last executing test programs: 4.740221604s ago: executing program 2 (id=631): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/dummy0/netdev_group\x00', 0x102, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)='8', 0x1) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/1/spurious\x00', 0x4000, 0x0) 4.620050802s ago: executing program 1 (id=632): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/dummy0/netdev_group\x00', 0x102, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)='8', 0x1) (fail_nth: 1) 4.521761457s ago: executing program 2 (id=633): unshare$auto(0x40000080) (async) futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff) (async) getrandom$auto(&(0x7f0000000140)='/dev/loop-control\x00', 0x3, 0x7f) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)) (async) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) (async) write$auto(0xffffffffffffffff, 0x0, 0x7) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"}) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0x980, 0x0) (async) prctl$auto(0x7ff, 0x9, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0) (async) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x5, 0x15f4da0c, 0xffffffffffffffff, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) ppoll$auto(&(0x7f0000000040)={r0, 0x3, 0x2}, 0x2f9638f3, &(0x7f0000000080)={0x66e2, 0x512d}, &(0x7f0000000100)={0x3ff}, 0x8) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x3]}, 0x0) (async) pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x9, &(0x7f0000000240)={@siginfo_0_0={0x0, 0x3, 0x7f, @_sigsys={&(0x7f0000000340)="78fdbffe19b5408ecbc547ea8c84fa7bf6130112de06544f63a62b5fcac28aa5a8e1b4584d18e4d70164484bf3861389e660bc8f30bf97cde92cb97d9a43ccc706b3d391545da47caa81766143dc93894fc8db129e17d828d367c3f36973daaea99cec64442d6213202ae1f129088af5ee3ceee35adeb13cec33c059d02f632f7d11473ccfb6e72abf7a2bcaaacaa3181e2e3dd20797", 0x5e0000, 0xe}}}, 0x9039) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffc54, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4810}, 0x800) (async) mmap$auto(0x0, 0x8, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x2, 0x2, 0x88) getsockopt$auto(0x3, 0x11, 0xb, 0x0, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/damon_reclaim/parameters/enabled\x00', 0x1eb842, 0x0) write$auto(0x3, 0x0, 0xfdef) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 3.900685373s ago: executing program 3 (id=636): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8200, 0x1, 0x9, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "7829000000000000000200", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1, 0xffffffffffffffff, 0xffffffffffffffff}, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x5, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) r2 = socket(0x10, 0x2, 0x4) getsockopt$auto_SO_PROTOCOL(r1, 0xf6d, 0x26, &(0x7f00000003c0)='NLBL_CIPSOv4\x00', &(0x7f0000000400)=0x4) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x14, 0x0, 0x221, 0x70bd2c, 0x25dfdbeb}, 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x4000080) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mq_unlink$auto(0x0) r3 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="8352b580071674cb49c6f612606f26fbf938bfe21f10b1a81f12b5c8b1bfced55388cf36fe05c3d426263b6b", @ANYRES16=r5, @ANYBLOB="000826bd7000fbdbdf2502000000080001000500000005000300ff000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x8800) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r4, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000426bd7000fddbdf25020000001a00088008008e00", @ANYRES32=r4, @ANYBLOB="000026ee1c9086aa048de2b6174000000800090096090000"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c040) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000280), r4) sendmsg$auto_NLBL_CIPSOV4_C_LIST(r3, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="00032cbd7000fedbdf25030000000b000000f36be2814a394b7a6f5f1528ad18e45d617098a7a90c429eac561ae7a6b9ba32afa72f195e518a54dff5f87e45091a12ff57ad81041b148b794567d2e49b40d175b140f4f2cff33f370d628b4e9001976c0c180550ede174cf3833852409b4b9b54fa309c1a05e07e5a7d2712716c29064caee0c0042569201c8aaef45c2750f1aab984b0a4b0d8b205a55ac3a427b0ace7bc8f80cf5365ba63347210e59ae33231e6f2ba6d7e3fe9f1d228001e95536"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x4004050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setrlimit$auto(0x1000000007, 0x0) socket(0x1d, 0x2, 0x7) sendmsg$auto_NLBL_CIPSOV4_C_LIST(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1010000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000228bd7000fedbdf2503000000080006000700000008002100030000000800010006000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40040b0}, 0x9efbb26452180ab0) 3.747936728s ago: executing program 3 (id=637): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0) openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/kernel/debug/o2hb/failed_regions\x00', 0x200, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}}) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000040)={0xffffffffffffff0c, 0x2, 0x3, @raw=[0x9, 0x8, 0x3ff, 0x0, 0x0, 0x4, 0x4, 0x3, 0x92, 0x10, 0x7ff, 0xd817, 0x5, 0x1, 0x3, 0x1000]}) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000440)={{@inferred, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9", @raw=0x2}, 0x0, @iec958={"15a2efc2d3924d554f9814e38bcc84af07a18f8b739d1f06", "a85427ff70455fde648eff0148d9981bdfad7ad3c7a0149f7ac7b52eafa482a5534c2b189e11b1850033c47bc4d5ef8484223aaf5cdf275c0d485b701bfe944a5b7dd0e922c8311d7c2b5ed8f6ac4a065ba0cc686a2bae512eb2980c9035cb1db1c570a5aa1a6e6a4209658f258fa1d6c61411a5b075f7599e3fc8f6d15b5ef46510a3d0e8e2438971b181b384d3f35c611cec", 0x0, "265fab37"}, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188ba00ab57d5d73b094925aa928ca41e93023ab4510269ed900009a7895fd181a33375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea81f7e333cf1c9da590b3fea1258074885c899d75cd52751f9be959d90fa5c200"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x8c300, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x1a3780, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x572f14dc, 0x80000000, 0x80000000, 0x0, 0x7, 0x6d3e, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x3, 0xd, 0x1, 0x948b, 0x0, 0x15f4da0a, 0x41000000003, 0x9, 0x62, 0x8000001b, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r1) close_range$auto(0x2, 0x8, 0x0) 3.059808865s ago: executing program 2 (id=639): socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f0000000180)=@l2={0x1f, 0x1, @none, 0x8, 0x2}, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1a, 0x800, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x141001, 0x0) prctl$auto(0x3e, 0x7ffffffffffffffe, 0x0, 0x1, 0xfffffffffffffffc) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000240)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\x00\x00\x00\x00.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xf4\xf9\"\b\xef\x1d\xc8\xcf\xc5D\xcc\xe9@\"\xb7hI-\nC\xdc\x01t\xb2\xbe\xe1S\xb9\xef3\x1bz\xafd2\xdb\x021>\xba\xe7C\x9c\xffKG,\xf8\x1d\xd3\xae\xd2=\x8d\x8b\xee\x13\xc1\xe5\x81\xdf\xd8w\xfbD$', 0x100000a3da) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x1f, 0x9}, 0x800009}, 0x3, 0x20000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x6) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendfile$auto(0x1, 0x3, 0x0, 0x0) mbind$auto(0x2000, 0x100000004, 0x5, 0x0, 0xffffffffffffff39, 0xffffffff) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x400, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_mr_cache\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.778907193s ago: executing program 3 (id=640): mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x200400, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/configuration\x00', 0x10b800, 0x0) prctl$auto_PR_MCE_KILL_GET(0x22, 0x8, 0x0, 0xfff, 0x9) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x100, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) socket(0xa, 0x2, 0x3a) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) timerfd_gettime$auto(0xffffffffffffffff, &(0x7f0000000080)={{0xfffffffffffffff7, 0x9}, {0x9, 0x3}}) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x0, 0x2, 0x20000000000000, 0x1, 0x8, 0x300000000000000, 0x80000001, 0x7, 0x4d40, 0x5, 0x2]}, 0x0) 2.693284941s ago: executing program 3 (id=641): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0) openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/kernel/debug/o2hb/failed_regions\x00', 0x200, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}}) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000040)={0xffffffffffffff0c, 0x2, 0x3, @raw=[0x9, 0x8, 0x3ff, 0x0, 0x0, 0x4, 0x4, 0x3, 0x92, 0x10, 0x7ff, 0xd817, 0x5, 0x1, 0x3, 0x1000]}) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC1\x00', 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000440)={{@inferred, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9", @raw=0x2}, 0x0, @iec958={"15a2efc2d3924d554f9814e38bcc84af07a18f8b739d1f06", "a85427ff70455fde648eff0148d9981bdfad7ad3c7a0149f7ac7b52eafa482a5534c2b189e11b1850033c47bc4d5ef8484223aaf5cdf275c0d485b701bfe944a5b7dd0e922c8311d7c2b5ed8f6ac4a065ba0cc686a2bae512eb2980c9035cb1db1c570a5aa1a6e6a4209658f258fa1d6c61411a5b075f7599e3fc8f6d15b5ef46510a3d0e8e2438971b181b384d3f35c611cec", 0x0, "265fab37"}, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188ba00ab57d5d73b094925aa928ca41e93023ab4510269ed900009a7895fd181a33375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea81f7e333cf1c9da590b3fea1258074885c899d75cd52751f9be959d90fa5c200"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x8c300, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x1a3780, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x572f14dc, 0x80000000, 0x80000000, 0x0, 0x7, 0x6d3e, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x3, 0xd, 0x1, 0x948b, 0x0, 0x15f4da0a, 0x41000000003, 0x9, 0x62, 0x8000001b, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) fanotify_mark$auto(0xffffffffffffffff, 0x0, 0xfffffffffff8fbff, 0xffffffffffffffff, 0x0) socket(0x1d, 0x2, 0x6) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r1) close_range$auto(0x2, 0x8, 0x0) 2.547935747s ago: executing program 1 (id=642): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, 0x0, 0x202, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x7, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 2.085535798s ago: executing program 0 (id=644): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgget$auto(0x2, 0x65) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) statmount$auto(0x0, 0x0, 0x400, 0x81) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x88042, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) init_module$auto(0x0, 0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x181, 0x0) mmap$auto(0xffff, 0x400008, 0xdf, 0x109b72, 0x2, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(0x3, 0xffffffff, 0x1e, 0x0, 0x0) socket(0x2, 0x3, 0xa) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/yama/ptrace_scope\x00', 0x88c42, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) sendmsg$auto_NFC_CMD_ENABLE_SE(0xffffffffffffffff, 0x0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_NFC_CMD_ENABLE_SE(0xffffffffffffffff, 0x0, 0x4000) 2.010057317s ago: executing program 0 (id=645): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd5/hctx0/cpu1/read_rq_list\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x100000000000001c, 0x280000000000, 0x63, 0x0, 0x0, 0x0, 0x1002, 0x4, 0x80000008040000a, 0x40000402, 0x7, 0x8, 0xffffffff80000000, 0x800000000000b, 0x6, 0x240000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x4004) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.882209523s ago: executing program 0 (id=646): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x5, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) r1 = socket(0x10, 0x2, 0x4) getsockopt$auto_SO_PROTOCOL(0xffffffffffffffff, 0xf6d, 0x26, &(0x7f00000003c0)='NLBL_CIPSOv4\x00', &(0x7f0000000400)=0x4) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x14, 0x0, 0x221, 0x70bd2c, 0x25dfdbeb}, 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x4000080) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mq_unlink$auto(0x0) r2 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="8352b580071674cb49c6f612606f26fbf938bfe21f10b1a81f12b5c8b1bfced55388cf36fe05c3d426263b6b", @ANYRES16=r4, @ANYBLOB="000826bd7000fbdbdf2502000000080001000500000005000300ff000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x8800) sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000426bd7000fddbdf25020000001a00088008008e00", @ANYRES32=r3, @ANYBLOB="000026ee1c9086aa048de2b6174000000800090096090000"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c040) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000280), r3) sendmsg$auto_NLBL_CIPSOV4_C_LIST(r2, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="00032cbd7000fedbdf25030000000b000000f36be2814a394b7a6f5f1528ad18e45d617098a7a90c429eac561ae7a6b9ba32afa72f195e518a54dff5f87e45091a12ff57ad81041b148b794567d2e49b40d175b140f4f2cff33f370d628b4e9001976c0c180550ede174cf3833852409b4b9b54fa309c1a05e07e5a7d2712716c29064caee0c0042569201c8aaef45c2750f1aab984b0a4b0d8b205a55ac3a427b0ace7bc8f80cf5365ba63347210e59ae33231e6f2ba6d7e3fe9f1d228001e95536"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x4004050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setrlimit$auto(0x1000000007, 0x0) socket(0x1d, 0x2, 0x7) sendmsg$auto_NLBL_CIPSOV4_C_LIST(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1010000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000228bd7000fedbdf2503000000080006000700000008002100030000000800010006000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40040b0}, 0x9efbb26452180ab0) 1.841524698s ago: executing program 2 (id=647): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000300), r0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="2450153eb35fce2364b09c37740d026e02002713a2bed8c900a4e6d51da9a65f5bc9ff4a0d2e0bc7e1623deb0e087f1ffecc0351fa94cffc7cdd5356f0a77fd2fa65477530be734291003c88ea46cb3922beb787ee6b91b6830a68e427f46729b37cea7d2a8dc23b89517c7eaae9988d542b03b1083a380e33e63cbe7c2422c1aaef20acf7142cb484bbe883f5e8bb38d9cc529abfd48de8066f97ec226dfe5a393dcb4fadc3cc4ebad0ec83518d016fc1126eb14f64c94a5cba289fc315f99d63b29d3b0294d76e1c62d0c29c90902c2e5661f3a8b5139051", @ANYRES16=r1, @ANYBLOB="010029bd7000ffdbdf251400000008001100060000000800080005000000"], 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x800) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x81, 0x100000000) rt_sigtimedwait$auto(0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x8) socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0x2, 0x1) memfd_secret$auto(0x0) waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f00000000c0)={@siginfo_0_0={0x1, 0x7fff, 0xfffffffb, @_kill={0x0, 0xee01}}}, 0x7ff, &(0x7f0000000200)={{0xff, 0xa81}, {0xf, 0xa3}, 0x3, 0x7, 0x3, 0x4, 0xe, 0x1ff, 0x0, 0x2, 0x40000000, 0xffffffffffffff85, 0x5, 0x0, 0x1000, 0x2}) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0xfff, 0x5, 0x10, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) socket(0x15, 0x5, 0x0) madvise$auto(0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x11080000}, 0xc, &(0x7f0000000080)={&(0x7f0000000500)={0x1104, 0x0, 0x10, 0x70bd2c, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_KEY={0x10d1, 0x1, 0x0, 0x1, [@generic="5ab08d83bd5aff3c963571cd56f72dacf3fcc0e48b5c18cbbb8b76fa1ecfee791d99409282edb5a773d68e97f96935559079bc522bffe306615ce49fa1afee919c041311789efef11f3702a5112773f5fe6de30caf440de858dff203c1675b24725c516112f92eb0e9545a4fee38a80b8cf27a35966164e004a44b9f8d0fad3d58f054e4265a7de552a3a4acd50812264d10e307f621791c3c9b3ba54280c5f3140a2dc8dc7a483223f426611c73f93e80170f6cceaaac86f36e42ed298019b20c351c1acf5f6e1a10eef7e8d9f95e25313b429e3f11d970b7838d26e3c52735370e7cd14d504739d6e7bbd0c14afccc7df46863af99363946d034b866c69b5eade1c171d57a3ceb79df9531d81467b52b0b4dc5f8ca5d6d3f975d847014d0f6ad97e3950235027726848bc0074cdbb65a7fd62ca18a6dd4a6c4d02267f6e613a9e76a63d2fef9494dd68da213e441eecd25ef5addb2c0bda9a7266e36c7aa7d5de395d874d9f789d2d5097fc5fdf1ada1f1073bf99f4d5ab39b5c9487fc6c8e474b6f9d57570c5300b19b60cb42936826dbe53d9f5f334938ed627939bd0e82be39335106505bb6e78c49fe72903a96df985cbac94c3c5ba1d5438a2b66cfb36620db24656b0d5f232f71d6c4989d7c82cfd2acabfb8dc57c0497acfc6a4b3af5feb4e499612aa6731736dcaa17a9401da45cded06e357b56a848502825d24d83b4e49330fe780c633bfddaccf416f3df245cf60a9e7a8cf8129b655e64936650a3b540b4323a102b0e86a1f29e9ead76780f79bcb7c7a52f7e28111bec410c89294eae74e98027ca13ef54dad652230b07187f1db9820d88d4fb423aa5aa9b9e5ba9acb5dcef57f31a747c6664749e7a1dc820348ca4b21549cf284fb3760f46e1848928af47c130413355febd52fc08049d9a9d3a5d6db0e4503d0fbad3306c3aed5edc9e5153813b9274a0acb20df0a145e2951338b395da8f0b66ceb5adf330f96fb4f8fc26affb2532c3d3715ba5e1557186ca4b12046fcefee671d5f56dd7b3f90628e0e06820b06cb50f90984ad905aa05137d6741aebd785d700abd4b4a6c395918a158707c0a64c3216353659221b23edd856c7ba528275be6a62329fc3e2b5578b88a7bf0fb755ebc8ac4a19242f4528da2f294b834696719d3d5bcf2495dc903f19e8ceb4ee95c18b8be00f18cfe47ab23c6f8ffcc551a76350004cc79edfa59a5fced1e05d456a25bd5a7eb20a177124a2eef519fe491365a21365db3ca563704cb37a109d6752a6ad18f1d0e26149583ee8601649a4ce4d1fbe3736870989684ab443e86632150a8a0565b95cb109d5cfafaa8a9c93b4b2a0ff1857ababc8c9c0b889f5a5408587c569ffa6cf30f0152b0c20c90ac2f2f62b9a7157fadc9921d4bc3a0cf994079dafcd1531553583a7218cdcb99ea2ac4924ed17d2a0bfb61c965f38bad30099806ea56a80536859573422eb30736ca93d5ca7340b7861e4c3ca89bec7cedbff96229f2fba8e926e33d348f129df8dfaaf67fc35577dc557c331609ca94df81105af07a18d119cbfe7f4847d43b760e2f653b73e485bcfdc0b78602f5d9984a3169152460c3848b74e69e0e88836438e908ab795c2cd5d3b123753c75f291822fe3d09945d66f821edc34495fb325c2b637f4faddcb830f94bd4e0175563e719e07dc03fcf3852a1aa40c804080c109ccec47fcff084aa8fff54f146f24102db0eaa42dbaa6ae47603fb25558c7a9087f67c338238494a256c383f1f5628e6a822b6bbd45af1ce72600ce2f14dddf5413aa4636bfb1f2f1aa8ef3535f3f3a97ddd282f01760bf1e34145f40829714ffbe45f91b4f17b92e82bb233e53e6ca0a3bef7babc8b23d50695f411769ea625f95efd001a5f4af1207c3a6553f7f52076f424158c8007defd3e475c5c743f24f8bcea53be6522a316c57efc45238ff987282cbcd9496c39a822c322c2a1d357ef1549211628c19fd44ff618e09fee120c2aeaa3ebb507e6375a3b72e71df5aab5604a0c3e2a29f7274bc681f9848103d7b7537e687db132e335bb54dcecb70b4a69e0ca97de9eddfd016912a8514d66364a294331ca07f5cf32ee4a0b454b64688d12002e084fce54b2c76535e2f3cd47350f6e04649982a26444984568fae733b7e0fde25b548b26cd2440cb678ff30fcb400a2cb8ac28f4da4889cfd297b86c1ecc3076ad21c4cbb409dfe9ad69f6d7b15e4f4874326bb81327e2fce0016f96cf496902a757bd06eb523e1e7032adc3991c02317f84de9841f9071ef2aa91699be14be83d4fbdeb939d70172f84d8a5675244d401dd7c0a5ae85a3cb8803926d3cf50c851bb510d72ac81ea818dd2ee11b478dba4cb2fc3a798e732b01de8c17427100b598a6fb978cad82c250616b05467eb894fc6e9ef1bc033d5a0f573fa3b6e91b6c44d8d3e6b95dab276616a21dbcc26d6c017561c66e251aaee94dc06c0f1bf05ff274307f696b5a9346d6e52a596b66d94f071bc17f75d50684f2f30b674bd4abca592ce77446beda94004c7b18820bd1abdf63577952848d7781cb1c43b0ffab1532c2849db9f8c10d572b70661a7dad18197d8c6d95f5c643df1ed43e4e08781be57d7e042473915d6a9825d7b1db40465da2d03de537bfc6573e8780c87fd509eaf7787873f0b129c186e81caf2b1e42f32ff318795a9887f70ccf4f917464f94b597cc8edd88996923e81e8e8bebec36c1e6f184231090b77721db11cec81695eb9bfe1cecef27e094ece589b3a00338779df0d5174c6b4a0ed39ab81650abf2edaf5e080557559a8c9c16f847db22fde5a0018e588c85ce507f7b0ce25f986feb96027fd2f19900a106f164dd741dd55ead43797dc3aeef12de9ca1c4d0979c27bd72a9e0e1e16c16d68434ed2afbff88c889dc1148a4b48a7eb87c1fff5bf8bb07ae9a3d89963dae56eb176cda02a7225f0693e6d4c7754dffd9169fa02aafe65a902c1f4250218526fcb1e955210450cc1c7897a023fd0a61635b6d79188f9c974154a9bb0bff753f2872393099799389b011471192cb08273ac2319fe3b8faf709017133038f47221b44318b88bb5cd8cfaf8bbd99f90fe33187812343a93dbd492fa2a3533e8b004ded534e5ce53e3d94f53bef89c94a30ce3171e0ffb1241b2b60ec46d133ef6635ef9c282e27fd3897a834cde78eb1506b77b0a996740b585c8378ea0a68bc6223e3d8871ac823933ee9b2931f71c2252e1160370e7d8ec7681b9592d9c59f7746883b14a7717b437db67f91e75566524515fba168893de46e648e87ba0ee6663aef42e016a20511e9f0352c2e62447f58aa1d6bf145bf18e5bc4d2b3235c7e3968f8424a0ac5c0e41fd8c87817f524baba9fca5fab3d2d800886640f028c4cbf9841888371eb5142c799d713318a1497a387cea93c591ed555f9d57e705820e98d2ad13217b81b1c0586dd571057c9b16fbdbb339d0833d1b16d89184438b5d6e5f4b95991dc6319b9cab9f18c726f30cc5daa3dcfc6cb5c4d4004e7b9237dbfbb0f3561032b055a2c10a74b641f0e45f4d35ebbce3cfb9c76530de270b76dfeee763acd0686afcdc8fa409a1818a9783f2bbff2d065411a02bd8da73a45eb7bed1c1637f760b7f9c7f67f0ecd8993a2f6ce8e7078520c95b831dd52c63f18d4a9cf11eaf5e393f72c6e114560a8e51632d3eeb4ff2481781bcf1ce2cdf6945d4361e2b315fe2f292538ffc1a550464856b601bb0c859dea832ef6de3a855e67088d4f8a5738c5ca421d11b058aa77d3809836470e21653ae6a0333aee17f9c50e7028f81b614a8714c3454cd35055b252882c7b307c621edef9abe07062c695cf040fcc79aacafb5b2b6fc9e9eb4eeb8cbc8541535b517863557a78e8e064f753606742d70762cc70be5930983c962ae3d50d71f0b29c95713f41df40d640c3890c8be9719cc8f694322cad726fea867701aa7460e15a42c8f32f7482c81d874d73108e45b43f916dc0b52a3cde51ce920c2b124938136e088b63924dc3ecf29bb85170f04bdc8718040f563edb45cf4fb369792aaa695c2ebb0fb7d027cb2454ba459a3639586f13440014feef49757347d1ca8c0275b0e27f659b1a9cc4aecc070079d2c0bc78527c4c6c359fa9b0c6c2a3d81d367eac132b99b29ebe0d25c8af99a167603f053d3962195f350c8366e4303c540df0a64ce67668a95189beaa94d23740f06182f6a672c3d6941c81359a64bb09a72ad281bf3b725535aae72c1440f62da49e19123a68ac03fc78077f210aa49cf5ddb7c5463dca89b9262454b40724290ccea11c4f9752360a87b080454029f1a46e79631e4a70e52845d07a305a3c51c4fa140c81e4bce6f2f8eae5f8b1df5411108cd172a86f4db99d0dddc76d2e3e4f923f7fafd7c7b25c09e0c5f97420adece853db26e7800eacda33468a806f00d97831576f5527d07a9f0a4f13ad150078535a2da1ec3b59e96a36918a7ec92a44fc3ca7628e3324ae3fba7c5a7879ccdf5574aa2fcf12ac4d745280d8ac99bbb12daa1a2570f95a84d540f9b66398c6e8d85bd45a1b3010f4924fe54997453b843616de4ba71cb8ef9ae075ac50dfbcdddbe5b0ed84ac4834fb250e8524bbf3cf716cf0936f931ccd092b7f635b4e1793de85b9457556c3fcc28678a71a2606e67cf17a0b93101bdf6b78ac812f38a18c2aac9bc82f07b4fc9f57b59011bad3bb9fc9a5d3e7345b3414d18dff71ae98a23c5d6986facd9d4bea4c4a4d3a88e7b6dd814b2ba240ace4e380e3ea385ee0dae5047fc18f189ef21f93ec51e2e5bc76e27c8508d35aeff8325135f0ffe0515b1b402487e4d8f0ed01ed7e5fa1f2ca3f09c11ae2cc2819abb8fc43bd9dc8023eb204c80af5dbf710a1da72cdcb68c4a8676e79ba850deef21dc405e952d643240d5c652adc412125a829fb3e519ad11e58eca0d56f1a1f59690696b6132448b034199644e6c2b87d9d66e8752523a079562d62fd5ab94cf2e5c1e7b25d41f1717b849789450e522af3d1da1804c3af57981cbe1c5fd48bd080296ba8e46f33f68dc8d8f1733c62a59d160d7fb87029030f21520e8b059bd17ed4f2194b1b61fe8e2188e0453d69061b40e6cdf69f5237bb4f98d233feca1553696e55f1d77ec56ea3c789f62cf9d2083835ea0f626aaf7c01531613c52226a3a0d82d7bd4892aef459bd079b98235c9ac818f2d50a44c6f28c20944cbcbe9d7e7e6303ff603daccdb33c25219e2b7b895c4b0ecdc17957e32b4a0d1a73700f067d4e7ed7855adfb4395603a94bac826634e865952b0bc5665cbbb52adbbc030f73da85451132578858e8c10c8048a90fb9115803e6844eddc7c24770a71f7371ac060eef202f6ee005d31100707c045659a944b19f31f1c96aa08839f92276aec883eb1cbac87b36d77da4c6fc81e1f657203ee20f36a0d6c14800d2c2bfc8512c25d5f744e04e9bf0fd7bad43a97f68c5917d53eead26b7fb4f874620b72319ba3421c0d3231bc75950d28f6fb8c9ccb11897bf7befbb6e9af5b9a120b654bb5b96523b1ef955c18c9831ec8c2c17d5930e9e74e9029f395198204d5ed970656acf33ec5f3e1aad9afbdd6e116b535223420b927ace15b1807d602fefdc6389c7ffd0ecdb7fc99fdf343b8709a5793ddb8b7ccaaee3729804b69ba2a8cec195b544d66aaaeccfd7becb093429bbcaeaf57df9a1e911de793685ab52a73bc87d3b92edd837d1b49b6e671006e1a12d2aae88bc9b39a6a6567bbe33ffef924844b4eec", @typed={0x8, 0x6a, 0x0, 0x0, @pid=r3}, @generic="7b583572d54cb5feb7af265488ba99409570737c05484d1f4b7c765ec06edb09d7ed23a29290fcae3042abe2bba0f76a1ea47725f837ec1b8522a1fd03fcd105fe6d868f60797d33fded140709da963ef86c0a338c56d4de7dc551c5223d5f56999bea819d0bf71df5bf84317b5e2b72a494e096d59ef85df81b55bb7397e12c514b84a50bf418fb4dfe56b819386f0b79a791d6041e6096adfac8f677f9c71f87d3d1a83f1b4b9466", @typed={0x8, 0x124, 0x0, 0x0, @pid=r3}, @typed={0x8, 0xad, 0x0, 0x0, @fd}, @nested={0xc, 0x7d, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x7}]}]}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_CLEAR={0x4}]}, 0x1104}, 0x1, 0x0, 0x0, 0x20040881}, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) mmap$auto(0x0, 0x40009, 0xe2, 0x13, 0x7, 0x3) sysfs$auto(0x2, 0x4d, 0x0) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) flock$auto(0x6, 0x1) io_uring_setup$auto(0x6, 0x0) 1.764128804s ago: executing program 3 (id=648): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r1 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x400, 0x0) read$auto(r1, 0x0, 0x9) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) (fail_nth: 1) 1.238834843s ago: executing program 1 (id=649): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x400, 0x0) read$auto(r1, 0x0, 0x9) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) mmap$auto(0x0, 0x7, 0x1000000004, 0x9b72, 0x2, 0x9) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) 1.103166588s ago: executing program 0 (id=650): mmap$auto(0x0, 0x20009, 0x809, 0xeb1, 0x401, 0x80000000008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}}, 0x801) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fddbdf250b000000080028800400040008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x890) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/stride\x00', 0x40740, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000003480)=""/247, 0xf7) 972.738485ms ago: executing program 0 (id=651): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0x402, 0x2) fcntl$auto(r0, 0x402, 0xffffffffffffffff) 903.085392ms ago: executing program 1 (id=652): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0x402, 0x2) fcntl$auto(r0, 0x402, 0xffffffffffffffff) (fail_nth: 1) 848.505064ms ago: executing program 0 (id=653): syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon16\x00', 0x28800, 0x0) prctl$auto(0x23, 0x2000000009, 0x2008, 0x803, 0x3) socket(0xa, 0x1, 0x100) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(r0, 0xc0105702, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x4, 0x0, 0x0, 0x8) rt_sigqueueinfo$auto(0x0, 0x1, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x20004800}, 0x44800) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000000000)="351ff6218163cce8505bf40fca856149f185354f86f6766b73aeb066b2a65290e689cb5a9cd45a63766508ae821ea42a555887244ce3a5676c4a8f62c1dadfd6efc8b8dd0eae0c03292f536b2b5042c923", 0x51) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x5}, 0xfffffffffffffff8, 0x0, 0x0, 0x40000009}, 0x5c9}, 0x3, 0x20000000) r2 = socket(0x26, 0xa, 0x7) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000003280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_psample(&(0x7f00000001c0), r2) getitimer$auto(0xfffffffc, &(0x7f0000000100)={{0x36, 0x80000001}, {0x9, 0x1}}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x22d02, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x80, 0x104, 0x6, 0x20000000003}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x8000000000020006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0x0, 0x0) 824.899802ms ago: executing program 2 (id=654): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd5/hctx0/cpu1/read_rq_list\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x100000000000001c, 0x280000000000, 0x63, 0x0, 0x0, 0x0, 0x1002, 0x4, 0x80000008040000a, 0x40000402, 0x7, 0x8, 0xffffffff80000000, 0x800000000000b, 0x6, 0x240000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x4004) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 708.831814ms ago: executing program 2 (id=655): socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f0000000180)=@l2={0x1f, 0x1, @none, 0x8, 0x2}, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1a, 0x800, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x141001, 0x0) prctl$auto(0x3e, 0x7ffffffffffffffe, 0x0, 0x1, 0xfffffffffffffffc) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000240)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\x00\x00\x00\x00.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xf4\xf9\"\b\xef\x1d\xc8\xcf\xc5D\xcc\xe9@\"\xb7hI-\nC\xdc\x01t\xb2\xbe\xe1S\xb9\xef3\x1bz\xafd2\xdb\x021>\xba\xe7C\x9c\xffKG,\xf8\x1d\xd3\xae\xd2=\x8d\x8b\xee\x13\xc1\xe5\x81\xdf\xd8w\xfbD$', 0x100000a3da) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x1f, 0x9}, 0x800009}, 0x3, 0x20000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x6) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendfile$auto(0x1, 0x3, 0x0, 0x0) mbind$auto(0x2000, 0x100000004, 0x5, 0x0, 0xffffffffffffff39, 0xffffffff) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x400, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_mr_cache\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 267.985461ms ago: executing program 1 (id=656): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0x401, 0x2) fcntl$auto(r0, 0x402, 0xffffffffffffffff) 192.637255ms ago: executing program 1 (id=657): mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x406, 0x0) poll$auto(&(0x7f0000000d40)={0x3, 0x3, 0xa}, 0x5, 0x3fc) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x7ffffffe, 0xa, 0x0, 0x46) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0xfffffffffffffffd, 0x20009, 0x4000000000df, 0x11, 0x401, 0x8400) socket(0xa, 0x1, 0x100) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) statx$auto(0xffffffffffffffff, 0x0, 0xfffffffb, 0x2, 0x0) unshare$auto(0x40000080) bpf$auto(0x8, &(0x7f0000000280)=@bpf_attr_0={0x7, 0xb5, 0xe, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x8005, 0x7, 0x7, 0x6}, 0x10) ioctl$auto_USBDEVFS_SUBMITURB32(0xffffffffffffffff, 0x802c550a, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(0x0, 0x261c2, 0x84) read$auto(0xffffffffffffffff, 0x0, 0x6) memfd_create$auto(0x0, 0x12) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty12\x00', 0x900, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0x401, 0x300000000000) arch_prctl$auto(0x5002, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 0s ago: executing program 3 (id=658): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media5\x00', 0x202, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x7, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) kernel console output (not intermixed with test programs): cc 0x1001 length: 249 > 9 [ 85.179689][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.185307][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.192078][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.199521][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.208731][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.214646][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.226882][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.235295][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.244483][ T5151] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.269506][ T5151] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.718595][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 85.770585][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 85.996317][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 86.013011][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.023485][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.031698][ T5830] bridge_slave_0: entered allmulticast mode [ 86.041207][ T5830] bridge_slave_0: entered promiscuous mode [ 86.070047][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.079100][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.086268][ T5830] bridge_slave_1: entered allmulticast mode [ 86.095064][ T5830] bridge_slave_1: entered promiscuous mode [ 86.113853][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.121286][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.128744][ T5829] bridge_slave_0: entered allmulticast mode [ 86.135954][ T5829] bridge_slave_0: entered promiscuous mode [ 86.180478][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.188942][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.196082][ T5829] bridge_slave_1: entered allmulticast mode [ 86.203954][ T5829] bridge_slave_1: entered promiscuous mode [ 86.220972][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 86.239362][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.251865][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.281934][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.320431][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.402571][ T5830] team0: Port device team_slave_0 added [ 86.423351][ T5829] team0: Port device team_slave_0 added [ 86.445879][ T5830] team0: Port device team_slave_1 added [ 86.460524][ T5829] team0: Port device team_slave_1 added [ 86.469137][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.476330][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.483715][ T5833] bridge_slave_0: entered allmulticast mode [ 86.490832][ T5833] bridge_slave_0: entered promiscuous mode [ 86.499495][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.506867][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.514020][ T5833] bridge_slave_1: entered allmulticast mode [ 86.521239][ T5833] bridge_slave_1: entered promiscuous mode [ 86.592996][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.600103][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.626412][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.639361][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.646923][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.654095][ T5831] bridge_slave_0: entered allmulticast mode [ 86.661386][ T5831] bridge_slave_0: entered promiscuous mode [ 86.692013][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.699105][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.725782][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.745669][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.753518][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.761069][ T5831] bridge_slave_1: entered allmulticast mode [ 86.768745][ T5831] bridge_slave_1: entered promiscuous mode [ 86.775786][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.782997][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.809295][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.828139][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.841158][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.898135][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.905168][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.932537][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.983924][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.997700][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.045992][ T5833] team0: Port device team_slave_0 added [ 87.106294][ T5833] team0: Port device team_slave_1 added [ 87.137094][ T5829] hsr_slave_0: entered promiscuous mode [ 87.143807][ T5829] hsr_slave_1: entered promiscuous mode [ 87.158962][ T5830] hsr_slave_0: entered promiscuous mode [ 87.165977][ T5830] hsr_slave_1: entered promiscuous mode [ 87.173165][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.181465][ T5830] Cannot create hsr debugfs directory [ 87.207944][ T5831] team0: Port device team_slave_0 added [ 87.239860][ T5831] team0: Port device team_slave_1 added [ 87.259768][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.266844][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.293339][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.327565][ T5835] Bluetooth: hci2: command tx timeout [ 87.333187][ T5835] Bluetooth: hci3: command tx timeout [ 87.339267][ T5839] Bluetooth: hci0: command tx timeout [ 87.344975][ T5839] Bluetooth: hci1: command tx timeout [ 87.360298][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.367363][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.393745][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.430470][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.437490][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.463532][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.500020][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.508121][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.534699][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.670045][ T5833] hsr_slave_0: entered promiscuous mode [ 87.676391][ T5833] hsr_slave_1: entered promiscuous mode [ 87.683092][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.690799][ T5833] Cannot create hsr debugfs directory [ 87.774791][ T5831] hsr_slave_0: entered promiscuous mode [ 87.782423][ T5831] hsr_slave_1: entered promiscuous mode [ 87.788980][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.797126][ T5831] Cannot create hsr debugfs directory [ 87.958648][ T5830] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.986668][ T5830] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.026855][ T5830] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.079787][ T5830] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.196787][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.208298][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.232441][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.254019][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.322120][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.357298][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.376000][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.390881][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.419876][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.430749][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.447377][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.459722][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.573537][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.592978][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.661676][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.679047][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.702145][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.709589][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.758928][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.766102][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.781285][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.788491][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.809539][ T3007] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.816731][ T3007] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.889670][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.944478][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.975377][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.982583][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.012911][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.032181][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.039388][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.117445][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.152600][ T3445] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.159837][ T3445] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.210826][ T3445] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.218241][ T3445] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.416607][ T5835] Bluetooth: hci3: command tx timeout [ 89.422077][ T5835] Bluetooth: hci1: command tx timeout [ 89.428444][ T5839] Bluetooth: hci0: command tx timeout [ 89.434715][ T5839] Bluetooth: hci2: command tx timeout [ 89.532911][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.658869][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.685587][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.730743][ T5830] veth0_vlan: entered promiscuous mode [ 89.766272][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.803021][ T5830] veth1_vlan: entered promiscuous mode [ 89.822230][ T5833] veth0_vlan: entered promiscuous mode [ 89.833432][ T5829] veth0_vlan: entered promiscuous mode [ 89.854614][ T5833] veth1_vlan: entered promiscuous mode [ 89.872547][ T5829] veth1_vlan: entered promiscuous mode [ 89.911381][ T5830] veth0_macvtap: entered promiscuous mode [ 89.942186][ T5830] veth1_macvtap: entered promiscuous mode [ 89.966140][ T5829] veth0_macvtap: entered promiscuous mode [ 89.981447][ T5831] veth0_vlan: entered promiscuous mode [ 89.994002][ T5829] veth1_macvtap: entered promiscuous mode [ 90.019606][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.046460][ T5833] veth0_macvtap: entered promiscuous mode [ 90.060585][ T5831] veth1_vlan: entered promiscuous mode [ 90.072993][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.082080][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.105524][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.115044][ T5830] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.124708][ T5830] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.134012][ T5830] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.142956][ T5830] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.154432][ T5833] veth1_macvtap: entered promiscuous mode [ 90.168842][ T5829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.178188][ T5829] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.187562][ T5829] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.196290][ T5829] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.277862][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.325717][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.346498][ T5831] veth0_macvtap: entered promiscuous mode [ 90.365848][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.376494][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.389229][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.398218][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.425005][ T5831] veth1_macvtap: entered promiscuous mode [ 90.439005][ T3549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.448862][ T3549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.522027][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.530084][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.537236][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.549826][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.558719][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.566216][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.575529][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.584361][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.675285][ T3549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.685820][ T3549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.706275][ T3549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.714914][ T3549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.790377][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.807884][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.818307][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 90.892920][ T3549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.908237][ T3549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.014877][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.039846][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.110049][ T5927] Zero length message leads to an empty skb [ 91.134232][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.171675][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.410795][ T5887] smpboot: CPU 1 is now offline [ 91.424123][ T24] cfg80211: failed to load regulatory.db [ 91.447236][ T5839] Bluetooth: hci0: command tx timeout [ 91.487808][ T5839] Bluetooth: hci2: command tx timeout [ 91.493261][ T5839] Bluetooth: hci1: command tx timeout [ 91.498991][ T5835] Bluetooth: hci3: command tx timeout [ 92.918565][ T5925] kafs: addr_prefs: Invalid Command [ 92.936770][ T5943] kafs: addr_prefs: Invalid Command [ 93.209708][ T5944] syz.3.4 (5944) used greatest stack depth: 19800 bytes left [ 93.491052][ T5839] Bluetooth: hci0: command tx timeout [ 93.568729][ T5839] Bluetooth: hci1: command tx timeout [ 93.574169][ T5839] Bluetooth: hci3: command tx timeout [ 93.580882][ T5838] Bluetooth: hci2: command tx timeout [ 94.962411][ T5960] kafs: addr_prefs: Invalid Command [ 95.049297][ T5975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'. [ 95.138920][ T5976] FAULT_INJECTION: forcing a failure. [ 95.138920][ T5976] name failslab, interval 1, probability 0, space 0, times 1 [ 95.175992][ T5973] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.266486][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.0.11 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 95.266508][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 95.266520][ T5976] Call Trace: [ 95.266526][ T5976] [ 95.266534][ T5976] dump_stack_lvl+0x16c/0x1f0 [ 95.266564][ T5976] should_fail_ex+0x512/0x640 [ 95.266585][ T5976] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 95.266610][ T5976] should_failslab+0xc2/0x120 [ 95.266624][ T5976] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 95.266644][ T5976] ? getname_flags.part.0+0x4c/0x550 [ 95.266669][ T5976] getname_flags.part.0+0x4c/0x550 [ 95.266687][ T5976] getname_flags+0x93/0xf0 [ 95.266706][ T5976] do_sys_openat2+0xb8/0x1d0 [ 95.266723][ T5976] ? __pfx_do_sys_openat2+0x10/0x10 [ 95.266746][ T5976] __x64_sys_openat+0x174/0x210 [ 95.266762][ T5976] ? __pfx___x64_sys_openat+0x10/0x10 [ 95.266785][ T5976] do_syscall_64+0xcd/0x490 [ 95.266808][ T5976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.266822][ T5976] RIP: 0033:0x7fc0b678d290 [ 95.266838][ T5976] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 95.266851][ T5976] RSP: 002b:00007fc0b45d4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 95.266864][ T5976] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc0b678d290 [ 95.266873][ T5976] RDX: 0000000000000002 RSI: 00007fc0b45d4fa0 RDI: 00000000ffffff9c [ 95.266881][ T5976] RBP: 00007fc0b45d4fa0 R08: 0000000000000000 R09: 00007fc0b45d4cd6 [ 95.266890][ T5976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.266897][ T5976] R13: 0000000000000000 R14: 00007fc0b69b6080 R15: 00007fff0d02ad98 [ 95.266914][ T5976] [ 100.166572][ T6038] kafs: addr_prefs: Invalid Command [ 100.678425][ T6032] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.459323][ T6055] kafs: addr_prefs: Invalid Command [ 101.899768][ T6076] FAULT_INJECTION: forcing a failure. [ 101.899768][ T6076] name failslab, interval 1, probability 0, space 0, times 0 [ 101.963750][ T6076] CPU: 0 UID: 0 PID: 6076 Comm: syz.3.35 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 101.963774][ T6076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 101.963783][ T6076] Call Trace: [ 101.963788][ T6076] [ 101.963794][ T6076] dump_stack_lvl+0x16c/0x1f0 [ 101.963820][ T6076] should_fail_ex+0x512/0x640 [ 101.963841][ T6076] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 101.963864][ T6076] should_failslab+0xc2/0x120 [ 101.963878][ T6076] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 101.963898][ T6076] ? bpf_ksym_find+0x124/0x1c0 [ 101.963913][ T6076] ? __kernfs_new_node+0xd2/0x8e0 [ 101.963935][ T6076] __kernfs_new_node+0xd2/0x8e0 [ 101.963957][ T6076] ? __pfx___kernfs_new_node+0x10/0x10 [ 101.963981][ T6076] ? find_held_lock+0x2b/0x80 [ 101.963995][ T6076] ? kernfs_root+0xee/0x2a0 [ 101.964018][ T6076] kernfs_new_node+0x13c/0x1e0 [ 101.964043][ T6076] kernfs_create_dir_ns+0x4c/0x1a0 [ 101.964067][ T6076] sysfs_create_dir_ns+0x13a/0x2b0 [ 101.964086][ T6076] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 101.964103][ T6076] ? find_held_lock+0x2b/0x80 [ 101.964119][ T6076] ? do_raw_spin_unlock+0x172/0x230 [ 101.964148][ T6076] kobject_add_internal+0x2c4/0x9b0 [ 101.964167][ T6076] kobject_add+0x16e/0x240 [ 101.964180][ T6076] ? __pfx_kobject_add+0x10/0x10 [ 101.964206][ T6076] get_device_parent+0x399/0x4e0 [ 101.964232][ T6076] device_add+0x1ad/0x1a70 [ 101.964246][ T6076] ? __mutex_trylock_common+0xe9/0x250 [ 101.964265][ T6076] ? __pfx_device_add+0x10/0x10 [ 101.964278][ T6076] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 101.964302][ T6076] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 101.964329][ T6076] wiphy_register+0x1c9c/0x2850 [ 101.964344][ T6076] ? netdev_run_todo+0x864/0x1320 [ 101.964364][ T6076] ? __pfx_wiphy_register+0x10/0x10 [ 101.964386][ T6076] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 101.964403][ T6076] ieee80211_register_hw+0x24ac/0x4140 [ 101.964426][ T6076] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 101.964444][ T6076] ? find_held_lock+0x2b/0x80 [ 101.964458][ T6076] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 101.964479][ T6076] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 101.964495][ T6076] ? __hrtimer_setup+0x176/0x280 [ 101.964517][ T6076] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 101.964550][ T6076] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 101.964576][ T6076] hwsim_new_radio_nl+0xb51/0x12c0 [ 101.964598][ T6076] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 101.964624][ T6076] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 101.964643][ T6076] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 101.964665][ T6076] genl_family_rcv_msg_doit+0x209/0x2f0 [ 101.964684][ T6076] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 101.964702][ T6076] ? trace_cap_capable+0x18d/0x200 [ 101.964721][ T6076] ? bpf_lsm_capable+0x9/0x10 [ 101.964737][ T6076] ? security_capable+0x7e/0x260 [ 101.964760][ T6076] ? ns_capable+0xd7/0x110 [ 101.964776][ T6076] genl_rcv_msg+0x55c/0x800 [ 101.964799][ T6076] ? __pfx_genl_rcv_msg+0x10/0x10 [ 101.964817][ T6076] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 101.964845][ T6076] netlink_rcv_skb+0x158/0x420 [ 101.964859][ T6076] ? __pfx_genl_rcv_msg+0x10/0x10 [ 101.964877][ T6076] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 101.964902][ T6076] ? netlink_deliver_tap+0x1ae/0xd30 [ 101.964919][ T6076] genl_rcv+0x28/0x40 [ 101.964935][ T6076] netlink_unicast+0x53a/0x7f0 [ 101.964952][ T6076] ? __pfx_netlink_unicast+0x10/0x10 [ 101.964973][ T6076] netlink_sendmsg+0x8d1/0xdd0 [ 101.964991][ T6076] ? __pfx_netlink_sendmsg+0x10/0x10 [ 101.965013][ T6076] ____sys_sendmsg+0xa98/0xc70 [ 101.965030][ T6076] ? copy_msghdr_from_user+0x10a/0x160 [ 101.965050][ T6076] ? __pfx_____sys_sendmsg+0x10/0x10 [ 101.965065][ T6076] ? preempt_schedule_thunk+0x16/0x30 [ 101.965086][ T6076] ? try_to_wake_up+0xa2f/0x1680 [ 101.965103][ T6076] ___sys_sendmsg+0x134/0x1d0 [ 101.965125][ T6076] ? __pfx____sys_sendmsg+0x10/0x10 [ 101.965153][ T6076] ? __lock_acquire+0x622/0x1c90 [ 101.965196][ T6076] __sys_sendmsg+0x16d/0x220 [ 101.965218][ T6076] ? __pfx___sys_sendmsg+0x10/0x10 [ 101.965239][ T6076] ? __x64_sys_futex+0x1e0/0x4c0 [ 101.965269][ T6076] do_syscall_64+0xcd/0x490 [ 101.965292][ T6076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.965307][ T6076] RIP: 0033:0x7f32f0f8e929 [ 101.965320][ T6076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.965333][ T6076] RSP: 002b:00007f32f1e25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 101.965347][ T6076] RAX: ffffffffffffffda RBX: 00007f32f11b5fa0 RCX: 00007f32f0f8e929 [ 101.965357][ T6076] RDX: 0000000004004040 RSI: 0000200000000280 RDI: 0000000000000006 [ 101.965365][ T6076] RBP: 00007f32f1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 101.965373][ T6076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.965382][ T6076] R13: 0000000000000000 R14: 00007f32f11b5fa0 R15: 00007ffcd11b4488 [ 101.965401][ T6076] [ 102.459552][ T6076] kobject: kobject_add_internal failed for ieee80211 (error: -12 parent: hwsim12) [ 104.264340][ T6115] netlink: 342 bytes leftover after parsing attributes in process `syz.0.44'. [ 106.199806][ T30] audit: type=1800 audit(1750900823.254:2): pid=6143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.48" name="members" dev="configfs" ino=8050 res=0 errno=0 [ 107.098073][ T6153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.50'. [ 107.236202][ T5835] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 107.236226][ T5835] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 107.251853][ T5835] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 107.486679][ T5839] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 108.073675][ T6160] kafs: addr_prefs: Invalid Command [ 110.185087][ T6179] kafs: addr_prefs: Invalid Command [ 110.626918][ T6183] kafs: addr_prefs: Invalid Command [ 111.896403][ T6208] FAULT_INJECTION: forcing a failure. [ 111.896403][ T6208] name failslab, interval 1, probability 0, space 0, times 0 [ 112.056661][ T6208] CPU: 0 UID: 0 PID: 6208 Comm: syz.0.63 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 112.056685][ T6208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.056694][ T6208] Call Trace: [ 112.056699][ T6208] [ 112.056705][ T6208] dump_stack_lvl+0x16c/0x1f0 [ 112.056733][ T6208] should_fail_ex+0x512/0x640 [ 112.056754][ T6208] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 112.056779][ T6208] should_failslab+0xc2/0x120 [ 112.056793][ T6208] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 112.056814][ T6208] ? __kernfs_new_node+0xd2/0x8e0 [ 112.056837][ T6208] __kernfs_new_node+0xd2/0x8e0 [ 112.056858][ T6208] ? __pfx___kernfs_new_node+0x10/0x10 [ 112.056882][ T6208] ? find_held_lock+0x2b/0x80 [ 112.056898][ T6208] ? kernfs_root+0xee/0x2a0 [ 112.056922][ T6208] kernfs_new_node+0x13c/0x1e0 [ 112.056947][ T6208] __kernfs_create_file+0x53/0x350 [ 112.056965][ T6208] sysfs_add_file_mode_ns+0x207/0x3c0 [ 112.056988][ T6208] sysfs_merge_group+0x1aa/0x340 [ 112.057008][ T6208] ? __pfx_sysfs_merge_group+0x10/0x10 [ 112.057031][ T6208] ? __pfx_dev_add_physical_location+0x10/0x10 [ 112.057054][ T6208] ? bus_to_subsys+0x131/0x160 [ 112.057073][ T6208] dpm_sysfs_add+0x237/0x280 [ 112.057087][ T6208] device_add+0x9a6/0x1a70 [ 112.057104][ T6208] ? __pfx_device_add+0x10/0x10 [ 112.057116][ T6208] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 112.057139][ T6208] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 112.057166][ T6208] wiphy_register+0x1c9c/0x2850 [ 112.057182][ T6208] ? netdev_run_todo+0x864/0x1320 [ 112.057201][ T6208] ? __pfx_wiphy_register+0x10/0x10 [ 112.057223][ T6208] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 112.057240][ T6208] ieee80211_register_hw+0x24ac/0x4140 [ 112.057262][ T6208] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 112.057280][ T6208] ? find_held_lock+0x2b/0x80 [ 112.057294][ T6208] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 112.057315][ T6208] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 112.057330][ T6208] ? __hrtimer_setup+0x176/0x280 [ 112.057353][ T6208] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 112.057385][ T6208] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 112.057420][ T6208] hwsim_new_radio_nl+0xb51/0x12c0 [ 112.057443][ T6208] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 112.057470][ T6208] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 112.057490][ T6208] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 112.057513][ T6208] genl_family_rcv_msg_doit+0x209/0x2f0 [ 112.057533][ T6208] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 112.057551][ T6208] ? trace_cap_capable+0x18d/0x200 [ 112.057569][ T6208] ? bpf_lsm_capable+0x9/0x10 [ 112.057586][ T6208] ? security_capable+0x7e/0x260 [ 112.057609][ T6208] ? ns_capable+0xd7/0x110 [ 112.057625][ T6208] genl_rcv_msg+0x55c/0x800 [ 112.057644][ T6208] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.057662][ T6208] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 112.057692][ T6208] netlink_rcv_skb+0x158/0x420 [ 112.057707][ T6208] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.057725][ T6208] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 112.057747][ T6208] ? netlink_deliver_tap+0x1ae/0xd30 [ 112.057764][ T6208] genl_rcv+0x28/0x40 [ 112.057778][ T6208] netlink_unicast+0x53a/0x7f0 [ 112.057796][ T6208] ? __pfx_netlink_unicast+0x10/0x10 [ 112.057816][ T6208] netlink_sendmsg+0x8d1/0xdd0 [ 112.057834][ T6208] ? __pfx_netlink_sendmsg+0x10/0x10 [ 112.057856][ T6208] ____sys_sendmsg+0xa98/0xc70 [ 112.057873][ T6208] ? copy_msghdr_from_user+0x10a/0x160 [ 112.057894][ T6208] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.057908][ T6208] ? preempt_schedule_thunk+0x16/0x30 [ 112.057929][ T6208] ? try_to_wake_up+0xa2f/0x1680 [ 112.057946][ T6208] ___sys_sendmsg+0x134/0x1d0 [ 112.057968][ T6208] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.057987][ T6208] ? __lock_acquire+0x622/0x1c90 [ 112.058029][ T6208] __sys_sendmsg+0x16d/0x220 [ 112.058050][ T6208] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.058071][ T6208] ? __x64_sys_futex+0x1e0/0x4c0 [ 112.058100][ T6208] do_syscall_64+0xcd/0x490 [ 112.058123][ T6208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.058139][ T6208] RIP: 0033:0x7fc0b678e929 [ 112.058152][ T6208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.058165][ T6208] RSP: 002b:00007fc0b45f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.058179][ T6208] RAX: ffffffffffffffda RBX: 00007fc0b69b5fa0 RCX: 00007fc0b678e929 [ 112.058188][ T6208] RDX: 0000000004004040 RSI: 0000200000000280 RDI: 0000000000000005 [ 112.058197][ T6208] RBP: 00007fc0b6810b39 R08: 0000000000000000 R09: 0000000000000000 [ 112.058205][ T6208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.058214][ T6208] R13: 0000000000000000 R14: 00007fc0b69b5fa0 R15: 00007fff0d02ad98 [ 112.058232][ T6208] [ 114.935745][ T6243] kafs: addr_prefs: Invalid Command [ 115.344228][ T6210] kafs: addr_prefs: Invalid Command [ 118.343036][ T6300] kafs: addr_prefs: Invalid Command [ 118.773724][ T6313] netlink: 186 bytes leftover after parsing attributes in process `syz.1.83'. [ 119.185452][ T6311] kafs: addr_prefs: Invalid Command [ 122.037181][ T6367] kafs: addr_prefs: Invalid Command [ 122.093433][ T6373] netlink: 342 bytes leftover after parsing attributes in process `syz.3.96'. [ 122.640715][ T6387] netlink: 186 bytes leftover after parsing attributes in process `syz.1.99'. [ 123.212061][ T30] audit: type=1800 audit(1750908640.277:3): pid=6402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.103" name="members" dev="configfs" ino=9047 res=0 errno=0 [ 125.021115][ T6426] kafs: addr_prefs: Invalid Command [ 125.300010][ T6437] netlink: 186 bytes leftover after parsing attributes in process `syz.2.110'. [ 125.331350][ T5839] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 127.814026][ T6468] kafs: addr_prefs: Invalid Command [ 127.826231][ T6456] kafs: addr_prefs: Invalid Command [ 128.217491][ T6485] netlink: 186 bytes leftover after parsing attributes in process `syz.1.121'. [ 129.223128][ T6489] kafs: addr_prefs: Invalid Command [ 130.103229][ T6493] kafs: addr_prefs: Invalid Command [ 130.991062][ T6532] netlink: 186 bytes leftover after parsing attributes in process `syz.3.130'. [ 131.552645][ T6538] netlink: 186 bytes leftover after parsing attributes in process `syz.1.140'. [ 132.241754][ T6542] kafs: addr_prefs: Invalid Command [ 132.929841][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.936315][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.664521][ T6562] kafs: addr_prefs: Invalid Command [ 134.670417][ T6599] netlink: 186 bytes leftover after parsing attributes in process `syz.1.144'. [ 136.051905][ T6618] kafs: addr_prefs: Invalid Command [ 136.825861][ T6646] netlink: 186 bytes leftover after parsing attributes in process `syz.1.156'. [ 137.720325][ T6660] kafs: addr_prefs: Invalid Command [ 138.558206][ T6670] kafs: addr_prefs: Invalid Command [ 139.001581][ T6696] netlink: 186 bytes leftover after parsing attributes in process `syz.3.168'. [ 140.184189][ T6712] kafs: addr_prefs: Invalid Command [ 140.608507][ T6733] netlink: 186 bytes leftover after parsing attributes in process `syz.0.179'. [ 140.647083][ T6727] kafs: addr_prefs: Invalid Command [ 142.214371][ T6773] netlink: 186 bytes leftover after parsing attributes in process `syz.3.188'. [ 142.736460][ T6788] kafs: addr_prefs: Invalid Command [ 144.029737][ T6825] netlink: 186 bytes leftover after parsing attributes in process `syz.3.201'. [ 145.808777][ T6842] kafs: addr_prefs: Invalid Command [ 146.303911][ T6863] Process accounting resumed [ 146.747955][ T6872] netlink: 186 bytes leftover after parsing attributes in process `syz.1.212'. [ 146.805518][ T6876] FAULT_INJECTION: forcing a failure. [ 146.805518][ T6876] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 146.885465][ T6876] CPU: 0 UID: 0 PID: 6876 Comm: syz.2.214 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 146.885489][ T6876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.885497][ T6876] Call Trace: [ 146.885503][ T6876] [ 146.885508][ T6876] dump_stack_lvl+0x16c/0x1f0 [ 146.885535][ T6876] should_fail_ex+0x512/0x640 [ 146.885560][ T6876] should_fail_alloc_page+0xe7/0x130 [ 146.885577][ T6876] prepare_alloc_pages+0x3c2/0x610 [ 146.885597][ T6876] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 146.885621][ T6876] ? __pfx_stack_trace_save+0x10/0x10 [ 146.885638][ T6876] ? stack_depot_save_flags+0x28/0xa40 [ 146.885659][ T6876] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 146.885682][ T6876] ? kasan_save_stack+0x42/0x60 [ 146.885702][ T6876] ? kasan_save_stack+0x33/0x60 [ 146.885727][ T6876] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 146.885748][ T6876] ? __pmd_alloc+0xbf/0x930 [ 146.885763][ T6876] ? dup_mmap+0xe88/0x21d0 [ 146.885780][ T6876] ? kernel_clone+0xfc/0x960 [ 146.885797][ T6876] ? __do_sys_clone+0xce/0x120 [ 146.885812][ T6876] ? do_syscall_64+0xcd/0x490 [ 146.885833][ T6876] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.885862][ T6876] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 146.885885][ T6876] ? policy_nodemask+0xea/0x4e0 [ 146.885900][ T6876] alloc_pages_mpol+0x1fb/0x550 [ 146.885914][ T6876] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 146.885926][ T6876] ? css_rstat_updated+0x9d/0xd30 [ 146.885945][ T6876] alloc_pages_noprof+0x131/0x390 [ 146.885959][ T6876] pte_alloc_one+0x1c/0x3a0 [ 146.885981][ T6876] __pte_alloc+0x6d/0x3c0 [ 146.885994][ T6876] ? __pfx___pte_alloc+0x10/0x10 [ 146.886007][ T6876] ? _raw_spin_unlock+0x28/0x50 [ 146.886025][ T6876] ? __pmd_alloc+0x3fb/0x930 [ 146.886042][ T6876] copy_page_range+0x1aed/0x5740 [ 146.886066][ T6876] ? __lock_acquire+0x622/0x1c90 [ 146.886100][ T6876] ? __pfx_copy_page_range+0x10/0x10 [ 146.886118][ T6876] ? mas_store+0x7a9/0x1160 [ 146.886132][ T6876] ? find_held_lock+0x2b/0x80 [ 146.886146][ T6876] ? __vma_enter_locked+0x163/0x3f0 [ 146.886175][ T6876] dup_mmap+0xe88/0x21d0 [ 146.886199][ T6876] ? __pfx_dup_mmap+0x10/0x10 [ 146.886230][ T6876] copy_process+0x4081/0x76a0 [ 146.886246][ T6876] ? preempt_schedule_thunk+0x16/0x30 [ 146.886271][ T6876] ? __pfx_copy_process+0x10/0x10 [ 146.886286][ T6876] ? plist_check_head+0xa3/0x150 [ 146.886307][ T6876] ? futex_private_hash_put+0xc7/0x240 [ 146.886326][ T6876] kernel_clone+0xfc/0x960 [ 146.886342][ T6876] ? __pfx_futex_wake+0x10/0x10 [ 146.886361][ T6876] ? __pfx_kernel_clone+0x10/0x10 [ 146.886379][ T6876] ? perf_event_namespaces+0x1af/0x200 [ 146.886407][ T6876] __do_sys_clone+0xce/0x120 [ 146.886426][ T6876] ? __pfx___do_sys_clone+0x10/0x10 [ 146.886441][ T6876] ? do_raw_spin_unlock+0x172/0x230 [ 146.886473][ T6876] ? xfd_validate_state+0x61/0x180 [ 146.886500][ T6876] do_syscall_64+0xcd/0x490 [ 146.886526][ T6876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.886541][ T6876] RIP: 0033:0x7f4a9378e929 [ 146.886554][ T6876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.886568][ T6876] RSP: 002b:00007f4a9461bfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 146.886589][ T6876] RAX: ffffffffffffffda RBX: 00007f4a939b5fa0 RCX: 00007f4a9378e929 [ 146.886599][ T6876] RDX: 0000000000000000 RSI: 0000000000000700 RDI: 0000000098280000 [ 146.886607][ T6876] RBP: 00007f4a93810b39 R08: 0000000000000000 R09: 0000000000000000 [ 146.886616][ T6876] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 146.886625][ T6876] R13: 0000000000000000 R14: 00007f4a939b5fa0 R15: 00007ffd9fce0a58 [ 146.886644][ T6876] [ 147.593766][ T6885] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 147.790633][ T6893] kafs: addr_prefs: Invalid Command [ 148.362087][ T6919] FAULT_INJECTION: forcing a failure. [ 148.362087][ T6919] name failslab, interval 1, probability 0, space 0, times 0 [ 148.467957][ T6919] CPU: 0 UID: 0 PID: 6919 Comm: syz.0.221 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 148.467981][ T6919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 148.467990][ T6919] Call Trace: [ 148.467995][ T6919] [ 148.468001][ T6919] dump_stack_lvl+0x16c/0x1f0 [ 148.468028][ T6919] should_fail_ex+0x512/0x640 [ 148.468049][ T6919] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 148.468072][ T6919] should_failslab+0xc2/0x120 [ 148.468087][ T6919] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 148.468107][ T6919] ? security_file_alloc+0x34/0x2b0 [ 148.468129][ T6919] security_file_alloc+0x34/0x2b0 [ 148.468147][ T6919] init_file+0x93/0x4c0 [ 148.468161][ T6919] alloc_empty_file+0x73/0x1e0 [ 148.468176][ T6919] path_openat+0xda/0x2cb0 [ 148.468199][ T6919] ? rcu_is_watching+0x12/0xc0 [ 148.468213][ T6919] ? trace_kmem_cache_alloc+0x28/0xc0 [ 148.468228][ T6919] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 148.468248][ T6919] ? __pfx_path_openat+0x10/0x10 [ 148.468269][ T6919] ? __asan_memcpy+0x3c/0x60 [ 148.468289][ T6919] do_file_open_root+0x322/0x610 [ 148.468308][ T6919] ? stack_trace_save+0x8e/0xc0 [ 148.468325][ T6919] ? __pfx_do_file_open_root+0x10/0x10 [ 148.468362][ T6919] ? vsnprintf+0x318/0x1160 [ 148.468383][ T6919] file_open_root+0x2a7/0x450 [ 148.468405][ T6919] ? __pfx_file_open_root+0x10/0x10 [ 148.468424][ T6919] ? find_held_lock+0x2b/0x80 [ 148.468439][ T6919] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 148.468459][ T6919] kernel_read_file_from_path_initns+0x189/0x260 [ 148.468476][ T6919] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 148.468490][ T6919] ? trace_kmem_cache_alloc+0x28/0xc0 [ 148.468506][ T6919] ? _request_firmware+0x503/0x1470 [ 148.468527][ T6919] _request_firmware+0x744/0x1470 [ 148.468551][ T6919] ? __pfx__request_firmware+0x10/0x10 [ 148.468576][ T6919] request_firmware+0x35/0x50 [ 148.468594][ T6919] valid_regdb+0x188/0x590 [ 148.468609][ T6919] ? __pfx___mutex_lock+0x10/0x10 [ 148.468631][ T6919] ? __pfx_valid_regdb+0x10/0x10 [ 148.468649][ T6919] reg_reload_regdb+0x11e/0x460 [ 148.468666][ T6919] ? __pfx_reg_reload_regdb+0x10/0x10 [ 148.468692][ T6919] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 148.468713][ T6919] ? nl80211_pre_doit+0x1b0/0xb10 [ 148.468736][ T6919] genl_family_rcv_msg_doit+0x209/0x2f0 [ 148.468757][ T6919] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 148.468774][ T6919] ? rcu_is_watching+0x12/0xc0 [ 148.468794][ T6919] ? bpf_lsm_capable+0x9/0x10 [ 148.468810][ T6919] ? security_capable+0x7e/0x260 [ 148.468836][ T6919] genl_rcv_msg+0x55c/0x800 [ 148.468856][ T6919] ? __pfx_genl_rcv_msg+0x10/0x10 [ 148.468873][ T6919] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 148.468892][ T6919] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 148.468907][ T6919] ? __pfx_nl80211_post_doit+0x10/0x10 [ 148.468933][ T6919] netlink_rcv_skb+0x158/0x420 [ 148.468948][ T6919] ? __pfx_genl_rcv_msg+0x10/0x10 [ 148.468966][ T6919] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 148.468991][ T6919] ? netlink_deliver_tap+0x1ae/0xd30 [ 148.469008][ T6919] genl_rcv+0x28/0x40 [ 148.469023][ T6919] netlink_unicast+0x53a/0x7f0 [ 148.469040][ T6919] ? __pfx_netlink_unicast+0x10/0x10 [ 148.469059][ T6919] netlink_sendmsg+0x8d1/0xdd0 [ 148.469077][ T6919] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.469099][ T6919] ____sys_sendmsg+0xa98/0xc70 [ 148.469116][ T6919] ? copy_msghdr_from_user+0x10a/0x160 [ 148.469137][ T6919] ? __pfx_____sys_sendmsg+0x10/0x10 [ 148.469151][ T6919] ? preempt_schedule_thunk+0x16/0x30 [ 148.469172][ T6919] ? try_to_wake_up+0xa2f/0x1680 [ 148.469189][ T6919] ___sys_sendmsg+0x134/0x1d0 [ 148.469211][ T6919] ? __pfx____sys_sendmsg+0x10/0x10 [ 148.469230][ T6919] ? __lock_acquire+0x622/0x1c90 [ 148.469271][ T6919] __sys_sendmsg+0x16d/0x220 [ 148.469292][ T6919] ? __pfx___sys_sendmsg+0x10/0x10 [ 148.469313][ T6919] ? __x64_sys_futex+0x1e0/0x4c0 [ 148.469341][ T6919] do_syscall_64+0xcd/0x490 [ 148.469364][ T6919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.469378][ T6919] RIP: 0033:0x7fc0b678e929 [ 148.469391][ T6919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.469405][ T6919] RSP: 002b:00007fc0b45f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 148.469419][ T6919] RAX: ffffffffffffffda RBX: 00007fc0b69b5fa0 RCX: 00007fc0b678e929 [ 148.469428][ T6919] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 148.469437][ T6919] RBP: 00007fc0b6810b39 R08: 0000000000000000 R09: 0000000000000000 [ 148.469445][ T6919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.469453][ T6919] R13: 0000000000000000 R14: 00007fc0b69b5fa0 R15: 00007fff0d02ad98 [ 148.469471][ T6919] [ 148.475261][ T6919] platform regulatory.0: loading /lib/firmware/updates/regulatory.db.p7s failed with error -12 [ 149.236357][ T6926] netlink: 186 bytes leftover after parsing attributes in process `syz.3.223'. [ 149.361949][ T6928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.224'. [ 149.594107][ T6919] platform regulatory.0: loading /lib/firmware/regulatory.db.p7s failed with error -4 [ 149.657157][ T6919] platform regulatory.0: Direct firmware load for regulatory.db.p7s failed with error -4 [ 149.749092][ T6919] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db.p7s [ 150.568297][ T6941] kafs: addr_prefs: Invalid Command [ 150.778981][ T6967] netlink: 186 bytes leftover after parsing attributes in process `syz.3.233'. [ 150.844352][ T6967] netlink: 186 bytes leftover after parsing attributes in process `syz.3.233'. [ 151.572024][ T5839] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 151.572048][ T5839] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 151.587045][ T5839] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 152.023089][ T7004] netlink: 342 bytes leftover after parsing attributes in process `syz.0.242'. [ 152.363149][ T7014] netlink: 186 bytes leftover after parsing attributes in process `syz.3.244'. [ 153.018359][ T7020] kafs: addr_prefs: Invalid Command [ 153.292485][ T7034] FAULT_INJECTION: forcing a failure. [ 153.292485][ T7034] name failslab, interval 1, probability 0, space 0, times 0 [ 153.375690][ T7034] CPU: 0 UID: 0 PID: 7034 Comm: syz.0.251 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 153.375713][ T7034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 153.375722][ T7034] Call Trace: [ 153.375728][ T7034] [ 153.375734][ T7034] dump_stack_lvl+0x16c/0x1f0 [ 153.375762][ T7034] should_fail_ex+0x512/0x640 [ 153.375782][ T7034] ? fs_reclaim_acquire+0xae/0x150 [ 153.375801][ T7034] should_failslab+0xc2/0x120 [ 153.375816][ T7034] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 153.375837][ T7034] ? security_inode_alloc+0x3b/0x2b0 [ 153.375856][ T7034] security_inode_alloc+0x3b/0x2b0 [ 153.375871][ T7034] inode_init_always_gfp+0xce4/0x1030 [ 153.375894][ T7034] alloc_inode+0x86/0x240 [ 153.375908][ T7034] new_inode+0x22/0x1c0 [ 153.375924][ T7034] __debugfs_create_file+0x11c/0x6b0 [ 153.375945][ T7034] debugfs_create_file_full+0x41/0x60 [ 153.375965][ T7034] kvm_dev_ioctl+0x14ff/0x1ad0 [ 153.375994][ T7034] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 153.376021][ T7034] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 153.376044][ T7034] __x64_sys_ioctl+0x18b/0x210 [ 153.376062][ T7034] do_syscall_64+0xcd/0x490 [ 153.376084][ T7034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.376099][ T7034] RIP: 0033:0x7fc0b678e929 [ 153.376111][ T7034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.376124][ T7034] RSP: 002b:00007fc0b45f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 153.376137][ T7034] RAX: ffffffffffffffda RBX: 00007fc0b69b5fa0 RCX: 00007fc0b678e929 [ 153.376146][ T7034] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 153.376154][ T7034] RBP: 00007fc0b6810b39 R08: 0000000000000000 R09: 0000000000000000 [ 153.376162][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.376170][ T7034] R13: 0000000000000000 R14: 00007fc0b69b5fa0 R15: 00007fff0d02ad98 [ 153.376188][ T7034] [ 153.376206][ T7034] debugfs: out of free dentries, can not create file 'mmu_pde_zapped' [ 153.921067][ T7051] netlink: 186 bytes leftover after parsing attributes in process `syz.1.254'. [ 155.067291][ T7066] kafs: addr_prefs: Invalid Command [ 155.659903][ T7088] netlink: 186 bytes leftover after parsing attributes in process `syz.1.265'. [ 156.656445][ T7106] capability: warning: `syz.1.271' uses 32-bit capabilities (legacy support in use) [ 156.720555][ T7106] netlink: 12 bytes leftover after parsing attributes in process `syz.1.271'. [ 156.854592][ T7106] HfR: entered promiscuous mode [ 157.324913][ T7113] kafs: addr_prefs: Invalid Command [ 157.624116][ T7122] netlink: 186 bytes leftover after parsing attributes in process `syz.2.274'. [ 157.678792][ T7124] syz.3.275 uses obsolete (PF_INET,SOCK_PACKET) [ 157.715900][ T7122] netlink: 186 bytes leftover after parsing attributes in process `syz.2.274'. [ 158.851926][ T7149] FAULT_INJECTION: forcing a failure. [ 158.851926][ T7149] name failslab, interval 1, probability 0, space 0, times 0 [ 158.941231][ T7149] CPU: 0 UID: 0 PID: 7149 Comm: syz.2.283 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 158.941254][ T7149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 158.941263][ T7149] Call Trace: [ 158.941269][ T7149] [ 158.941275][ T7149] dump_stack_lvl+0x16c/0x1f0 [ 158.941303][ T7149] should_fail_ex+0x512/0x640 [ 158.941324][ T7149] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 158.941348][ T7149] should_failslab+0xc2/0x120 [ 158.941362][ T7149] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 158.941383][ T7149] ? security_file_alloc+0x34/0x2b0 [ 158.941404][ T7149] security_file_alloc+0x34/0x2b0 [ 158.941422][ T7149] init_file+0x93/0x4c0 [ 158.941436][ T7149] alloc_empty_file+0x73/0x1e0 [ 158.941452][ T7149] path_openat+0xda/0x2cb0 [ 158.941474][ T7149] ? rcu_is_watching+0x12/0xc0 [ 158.941489][ T7149] ? trace_kmem_cache_alloc+0x28/0xc0 [ 158.941503][ T7149] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 158.941524][ T7149] ? __pfx_path_openat+0x10/0x10 [ 158.941544][ T7149] ? __asan_memcpy+0x3c/0x60 [ 158.941565][ T7149] do_file_open_root+0x322/0x610 [ 158.941584][ T7149] ? stack_trace_save+0x8e/0xc0 [ 158.941600][ T7149] ? __pfx_do_file_open_root+0x10/0x10 [ 158.941638][ T7149] ? vsnprintf+0x318/0x1160 [ 158.941660][ T7149] file_open_root+0x2a7/0x450 [ 158.941703][ T7149] ? __pfx_file_open_root+0x10/0x10 [ 158.941723][ T7149] ? find_held_lock+0x2b/0x80 [ 158.941739][ T7149] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 158.941759][ T7149] kernel_read_file_from_path_initns+0x189/0x260 [ 158.941777][ T7149] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 158.941792][ T7149] ? trace_kmem_cache_alloc+0x28/0xc0 [ 158.941813][ T7149] ? _request_firmware+0x503/0x1470 [ 158.941835][ T7149] _request_firmware+0x744/0x1470 [ 158.941861][ T7149] ? __pfx__request_firmware+0x10/0x10 [ 158.941887][ T7149] request_firmware+0x35/0x50 [ 158.941906][ T7149] valid_regdb+0x188/0x590 [ 158.941921][ T7149] ? __pfx___mutex_lock+0x10/0x10 [ 158.941943][ T7149] ? __pfx_valid_regdb+0x10/0x10 [ 158.941961][ T7149] reg_reload_regdb+0x11e/0x460 [ 158.941978][ T7149] ? __pfx_reg_reload_regdb+0x10/0x10 [ 158.941995][ T7149] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 158.942015][ T7149] ? nl80211_pre_doit+0x1b0/0xb10 [ 158.942037][ T7149] genl_family_rcv_msg_doit+0x209/0x2f0 [ 158.942058][ T7149] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 158.942076][ T7149] ? rcu_is_watching+0x12/0xc0 [ 158.942096][ T7149] ? bpf_lsm_capable+0x9/0x10 [ 158.942112][ T7149] ? security_capable+0x7e/0x260 [ 158.942138][ T7149] genl_rcv_msg+0x55c/0x800 [ 158.942157][ T7149] ? __pfx_genl_rcv_msg+0x10/0x10 [ 158.942174][ T7149] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 158.942193][ T7149] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 158.942208][ T7149] ? __pfx_nl80211_post_doit+0x10/0x10 [ 158.942235][ T7149] netlink_rcv_skb+0x158/0x420 [ 158.942250][ T7149] ? __pfx_genl_rcv_msg+0x10/0x10 [ 158.942268][ T7149] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 158.942290][ T7149] ? netlink_deliver_tap+0x1ae/0xd30 [ 158.942306][ T7149] genl_rcv+0x28/0x40 [ 158.942320][ T7149] netlink_unicast+0x53a/0x7f0 [ 158.942337][ T7149] ? __pfx_netlink_unicast+0x10/0x10 [ 158.942357][ T7149] netlink_sendmsg+0x8d1/0xdd0 [ 158.942374][ T7149] ? __pfx_netlink_sendmsg+0x10/0x10 [ 158.942396][ T7149] ____sys_sendmsg+0xa98/0xc70 [ 158.942413][ T7149] ? copy_msghdr_from_user+0x10a/0x160 [ 158.942433][ T7149] ? __pfx_____sys_sendmsg+0x10/0x10 [ 158.942447][ T7149] ? preempt_schedule_thunk+0x16/0x30 [ 158.942468][ T7149] ? try_to_wake_up+0xa2f/0x1680 [ 158.942485][ T7149] ___sys_sendmsg+0x134/0x1d0 [ 158.942507][ T7149] ? __pfx____sys_sendmsg+0x10/0x10 [ 158.942526][ T7149] ? __lock_acquire+0x622/0x1c90 [ 158.942567][ T7149] __sys_sendmsg+0x16d/0x220 [ 158.942589][ T7149] ? __pfx___sys_sendmsg+0x10/0x10 [ 158.942609][ T7149] ? __x64_sys_futex+0x1e0/0x4c0 [ 158.942638][ T7149] do_syscall_64+0xcd/0x490 [ 158.942661][ T7149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.942675][ T7149] RIP: 0033:0x7f4a9378e929 [ 158.942688][ T7149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.942701][ T7149] RSP: 002b:00007f4a9461c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 158.942716][ T7149] RAX: ffffffffffffffda RBX: 00007f4a939b5fa0 RCX: 00007f4a9378e929 [ 158.942725][ T7149] RDX: 0000000014000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 158.942735][ T7149] RBP: 00007f4a93810b39 R08: 0000000000000000 R09: 0000000000000000 [ 158.942743][ T7149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.942752][ T7149] R13: 0000000000000000 R14: 00007f4a939b5fa0 R15: 00007ffd9fce0a58 [ 158.942770][ T7149] [ 158.942854][ T7149] platform regulatory.0: loading /lib/firmware/6.16.0-rc3-syzkaller-00057-g92ca6c498a5e/regulatory.db.p7s failed with error -12 [ 159.576597][ T7147] kafs: addr_prefs: Invalid Command [ 159.668025][ T7159] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 159.872763][ T7164] netlink: 186 bytes leftover after parsing attributes in process `syz.0.287'. [ 159.911054][ T7164] netlink: 186 bytes leftover after parsing attributes in process `syz.0.287'. [ 160.084631][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.286'. [ 160.656681][ T7185] mmap: syz.1.286 (7185) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 161.349658][ T7200] netlink: 186 bytes leftover after parsing attributes in process `syz.0.297'. [ 161.398245][ T7200] netlink: 186 bytes leftover after parsing attributes in process `syz.0.297'. [ 161.894764][ T7213] FAULT_INJECTION: forcing a failure. [ 161.894764][ T7213] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 161.959676][ T7213] CPU: 0 UID: 0 PID: 7213 Comm: syz.2.299 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 161.959699][ T7213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.959708][ T7213] Call Trace: [ 161.959713][ T7213] [ 161.959719][ T7213] dump_stack_lvl+0x16c/0x1f0 [ 161.959745][ T7213] should_fail_ex+0x512/0x640 [ 161.959769][ T7213] _copy_from_user+0x2e/0xd0 [ 161.959792][ T7213] copy_msghdr_from_user+0x98/0x160 [ 161.959814][ T7213] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 161.959845][ T7213] ___sys_sendmsg+0xfe/0x1d0 [ 161.959867][ T7213] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.959886][ T7213] ? __lock_acquire+0x622/0x1c90 [ 161.959931][ T7213] __sys_sendmsg+0x16d/0x220 [ 161.959953][ T7213] ? __pfx___sys_sendmsg+0x10/0x10 [ 161.959986][ T7213] do_syscall_64+0xcd/0x490 [ 161.960009][ T7213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.960025][ T7213] RIP: 0033:0x7f4a9378e929 [ 161.960037][ T7213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.960050][ T7213] RSP: 002b:00007f4a9461c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 161.960064][ T7213] RAX: ffffffffffffffda RBX: 00007f4a939b5fa0 RCX: 00007f4a9378e929 [ 161.960074][ T7213] RDX: 0000000004000000 RSI: 0000200000000480 RDI: 0000000000000003 [ 161.960082][ T7213] RBP: 00007f4a9461c090 R08: 0000000000000000 R09: 0000000000000000 [ 161.960090][ T7213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.960098][ T7213] R13: 0000000000000000 R14: 00007f4a939b5fa0 R15: 00007ffd9fce0a58 [ 161.960115][ T7213] [ 162.129767][ C0] vkms_vblank_simulate: vblank timer overrun [ 162.289946][ T7217] FAULT_INJECTION: forcing a failure. [ 162.289946][ T7217] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 162.303271][ T7217] CPU: 0 UID: 0 PID: 7217 Comm: syz.1.301 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 162.303292][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 162.303302][ T7217] Call Trace: [ 162.303307][ T7217] [ 162.303313][ T7217] dump_stack_lvl+0x16c/0x1f0 [ 162.303340][ T7217] should_fail_ex+0x512/0x640 [ 162.303363][ T7217] should_fail_alloc_page+0xe7/0x130 [ 162.303379][ T7217] prepare_alloc_pages+0x3c2/0x610 [ 162.303396][ T7217] ? rcu_is_watching+0x12/0xc0 [ 162.303412][ T7217] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 162.303437][ T7217] ? rcu_is_watching+0x12/0xc0 [ 162.303450][ T7217] ? trace_mm_page_alloc+0x11f/0x1a0 [ 162.303466][ T7217] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 162.303486][ T7217] ? lockdep_hardirqs_on+0x7c/0x110 [ 162.303506][ T7217] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 162.303526][ T7217] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 162.303552][ T7217] ? alloc_vmap_area+0x645/0x29c0 [ 162.303567][ T7217] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 162.303584][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 162.303600][ T7217] ? do_syscall_64+0xcd/0x490 [ 162.303620][ T7217] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.303649][ T7217] alloc_pages_bulk_noprof+0x71c/0x1410 [ 162.303671][ T7217] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 162.303695][ T7217] ? policy_nodemask+0xea/0x4e0 [ 162.303711][ T7217] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 162.303733][ T7217] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 162.303754][ T7217] kasan_populate_vmalloc+0xf1/0x1f0 [ 162.303778][ T7217] alloc_vmap_area+0x959/0x29c0 [ 162.303800][ T7217] ? __pfx_alloc_vmap_area+0x10/0x10 [ 162.303820][ T7217] __get_vm_area_node+0x1ca/0x330 [ 162.303839][ T7217] __vmalloc_node_range_noprof+0x271/0x14b0 [ 162.303857][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 162.303878][ T7217] ? __lock_acquire+0xb8a/0x1c90 [ 162.303896][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 162.303917][ T7217] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 162.303936][ T7217] ? __alloc_pages_noprof+0xb/0x1b0 [ 162.303955][ T7217] ? ___kmalloc_large_node+0x84/0x1e0 [ 162.303970][ T7217] ? find_held_lock+0x2b/0x80 [ 162.303987][ T7217] __kvmalloc_node_noprof+0x30a/0x620 [ 162.304006][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 162.304024][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 162.304044][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 162.304059][ T7217] __do_sys_listmount+0x1c2/0xec0 [ 162.304080][ T7217] ? __x64_sys_futex+0x1e0/0x4c0 [ 162.304096][ T7217] ? __x64_sys_futex+0x1e9/0x4c0 [ 162.304113][ T7217] ? __pfx___do_sys_listmount+0x10/0x10 [ 162.304139][ T7217] do_syscall_64+0xcd/0x490 [ 162.304161][ T7217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.304175][ T7217] RIP: 0033:0x7f12f598e929 [ 162.304187][ T7217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.304200][ T7217] RSP: 002b:00007f12f68a0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 162.304214][ T7217] RAX: ffffffffffffffda RBX: 00007f12f5bb5fa0 RCX: 00007f12f598e929 [ 162.304223][ T7217] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 162.304231][ T7217] RBP: 00007f12f5a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 162.304239][ T7217] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 162.304248][ T7217] R13: 0000000000000000 R14: 00007f12f5bb5fa0 R15: 00007ffc35f697f8 [ 162.304266][ T7217] [ 162.305092][ T7217] syz.1.301: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 163.548188][ T7217] CPU: 0 UID: 0 PID: 7217 Comm: syz.1.301 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 163.548210][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 163.548219][ T7217] Call Trace: [ 163.548224][ T7217] [ 163.548230][ T7217] dump_stack_lvl+0x16c/0x1f0 [ 163.548256][ T7217] warn_alloc+0x248/0x3a0 [ 163.548279][ T7217] ? __pfx_warn_alloc+0x10/0x10 [ 163.548301][ T7217] ? kfree+0x2b4/0x4d0 [ 163.548323][ T7217] ? __get_vm_area_node+0x208/0x330 [ 163.548344][ T7217] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 163.548366][ T7217] ? __lock_acquire+0xb8a/0x1c90 [ 163.548385][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 163.548408][ T7217] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 163.548427][ T7217] ? __alloc_pages_noprof+0xb/0x1b0 [ 163.548447][ T7217] ? ___kmalloc_large_node+0x84/0x1e0 [ 163.548462][ T7217] ? find_held_lock+0x2b/0x80 [ 163.548479][ T7217] __kvmalloc_node_noprof+0x30a/0x620 [ 163.548499][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 163.548517][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 163.548538][ T7217] ? __do_sys_listmount+0x1c2/0xec0 [ 163.548554][ T7217] __do_sys_listmount+0x1c2/0xec0 [ 163.548574][ T7217] ? __x64_sys_futex+0x1e0/0x4c0 [ 163.548591][ T7217] ? __x64_sys_futex+0x1e9/0x4c0 [ 163.548609][ T7217] ? __pfx___do_sys_listmount+0x10/0x10 [ 163.548635][ T7217] do_syscall_64+0xcd/0x490 [ 163.548658][ T7217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.548673][ T7217] RIP: 0033:0x7f12f598e929 [ 163.548685][ T7217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.548699][ T7217] RSP: 002b:00007f12f68a0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 163.548713][ T7217] RAX: ffffffffffffffda RBX: 00007f12f5bb5fa0 RCX: 00007f12f598e929 [ 163.548722][ T7217] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 163.548731][ T7217] RBP: 00007f12f5a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 163.548756][ T7217] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 163.548764][ T7217] R13: 0000000000000000 R14: 00007f12f5bb5fa0 R15: 00007ffc35f697f8 [ 163.548781][ T7217] [ 163.548786][ T7217] Mem-Info: [ 164.096152][ T7217] active_anon:6191 inactive_anon:0 isolated_anon:1 [ 164.096152][ T7217] active_file:1602 inactive_file:39414 isolated_file:0 [ 164.096152][ T7217] unevictable:768 dirty:87 writeback:0 [ 164.096152][ T7217] slab_reclaimable:10644 slab_unreclaimable:96807 [ 164.096152][ T7217] mapped:26534 shmem:1360 pagetables:1099 [ 164.096152][ T7217] sec_pagetables:0 bounce:0 [ 164.096152][ T7217] kernel_misc_reclaimable:0 [ 164.096152][ T7217] free:1341862 free_pcp:12787 free_cma:0 [ 164.141378][ C0] vkms_vblank_simulate: vblank timer overrun [ 164.524418][ T7217] Node 0 active_anon:27728kB inactive_anon:0kB active_file:5368kB inactive_file:156432kB unevictable:4864kB isolated(anon):4kB isolated(file):0kB mapped:106188kB dirty:348kB writeback:0kB shmem:3904kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11664kB pagetables:4100kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 164.557707][ C0] vkms_vblank_simulate: vblank timer overrun [ 164.807262][ T7217] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 164.838723][ C0] vkms_vblank_simulate: vblank timer overrun [ 164.957796][ T7268] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[7268] [ 164.977460][ T7217] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 165.006258][ C0] vkms_vblank_simulate: vblank timer overrun [ 165.099959][ T7217] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 165.120802][ T7217] Node 0 DMA32 free:1437544kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31872kB inactive_anon:0kB active_file:5292kB inactive_file:155096kB unevictable:4924kB writepending:300kB present:3129332kB managed:2540868kB mlocked:3388kB bounce:0kB free_pcp:37456kB local_pcp:37456kB free_cma:0kB [ 165.153289][ C0] vkms_vblank_simulate: vblank timer overrun [ 165.177927][ T7217] lowmem_reserve[]: 0 0 1 1 1 [ 165.182801][ T7217] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 165.211726][ C0] vkms_vblank_simulate: vblank timer overrun [ 165.325074][ T7217] lowmem_reserve[]: 0 0 0 0 0 [ 165.350016][ T7217] Node 1 Normal free:3912264kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:9664kB local_pcp:9664kB free_cma:0kB [ 165.527961][ T7217] lowmem_reserve[]: 0 0 0 0 0 [ 165.532698][ T7217] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 165.633973][ T7217] Node 0 DMA32: 4213*4kB (UME) 1071*8kB (UM) 607*16kB (UME) 335*32kB (UM) 104*64kB (UME) 81*128kB (UME) 40*256kB (UM) 20*512kB (UM) 10*1024kB (UME) 1*2048kB (U) 329*4096kB (UM) = 1443228kB [ 165.720932][ T7217] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 165.779410][ T7217] Node 1 Normal: 208*4kB (UME) 67*8kB (UME) 35*16kB (UME) 218*32kB (UME) 74*64kB (UME) 20*128kB (UME) 7*256kB (UME) 4*512kB (UME) 3*1024kB (UME) 3*2048kB (UE) 948*4096kB (M) = 3912264kB [ 165.857157][ T7217] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 165.901801][ T7217] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 165.948275][ T7217] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 165.998722][ T7217] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 166.048845][ T7217] 46576 total pagecache pages [ 166.086657][ T7217] 0 pages in swap cache [ 166.105387][ T7217] Free swap = 124996kB [ 166.150881][ T7217] Total swap = 124996kB [ 166.181610][ T7217] 2097051 pages RAM [ 166.195963][ T7217] 0 pages HighMem/MovableOnly [ 166.228034][ T7217] 429856 pages reserved [ 166.260901][ T7217] 0 pages cma reserved [ 170.166101][ T7376] can: request_module (can-proto-4) failed. [ 171.226665][ T7421] netlink: 4 bytes leftover after parsing attributes in process `syz.3.344'.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      syzkaller syzkaller login: [ 202.002152][ T8144] netlink: 342 bytes leftover after parsing attributes in process `syz.3.528'. [ 202.012908][ T8130] ,cpuset=/,mems_allowed=0-1 [ 202.029930][ T8130] CPU: 0 UID: 0 PID: 8130 Comm: syz.1.526 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 202.029952][ T8130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 202.029961][ T8130] Call Trace: [ 202.029966][ T8130] [ 202.029971][ T8130] dump_stack_lvl+0x16c/0x1f0 [ 202.029998][ T8130] warn_alloc+0x248/0x3a0 [ 202.030021][ T8130] ? __pfx_warn_alloc+0x10/0x10 [ 202.030043][ T8130] ? kfree+0x2b4/0x4d0 [ 202.030067][ T8130] ? __get_vm_area_node+0x208/0x330 [ 202.030089][ T8130] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 202.030107][ T8130] ? local_lock_release+0x99/0x140 [ 202.030127][ T8130] ? kernel_clone+0xfc/0x960 [ 202.030145][ T8130] ? rcu_read_unlock+0x17/0x60 [ 202.030162][ T8130] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 202.030186][ T8130] ? kernel_clone+0xfc/0x960 [ 202.030202][ T8130] __vmalloc_node_noprof+0xad/0xf0 [ 202.030220][ T8130] ? kernel_clone+0xfc/0x960 [ 202.030238][ T8130] copy_process+0x2c70/0x76a0 [ 202.030254][ T8130] ? preempt_schedule_thunk+0x16/0x30 [ 202.030275][ T8130] ? try_to_wake_up+0xa2f/0x1680 [ 202.030291][ T8130] ? __pfx_copy_process+0x10/0x10 [ 202.030307][ T8130] ? plist_check_head+0xa3/0x150 [ 202.030328][ T8130] ? futex_private_hash_put+0xc7/0x240 [ 202.030348][ T8130] kernel_clone+0xfc/0x960 [ 202.030365][ T8130] ? __pfx_futex_wake+0x10/0x10 [ 202.030385][ T8130] ? __pfx_kernel_clone+0x10/0x10 [ 202.030401][ T8130] ? perf_event_namespaces+0x1af/0x200 [ 202.030426][ T8130] __do_sys_clone+0xce/0x120 [ 202.030443][ T8130] ? __pfx___do_sys_clone+0x10/0x10 [ 202.030459][ T8130] ? do_raw_spin_unlock+0x172/0x230 [ 202.030490][ T8130] ? xfd_validate_state+0x61/0x180 [ 202.030515][ T8130] do_syscall_64+0xcd/0x490 [ 202.030538][ T8130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.030553][ T8130] RIP: 0033:0x7f12f598e929 [ 202.030565][ T8130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.030578][ T8130] RSP: 002b:00007f12f689ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 202.030592][ T8130] RAX: ffffffffffffffda RBX: 00007f12f5bb5fa0 RCX: 00007f12f598e929 [ 202.030602][ T8130] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000098280000 [ 202.030610][ T8130] RBP: 00007f12f5a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 202.030618][ T8130] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 202.030626][ T8130] R13: 0000000000000000 R14: 00007f12f5bb5fa0 R15: 00007ffc35f697f8 [ 202.030643][ T8130] [ 202.030648][ T8130] Mem-Info: [ 203.475623][ T8130] active_anon:7074 inactive_anon:0 isolated_anon:0 [ 203.475623][ T8130] active_file:13558 inactive_file:39797 isolated_file:0 [ 203.475623][ T8130] unevictable:768 dirty:292 writeback:0 [ 203.475623][ T8130] slab_reclaimable:11322 slab_unreclaimable:96976 [ 203.475623][ T8130] mapped:27134 shmem:1362 pagetables:1120 [ 203.475623][ T8130] sec_pagetables:0 bounce:0 [ 203.475623][ T8130] kernel_misc_reclaimable:0 [ 203.475623][ T8130] free:1321088 free_pcp:18881 free_cma:0 [ 203.696442][ T8130] Node 0 active_anon:25416kB inactive_anon:0kB active_file:54232kB inactive_file:159056kB unevictable:1536kB isolated(anon):3776kB isolated(file):0kB mapped:108588kB dirty:1168kB writeback:0kB shmem:3964kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11728kB pagetables:4288kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 203.844889][ T8130] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 204.053399][ T8130] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 204.249799][ T8130] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 204.255572][ T8130] Node 0 DMA32 free:1361360kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24740kB inactive_anon:0kB active_file:54232kB inactive_file:157736kB unevictable:1536kB writepending:1168kB present:3129332kB managed:2540868kB mlocked:0kB bounce:0kB free_pcp:64324kB local_pcp:64324kB free_cma:0kB [ 204.478685][ T8130] lowmem_reserve[]: 0 0 1 1 1 [ 204.520504][ T8130] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 204.696004][ T8130] lowmem_reserve[]: 0 0 0 0 0 [ 204.740121][ T8130] Node 1 Normal free:3912512kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:9496kB local_pcp:9496kB free_cma:0kB [ 204.882482][ T8130] lowmem_reserve[]: 0 0 0 0 0 [ 204.902615][ T8130] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 204.974140][ T8130] Node 0 DMA32: 2603*4kB (UM) 1670*8kB (UM) 937*16kB (UM) 745*32kB (UM) 316*64kB (UM) 121*128kB (UME) 78*256kB (UME) 34*512kB (ME) 19*1024kB (ME) 4*2048kB (M) 293*4096kB (UM) = 1363468kB [ 205.067299][ T8130] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 205.144305][ T8130] Node 1 Normal: 147*4kB (UME) 67*8kB (UME) 35*16kB (UME) 224*32kB (UME) 78*64kB (UME) 20*128kB (UME) 7*256kB (UME) 4*512kB (UME) 3*1024kB (UME) 3*2048kB (UE) 948*4096kB (M) = 3912468kB [ 205.239819][ T8130] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 205.303206][ T8130] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 205.342964][ T8130] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 205.401473][ T8130] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 205.451563][ T8130] 54706 total pagecache pages [ 205.456743][ T8130] 0 pages in swap cache [ 205.471572][ T8130] Free swap = 124996kB [ 205.496541][ T8130] Total swap = 124996kB [ 205.508074][ T8130] 2097051 pages RAM [ 205.530592][ T8130] 0 pages HighMem/MovableOnly [ 205.543891][ T8130] 429856 pages reserved [ 205.587804][ T8130] 0 pages cma reserved [ 206.267666][ T8242] FAULT_INJECTION: forcing a failure. [ 206.267666][ T8242] name failslab, interval 1, probability 0, space 0, times 0 [ 206.348572][ T8242] CPU: 0 UID: 0 PID: 8242 Comm: syz.1.549 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 206.348595][ T8242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.348604][ T8242] Call Trace: [ 206.348609][ T8242] [ 206.348615][ T8242] dump_stack_lvl+0x16c/0x1f0 [ 206.348642][ T8242] should_fail_ex+0x512/0x640 [ 206.348663][ T8242] ? __kmalloc_noprof+0xbf/0x510 [ 206.348686][ T8242] ? kernfs_fop_write_iter+0x237/0x510 [ 206.348701][ T8242] should_failslab+0xc2/0x120 [ 206.348715][ T8242] __kmalloc_noprof+0xd2/0x510 [ 206.348740][ T8242] kernfs_fop_write_iter+0x237/0x510 [ 206.348758][ T8242] vfs_write+0x6c4/0x1150 [ 206.348779][ T8242] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 206.348795][ T8242] ? __pfx___mutex_lock+0x10/0x10 [ 206.348817][ T8242] ? __pfx_vfs_write+0x10/0x10 [ 206.348849][ T8242] ksys_write+0x12a/0x250 [ 206.348869][ T8242] ? __pfx_ksys_write+0x10/0x10 [ 206.348894][ T8242] do_syscall_64+0xcd/0x490 [ 206.348917][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.348932][ T8242] RIP: 0033:0x7f12f598e929 [ 206.348944][ T8242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.348957][ T8242] RSP: 002b:00007f12f687f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 206.348970][ T8242] RAX: ffffffffffffffda RBX: 00007f12f5bb6080 RCX: 00007f12f598e929 [ 206.348979][ T8242] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000003 [ 206.348987][ T8242] RBP: 00007f12f687f090 R08: 0000000000000000 R09: 0000000000000000 [ 206.348995][ T8242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.349004][ T8242] R13: 0000000000000000 R14: 00007f12f5bb6080 R15: 00007ffc35f697f8 [ 206.349022][ T8242] [ 207.521354][ T8272] Process accounting resumed [ 207.889871][ T8279] sp0: Synchronizing with TNC [ 209.234984][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.568'. [ 211.112301][ T5842] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 211.112347][ T5842] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 211.134188][ T5842] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 211.558437][ T30] audit: type=1804 audit(1750908736.622:6): pid=8382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.583" name="/newroot/158/file0" dev="tmpfs" ino=846 res=1 errno=0 [ 211.690105][ T30] audit: type=1800 audit(1750908736.653:7): pid=8382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.583" name="file0" dev="tmpfs" ino=846 res=0 errno=0 [ 211.810924][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 211.818612][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 211.824662][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 211.830653][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 212.359437][ T8408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.586'. [ 213.959206][ T8378] Process accounting paused [ 214.207596][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 214.207620][ T5835] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 214.222449][ T5835] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 214.360890][ T8446] netlink: 338 bytes leftover after parsing attributes in process `syz.2.595'. [ 216.935161][ T8510] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.732484][ T8525] sd 0:0:1:0: PR command failed: 1026 [ 217.737920][ T8525] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 217.946743][ T8525] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 219.105943][ T8557] FAULT_INJECTION: forcing a failure. [ 219.105943][ T8557] name failslab, interval 1, probability 0, space 0, times 0 [ 219.262339][ T8557] CPU: 0 UID: 0 PID: 8557 Comm: syz.1.622 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 219.262362][ T8557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 219.262370][ T8557] Call Trace: [ 219.262375][ T8557] [ 219.262381][ T8557] dump_stack_lvl+0x16c/0x1f0 [ 219.262409][ T8557] should_fail_ex+0x512/0x640 [ 219.262429][ T8557] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 219.262454][ T8557] should_failslab+0xc2/0x120 [ 219.262468][ T8557] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 219.262489][ T8557] ? __pfx_tcp_current_mss+0x10/0x10 [ 219.262510][ T8557] ? __alloc_skb+0x2b2/0x380 [ 219.262534][ T8557] __alloc_skb+0x2b2/0x380 [ 219.262554][ T8557] ? __pfx___alloc_skb+0x10/0x10 [ 219.262574][ T8557] ? bpf_ksym_find+0xf0/0x1c0 [ 219.262589][ T8557] ? aa_label_sk_perm+0x19b/0x5a0 [ 219.262604][ T8557] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 219.262625][ T8557] tcp_stream_alloc_skb+0x34/0x570 [ 219.262645][ T8557] tcp_sendmsg_locked+0x130f/0x4300 [ 219.262670][ T8557] ? __lock_acquire+0xb8a/0x1c90 [ 219.262694][ T8557] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 219.262715][ T8557] ? do_raw_spin_lock+0x12c/0x2b0 [ 219.262737][ T8557] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 219.262762][ T8557] ? __local_bh_enable_ip+0xa4/0x120 [ 219.262781][ T8557] tcp_sendmsg+0x2e/0x50 [ 219.262798][ T8557] ? __pfx_tcp_sendmsg+0x10/0x10 [ 219.262816][ T8557] inet_sendmsg+0xb9/0x140 [ 219.262837][ T8557] sock_write_iter+0x4aa/0x5b0 [ 219.262854][ T8557] ? __pfx_sock_write_iter+0x10/0x10 [ 219.262877][ T8557] ? bpf_lsm_file_permission+0x9/0x10 [ 219.262892][ T8557] ? security_file_permission+0x71/0x210 [ 219.262911][ T8557] ? rw_verify_area+0xcf/0x680 [ 219.262930][ T8557] vfs_write+0x6c4/0x1150 [ 219.262951][ T8557] ? __pfx_sock_write_iter+0x10/0x10 [ 219.262969][ T8557] ? __pfx_vfs_write+0x10/0x10 [ 219.262987][ T8557] ? find_held_lock+0x2b/0x80 [ 219.263013][ T8557] ksys_write+0x1f8/0x250 [ 219.263032][ T8557] ? __pfx_ksys_write+0x10/0x10 [ 219.263058][ T8557] do_syscall_64+0xcd/0x490 [ 219.263081][ T8557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.263096][ T8557] RIP: 0033:0x7f12f598e929 [ 219.263108][ T8557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.263121][ T8557] RSP: 002b:00007f12f68a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 219.263142][ T8557] RAX: ffffffffffffffda RBX: 00007f12f5bb5fa0 RCX: 00007f12f598e929 [ 219.263151][ T8557] RDX: 0000000000100085 RSI: 0000000000000000 RDI: 0000000000000003 [ 219.263159][ T8557] RBP: 00007f12f68a0090 R08: 0000000000000000 R09: 0000000000000000 [ 219.263167][ T8557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 219.263175][ T8557] R13: 0000000000000000 R14: 00007f12f5bb5fa0 R15: 00007ffc35f697f8 [ 219.263193][ T8557] [ 219.548183][ C0] vkms_vblank_simulate: vblank timer overrun [ 220.485335][ T8593] FAULT_INJECTION: forcing a failure. [ 220.485335][ T8593] name failslab, interval 1, probability 0, space 0, times 0 [ 220.650310][ T8593] CPU: 0 UID: 0 PID: 8593 Comm: syz.1.632 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 220.650333][ T8593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 220.650341][ T8593] Call Trace: [ 220.650346][ T8593] [ 220.650352][ T8593] dump_stack_lvl+0x16c/0x1f0 [ 220.650379][ T8593] should_fail_ex+0x512/0x640 [ 220.650400][ T8593] ? __kmalloc_noprof+0xbf/0x510 [ 220.650423][ T8593] ? kernfs_fop_write_iter+0x237/0x510 [ 220.650438][ T8593] should_failslab+0xc2/0x120 [ 220.650455][ T8593] __kmalloc_noprof+0xd2/0x510 [ 220.650480][ T8593] kernfs_fop_write_iter+0x237/0x510 [ 220.650498][ T8593] vfs_write+0x6c4/0x1150 [ 220.650519][ T8593] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 220.650535][ T8593] ? __pfx___mutex_lock+0x10/0x10 [ 220.650557][ T8593] ? __pfx_vfs_write+0x10/0x10 [ 220.650589][ T8593] ksys_write+0x12a/0x250 [ 220.650608][ T8593] ? __pfx_ksys_write+0x10/0x10 [ 220.650634][ T8593] do_syscall_64+0xcd/0x490 [ 220.650657][ T8593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.650672][ T8593] RIP: 0033:0x7f12f598e929 [ 220.650684][ T8593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.650697][ T8593] RSP: 002b:00007f12f68a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 220.650710][ T8593] RAX: ffffffffffffffda RBX: 00007f12f5bb5fa0 RCX: 00007f12f598e929 [ 220.650719][ T8593] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000003 [ 220.650727][ T8593] RBP: 00007f12f68a0090 R08: 0000000000000000 R09: 0000000000000000 [ 220.650735][ T8593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 220.650743][ T8593] R13: 0000000000000000 R14: 00007f12f5bb5fa0 R15: 00007ffc35f697f8 [ 220.650761][ T8593] [ 220.827619][ C0] vkms_vblank_simulate: vblank timer overrun [ 221.605635][ T8618] FAULT_INJECTION: forcing a failure. [ 221.605635][ T8618] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 221.660561][ T8618] CPU: 0 UID: 0 PID: 8618 Comm: syz.0.638 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 221.660584][ T8618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.660592][ T8618] Call Trace: [ 221.660597][ T8618] [ 221.660603][ T8618] dump_stack_lvl+0x16c/0x1f0 [ 221.660630][ T8618] should_fail_ex+0x512/0x640 [ 221.660654][ T8618] _copy_from_user+0x2e/0xd0 [ 221.660677][ T8618] core_sys_select+0x35b/0xc10 [ 221.660701][ T8618] ? __pfx_core_sys_select+0x10/0x10 [ 221.660724][ T8618] ? proc_fail_nth_write+0x9f/0x250 [ 221.660756][ T8618] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 221.660783][ T8618] kern_select+0x15d/0x1e0 [ 221.660802][ T8618] ? __pfx_kern_select+0x10/0x10 [ 221.660823][ T8618] ? __pfx_ksys_write+0x10/0x10 [ 221.660847][ T8618] __x64_sys_select+0xbd/0x160 [ 221.660865][ T8618] ? do_syscall_64+0x91/0x490 [ 221.660886][ T8618] ? lockdep_hardirqs_on+0x7c/0x110 [ 221.660906][ T8618] do_syscall_64+0xcd/0x490 [ 221.660929][ T8618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.660944][ T8618] RIP: 0033:0x7fc0b678e929 [ 221.660955][ T8618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.660968][ T8618] RSP: 002b:00007fc0b45f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 221.660982][ T8618] RAX: ffffffffffffffda RBX: 00007fc0b69b5fa0 RCX: 00007fc0b678e929 [ 221.660991][ T8618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 221.660999][ T8618] RBP: 00007fc0b45f6090 R08: 0000000000000000 R09: 0000000000000000 [ 221.661007][ T8618] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 221.661015][ T8618] R13: 0000000000000000 R14: 00007fc0b69b5fa0 R15: 00007fff0d02ad98 [ 221.661032][ T8618] [ 222.434916][ T8629] FAULT_INJECTION: forcing a failure. [ 222.434916][ T8629] name failslab, interval 1, probability 0, space 0, times 0 [ 222.477631][ T8629] CPU: 0 UID: 0 PID: 8629 Comm: syz.3.641 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 222.477653][ T8629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 222.477662][ T8629] Call Trace: [ 222.477667][ T8629] [ 222.477673][ T8629] dump_stack_lvl+0x16c/0x1f0 [ 222.477698][ T8629] should_fail_ex+0x512/0x640 [ 222.477718][ T8629] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 222.477743][ T8629] should_failslab+0xc2/0x120 [ 222.477757][ T8629] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 222.477778][ T8629] ? __d_alloc+0x31/0xaa0 [ 222.477802][ T8629] __d_alloc+0x31/0xaa0 [ 222.477825][ T8629] d_alloc_pseudo+0x1c/0xc0 [ 222.477840][ T8629] alloc_file_pseudo+0xcf/0x230 [ 222.477857][ T8629] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 222.477871][ T8629] ? alloc_fd+0x471/0x7d0 [ 222.477893][ T8629] sock_alloc_file+0x50/0x210 [ 222.477907][ T8629] __sys_socket+0x1c0/0x260 [ 222.477924][ T8629] ? __pfx___sys_socket+0x10/0x10 [ 222.477940][ T8629] ? xfd_validate_state+0x61/0x180 [ 222.477958][ T8629] ? __pfx_ksys_write+0x10/0x10 [ 222.477981][ T8629] __x64_sys_socket+0x72/0xb0 [ 222.477997][ T8629] ? lockdep_hardirqs_on+0x7c/0x110 [ 222.478017][ T8629] do_syscall_64+0xcd/0x490 [ 222.478039][ T8629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.478061][ T8629] RIP: 0033:0x7f32f0f8e929 [ 222.478074][ T8629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.478088][ T8629] RSP: 002b:00007f32f1dc2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 222.478102][ T8629] RAX: ffffffffffffffda RBX: 00007f32f11b6240 RCX: 00007f32f0f8e929 [ 222.478112][ T8629] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 222.478120][ T8629] RBP: 00007f32f1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 222.478128][ T8629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.478137][ T8629] R13: 0000000000000000 R14: 00007f32f11b6240 R15: 00007ffcd11b4488 [ 222.478155][ T8629] [ 223.199221][ T8648] FAULT_INJECTION: forcing a failure. [ 223.199221][ T8648] name failslab, interval 1, probability 0, space 0, times 0 [ 223.240057][ T8648] CPU: 0 UID: 0 PID: 8648 Comm: syz.3.648 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 223.240081][ T8648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 223.240097][ T8648] Call Trace: [ 223.240103][ T8648] [ 223.240110][ T8648] dump_stack_lvl+0x16c/0x1f0 [ 223.240137][ T8648] should_fail_ex+0x512/0x640 [ 223.240158][ T8648] ? fs_reclaim_acquire+0xae/0x150 [ 223.240176][ T8648] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 223.240196][ T8648] should_failslab+0xc2/0x120 [ 223.240211][ T8648] __kmalloc_noprof+0xd2/0x510 [ 223.240237][ T8648] tomoyo_realpath_from_path+0xc2/0x6e0 [ 223.240258][ T8648] ? tomoyo_profile+0x47/0x60 [ 223.240281][ T8648] tomoyo_path_number_perm+0x245/0x580 [ 223.240297][ T8648] ? tomoyo_path_number_perm+0x237/0x580 [ 223.240315][ T8648] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 223.240332][ T8648] ? find_held_lock+0x2b/0x80 [ 223.240362][ T8648] ? find_held_lock+0x2b/0x80 [ 223.240375][ T8648] ? hook_file_ioctl_common+0x145/0x410 [ 223.240394][ T8648] ? __fget_files+0x20e/0x3c0 [ 223.240417][ T8648] security_file_ioctl+0x9b/0x240 [ 223.240436][ T8648] __x64_sys_ioctl+0xb7/0x210 [ 223.240457][ T8648] do_syscall_64+0xcd/0x490 [ 223.240481][ T8648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.240496][ T8648] RIP: 0033:0x7f32f0f8e929 [ 223.240508][ T8648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.240521][ T8648] RSP: 002b:00007f32f1e25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.240535][ T8648] RAX: ffffffffffffffda RBX: 00007f32f11b5fa0 RCX: 00007f32f0f8e929 [ 223.240544][ T8648] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000003 [ 223.240552][ T8648] RBP: 00007f32f1e25090 R08: 0000000000000000 R09: 0000000000000000 [ 223.240560][ T8648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.240568][ T8648] R13: 0000000000000000 R14: 00007f32f11b5fa0 R15: 00007ffcd11b4488 [ 223.240586][ T8648] [ 223.568205][ T8627] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 224.116897][ T8662] FAULT_INJECTION: forcing a failure. [ 224.116897][ T8662] name failslab, interval 1, probability 0, space 0, times 0 [ 224.234166][ T8662] CPU: 0 UID: 0 PID: 8662 Comm: syz.1.652 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 224.234188][ T8662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 224.234197][ T8662] Call Trace: [ 224.234201][ T8662] [ 224.234207][ T8662] dump_stack_lvl+0x16c/0x1f0 [ 224.234234][ T8662] should_fail_ex+0x512/0x640 [ 224.234255][ T8662] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 224.234278][ T8662] should_failslab+0xc2/0x120 [ 224.234292][ T8662] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 224.234313][ T8662] ? fcntl_dirnotify+0x23a/0xb50 [ 224.234338][ T8662] fcntl_dirnotify+0x23a/0xb50 [ 224.234363][ T8662] do_fcntl+0xe62/0x15a0 [ 224.234378][ T8662] ? __pfx_do_fcntl+0x10/0x10 [ 224.234396][ T8662] ? tomoyo_file_fcntl+0x6c/0xc0 [ 224.234421][ T8662] __x64_sys_fcntl+0x163/0x200 [ 224.234437][ T8662] do_syscall_64+0xcd/0x490 [ 224.234460][ T8662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.234475][ T8662] RIP: 0033:0x7f12f598e929 [ 224.234486][ T8662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.234500][ T8662] RSP: 002b:00007f12f68a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 224.234513][ T8662] RAX: ffffffffffffffda RBX: 00007f12f5bb5fa0 RCX: 00007f12f598e929 [ 224.234523][ T8662] RDX: ffffffffffffffff RSI: 0000000000000402 RDI: 0000000000000003 [ 224.234531][ T8662] RBP: 00007f12f68a0090 R08: 0000000000000000 R09: 0000000000000000 [ 224.234540][ T8662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 224.234548][ T8662] R13: 0000000000000000 R14: 00007f12f5bb5fa0 R15: 00007ffc35f697f8 [ 224.234566][ T8662] [ 224.630736][ T8648] ERROR: Out of memory at tomoyo_realpath_from_path. [ 225.204750][ T8679] ================================================================== [ 225.212835][ T8679] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 225.220559][ T8679] Read of size 8 at addr ffff88802afa5618 by task syz.3.658/8679 [ 225.228271][ T8679] [ 225.230599][ T8679] CPU: 0 UID: 0 PID: 8679 Comm: syz.3.658 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 225.230619][ T8679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 225.230629][ T8679] Call Trace: [ 225.230636][ T8679] [ 225.230642][ T8679] dump_stack_lvl+0x116/0x1f0 [ 225.230668][ T8679] print_report+0xcd/0x680 [ 225.230682][ T8679] ? __virt_addr_valid+0x81/0x610 [ 225.230696][ T8679] ? __phys_addr+0xe8/0x180 [ 225.230711][ T8679] ? dvb_device_open+0x36a/0x3b0 [ 225.230734][ T8679] kasan_report+0xe0/0x110 [ 225.230747][ T8679] ? dvb_device_open+0x36a/0x3b0 [ 225.230769][ T8679] ? __pfx_dvb_device_open+0x10/0x10 [ 225.230789][ T8679] dvb_device_open+0x36a/0x3b0 [ 225.230810][ T8679] ? __pfx_dvb_device_open+0x10/0x10 [ 225.230830][ T8679] chrdev_open+0x231/0x6a0 [ 225.230851][ T8679] ? __pfx_apparmor_file_open+0x10/0x10 [ 225.230869][ T8679] ? __pfx_chrdev_open+0x10/0x10 [ 225.230891][ T8679] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 225.230911][ T8679] do_dentry_open+0x744/0x1c10 [ 225.230938][ T8679] ? __pfx_chrdev_open+0x10/0x10 [ 225.230961][ T8679] vfs_open+0x82/0x3f0 [ 225.230977][ T8679] path_openat+0x1de4/0x2cb0 [ 225.231000][ T8679] ? __pfx_path_openat+0x10/0x10 [ 225.231020][ T8679] ? __lock_acquire+0xb8a/0x1c90 [ 225.231039][ T8679] do_filp_open+0x20b/0x470 [ 225.231059][ T8679] ? __pfx_do_filp_open+0x10/0x10 [ 225.231084][ T8679] ? alloc_fd+0x471/0x7d0 [ 225.231104][ T8679] do_sys_openat2+0x11b/0x1d0 [ 225.231119][ T8679] ? __pfx_do_sys_openat2+0x10/0x10 [ 225.231133][ T8679] ? __pfx_do_sys_openat2+0x10/0x10 [ 225.231149][ T8679] ? __pfx___might_resched+0x10/0x10 [ 225.231165][ T8679] __x64_sys_openat+0x174/0x210 [ 225.231181][ T8679] ? __pfx___x64_sys_openat+0x10/0x10 [ 225.231200][ T8679] do_syscall_64+0xcd/0x490 [ 225.231222][ T8679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.231237][ T8679] RIP: 0033:0x7f32f0f8e929 [ 225.231250][ T8679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.231265][ T8679] RSP: 002b:00007f32f1e25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 225.231278][ T8679] RAX: ffffffffffffffda RBX: 00007f32f11b5fa0 RCX: 00007f32f0f8e929 [ 225.231288][ T8679] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 225.231298][ T8679] RBP: 00007f32f1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 225.231307][ T8679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.231317][ T8679] R13: 0000000000000000 R14: 00007f32f11b5fa0 R15: 00007ffcd11b4488 [ 225.231330][ T8679] [ 225.231335][ T8679] [ 225.489803][ T8679] Allocated by task 1: [ 225.493856][ T8679] kasan_save_stack+0x33/0x60 [ 225.498532][ T8679] kasan_save_track+0x14/0x30 [ 225.503204][ T8679] __kasan_kmalloc+0xaa/0xb0 [ 225.507787][ T8679] dvb_register_device+0x1e4/0x2370 [ 225.513070][ T8679] dvb_register_frontend+0x5a6/0x880 [ 225.518348][ T8679] vidtv_bridge_probe+0x459/0xa90 [ 225.523451][ T8679] platform_probe+0x102/0x1f0 [ 225.528116][ T8679] really_probe+0x23e/0xa90 [ 225.532612][ T8679] __driver_probe_device+0x1de/0x440 [ 225.537898][ T8679] driver_probe_device+0x4c/0x1b0 [ 225.542924][ T8679] __driver_attach+0x283/0x580 [ 225.547695][ T8679] bus_for_each_dev+0x13e/0x1d0 [ 225.552555][ T8679] bus_add_driver+0x2e9/0x690 [ 225.557235][ T8679] driver_register+0x15c/0x4b0 [ 225.561988][ T8679] vidtv_bridge_init+0x45/0x80 [ 225.566747][ T8679] do_one_initcall+0x120/0x6e0 [ 225.571515][ T8679] kernel_init_freeable+0x5c2/0x900 [ 225.576736][ T8679] kernel_init+0x1c/0x2b0 [ 225.581062][ T8679] ret_from_fork+0x5d4/0x6f0 [ 225.585651][ T8679] ret_from_fork_asm+0x1a/0x30 [ 225.590402][ T8679] [ 225.592774][ T8679] Freed by task 8627: [ 225.596735][ T8679] kasan_save_stack+0x33/0x60 [ 225.601409][ T8679] kasan_save_track+0x14/0x30 [ 225.606077][ T8679] kasan_save_free_info+0x3b/0x60 [ 225.611090][ T8679] __kasan_slab_free+0x51/0x70 [ 225.615847][ T8679] kfree+0x2b4/0x4d0 [ 225.619736][ T8679] dvb_device_put.part.0+0x60/0x90 [ 225.624841][ T8679] dvb_device_open+0x2a4/0x3b0 [ 225.629601][ T8679] chrdev_open+0x231/0x6a0 [ 225.634012][ T8679] do_dentry_open+0x744/0x1c10 [ 225.638766][ T8679] vfs_open+0x82/0x3f0 [ 225.642818][ T8679] path_openat+0x1de4/0x2cb0 [ 225.647403][ T8679] do_filp_open+0x20b/0x470 [ 225.651893][ T8679] do_sys_openat2+0x11b/0x1d0 [ 225.656555][ T8679] __x64_sys_openat+0x174/0x210 [ 225.661393][ T8679] do_syscall_64+0xcd/0x490 [ 225.665895][ T8679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.671774][ T8679] [ 225.674082][ T8679] The buggy address belongs to the object at ffff88802afa5600 [ 225.674082][ T8679] which belongs to the cache kmalloc-256 of size 256 [ 225.688118][ T8679] The buggy address is located 24 bytes inside of [ 225.688118][ T8679] freed 256-byte region [ffff88802afa5600, ffff88802afa5700) [ 225.701812][ T8679] [ 225.704122][ T8679] The buggy address belongs to the physical page: [ 225.710525][ T8679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2afa4 [ 225.719283][ T8679] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 225.727768][ T8679] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 225.735304][ T8679] page_type: f5(slab) [ 225.739281][ T8679] raw: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 225.747855][ T8679] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 225.756427][ T8679] head: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 225.765262][ T8679] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 225.773919][ T8679] head: 00fff00000000001 ffffea0000abe901 00000000ffffffff 00000000ffffffff [ 225.782595][ T8679] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 225.791254][ T8679] page dumped because: kasan: bad access detected [ 225.797666][ T8679] page_owner tracks the page as allocated [ 225.803363][ T8679] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19641090706, free_ts 0 [ 225.823168][ T8679] post_alloc_hook+0x1c0/0x230 [ 225.827933][ T8679] get_page_from_freelist+0x1321/0x3890 [ 225.833478][ T8679] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 225.839365][ T8679] alloc_pages_mpol+0x1fb/0x550 [ 225.844200][ T8679] new_slab+0x23b/0x330 [ 225.848345][ T8679] ___slab_alloc+0xd9c/0x1940 [ 225.853010][ T8679] __slab_alloc.constprop.0+0x56/0xb0 [ 225.858372][ T8679] __kmalloc_cache_noprof+0xfb/0x3e0 [ 225.863652][ T8679] bus_add_driver+0x92/0x690 [ 225.868232][ T8679] driver_register+0x15c/0x4b0 [ 225.873017][ T8679] usb_register_driver+0x216/0x4d0 [ 225.878126][ T8679] do_one_initcall+0x120/0x6e0 [ 225.882879][ T8679] kernel_init_freeable+0x5c2/0x900 [ 225.888154][ T8679] kernel_init+0x1c/0x2b0 [ 225.892471][ T8679] ret_from_fork+0x5d4/0x6f0 [ 225.897054][ T8679] ret_from_fork_asm+0x1a/0x30 [ 225.901820][ T8679] page_owner free stack trace missing [ 225.907186][ T8679] [ 225.909529][ T8679] Memory state around the buggy address: [ 225.915143][ T8679] ffff88802afa5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 225.923197][ T8679] ffff88802afa5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 225.931245][ T8679] >ffff88802afa5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 225.939289][ T8679] ^ [ 225.944119][ T8679] ffff88802afa5680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 225.952168][ T8679] ffff88802afa5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 225.960209][ T8679] ================================================================== [ 226.369361][ T8679] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 226.376587][ T8679] CPU: 0 UID: 0 PID: 8679 Comm: syz.3.658 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) [ 226.388479][ T8679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 226.398520][ T8679] Call Trace: [ 226.401794][ T8679] [ 226.404766][ T8679] dump_stack_lvl+0x3d/0x1f0 [ 226.409377][ T8679] panic+0x71c/0x800 [ 226.413266][ T8679] ? __pfx_panic+0x10/0x10 [ 226.417674][ T8679] ? mark_held_locks+0x49/0x80 [ 226.422433][ T8679] ? preempt_schedule_thunk+0x16/0x30 [ 226.427804][ T8679] ? dvb_device_open+0x36a/0x3b0 [ 226.432739][ T8679] ? preempt_schedule_common+0x44/0xc0 [ 226.438291][ T8679] ? dvb_device_open+0x36a/0x3b0 [ 226.443223][ T8679] check_panic_on_warn+0xab/0xb0 [ 226.448154][ T8679] end_report+0x107/0x170 [ 226.452479][ T8679] kasan_report+0xee/0x110 [ 226.456883][ T8679] ? dvb_device_open+0x36a/0x3b0 [ 226.461816][ T8679] ? __pfx_dvb_device_open+0x10/0x10 [ 226.467096][ T8679] dvb_device_open+0x36a/0x3b0 [ 226.471856][ T8679] ? __pfx_dvb_device_open+0x10/0x10 [ 226.477136][ T8679] chrdev_open+0x231/0x6a0 [ 226.481548][ T8679] ? __pfx_apparmor_file_open+0x10/0x10 [ 226.487087][ T8679] ? __pfx_chrdev_open+0x10/0x10 [ 226.492105][ T8679] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 226.498877][ T8679] do_dentry_open+0x744/0x1c10 [ 226.503638][ T8679] ? __pfx_chrdev_open+0x10/0x10 [ 226.508682][ T8679] vfs_open+0x82/0x3f0 [ 226.512754][ T8679] path_openat+0x1de4/0x2cb0 [ 226.517347][ T8679] ? __pfx_path_openat+0x10/0x10 [ 226.522286][ T8679] ? __lock_acquire+0xb8a/0x1c90 [ 226.527254][ T8679] do_filp_open+0x20b/0x470 [ 226.531751][ T8679] ? __pfx_do_filp_open+0x10/0x10 [ 226.536775][ T8679] ? alloc_fd+0x471/0x7d0 [ 226.541114][ T8679] do_sys_openat2+0x11b/0x1d0 [ 226.545785][ T8679] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.550978][ T8679] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.556164][ T8679] ? __pfx___might_resched+0x10/0x10 [ 226.561525][ T8679] __x64_sys_openat+0x174/0x210 [ 226.566363][ T8679] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.571727][ T8679] do_syscall_64+0xcd/0x490 [ 226.576230][ T8679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.582109][ T8679] RIP: 0033:0x7f32f0f8e929 [ 226.586512][ T8679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.606110][ T8679] RSP: 002b:00007f32f1e25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.614511][ T8679] RAX: ffffffffffffffda RBX: 00007f32f11b5fa0 RCX: 00007f32f0f8e929 [ 226.622473][ T8679] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 226.630441][ T8679] RBP: 00007f32f1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 226.638489][ T8679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.646447][ T8679] R13: 0000000000000000 R14: 00007f32f11b5fa0 R15: 00007ffcd11b4488 [ 226.654432][ T8679] [ 226.657519][ T8679] Kernel Offset: disabled [ 226.661833][ T8679] Rebooting in 86400 seconds..