: forcing a failure. [ 2439.765003][ T5589] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2439.804352][ T5589] CPU: 0 UID: 0 PID: 5589 Comm: syz.3.6741 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2439.804377][ T5589] Tainted: [U]=USER [ 2439.804382][ T5589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2439.804390][ T5589] Call Trace: [ 2439.804396][ T5589] [ 2439.804402][ T5589] dump_stack_lvl+0x16c/0x1f0 [ 2439.804429][ T5589] should_fail_ex+0x512/0x640 [ 2439.804452][ T5589] get_futex_key+0xf36/0x1540 [ 2439.804471][ T5589] ? __pfx_get_futex_key+0x10/0x10 [ 2439.804487][ T5589] ? do_user_addr_fault+0x829/0x1370 [ 2439.804511][ T5589] futex_wake+0xea/0x530 [ 2439.804532][ T5589] ? __pfx_futex_wake+0x10/0x10 [ 2439.804550][ T5589] ? __lock_acquire+0xb8a/0x1c90 [ 2439.804576][ T5589] do_futex+0x1e3/0x350 [ 2439.804592][ T5589] ? __pfx_do_futex+0x10/0x10 [ 2439.804607][ T5589] ? __might_fault+0xe3/0x190 [ 2439.804634][ T5589] mm_release+0x24e/0x300 [ 2439.804650][ T5589] do_exit+0x68b/0x2bd0 [ 2439.804672][ T5589] ? __pfx_do_exit+0x10/0x10 [ 2439.804690][ T5589] ? do_raw_spin_lock+0x12c/0x2b0 [ 2439.804709][ T5589] ? find_held_lock+0x2b/0x80 [ 2439.804726][ T5589] do_group_exit+0xd3/0x2a0 [ 2439.804745][ T5589] get_signal+0x2673/0x26d0 [ 2439.804767][ T5589] ? __pfx_get_signal+0x10/0x10 [ 2439.804782][ T5589] ? do_futex+0x122/0x350 [ 2439.804798][ T5589] ? __pfx_do_futex+0x10/0x10 [ 2439.804816][ T5589] arch_do_signal_or_restart+0x8f/0x790 [ 2439.804833][ T5589] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2439.804853][ T5589] ? xfd_validate_state+0x61/0x180 [ 2439.804876][ T5589] ? __pfx___x64_sys_poll+0x10/0x10 [ 2439.804899][ T5589] exit_to_user_mode_loop+0x84/0x110 [ 2439.804921][ T5589] do_syscall_64+0x3f6/0x490 [ 2439.804944][ T5589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2439.804958][ T5589] RIP: 0033:0x7f4d4c98e929 [ 2439.804970][ T5589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2439.804984][ T5589] RSP: 002b:00007f4d4d85b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2439.804997][ T5589] RAX: fffffffffffffe00 RBX: 00007f4d4cbb6168 RCX: 00007f4d4c98e929 [ 2439.805007][ T5589] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4d4cbb6168 [ 2439.805016][ T5589] RBP: 00007f4d4cbb6160 R08: 0000000000000000 R09: 0000000000000000 [ 2439.805024][ T5589] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4d4cbb616c [ 2439.805033][ T5589] R13: 0000000000000000 R14: 00007ffe841e9150 R15: 00007ffe841e9238 [ 2439.805050][ T5589] [ 2449.389966][ T5733] Invalid ELF header magic: != ELF [ 2450.650390][ T5727] FAULT_INJECTION: forcing a failure. [ 2450.650390][ T5727] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2450.667267][ T5727] CPU: 0 UID: 0 PID: 5727 Comm: syz.1.6771 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2450.667298][ T5727] Tainted: [U]=USER [ 2450.667303][ T5727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2450.667312][ T5727] Call Trace: [ 2450.667317][ T5727] [ 2450.667323][ T5727] dump_stack_lvl+0x16c/0x1f0 [ 2450.667350][ T5727] should_fail_ex+0x512/0x640 [ 2450.667373][ T5727] should_fail_alloc_page+0xe7/0x130 [ 2450.667389][ T5727] prepare_alloc_pages+0x3c2/0x610 [ 2450.667406][ T5727] ? kasan_save_stack+0x42/0x60 [ 2450.667425][ T5727] ? kasan_save_stack+0x33/0x60 [ 2450.667446][ T5727] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2450.667466][ T5727] ? swapin_readahead+0x13a/0xd60 [ 2450.667484][ T5727] ? __handle_mm_fault+0x162f/0x5490 [ 2450.667502][ T5727] ? handle_mm_fault+0x589/0xd10 [ 2450.667517][ T5727] ? do_user_addr_fault+0x7a6/0x1370 [ 2450.667535][ T5727] ? exc_page_fault+0x5c/0xb0 [ 2450.667554][ T5727] ? asm_exc_page_fault+0x26/0x30 [ 2450.667567][ T5727] ? __get_user_8+0x14/0x30 [ 2450.667582][ T5727] ? exit_robust_list+0x62/0x280 [ 2450.667601][ T5727] ? __lock_acquire+0x622/0x1c90 [ 2450.667621][ T5727] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2450.667649][ T5727] ? hid_magn_3d_probe+0xf51/0x10e0 [ 2450.667664][ T5727] ? filemap_get_entry+0x1a7/0x3b0 [ 2450.667679][ T5727] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2450.667701][ T5727] ? policy_nodemask+0xea/0x4e0 [ 2450.667725][ T5727] alloc_pages_mpol+0x1fb/0x550 [ 2450.667739][ T5727] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 2450.667752][ T5727] ? _raw_spin_unlock+0x28/0x50 [ 2450.667770][ T5727] ? swap_entry_swapped+0x122/0x190 [ 2450.667791][ T5727] ? __pfx_swap_entry_swapped+0x10/0x10 [ 2450.667815][ T5727] folio_alloc_mpol_noprof+0x36/0x2f0 [ 2450.667831][ T5727] __read_swap_cache_async+0x3b6/0x5a0 [ 2450.667853][ T5727] ? __pfx___read_swap_cache_async+0x10/0x10 [ 2450.667879][ T5727] ? swp_swap_info+0xb0/0x130 [ 2450.667892][ T5727] ? __pfx_swp_swap_info+0x10/0x10 [ 2450.667909][ T5727] swap_cluster_readahead+0x3eb/0x710 [ 2450.667932][ T5727] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 2450.667963][ T5727] ? get_vma_policy+0x242/0x3c0 [ 2450.667978][ T5727] swapin_readahead+0x13a/0xd60 [ 2450.668002][ T5727] ? __pfx_swapin_readahead+0x10/0x10 [ 2450.668019][ T5727] ? __filemap_get_folio+0x32b/0xc30 [ 2450.668036][ T5727] ? swap_cache_get_folio+0x1df/0x450 [ 2450.668055][ T5727] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 2450.668072][ T5727] ? __pfx_get_swap_device+0x10/0x10 [ 2450.668093][ T5727] ? do_swap_page+0x125/0x65c0 [ 2450.668111][ T5727] do_swap_page+0x635/0x65c0 [ 2450.668211][ T5727] ? __lock_acquire+0x622/0x1c90 [ 2450.668235][ T5727] ? find_held_lock+0x2b/0x80 [ 2450.668250][ T5727] ? is_bpf_text_address+0x8a/0x1a0 [ 2450.668270][ T5727] ? __pfx_do_swap_page+0x10/0x10 [ 2450.668288][ T5727] ? __pfx_default_wake_function+0x10/0x10 [ 2450.668306][ T5727] ? rcu_is_watching+0x12/0xc0 [ 2450.668320][ T5727] ? ___pte_offset_map+0x1d5/0x570 [ 2450.668338][ T5727] __handle_mm_fault+0x162f/0x5490 [ 2450.668361][ T5727] ? __pfx___handle_mm_fault+0x10/0x10 [ 2450.668378][ T5727] ? __pfx_mt_find+0x10/0x10 [ 2450.668403][ T5727] ? find_vma+0xbf/0x140 [ 2450.668417][ T5727] ? __pfx_find_vma+0x10/0x10 [ 2450.668432][ T5727] handle_mm_fault+0x589/0xd10 [ 2450.668451][ T5727] ? __pkru_allows_pkey+0x41/0xb0 [ 2450.668471][ T5727] do_user_addr_fault+0x7a6/0x1370 [ 2450.668492][ T5727] ? rcu_is_watching+0x12/0xc0 [ 2450.668508][ T5727] exc_page_fault+0x5c/0xb0 [ 2450.668528][ T5727] asm_exc_page_fault+0x26/0x30 [ 2450.668541][ T5727] RIP: 0010:__get_user_8+0x14/0x30 [ 2450.668564][ T5727] Code: ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <48> 8b 10 31 c0 0f 01 ca e9 3f 09 04 00 66 66 2e 0f 1f 84 00 00 00 [ 2450.668577][ T5727] RSP: 0018:ffffc900038d7b38 EFLAGS: 00050287 [ 2450.668589][ T5727] RAX: 00007fd7e3d539a0 RBX: ffff888026125a00 RCX: ffffc900038d7adc [ 2450.668599][ T5727] RDX: 00007ffffffff000 RSI: ffffffff81ae31ea RDI: ffffffff8c156760 [ 2450.668608][ T5727] RBP: ffff888026126e28 R08: 188f92bdfbf10a9e R09: 0000000000000000 [ 2450.668617][ T5727] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888026126d70 [ 2450.668626][ T5727] R13: ffff888026126d98 R14: ffff88802ee00940 R15: 00007fd7e3d539a0 [ 2450.668642][ T5727] ? exit_robust_list+0x5a/0x280 [ 2450.668660][ T5727] exit_robust_list+0x62/0x280 [ 2450.668674][ T5727] ? mark_held_locks+0x49/0x80 [ 2450.668691][ T5727] ? _raw_spin_unlock_irq+0x23/0x50 [ 2450.668711][ T5727] futex_exit_release+0x187/0x220 [ 2450.668729][ T5727] exit_mm_release+0x19/0x30 [ 2450.668746][ T5727] do_exit+0x68b/0x2bd0 [ 2450.668768][ T5727] ? __pfx_do_exit+0x10/0x10 [ 2450.668786][ T5727] ? do_raw_spin_lock+0x12c/0x2b0 [ 2450.668805][ T5727] ? find_held_lock+0x2b/0x80 [ 2450.668835][ T5727] do_group_exit+0xd3/0x2a0 [ 2450.668885][ T5727] get_signal+0x2673/0x26d0 [ 2450.668922][ T5727] ? __pfx_get_signal+0x10/0x10 [ 2450.668946][ T5727] ? do_futex+0x122/0x350 [ 2450.668975][ T5727] ? __pfx_do_futex+0x10/0x10 [ 2450.669005][ T5727] arch_do_signal_or_restart+0x8f/0x790 [ 2450.669034][ T5727] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2450.669074][ T5727] ? __x64_sys_poll+0x123/0x450 [ 2450.669103][ T5727] ? __pfx___x64_sys_poll+0x10/0x10 [ 2450.669138][ T5727] exit_to_user_mode_loop+0x84/0x110 [ 2450.669173][ T5727] do_syscall_64+0x3f6/0x490 [ 2450.669210][ T5727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2450.669235][ T5727] RIP: 0033:0x7fd7e2f8e929 [ 2450.669256][ T5727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2450.669279][ T5727] RSP: 002b:00007fd7e3d530e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2450.669303][ T5727] RAX: fffffffffffffe00 RBX: 00007fd7e31b5fa8 RCX: 00007fd7e2f8e929 [ 2450.669319][ T5727] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd7e31b5fa8 [ 2450.669334][ T5727] RBP: 00007fd7e31b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 2450.669350][ T5727] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd7e31b5fac [ 2450.669365][ T5727] R13: 0000000000000000 R14: 00007ffd0c601490 R15: 00007ffd0c601578 [ 2450.669401][ T5727] [ 2452.385384][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2457.137607][ T5838] Invalid ELF header magic: != ELF [ 2458.397978][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2458.923997][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2460.274632][ T5882] bond0: no command found in slaves file - use +ifname or -ifname [ 2461.067027][ T5893] Invalid ELF header magic: != ELF [ 2461.216969][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2462.078267][ T5913] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6814'. [ 2462.303957][ T5914] : Can't lookup blockdev [ 2462.627577][ T5918] Invalid ELF header magic: != ELF [ 2465.413539][ T5962] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6826'. [ 2465.858379][ T5967] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 2466.170806][ T5975] Invalid ELF header magic: != ELF [ 2467.304949][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2467.305013][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2468.144017][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2469.058541][ T6015] Invalid ELF header magic: != ELF [ 2469.106051][ T6017] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 2472.534197][ T6042] kexec: Could not allocate control_code_buffer [ 2474.003360][ T6120] i2c i2c-0: delete_device: Can't find device in list [ 2475.941644][ T30] audit: type=1800 audit(4294973318.135:34): pid=6153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6863" name="dbroot" dev="configfs" ino=122694 res=0 errno=0 [ 2477.395261][ T6182] synth uevent: /devices/virtual/tty/tty51: unknown uevent action string [ 2477.435604][ T6182] tty tty51: uevent: failed to send synthetic uevent: -22 [ 2477.459150][ T6182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6871'. [ 2478.154102][ T6196] Invalid ELF header magic: != ELF [ 2479.687187][ T6211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6877'. [ 2480.314826][ T6222] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 2480.354394][ T6222] CIFS mount error: No usable UNC path provided in device string! [ 2480.354394][ T6222] [ 2480.406976][ T6222] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 2481.124512][ T6235] Invalid ELF header magic: != ELF [ 2481.872532][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2482.109780][ T6246] Invalid ELF header magic: != ELF [ 2483.754281][ T6271] FAULT_INJECTION: forcing a failure. [ 2483.754281][ T6271] name failslab, interval 1, probability 0, space 0, times 0 [ 2483.773338][ T6271] CPU: 0 UID: 0 PID: 6271 Comm: syz.1.6890 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2483.773379][ T6271] Tainted: [U]=USER [ 2483.773389][ T6271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2483.773402][ T6271] Call Trace: [ 2483.773411][ T6271] [ 2483.773421][ T6271] dump_stack_lvl+0x16c/0x1f0 [ 2483.773462][ T6271] should_fail_ex+0x512/0x640 [ 2483.773498][ T6271] ? __kmalloc_noprof+0xbf/0x510 [ 2483.773536][ T6271] ? sk_prot_alloc+0x1a8/0x2a0 [ 2483.773559][ T6271] should_failslab+0xc2/0x120 [ 2483.773580][ T6271] __kmalloc_noprof+0xd2/0x510 [ 2483.773622][ T6271] sk_prot_alloc+0x1a8/0x2a0 [ 2483.773651][ T6271] sk_alloc+0x36/0xc20 [ 2483.773688][ T6271] __netlink_create+0x5e/0x2c0 [ 2483.773723][ T6271] ? __wake_up+0x3f/0x60 [ 2483.773754][ T6271] netlink_create+0x39e/0x620 [ 2483.773792][ T6271] ? __pfx_genl_bind+0x10/0x10 [ 2483.773827][ T6271] ? __pfx_genl_unbind+0x10/0x10 [ 2483.773852][ T6271] ? __pfx_genl_release+0x10/0x10 [ 2483.773885][ T6271] __sock_create+0x338/0x8d0 [ 2483.773922][ T6271] __sys_socket+0x14d/0x260 [ 2483.773950][ T6271] ? __pfx___sys_socket+0x10/0x10 [ 2483.773980][ T6271] ? xfd_validate_state+0x61/0x180 [ 2483.774021][ T6271] __x64_sys_socket+0x72/0xb0 [ 2483.774047][ T6271] ? lockdep_hardirqs_on+0x7c/0x110 [ 2483.774080][ T6271] do_syscall_64+0xcd/0x490 [ 2483.774116][ T6271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2483.774140][ T6271] RIP: 0033:0x7fd7e2f8e929 [ 2483.774161][ T6271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2483.774185][ T6271] RSP: 002b:00007fd7e3d32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2483.774217][ T6271] RAX: ffffffffffffffda RBX: 00007fd7e31b6080 RCX: 00007fd7e2f8e929 [ 2483.774234][ T6271] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 2483.774249][ T6271] RBP: 00007fd7e3010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2483.774264][ T6271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2483.774278][ T6271] R13: 0000000000000000 R14: 00007fd7e31b6080 R15: 00007ffd0c601578 [ 2483.774310][ T6271] [ 2485.974441][ T6298] FAULT_INJECTION: forcing a failure. [ 2485.974441][ T6298] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2485.987771][ T6298] CPU: 0 UID: 0 PID: 6298 Comm: syz.3.6896 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2485.987809][ T6298] Tainted: [U]=USER [ 2485.987818][ T6298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2485.987832][ T6298] Call Trace: [ 2485.987841][ T6298] [ 2485.987851][ T6298] dump_stack_lvl+0x16c/0x1f0 [ 2485.987891][ T6298] should_fail_ex+0x512/0x640 [ 2485.987930][ T6298] _copy_from_user+0x2e/0xd0 [ 2485.987967][ T6298] snd_pcm_oss_write2+0x1c2/0x410 [ 2485.987998][ T6298] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 2485.988024][ T6298] ? snd_pcm_kernel_ioctl+0x267/0x2e0 [ 2485.988066][ T6298] snd_pcm_oss_write+0x711/0xa10 [ 2485.988096][ T6298] ? security_file_permission+0x71/0x210 [ 2485.988132][ T6298] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 2485.988159][ T6298] vfs_write+0x29d/0x1150 [ 2485.988201][ T6298] ? __pfx_vfs_write+0x10/0x10 [ 2485.988230][ T6298] ? find_held_lock+0x2b/0x80 [ 2485.988255][ T6298] ? __fget_files+0x204/0x3c0 [ 2485.988302][ T6298] ? __fget_files+0x20e/0x3c0 [ 2485.988345][ T6298] ksys_write+0x12a/0x250 [ 2485.988377][ T6298] ? __pfx_ksys_write+0x10/0x10 [ 2485.988420][ T6298] do_syscall_64+0xcd/0x490 [ 2485.988457][ T6298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2485.988482][ T6298] RIP: 0033:0x7f4d4c98e929 [ 2485.988502][ T6298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2485.988525][ T6298] RSP: 002b:00007f4d4d85b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2485.988549][ T6298] RAX: ffffffffffffffda RBX: 00007f4d4cbb6160 RCX: 00007f4d4c98e929 [ 2485.988569][ T6298] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 2485.988584][ T6298] RBP: 00007f4d4d85b090 R08: 0000000000000000 R09: 0000000000000000 [ 2485.988599][ T6298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2485.988615][ T6298] R13: 0000000000000000 R14: 00007f4d4cbb6160 R15: 00007ffe841e9238 [ 2485.988650][ T6298] [ 2486.587685][ T6304] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 2487.515484][ T6318] synth uevent: /devices/virtual/tty/tty51: unknown uevent action string [ 2487.626407][ T6318] tty tty51: uevent: failed to send synthetic uevent: -22 [ 2487.660283][ T6319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6900'. [ 2488.724024][ T6335] Invalid ELF header magic: != ELF [ 2488.997997][ T6338] Invalid ELF header magic: != ELF [ 2489.146416][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2489.472485][ T6355] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 2489.587815][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6906'. [ 2491.758850][ T6388] Invalid ELF header magic: != ELF [ 2491.849289][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2491.998457][ T6386] CIFS mount error: No usable UNC path provided in device string! [ 2491.998457][ T6386] [ 2492.017123][ T6386] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 2492.414574][ T6403] Invalid ELF header magic: != ELF [ 2495.036096][ T6433] Invalid ELF header magic: != ELF [ 2495.191051][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2495.721154][ T6450] sysfs_service_op_show: Client not running :-5: [ 2499.775063][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2502.887541][ T30] audit: type=1804 audit(4294973345.099:35): pid=6551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.6959" name="/newroot/sys/kernel/tracing/set_event_notrace_pid" dev="tracefs" ino=1063 res=1 errno=0 [ 2502.937630][ T30] audit: type=1804 audit(4294973345.149:36): pid=6553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.6960" name="/newroot/sys/kernel/debug/tracing/set_event_notrace_pid" dev="tracefs" ino=1063 res=1 errno=0 [ 2503.043456][ T5839] Bluetooth: hci3: unexpected event 0x1d length: 10 > 5 [ 2503.123498][ T30] audit: type=1804 audit(4294973345.339:37): pid=6556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.6961" name="/newroot/sys/kernel/tracing/set_event_notrace_pid" dev="tracefs" ino=1063 res=1 errno=0 [ 2503.254660][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2505.674027][ T6586] FAULT_INJECTION: forcing a failure. [ 2505.674027][ T6586] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2505.695218][ T6586] CPU: 0 UID: 0 PID: 6586 Comm: syz.2.6967 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2505.695258][ T6586] Tainted: [U]=USER [ 2505.695266][ T6586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2505.695280][ T6586] Call Trace: [ 2505.695289][ T6586] [ 2505.695299][ T6586] dump_stack_lvl+0x16c/0x1f0 [ 2505.695348][ T6586] should_fail_ex+0x512/0x640 [ 2505.695386][ T6586] _copy_to_user+0x32/0xd0 [ 2505.695424][ T6586] simple_read_from_buffer+0xcb/0x170 [ 2505.695457][ T6586] proc_fail_nth_read+0x197/0x270 [ 2505.695486][ T6586] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2505.695517][ T6586] ? rw_verify_area+0xcf/0x680 [ 2505.695545][ T6586] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2505.695573][ T6586] vfs_read+0x1e4/0xc60 [ 2505.695609][ T6586] ? __pfx___mutex_lock+0x10/0x10 [ 2505.695644][ T6586] ? __pfx_vfs_read+0x10/0x10 [ 2505.695686][ T6586] ? __fget_files+0x20e/0x3c0 [ 2505.695715][ T6586] ? cap_safe_nice+0xb0/0x450 [ 2505.695749][ T6586] ksys_read+0x12a/0x250 [ 2505.695780][ T6586] ? __pfx_ksys_read+0x10/0x10 [ 2505.695822][ T6586] do_syscall_64+0xcd/0x490 [ 2505.695859][ T6586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2505.695884][ T6586] RIP: 0033:0x7fdf81b8d33c [ 2505.695905][ T6586] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2505.695928][ T6586] RSP: 002b:00007fdf82a33030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2505.695952][ T6586] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8d33c [ 2505.695969][ T6586] RDX: 000000000000000f RSI: 00007fdf82a330a0 RDI: 0000000000000003 [ 2505.695985][ T6586] RBP: 00007fdf82a33090 R08: 0000000000000000 R09: 0000000000000000 [ 2505.696000][ T6586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2505.696014][ T6586] R13: 0000000000000001 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2505.696049][ T6586] [ 2506.874856][ T6607] Invalid ELF header magic: != ELF [ 2507.076442][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2510.211881][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2517.027185][ T30] audit: type=1800 audit(4294973359.226:38): pid=6746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.7006" name="discovery_nqn" dev="configfs" ino=123415 res=0 errno=0 [ 2519.170580][ T30] audit: type=1804 audit(4294973361.386:39): pid=6772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.7013" name="/newroot/sys/kernel/tracing/set_event_notrace_pid" dev="tracefs" ino=1063 res=1 errno=0 [ 2519.287348][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2521.254921][ T30] audit: type=1800 audit(4294973363.466:40): pid=6789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7016" name="discovery_nqn" dev="configfs" ino=123475 res=0 errno=0 [ 2527.827611][ T6856] ubi0: attaching mtd0 [ 2527.864228][ T6856] ubi0: scanning is finished [ 2527.902902][ T6856] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2528.001598][ T6856] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2528.720150][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2528.735458][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2528.969818][ T6877] Invalid ELF header magic: != ELF [ 2529.788828][ T5839] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 2530.124549][ T6897] Invalid ELF header magic: != ELF [ 2531.245458][ T6921] Invalid ELF header magic: != ELF [ 2531.339708][ T6925] FAULT_INJECTION: forcing a failure. [ 2531.339708][ T6925] name failslab, interval 1, probability 0, space 0, times 0 [ 2531.363072][ T6925] CPU: 0 UID: 0 PID: 6925 Comm: syz.1.7049 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2531.363111][ T6925] Tainted: [U]=USER [ 2531.363120][ T6925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2531.363134][ T6925] Call Trace: [ 2531.363142][ T6925] [ 2531.363152][ T6925] dump_stack_lvl+0x16c/0x1f0 [ 2531.363193][ T6925] should_fail_ex+0x512/0x640 [ 2531.363224][ T6925] ? __kmalloc_noprof+0xbf/0x510 [ 2531.363261][ T6925] ? iovec_from_user+0x108/0x140 [ 2531.363306][ T6925] should_failslab+0xc2/0x120 [ 2531.363330][ T6925] __kmalloc_noprof+0xd2/0x510 [ 2531.363364][ T6925] ? look_up_lock_class+0x59/0x150 [ 2531.363408][ T6925] iovec_from_user+0x108/0x140 [ 2531.363449][ T6925] __import_iovec+0x88/0x650 [ 2531.363483][ T6925] ? __lock_acquire+0xb8a/0x1c90 [ 2531.363523][ T6925] import_iovec+0x86/0xb0 [ 2531.363563][ T6925] vfs_writev+0x19b/0xde0 [ 2531.363594][ T6925] ? __pfx___mutex_trylock_common+0x10/0x10 [ 2531.363636][ T6925] ? __pfx_vfs_writev+0x10/0x10 [ 2531.363667][ T6925] ? __mutex_lock+0x1ca/0xb90 [ 2531.363711][ T6925] ? __pfx___mutex_lock+0x10/0x10 [ 2531.363761][ T6925] ? __fget_files+0x20e/0x3c0 [ 2531.363791][ T6925] ? __fget_files+0x140/0x3c0 [ 2531.363831][ T6925] ? do_writev+0x132/0x340 [ 2531.363859][ T6925] do_writev+0x132/0x340 [ 2531.363890][ T6925] ? __pfx_do_writev+0x10/0x10 [ 2531.363933][ T6925] do_syscall_64+0xcd/0x490 [ 2531.363972][ T6925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2531.363997][ T6925] RIP: 0033:0x7fd7e2f8e929 [ 2531.364018][ T6925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2531.364041][ T6925] RSP: 002b:00007fd7e3d53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 2531.364065][ T6925] RAX: ffffffffffffffda RBX: 00007fd7e31b5fa0 RCX: 00007fd7e2f8e929 [ 2531.364082][ T6925] RDX: 0000000000000009 RSI: 0000200000000000 RDI: 0000000000000003 [ 2531.364097][ T6925] RBP: 00007fd7e3d53090 R08: 0000000000000000 R09: 0000000000000000 [ 2531.364113][ T6925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2531.364127][ T6925] R13: 0000000000000000 R14: 00007fd7e31b5fa0 R15: 00007ffd0c601578 [ 2531.364163][ T6925] [ 2532.064062][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2534.408479][ T6955] Invalid ELF header magic: != ELF [ 2535.744471][ T6971] Invalid ELF header magic: != ELF [ 2535.769533][ T6974] FAULT_INJECTION: forcing a failure. [ 2535.769533][ T6974] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2535.784394][ T6974] CPU: 0 UID: 0 PID: 6974 Comm: syz.3.7059 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2535.784431][ T6974] Tainted: [U]=USER [ 2535.784439][ T6974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2535.784453][ T6974] Call Trace: [ 2535.784461][ T6974] [ 2535.784471][ T6974] dump_stack_lvl+0x16c/0x1f0 [ 2535.784512][ T6974] should_fail_ex+0x512/0x640 [ 2535.784550][ T6974] _copy_from_user+0x2e/0xd0 [ 2535.784588][ T6974] core_sys_select+0x2c8/0xc10 [ 2535.784628][ T6974] ? __pfx_core_sys_select+0x10/0x10 [ 2535.784695][ T6974] ? read_tsc+0x9/0x20 [ 2535.784718][ T6974] ? ktime_get_ts64+0x256/0x400 [ 2535.784756][ T6974] kern_select+0x15d/0x1e0 [ 2535.784788][ T6974] ? __pfx_kern_select+0x10/0x10 [ 2535.784823][ T6974] ? __pfx_ksys_write+0x10/0x10 [ 2535.784874][ T6974] __x64_sys_select+0xbd/0x160 [ 2535.784904][ T6974] ? do_syscall_64+0x91/0x490 [ 2535.784939][ T6974] ? lockdep_hardirqs_on+0x7c/0x110 [ 2535.784972][ T6974] do_syscall_64+0xcd/0x490 [ 2535.785017][ T6974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2535.785045][ T6974] RIP: 0033:0x7f4d4c98e929 [ 2535.785065][ T6974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2535.785088][ T6974] RSP: 002b:00007f4d4d85b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 2535.785111][ T6974] RAX: ffffffffffffffda RBX: 00007f4d4cbb6160 RCX: 00007f4d4c98e929 [ 2535.785128][ T6974] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000009 [ 2535.785143][ T6974] RBP: 00007f4d4d85b090 R08: 0000200000000280 R09: 0000000000000000 [ 2535.785159][ T6974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2535.785173][ T6974] R13: 0000000000000000 R14: 00007f4d4cbb6160 R15: 00007ffe841e9238 [ 2535.785206][ T6974] [ 2535.966350][ C0] vkms_vblank_simulate: vblank timer overrun [ 2537.199155][ T6999] ubi0: attaching mtd0 [ 2537.203589][ T6999] ubi0: scanning is finished [ 2537.213024][ T6999] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2537.480762][ T6999] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2537.798510][ T7008] Invalid ELF header magic: != ELF [ 2538.001595][ T7012] Invalid ELF header magic: != ELF [ 2539.647512][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2541.242510][ T7068] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7083'. [ 2541.392365][ T7068] bond0: (slave bond_slave_0): Releasing backup interface [ 2541.822482][ T5839] Bluetooth: hci1: unexpected event 0x1d length: 10 > 5 [ 2542.041375][ T7082] netlink: 206 bytes leftover after parsing attributes in process `syz.1.7088'. [ 2544.146003][ T7104] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7095'. [ 2544.266191][ T7104] bond0: (slave bond_slave_0): Releasing backup interface [ 2547.835197][ T30] audit: type=1804 audit(4294973390.046:41): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.7107" name="/newroot/sys/kernel/tracing/set_event_notrace_pid" dev="tracefs" ino=1063 res=1 errno=0 [ 2548.050277][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2548.324178][ T7165] FAULT_INJECTION: forcing a failure. [ 2548.324178][ T7165] name failslab, interval 1, probability 0, space 0, times 0 [ 2548.374811][ T7165] CPU: 1 UID: 0 PID: 7165 Comm: syz.0.7108 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2548.374854][ T7165] Tainted: [U]=USER [ 2548.374863][ T7165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2548.374877][ T7165] Call Trace: [ 2548.374886][ T7165] [ 2548.374897][ T7165] dump_stack_lvl+0x16c/0x1f0 [ 2548.374942][ T7165] should_fail_ex+0x512/0x640 [ 2548.374978][ T7165] ? __kvmalloc_node_noprof+0x124/0x620 [ 2548.375018][ T7165] should_failslab+0xc2/0x120 [ 2548.375043][ T7165] __kvmalloc_node_noprof+0x137/0x620 [ 2548.375079][ T7165] ? __pfx___mutex_lock+0x10/0x10 [ 2548.375116][ T7165] ? nf_hook_entries_grow+0x22b/0x860 [ 2548.375152][ T7165] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2548.375192][ T7165] ? nf_hook_entries_grow+0x22b/0x860 [ 2548.375236][ T7165] nf_hook_entries_grow+0x22b/0x860 [ 2548.375286][ T7165] __nf_register_net_hook+0x1cd/0x730 [ 2548.375330][ T7165] nf_register_net_hook+0x109/0x160 [ 2548.375372][ T7165] nf_register_net_hooks+0x5d/0xd0 [ 2548.375411][ T7165] ? __pfx_apparmor_nf_register+0x10/0x10 [ 2548.375448][ T7165] ops_init+0x1df/0x5f0 [ 2548.375476][ T7165] setup_net+0x1ff/0x510 [ 2548.375499][ T7165] ? lockdep_init_map_type+0x5c/0x280 [ 2548.375535][ T7165] ? __pfx_setup_net+0x10/0x10 [ 2548.375562][ T7165] ? debug_mutex_init+0x37/0x70 [ 2548.375590][ T7165] copy_net_ns+0x2a6/0x5f0 [ 2548.375621][ T7165] create_new_namespaces+0x3ea/0xa90 [ 2548.375656][ T7165] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2548.375685][ T7165] ksys_unshare+0x45b/0xa40 [ 2548.375718][ T7165] ? __pfx_ksys_unshare+0x10/0x10 [ 2548.375752][ T7165] ? xfd_validate_state+0x61/0x180 [ 2548.375794][ T7165] __x64_sys_unshare+0x31/0x40 [ 2548.375823][ T7165] do_syscall_64+0xcd/0x490 [ 2548.375864][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2548.375889][ T7165] RIP: 0033:0x7fc7eaf8e929 [ 2548.375909][ T7165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2548.375935][ T7165] RSP: 002b:00007fc7ebe11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2548.375960][ T7165] RAX: ffffffffffffffda RBX: 00007fc7eb1b5fa0 RCX: 00007fc7eaf8e929 [ 2548.375977][ T7165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2548.375992][ T7165] RBP: 00007fc7eb010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2548.376007][ T7165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2548.376023][ T7165] R13: 0000000000000000 R14: 00007fc7eb1b5fa0 R15: 00007ffc6449fa38 [ 2548.376057][ T7165] [ 2549.090704][ T7173] netlink: 9 bytes leftover after parsing attributes in process `syz.1.7110'. [ 2549.246149][ T5839] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2550.596870][ T7193] Invalid ELF header magic: != ELF [ 2552.044047][ T7208] Invalid ELF header magic: != ELF [ 2557.608395][ T7290] Invalid ELF header magic: != ELF [ 2559.049825][ T7312] FAULT_INJECTION: forcing a failure. [ 2559.049825][ T7312] name failslab, interval 1, probability 0, space 0, times 0 [ 2559.078333][ T7312] CPU: 1 UID: 0 PID: 7312 Comm: syz.1.7137 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2559.078377][ T7312] Tainted: [U]=USER [ 2559.078386][ T7312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2559.078402][ T7312] Call Trace: [ 2559.078411][ T7312] [ 2559.078422][ T7312] dump_stack_lvl+0x16c/0x1f0 [ 2559.078467][ T7312] should_fail_ex+0x512/0x640 [ 2559.078491][ T7312] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 2559.078519][ T7312] should_failslab+0xc2/0x120 [ 2559.078532][ T7312] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 2559.078555][ T7312] ? __pfx_proc_create_data+0x10/0x10 [ 2559.078570][ T7312] ? cache_create_net+0x2b/0x220 [ 2559.078595][ T7312] kmemdup_noprof+0x29/0x60 [ 2559.078616][ T7312] cache_create_net+0x2b/0x220 [ 2559.078638][ T7312] nfsd_idmap_init+0x11f/0x250 [ 2559.078657][ T7312] ? __pfx_nfsd_net_init+0x10/0x10 [ 2559.078672][ T7312] nfsd_net_init+0x69/0x3d0 [ 2559.078687][ T7312] ? __pfx_nfsd_net_init+0x10/0x10 [ 2559.078701][ T7312] ops_init+0x1df/0x5f0 [ 2559.078725][ T7312] setup_net+0x1ff/0x510 [ 2559.078738][ T7312] ? lockdep_init_map_type+0x5c/0x280 [ 2559.078758][ T7312] ? __pfx_setup_net+0x10/0x10 [ 2559.078773][ T7312] ? debug_mutex_init+0x37/0x70 [ 2559.078789][ T7312] copy_net_ns+0x2a6/0x5f0 [ 2559.078807][ T7312] create_new_namespaces+0x3ea/0xa90 [ 2559.078827][ T7312] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2559.078843][ T7312] ksys_unshare+0x45b/0xa40 [ 2559.078862][ T7312] ? __pfx_ksys_unshare+0x10/0x10 [ 2559.078881][ T7312] ? xfd_validate_state+0x61/0x180 [ 2559.078904][ T7312] __x64_sys_unshare+0x31/0x40 [ 2559.078922][ T7312] do_syscall_64+0xcd/0x490 [ 2559.078948][ T7312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2559.078963][ T7312] RIP: 0033:0x7fd7e2f8e929 [ 2559.078975][ T7312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2559.078990][ T7312] RSP: 002b:00007fd7e3d53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2559.079004][ T7312] RAX: ffffffffffffffda RBX: 00007fd7e31b5fa0 RCX: 00007fd7e2f8e929 [ 2559.079014][ T7312] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2559.079022][ T7312] RBP: 00007fd7e3010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2559.079031][ T7312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2559.079040][ T7312] R13: 0000000000000000 R14: 00007fd7e31b5fa0 R15: 00007ffd0c601578 [ 2559.079059][ T7312] [ 2559.441058][ T7314] Invalid ELF header magic: != ELF [ 2561.333851][ T7345] FAULT_INJECTION: forcing a failure. [ 2561.333851][ T7345] name failslab, interval 1, probability 0, space 0, times 0 [ 2561.355445][ T7345] CPU: 1 UID: 0 PID: 7345 Comm: syz.2.7152 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2561.355487][ T7345] Tainted: [U]=USER [ 2561.355497][ T7345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2561.355508][ T7345] Call Trace: [ 2561.355514][ T7345] [ 2561.355520][ T7345] dump_stack_lvl+0x16c/0x1f0 [ 2561.355547][ T7345] should_fail_ex+0x512/0x640 [ 2561.355568][ T7345] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2561.355592][ T7345] should_failslab+0xc2/0x120 [ 2561.355606][ T7345] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2561.355625][ T7345] ? __proc_create+0xc3/0x8c0 [ 2561.355648][ T7345] ? __proc_create+0x2ce/0x8c0 [ 2561.355671][ T7345] __proc_create+0x2ce/0x8c0 [ 2561.355692][ T7345] ? __pfx___proc_create+0x10/0x10 [ 2561.355716][ T7345] ? _raw_write_unlock+0x28/0x50 [ 2561.355735][ T7345] ? proc_register+0x314/0x5f0 [ 2561.355758][ T7345] proc_create_reg+0x7d/0x180 [ 2561.355773][ T7345] proc_create_data+0x86/0x110 [ 2561.355786][ T7345] ? __pfx_proc_create_data+0x10/0x10 [ 2561.355801][ T7345] ? cache_register_net+0x137/0x5e0 [ 2561.355820][ T7345] cache_register_net+0x2d6/0x5e0 [ 2561.355836][ T7345] nfsd_idmap_init+0x16e/0x250 [ 2561.355855][ T7345] ? __pfx_nfsd_net_init+0x10/0x10 [ 2561.355869][ T7345] nfsd_net_init+0x69/0x3d0 [ 2561.355884][ T7345] ? __pfx_nfsd_net_init+0x10/0x10 [ 2561.355899][ T7345] ops_init+0x1df/0x5f0 [ 2561.355915][ T7345] setup_net+0x1ff/0x510 [ 2561.355927][ T7345] ? lockdep_init_map_type+0x5c/0x280 [ 2561.355946][ T7345] ? __pfx_setup_net+0x10/0x10 [ 2561.355960][ T7345] ? debug_mutex_init+0x37/0x70 [ 2561.355976][ T7345] copy_net_ns+0x2a6/0x5f0 [ 2561.355994][ T7345] create_new_namespaces+0x3ea/0xa90 [ 2561.356014][ T7345] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2561.356031][ T7345] ksys_unshare+0x45b/0xa40 [ 2561.356049][ T7345] ? __pfx_ksys_unshare+0x10/0x10 [ 2561.356068][ T7345] ? xfd_validate_state+0x61/0x180 [ 2561.356097][ T7345] __x64_sys_unshare+0x31/0x40 [ 2561.356116][ T7345] do_syscall_64+0xcd/0x490 [ 2561.356140][ T7345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2561.356155][ T7345] RIP: 0033:0x7fdf81b8e929 [ 2561.356167][ T7345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2561.356181][ T7345] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2561.356196][ T7345] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2561.356206][ T7345] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2561.356214][ T7345] RBP: 00007fdf81c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2561.356223][ T7345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2561.356231][ T7345] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2561.356251][ T7345] [ 2565.638697][ T7401] Invalid ELF header magic: != ELF [ 2566.325411][ T7413] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 2, inode_bitmap = 139 [ 2566.473457][ T7413] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum [ 2567.008966][ T7421] FAULT_INJECTION: forcing a failure. [ 2567.008966][ T7421] name failslab, interval 1, probability 0, space 0, times 0 [ 2567.078514][ T7421] CPU: 0 UID: 0 PID: 7421 Comm: syz.2.7161 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2567.078559][ T7421] Tainted: [U]=USER [ 2567.078569][ T7421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2567.078585][ T7421] Call Trace: [ 2567.078594][ T7421] [ 2567.078605][ T7421] dump_stack_lvl+0x16c/0x1f0 [ 2567.078650][ T7421] should_fail_ex+0x512/0x640 [ 2567.078686][ T7421] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2567.078729][ T7421] should_failslab+0xc2/0x120 [ 2567.078756][ T7421] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2567.078792][ T7421] ? __proc_create+0xc3/0x8c0 [ 2567.078829][ T7421] ? __proc_create+0x2ce/0x8c0 [ 2567.078872][ T7421] __proc_create+0x2ce/0x8c0 [ 2567.078912][ T7421] ? __pfx___proc_create+0x10/0x10 [ 2567.078956][ T7421] ? _raw_write_unlock+0x28/0x50 [ 2567.078992][ T7421] ? proc_register+0x314/0x5f0 [ 2567.079035][ T7421] proc_create_reg+0x7d/0x180 [ 2567.079064][ T7421] proc_create_data+0x86/0x110 [ 2567.079097][ T7421] ? __pfx_proc_create_data+0x10/0x10 [ 2567.079125][ T7421] ? cache_register_net+0x137/0x5e0 [ 2567.079161][ T7421] cache_register_net+0x2d6/0x5e0 [ 2567.079192][ T7421] nfsd_idmap_init+0xb6/0x250 [ 2567.079227][ T7421] ? __pfx_nfsd_net_init+0x10/0x10 [ 2567.079255][ T7421] nfsd_net_init+0x69/0x3d0 [ 2567.079281][ T7421] ? __pfx_nfsd_net_init+0x10/0x10 [ 2567.079307][ T7421] ops_init+0x1df/0x5f0 [ 2567.079334][ T7421] setup_net+0x1ff/0x510 [ 2567.079358][ T7421] ? lockdep_init_map_type+0x5c/0x280 [ 2567.079394][ T7421] ? __pfx_setup_net+0x10/0x10 [ 2567.079422][ T7421] ? debug_mutex_init+0x37/0x70 [ 2567.079453][ T7421] copy_net_ns+0x2a6/0x5f0 [ 2567.079485][ T7421] create_new_namespaces+0x3ea/0xa90 [ 2567.079523][ T7421] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2567.079559][ T7421] ksys_unshare+0x45b/0xa40 [ 2567.079594][ T7421] ? __pfx_ksys_unshare+0x10/0x10 [ 2567.079643][ T7421] __x64_sys_unshare+0x31/0x40 [ 2567.079677][ T7421] do_syscall_64+0xcd/0x490 [ 2567.079719][ T7421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2567.079745][ T7421] RIP: 0033:0x7fdf81b8e929 [ 2567.079768][ T7421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2567.079794][ T7421] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2567.079821][ T7421] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2567.079839][ T7421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2567.079856][ T7421] RBP: 00007fdf81c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2567.079872][ T7421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2567.079889][ T7421] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2567.079926][ T7421] [ 2567.641756][T16912] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2567.652276][T16912] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2567.663735][T16912] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2567.674542][T16912] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2567.685608][T16912] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2568.092878][ T7424] chnl_net:caif_netlink_parms(): no params data found [ 2568.348658][ T7424] bridge0: port 1(bridge_slave_0) entered blocking state [ 2568.348825][ T7424] bridge0: port 1(bridge_slave_0) entered disabled state [ 2568.348968][ T7424] bridge_slave_0: entered allmulticast mode [ 2568.359276][ T7424] bridge_slave_0: entered promiscuous mode [ 2568.362563][ T7424] bridge0: port 2(bridge_slave_1) entered blocking state [ 2568.362722][ T7424] bridge0: port 2(bridge_slave_1) entered disabled state [ 2568.362868][ T7424] bridge_slave_1: entered allmulticast mode [ 2568.364632][ T7424] bridge_slave_1: entered promiscuous mode [ 2568.492249][ T7424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2568.494356][ T7424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2568.539964][ T7424] team0: Port device team_slave_0 added [ 2568.541823][ T7424] team0: Port device team_slave_1 added [ 2568.615002][ T7424] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2568.639007][ T7424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2568.639057][ T7424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2568.641098][ T7424] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2568.641114][ T7424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2568.641153][ T7424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2568.888907][ T7424] hsr_slave_0: entered promiscuous mode [ 2568.889927][ T7424] hsr_slave_1: entered promiscuous mode [ 2568.910778][ T7424] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2568.910845][ T7424] Cannot create hsr debugfs directory [ 2569.432500][ T7424] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2569.546333][ T7424] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2569.722142][ T7424] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2569.745527][T16912] Bluetooth: hci1: command tx timeout [ 2569.937290][ T7424] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2570.407460][ T7424] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2570.432443][ T7424] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2570.462367][ T7424] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2570.508090][ T7424] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2570.688612][T16912] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2570.784100][ T7424] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2570.816554][ T7424] 8021q: adding VLAN 0 to HW filter on device team0 [ 2570.854020][ T1427] bridge0: port 1(bridge_slave_0) entered blocking state [ 2570.861172][ T1427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2570.907414][ T1435] bridge0: port 2(bridge_slave_1) entered blocking state [ 2570.914558][ T1435] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2571.522327][ T7424] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2571.724254][ T7424] veth0_vlan: entered promiscuous mode [ 2571.826126][T16912] Bluetooth: hci1: command tx timeout [ 2571.837103][ T7424] veth1_vlan: entered promiscuous mode [ 2571.892822][ T7424] veth0_macvtap: entered promiscuous mode [ 2571.918473][ T7424] veth1_macvtap: entered promiscuous mode [ 2571.939095][ T7424] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2571.972037][ T7424] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2571.988764][ T7424] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2572.011315][ T7424] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2572.028809][ T7424] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2572.054898][ T7424] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2572.422806][ T1427] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2572.446436][ T1435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2572.454296][ T1435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2572.455391][ T1427] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2572.723106][ T7496] Invalid ELF header magic: != ELF [ 2573.772667][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2573.794604][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2573.803969][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2573.814824][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2573.824858][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2573.906405][T16912] Bluetooth: hci1: command tx timeout [ 2574.364863][ T7508] chnl_net:caif_netlink_parms(): no params data found [ 2574.689300][ T7508] bridge0: port 1(bridge_slave_0) entered blocking state [ 2574.689371][ T7508] bridge0: port 1(bridge_slave_0) entered disabled state [ 2574.689586][ T7508] bridge_slave_0: entered allmulticast mode [ 2574.690566][ T7508] bridge_slave_0: entered promiscuous mode [ 2574.697301][ T7508] bridge0: port 2(bridge_slave_1) entered blocking state [ 2574.697444][ T7508] bridge0: port 2(bridge_slave_1) entered disabled state [ 2574.697533][ T7508] bridge_slave_1: entered allmulticast mode [ 2574.707930][ T7508] bridge_slave_1: entered promiscuous mode [ 2574.869215][ T7508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2574.909407][ T7508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2575.057273][ T7508] team0: Port device team_slave_0 added [ 2575.080249][ T7508] team0: Port device team_slave_1 added [ 2575.214395][ T7508] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2575.235423][ T7508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2575.292557][ T7508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2575.315729][ T7508] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2575.322692][ T7508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2575.385779][ T7508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2575.510110][ T7508] hsr_slave_0: entered promiscuous mode [ 2575.520454][ T7508] hsr_slave_1: entered promiscuous mode [ 2575.536319][ T7508] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2575.556990][ T7508] Cannot create hsr debugfs directory [ 2575.909343][T16912] Bluetooth: hci4: command tx timeout [ 2575.967420][ T7508] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2575.990093][T16912] Bluetooth: hci1: command tx timeout [ 2576.057768][ T7508] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2576.198827][ T7508] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2576.412414][ T7508] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2576.700820][ T7508] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2576.749442][ T7508] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2576.772452][ T7508] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2576.801552][ T7508] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2577.019679][ T7508] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2577.068006][ T7508] 8021q: adding VLAN 0 to HW filter on device team0 [ 2577.094553][T30298] bridge0: port 1(bridge_slave_0) entered blocking state [ 2577.101730][T30298] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2577.201955][ T1432] bridge0: port 2(bridge_slave_1) entered blocking state [ 2577.209169][ T1432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2577.944517][ T7508] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2577.996120][T16912] Bluetooth: hci4: command tx timeout [ 2578.157571][ T7508] veth0_vlan: entered promiscuous mode [ 2578.179975][ T7508] veth1_vlan: entered promiscuous mode [ 2578.315043][ T7508] veth0_macvtap: entered promiscuous mode [ 2578.319951][ T7508] veth1_macvtap: entered promiscuous mode [ 2578.356613][ T7508] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2578.359836][ T7508] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2578.362354][ T7508] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2578.362381][ T7508] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2578.362401][ T7508] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2578.362502][ T7508] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2578.692543][T30298] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2578.692568][T30298] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2578.976678][T11766] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2579.003199][T11766] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2580.065728][T16912] Bluetooth: hci4: command tx timeout [ 2581.754200][ T7608] FAULT_INJECTION: forcing a failure. [ 2581.754200][ T7608] name failslab, interval 1, probability 0, space 0, times 0 [ 2581.784834][ T7608] CPU: 1 UID: 0 PID: 7608 Comm: syz.2.7188 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2581.784876][ T7608] Tainted: [U]=USER [ 2581.784892][ T7608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2581.784914][ T7608] Call Trace: [ 2581.784924][ T7608] [ 2581.784938][ T7608] dump_stack_lvl+0x16c/0x1f0 [ 2581.784983][ T7608] should_fail_ex+0x512/0x640 [ 2581.785019][ T7608] ? __kmalloc_noprof+0xbf/0x510 [ 2581.785059][ T7608] ? __register_sysctl_table+0xb3/0x1900 [ 2581.785097][ T7608] should_failslab+0xc2/0x120 [ 2581.785123][ T7608] __kmalloc_noprof+0xd2/0x510 [ 2581.785167][ T7608] __register_sysctl_table+0xb3/0x1900 [ 2581.785207][ T7608] ? is_module_address+0x5f/0xf0 [ 2581.785247][ T7608] ? __pfx___register_sysctl_table+0x10/0x10 [ 2581.785284][ T7608] ? is_module_address+0x69/0xf0 [ 2581.785317][ T7608] ? register_net_sysctl_sz+0x228/0x3e0 [ 2581.785347][ T7608] ? __asan_memcpy+0x3c/0x60 [ 2581.785384][ T7608] vrf_netns_init+0x152/0x1f0 [ 2581.785423][ T7608] ? __pfx_vrf_netns_init+0x10/0x10 [ 2581.785458][ T7608] ops_init+0x1df/0x5f0 [ 2581.785486][ T7608] setup_net+0x1ff/0x510 [ 2581.785508][ T7608] ? lockdep_init_map_type+0x5c/0x280 [ 2581.785543][ T7608] ? __pfx_setup_net+0x10/0x10 [ 2581.785570][ T7608] ? debug_mutex_init+0x37/0x70 [ 2581.785599][ T7608] copy_net_ns+0x2a6/0x5f0 [ 2581.785629][ T7608] create_new_namespaces+0x3ea/0xa90 [ 2581.785664][ T7608] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2581.785695][ T7608] ksys_unshare+0x45b/0xa40 [ 2581.785728][ T7608] ? __pfx_ksys_unshare+0x10/0x10 [ 2581.785762][ T7608] ? xfd_validate_state+0x61/0x180 [ 2581.785805][ T7608] __x64_sys_unshare+0x31/0x40 [ 2581.785836][ T7608] do_syscall_64+0xcd/0x490 [ 2581.785877][ T7608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2581.785912][ T7608] RIP: 0033:0x7fdf81b8e929 [ 2581.785933][ T7608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2581.785959][ T7608] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2581.785983][ T7608] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2581.786001][ T7608] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2581.786017][ T7608] RBP: 00007fdf81c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2581.786033][ T7608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2581.786048][ T7608] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2581.786084][ T7608] [ 2582.145651][T16912] Bluetooth: hci4: command tx timeout [ 2582.418256][ T7617] FAULT_INJECTION: forcing a failure. [ 2582.418256][ T7617] name failslab, interval 1, probability 0, space 0, times 0 [ 2582.431377][ T7617] CPU: 1 UID: 0 PID: 7617 Comm: syz.3.7191 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2582.431418][ T7617] Tainted: [U]=USER [ 2582.431427][ T7617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2582.431443][ T7617] Call Trace: [ 2582.431452][ T7617] [ 2582.431462][ T7617] dump_stack_lvl+0x16c/0x1f0 [ 2582.431506][ T7617] should_fail_ex+0x512/0x640 [ 2582.431540][ T7617] ? __kvmalloc_node_noprof+0x124/0x620 [ 2582.431581][ T7617] should_failslab+0xc2/0x120 [ 2582.431604][ T7617] __kvmalloc_node_noprof+0x137/0x620 [ 2582.431638][ T7617] ? __pfx___mutex_lock+0x10/0x10 [ 2582.431673][ T7617] ? nf_hook_entries_grow+0x22b/0x860 [ 2582.431716][ T7617] ? nf_hook_entries_grow+0x22b/0x860 [ 2582.431750][ T7617] nf_hook_entries_grow+0x22b/0x860 [ 2582.431801][ T7617] __nf_register_net_hook+0x1cd/0x730 [ 2582.431855][ T7617] nf_register_net_hook+0x109/0x160 [ 2582.431897][ T7617] nf_register_net_hooks+0x5d/0xd0 [ 2582.431937][ T7617] ? __pfx_apparmor_nf_register+0x10/0x10 [ 2582.431975][ T7617] ops_init+0x1df/0x5f0 [ 2582.432003][ T7617] setup_net+0x1ff/0x510 [ 2582.432024][ T7617] ? lockdep_init_map_type+0x5c/0x280 [ 2582.432058][ T7617] ? __pfx_setup_net+0x10/0x10 [ 2582.432084][ T7617] ? debug_mutex_init+0x37/0x70 [ 2582.432112][ T7617] copy_net_ns+0x2a6/0x5f0 [ 2582.432142][ T7617] create_new_namespaces+0x3ea/0xa90 [ 2582.432178][ T7617] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2582.432209][ T7617] ksys_unshare+0x45b/0xa40 [ 2582.432242][ T7617] ? __pfx_ksys_unshare+0x10/0x10 [ 2582.432275][ T7617] ? xfd_validate_state+0x61/0x180 [ 2582.432318][ T7617] __x64_sys_unshare+0x31/0x40 [ 2582.432348][ T7617] do_syscall_64+0xcd/0x490 [ 2582.432388][ T7617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2582.432413][ T7617] RIP: 0033:0x7f81bf98e929 [ 2582.432434][ T7617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2582.432460][ T7617] RSP: 002b:00007f81c0723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2582.432485][ T7617] RAX: ffffffffffffffda RBX: 00007f81bfbb5fa0 RCX: 00007f81bf98e929 [ 2582.432504][ T7617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2582.432519][ T7617] RBP: 00007f81bfa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2582.432536][ T7617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2582.432551][ T7617] R13: 0000000000000000 R14: 00007f81bfbb5fa0 R15: 00007ffc67998f78 [ 2582.432586][ T7617] [ 2584.155798][ T30] audit: type=1804 audit(4294973426.366:42): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.7197" name="/newroot/sys/kernel/tracing/set_event_notrace_pid" dev="tracefs" ino=1063 res=1 errno=0 [ 2584.265866][T16912] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5 [ 2584.429054][ T7643] Invalid ELF header magic: != ELF [ 2584.500373][ T7646] FAULT_INJECTION: forcing a failure. [ 2584.500373][ T7646] name failslab, interval 1, probability 0, space 0, times 0 [ 2584.606314][ T7646] CPU: 0 UID: 0 PID: 7646 Comm: syz.0.7199 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2584.606358][ T7646] Tainted: [U]=USER [ 2584.606368][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2584.606384][ T7646] Call Trace: [ 2584.606392][ T7646] [ 2584.606403][ T7646] dump_stack_lvl+0x16c/0x1f0 [ 2584.606447][ T7646] should_fail_ex+0x512/0x640 [ 2584.606483][ T7646] ? __kmalloc_noprof+0xbf/0x510 [ 2584.606523][ T7646] ? ops_init+0x77/0x5f0 [ 2584.606544][ T7646] should_failslab+0xc2/0x120 [ 2584.606569][ T7646] __kmalloc_noprof+0xd2/0x510 [ 2584.606604][ T7646] ? class_create_file_ns+0x4c/0x60 [ 2584.606647][ T7646] ops_init+0x77/0x5f0 [ 2584.606676][ T7646] setup_net+0x1ff/0x510 [ 2584.606699][ T7646] ? lockdep_init_map_type+0x5c/0x280 [ 2584.606736][ T7646] ? __pfx_setup_net+0x10/0x10 [ 2584.606764][ T7646] ? debug_mutex_init+0x37/0x70 [ 2584.606794][ T7646] copy_net_ns+0x2a6/0x5f0 [ 2584.606825][ T7646] create_new_namespaces+0x3ea/0xa90 [ 2584.606862][ T7646] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2584.606894][ T7646] ksys_unshare+0x45b/0xa40 [ 2584.606927][ T7646] ? __pfx_ksys_unshare+0x10/0x10 [ 2584.606961][ T7646] ? xfd_validate_state+0x61/0x180 [ 2584.607005][ T7646] __x64_sys_unshare+0x31/0x40 [ 2584.607036][ T7646] do_syscall_64+0xcd/0x490 [ 2584.607077][ T7646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2584.607103][ T7646] RIP: 0033:0x7fc7eaf8e929 [ 2584.607124][ T7646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2584.607149][ T7646] RSP: 002b:00007fc7ebe11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2584.607173][ T7646] RAX: ffffffffffffffda RBX: 00007fc7eb1b5fa0 RCX: 00007fc7eaf8e929 [ 2584.607191][ T7646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2584.607207][ T7646] RBP: 00007fc7eb010b39 R08: 0000000000000000 R09: 0000000000000000 [ 2584.607224][ T7646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2584.607240][ T7646] R13: 0000000000000000 R14: 00007fc7eb1b5fa0 R15: 00007ffc6449fa38 [ 2584.607276][ T7646] [ 2585.346200][ T7658] FAULT_INJECTION: forcing a failure. [ 2585.346200][ T7658] name failslab, interval 1, probability 0, space 0, times 0 [ 2585.359789][ T7658] CPU: 1 UID: 0 PID: 7658 Comm: syz.2.7201 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2585.359840][ T7658] Tainted: [U]=USER [ 2585.359849][ T7658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2585.359864][ T7658] Call Trace: [ 2585.359874][ T7658] [ 2585.359883][ T7658] dump_stack_lvl+0x16c/0x1f0 [ 2585.359927][ T7658] should_fail_ex+0x512/0x640 [ 2585.359962][ T7658] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2585.360002][ T7658] should_failslab+0xc2/0x120 [ 2585.360027][ T7658] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2585.360063][ T7658] ? __kernfs_new_node+0xd2/0x8e0 [ 2585.360102][ T7658] __kernfs_new_node+0xd2/0x8e0 [ 2585.360140][ T7658] ? __pfx___kernfs_new_node+0x10/0x10 [ 2585.360184][ T7658] ? find_held_lock+0x2b/0x80 [ 2585.360211][ T7658] ? kernfs_root+0xee/0x2a0 [ 2585.360252][ T7658] kernfs_new_node+0x13c/0x1e0 [ 2585.360296][ T7658] __kernfs_create_file+0x53/0x350 [ 2585.360328][ T7658] sysfs_add_file_mode_ns+0x207/0x3c0 [ 2585.360370][ T7658] sysfs_create_file_ns+0x13d/0x1d0 [ 2585.360397][ T7658] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 2585.360427][ T7658] ? class_to_subsys+0x10f/0x160 [ 2585.360457][ T7658] ? do_raw_spin_unlock+0x172/0x230 [ 2585.360498][ T7658] class_create_file_ns+0x3d/0x60 [ 2585.360526][ T7658] bond_create_sysfs+0x13b/0x220 [ 2585.360555][ T7658] bond_net_init+0x178/0x360 [ 2585.360582][ T7658] ? __pfx_bond_net_init+0x10/0x10 [ 2585.360607][ T7658] ops_init+0x1df/0x5f0 [ 2585.360634][ T7658] setup_net+0x1ff/0x510 [ 2585.360653][ T7658] ? lockdep_init_map_type+0x5c/0x280 [ 2585.360682][ T7658] ? __pfx_setup_net+0x10/0x10 [ 2585.360707][ T7658] ? debug_mutex_init+0x37/0x70 [ 2585.360737][ T7658] copy_net_ns+0x2a6/0x5f0 [ 2585.360769][ T7658] create_new_namespaces+0x3ea/0xa90 [ 2585.360807][ T7658] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2585.360850][ T7658] ksys_unshare+0x45b/0xa40 [ 2585.360886][ T7658] ? __pfx_ksys_unshare+0x10/0x10 [ 2585.360922][ T7658] ? xfd_validate_state+0x61/0x180 [ 2585.360967][ T7658] __x64_sys_unshare+0x31/0x40 [ 2585.360999][ T7658] do_syscall_64+0xcd/0x490 [ 2585.361042][ T7658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2585.361068][ T7658] RIP: 0033:0x7fdf81b8e929 [ 2585.361091][ T7658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2585.361117][ T7658] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2585.361143][ T7658] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2585.361162][ T7658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2585.361179][ T7658] RBP: 00007fdf81c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 2585.361196][ T7658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2585.361213][ T7658] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2585.361250][ T7658] [ 2585.689420][ T7660] Invalid ELF header magic: != ELF [ 2586.235856][ T7668] FAULT_INJECTION: forcing a failure. [ 2586.235856][ T7668] name failslab, interval 1, probability 0, space 0, times 0 [ 2586.248638][ T7668] CPU: 0 UID: 0 PID: 7668 Comm: syz.2.7205 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2586.248676][ T7668] Tainted: [U]=USER [ 2586.248685][ T7668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2586.248699][ T7668] Call Trace: [ 2586.248709][ T7668] [ 2586.248719][ T7668] dump_stack_lvl+0x16c/0x1f0 [ 2586.248758][ T7668] should_fail_ex+0x512/0x640 [ 2586.248792][ T7668] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2586.248831][ T7668] should_failslab+0xc2/0x120 [ 2586.248855][ T7668] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2586.248890][ T7668] ? trace_kmalloc+0x2b/0xd0 [ 2586.248913][ T7668] ? seq_open+0x55/0x170 [ 2586.248943][ T7668] seq_open+0x55/0x170 [ 2586.248970][ T7668] __seq_open_private+0x3e/0xd0 [ 2586.248999][ T7668] tracing_open+0x25f/0xf90 [ 2586.249026][ T7668] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 2586.249065][ T7668] do_dentry_open+0x744/0x1c10 [ 2586.249100][ T7668] ? __pfx_tracing_open+0x10/0x10 [ 2586.249134][ T7668] vfs_open+0x82/0x3f0 [ 2586.249165][ T7668] path_openat+0x1de4/0x2cb0 [ 2586.249210][ T7668] ? __pfx_path_openat+0x10/0x10 [ 2586.249246][ T7668] ? __lock_acquire+0xb8a/0x1c90 [ 2586.249282][ T7668] do_filp_open+0x20b/0x470 [ 2586.249316][ T7668] ? __pfx_do_filp_open+0x10/0x10 [ 2586.249377][ T7668] ? alloc_fd+0x471/0x7d0 [ 2586.249418][ T7668] do_sys_openat2+0x11b/0x1d0 [ 2586.249445][ T7668] ? __pfx_do_sys_openat2+0x10/0x10 [ 2586.249476][ T7668] ? __fget_files+0x20e/0x3c0 [ 2586.249522][ T7668] __x64_sys_openat+0x174/0x210 [ 2586.249550][ T7668] ? __pfx___x64_sys_openat+0x10/0x10 [ 2586.249576][ T7668] ? ksys_write+0x1ac/0x250 [ 2586.249622][ T7668] do_syscall_64+0xcd/0x490 [ 2586.249663][ T7668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2586.249688][ T7668] RIP: 0033:0x7fdf81b8e929 [ 2586.249708][ T7668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2586.249731][ T7668] RSP: 002b:00007fdf82a33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2586.249755][ T7668] RAX: ffffffffffffffda RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2586.249772][ T7668] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2586.249789][ T7668] RBP: 00007fdf82a33090 R08: 0000000000000000 R09: 0000000000000000 [ 2586.249804][ T7668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2586.249819][ T7668] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2586.249854][ T7668] [ 2588.292850][ T7696] Invalid ELF header magic: != ELF [ 2589.011759][ T7710] Invalid ELF header magic: != ELF [ 2590.160968][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2590.171567][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2590.640733][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2590.654836][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2590.675858][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2590.690513][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2590.708311][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2591.188110][ T7735] chnl_net:caif_netlink_parms(): no params data found [ 2591.454962][ T7708] ------------[ cut here ]------------ [ 2591.460637][ T7708] ODEBUG: free active (active state 0) object: ffff88803326d318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 2591.532700][ T7735] bridge0: port 1(bridge_slave_0) entered blocking state [ 2591.545659][ T7735] bridge0: port 1(bridge_slave_0) entered disabled state [ 2591.552866][ T7735] bridge_slave_0: entered allmulticast mode [ 2591.559108][ T7708] WARNING: CPU: 1 PID: 7708 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 2591.561546][ T7735] bridge_slave_0: entered promiscuous mode [ 2591.568645][ T7708] Modules linked in: [ 2591.577063][ T7735] bridge0: port 2(bridge_slave_1) entered blocking state [ 2591.578426][ T7708] CPU: 1 UID: 0 PID: 7708 Comm: syz.2.7215 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2591.585649][ T7735] bridge0: port 2(bridge_slave_1) entered disabled state [ 2591.599020][ T7708] Tainted: [U]=USER [ 2591.599032][ T7708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2591.599047][ T7708] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 2591.599076][ T7708] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 40 78 15 8c 4c 89 e6 48 c7 c7 c0 6c 15 8c e8 0f 1e 9c fc 90 <0f> 0b 90 90 58 83 05 d6 da c9 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 2591.599100][ T7708] RSP: 0018:ffffc90003fdf798 EFLAGS: 00010286 [ 2591.654429][ T7708] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1f8 [ 2591.662546][ T7708] RDX: ffff88802cdc1e00 RSI: ffffffff817aa205 RDI: 0000000000000001 [ 2591.666443][ T7735] bridge_slave_1: entered allmulticast mode SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 2591.670615][ T7708] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 2591.684438][ T7708] R10: 0000000000000001 R11: 0000000000080c78 R12: ffffffff8c157360 [ 2591.692487][ T7708] R13: ffffffff8bafe840 R14: ffffffff8a8868d0 R15: ffffc90003fdf898 [ 2591.700754][ T7708] FS: 0000000000000000(0000) GS:ffff88812485f000(0000) knlGS:0000000000000000 [ 2591.710603][ T7708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2591.717270][ T7708] CR2: 0000001b2e708ff8 CR3: 0000000032f4a000 CR4: 00000000003526f0 [ 2591.721416][ T7735] bridge_slave_1: entered promiscuous mode [ 2591.725245][ T7708] Call Trace: [ 2591.737660][ T7708] [ 2591.740621][ T7708] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 2591.746165][ T7708] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2591.752005][ T7708] debug_check_no_obj_freed+0x4b7/0x600 [ 2591.757642][ T7708] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 2591.763739][ T7708] ? rcu_is_watching+0x12/0xc0 [ 2591.768594][ T7708] ? kmem_cache_free+0x2d1/0x4d0 [ 2591.773576][ T7708] kfree+0x28f/0x4d0 [ 2591.777539][ T7708] ? hci_release_dev+0x4d8/0x600 [ 2591.782512][ T7708] hci_release_dev+0x4d8/0x600 [ 2591.787340][ T7708] ? __pfx_hci_release_dev+0x10/0x10 [ 2591.792654][ T7708] ? rcu_is_watching+0x12/0xc0 [ 2591.797506][ T7708] ? kfree+0x24f/0x4d0 [ 2591.801611][ T7708] bt_host_release+0x6a/0xb0 [ 2591.806340][ T7708] ? __pfx_bt_host_release+0x10/0x10 [ 2591.811660][ T7708] device_release+0xa4/0x240 [ 2591.816363][ T7708] kobject_put+0x1e7/0x5a0 [ 2591.820813][ T7708] ? __pfx_vhci_release+0x10/0x10 [ 2591.825949][ T7708] put_device+0x1f/0x30 [ 2591.830140][ T7708] vhci_release+0x81/0xf0 [ 2591.836071][ T7708] __fput+0x402/0xb70 [ 2591.840096][ T7708] task_work_run+0x14d/0x240 [ 2591.844723][ T7708] ? __pfx_task_work_run+0x10/0x10 [ 2591.851184][ T7708] do_exit+0x86c/0x2bd0 [ 2591.855442][ T7708] ? proc_coredump_connector+0x2d1/0x4f0 [ 2591.861107][ T7708] ? __pfx_do_exit+0x10/0x10 [ 2591.865788][ T7708] do_group_exit+0xd3/0x2a0 [ 2591.870328][ T7708] get_signal+0x2673/0x26d0 [ 2591.874869][ T7708] ? force_sig_fault+0xc4/0x100 [ 2591.879817][ T7708] ? __pfx_get_signal+0x10/0x10 [ 2591.884704][ T7708] arch_do_signal_or_restart+0x8f/0x790 [ 2591.890323][ T7708] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 2591.896487][ T7708] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2591.902688][ T7708] irqentry_exit_to_user_mode+0x12a/0x270 [ 2591.908588][ T7708] asm_exc_page_fault+0x26/0x30 [ 2591.913465][ T7708] RIP: 0033:0x7fdf81b8e931 [ 2591.917976][ T7708] Code: Unable to access opcode bytes at 0x7fdf81b8e907. [ 2591.925009][ T7708] RSP: 002b:0000000000000ad5 EFLAGS: 00010217 [ 2591.931141][ T7708] RAX: 0000000000000000 RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2591.940713][ T7708] RDX: 0000000000000000 RSI: 0000000000000ad5 RDI: 0000000000008000 [ 2591.950033][ T7708] RBP: 00007fdf81c10b39 R08: 0000000000020200 R09: 0000000000000000 [ 2591.958087][ T7708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2591.966137][ T7708] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2591.974154][ T7708] [ 2591.977229][ T7708] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 2591.984529][ T7708] CPU: 1 UID: 0 PID: 7708 Comm: syz.2.7215 Tainted: G U 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 2591.998102][ T7708] Tainted: [U]=USER [ 2592.001918][ T7708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2592.011996][ T7708] Call Trace: [ 2592.015293][ T7708] [ 2592.018239][ T7708] dump_stack_lvl+0x3d/0x1f0 [ 2592.022868][ T7708] panic+0x71c/0x800 [ 2592.026792][ T7708] ? __pfx_panic+0x10/0x10 [ 2592.031228][ T7708] ? show_trace_log_lvl+0x29b/0x3e0 [ 2592.036449][ T7708] ? check_panic_on_warn+0x1f/0xb0 [ 2592.041577][ T7708] ? debug_print_object+0x1a2/0x2b0 [ 2592.046783][ T7708] check_panic_on_warn+0xab/0xb0 [ 2592.051732][ T7708] __warn+0xf6/0x3c0 [ 2592.055633][ T7708] ? debug_print_object+0x1a2/0x2b0 [ 2592.060834][ T7708] report_bug+0x3c3/0x580 [ 2592.065170][ T7708] ? debug_print_object+0x1a2/0x2b0 [ 2592.070373][ T7708] handle_bug+0x184/0x210 [ 2592.074703][ T7708] exc_invalid_op+0x17/0x50 [ 2592.079206][ T7708] asm_exc_invalid_op+0x1a/0x20 [ 2592.084055][ T7708] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 2592.089865][ T7708] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 40 78 15 8c 4c 89 e6 48 c7 c7 c0 6c 15 8c e8 0f 1e 9c fc 90 <0f> 0b 90 90 58 83 05 d6 da c9 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 2592.109476][ T7708] RSP: 0018:ffffc90003fdf798 EFLAGS: 00010286 [ 2592.115549][ T7708] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1f8 [ 2592.123517][ T7708] RDX: ffff88802cdc1e00 RSI: ffffffff817aa205 RDI: 0000000000000001 [ 2592.131488][ T7708] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 2592.139462][ T7708] R10: 0000000000000001 R11: 0000000000080c78 R12: ffffffff8c157360 [ 2592.147435][ T7708] R13: ffffffff8bafe840 R14: ffffffff8a8868d0 R15: ffffc90003fdf898 [ 2592.155412][ T7708] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 2592.160883][ T7708] ? __warn_printk+0x198/0x350 [ 2592.165655][ T7708] ? __warn_printk+0x1a5/0x350 [ 2592.170427][ T7708] ? debug_print_object+0x1a1/0x2b0 [ 2592.175628][ T7708] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 2592.181090][ T7708] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2592.186909][ T7708] debug_check_no_obj_freed+0x4b7/0x600 [ 2592.192462][ T7708] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 2592.198530][ T7708] ? rcu_is_watching+0x12/0xc0 [ 2592.203302][ T7708] ? kmem_cache_free+0x2d1/0x4d0 [ 2592.208257][ T7708] kfree+0x28f/0x4d0 [ 2592.212156][ T7708] ? hci_release_dev+0x4d8/0x600 [ 2592.217105][ T7708] hci_release_dev+0x4d8/0x600 [ 2592.221874][ T7708] ? __pfx_hci_release_dev+0x10/0x10 [ 2592.227164][ T7708] ? rcu_is_watching+0x12/0xc0 [ 2592.231923][ T7708] ? kfree+0x24f/0x4d0 [ 2592.236003][ T7708] bt_host_release+0x6a/0xb0 [ 2592.240594][ T7708] ? __pfx_bt_host_release+0x10/0x10 [ 2592.245881][ T7708] device_release+0xa4/0x240 [ 2592.250476][ T7708] kobject_put+0x1e7/0x5a0 [ 2592.254891][ T7708] ? __pfx_vhci_release+0x10/0x10 [ 2592.259920][ T7708] put_device+0x1f/0x30 [ 2592.264076][ T7708] vhci_release+0x81/0xf0 [ 2592.268413][ T7708] __fput+0x402/0xb70 [ 2592.272398][ T7708] task_work_run+0x14d/0x240 [ 2592.276997][ T7708] ? __pfx_task_work_run+0x10/0x10 [ 2592.282123][ T7708] do_exit+0x86c/0x2bd0 [ 2592.286287][ T7708] ? proc_coredump_connector+0x2d1/0x4f0 [ 2592.291920][ T7708] ? __pfx_do_exit+0x10/0x10 [ 2592.296607][ T7708] do_group_exit+0xd3/0x2a0 [ 2592.301131][ T7708] get_signal+0x2673/0x26d0 [ 2592.305640][ T7708] ? force_sig_fault+0xc4/0x100 [ 2592.310492][ T7708] ? __pfx_get_signal+0x10/0x10 [ 2592.315365][ T7708] arch_do_signal_or_restart+0x8f/0x790 [ 2592.320913][ T7708] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 2592.326997][ T7708] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2592.333166][ T7708] irqentry_exit_to_user_mode+0x12a/0x270 [ 2592.338899][ T7708] asm_exc_page_fault+0x26/0x30 [ 2592.343749][ T7708] RIP: 0033:0x7fdf81b8e931 [ 2592.348161][ T7708] Code: Unable to access opcode bytes at 0x7fdf81b8e907. [ 2592.355174][ T7708] RSP: 002b:0000000000000ad5 EFLAGS: 00010217 [ 2592.361240][ T7708] RAX: 0000000000000000 RBX: 00007fdf81db5fa0 RCX: 00007fdf81b8e929 [ 2592.369210][ T7708] RDX: 0000000000000000 RSI: 0000000000000ad5 RDI: 0000000000008000 [ 2592.377176][ T7708] RBP: 00007fdf81c10b39 R08: 0000000000020200 R09: 0000000000000000 [ 2592.385143][ T7708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2592.393111][ T7708] R13: 0000000000000000 R14: 00007fdf81db5fa0 R15: 00007ffeaabbb258 [ 2592.401094][ T7708] [ 2592.404337][ T7708] Kernel Offset: disabled [ 2592.408657][ T7708] Rebooting in 86400 seconds..