last executing test programs: 7.593427119s ago: executing program 2 (id=1599): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) shmctl$auto_IPC_INFO(0x76, 0x3, &(0x7f0000000380)={{0x2, 0xee01, 0x0, 0xfffffff9, 0x1, 0x5, 0xf}, 0x5, 0x102, 0x2, 0x6, @raw=0x1000, @inferred=r1, 0x0, 0x0, &(0x7f0000000240)="94eafd2a4ce50d8ebf091c48f8bad2797cb83bff162a266207b9526de34c45603f6d9f625d4a039c993eeebc3d10510f598767928758", &(0x7f0000000540)="7db975fa4c119bbb3395e71574cbfc6f347813b054e0818708b9061315b67267c4275a5ecc944a08e0863b4e339761abd1a9acb4d49d2fee98aec95515dc9071e779c0e6ba2b02bb68f2305b47d5e3c7c664cf9357838fc9acd82f4658fab036952a3311363ae8406a024b70705601fc404c99d79d8da6c927de352b99350a70f61c41a19be71d3328bf3e7dc3a6544c473aae0c09e4d48aa05ca86dc9f8788341a61b0d38e3af2e5cd5d3f46a76c4592287193b02de8830d99d66ea87c21a85b99a6c62a0be95959b38afe923b6340a8d4773fca45acbba091b694edf60a9f05da3e292717b693755e50a2148e748244994f61888"}) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6d) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/bind_mode\x00', 0xa001, 0x0) mmap$auto(0x0, 0x400000400008, 0xdf, 0x9b72, r3, 0x800000008000) write$auto(0x3, 0x0, 0xfffffdef) getsockopt$auto(r2, 0x84, 0x7d, 0x0, &(0x7f0000000000)=0x98) syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) mlockall$auto(0x10000) r4 = socket(0xa, 0x1, 0x84) getsockopt$auto(r4, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r5 = socket(0x9, 0x5, 0x7) sendmmsg$auto(r5, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0xffffffffffffffff, 0x0, 0x800000000e, 0x3, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, 0x0, 0x142, 0x0) setsockopt$auto(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x9) 6.933654462s ago: executing program 3 (id=1600): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r0 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ptrace$auto_PTRACE_GETSIGMASK(0x420a, r0, 0x6e3, 0x1) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000000)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x5}, 0x9}, 0x16d, 0x6, 0x0) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="720100", @ANYRES16=r4], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_taskstats(&(0x7f00000001c0), r2) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0xc4}, 0x7ff, 0x0, 0x0, 0x9}, 0x7}, 0x80000006, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) getsockopt$auto(0xffffffffffffffff, 0x84, 0x85, 0x0, &(0x7f00000000c0)=0x646b) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(0x0, 0x0, 0x700) socket(0xa, 0x5, 0x0) 6.226225716s ago: executing program 1 (id=1601): r0 = waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000180)={@siginfo_0_0={0x2, 0x100, 0x63, @_rt={0x0, 0xee01, @sival_ptr=&(0x7f00000000c0)="a8f60a3be3b3c4d0b177fd52ab59e7b85563cad700161e2ce2d71669e93dc3aadf85777321422267f2e01f0dfef0a8ea0a2112b44a01306000b6b3f0726d5ff7fbc3c25ce638d013126bd323fdecde94e30b8bef77c54cf18a4a4784fb0443a6bf805abbf2e0ce559b402facc0fb3b0bdf66ef11cd2de829fadec560c329ffd15e851a9504e5a42fd34347a5c547f714a08666f0aa200e2c60c816f67e30b210f724b6f30c95c7d4"}}}, 0x1, &(0x7f0000000200)={{0x40000000, 0xe}, {0xe540, 0x2}, 0x3ff, 0x32, 0xe2, 0x1, 0x4a78b7af, 0xacd, 0x6, 0x7, 0x100000000, 0x4, 0x7, 0xf1b1, 0x8, 0xbcb}) move_pages$auto(r0, 0x1121, &(0x7f0000000000)=&(0x7f00000002c0)="32b07d71dcae3057fd88c7da82fd6cf4cccf2c72f2f5a3617d3fa5a2e007697737f555e754dbdecc1828570fd481afbb15d5c1ee2317e24c288995267c92c873db34c352322432dbde2a71b997e0dd9fd58d4c8e1a0179692971c65745439b77f8552ac841d87a41bca1c8f7468dace209e2ced85d6c9a9d35b6e8d5f2671bb7fac2c9956f7090fce4e0d0f41ecab215b119038a8a4db028db03e96d4d544ce2e2d877edf1de363ad2360b7043a624ad898f1640fcf008069a788283c7a23a2719b8f5e638c2408fcf580ca251dbb6bf0fa1101c6ee8489a15f6d95b1b11b72242e7a9c6acea3469b770a480a9", &(0x7f00000003c0)=0x6, &(0x7f0000000400)=0x6b, 0x448) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x0) (async) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) (async) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) r2 = socket(0x2, 0x80002, 0x73) (async) socket(0x2, 0x1, 0x84) bind$auto(r2, &(0x7f0000000040)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x6a) (async) bind$auto(r2, &(0x7f0000000080)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x15}, 0x3}, 0x6a) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$auto_NL80211_CMD_CONNECT(r1, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x20, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x5}]}, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x4000000) (async) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) (async) r4 = socket(0xa, 0x801, 0x84) (async) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x202, 0x0) pwrite64$auto(r5, 0x0, 0x7, 0x7) sysfs$auto(0x2, 0x100000000000036, 0x0) (async) r6 = getsockopt$auto(r4, 0x84, 0x7d, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) fcntl$auto_F_RDLCK(r6, 0x81, 0x0) (async) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) (async) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r3) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) (async) sendmsg$auto_NFC_CMD_SE_IO(r4, 0x0, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) 5.300752605s ago: executing program 2 (id=1602): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r0 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ptrace$auto_PTRACE_GETSIGMASK(0x420a, r0, 0x6e3, 0x1) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x8000000}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000000)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x5}, 0x9}, 0x16d, 0x6, 0x0) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="720100", @ANYRES16=r4], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x7000000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r2) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000200)='5', 0x1) capset$auto(&(0x7f0000000340)={0x19980330}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x2f) 5.170868242s ago: executing program 0 (id=1603): openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x101080, 0x0) epoll_create$auto(0x3e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2d, 0x2, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40, 0x190}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00') pipe$auto(&(0x7f0000000100)) socketpair$auto(0x1, 0x1, 0x0, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 4.941659504s ago: executing program 3 (id=1604): r0 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="180000005d87458463938a292d7b5077c1e999d2cd1aa58cfca2df8671ab28ede9df41170bfa18301f25ff32a36a889e89fe4fe980f14d005e64c71b4642b039e3e8a417fc99115a327317c24e4c96389a9b9240fea7241f83dcff2fa735ee69a5e18efe8aacd62b5e5165a8ed191e88c2e8c106354688cb5ae04e9b123a22e4e1024e6e9192bc77bd665c42d81ce462fb6e91f91274897a63da9040020067198f859cb6878efbb5e1b13b22f2c59cac8dc49595536f5ac8fe62221ca7099d10633be4813f1d060567d027730420a7d6b9c6091e3130339896a3d90d1e6e9ddd251ffa393da27ef09411dba144eeff69ad8773bf", @ANYRES32=r0, @ANYRESDEC=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) mmap$auto(0x94, 0x1, 0xdf, 0x18, r0, 0x3) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8) bind$auto(0xffffffffffffffff, 0x0, 0x6a) r1 = gettid() mmap$auto(0x2, 0xb91, 0x8, 0x69fc, r0, 0x4) r2 = getpid() rt_tgsigqueueinfo$auto(r2, r1, 0x1, &(0x7f0000000600)={@_si_pad}) 4.828701317s ago: executing program 0 (id=1605): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1\xcb\b\xd7lW\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C\x15\xc4D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x91\xc1\xef(,\b\x83\xf1I\'Z:\x8d\xa0o\xf3\xe0\xb4R\x18\xec\x05\x89[\xfd\xa8\xef[\xe6\xe4*f\xfa\xe9\b\xec t\x95\xf8A\xc1\xa9YVA\x80\xd4I)G\xd9\xffz\x1e/\xd4\xfd\x1e\xdf\xf6\xe6\x95\"q\x80\x8a\xab\xb2\x99\xff\x96c+\x8b\xb6\x11\x95\x02\xf1K\x12\xcb\xaa\\Q\xb1\xd7\xe4\xaaP\b\xc6a\xbf\xed\xfa b\x1d\xde\x13)E\xf8\xa0\xc0I\xba&\xac\x17\x0f\xd3k\x1a\xfc?\x7f\x8f\xa7\xd7\xfc\x11\xc6\xb8\xe1l\x8b\xfbN\x02\x16u\xdb\xee\xbdYN$\x9c&\xa0^K\v\xfd\xdd\xc1\xfe\xcd\xb1\f\x8f^\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x86\xdf\x98\xaf\x8a\x19%\xce\x8e*qIOR\x04\"\xb0\xfaV\xde/5H\xeb\x1aW*\x82J\xa2\x0f_+;_\xfb\x02\xab\xe2A\xe2z\xeab\xc7\xc4\xed(\xeaQM\xeb\x83(Nx\xa9\xed[c\xf2\xb9\r\x8b=o\xb5\x15\xb8\x1b\x8aO\xe1\xa9\xedk\xac\t\xae\x8c\x95K\xe1\xbf\xfb\xecqc\x16\x0f\x0f\xf9\xe3uZ\xc8\xf3\x94\x1d\t\x00\x00\x00\x00\x00\x00\x00\xbc\xc5\xac\xfc_\x18a\xcd\xc3z%\xf5?\xab\xe1\xd0WD:\x12\xba\xcd\xf8\xd5\xa1j\xba\v b\x92m\x8c\xae\x9c^\xcd\x127,u\xf5U\xd6\xd7.X\x9e\x9e\xfb\xa8\x1f\xf2\xf8\x04\xc0\xa7w\xf4\x02\xe3\xc7K\xa6\xc9\xea\x88\x94\xb6\xcb&\xddx\xf6!D\xcc\xe2\xe9\xea\x043\x16C\xd9\x7f:\x81\xd8\x83\xb3;T\xeaH\x92\xbf\x10j\b\xf2\xe7\xc5}\x0e\xb0?\x89\xc5Bu\xf0\x03\xa1,\xb6\xef\x04\x04\x85\x13m\xb6\a\xce\xfb\xf1\x00\xc2\x038h\xf3\xe8\xfcp\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe01K\x81\xc5\x89u\xaf\x03\xd1\xd9\x97G \x8f\xb5\x9f\xea=K\xdb3\xad\\\xbb\x80\xf0\xe4\x17 \xf6\xc9\xfe>\xcf\xe9T\x1a\x82\x1fi\xfe\xcf\xdd\xd8O\x85E\xe1H\xc2\x96\x1e\xc6?t\xec\x9c\x1a\':\xd5\x89\x9f\xc9rSk\x96`\x19\x96\xd8xO\xa7+\xefB\x10\xab\xe0\xdf\x8e\':\xca\xe4v.3\xf6\'G\xff\xee\xfdT\xd9>4\xc3\x8c\x1aNZM\x87\x9c$\x8b \xe5\xbf\f\xa1\x7f0\xccLQ\xc38\xe4\x8c+\xa6\x19@\x9f\x136', 0x100000a3d5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="2800ec00", @ANYRES16=r3, @ANYBLOB="010325bd7040ffdbdf250a0000000c0002006e6c38303231310008000a00ef010000"], 0x28}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) write$auto_drm_connector_fops_drm_debugfs(r4, &(0x7f0000000340)="62275137ba0581caddf2105b30aa896af9ed01caf109332d60ef1782f2e4904befbb9cd21f2fbc488cb927196518806ccfccf45476003d297e8d659c8086ccdfbab3d996713c6f9925facac03fa6935292adb56f979f2f79c23ec24ff1391fd6beebcde0930e466ce48e9818b60c0835c083e67d5951b3d23a7050e074a7684ef7ce1c6c04a5945e1ca6ebc24164556e997411979ec3dfd4e6a937413cee136c1513625c5a90fbd612f577c6cafe40b63480c8fd615abc3db37bd6cab52f8be3fa2141b57b5ffe1f933ac967ce661e3912", 0xd1) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) madvise$auto(0x0, 0x200007, 0x19) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000010c0)=""/4082, 0xff2) setgroups$auto(0x1e9, &(0x7f0000000180)=0x400000) set_mempolicy$auto(0x6005, &(0x7f0000000040)=0x5, 0x4) r6 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) read$auto_proc_sessionid_operations_base(r6, &(0x7f00000000c0)=""/4096, 0x1000) 4.708603478s ago: executing program 3 (id=1606): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) madvise$auto(0xfff, 0x8, 0xab8) (rerun: 64) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async, rerun: 64) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) (async, rerun: 32) socket(0x2, 0x801, 0x100) (rerun: 32) mmap$auto(0x1, 0x3, 0x3, 0x55, 0xffffffffffffffff, 0x8001) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0) (async) read$auto_check_wx_fops_(r1, 0x0, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129c00, 0x0) (async) sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x4, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x40014) ioctl$auto(r2, 0xb21064a5, 0xffffffffffffffff) mlockall$auto(0x5) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/sit0/ioam6_id\x00', 0x88800, 0x0) (async) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, 0xffffffffffffffff) io_uring_setup$auto(0x8, 0x0) unshare$auto(0x40000080) (async, rerun: 64) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (rerun: 64) socket(0x28, 0x80000, 0x300) (async, rerun: 32) rseq$auto(&(0x7f0000000080)={0x1, 0x1a, 0x8, 0x10, 0x1ff, 0x7, "8f16dc10f5523b9507a300dc93629b248b24c311d73879f21e531e946c1ab14dc7a40e96333e813b1503a377a0bcfb8051a5811ffd8cb10be77982b7e52bd6f68b70721c62f8c04121ed"}, 0x3, 0x2000000, 0x4) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0643, 0x0) (async) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 4.625096969s ago: executing program 3 (id=1608): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1\xcb\b\xd7lW\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C\x15\xc4D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x91\xc1\xef(,\b\x83\xf1I\'Z:\x8d\xa0o\xf3\xe0\xb4R\x18\xec\x05\x89[\xfd\xa8\xef[\xe6\xe4*f\xfa\xe9\b\xec t\x95\xf8A\xc1\xa9YVA\x80\xd4I)G\xd9\xffz\x1e/\xd4\xfd\x1e\xdf\xf6\xe6\x95\"q\x80\x8a\xab\xb2\x99\xff\x96c+\x8b\xb6\x11\x95\x02\xf1K\x12\xcb\xaa\\Q\xb1\xd7\xe4\xaaP\b\xc6a\xbf\xed\xfa b\x1d\xde\x13)E\xf8\xa0\xc0I\xba&\xac\x17\x0f\xd3k\x1a\xfc?\x7f\x8f\xa7\xd7\xfc\x11\xc6\xb8\xe1l\x8b\xfbN\x02\x16u\xdb\xee\xbdYN$\x9c&\xa0^K\v\xfd\xdd\xc1\xfe\xcd\xb1\f\x8f^\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x86\xdf\x98\xaf\x8a\x19%\xce\x8e*qIOR\x04\"\xb0\xfaV\xde/5H\xeb\x1aW*\x82J\xa2\x0f_+;_\xfb\x02\xab\xe2A\xe2z\xeab\xc7\xc4\xed(\xeaQM\xeb\x83(Nx\xa9\xed[c\xf2\xb9\r\x8b=o\xb5\x15\xb8\x1b\x8aO\xe1\xa9\xedk\xac\t\xae\x8c\x95K\xe1\xbf\xfb\xecqc\x16\x0f\x0f\xf9\xe3uZ\xc8\xf3\x94\x1d\t\x00\x00\x00\x00\x00\x00\x00\xbc\xc5\xac\xfc_\x18a\xcd\xc3z%\xf5?\xab\xe1\xd0WD:\x12\xba\xcd\xf8\xd5\xa1j\xba\v b\x92m\x8c\xae\x9c^\xcd\x127,u\xf5U\xd6\xd7.X\x9e\x9e\xfb\xa8\x1f\xf2\xf8\x04\xc0\xa7w\xf4\x02\xe3\xc7K\xa6\xc9\xea\x88\x94\xb6\xcb&\xddx\xf6!D\xcc\xe2\xe9\xea\x043\x16C\xd9\x7f:\x81\xd8\x83\xb3;T\xeaH\x92\xbf\x10j\b\xf2\xe7\xc5}\x0e\xb0?\x89\xc5Bu\xf0\x03\xa1,\xb6\xef\x04\x04\x85\x13m\xb6\a\xce\xfb\xf1\x00\xc2\x038h\xf3\xe8\xfcp\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe01K\x81\xc5\x89u\xaf\x03\xd1\xd9\x97G \x8f\xb5\x9f\xea=K\xdb3\xad\\\xbb\x80\xf0\xe4\x17 \xf6\xc9\xfe>\xcf\xe9T\x1a\x82\x1fi\xfe\xcf\xdd\xd8O\x85E\xe1H\xc2\x96\x1e\xc6?t\xec\x9c\x1a\':\xd5\x89\x9f\xc9rSk\x96`\x19\x96\xd8xO\xa7+\xefB\x10\xab\xe0\xdf\x8e\':\xca\xe4v.3\xf6\'G\xff\xee\xfdT\xd9>4\xc3\x8c\x1aNZM\x87\x9c$\x8b \xe5\xbf\f\xa1\x7f0\xccLQ\xc38\xe4\x8c+\xa6\x19@\x9f\x136', 0x100000a3d5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) write$auto_drm_connector_fops_drm_debugfs(r2, &(0x7f0000000340)="62275137ba0581caddf2105b30aa896af9ed01caf109332d60ef1782f2e4904befbb9cd21f2fbc488cb927196518806ccfccf45476003d297e8d659c8086ccdfbab3d996713c6f9925facac03fa6935292adb56f979f2f79c23ec24ff1391fd6beebcde0930e466ce48e9818b60c0835c083e67d5951b3d23a7050e074a7684ef7ce1c6c04a5945e1ca6ebc24164556e997411979ec3dfd4e6a937413cee136c1513625c5a90fbd612f577c6cafe40b63480c8fd615abc3db37bd6cab52f8be3fa2141b57b5ffe1f933ac967ce661e3912", 0xd1) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000010c0)=""/4082, 0xff2) madvise$auto(0x1, 0x905, 0x6) setgroups$auto(0x1e9, &(0x7f0000000180)=0x400000) set_mempolicy$auto(0x6005, &(0x7f0000000040)=0x5, 0x4) r4 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) read$auto_proc_sessionid_operations_base(r4, &(0x7f00000000c0)=""/4096, 0x1000) madvise$auto(0x8, 0xc89, 0xffffff33) 3.793961878s ago: executing program 1 (id=1610): r0 = socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$[\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf250200000008000300800040000800030009"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.787282581s ago: executing program 2 (id=1611): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r5], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x7000000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f) 3.517434254s ago: executing program 1 (id=1612): r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) read$auto_gpiolib_fops_(r0, &(0x7f0000000800)=""/252, 0xfc) (fail_nth: 1) 2.849229374s ago: executing program 1 (id=1613): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) shmctl$auto_IPC_INFO(0x76, 0x3, &(0x7f0000000380)={{0x2, 0xee01, 0x0, 0xfffffff9, 0x1, 0x5, 0xf}, 0x5, 0x102, 0x2, 0x6, @raw=0x1000, @inferred=r1, 0x0, 0x0, &(0x7f0000000240)="94eafd2a4ce50d8ebf091c48f8bad2797cb83bff162a266207b9526de34c45603f6d9f625d4a039c993eeebc3d10510f598767928758", &(0x7f0000000540)="7db975fa4c119bbb3395e71574cbfc6f347813b054e0818708b9061315b67267c4275a5ecc944a08e0863b4e339761abd1a9acb4d49d2fee98aec95515dc9071e779c0e6ba2b02bb68f2305b47d5e3c7c664cf9357838fc9acd82f4658fab036952a3311363ae8406a024b70705601fc404c99d79d8da6c927de352b99350a70f61c41a19be71d3328bf3e7dc3a6544c473aae0c09e4d48aa05ca86dc9f8788341a61b0d38e3af2e5cd5d3f46a76c4592287193b02de8830d99d66ea87c21a85b99a6c62a0be95959b38afe923b6340a8d4773fca45acbba091b694edf60a9f05da3e292717b693755e50a2148e748244994f61888"}) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6d) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/bind_mode\x00', 0xa001, 0x0) mmap$auto(0x0, 0x400000400008, 0xdf, 0x9b72, r3, 0x800000008000) write$auto(0x3, 0x0, 0xfffffdef) getsockopt$auto(r2, 0x84, 0x7d, 0x0, &(0x7f0000000000)=0x98) syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) mlockall$auto(0x10000) r4 = socket(0xa, 0x1, 0x84) getsockopt$auto(r4, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r5 = socket(0x9, 0x5, 0x7) sendmmsg$auto(r5, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0xffffffffffffffff, 0x0, 0x800000000e, 0x3, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, 0x0, 0x142, 0x0) setsockopt$auto(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x9) 2.582820481s ago: executing program 2 (id=1614): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, 0x0, 0x100000a3d9) keyctl$auto(0xe, 0xfffffffffffff800, 0x0, 0x5eaf, 0x800) ioctl$auto_FIOQSIZE(r0, 0x5460, 0x2) socket(0x1e, 0x1, 0x388b) getpid() openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, &(0x7f0000000080)={0x9}, 0x8) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto_TIOCSWINSZ2(r2, 0x5414, &(0x7f0000000040)) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/veth1_macvtap/locktime\x00', 0x103142, 0x0) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/udp_port\x00', 0x202, 0x0) sendfile$auto(r6, r5, 0x0, 0x6) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1b0026bd7000fedbdf2503000000040003800c000b00ffffffffffffffff0400028012000100898035000000000000000000010000000c000380"], 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) socket(0x11, 0xa, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000280)=""/4096, 0x1000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) 2.579846392s ago: executing program 3 (id=1615): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1\xcb\b\xd7lW\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C\x15\xc4D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x91\xc1\xef(,\b\x83\xf1I\'Z:\x8d\xa0o\xf3\xe0\xb4R\x18\xec\x05\x89[\xfd\xa8\xef[\xe6\xe4*f\xfa\xe9\b\xec t\x95\xf8A\xc1\xa9YVA\x80\xd4I)G\xd9\xffz\x1e/\xd4\xfd\x1e\xdf\xf6\xe6\x95\"q\x80\x8a\xab\xb2\x99\xff\x96c+\x8b\xb6\x11\x95\x02\xf1K\x12\xcb\xaa\\Q\xb1\xd7\xe4\xaaP\b\xc6a\xbf\xed\xfa b\x1d\xde\x13)E\xf8\xa0\xc0I\xba&\xac\x17\x0f\xd3k\x1a\xfc?\x7f\x8f\xa7\xd7\xfc\x11\xc6\xb8\xe1l\x8b\xfbN\x02\x16u\xdb\xee\xbdYN$\x9c&\xa0^K\v\xfd\xdd\xc1\xfe\xcd\xb1\f\x8f^\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x86\xdf\x98\xaf\x8a\x19%\xce\x8e*qIOR\x04\"\xb0\xfaV\xde/5H\xeb\x1aW*\x82J\xa2\x0f_+;_\xfb\x02\xab\xe2A\xe2z\xeab\xc7\xc4\xed(\xeaQM\xeb\x83(Nx\xa9\xed[c\xf2\xb9\r\x8b=o\xb5\x15\xb8\x1b\x8aO\xe1\xa9\xedk\xac\t\xae\x8c\x95K\xe1\xbf\xfb\xecqc\x16\x0f\x0f\xf9\xe3uZ\xc8\xf3\x94\x1d\t\x00\x00\x00\x00\x00\x00\x00\xbc\xc5\xac\xfc_\x18a\xcd\xc3z%\xf5?\xab\xe1\xd0WD:\x12\xba\xcd\xf8\xd5\xa1j\xba\v b\x92m\x8c\xae\x9c^\xcd\x127,u\xf5U\xd6\xd7.X\x9e\x9e\xfb\xa8\x1f\xf2\xf8\x04\xc0\xa7w\xf4\x02\xe3\xc7K\xa6\xc9\xea\x88\x94\xb6\xcb&\xddx\xf6!D\xcc\xe2\xe9\xea\x043\x16C\xd9\x7f:\x81\xd8\x83\xb3;T\xeaH\x92\xbf\x10j\b\xf2\xe7\xc5}\x0e\xb0?\x89\xc5Bu\xf0\x03\xa1,\xb6\xef\x04\x04\x85\x13m\xb6\a\xce\xfb\xf1\x00\xc2\x038h\xf3\xe8\xfcp\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe01K\x81\xc5\x89u\xaf\x03\xd1\xd9\x97G \x8f\xb5\x9f\xea=K\xdb3\xad\\\xbb\x80\xf0\xe4\x17 \xf6\xc9\xfe>\xcf\xe9T\x1a\x82\x1fi\xfe\xcf\xdd\xd8O\x85E\xe1H\xc2\x96\x1e\xc6?t\xec\x9c\x1a\':\xd5\x89\x9f\xc9rSk\x96`\x19\x96\xd8xO\xa7+\xefB\x10\xab\xe0\xdf\x8e\':\xca\xe4v.3\xf6\'G\xff\xee\xfdT\xd9>4\xc3\x8c\x1aNZM\x87\x9c$\x8b \xe5\xbf\f\xa1\x7f0\xccLQ\xc38\xe4\x8c+\xa6\x19@\x9f\x136', 0x100000a3d5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) write$auto_drm_connector_fops_drm_debugfs(r2, &(0x7f0000000340)="62275137ba0581caddf2105b30aa896af9ed01caf109332d60ef1782f2e4904befbb9cd21f2fbc488cb927196518806ccfccf45476003d297e8d659c8086ccdfbab3d996713c6f9925facac03fa6935292adb56f979f2f79c23ec24ff1391fd6beebcde0930e466ce48e9818b60c0835c083e67d5951b3d23a7050e074a7684ef7ce1c6c04a5945e1ca6ebc24164556e997411979ec3dfd4e6a937413cee136c1513625c5a90fbd612f577c6cafe40b63480c8fd615abc3db37bd6cab52f8be3fa2141b57b5ffe1f933ac967ce661e3912", 0xd1) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000010c0)=""/4082, 0xff2) madvise$auto(0x1, 0x905, 0x6) setgroups$auto(0x1e9, &(0x7f0000000180)=0x400000) set_mempolicy$auto(0x6005, &(0x7f0000000040)=0x5, 0x4) r4 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0) read$auto_proc_sessionid_operations_base(r4, &(0x7f00000000c0)=""/4096, 0x1000) madvise$auto(0x8, 0xc89, 0xffffff33) 1.138366078s ago: executing program 0 (id=1616): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) pread64$auto(r1, 0x0, 0x3ff, 0x400100) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002780)={0x40, r2, 0x1b, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_KEY={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "89803500"}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@nested={0x5, 0x17, 0x0, 0x1, [@generic="1f"]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) r3 = io_uring_setup$auto(0x5, 0x0) clock_nanosleep$auto(0xfffffff2, 0x4c, 0x0, 0x0) (async) sched_getscheduler$auto(0x0) (async) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fb0\x00', 0x8100, 0x0) ioctl$auto_FBIOPUTCMAP(r4, 0x4605, &(0x7f00000002c0)="aa9c42301b3d7a7ec6") (async, rerun: 64) mount_setattr$auto(r3, &(0x7f0000000000)='./file0\x00', 0x1, &(0x7f0000000040)={0x97, 0x9, 0x7fffffffffffffff, @raw=0x8}, 0x8000) (async, rerun: 64) r5 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010026bd7020fddbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="080001000000000008000200", @ANYRES32, @ANYBLOB='i\x00\x00\x00\x00\x00\x00\x00'], 0x34}, 0x1, 0x0, 0x0, 0x4c855}, 0x4880) (async) sendmsg$auto_OVS_DP_CMD_NEW(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="0000000000000000000000000000ae1ce5d50e78250000117e1111d5daeab88561afa51e65edfb8c02fc10ebdc676c3dfdd0927ab279306d14f73d01856af78d70a618aede0fca11d352"], 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) (async) r8 = semctl$auto_GETPID(0x10000, 0x5, 0xb, 0x3) (async, rerun: 64) r9 = waitid$auto_P_ALL(0x0, 0x0, &(0x7f00000000c0)={@siginfo_0_0={0x40000000, 0x5, 0x9, @_kill={0x0, 0xee00}}}, 0x10001, &(0x7f0000000140)={{0x2, 0x3}, {0x2, 0x3}, 0x0, 0x0, 0xe, 0x800, 0x5, 0xfffffffffffffffa, 0x1, 0x6, 0x1, 0x6, 0x80, 0x789, 0x6, 0x6ed}) (async, rerun: 64) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'veth1_to_batadv\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x64, r7, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r8}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xb73c}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x2}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0xffffffffffffffff}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x5c}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0xca}, @OVS_DP_ATTR_NAME={0xd, 0x1, ':*\xad\xcd*#}@\x00'}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r10}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 1.094237884s ago: executing program 2 (id=1617): msync$auto(0x1ffff000, 0x18000000000f4ff, 0x400000004) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8004) shmat$auto(0x0, 0x0, 0x873) unshare$auto(0x40000080) ioctl$auto(0xffffffffffffffff, 0xc0404d1a, 0xffffffffffffffff) socket(0x8, 0x3, 0x4000) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x13db42, 0x0) write$auto(r0, 0x0, 0x7fffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc040, 0x0) ioctl$auto(0x3, 0x80081280, 0x90000800000402) socket(0x25, 0x5, 0x0) 653.305603ms ago: executing program 0 (id=1618): r0 = openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000000)={0x2801, 0x111, 0x11}, 0x18) mmap$auto(0x2, 0x202000c, 0x63, 0xebf, r0, 0xffffffffffffffff) fstat$auto(0x2, 0x0) close_range$auto(0x2, 0x8, 0x1) socket(0xa, 0x5, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r1, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00?\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) open(0x0, 0x22240, 0x154) r2 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) readv$auto(r3, &(0x7f00000000c0)={0x0, 0x5}, 0x3) r4 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) write$auto_proc_clear_refs_operations_internal(r4, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) setsockopt$auto(0x5, 0x104000000000010e, 0x2, 0x0, 0x16) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/udp_slot_table_entries\x00', 0x80302, 0x0) sendfile$auto(r5, r5, 0x0, 0x1) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sysfs$auto(0x2, 0x0, 0x0) r6 = epoll_create$auto(0x4) r7 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(r6, 0x1, r7, 0x0) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim13\x00', 0x0, 0x0) 531.718376ms ago: executing program 1 (id=1619): select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 474.434328ms ago: executing program 0 (id=1620): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r1) sendmsg$auto_TASKSTATS_CMD_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010a2bbd7000fbdbdf25010000000e0004004e2d", @ANYRESOCT=r1], 0x24}, 0x1, 0x0, 0x3f, 0xc001}, 0x40d4) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x80002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x6, 0x9}, 0x7f}, 0x803, 0x0) 439.238176ms ago: executing program 3 (id=1621): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0xc01) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_XFS_IOC_COMMIT_RANGE(r0, 0x40585883, &(0x7f0000000280)={r1, 0x0, 0x1, 0x6, 0x9, 0x10001, [0x22, 0x5, 0x3, 0x8, 0x5, 0x8]}) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffff7fffff0005, 0x8) setfsgid$auto(0xee01) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) fcntl$auto(0xffffffffffffffff, 0x402, 0x2) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r2, [], {0x2, 0x4, 0x6, 0x2, 0x400, 0x4, 0x7, 0x5, 0x80000000}, {0x7, 0xd, 0x6e68, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}}) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000010c0)=""/4096, 0x1000) setsockopt$auto_SO_MARK(r1, 0xd, 0x24, &(0x7f0000000100)=']}&##/\'.\x00', 0x6) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r4 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) write$auto(r4, 0x0, 0xc70) bpf$auto(0x0, &(0x7f00000001c0)=@iter_create={0xffffffffffffffff, 0x9}, 0x2) 245.206139ms ago: executing program 1 (id=1622): r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) read$auto_gpiolib_fops_(r0, &(0x7f0000000800)=""/252, 0xfc) (fail_nth: 2) 243.561736ms ago: executing program 0 (id=1623): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r5], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x7000000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f) 0s ago: executing program 2 (id=1624): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) epoll_create$auto(0x3e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2d, 0x2, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40, 0x190}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00') pipe$auto(&(0x7f0000000100)) socketpair$auto(0x1, 0x1, 0x0, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) kernel console output (not intermixed with test programs): 373.431952][T10475] ? __pfx___x64_sys_openat+0x10/0x10 [ 373.431976][T10475] do_syscall_64+0xcd/0x490 [ 373.431999][T10475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.432014][T10475] RIP: 0033:0x7f081238e929 [ 373.432027][T10475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.432041][T10475] RSP: 002b:00007f081319d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 373.432056][T10475] RAX: ffffffffffffffda RBX: 00007f08125b6080 RCX: 00007f081238e929 [ 373.432066][T10475] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 373.432075][T10475] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 373.432083][T10475] R10: 000000000000ffff R11: 0000000000000246 R12: 0000000000000000 [ 373.432092][T10475] R13: 0000000000000000 R14: 00007f08125b6080 R15: 00007fffce9c1a38 [ 373.432111][T10475] [ 375.087851][T10509] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1172'. [ 375.142650][T10509] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1172'. [ 376.715422][T10532] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 376.866514][T10541] FAULT_INJECTION: forcing a failure. [ 376.866514][T10541] name failslab, interval 1, probability 0, space 0, times 0 [ 376.916698][T10541] CPU: 0 UID: 0 PID: 10541 Comm: syz.0.1177 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 376.916738][T10541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 376.916752][T10541] Call Trace: [ 376.916760][T10541] [ 376.916770][T10541] dump_stack_lvl+0x16c/0x1f0 [ 376.916811][T10541] should_fail_ex+0x512/0x640 [ 376.916844][T10541] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 376.916885][T10541] should_failslab+0xc2/0x120 [ 376.916909][T10541] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 376.916964][T10541] ? __alloc_skb+0x2b2/0x380 [ 376.917001][T10541] __alloc_skb+0x2b2/0x380 [ 376.917034][T10541] ? __pfx___alloc_skb+0x10/0x10 [ 376.917065][T10541] ? __pfx___mutex_trylock_common+0x10/0x10 [ 376.917105][T10541] ? rcu_is_watching+0x12/0xc0 [ 376.917137][T10541] netlink_dump+0x678/0xce0 [ 376.917163][T10541] ? __rhashtable_lookup.constprop.0+0x3a5/0x760 [ 376.917189][T10541] ? __netlink_dump_start+0x150/0x990 [ 376.917216][T10541] ? __pfx_netlink_dump+0x10/0x10 [ 376.917239][T10541] ? __pfx___mutex_lock+0x10/0x10 [ 376.917300][T10541] __netlink_dump_start+0x6d6/0x990 [ 376.917331][T10541] ? __pfx_neigh_dump_info+0x10/0x10 [ 376.917358][T10541] rtnetlink_rcv_msg+0xb3e/0xe90 [ 376.917381][T10541] ? __pfx_neigh_dump_info+0x10/0x10 [ 376.917410][T10541] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 376.917435][T10541] ? __pfx_neigh_dump_info+0x10/0x10 [ 376.917467][T10541] ? __lock_acquire+0x622/0x1c90 [ 376.917505][T10541] netlink_rcv_skb+0x155/0x420 [ 376.917532][T10541] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 376.917559][T10541] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 376.917600][T10541] ? netlink_deliver_tap+0x1ae/0xd30 [ 376.917625][T10541] ? is_vmalloc_addr+0x86/0xa0 [ 376.917665][T10541] netlink_unicast+0x53a/0x7f0 [ 376.917697][T10541] ? __pfx_netlink_unicast+0x10/0x10 [ 376.917736][T10541] netlink_sendmsg+0x8d1/0xdd0 [ 376.917770][T10541] ? __pfx_netlink_sendmsg+0x10/0x10 [ 376.917812][T10541] ____sys_sendmsg+0xa95/0xc70 [ 376.917843][T10541] ? copy_msghdr_from_user+0x10a/0x160 [ 376.917879][T10541] ? __pfx_____sys_sendmsg+0x10/0x10 [ 376.917936][T10541] ___sys_sendmsg+0x134/0x1d0 [ 376.917975][T10541] ? __pfx____sys_sendmsg+0x10/0x10 [ 376.918005][T10541] ? __lock_acquire+0x622/0x1c90 [ 376.918075][T10541] __sys_sendmsg+0x16d/0x220 [ 376.918112][T10541] ? __pfx___sys_sendmsg+0x10/0x10 [ 376.918170][T10541] do_syscall_64+0xcd/0x490 [ 376.918206][T10541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.918229][T10541] RIP: 0033:0x7f081238e929 [ 376.918250][T10541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 376.918272][T10541] RSP: 002b:00007f081317c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 376.918296][T10541] RAX: ffffffffffffffda RBX: 00007f08125b6160 RCX: 00007f081238e929 [ 376.918312][T10541] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000006 [ 376.918345][T10541] RBP: 00007f081317c090 R08: 0000000000000000 R09: 0000000000000000 [ 376.918359][T10541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 376.918372][T10541] R13: 0000000000000000 R14: 00007f08125b6160 R15: 00007fffce9c1a38 [ 376.918405][T10541] [ 377.347892][T10535] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1177'. [ 377.357118][T10535] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1177'. [ 378.637339][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.647909][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.990841][T10562] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1183'. [ 379.026884][T10562] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1183'. [ 380.159899][T10579] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1187'. [ 380.661346][T10594] FAULT_INJECTION: forcing a failure. [ 380.661346][T10594] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 380.804661][T10594] CPU: 1 UID: 0 PID: 10594 Comm: syz.3.1192 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 380.804700][T10594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 380.804716][T10594] Call Trace: [ 380.804725][T10594] [ 380.804735][T10594] dump_stack_lvl+0x16c/0x1f0 [ 380.804777][T10594] should_fail_ex+0x512/0x640 [ 380.804803][T10594] _copy_to_user+0x32/0xd0 [ 380.804826][T10594] simple_read_from_buffer+0xcb/0x170 [ 380.804847][T10594] proc_fail_nth_read+0x197/0x270 [ 380.804864][T10594] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 380.804882][T10594] ? rw_verify_area+0xcf/0x680 [ 380.804899][T10594] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 380.804915][T10594] vfs_read+0x1e1/0xc60 [ 380.804937][T10594] ? __pfx___mutex_lock+0x10/0x10 [ 380.804959][T10594] ? __pfx_vfs_read+0x10/0x10 [ 380.804984][T10594] ? __fget_files+0x20e/0x3c0 [ 380.805008][T10594] ksys_read+0x12a/0x250 [ 380.805026][T10594] ? __pfx_ksys_read+0x10/0x10 [ 380.805051][T10594] do_syscall_64+0xcd/0x490 [ 380.805074][T10594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.805089][T10594] RIP: 0033:0x7fb03158d33c [ 380.805102][T10594] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 380.805115][T10594] RSP: 002b:00007fb0323d9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 380.805129][T10594] RAX: ffffffffffffffda RBX: 00007fb0317b5fa0 RCX: 00007fb03158d33c [ 380.805138][T10594] RDX: 000000000000000f RSI: 00007fb0323d90a0 RDI: 0000000000000004 [ 380.805147][T10594] RBP: 00007fb0323d9090 R08: 0000000000000000 R09: 0000000000000000 [ 380.805155][T10594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 380.805163][T10594] R13: 0000000000000000 R14: 00007fb0317b5fa0 R15: 00007ffce878b018 [ 380.805181][T10594] [ 381.079649][T10602] FAULT_INJECTION: forcing a failure. [ 381.079649][T10602] name failslab, interval 1, probability 0, space 0, times 0 [ 381.130167][T10602] CPU: 1 UID: 0 PID: 10602 Comm: syz.1.1193 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 381.130204][T10602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 381.130219][T10602] Call Trace: [ 381.130229][T10602] [ 381.130239][T10602] dump_stack_lvl+0x16c/0x1f0 [ 381.130283][T10602] should_fail_ex+0x512/0x640 [ 381.130317][T10602] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 381.130369][T10602] should_failslab+0xc2/0x120 [ 381.130397][T10602] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 381.130443][T10602] ? trace_kmem_cache_alloc+0x28/0xc0 [ 381.130472][T10602] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 381.130510][T10602] ? mas_alloc_nodes+0x18b/0x8b0 [ 381.130550][T10602] ? mas_alloc_nodes+0x2f1/0x8b0 [ 381.130580][T10602] mas_alloc_nodes+0x2f1/0x8b0 [ 381.130620][T10602] mas_node_count_gfp+0x105/0x130 [ 381.130658][T10602] mas_preallocate+0x77b/0xda0 [ 381.130693][T10602] ? __pfx_mas_preallocate+0x10/0x10 [ 381.130732][T10602] ? vma_merge_new_range+0x37f/0xa00 [ 381.130767][T10602] ? vm_area_alloc+0x1f/0x160 [ 381.130799][T10602] ? lockdep_init_map_type+0x5c/0x280 [ 381.130838][T10602] __mmap_region+0x1104/0x25e0 [ 381.130881][T10602] ? __pfx___mmap_region+0x10/0x10 [ 381.130917][T10602] ? rcu_is_watching+0x12/0xc0 [ 381.130952][T10602] ? rcu_is_watching+0x12/0xc0 [ 381.130978][T10602] ? trace_sched_exit_tp+0xde/0x130 [ 381.131006][T10602] ? __schedule+0x1181/0x5de0 [ 381.131061][T10602] ? __pfx___schedule+0x10/0x10 [ 381.131142][T10602] ? mm_get_unmapped_area+0x95/0xe0 [ 381.131182][T10602] mmap_region+0x1ab/0x3f0 [ 381.131219][T10602] ? __get_unmapped_area+0x267/0x440 [ 381.131252][T10602] do_mmap+0xa3e/0x1210 [ 381.131289][T10602] ? __pfx_do_mmap+0x10/0x10 [ 381.131318][T10602] ? __pfx_down_write_killable+0x10/0x10 [ 381.131361][T10602] vm_mmap_pgoff+0x281/0x450 [ 381.131397][T10602] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 381.131434][T10602] ? __x64_sys_futex+0x1e0/0x4c0 [ 381.131465][T10602] ? __x64_sys_futex+0x1e9/0x4c0 [ 381.131498][T10602] ksys_mmap_pgoff+0x7d/0x5c0 [ 381.131524][T10602] ? xfd_validate_state+0x61/0x180 [ 381.131554][T10602] ? __pfx_ksys_write+0x10/0x10 [ 381.131595][T10602] __x64_sys_mmap+0x125/0x190 [ 381.131634][T10602] do_syscall_64+0xcd/0x490 [ 381.131675][T10602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.131703][T10602] RIP: 0033:0x7f953958e929 [ 381.131726][T10602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 381.131753][T10602] RSP: 002b:00007f953a322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 381.131775][T10602] RAX: ffffffffffffffda RBX: 00007f95397b5fa0 RCX: 00007f953958e929 [ 381.131793][T10602] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 381.131809][T10602] RBP: 00007f9539610b39 R08: 0000000000000401 R09: 0000000000008000 [ 381.131824][T10602] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 381.131839][T10602] R13: 0000000000000000 R14: 00007f95397b5fa0 R15: 00007ffc7520c1a8 [ 381.131875][T10602] [ 381.332492][T10607] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1195'. [ 381.468818][T10607] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1195'. [ 381.495744][T10609] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1194'. [ 381.824662][T10614] kAFS: No cell specified [ 382.152454][T10622] FAULT_INJECTION: forcing a failure. [ 382.152454][T10622] name failslab, interval 1, probability 0, space 0, times 0 [ 382.189738][T10622] CPU: 0 UID: 0 PID: 10622 Comm: syz.3.1200 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 382.189774][T10622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 382.189788][T10622] Call Trace: [ 382.189797][T10622] [ 382.189807][T10622] dump_stack_lvl+0x16c/0x1f0 [ 382.189848][T10622] should_fail_ex+0x512/0x640 [ 382.189880][T10622] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 382.189918][T10622] should_failslab+0xc2/0x120 [ 382.189943][T10622] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 382.189981][T10622] ? ima_match_policy+0x7f9/0x22e0 [ 382.190004][T10622] ? vm_area_dup+0x27/0x8d0 [ 382.190040][T10622] vm_area_dup+0x27/0x8d0 [ 382.190073][T10622] __split_vma+0x18e/0x1070 [ 382.190111][T10622] ? __pfx___split_vma+0x10/0x10 [ 382.190165][T10622] vms_gather_munmap_vmas+0x1c2/0x1310 [ 382.190205][T10622] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 382.190241][T10622] ? mas_walk+0x6a6/0x910 [ 382.190288][T10622] __mmap_region+0x3c7/0x25e0 [ 382.190328][T10622] ? __pfx___mmap_region+0x10/0x10 [ 382.190373][T10622] ? is_bpf_text_address+0x8a/0x1a0 [ 382.190405][T10622] ? bpf_ksym_find+0x124/0x1c0 [ 382.190431][T10622] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 382.190459][T10622] ? is_bpf_text_address+0x94/0x1a0 [ 382.190497][T10622] ? kernel_text_address+0x8d/0x100 [ 382.190534][T10622] ? __kernel_text_address+0xd/0x40 [ 382.190569][T10622] ? unwind_get_return_address+0x59/0xa0 [ 382.190606][T10622] ? arch_stack_walk+0xa6/0x100 [ 382.190649][T10622] ? __lock_acquire+0x622/0x1c90 [ 382.190731][T10622] ? __lock_acquire+0xb8a/0x1c90 [ 382.190772][T10622] mmap_region+0x1ab/0x3f0 [ 382.190807][T10622] ? __get_unmapped_area+0x267/0x440 [ 382.190840][T10622] do_mmap+0xa3e/0x1210 [ 382.190875][T10622] ? __pfx_do_mmap+0x10/0x10 [ 382.190903][T10622] ? __pfx_down_write_killable+0x10/0x10 [ 382.190937][T10622] vm_mmap_pgoff+0x281/0x450 [ 382.190970][T10622] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 382.191002][T10622] ? __fget_files+0x20e/0x3c0 [ 382.191042][T10622] ksys_mmap_pgoff+0x32c/0x5c0 [ 382.191068][T10622] ? __pfx_ksys_write+0x10/0x10 [ 382.191107][T10622] __x64_sys_mmap+0x125/0x190 [ 382.191144][T10622] do_syscall_64+0xcd/0x490 [ 382.191182][T10622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.191208][T10622] RIP: 0033:0x7fb03158e929 [ 382.191230][T10622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 382.191253][T10622] RSP: 002b:00007fb0323d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 382.191277][T10622] RAX: ffffffffffffffda RBX: 00007fb0317b5fa0 RCX: 00007fb03158e929 [ 382.191295][T10622] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffa000 [ 382.191311][T10622] RBP: 00007fb0323d9090 R08: 0000000000000003 R09: 0000000100000000 [ 382.191327][T10622] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 382.191342][T10622] R13: 0000000000000000 R14: 00007fb0317b5fa0 R15: 00007ffce878b018 [ 382.191378][T10622] [ 382.504686][T10621] Process accounting paused [ 382.589037][T10627] snd_aloop snd_aloop.0: control 16781581:65539:6:é'x?F¢é/èìzFË·fCªáª:7 is already present [ 383.224677][T10646] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1206'. [ 383.293192][T10645] FAULT_INJECTION: forcing a failure. [ 383.293192][T10645] name failslab, interval 1, probability 0, space 0, times 0 [ 383.306223][T10645] CPU: 1 UID: 0 PID: 10645 Comm: syz.2.1205 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 383.306261][T10645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 383.306274][T10645] Call Trace: [ 383.306283][T10645] [ 383.306292][T10645] dump_stack_lvl+0x16c/0x1f0 [ 383.306335][T10645] should_fail_ex+0x512/0x640 [ 383.306368][T10645] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 383.306412][T10645] should_failslab+0xc2/0x120 [ 383.306438][T10645] __kmalloc_cache_noprof+0x6a/0x3e0 [ 383.306469][T10645] ? snd_card_file_add+0x52/0x330 [ 383.306488][T10645] snd_card_file_add+0x52/0x330 [ 383.306505][T10645] snd_pcm_oss_open+0x1cf/0x1400 [ 383.306521][T10645] ? lockdep_hardirqs_on+0x7c/0x110 [ 383.306545][T10645] ? find_held_lock+0x2b/0x80 [ 383.306560][T10645] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 383.306577][T10645] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 383.306593][T10645] ? __lock_acquire+0xb8a/0x1c90 [ 383.306614][T10645] ? __lock_acquire+0xb8a/0x1c90 [ 383.306636][T10645] ? do_raw_spin_lock+0x12c/0x2b0 [ 383.306659][T10645] ? soundcore_open+0x35a/0x580 [ 383.306681][T10645] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 383.306698][T10645] soundcore_open+0x409/0x580 [ 383.306721][T10645] ? __pfx_soundcore_open+0x10/0x10 [ 383.306742][T10645] chrdev_open+0x234/0x6a0 [ 383.306764][T10645] ? __pfx_apparmor_file_open+0x10/0x10 [ 383.306782][T10645] ? __pfx_chrdev_open+0x10/0x10 [ 383.306805][T10645] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 383.306827][T10645] do_dentry_open+0x741/0x1c10 [ 383.306848][T10645] ? __pfx_chrdev_open+0x10/0x10 [ 383.306873][T10645] vfs_open+0x82/0x3f0 [ 383.306890][T10645] path_openat+0x1de4/0x2cb0 [ 383.306917][T10645] ? __pfx_path_openat+0x10/0x10 [ 383.306938][T10645] ? __lock_acquire+0xb8a/0x1c90 [ 383.306958][T10645] do_filp_open+0x20b/0x470 [ 383.306979][T10645] ? __pfx_do_filp_open+0x10/0x10 [ 383.307012][T10645] ? alloc_fd+0x471/0x7d0 [ 383.307037][T10645] do_sys_openat2+0x11b/0x1d0 [ 383.307052][T10645] ? __pfx_do_sys_openat2+0x10/0x10 [ 383.307067][T10645] ? find_held_lock+0x2b/0x80 [ 383.307081][T10645] ? handle_mm_fault+0x2ab/0xd10 [ 383.307104][T10645] __x64_sys_openat+0x174/0x210 [ 383.307120][T10645] ? __pfx___x64_sys_openat+0x10/0x10 [ 383.307147][T10645] do_syscall_64+0xcd/0x490 [ 383.307171][T10645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.307186][T10645] RIP: 0033:0x7f863db8e929 [ 383.307199][T10645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 383.307214][T10645] RSP: 002b:00007f863b9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 383.307229][T10645] RAX: ffffffffffffffda RBX: 00007f863ddb6080 RCX: 00007f863db8e929 [ 383.307239][T10645] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 383.307249][T10645] RBP: 00007f863dc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 383.307258][T10645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 383.307267][T10645] R13: 0000000000000000 R14: 00007f863ddb6080 R15: 00007ffcea4f34f8 [ 383.307286][T10645] [ 383.809282][T10648] FAULT_INJECTION: forcing a failure. [ 383.809282][T10648] name fail_futex, interval 1, probability 0, space 0, times 0 [ 383.956244][T10648] CPU: 0 UID: 0 PID: 10648 Comm: syz.2.1207 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 383.956269][T10648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 383.956279][T10648] Call Trace: [ 383.956284][T10648] [ 383.956291][T10648] dump_stack_lvl+0x16c/0x1f0 [ 383.956317][T10648] should_fail_ex+0x512/0x640 [ 383.956341][T10648] get_futex_key+0x1d0/0x1540 [ 383.956360][T10648] ? __pfx_get_futex_key+0x10/0x10 [ 383.956376][T10648] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 383.956406][T10648] ? lockdep_hardirqs_on+0x7c/0x110 [ 383.956429][T10648] ? __destroy_inode+0x2e4/0x730 [ 383.956444][T10648] ? __pfx_sock_free_inode+0x10/0x10 [ 383.956463][T10648] futex_wake+0xea/0x530 [ 383.956484][T10648] ? __pfx_evict+0x10/0x10 [ 383.956497][T10648] ? __pfx_futex_wake+0x10/0x10 [ 383.956518][T10648] ? iput+0x519/0x880 [ 383.956536][T10648] do_futex+0x1e3/0x350 [ 383.956554][T10648] ? __pfx_do_futex+0x10/0x10 [ 383.956571][T10648] ? __sock_release+0x20b/0x270 [ 383.956588][T10648] __x64_sys_futex+0x1e0/0x4c0 [ 383.956607][T10648] ? __sys_socket+0xac/0x260 [ 383.956624][T10648] ? __pfx___x64_sys_futex+0x10/0x10 [ 383.956641][T10648] ? xfd_validate_state+0x61/0x180 [ 383.956666][T10648] do_syscall_64+0xcd/0x490 [ 383.956690][T10648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.956705][T10648] RIP: 0033:0x7f863db8e929 [ 383.956717][T10648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 383.956732][T10648] RSP: 002b:00007f863e9240e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 383.956747][T10648] RAX: ffffffffffffffda RBX: 00007f863ddb5fa8 RCX: 00007f863db8e929 [ 383.956757][T10648] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f863ddb5fac [ 383.956766][T10648] RBP: 00007f863ddb5fa0 R08: 00007f863e925000 R09: 0000000000000000 [ 383.956775][T10648] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f863ddb5fac [ 383.956784][T10648] R13: 0000000000000000 R14: 00007ffcea4f3410 R15: 00007ffcea4f34f8 [ 383.956802][T10648] [ 384.562183][T10656] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1209'. [ 384.885510][T10664] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1211'. [ 384.979645][T10664] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1211'. [ 386.381595][T10685] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1215'. [ 386.419758][T10685] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1215'. [ 387.764254][T10712] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1221'. [ 389.054286][T10717] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1222'. [ 389.063925][T10717] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1222'. [ 390.000534][T10726] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1225'. [ 390.084971][T10726] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1225'. [ 391.671983][T10750] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1230'. [ 391.708081][T10750] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1230'. [ 392.545845][T10763] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1233'. [ 392.599706][T10763] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1233'. [ 393.499186][T10779] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1237'. [ 393.508702][T10779] FAULT_INJECTION: forcing a failure. [ 393.508702][T10779] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 393.548733][T10779] CPU: 0 UID: 0 PID: 10779 Comm: syz.2.1237 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 393.548769][T10779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 393.548783][T10779] Call Trace: [ 393.548791][T10779] [ 393.548801][T10779] dump_stack_lvl+0x16c/0x1f0 [ 393.548840][T10779] should_fail_ex+0x512/0x640 [ 393.548867][T10779] _copy_from_user+0x2e/0xd0 [ 393.548890][T10779] kstrtouint_from_user+0xd6/0x1d0 [ 393.548907][T10779] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 393.548923][T10779] ? __lock_acquire+0xb8a/0x1c90 [ 393.548950][T10779] proc_fail_nth_write+0x83/0x250 [ 393.548968][T10779] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 393.548990][T10779] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 393.549005][T10779] vfs_write+0x2a0/0x1150 [ 393.549028][T10779] ? __pfx___mutex_lock+0x10/0x10 [ 393.549051][T10779] ? __pfx_vfs_write+0x10/0x10 [ 393.549076][T10779] ? __fget_files+0x20e/0x3c0 [ 393.549100][T10779] ksys_write+0x12a/0x250 [ 393.549119][T10779] ? __pfx_ksys_write+0x10/0x10 [ 393.549144][T10779] do_syscall_64+0xcd/0x490 [ 393.549168][T10779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.549183][T10779] RIP: 0033:0x7f863db8d3df [ 393.549195][T10779] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 393.549208][T10779] RSP: 002b:00007f863b9f6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 393.549222][T10779] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f863db8d3df [ 393.549231][T10779] RDX: 0000000000000001 RSI: 00007f863b9f60a0 RDI: 0000000000000007 [ 393.549240][T10779] RBP: 00007f863b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 393.549249][T10779] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 393.549257][T10779] R13: 0000000000000000 R14: 00007f863ddb6080 R15: 00007ffcea4f34f8 [ 393.549276][T10779] [ 393.973727][T10782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1239'. [ 394.839303][T10798] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1243'. [ 394.918334][T10798] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1243'. [ 396.830579][T10821] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1247'. [ 396.866486][T10821] nbd: must specify a size in bytes for the device [ 398.446494][T10841] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1250'. [ 398.456497][T10841] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1250'. [ 398.468194][T10841] tc_dump_action: action bad kind [ 400.132111][T10862] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1256'. [ 400.180763][T10860] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1256'. [ 401.161069][T10879] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1263'. [ 401.227270][T10879] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1263'. [ 401.415763][T10883] netlink: 202 bytes leftover after parsing attributes in process `syz.1.1264'. [ 402.140669][T10895] FAULT_INJECTION: forcing a failure. [ 402.140669][T10895] name failslab, interval 1, probability 0, space 0, times 0 [ 402.171848][T10895] CPU: 0 UID: 0 PID: 10895 Comm: syz.3.1268 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 402.171884][T10895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 402.171899][T10895] Call Trace: [ 402.171907][T10895] [ 402.171918][T10895] dump_stack_lvl+0x16c/0x1f0 [ 402.171960][T10895] should_fail_ex+0x512/0x640 [ 402.171993][T10895] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 402.172033][T10895] should_failslab+0xc2/0x120 [ 402.172057][T10895] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 402.172094][T10895] ? mas_alloc_nodes+0x18b/0x8b0 [ 402.172133][T10895] mas_alloc_nodes+0x18b/0x8b0 [ 402.172173][T10895] mas_node_count_gfp+0x105/0x130 [ 402.172209][T10895] mas_preallocate+0x77b/0xda0 [ 402.172233][T10895] ? __memcg_slab_post_alloc_hook+0x472/0x960 [ 402.172267][T10895] ? __pfx_mas_preallocate+0x10/0x10 [ 402.172305][T10895] ? anon_vma_name+0x75/0x100 [ 402.172339][T10895] __split_vma+0x34a/0x1070 [ 402.172379][T10895] ? __pfx___split_vma+0x10/0x10 [ 402.172410][T10895] ? mas_next_slot+0x12d3/0x21b0 [ 402.172455][T10895] vms_gather_munmap_vmas+0x392/0x1310 [ 402.172497][T10895] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 402.172535][T10895] ? mas_walk+0x6a6/0x910 [ 402.172582][T10895] __mmap_region+0x3c7/0x25e0 [ 402.172622][T10895] ? __pfx___mmap_region+0x10/0x10 [ 402.172668][T10895] ? is_bpf_text_address+0x8a/0x1a0 [ 402.172701][T10895] ? bpf_ksym_find+0x124/0x1c0 [ 402.172729][T10895] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 402.172758][T10895] ? is_bpf_text_address+0x94/0x1a0 [ 402.172791][T10895] ? kernel_text_address+0x8d/0x100 [ 402.172880][T10895] ? __kernel_text_address+0xd/0x40 [ 402.172914][T10895] ? unwind_get_return_address+0x59/0xa0 [ 402.172950][T10895] ? arch_stack_walk+0xa6/0x100 [ 402.172991][T10895] ? __lock_acquire+0x622/0x1c90 [ 402.173072][T10895] ? __lock_acquire+0xb8a/0x1c90 [ 402.173113][T10895] mmap_region+0x1ab/0x3f0 [ 402.173148][T10895] ? __get_unmapped_area+0x267/0x440 [ 402.173180][T10895] do_mmap+0xa3e/0x1210 [ 402.173215][T10895] ? __pfx_do_mmap+0x10/0x10 [ 402.173243][T10895] ? __pfx_down_write_killable+0x10/0x10 [ 402.173276][T10895] vm_mmap_pgoff+0x281/0x450 [ 402.173310][T10895] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 402.173342][T10895] ? __fget_files+0x20e/0x3c0 [ 402.173383][T10895] ksys_mmap_pgoff+0x32c/0x5c0 [ 402.173409][T10895] ? __pfx_ksys_write+0x10/0x10 [ 402.173447][T10895] __x64_sys_mmap+0x125/0x190 [ 402.173485][T10895] do_syscall_64+0xcd/0x490 [ 402.173525][T10895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.173551][T10895] RIP: 0033:0x7fb03158e929 [ 402.173572][T10895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.173597][T10895] RSP: 002b:00007fb0323d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 402.173621][T10895] RAX: ffffffffffffffda RBX: 00007fb0317b5fa0 RCX: 00007fb03158e929 [ 402.173639][T10895] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffa000 [ 402.173655][T10895] RBP: 00007fb0323d9090 R08: 0000000000000003 R09: 0000000100000000 [ 402.173671][T10895] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 402.173687][T10895] R13: 0000000000000000 R14: 00007fb0317b5fa0 R15: 00007ffce878b018 [ 402.173723][T10895] [ 403.016913][T10906] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1269'. [ 403.041183][T10906] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1269'. syzkaller syzkaller login: [ 405.282864][T10938] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1285'. [ 405.294660][T10937] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1285'. [ 405.860992][T10944] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1278'. [ 407.236137][T10978] FAULT_INJECTION: forcing a failure. [ 407.236137][T10978] name failslab, interval 1, probability 0, space 0, times 0 [ 407.272617][T10978] CPU: 0 UID: 0 PID: 10978 Comm: syz.1.1288 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 407.272657][T10978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 407.272674][T10978] Call Trace: [ 407.272683][T10978] [ 407.272694][T10978] dump_stack_lvl+0x16c/0x1f0 [ 407.272748][T10978] should_fail_ex+0x512/0x640 [ 407.272785][T10978] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 407.272827][T10978] should_failslab+0xc2/0x120 [ 407.272854][T10978] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 407.272891][T10978] ? vm_area_alloc+0x1f/0x160 [ 407.272929][T10978] vm_area_alloc+0x1f/0x160 [ 407.272961][T10978] create_init_stack_vma+0x29/0x700 [ 407.273006][T10978] alloc_bprm+0x420/0x6f0 [ 407.273042][T10978] do_execveat_common.isra.0+0x1ce/0x610 [ 407.273084][T10978] __x64_sys_execve+0x8e/0xb0 [ 407.273121][T10978] do_syscall_64+0xcd/0x490 [ 407.273162][T10978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.273189][T10978] RIP: 0033:0x7f953958e929 [ 407.273211][T10978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.273237][T10978] RSP: 002b:00007f95373f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 407.273262][T10978] RAX: ffffffffffffffda RBX: 00007f95397b6080 RCX: 00007f953958e929 [ 407.273280][T10978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 407.273297][T10978] RBP: 00007f9539610b39 R08: 0000000000000000 R09: 0000000000000000 [ 407.273313][T10978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 407.273329][T10978] R13: 0000000000000000 R14: 00007f95397b6080 R15: 00007ffc7520c1a8 [ 407.273365][T10978] [ 407.554889][ C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163e939 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 407.570266][ C0] Call Trace: [ 407.573566][ C0] [ 407.576420][ C0] ? __pfx_mce_cpu_restart+0x10/0x10 [ 407.581722][ C0] mce_cpu_restart+0x98/0xb0 [ 407.586320][ C0] __flush_smp_call_function_queue+0x27d/0x8c0 [ 407.592494][ C0] __sysvec_call_function_single+0x87/0x400 [ 407.598399][ C0] sysvec_call_function_single+0x9f/0xc0 [ 407.604042][ C0] [ 407.606969][ C0] [ 407.609897][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 407.615894][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 407.621977][ C0] Code: d6 51 55 00 48 89 df 5b e9 2d d9 5a 00 be 03 00 00 00 5b e9 92 11 1d 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 34 24 65 48 8b 15 58 67 10 12 65 8b 05 69 67 10 [ 407.641594][ C0] RSP: 0018:ffffc90003f6f528 EFLAGS: 00000246 [ 407.647681][ C0] RAX: ffff8880352b78c0 RBX: 80000000735b4007 RCX: ffffffff8206904f [ 407.655660][ C0] RDX: 1ffff11006a56f1a RSI: ffffffff8206906b RDI: 0000000000000007 [ 407.663652][ C0] RBP: ffff88807bcfc080 R08: 0000000000000007 R09: 0000000000000000 [ 407.671649][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880352b78d0 [ 407.679628][ C0] R13: 00007f95388d5000 R14: ffff8880357b1ca0 R15: 0000000000000000 [ 407.687619][ C0] ? copy_present_ptes+0x195f/0x6790 [ 407.692910][ C0] ? copy_present_ptes+0x197b/0x6790 [ 407.698204][ C0] copy_present_ptes+0x1a8c/0x6790 [ 407.703338][ C0] ? lock_acquire+0x179/0x350 [ 407.708049][ C0] ? __pfx_copy_present_ptes+0x10/0x10 [ 407.713527][ C0] ? lock_acquire+0x120/0x350 [ 407.718213][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 407.723248][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 407.728637][ C0] copy_page_range+0x125a/0x5740 [ 407.733620][ C0] ? __lock_acquire+0x622/0x1c90 [ 407.738591][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 407.743976][ C0] ? __pfx___might_resched+0x10/0x10 [ 407.749362][ C0] ? __vma_enter_locked+0x163/0x3f0 [ 407.754573][ C0] ? dup_mmap+0xe38/0x21d0 [ 407.759111][ C0] ? down_write+0x14d/0x200 [ 407.763635][ C0] ? up_write+0x1b2/0x520 [ 407.768001][ C0] dup_mmap+0xe88/0x21d0 [ 407.772273][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 407.776980][ C0] copy_process+0x4081/0x76a0 [ 407.781674][ C0] ? do_wp_page+0x1aa7/0x4f20 [ 407.786364][ C0] ? __pfx_copy_process+0x10/0x10 [ 407.791405][ C0] kernel_clone+0xfc/0x960 [ 407.795829][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 407.800875][ C0] ? css_rstat_updated+0x9d/0xd30 [ 407.805904][ C0] __do_sys_clone+0xce/0x120 [ 407.810858][ C0] ? __pfx___do_sys_clone+0x10/0x10 [ 407.816061][ C0] ? handle_mm_fault+0x2ab/0xd10 [ 407.821017][ C0] ? do_user_addr_fault+0x843/0x1370 [ 407.826326][ C0] do_syscall_64+0xcd/0x490 [ 407.830842][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.836739][ C0] RIP: 0033:0x7f9539585193 [ 407.841155][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 407.860861][ C0] RSP: 002b:00007ffc7520c428 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 407.869283][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9539585193 [ 407.877258][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 407.885227][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 407.893209][ C0] R10: 000055558bd217d0 R11: 0000000000000246 R12: 0000000000000000 [ 407.901189][ C0] R13: 00000000000927c0 R14: 000000000006376e R15: 00007ffc7520c5c0 [ 407.909195][ C0] [ 407.972038][T10986] program syz.2.1287 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 408.288766][T10992] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1291'. [ 408.445295][T10986] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 408.457552][T10986] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 408.507332][T10986] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 408.525619][T10986] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 408.537648][T10986] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 408.561247][T10986] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 408.581555][T10986] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 408.597950][T10986] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 408.685484][T10996] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1301'. [ 408.699170][T10996] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1301'. [ 408.936063][T11006] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1294'. [ 409.871030][T11023] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1302'. [ 410.475979][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 410.553915][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 410.554831][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 410.634952][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 410.921109][T11031] FAULT_INJECTION: forcing a failure. [ 410.921109][T11031] name failslab, interval 1, probability 0, space 0, times 0 [ 410.935013][T11031] CPU: 0 UID: 0 PID: 11031 Comm: syz.0.1300 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 410.935053][T11031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 410.935069][T11031] Call Trace: [ 410.935079][T11031] [ 410.935090][T11031] dump_stack_lvl+0x16c/0x1f0 [ 410.935135][T11031] should_fail_ex+0x512/0x640 [ 410.935171][T11031] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 410.935208][T11031] should_failslab+0xc2/0x120 [ 410.935234][T11031] __kmalloc_cache_noprof+0x6a/0x3e0 [ 410.935268][T11031] ? snd_card_file_add+0x52/0x330 [ 410.935302][T11031] snd_card_file_add+0x52/0x330 [ 410.935334][T11031] snd_pcm_oss_open+0x1cf/0x1400 [ 410.935363][T11031] ? lockdep_hardirqs_on+0x7c/0x110 [ 410.935404][T11031] ? find_held_lock+0x2b/0x80 [ 410.935432][T11031] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 410.935472][T11031] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 410.935504][T11031] ? __lock_acquire+0xb8a/0x1c90 [ 410.935543][T11031] ? __lock_acquire+0xb8a/0x1c90 [ 410.935584][T11031] ? do_raw_spin_lock+0x12c/0x2b0 [ 410.935625][T11031] ? soundcore_open+0x35a/0x580 [ 410.935665][T11031] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 410.935696][T11031] soundcore_open+0x409/0x580 [ 410.935738][T11031] ? __pfx_soundcore_open+0x10/0x10 [ 410.935771][T11031] chrdev_open+0x234/0x6a0 [ 410.935806][T11031] ? __pfx_apparmor_file_open+0x10/0x10 [ 410.935836][T11031] ? __pfx_chrdev_open+0x10/0x10 [ 410.935874][T11031] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 410.935911][T11031] do_dentry_open+0x741/0x1c10 [ 410.935948][T11031] ? __pfx_chrdev_open+0x10/0x10 [ 410.935991][T11031] vfs_open+0x82/0x3f0 [ 410.936018][T11031] path_openat+0x1de4/0x2cb0 [ 410.936056][T11031] ? __pfx_path_openat+0x10/0x10 [ 410.936086][T11031] ? __lock_acquire+0xb8a/0x1c90 [ 410.936116][T11031] do_filp_open+0x20b/0x470 [ 410.936146][T11031] ? __pfx_do_filp_open+0x10/0x10 [ 410.936195][T11031] ? alloc_fd+0x471/0x7d0 [ 410.936231][T11031] do_sys_openat2+0x11b/0x1d0 [ 410.936253][T11031] ? __pfx_do_sys_openat2+0x10/0x10 [ 410.936275][T11031] ? find_held_lock+0x2b/0x80 [ 410.936295][T11031] ? handle_mm_fault+0x2ab/0xd10 [ 410.936328][T11031] __x64_sys_openat+0x174/0x210 [ 410.936352][T11031] ? __pfx___x64_sys_openat+0x10/0x10 [ 410.936386][T11031] do_syscall_64+0xcd/0x490 [ 410.936419][T11031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.936440][T11031] RIP: 0033:0x7f081238e929 [ 410.936469][T11031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.936491][T11031] RSP: 002b:00007f081319d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 410.936513][T11031] RAX: ffffffffffffffda RBX: 00007f08125b6080 RCX: 00007f081238e929 [ 410.936529][T11031] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 410.936544][T11031] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 410.936558][T11031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 410.936572][T11031] R13: 0000000000000000 R14: 00007f08125b6080 R15: 00007fffce9c1a38 [ 410.936601][T11031] [ 412.338765][T11050] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1306'. [ 412.517056][T11049] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1306'. [ 412.559382][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 412.634948][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 412.652126][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 412.725764][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 412.845825][T11061] FAULT_INJECTION: forcing a failure. [ 412.845825][T11061] name failslab, interval 1, probability 0, space 0, times 0 [ 412.859548][T11061] CPU: 1 UID: 0 PID: 11061 Comm: syz.2.1309 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 412.859586][T11061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 412.859603][T11061] Call Trace: [ 412.859613][T11061] [ 412.859624][T11061] dump_stack_lvl+0x16c/0x1f0 [ 412.859671][T11061] should_fail_ex+0x512/0x640 [ 412.859706][T11061] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 412.859745][T11061] ? __pfx_mon_text_open+0x10/0x10 [ 412.859782][T11061] should_failslab+0xc2/0x120 [ 412.859807][T11061] __kmalloc_cache_noprof+0x6a/0x3e0 [ 412.859841][T11061] ? mon_text_open+0x1cb/0x4f0 [ 412.859881][T11061] ? __pfx_mon_text_open+0x10/0x10 [ 412.859918][T11061] mon_text_open+0x1cb/0x4f0 [ 412.859956][T11061] ? __pfx_mon_text_open+0x10/0x10 [ 412.859990][T11061] ? __debugfs_file_get+0x1fe/0x840 [ 412.860016][T11061] ? __pfx___debugfs_file_get+0x10/0x10 [ 412.860042][T11061] ? __pfx_apparmor_file_open+0x10/0x10 [ 412.860071][T11061] ? lockdown_is_locked_down+0x3f/0x130 [ 412.860106][T11061] ? bpf_lsm_locked_down+0x9/0x10 [ 412.860143][T11061] ? __pfx_mon_text_open+0x10/0x10 [ 412.860177][T11061] full_proxy_open_regular+0x1b9/0x360 [ 412.860210][T11061] do_dentry_open+0x741/0x1c10 [ 412.860248][T11061] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 412.860285][T11061] vfs_open+0x82/0x3f0 [ 412.860326][T11061] path_openat+0x1de4/0x2cb0 [ 412.860378][T11061] ? __pfx_path_openat+0x10/0x10 [ 412.860416][T11061] ? __lock_acquire+0xb8a/0x1c90 [ 412.860454][T11061] do_filp_open+0x20b/0x470 [ 412.860491][T11061] ? __pfx_do_filp_open+0x10/0x10 [ 412.860555][T11061] ? alloc_fd+0x471/0x7d0 [ 412.860601][T11061] do_sys_openat2+0x11b/0x1d0 [ 412.860631][T11061] ? __pfx_do_sys_openat2+0x10/0x10 [ 412.860674][T11061] __x64_sys_openat+0x174/0x210 [ 412.860704][T11061] ? __pfx___x64_sys_openat+0x10/0x10 [ 412.860749][T11061] do_syscall_64+0xcd/0x490 [ 412.860793][T11061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.860820][T11061] RIP: 0033:0x7f863db8e929 [ 412.860844][T11061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.860871][T11061] RSP: 002b:00007f863b9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 412.860898][T11061] RAX: ffffffffffffffda RBX: 00007f863ddb6080 RCX: 00007f863db8e929 [ 412.860917][T11061] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 412.860936][T11061] RBP: 00007f863dc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 412.860953][T11061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.860970][T11061] R13: 0000000000000000 R14: 00007f863ddb6080 R15: 00007ffcea4f34f8 [ 412.861006][T11061] [ 414.814454][T11081] netlink: 202 bytes leftover after parsing attributes in process `syz.0.1313'. [ 415.912987][T11089] can: request_module (can-proto-0) failed. [ 415.939715][T11091] kernel read not supported for file /¾ò‚ݽ'ˆçgµîMQ¢_g¿ úò_N°{ùµ7vîGÙl¿†q w¶ÙéáðÇÄĉuƒè}½O‘ÁUVW.*=w‹ÝZFس Öòý¶­uw.ì`OÁç:ÉKÍdY•Ñ®Á›–Ÿa EÿÎ. [ 415.939715][T11091] ²¼jÒüü7¯ÊnöÀwKçq®ÉHgïÚ[壣%'Ï–X:DktÞ€ÝX‘ˆ¡ Ãñþ[“$O8 b´’ô½Å¹˜9üFìÜ@ÚeMàUÈ;õç$€ (pid: 11091 comm: syz.2.1314) [ 416.043847][ T30] audit: type=1800 audit(4294967507.386:15): pid=11091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1314" name=BEF28203DDC2BD27881BE71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF86712077B6D9E98FE1F0C71F1EC4C4897583E87DBD4F91C15556572E2A3D778BDD5A46D8B309D6F2FD8FB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F61A045FFCE2E0AB2BC6AD2FCFC1F37AFCA6EF6C0774BE771AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BDC5B99839FC46ECDC4001DA654DE055C83BF5E7240180 dev="mqueue" ino=25476 res=0 errno=0 syzkaller syzkaller login: [ 416.470313][T11089] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1314'. [ 416.626144][T11054] Process accounting resumed [ 418.479674][T11116] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1321'. [ 418.490766][T11116] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1321'. [ 419.719731][T11133] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1323'. [ 420.409565][T11137] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1325'. [ 420.530405][T11137] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1325'. [ 420.716292][T11140] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1328'. [ 420.777727][T11140] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1328'. [ 421.174220][T11150] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1329'. [ 421.455829][T11156] netlink: 202 bytes leftover after parsing attributes in process `syz.2.1331'. [ 421.933257][T11161] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1332'. syzkaller syzkaller login: [ 423.659254][T11180] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1336'. [ 424.126393][T11188] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 425.084915][T11211] FAULT_INJECTION: forcing a failure. [ 425.084915][T11211] name failslab, interval 1, probability 0, space 0, times 0 [ 425.098057][T11211] CPU: 1 UID: 0 PID: 11211 Comm: syz.2.1347 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 425.098095][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 425.098110][T11211] Call Trace: [ 425.098120][T11211] [ 425.098132][T11211] dump_stack_lvl+0x16c/0x1f0 [ 425.098176][T11211] should_fail_ex+0x512/0x640 [ 425.098211][T11211] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 425.098252][T11211] should_failslab+0xc2/0x120 [ 425.098279][T11211] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 425.098323][T11211] ? trace_kmem_cache_alloc+0x28/0xc0 [ 425.098351][T11211] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 425.098391][T11211] ? mas_alloc_nodes+0x18b/0x8b0 [ 425.098429][T11211] ? mas_alloc_nodes+0x2f1/0x8b0 [ 425.098471][T11211] mas_alloc_nodes+0x2f1/0x8b0 [ 425.098514][T11211] mas_node_count_gfp+0x105/0x130 [ 425.098552][T11211] mas_preallocate+0x77b/0xda0 [ 425.098587][T11211] ? __pfx_mas_preallocate+0x10/0x10 [ 425.098625][T11211] ? vma_merge_new_range+0x37f/0xa00 [ 425.098659][T11211] ? vm_area_alloc+0x1f/0x160 [ 425.098692][T11211] ? lockdep_init_map_type+0x5c/0x280 [ 425.098732][T11211] __mmap_region+0x1104/0x25e0 [ 425.098774][T11211] ? __pfx___mmap_region+0x10/0x10 [ 425.098810][T11211] ? rcu_is_watching+0x12/0xc0 [ 425.098844][T11211] ? rcu_is_watching+0x12/0xc0 [ 425.098871][T11211] ? trace_sched_exit_tp+0xde/0x130 [ 425.098901][T11211] ? __schedule+0x1181/0x5de0 [ 425.098958][T11211] ? __pfx___schedule+0x10/0x10 [ 425.099045][T11211] ? mm_get_unmapped_area+0x95/0xe0 [ 425.099083][T11211] mmap_region+0x1ab/0x3f0 [ 425.099120][T11211] ? __get_unmapped_area+0x267/0x440 [ 425.099154][T11211] do_mmap+0xa3e/0x1210 [ 425.099190][T11211] ? __pfx_do_mmap+0x10/0x10 [ 425.099221][T11211] ? __pfx_down_write_killable+0x10/0x10 [ 425.099257][T11211] vm_mmap_pgoff+0x281/0x450 [ 425.099291][T11211] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 425.099327][T11211] ? __x64_sys_futex+0x1e0/0x4c0 [ 425.099358][T11211] ? __x64_sys_futex+0x1e9/0x4c0 [ 425.099394][T11211] ksys_mmap_pgoff+0x7d/0x5c0 [ 425.099421][T11211] ? xfd_validate_state+0x61/0x180 [ 425.099452][T11211] ? __pfx_ksys_write+0x10/0x10 [ 425.099502][T11211] __x64_sys_mmap+0x125/0x190 [ 425.099544][T11211] do_syscall_64+0xcd/0x490 [ 425.099587][T11211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.099614][T11211] RIP: 0033:0x7f863db8e929 [ 425.099637][T11211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.099664][T11211] RSP: 002b:00007f863e924038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 425.099690][T11211] RAX: ffffffffffffffda RBX: 00007f863ddb5fa0 RCX: 00007f863db8e929 [ 425.099709][T11211] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 425.099727][T11211] RBP: 00007f863dc10b39 R08: 0000000000000401 R09: 0000000000008000 [ 425.099745][T11211] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 425.099763][T11211] R13: 0000000000000000 R14: 00007f863ddb5fa0 R15: 00007ffcea4f34f8 [ 425.099800][T11211] [ 425.929212][T11201] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1344'. [ 426.679658][T11222] FAULT_INJECTION: forcing a failure. [ 426.679658][T11222] name failslab, interval 1, probability 0, space 0, times 0 [ 426.735461][T11222] CPU: 0 UID: 0 PID: 11222 Comm: syz.1.1349 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 426.735485][T11222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 426.735494][T11222] Call Trace: [ 426.735500][T11222] [ 426.735507][T11222] dump_stack_lvl+0x16c/0x1f0 [ 426.735534][T11222] should_fail_ex+0x512/0x640 [ 426.735555][T11222] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 426.735580][T11222] should_failslab+0xc2/0x120 [ 426.735594][T11222] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 426.735618][T11222] ? trace_kmem_cache_alloc+0x28/0xc0 [ 426.735633][T11222] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 426.735655][T11222] ? mas_alloc_nodes+0x18b/0x8b0 [ 426.735676][T11222] ? mas_alloc_nodes+0x2f1/0x8b0 [ 426.735694][T11222] mas_alloc_nodes+0x2f1/0x8b0 [ 426.735716][T11222] mas_node_count_gfp+0x105/0x130 [ 426.735738][T11222] mas_preallocate+0x77b/0xda0 [ 426.735756][T11222] ? __pfx_mas_preallocate+0x10/0x10 [ 426.735776][T11222] ? vma_merge_new_range+0x37f/0xa00 [ 426.735796][T11222] ? vm_area_alloc+0x1f/0x160 [ 426.735815][T11222] ? lockdep_init_map_type+0x5c/0x280 [ 426.735837][T11222] __mmap_region+0x1104/0x25e0 [ 426.735860][T11222] ? __pfx___mmap_region+0x10/0x10 [ 426.735881][T11222] ? rcu_is_watching+0x12/0xc0 [ 426.735899][T11222] ? rcu_is_watching+0x12/0xc0 [ 426.735913][T11222] ? trace_sched_exit_tp+0xde/0x130 [ 426.735930][T11222] ? __schedule+0x1181/0x5de0 [ 426.735960][T11222] ? __pfx___schedule+0x10/0x10 [ 426.736002][T11222] ? mm_get_unmapped_area+0x95/0xe0 [ 426.736022][T11222] mmap_region+0x1ab/0x3f0 [ 426.736043][T11222] ? __get_unmapped_area+0x267/0x440 [ 426.736070][T11222] do_mmap+0xa3e/0x1210 [ 426.736091][T11222] ? __pfx_do_mmap+0x10/0x10 [ 426.736108][T11222] ? __pfx_down_write_killable+0x10/0x10 [ 426.736127][T11222] vm_mmap_pgoff+0x281/0x450 [ 426.736146][T11222] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 426.736165][T11222] ? __x64_sys_futex+0x1e0/0x4c0 [ 426.736182][T11222] ? __x64_sys_futex+0x1e9/0x4c0 [ 426.736201][T11222] ksys_mmap_pgoff+0x7d/0x5c0 [ 426.736215][T11222] ? xfd_validate_state+0x61/0x180 [ 426.736233][T11222] ? __pfx_ksys_write+0x10/0x10 [ 426.736255][T11222] __x64_sys_mmap+0x125/0x190 [ 426.736277][T11222] do_syscall_64+0xcd/0x490 [ 426.736301][T11222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.736316][T11222] RIP: 0033:0x7f953958e929 [ 426.736329][T11222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 426.736343][T11222] RSP: 002b:00007f953a322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 426.736358][T11222] RAX: ffffffffffffffda RBX: 00007f95397b5fa0 RCX: 00007f953958e929 [ 426.736367][T11222] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 426.736376][T11222] RBP: 00007f9539610b39 R08: 0000000000000401 R09: 0000000000008000 [ 426.736386][T11222] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 426.736395][T11222] R13: 0000000000000000 R14: 00007f95397b5fa0 R15: 00007ffc7520c1a8 [ 426.736414][T11222] [ 427.177251][T11225] FAULT_INJECTION: forcing a failure. [ 427.177251][T11225] name failslab, interval 1, probability 0, space 0, times 0 [ 427.190809][T11225] CPU: 0 UID: 0 PID: 11225 Comm: syz.3.1351 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 427.190831][T11225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 427.190840][T11225] Call Trace: [ 427.190846][T11225] [ 427.190853][T11225] dump_stack_lvl+0x16c/0x1f0 [ 427.190880][T11225] should_fail_ex+0x512/0x640 [ 427.190901][T11225] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 427.190928][T11225] should_failslab+0xc2/0x120 [ 427.190943][T11225] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 427.190966][T11225] ? __kthread_create_on_node+0x186/0x3f0 [ 427.190988][T11225] kvasprintf+0xbc/0x160 [ 427.191001][T11225] ? __pfx_kvasprintf+0x10/0x10 [ 427.191021][T11225] ? __pfx_rescuer_thread+0x10/0x10 [ 427.191044][T11225] __kthread_create_on_node+0x186/0x3f0 [ 427.191064][T11225] ? __pfx___kthread_create_on_node+0x10/0x10 [ 427.191087][T11225] ? __pfx_vsnprintf+0x10/0x10 [ 427.191110][T11225] ? __pfx_rescuer_thread+0x10/0x10 [ 427.191131][T11225] kthread_create_on_node+0xc7/0x100 [ 427.191149][T11225] ? __pfx_kthread_create_on_node+0x10/0x10 [ 427.191166][T11225] ? __pfx_scnprintf+0x10/0x10 [ 427.191196][T11225] init_rescuer+0x320/0x640 [ 427.191216][T11225] ? __pfx_init_rescuer+0x10/0x10 [ 427.191240][T11225] ? wq_adjust_max_active+0x39d/0x4a0 [ 427.191263][T11225] __alloc_workqueue+0xc37/0x1810 [ 427.191292][T11225] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 427.191316][T11225] alloc_workqueue+0xd2/0x200 [ 427.191334][T11225] ? __pfx_alloc_workqueue+0x10/0x10 [ 427.191357][T11225] ? __pfx___debug_object_init+0x10/0x10 [ 427.191377][T11225] nci_register_device+0x511/0xb80 [ 427.191400][T11225] ? __pfx_nci_register_device+0x10/0x10 [ 427.191423][T11225] ? lockdep_init_map_type+0x5c/0x280 [ 427.191446][T11225] virtual_ncidev_open+0x141/0x220 [ 427.191464][T11225] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 427.191481][T11225] misc_open+0x35d/0x420 [ 427.191498][T11225] ? __pfx_misc_open+0x10/0x10 [ 427.191515][T11225] chrdev_open+0x234/0x6a0 [ 427.191537][T11225] ? __pfx_apparmor_file_open+0x10/0x10 [ 427.191555][T11225] ? __pfx_chrdev_open+0x10/0x10 [ 427.191578][T11225] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 427.191601][T11225] do_dentry_open+0x741/0x1c10 [ 427.191625][T11225] ? __pfx_chrdev_open+0x10/0x10 [ 427.191651][T11225] vfs_open+0x82/0x3f0 [ 427.191668][T11225] path_openat+0x1de4/0x2cb0 [ 427.191696][T11225] ? __pfx_path_openat+0x10/0x10 [ 427.191718][T11225] ? __lock_acquire+0xb8a/0x1c90 [ 427.191739][T11225] do_filp_open+0x20b/0x470 [ 427.191759][T11225] ? __pfx_do_filp_open+0x10/0x10 [ 427.191793][T11225] ? alloc_fd+0x471/0x7d0 [ 427.191818][T11225] do_sys_openat2+0x11b/0x1d0 [ 427.191833][T11225] ? __pfx_do_sys_openat2+0x10/0x10 [ 427.191857][T11225] __x64_sys_openat+0x174/0x210 [ 427.191873][T11225] ? __pfx___x64_sys_openat+0x10/0x10 [ 427.191897][T11225] do_syscall_64+0xcd/0x490 [ 427.191920][T11225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.191935][T11225] RIP: 0033:0x7fb03158e929 [ 427.191947][T11225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.191962][T11225] RSP: 002b:00007fb0323d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 427.191977][T11225] RAX: ffffffffffffffda RBX: 00007fb0317b5fa0 RCX: 00007fb03158e929 [ 427.191987][T11225] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 427.191996][T11225] RBP: 00007fb031610b39 R08: 0000000000000000 R09: 0000000000000000 [ 427.192005][T11225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.192014][T11225] R13: 0000000000000000 R14: 00007fb0317b5fa0 R15: 00007ffce878b018 [ 427.192034][T11225] [ 427.553787][T11225] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -ENOMEM [ 427.957660][T11235] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 428.093063][T11236] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1352'. [ 428.376739][T11225] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 429.025630][T11255] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1358'. [ 429.045421][T11255] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1358'. [ 429.520628][T11266] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1361'. [ 429.825463][ T51] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 430.023335][T11272] FAULT_INJECTION: forcing a failure. [ 430.023335][T11272] name failslab, interval 1, probability 0, space 0, times 0 [ 430.047974][T11272] CPU: 1 UID: 0 PID: 11272 Comm: syz.0.1363 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 430.048015][T11272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 430.048030][T11272] Call Trace: [ 430.048037][T11272] [ 430.048043][T11272] dump_stack_lvl+0x16c/0x1f0 [ 430.048071][T11272] should_fail_ex+0x512/0x640 [ 430.048092][T11272] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 430.048126][T11272] should_failslab+0xc2/0x120 [ 430.048140][T11272] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 430.048165][T11272] ? kasprintf+0xc7/0x100 [ 430.048180][T11272] kvasprintf+0xbc/0x160 [ 430.048193][T11272] ? __pfx_kvasprintf+0x10/0x10 [ 430.048213][T11272] kasprintf+0xc7/0x100 [ 430.048225][T11272] ? __pfx_kasprintf+0x10/0x10 [ 430.048239][T11272] ? __is_module_percpu_address+0x1e0/0x440 [ 430.048265][T11272] alloc_workqueue+0x114/0x200 [ 430.048283][T11272] ? __pfx_alloc_workqueue+0x10/0x10 [ 430.048311][T11272] nci_register_device+0x511/0xb80 [ 430.048333][T11272] ? __pfx_nci_register_device+0x10/0x10 [ 430.048355][T11272] ? lockdep_init_map_type+0x5c/0x280 [ 430.048382][T11272] virtual_ncidev_open+0x141/0x220 [ 430.048401][T11272] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 430.048418][T11272] misc_open+0x35d/0x420 [ 430.048436][T11272] ? __pfx_misc_open+0x10/0x10 [ 430.048453][T11272] chrdev_open+0x234/0x6a0 [ 430.048475][T11272] ? __pfx_apparmor_file_open+0x10/0x10 [ 430.048493][T11272] ? __pfx_chrdev_open+0x10/0x10 [ 430.048528][T11272] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 430.048552][T11272] do_dentry_open+0x741/0x1c10 [ 430.048573][T11272] ? __pfx_chrdev_open+0x10/0x10 [ 430.048599][T11272] vfs_open+0x82/0x3f0 [ 430.048617][T11272] path_openat+0x1de4/0x2cb0 [ 430.048645][T11272] ? __pfx_path_openat+0x10/0x10 [ 430.048663][T11272] ? __pfx___schedule+0x10/0x10 [ 430.048688][T11272] do_filp_open+0x20b/0x470 [ 430.048709][T11272] ? __pfx_do_filp_open+0x10/0x10 [ 430.048743][T11272] ? alloc_fd+0x471/0x7d0 [ 430.048767][T11272] do_sys_openat2+0x11b/0x1d0 [ 430.048783][T11272] ? __pfx_do_sys_openat2+0x10/0x10 [ 430.048807][T11272] __x64_sys_openat+0x174/0x210 [ 430.048823][T11272] ? __pfx___x64_sys_openat+0x10/0x10 [ 430.048846][T11272] do_syscall_64+0xcd/0x490 [ 430.048873][T11272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.048891][T11272] RIP: 0033:0x7f081238e929 [ 430.048904][T11272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 430.048918][T11272] RSP: 002b:00007f08131be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 430.048933][T11272] RAX: ffffffffffffffda RBX: 00007f08125b5fa0 RCX: 00007f081238e929 [ 430.048942][T11272] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 430.048952][T11272] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 430.048961][T11272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.048970][T11272] R13: 0000000000000000 R14: 00007f08125b5fa0 R15: 00007fffce9c1a38 [ 430.048994][T11272] [ 430.661235][T11272] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 431.142956][T11296] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1366'. [ 431.883884][T11305] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1369'. [ 431.895088][T11305] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1369'. [ 432.055111][T11306] FAULT_INJECTION: forcing a failure. [ 432.055111][T11306] name failslab, interval 1, probability 0, space 0, times 0 [ 432.128913][T11306] CPU: 1 UID: 0 PID: 11306 Comm: syz.0.1368 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 432.128965][T11306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 432.128983][T11306] Call Trace: [ 432.128993][T11306] [ 432.129005][T11306] dump_stack_lvl+0x16c/0x1f0 [ 432.129048][T11306] should_fail_ex+0x512/0x640 [ 432.129083][T11306] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 432.129120][T11306] should_failslab+0xc2/0x120 [ 432.129146][T11306] __kmalloc_cache_noprof+0x6a/0x3e0 [ 432.129180][T11306] ? snd_card_file_add+0x52/0x330 [ 432.129218][T11306] snd_card_file_add+0x52/0x330 [ 432.129250][T11306] snd_pcm_oss_open+0x1cf/0x1400 [ 432.129281][T11306] ? lockdep_hardirqs_on+0x7c/0x110 [ 432.129325][T11306] ? find_held_lock+0x2b/0x80 [ 432.129351][T11306] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 432.129384][T11306] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 432.129416][T11306] ? __lock_acquire+0xb8a/0x1c90 [ 432.129455][T11306] ? __lock_acquire+0xb8a/0x1c90 [ 432.129495][T11306] ? do_raw_spin_lock+0x12c/0x2b0 [ 432.129534][T11306] ? soundcore_open+0x35a/0x580 [ 432.129574][T11306] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 432.129603][T11306] soundcore_open+0x409/0x580 [ 432.129643][T11306] ? __pfx_soundcore_open+0x10/0x10 [ 432.129678][T11306] chrdev_open+0x234/0x6a0 [ 432.129714][T11306] ? __pfx_apparmor_file_open+0x10/0x10 [ 432.129744][T11306] ? __pfx_chrdev_open+0x10/0x10 [ 432.129786][T11306] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 432.129827][T11306] do_dentry_open+0x741/0x1c10 [ 432.129865][T11306] ? __pfx_chrdev_open+0x10/0x10 [ 432.129910][T11306] vfs_open+0x82/0x3f0 [ 432.129952][T11306] path_openat+0x1de4/0x2cb0 [ 432.130001][T11306] ? __pfx_path_openat+0x10/0x10 [ 432.130040][T11306] ? __lock_acquire+0xb8a/0x1c90 [ 432.130076][T11306] do_filp_open+0x20b/0x470 [ 432.130113][T11306] ? __pfx_do_filp_open+0x10/0x10 [ 432.130172][T11306] ? alloc_fd+0x471/0x7d0 [ 432.130213][T11306] do_sys_openat2+0x11b/0x1d0 [ 432.130240][T11306] ? __pfx_do_sys_openat2+0x10/0x10 [ 432.130267][T11306] ? find_held_lock+0x2b/0x80 [ 432.130293][T11306] ? handle_mm_fault+0x2ab/0xd10 [ 432.130334][T11306] __x64_sys_openat+0x174/0x210 [ 432.130363][T11306] ? __pfx___x64_sys_openat+0x10/0x10 [ 432.130405][T11306] do_syscall_64+0xcd/0x490 [ 432.130446][T11306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.130475][T11306] RIP: 0033:0x7f081238e929 [ 432.130496][T11306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.130521][T11306] RSP: 002b:00007f081319d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 432.130546][T11306] RAX: ffffffffffffffda RBX: 00007f08125b6080 RCX: 00007f081238e929 [ 432.130563][T11306] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 432.130579][T11306] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 432.130595][T11306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.130611][T11306] R13: 0000000000000000 R14: 00007f08125b6080 R15: 00007fffce9c1a38 [ 432.130646][T11306] [ 432.447959][T11313] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1379'. [ 432.460369][T11313] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1379'. [ 433.858420][T11336] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1375'. [ 434.144366][ T51] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 435.106963][T11351] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1380'. [ 435.546088][T11368] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 435.884265][T11376] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1387'. [ 436.224558][T11383] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1389'. [ 436.285539][T11383] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1389'. [ 437.382930][T11404] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1397'. [ 437.437033][T11404] nbd: must specify a size in bytes for the device [ 437.758195][T11413] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1399'. [ 437.768657][T11413] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1399'. [ 437.951968][T11428] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1398'. [ 438.423160][T11418] FAULT_INJECTION: forcing a failure. [ 438.423160][T11418] name failslab, interval 1, probability 0, space 0, times 0 [ 438.497157][T11418] CPU: 1 UID: 0 PID: 11418 Comm: syz.1.1400 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 438.497198][T11418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 438.497215][T11418] Call Trace: [ 438.497225][T11418] [ 438.497236][T11418] dump_stack_lvl+0x16c/0x1f0 [ 438.497276][T11418] should_fail_ex+0x512/0x640 [ 438.497297][T11418] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 438.497325][T11418] ? __pfx_mon_text_open+0x10/0x10 [ 438.497347][T11418] should_failslab+0xc2/0x120 [ 438.497361][T11418] __kmalloc_cache_noprof+0x6a/0x3e0 [ 438.497380][T11418] ? mon_text_open+0x1cb/0x4f0 [ 438.497403][T11418] ? __pfx_mon_text_open+0x10/0x10 [ 438.497423][T11418] mon_text_open+0x1cb/0x4f0 [ 438.497444][T11418] ? __pfx_mon_text_open+0x10/0x10 [ 438.497464][T11418] ? __debugfs_file_get+0x1fe/0x840 [ 438.497478][T11418] ? __pfx___debugfs_file_get+0x10/0x10 [ 438.497492][T11418] ? __pfx_apparmor_file_open+0x10/0x10 [ 438.497509][T11418] ? lockdown_is_locked_down+0x3f/0x130 [ 438.497528][T11418] ? bpf_lsm_locked_down+0x9/0x10 [ 438.497548][T11418] ? __pfx_mon_text_open+0x10/0x10 [ 438.497571][T11418] full_proxy_open_regular+0x1b9/0x360 [ 438.497588][T11418] do_dentry_open+0x741/0x1c10 [ 438.497609][T11418] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 438.497629][T11418] vfs_open+0x82/0x3f0 [ 438.497646][T11418] path_openat+0x1de4/0x2cb0 [ 438.497673][T11418] ? __pfx_path_openat+0x10/0x10 [ 438.497700][T11418] ? __lock_acquire+0xb8a/0x1c90 [ 438.497736][T11418] do_filp_open+0x20b/0x470 [ 438.497771][T11418] ? __pfx_do_filp_open+0x10/0x10 [ 438.497830][T11418] ? alloc_fd+0x471/0x7d0 [ 438.497872][T11418] do_sys_openat2+0x11b/0x1d0 [ 438.497900][T11418] ? __pfx_do_sys_openat2+0x10/0x10 [ 438.497926][T11418] __x64_sys_openat+0x174/0x210 [ 438.497943][T11418] ? __pfx___x64_sys_openat+0x10/0x10 [ 438.497967][T11418] do_syscall_64+0xcd/0x490 [ 438.497991][T11418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.498006][T11418] RIP: 0033:0x7f953958e929 [ 438.498019][T11418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.498034][T11418] RSP: 002b:00007f953a322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 438.498049][T11418] RAX: ffffffffffffffda RBX: 00007f95397b5fa0 RCX: 00007f953958e929 [ 438.498059][T11418] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 438.498069][T11418] RBP: 00007f9539610b39 R08: 0000000000000000 R09: 0000000000000000 [ 438.498078][T11418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.498087][T11418] R13: 0000000000000000 R14: 00007f95397b5fa0 R15: 00007ffc7520c1a8 [ 438.498106][T11418] [ 438.891027][T11434] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1403'. [ 438.902049][T11434] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1403'. [ 439.828118][T11467] netlink: 266 bytes leftover after parsing attributes in process `syz.1.1415'. [ 439.837425][T11467] IPv6: NLM_F_CREATE should be specified when creating new route [ 440.096297][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.102724][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.918170][T11484] FAULT_INJECTION: forcing a failure. [ 440.918170][T11484] name failslab, interval 1, probability 0, space 0, times 0 [ 440.932478][T11484] CPU: 1 UID: 0 PID: 11484 Comm: syz.1.1417 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 440.932514][T11484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 440.932531][T11484] Call Trace: [ 440.932540][T11484] [ 440.932549][T11484] dump_stack_lvl+0x16c/0x1f0 [ 440.932595][T11484] should_fail_ex+0x512/0x640 [ 440.932632][T11484] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 440.932671][T11484] ? __pfx_mon_text_open+0x10/0x10 [ 440.932707][T11484] should_failslab+0xc2/0x120 [ 440.932733][T11484] __kmalloc_cache_noprof+0x6a/0x3e0 [ 440.932769][T11484] ? mon_text_open+0x1cb/0x4f0 [ 440.932809][T11484] ? __pfx_mon_text_open+0x10/0x10 [ 440.932845][T11484] mon_text_open+0x1cb/0x4f0 [ 440.932883][T11484] ? __pfx_mon_text_open+0x10/0x10 [ 440.932919][T11484] ? __debugfs_file_get+0x1fe/0x840 [ 440.932943][T11484] ? __pfx___debugfs_file_get+0x10/0x10 [ 440.932971][T11484] ? __pfx_apparmor_file_open+0x10/0x10 [ 440.933002][T11484] ? lockdown_is_locked_down+0x3f/0x130 [ 440.933037][T11484] ? bpf_lsm_locked_down+0x9/0x10 [ 440.933072][T11484] ? __pfx_mon_text_open+0x10/0x10 [ 440.933104][T11484] full_proxy_open_regular+0x1b9/0x360 [ 440.933135][T11484] do_dentry_open+0x741/0x1c10 [ 440.933172][T11484] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 440.933208][T11484] vfs_open+0x82/0x3f0 [ 440.933240][T11484] path_openat+0x1de4/0x2cb0 [ 440.933289][T11484] ? __pfx_path_openat+0x10/0x10 [ 440.933327][T11484] ? __lock_acquire+0xb8a/0x1c90 [ 440.933375][T11484] do_filp_open+0x20b/0x470 [ 440.933413][T11484] ? __pfx_do_filp_open+0x10/0x10 [ 440.933477][T11484] ? alloc_fd+0x471/0x7d0 [ 440.933522][T11484] do_sys_openat2+0x11b/0x1d0 [ 440.933551][T11484] ? __pfx_do_sys_openat2+0x10/0x10 [ 440.933593][T11484] __x64_sys_openat+0x174/0x210 [ 440.933624][T11484] ? __pfx___x64_sys_openat+0x10/0x10 [ 440.933669][T11484] do_syscall_64+0xcd/0x490 [ 440.933712][T11484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.933740][T11484] RIP: 0033:0x7f953958e929 [ 440.933763][T11484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.933789][T11484] RSP: 002b:00007f95373f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 440.933816][T11484] RAX: ffffffffffffffda RBX: 00007f95397b6080 RCX: 00007f953958e929 [ 440.933835][T11484] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 440.933853][T11484] RBP: 00007f9539610b39 R08: 0000000000000000 R09: 0000000000000000 [ 440.933870][T11484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 440.933885][T11484] R13: 0000000000000000 R14: 00007f95397b6080 R15: 00007ffc7520c1a8 [ 440.933919][T11484] [ 441.296117][T11495] FAULT_INJECTION: forcing a failure. [ 441.296117][T11495] name failslab, interval 1, probability 0, space 0, times 0 [ 441.309144][T11495] CPU: 0 UID: 0 PID: 11495 Comm: syz.2.1419 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 441.309179][T11495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 441.309194][T11495] Call Trace: [ 441.309204][T11495] [ 441.309214][T11495] dump_stack_lvl+0x16c/0x1f0 [ 441.309258][T11495] should_fail_ex+0x512/0x640 [ 441.309293][T11495] ? fs_reclaim_acquire+0xae/0x150 [ 441.309326][T11495] should_failslab+0xc2/0x120 [ 441.309350][T11495] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 441.309385][T11495] ? security_inode_alloc+0x3b/0x2b0 [ 441.309418][T11495] security_inode_alloc+0x3b/0x2b0 [ 441.309439][T11495] inode_init_always_gfp+0xce4/0x1030 [ 441.309463][T11495] alloc_inode+0x86/0x240 [ 441.309478][T11495] new_inode+0x22/0x1c0 [ 441.309490][T11495] ? trace_cap_capable+0x18d/0x200 [ 441.309515][T11495] shmem_get_inode+0x19a/0xfb0 [ 441.309533][T11495] ? __vm_enough_memory+0x184/0x3f0 [ 441.309549][T11495] __shmem_file_setup+0x279/0x330 [ 441.309568][T11495] shmem_zero_setup+0x93/0x1a0 [ 441.309590][T11495] __mmap_region+0x1ece/0x25e0 [ 441.309614][T11495] ? __pfx___mmap_region+0x10/0x10 [ 441.309634][T11495] ? find_held_lock+0x2b/0x80 [ 441.309652][T11495] ? finish_task_switch.isra.0+0x221/0xc10 [ 441.309667][T11495] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.309689][T11495] ? finish_task_switch.isra.0+0x221/0xc10 [ 441.309703][T11495] ? rcu_is_watching+0x12/0xc0 [ 441.309718][T11495] ? trace_sched_exit_tp+0xde/0x130 [ 441.309735][T11495] ? __schedule+0x1181/0x5de0 [ 441.309753][T11495] ? kvm_sched_clock_read+0x11/0x20 [ 441.309805][T11495] ? mm_get_unmapped_area+0x95/0xe0 [ 441.309824][T11495] mmap_region+0x1ab/0x3f0 [ 441.309845][T11495] ? __get_unmapped_area+0x267/0x440 [ 441.309863][T11495] do_mmap+0xa3e/0x1210 [ 441.309882][T11495] ? __pfx_do_mmap+0x10/0x10 [ 441.309898][T11495] ? __pfx_down_write_killable+0x10/0x10 [ 441.309916][T11495] vm_mmap_pgoff+0x281/0x450 [ 441.309934][T11495] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 441.309953][T11495] ? __x64_sys_futex+0x1e0/0x4c0 [ 441.309969][T11495] ? __x64_sys_futex+0x1e9/0x4c0 [ 441.309989][T11495] ksys_mmap_pgoff+0x7d/0x5c0 [ 441.310003][T11495] ? xfd_validate_state+0x61/0x180 [ 441.310021][T11495] ? __pfx_ksys_write+0x10/0x10 [ 441.310050][T11495] __x64_sys_mmap+0x125/0x190 [ 441.310073][T11495] do_syscall_64+0xcd/0x490 [ 441.310105][T11495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.310122][T11495] RIP: 0033:0x7f863db8e929 [ 441.310135][T11495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.310150][T11495] RSP: 002b:00007f863b9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 441.310165][T11495] RAX: ffffffffffffffda RBX: 00007f863ddb6080 RCX: 00007f863db8e929 [ 441.310176][T11495] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 441.310185][T11495] RBP: 00007f863dc10b39 R08: 0000000000000401 R09: 0000000000008000 [ 441.310195][T11495] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 441.310204][T11495] R13: 0000000000000000 R14: 00007f863ddb6080 R15: 00007ffcea4f34f8 [ 441.310223][T11495] [ 443.701963][T11553] can: request_module (can-proto-0) failed. [ 445.046254][T11584] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1445'. [ 445.061720][T11584] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1445'. [ 445.660872][T11595] FAULT_INJECTION: forcing a failure. [ 445.660872][T11595] name failslab, interval 1, probability 0, space 0, times 0 [ 445.704210][T11595] CPU: 1 UID: 0 PID: 11595 Comm: syz.0.1446 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 445.704250][T11595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 445.704265][T11595] Call Trace: [ 445.704274][T11595] [ 445.704286][T11595] dump_stack_lvl+0x16c/0x1f0 [ 445.704329][T11595] should_fail_ex+0x512/0x640 [ 445.704364][T11595] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 445.704401][T11595] should_failslab+0xc2/0x120 [ 445.704426][T11595] __kmalloc_cache_noprof+0x6a/0x3e0 [ 445.704459][T11595] ? snd_card_file_add+0x52/0x330 [ 445.704492][T11595] snd_card_file_add+0x52/0x330 [ 445.704524][T11595] snd_pcm_oss_open+0x1cf/0x1400 [ 445.704552][T11595] ? lockdep_hardirqs_on+0x7c/0x110 [ 445.704592][T11595] ? find_held_lock+0x2b/0x80 [ 445.704618][T11595] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 445.704649][T11595] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 445.704678][T11595] ? __lock_acquire+0xb8a/0x1c90 [ 445.704715][T11595] ? __lock_acquire+0xb8a/0x1c90 [ 445.704755][T11595] ? do_raw_spin_lock+0x12c/0x2b0 [ 445.704817][T11595] ? soundcore_open+0x35a/0x580 [ 445.704858][T11595] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 445.704889][T11595] soundcore_open+0x409/0x580 [ 445.704930][T11595] ? __pfx_soundcore_open+0x10/0x10 [ 445.704969][T11595] chrdev_open+0x234/0x6a0 [ 445.705004][T11595] ? __pfx_apparmor_file_open+0x10/0x10 [ 445.705035][T11595] ? __pfx_chrdev_open+0x10/0x10 [ 445.705075][T11595] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 445.705114][T11595] do_dentry_open+0x741/0x1c10 [ 445.705151][T11595] ? __pfx_chrdev_open+0x10/0x10 [ 445.705195][T11595] vfs_open+0x82/0x3f0 [ 445.705226][T11595] path_openat+0x1de4/0x2cb0 [ 445.705273][T11595] ? __pfx_path_openat+0x10/0x10 [ 445.705310][T11595] ? __lock_acquire+0xb8a/0x1c90 [ 445.705345][T11595] do_filp_open+0x20b/0x470 [ 445.705380][T11595] ? __pfx_do_filp_open+0x10/0x10 [ 445.705442][T11595] ? alloc_fd+0x471/0x7d0 [ 445.705484][T11595] do_sys_openat2+0x11b/0x1d0 [ 445.705512][T11595] ? __pfx_do_sys_openat2+0x10/0x10 [ 445.705536][T11595] ? find_held_lock+0x2b/0x80 [ 445.705561][T11595] ? handle_mm_fault+0x2ab/0xd10 [ 445.705601][T11595] __x64_sys_openat+0x174/0x210 [ 445.705630][T11595] ? __pfx___x64_sys_openat+0x10/0x10 [ 445.705671][T11595] do_syscall_64+0xcd/0x490 [ 445.705712][T11595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.705735][T11595] RIP: 0033:0x7f081238e929 [ 445.705755][T11595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.705790][T11595] RSP: 002b:00007f081319d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 445.705814][T11595] RAX: ffffffffffffffda RBX: 00007f08125b6080 RCX: 00007f081238e929 [ 445.705831][T11595] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 445.705849][T11595] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 445.705866][T11595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.705882][T11595] R13: 0000000000000000 R14: 00007f08125b6080 R15: 00007fffce9c1a38 [ 445.705916][T11595] [ 446.507544][T11609] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1451'. [ 447.554872][T11601] Process accounting paused [ 447.706801][T11624] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1455'. [ 447.728537][T11624] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1455'. [ 447.845865][T11635] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1454'. [ 447.863734][T11636] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1457'. [ 448.069817][T11640] FAULT_INJECTION: forcing a failure. [ 448.069817][T11640] name failslab, interval 1, probability 0, space 0, times 0 [ 448.123198][T11640] CPU: 0 UID: 0 PID: 11640 Comm: syz.1.1458 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 448.123238][T11640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 448.123255][T11640] Call Trace: [ 448.123265][T11640] [ 448.123276][T11640] dump_stack_lvl+0x16c/0x1f0 [ 448.123321][T11640] should_fail_ex+0x512/0x640 [ 448.123357][T11640] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 448.123397][T11640] should_failslab+0xc2/0x120 [ 448.123423][T11640] __kmalloc_cache_noprof+0x6a/0x3e0 [ 448.123459][T11640] ? snd_card_file_add+0x52/0x330 [ 448.123498][T11640] snd_card_file_add+0x52/0x330 [ 448.123531][T11640] snd_pcm_oss_open+0x1cf/0x1400 [ 448.123571][T11640] ? lockdep_hardirqs_on+0x7c/0x110 [ 448.123614][T11640] ? find_held_lock+0x2b/0x80 [ 448.123643][T11640] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 448.123676][T11640] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 448.123706][T11640] ? __lock_acquire+0xb8a/0x1c90 [ 448.123745][T11640] ? __lock_acquire+0xb8a/0x1c90 [ 448.123786][T11640] ? do_raw_spin_lock+0x12c/0x2b0 [ 448.123827][T11640] ? soundcore_open+0x35a/0x580 [ 448.123867][T11640] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 448.123898][T11640] soundcore_open+0x409/0x580 [ 448.123939][T11640] ? __pfx_soundcore_open+0x10/0x10 [ 448.123979][T11640] chrdev_open+0x234/0x6a0 [ 448.124017][T11640] ? __pfx_apparmor_file_open+0x10/0x10 [ 448.124050][T11640] ? __pfx_chrdev_open+0x10/0x10 [ 448.124091][T11640] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 448.124132][T11640] do_dentry_open+0x741/0x1c10 [ 448.124171][T11640] ? __pfx_chrdev_open+0x10/0x10 [ 448.124216][T11640] vfs_open+0x82/0x3f0 [ 448.124249][T11640] path_openat+0x1de4/0x2cb0 [ 448.124298][T11640] ? __pfx_path_openat+0x10/0x10 [ 448.124337][T11640] ? __lock_acquire+0xb8a/0x1c90 [ 448.124374][T11640] do_filp_open+0x20b/0x470 [ 448.124412][T11640] ? __pfx_do_filp_open+0x10/0x10 [ 448.124471][T11640] ? alloc_fd+0x471/0x7d0 [ 448.124511][T11640] do_sys_openat2+0x11b/0x1d0 [ 448.124540][T11640] ? __pfx_do_sys_openat2+0x10/0x10 [ 448.124577][T11640] ? find_held_lock+0x2b/0x80 [ 448.124604][T11640] ? handle_mm_fault+0x2ab/0xd10 [ 448.124648][T11640] __x64_sys_openat+0x174/0x210 [ 448.124680][T11640] ? __pfx___x64_sys_openat+0x10/0x10 [ 448.124725][T11640] do_syscall_64+0xcd/0x490 [ 448.124769][T11640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.124797][T11640] RIP: 0033:0x7f953958e929 [ 448.124819][T11640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.124846][T11640] RSP: 002b:00007f95373f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 448.124872][T11640] RAX: ffffffffffffffda RBX: 00007f95397b6080 RCX: 00007f953958e929 [ 448.124892][T11640] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 448.124911][T11640] RBP: 00007f9539610b39 R08: 0000000000000000 R09: 0000000000000000 [ 448.124928][T11640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.124945][T11640] R13: 0000000000000000 R14: 00007f95397b6080 R15: 00007ffc7520c1a8 [ 448.124981][T11640] [ 448.459936][T11639] FAULT_INJECTION: forcing a failure. [ 448.459936][T11639] name failslab, interval 1, probability 0, space 0, times 0 [ 448.475584][T11639] CPU: 0 UID: 0 PID: 11639 Comm: syz.0.1457 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 448.475624][T11639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 448.475638][T11639] Call Trace: [ 448.475644][T11639] [ 448.475650][T11639] dump_stack_lvl+0x16c/0x1f0 [ 448.475677][T11639] should_fail_ex+0x512/0x640 [ 448.475699][T11639] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 448.475720][T11639] ? __pfx_mon_text_open+0x10/0x10 [ 448.475741][T11639] should_failslab+0xc2/0x120 [ 448.475755][T11639] __kmalloc_cache_noprof+0x6a/0x3e0 [ 448.475775][T11639] ? mon_text_open+0xd5/0x4f0 [ 448.475798][T11639] ? __pfx_mon_text_open+0x10/0x10 [ 448.475818][T11639] mon_text_open+0xd5/0x4f0 [ 448.475839][T11639] ? __pfx_mon_text_open+0x10/0x10 [ 448.475859][T11639] ? __debugfs_file_get+0x1fe/0x840 [ 448.475873][T11639] ? __pfx___debugfs_file_get+0x10/0x10 [ 448.475887][T11639] ? __pfx_apparmor_file_open+0x10/0x10 [ 448.475904][T11639] ? lockdown_is_locked_down+0x3f/0x130 [ 448.475923][T11639] ? bpf_lsm_locked_down+0x9/0x10 [ 448.475943][T11639] ? __pfx_mon_text_open+0x10/0x10 [ 448.475962][T11639] full_proxy_open_regular+0x1b9/0x360 [ 448.475980][T11639] do_dentry_open+0x741/0x1c10 [ 448.476001][T11639] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 448.476020][T11639] vfs_open+0x82/0x3f0 [ 448.476038][T11639] path_openat+0x1de4/0x2cb0 [ 448.476065][T11639] ? __pfx_path_openat+0x10/0x10 [ 448.476086][T11639] ? __lock_acquire+0xb8a/0x1c90 [ 448.476108][T11639] do_filp_open+0x20b/0x470 [ 448.476128][T11639] ? __pfx_do_filp_open+0x10/0x10 [ 448.476162][T11639] ? alloc_fd+0x471/0x7d0 [ 448.476187][T11639] do_sys_openat2+0x11b/0x1d0 [ 448.476202][T11639] ? __pfx_do_sys_openat2+0x10/0x10 [ 448.476225][T11639] __x64_sys_openat+0x174/0x210 [ 448.476242][T11639] ? __pfx___x64_sys_openat+0x10/0x10 [ 448.476259][T11639] ? syscall_user_dispatch+0x78/0x140 [ 448.476287][T11639] do_syscall_64+0xcd/0x490 [ 448.476311][T11639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.476326][T11639] RIP: 0033:0x7f081238e929 [ 448.476338][T11639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.476353][T11639] RSP: 002b:00007f081317c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 448.476367][T11639] RAX: ffffffffffffffda RBX: 00007f08125b6160 RCX: 00007f081238e929 [ 448.476377][T11639] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 448.476387][T11639] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 448.476397][T11639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.476406][T11639] R13: 0000000000000000 R14: 00007f08125b6160 R15: 00007fffce9c1a38 [ 448.476425][T11639] [ 449.053946][T11655] syz.1.1460 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 449.779685][T11653] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1460'. [ 450.226239][T11676] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1466'. [ 450.240999][T11676] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1466'. [ 451.160161][T11697] FAULT_INJECTION: forcing a failure. [ 451.160161][T11697] name failslab, interval 1, probability 0, space 0, times 0 [ 451.174021][T11697] CPU: 0 UID: 0 PID: 11697 Comm: syz.2.1469 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 451.174061][T11697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 451.174076][T11697] Call Trace: [ 451.174085][T11697] [ 451.174096][T11697] dump_stack_lvl+0x16c/0x1f0 [ 451.174141][T11697] should_fail_ex+0x512/0x640 [ 451.174176][T11697] ? fs_reclaim_acquire+0xae/0x150 [ 451.174210][T11697] should_failslab+0xc2/0x120 [ 451.174235][T11697] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 451.174271][T11697] ? security_inode_alloc+0x3b/0x2b0 [ 451.174306][T11697] security_inode_alloc+0x3b/0x2b0 [ 451.174335][T11697] inode_init_always_gfp+0xce4/0x1030 [ 451.174372][T11697] alloc_inode+0x86/0x240 [ 451.174396][T11697] new_inode+0x22/0x1c0 [ 451.174418][T11697] ? trace_cap_capable+0x18d/0x200 [ 451.174460][T11697] shmem_get_inode+0x19a/0xfb0 [ 451.174490][T11697] ? __vm_enough_memory+0x184/0x3f0 [ 451.174518][T11697] __shmem_file_setup+0x279/0x330 [ 451.174555][T11697] shmem_zero_setup+0x93/0x1a0 [ 451.174592][T11697] __mmap_region+0x1ece/0x25e0 [ 451.174643][T11697] ? __pfx___mmap_region+0x10/0x10 [ 451.174680][T11697] ? find_held_lock+0x2b/0x80 [ 451.174711][T11697] ? finish_task_switch.isra.0+0x221/0xc10 [ 451.174739][T11697] ? lockdep_hardirqs_on+0x7c/0x110 [ 451.174775][T11697] ? finish_task_switch.isra.0+0x221/0xc10 [ 451.174803][T11697] ? rcu_is_watching+0x12/0xc0 [ 451.174829][T11697] ? trace_sched_exit_tp+0xde/0x130 [ 451.174859][T11697] ? __schedule+0x1181/0x5de0 [ 451.174892][T11697] ? kvm_sched_clock_read+0x11/0x20 [ 451.174987][T11697] ? mm_get_unmapped_area+0x95/0xe0 [ 451.175027][T11697] mmap_region+0x1ab/0x3f0 [ 451.175065][T11697] ? __get_unmapped_area+0x267/0x440 [ 451.175099][T11697] do_mmap+0xa3e/0x1210 [ 451.175136][T11697] ? __pfx_do_mmap+0x10/0x10 [ 451.175165][T11697] ? __pfx_down_write_killable+0x10/0x10 [ 451.175200][T11697] vm_mmap_pgoff+0x281/0x450 [ 451.175233][T11697] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 451.175269][T11697] ? __x64_sys_futex+0x1e0/0x4c0 [ 451.175298][T11697] ? __x64_sys_futex+0x1e9/0x4c0 [ 451.175334][T11697] ksys_mmap_pgoff+0x7d/0x5c0 [ 451.175359][T11697] ? xfd_validate_state+0x61/0x180 [ 451.175387][T11697] ? __pfx_ksys_write+0x10/0x10 [ 451.175427][T11697] __x64_sys_mmap+0x125/0x190 [ 451.175466][T11697] do_syscall_64+0xcd/0x490 [ 451.175507][T11697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.175535][T11697] RIP: 0033:0x7f863db8e929 [ 451.175559][T11697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.175585][T11697] RSP: 002b:00007f863e924038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 451.175610][T11697] RAX: ffffffffffffffda RBX: 00007f863ddb5fa0 RCX: 00007f863db8e929 [ 451.175636][T11697] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 451.175654][T11697] RBP: 00007f863dc10b39 R08: 0000000000000401 R09: 0000000000008000 [ 451.175672][T11697] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 451.175689][T11697] R13: 0000000000000000 R14: 00007f863ddb5fa0 R15: 00007ffcea4f34f8 [ 451.175727][T11697] [ 452.256938][T11687] FAULT_INJECTION: forcing a failure. [ 452.256938][T11687] name failslab, interval 1, probability 0, space 0, times 0 [ 452.298095][T11716] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1472'. [ 452.311067][T11687] CPU: 0 UID: 0 PID: 11687 Comm: syz.3.1467 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 452.311104][T11687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 452.311113][T11687] Call Trace: [ 452.311119][T11687] [ 452.311125][T11687] dump_stack_lvl+0x16c/0x1f0 [ 452.311152][T11687] should_fail_ex+0x512/0x640 [ 452.311173][T11687] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 452.311196][T11687] ? __pfx_mon_text_open+0x10/0x10 [ 452.311217][T11687] should_failslab+0xc2/0x120 [ 452.311231][T11687] __kmalloc_cache_noprof+0x6a/0x3e0 [ 452.311249][T11687] ? mon_text_open+0x1cb/0x4f0 [ 452.311271][T11687] ? __pfx_mon_text_open+0x10/0x10 [ 452.311292][T11687] mon_text_open+0x1cb/0x4f0 [ 452.311313][T11687] ? __pfx_mon_text_open+0x10/0x10 [ 452.311333][T11687] ? __debugfs_file_get+0x1fe/0x840 [ 452.311353][T11687] ? __pfx___debugfs_file_get+0x10/0x10 [ 452.311368][T11687] ? __pfx_apparmor_file_open+0x10/0x10 [ 452.311387][T11687] ? lockdown_is_locked_down+0x3f/0x130 [ 452.311406][T11687] ? bpf_lsm_locked_down+0x9/0x10 [ 452.311427][T11687] ? __pfx_mon_text_open+0x10/0x10 [ 452.311446][T11687] full_proxy_open_regular+0x1b9/0x360 [ 452.311464][T11687] do_dentry_open+0x741/0x1c10 [ 452.311486][T11687] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 452.311505][T11687] vfs_open+0x82/0x3f0 [ 452.311523][T11687] path_openat+0x1de4/0x2cb0 [ 452.311550][T11687] ? __pfx_path_openat+0x10/0x10 [ 452.311571][T11687] ? __lock_acquire+0xb8a/0x1c90 [ 452.311595][T11687] do_filp_open+0x20b/0x470 [ 452.311616][T11687] ? __pfx_do_filp_open+0x10/0x10 [ 452.311650][T11687] ? alloc_fd+0x471/0x7d0 [ 452.311674][T11687] do_sys_openat2+0x11b/0x1d0 [ 452.311689][T11687] ? __pfx_do_sys_openat2+0x10/0x10 [ 452.311713][T11687] __x64_sys_openat+0x174/0x210 [ 452.311729][T11687] ? __pfx___x64_sys_openat+0x10/0x10 [ 452.311753][T11687] do_syscall_64+0xcd/0x490 [ 452.311776][T11687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.311791][T11687] RIP: 0033:0x7fb03158e929 [ 452.311804][T11687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.311818][T11687] RSP: 002b:00007fb0323d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 452.311833][T11687] RAX: ffffffffffffffda RBX: 00007fb0317b5fa0 RCX: 00007fb03158e929 [ 452.311842][T11687] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 452.311851][T11687] RBP: 00007fb031610b39 R08: 0000000000000000 R09: 0000000000000000 [ 452.311860][T11687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.311868][T11687] R13: 0000000000000000 R14: 00007fb0317b5fa0 R15: 00007ffce878b018 [ 452.311887][T11687] [ 452.364929][T11707] FAULT_INJECTION: forcing a failure. [ 452.364929][T11707] name failslab, interval 1, probability 0, space 0, times 0 [ 452.598133][T11707] CPU: 0 UID: 0 PID: 11707 Comm: syz.2.1471 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 452.598156][T11707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 452.598166][T11707] Call Trace: [ 452.598171][T11707] [ 452.598178][T11707] dump_stack_lvl+0x16c/0x1f0 [ 452.598206][T11707] should_fail_ex+0x512/0x640 [ 452.598228][T11707] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 452.598250][T11707] ? __pfx_mon_text_open+0x10/0x10 [ 452.598271][T11707] should_failslab+0xc2/0x120 [ 452.598294][T11707] __kmalloc_cache_noprof+0x6a/0x3e0 [ 452.598315][T11707] ? mon_text_open+0x1cb/0x4f0 [ 452.598337][T11707] ? __pfx_mon_text_open+0x10/0x10 [ 452.598359][T11707] mon_text_open+0x1cb/0x4f0 [ 452.598380][T11707] ? __pfx_mon_text_open+0x10/0x10 [ 452.598401][T11707] ? __debugfs_file_get+0x1fe/0x840 [ 452.598416][T11707] ? __pfx___debugfs_file_get+0x10/0x10 [ 452.598430][T11707] ? __pfx_apparmor_file_open+0x10/0x10 [ 452.598448][T11707] ? lockdown_is_locked_down+0x3f/0x130 [ 452.598469][T11707] ? bpf_lsm_locked_down+0x9/0x10 [ 452.598490][T11707] ? __pfx_mon_text_open+0x10/0x10 [ 452.598510][T11707] full_proxy_open_regular+0x1b9/0x360 [ 452.598528][T11707] do_dentry_open+0x741/0x1c10 [ 452.598551][T11707] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 452.598571][T11707] vfs_open+0x82/0x3f0 [ 452.598590][T11707] path_openat+0x1de4/0x2cb0 [ 452.598618][T11707] ? __pfx_path_openat+0x10/0x10 [ 452.598640][T11707] ? __lock_acquire+0xb8a/0x1c90 [ 452.598663][T11707] do_filp_open+0x20b/0x470 [ 452.598684][T11707] ? __pfx_do_filp_open+0x10/0x10 [ 452.598719][T11707] ? alloc_fd+0x471/0x7d0 [ 452.598744][T11707] do_sys_openat2+0x11b/0x1d0 [ 452.598760][T11707] ? __pfx_do_sys_openat2+0x10/0x10 [ 452.598784][T11707] __x64_sys_openat+0x174/0x210 [ 452.598801][T11707] ? __pfx___x64_sys_openat+0x10/0x10 [ 452.598826][T11707] do_syscall_64+0xcd/0x490 [ 452.598850][T11707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.598865][T11707] RIP: 0033:0x7f863db8e929 [ 452.598877][T11707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.598892][T11707] RSP: 002b:00007f863e924038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 452.598907][T11707] RAX: ffffffffffffffda RBX: 00007f863ddb5fa0 RCX: 00007f863db8e929 [ 452.598917][T11707] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 452.598927][T11707] RBP: 00007f863dc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 452.598936][T11707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.598945][T11707] R13: 0000000000000000 R14: 00007f863ddb5fa0 R15: 00007ffcea4f34f8 [ 452.598964][T11707] [ 453.329322][T11728] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1477'. [ 453.350558][T11728] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1477'. [ 453.429210][T11726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1474'. [ 453.844209][T11738] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1479'. [ 454.155072][T11747] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1482'. [ 454.406069][T11747] can0: slcan on ttyS2. [ 454.575985][T11759] can0 (unregistered): slcan off ttyS2. [ 455.051395][T11754] FAULT_INJECTION: forcing a failure. [ 455.051395][T11754] name failslab, interval 1, probability 0, space 0, times 0 [ 455.108997][T11754] CPU: 0 UID: 0 PID: 11754 Comm: syz.2.1484 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 455.109037][T11754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 455.109052][T11754] Call Trace: [ 455.109062][T11754] [ 455.109072][T11754] dump_stack_lvl+0x16c/0x1f0 [ 455.109123][T11754] should_fail_ex+0x512/0x640 [ 455.109159][T11754] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 455.109197][T11754] ? __pfx_mon_text_open+0x10/0x10 [ 455.109236][T11754] should_failslab+0xc2/0x120 [ 455.109261][T11754] __kmalloc_cache_noprof+0x6a/0x3e0 [ 455.109296][T11754] ? mon_text_open+0x1cb/0x4f0 [ 455.109336][T11754] ? __pfx_mon_text_open+0x10/0x10 [ 455.109371][T11754] mon_text_open+0x1cb/0x4f0 [ 455.109406][T11754] ? __pfx_mon_text_open+0x10/0x10 [ 455.109441][T11754] ? __debugfs_file_get+0x1fe/0x840 [ 455.109466][T11754] ? __pfx___debugfs_file_get+0x10/0x10 [ 455.109493][T11754] ? __pfx_apparmor_file_open+0x10/0x10 [ 455.109523][T11754] ? lockdown_is_locked_down+0x3f/0x130 [ 455.109555][T11754] ? bpf_lsm_locked_down+0x9/0x10 [ 455.109590][T11754] ? __pfx_mon_text_open+0x10/0x10 [ 455.109622][T11754] full_proxy_open_regular+0x1b9/0x360 [ 455.109653][T11754] do_dentry_open+0x741/0x1c10 [ 455.109690][T11754] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 455.109727][T11754] vfs_open+0x82/0x3f0 [ 455.109760][T11754] path_openat+0x1de4/0x2cb0 [ 455.109809][T11754] ? __pfx_path_openat+0x10/0x10 [ 455.109847][T11754] ? __lock_acquire+0xb8a/0x1c90 [ 455.109885][T11754] do_filp_open+0x20b/0x470 [ 455.109922][T11754] ? __pfx_do_filp_open+0x10/0x10 [ 455.109985][T11754] ? alloc_fd+0x471/0x7d0 [ 455.110030][T11754] do_sys_openat2+0x11b/0x1d0 [ 455.110058][T11754] ? __pfx_do_sys_openat2+0x10/0x10 [ 455.110101][T11754] __x64_sys_openat+0x174/0x210 [ 455.110139][T11754] ? __pfx___x64_sys_openat+0x10/0x10 [ 455.110184][T11754] do_syscall_64+0xcd/0x490 [ 455.110225][T11754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.110252][T11754] RIP: 0033:0x7f863db8e929 [ 455.110275][T11754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.110301][T11754] RSP: 002b:00007f863e924038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 455.110327][T11754] RAX: ffffffffffffffda RBX: 00007f863ddb5fa0 RCX: 00007f863db8e929 [ 455.110346][T11754] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 455.110363][T11754] RBP: 00007f863dc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 455.110380][T11754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 455.110396][T11754] R13: 0000000000000000 R14: 00007f863ddb5fa0 R15: 00007ffcea4f34f8 [ 455.110433][T11754] [ 455.824063][T11773] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1488'. [ 458.723298][T11845] FAULT_INJECTION: forcing a failure. [ 458.723298][T11845] name failslab, interval 1, probability 0, space 0, times 0 [ 458.904156][T11845] CPU: 1 UID: 0 PID: 11845 Comm: syz.2.1508 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 458.904194][T11845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 458.904211][T11845] Call Trace: [ 458.904220][T11845] [ 458.904229][T11845] dump_stack_lvl+0x16c/0x1f0 [ 458.904274][T11845] should_fail_ex+0x512/0x640 [ 458.904308][T11845] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 458.904346][T11845] ? __pfx_mon_text_open+0x10/0x10 [ 458.904382][T11845] should_failslab+0xc2/0x120 [ 458.904410][T11845] __kmalloc_cache_noprof+0x6a/0x3e0 [ 458.904446][T11845] ? mon_text_open+0x1cb/0x4f0 [ 458.904487][T11845] ? __pfx_mon_text_open+0x10/0x10 [ 458.904524][T11845] mon_text_open+0x1cb/0x4f0 [ 458.904563][T11845] ? __pfx_mon_text_open+0x10/0x10 [ 458.904599][T11845] ? __debugfs_file_get+0x1fe/0x840 [ 458.904626][T11845] ? __pfx___debugfs_file_get+0x10/0x10 [ 458.904653][T11845] ? __pfx_apparmor_file_open+0x10/0x10 [ 458.904685][T11845] ? lockdown_is_locked_down+0x3f/0x130 [ 458.904721][T11845] ? bpf_lsm_locked_down+0x9/0x10 [ 458.904758][T11845] ? __pfx_mon_text_open+0x10/0x10 [ 458.904805][T11845] full_proxy_open_regular+0x1b9/0x360 [ 458.904840][T11845] do_dentry_open+0x741/0x1c10 [ 458.904881][T11845] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 458.904918][T11845] vfs_open+0x82/0x3f0 [ 458.904952][T11845] path_openat+0x1de4/0x2cb0 [ 458.905002][T11845] ? __pfx_path_openat+0x10/0x10 [ 458.905041][T11845] ? __lock_acquire+0xb8a/0x1c90 [ 458.905080][T11845] do_filp_open+0x20b/0x470 [ 458.905117][T11845] ? __pfx_do_filp_open+0x10/0x10 [ 458.905182][T11845] ? alloc_fd+0x471/0x7d0 [ 458.905228][T11845] do_sys_openat2+0x11b/0x1d0 [ 458.905258][T11845] ? __pfx_do_sys_openat2+0x10/0x10 [ 458.905289][T11845] ? __pfx___schedule+0x10/0x10 [ 458.905331][T11845] __x64_sys_openat+0x174/0x210 [ 458.905360][T11845] ? __pfx___x64_sys_openat+0x10/0x10 [ 458.905405][T11845] do_syscall_64+0xcd/0x490 [ 458.905447][T11845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.905475][T11845] RIP: 0033:0x7f863db8e929 [ 458.905498][T11845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.905525][T11845] RSP: 002b:00007f863b9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 458.905552][T11845] RAX: ffffffffffffffda RBX: 00007f863ddb6080 RCX: 00007f863db8e929 [ 458.905571][T11845] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 458.905588][T11845] RBP: 00007f863dc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 458.905605][T11845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.905621][T11845] R13: 0000000000000000 R14: 00007f863ddb6080 R15: 00007ffcea4f34f8 [ 458.905658][T11845] [ 460.247358][T11870] FAULT_INJECTION: forcing a failure. [ 460.247358][T11870] name failslab, interval 1, probability 0, space 0, times 0 [ 460.297767][T11870] CPU: 1 UID: 0 PID: 11870 Comm: syz.3.1516 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 460.297807][T11870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 460.297823][T11870] Call Trace: [ 460.297832][T11870] [ 460.297843][T11870] dump_stack_lvl+0x16c/0x1f0 [ 460.297888][T11870] should_fail_ex+0x512/0x640 [ 460.297923][T11870] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 460.297975][T11870] should_failslab+0xc2/0x120 [ 460.298002][T11870] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 460.298046][T11870] ? trace_kmem_cache_alloc+0x28/0xc0 [ 460.298073][T11870] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 460.298109][T11870] ? mas_alloc_nodes+0x18b/0x8b0 [ 460.298147][T11870] ? mas_alloc_nodes+0x2f1/0x8b0 [ 460.298174][T11870] mas_alloc_nodes+0x2f1/0x8b0 [ 460.298213][T11870] mas_node_count_gfp+0x105/0x130 [ 460.298248][T11870] mas_preallocate+0x77b/0xda0 [ 460.298280][T11870] ? __pfx_mas_preallocate+0x10/0x10 [ 460.298316][T11870] ? vma_merge_new_range+0x37f/0xa00 [ 460.298349][T11870] ? vm_area_alloc+0x1f/0x160 [ 460.298382][T11870] ? lockdep_init_map_type+0x5c/0x280 [ 460.298419][T11870] __mmap_region+0x1104/0x25e0 [ 460.298460][T11870] ? __pfx___mmap_region+0x10/0x10 [ 460.298498][T11870] ? rcu_is_watching+0x12/0xc0 [ 460.298531][T11870] ? rcu_is_watching+0x12/0xc0 [ 460.298555][T11870] ? trace_sched_exit_tp+0xde/0x130 [ 460.298582][T11870] ? __schedule+0x1181/0x5de0 [ 460.298640][T11870] ? __pfx___schedule+0x10/0x10 [ 460.298716][T11870] ? mm_get_unmapped_area+0x95/0xe0 [ 460.298754][T11870] mmap_region+0x1ab/0x3f0 [ 460.298791][T11870] ? __get_unmapped_area+0x267/0x440 [ 460.298825][T11870] do_mmap+0xa3e/0x1210 [ 460.298861][T11870] ? __pfx_do_mmap+0x10/0x10 [ 460.298890][T11870] ? __pfx_down_write_killable+0x10/0x10 [ 460.298925][T11870] vm_mmap_pgoff+0x281/0x450 [ 460.298968][T11870] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 460.299004][T11870] ? __x64_sys_futex+0x1e0/0x4c0 [ 460.299034][T11870] ? __x64_sys_futex+0x1e9/0x4c0 [ 460.299069][T11870] ksys_mmap_pgoff+0x7d/0x5c0 [ 460.299096][T11870] ? xfd_validate_state+0x61/0x180 [ 460.299128][T11870] ? __pfx_ksys_write+0x10/0x10 [ 460.299168][T11870] __x64_sys_mmap+0x125/0x190 [ 460.299206][T11870] do_syscall_64+0xcd/0x490 [ 460.299247][T11870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.299274][T11870] RIP: 0033:0x7fb03158e929 [ 460.299297][T11870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.299323][T11870] RSP: 002b:00007fb0323d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 460.299348][T11870] RAX: ffffffffffffffda RBX: 00007fb0317b5fa0 RCX: 00007fb03158e929 [ 460.299366][T11870] RDX: 00004000000000df RSI: 0000000000020009 RDI: 00007ffffffde000 [ 460.299383][T11870] RBP: 00007fb031610b39 R08: 0000000000000401 R09: 0000000000008000 [ 460.299400][T11870] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 460.299417][T11870] R13: 0000000000000000 R14: 00007fb0317b5fa0 R15: 00007ffce878b018 [ 460.299454][T11870] [ 460.771245][T11871] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1515'. [ 461.388011][ T51] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 462.304460][T11905] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1525'. [ 463.461457][T11919] FAULT_INJECTION: forcing a failure. [ 463.461457][T11919] name failslab, interval 1, probability 0, space 0, times 0 [ 463.510581][T11919] CPU: 0 UID: 0 PID: 11919 Comm: syz.3.1527 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 463.510607][T11919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 463.510616][T11919] Call Trace: [ 463.510622][T11919] [ 463.510629][T11919] dump_stack_lvl+0x16c/0x1f0 [ 463.510656][T11919] should_fail_ex+0x512/0x640 [ 463.510678][T11919] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 463.510700][T11919] should_failslab+0xc2/0x120 [ 463.510715][T11919] __kmalloc_cache_noprof+0x6a/0x3e0 [ 463.510741][T11919] ? snd_card_file_add+0x52/0x330 [ 463.510761][T11919] snd_card_file_add+0x52/0x330 [ 463.510778][T11919] snd_pcm_oss_open+0x1cf/0x1400 [ 463.510796][T11919] ? lockdep_hardirqs_on+0x7c/0x110 [ 463.510820][T11919] ? find_held_lock+0x2b/0x80 [ 463.510838][T11919] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 463.510856][T11919] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 463.510872][T11919] ? __lock_acquire+0xb8a/0x1c90 [ 463.510896][T11919] ? __lock_acquire+0xb8a/0x1c90 [ 463.510920][T11919] ? do_raw_spin_lock+0x12c/0x2b0 [ 463.510942][T11919] ? soundcore_open+0x35a/0x580 [ 463.510965][T11919] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 463.510981][T11919] soundcore_open+0x409/0x580 [ 463.511004][T11919] ? __pfx_soundcore_open+0x10/0x10 [ 463.511026][T11919] chrdev_open+0x234/0x6a0 [ 463.511047][T11919] ? __pfx_apparmor_file_open+0x10/0x10 [ 463.511065][T11919] ? __pfx_chrdev_open+0x10/0x10 [ 463.511098][T11919] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 463.511122][T11919] do_dentry_open+0x741/0x1c10 [ 463.511144][T11919] ? __pfx_chrdev_open+0x10/0x10 [ 463.511169][T11919] vfs_open+0x82/0x3f0 [ 463.511187][T11919] path_openat+0x1de4/0x2cb0 [ 463.511218][T11919] ? __pfx_path_openat+0x10/0x10 [ 463.511239][T11919] ? __lock_acquire+0xb8a/0x1c90 [ 463.511259][T11919] do_filp_open+0x20b/0x470 [ 463.511279][T11919] ? __pfx_do_filp_open+0x10/0x10 [ 463.511313][T11919] ? alloc_fd+0x471/0x7d0 [ 463.511338][T11919] do_sys_openat2+0x11b/0x1d0 [ 463.511358][T11919] ? __pfx_do_sys_openat2+0x10/0x10 [ 463.511373][T11919] ? find_held_lock+0x2b/0x80 [ 463.511391][T11919] ? handle_mm_fault+0x2ab/0xd10 [ 463.511415][T11919] __x64_sys_openat+0x174/0x210 [ 463.511432][T11919] ? __pfx___x64_sys_openat+0x10/0x10 [ 463.511455][T11919] do_syscall_64+0xcd/0x490 [ 463.511479][T11919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.511496][T11919] RIP: 0033:0x7fb03158e929 [ 463.511509][T11919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.511524][T11919] RSP: 002b:00007fb0323b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 463.511543][T11919] RAX: ffffffffffffffda RBX: 00007fb0317b6080 RCX: 00007fb03158e929 [ 463.511553][T11919] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 463.511567][T11919] RBP: 00007fb031610b39 R08: 0000000000000000 R09: 0000000000000000 [ 463.511577][T11919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.511586][T11919] R13: 0000000000000000 R14: 00007fb0317b6080 R15: 00007ffce878b018 [ 463.511604][T11919] [ 463.954451][T11920] can: request_module (can-proto-0) failed. [ 464.473151][T11932] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1529'. [ 465.833551][T11958] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1536'. [ 465.906657][T11948] zswap: compressor not available [ 466.210834][T11962] FAULT_INJECTION: forcing a failure. [ 466.210834][T11962] name failslab, interval 1, probability 0, space 0, times 0 [ 466.356227][T11962] CPU: 1 UID: 0 PID: 11962 Comm: syz.3.1537 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 466.356251][T11962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 466.356262][T11962] Call Trace: [ 466.356267][T11962] [ 466.356274][T11962] dump_stack_lvl+0x16c/0x1f0 [ 466.356302][T11962] should_fail_ex+0x512/0x640 [ 466.356327][T11962] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 466.356350][T11962] should_failslab+0xc2/0x120 [ 466.356365][T11962] __kmalloc_cache_noprof+0x6a/0x3e0 [ 466.356386][T11962] ? snd_card_file_add+0x52/0x330 [ 466.356404][T11962] snd_card_file_add+0x52/0x330 [ 466.356421][T11962] snd_pcm_oss_open+0x1cf/0x1400 [ 466.356438][T11962] ? lockdep_hardirqs_on+0x7c/0x110 [ 466.356461][T11962] ? find_held_lock+0x2b/0x80 [ 466.356475][T11962] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 466.356493][T11962] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 466.356510][T11962] ? __lock_acquire+0xb8a/0x1c90 [ 466.356538][T11962] ? __lock_acquire+0xb8a/0x1c90 [ 466.356561][T11962] ? do_raw_spin_lock+0x12c/0x2b0 [ 466.356585][T11962] ? soundcore_open+0x35a/0x580 [ 466.356609][T11962] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 466.356625][T11962] soundcore_open+0x409/0x580 [ 466.356649][T11962] ? __pfx_soundcore_open+0x10/0x10 [ 466.356670][T11962] chrdev_open+0x234/0x6a0 [ 466.356692][T11962] ? __pfx_apparmor_file_open+0x10/0x10 [ 466.356710][T11962] ? __pfx_chrdev_open+0x10/0x10 [ 466.356733][T11962] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 466.356755][T11962] do_dentry_open+0x741/0x1c10 [ 466.356776][T11962] ? __pfx_chrdev_open+0x10/0x10 [ 466.356802][T11962] vfs_open+0x82/0x3f0 [ 466.356819][T11962] path_openat+0x1de4/0x2cb0 [ 466.356845][T11962] ? __pfx_path_openat+0x10/0x10 [ 466.356866][T11962] ? __lock_acquire+0xb8a/0x1c90 [ 466.356886][T11962] do_filp_open+0x20b/0x470 [ 466.356907][T11962] ? __pfx_do_filp_open+0x10/0x10 [ 466.356940][T11962] ? alloc_fd+0x471/0x7d0 [ 466.356964][T11962] do_sys_openat2+0x11b/0x1d0 [ 466.356979][T11962] ? __pfx_do_sys_openat2+0x10/0x10 [ 466.356994][T11962] ? find_held_lock+0x2b/0x80 [ 466.357008][T11962] ? handle_mm_fault+0x2ab/0xd10 [ 466.357030][T11962] __x64_sys_openat+0x174/0x210 [ 466.357047][T11962] ? __pfx___x64_sys_openat+0x10/0x10 [ 466.357071][T11962] do_syscall_64+0xcd/0x490 [ 466.357094][T11962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.357108][T11962] RIP: 0033:0x7fb03158e929 [ 466.357121][T11962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.357135][T11962] RSP: 002b:00007fb0323b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 466.357150][T11962] RAX: ffffffffffffffda RBX: 00007fb0317b6080 RCX: 00007fb03158e929 [ 466.357160][T11962] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 466.357170][T11962] RBP: 00007fb031610b39 R08: 0000000000000000 R09: 0000000000000000 [ 466.357179][T11962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.357188][T11962] R13: 0000000000000000 R14: 00007fb0317b6080 R15: 00007ffce878b018 [ 466.357206][T11962] [ 468.154846][T11992] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1543'. [ 471.353413][T12038] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1556'. [ 472.115755][T12050] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1557'. [ 474.612039][T12082] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1566'. [ 475.854481][T12095] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1570'. [ 477.649165][T12114] Process accounting resumed [ 478.022830][T12130] input: f¬ as /devices/virtual/input/input21 [ 479.634037][T12147] zswap: compressor not available [ 479.887525][T12160] FAULT_INJECTION: forcing a failure. [ 479.887525][T12160] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 479.969484][T12160] CPU: 0 UID: 0 PID: 12160 Comm: syz.0.1582 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 479.969525][T12160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 479.969543][T12160] Call Trace: [ 479.969552][T12160] [ 479.969564][T12160] dump_stack_lvl+0x16c/0x1f0 [ 479.969640][T12160] should_fail_ex+0x512/0x640 [ 479.969685][T12160] should_fail_alloc_page+0xe7/0x130 [ 479.969713][T12160] prepare_alloc_pages+0x3c2/0x610 [ 479.969750][T12160] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 479.969792][T12160] ? __lock_acquire+0x622/0x1c90 [ 479.969827][T12160] ? ZSTD_RowFindBestMatch_dedicatedDictSearch_5_6.constprop.0+0x376/0x33d0 [ 479.969871][T12160] ? __is_module_percpu_address+0x1d6/0x440 [ 479.969903][T12160] ? rcu_is_watching+0x12/0xc0 [ 479.969929][T12160] ? save_trace+0x4e/0x380 [ 479.969959][T12160] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 479.969999][T12160] ? find_held_lock+0x2b/0x80 [ 479.970026][T12160] ? __flush_work+0xa48/0xcc0 [ 479.970055][T12160] ? __flush_work+0x7f2/0xcc0 [ 479.970084][T12160] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 479.970124][T12160] ? policy_nodemask+0xea/0x4e0 [ 479.970169][T12160] alloc_pages_mpol+0x1fb/0x550 [ 479.970196][T12160] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 479.970232][T12160] alloc_pages_noprof+0x131/0x390 [ 479.970260][T12160] get_free_pages_noprof+0x10/0xb0 [ 479.970287][T12160] __pollwait+0x295/0x490 [ 479.970319][T12160] ? __fget_files+0x20e/0x3c0 [ 479.970354][T12160] snd_rawmidi_poll+0x4b5/0x690 [ 479.970386][T12160] ? __pfx___pollwait+0x10/0x10 [ 479.970419][T12160] ? __pfx_snd_rawmidi_poll+0x10/0x10 [ 479.970452][T12160] do_select+0xd3a/0x17e0 [ 479.970512][T12160] ? __pfx_do_select+0x10/0x10 [ 479.970541][T12160] ? find_held_lock+0x2b/0x80 [ 479.970566][T12160] ? finish_task_switch.isra.0+0x21c/0xc10 [ 479.970604][T12160] ? __pfx___pollwait+0x10/0x10 [ 479.970643][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970680][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970717][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970754][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970789][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970824][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970859][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970895][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970931][T12160] ? __pfx_pollwake+0x10/0x10 [ 479.970966][T12160] ? find_held_lock+0x2b/0x80 [ 479.970991][T12160] ? __might_fault+0xe3/0x190 [ 479.971027][T12160] ? __might_fault+0xe3/0x190 [ 479.971061][T12160] ? __might_fault+0x13b/0x190 [ 479.971110][T12160] ? core_sys_select+0x453/0xc10 [ 479.971142][T12160] core_sys_select+0x453/0xc10 [ 479.971185][T12160] ? __pfx_core_sys_select+0x10/0x10 [ 479.971228][T12160] ? futex_wait+0x120/0x380 [ 479.971291][T12160] ? __pfx_do_futex+0x10/0x10 [ 479.971332][T12160] kern_select+0x15d/0x1e0 [ 479.971367][T12160] ? __pfx_kern_select+0x10/0x10 [ 479.971405][T12160] ? xfd_validate_state+0x61/0x180 [ 479.971437][T12160] ? __pfx_ksys_write+0x10/0x10 [ 479.971479][T12160] __x64_sys_select+0xbd/0x160 [ 479.971511][T12160] ? do_syscall_64+0x91/0x490 [ 479.971549][T12160] ? lockdep_hardirqs_on+0x7c/0x110 [ 479.971593][T12160] do_syscall_64+0xcd/0x490 [ 479.971657][T12160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.971685][T12160] RIP: 0033:0x7f081238e929 [ 479.971708][T12160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.971734][T12160] RSP: 002b:00007f081319d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 479.971761][T12160] RAX: ffffffffffffffda RBX: 00007f08125b6080 RCX: 00007f081238e929 [ 479.971798][T12160] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 479.971814][T12160] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 479.971836][T12160] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000000 [ 479.971853][T12160] R13: 0000000000000000 R14: 00007f08125b6080 R15: 00007fffce9c1a38 [ 479.971888][T12160] [ 481.643593][T12185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1589'. [ 481.702222][T12179] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1588'. [ 481.730823][T12186] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1589'. [ 482.104030][T12190] QAT: Invalid ioctl -2146954624 [ 484.995431][T12221] zswap: compressor not available [ 485.524515][T12235] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1600'. [ 486.002365][T12237] FAULT_INJECTION: forcing a failure. [ 486.002365][T12237] name failslab, interval 1, probability 0, space 0, times 0 [ 486.035663][T12237] CPU: 1 UID: 0 PID: 12237 Comm: syz.0.1609 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 486.035694][T12237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 486.035704][T12237] Call Trace: [ 486.035710][T12237] [ 486.035717][T12237] dump_stack_lvl+0x16c/0x1f0 [ 486.035746][T12237] should_fail_ex+0x512/0x640 [ 486.035766][T12237] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 486.035788][T12237] should_failslab+0xc2/0x120 [ 486.035803][T12237] __kmalloc_cache_noprof+0x6a/0x3e0 [ 486.035822][T12237] ? snd_card_file_add+0x52/0x330 [ 486.035841][T12237] snd_card_file_add+0x52/0x330 [ 486.035858][T12237] snd_pcm_oss_open+0x1cf/0x1400 [ 486.035881][T12237] ? lockdep_hardirqs_on+0x7c/0x110 [ 486.035905][T12237] ? find_held_lock+0x2b/0x80 [ 486.035927][T12237] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 486.035958][T12237] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 486.035985][T12237] ? __lock_acquire+0xb8a/0x1c90 [ 486.036007][T12237] ? __lock_acquire+0xb8a/0x1c90 [ 486.036030][T12237] ? do_raw_spin_lock+0x12c/0x2b0 [ 486.036058][T12237] ? soundcore_open+0x35a/0x580 [ 486.036081][T12237] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 486.036097][T12237] soundcore_open+0x409/0x580 [ 486.036134][T12237] ? __pfx_soundcore_open+0x10/0x10 [ 486.036171][T12237] chrdev_open+0x234/0x6a0 [ 486.036200][T12237] ? __pfx_apparmor_file_open+0x10/0x10 [ 486.036218][T12237] ? __pfx_chrdev_open+0x10/0x10 [ 486.036241][T12237] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 486.036263][T12237] do_dentry_open+0x741/0x1c10 [ 486.036285][T12237] ? __pfx_chrdev_open+0x10/0x10 [ 486.036310][T12237] vfs_open+0x82/0x3f0 [ 486.036327][T12237] path_openat+0x1de4/0x2cb0 [ 486.036354][T12237] ? __pfx_path_openat+0x10/0x10 [ 486.036375][T12237] ? __lock_acquire+0xb8a/0x1c90 [ 486.036396][T12237] do_filp_open+0x20b/0x470 [ 486.036416][T12237] ? __pfx_do_filp_open+0x10/0x10 [ 486.036450][T12237] ? alloc_fd+0x471/0x7d0 [ 486.036474][T12237] do_sys_openat2+0x11b/0x1d0 [ 486.036490][T12237] ? __pfx_do_sys_openat2+0x10/0x10 [ 486.036505][T12237] ? find_held_lock+0x2b/0x80 [ 486.036518][T12237] ? handle_mm_fault+0x2ab/0xd10 [ 486.036541][T12237] __x64_sys_openat+0x174/0x210 [ 486.036557][T12237] ? __pfx___x64_sys_openat+0x10/0x10 [ 486.036581][T12237] do_syscall_64+0xcd/0x490 [ 486.036604][T12237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.036620][T12237] RIP: 0033:0x7f081238e929 [ 486.036632][T12237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.036647][T12237] RSP: 002b:00007f081319d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 486.036662][T12237] RAX: ffffffffffffffda RBX: 00007f08125b6080 RCX: 00007f081238e929 [ 486.036672][T12237] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 486.036682][T12237] RBP: 00007f0812410b39 R08: 0000000000000000 R09: 0000000000000000 [ 486.036691][T12237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.036700][T12237] R13: 0000000000000000 R14: 00007f08125b6080 R15: 00007fffce9c1a38 [ 486.036718][T12237] [ 487.351390][T12255] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1602'. [ 487.403108][T12255] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1602'. [ 488.735418][T12281] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1611'. [ 488.781846][T12285] FAULT_INJECTION: forcing a failure. [ 488.781846][T12285] name failslab, interval 1, probability 0, space 0, times 0 [ 488.815624][T12285] CPU: 0 UID: 0 PID: 12285 Comm: syz.1.1612 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 488.815646][T12285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 488.815657][T12285] Call Trace: [ 488.815662][T12285] [ 488.815668][T12285] dump_stack_lvl+0x16c/0x1f0 [ 488.815696][T12285] should_fail_ex+0x512/0x640 [ 488.815717][T12285] ? __kvmalloc_node_noprof+0x124/0x620 [ 488.815740][T12285] should_failslab+0xc2/0x120 [ 488.815754][T12285] __kvmalloc_node_noprof+0x137/0x620 [ 488.815776][T12285] ? seq_read_iter+0x826/0x12c0 [ 488.815797][T12285] ? seq_read_iter+0x826/0x12c0 [ 488.815814][T12285] seq_read_iter+0x826/0x12c0 [ 488.815833][T12285] ? aa_file_perm+0x4d6/0xfb0 [ 488.815858][T12285] seq_read+0x39e/0x4e0 [ 488.815875][T12285] ? __pfx_seq_read+0x10/0x10 [ 488.815890][T12285] ? __lock_acquire+0xb8a/0x1c90 [ 488.815920][T12285] ? get_pid_task+0xfc/0x250 [ 488.815948][T12285] full_proxy_read+0x13f/0x200 [ 488.815962][T12285] ? __pfx_full_proxy_read+0x10/0x10 [ 488.815977][T12285] vfs_read+0x1e1/0xc60 [ 488.816000][T12285] ? __pfx___mutex_lock+0x10/0x10 [ 488.816023][T12285] ? __pfx_vfs_read+0x10/0x10 [ 488.816047][T12285] ? __fget_files+0x20e/0x3c0 [ 488.816072][T12285] ksys_read+0x12a/0x250 [ 488.816091][T12285] ? __pfx_ksys_read+0x10/0x10 [ 488.816120][T12285] do_syscall_64+0xcd/0x490 [ 488.816155][T12285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 488.816179][T12285] RIP: 0033:0x7f953958e929 [ 488.816198][T12285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 488.816215][T12285] RSP: 002b:00007f953a322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 488.816229][T12285] RAX: ffffffffffffffda RBX: 00007f95397b5fa0 RCX: 00007f953958e929 [ 488.816239][T12285] RDX: 00000000000000fc RSI: 0000200000000800 RDI: 0000000000000003 [ 488.816248][T12285] RBP: 00007f953a322090 R08: 0000000000000000 R09: 0000000000000000 [ 488.816256][T12285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 488.816265][T12285] R13: 0000000000000000 R14: 00007f95397b5fa0 R15: 00007ffc7520c1a8 [ 488.816283][T12285] [ 492.157267][T12334] FAULT_INJECTION: forcing a failure. [ 492.157267][T12334] name failslab, interval 1, probability 0, space 0, times 0 [ 492.207431][T12332] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1623'. [ 492.270059][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.1.1622 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 492.270096][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 492.270110][T12334] Call Trace: [ 492.270119][T12334] [ 492.270129][T12334] dump_stack_lvl+0x16c/0x1f0 [ 492.270170][T12334] should_fail_ex+0x512/0x640 [ 492.270203][T12334] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 492.270239][T12334] should_failslab+0xc2/0x120 [ 492.270264][T12334] __kmalloc_cache_noprof+0x6a/0x3e0 [ 492.270297][T12334] ? gpiolib_seq_start+0x69/0x270 [ 492.270334][T12334] gpiolib_seq_start+0x69/0x270 [ 492.270367][T12334] seq_read_iter+0x2c1/0x12c0 [ 492.270416][T12334] seq_read+0x39e/0x4e0 [ 492.270445][T12334] ? __pfx_seq_read+0x10/0x10 [ 492.270472][T12334] ? __lock_acquire+0xb8a/0x1c90 [ 492.270512][T12334] ? get_pid_task+0xfc/0x250 [ 492.270563][T12334] full_proxy_read+0x13f/0x200 [ 492.270588][T12334] ? __pfx_full_proxy_read+0x10/0x10 [ 492.270615][T12334] vfs_read+0x1e1/0xc60 [ 492.270654][T12334] ? __pfx___mutex_lock+0x10/0x10 [ 492.270697][T12334] ? __pfx_vfs_read+0x10/0x10 [ 492.270741][T12334] ? __fget_files+0x20e/0x3c0 [ 492.270784][T12334] ksys_read+0x12a/0x250 [ 492.270816][T12334] ? __pfx_ksys_read+0x10/0x10 [ 492.270861][T12334] do_syscall_64+0xcd/0x490 [ 492.270899][T12334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.270923][T12334] RIP: 0033:0x7f953958e929 [ 492.270943][T12334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 492.270966][T12334] RSP: 002b:00007f953a322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 492.270989][T12334] RAX: ffffffffffffffda RBX: 00007f95397b5fa0 RCX: 00007f953958e929 [ 492.271007][T12334] RDX: 00000000000000fc RSI: 0000200000000800 RDI: 0000000000000003 [ 492.271023][T12334] RBP: 00007f953a322090 R08: 0000000000000000 R09: 0000000000000000 [ 492.271042][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 492.271058][T12334] R13: 0000000000000000 R14: 00007f95397b5fa0 R15: 00007ffc7520c1a8 [ 492.271094][T12334] [ 492.271226][T12334] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 492.491729][T12334] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 492.500140][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.1.1622 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) [ 492.512199][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 492.522339][T12334] RIP: 0010:gpiolib_seq_stop+0x4c/0xe0 [ 492.527815][T12334] Code: 48 c1 ea 03 80 3c 02 00 0f 85 98 00 00 00 48 8b 9b e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 60 8b [ 492.547427][T12334] RSP: 0018:ffffc9000b1c7ad8 EFLAGS: 00010247 [ 492.553496][T12334] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000400 [ 492.561475][T12334] RDX: 0000000000000000 RSI: ffffffff850fd29e RDI: 0000000000000004 [ 492.569450][T12334] RBP: 0000000000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 492.577422][T12334] R10: ffffffff8e792933 R11: fffffffffffe0e08 R12: 0000000000000000 [ 492.585392][T12334] R13: ffffffff8c195740 R14: 00000000000000fc R15: 0000000000000000 [ 492.593358][T12334] FS: 00007f953a3226c0(0000) GS:ffff888124761000(0000) knlGS:0000000000000000 [ 492.602286][T12334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 492.608866][T12334] CR2: 0000001b30004ff8 CR3: 0000000033d6a000 CR4: 00000000003526f0 [ 492.616836][T12334] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 492.624801][T12334] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 492.632862][T12334] Call Trace: [ 492.636140][T12334] [ 492.639081][T12334] seq_read_iter+0x60d/0x12c0 [ 492.643772][T12334] seq_read+0x39e/0x4e0 [ 492.647928][T12334] ? __pfx_seq_read+0x10/0x10 [ 492.652605][T12334] ? __lock_acquire+0xb8a/0x1c90 [ 492.657549][T12334] ? get_pid_task+0xfc/0x250 [ 492.662150][T12334] full_proxy_read+0x13f/0x200 [ 492.666911][T12334] ? __pfx_full_proxy_read+0x10/0x10 [ 492.672196][T12334] vfs_read+0x1e1/0xc60 [ 492.676360][T12334] ? __pfx___mutex_lock+0x10/0x10 [ 492.681393][T12334] ? __pfx_vfs_read+0x10/0x10 [ 492.686075][T12334] ? __fget_files+0x20e/0x3c0 [ 492.690759][T12334] ksys_read+0x12a/0x250 [ 492.695004][T12334] ? __pfx_ksys_read+0x10/0x10 [ 492.699774][T12334] do_syscall_64+0xcd/0x490 [ 492.704288][T12334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.710181][T12334] RIP: 0033:0x7f953958e929 [ 492.714591][T12334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 492.734200][T12334] RSP: 002b:00007f953a322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 492.742611][T12334] RAX: ffffffffffffffda RBX: 00007f95397b5fa0 RCX: 00007f953958e929 [ 492.750578][T12334] RDX: 00000000000000fc RSI: 0000200000000800 RDI: 0000000000000003 [ 492.758548][T12334] RBP: 00007f953a322090 R08: 0000000000000000 R09: 0000000000000000 [ 492.766529][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 492.774497][T12334] R13: 0000000000000000 R14: 00007f95397b5fa0 R15: 00007ffc7520c1a8 [ 492.782475][T12334] [ 492.785485][T12334] Modules linked in: [ 492.789991][T12334] ---[ end trace 0000000000000000 ]--- [ 492.814499][T12334] RIP: 0010:gpiolib_seq_stop+0x4c/0xe0 [ 492.852724][T12334] Code: 48 c1 ea 03 80 3c 02 00 0f 85 98 00 00 00 48 8b 9b e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 60 8b [ 492.961605][T12334] RSP: 0018:ffffc9000b1c7ad8 EFLAGS: 00010247 [ 492.967846][T12334] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000400 [ 492.975949][T12334] RDX: 0000000000000000 RSI: ffffffff850fd29e RDI: 0000000000000004 [ 492.984071][T12334] RBP: 0000000000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 492.992518][T12334] R10: ffffffff8e792933 R11: fffffffffffe0e08 R12: 0000000000000000 [ 493.000647][T12334] R13: ffffffff8c195740 R14: 00000000000000fc R15: 0000000000000000 [ 493.008859][T12334] FS: 00007f953a3226c0(0000) GS:ffff888124861000(0000) knlGS:0000000000000000 [ 493.017932][T12334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 493.024679][T12334] CR2: 00002000003e0000 CR3: 0000000033d6a000 CR4: 00000000003526f0 [ 493.032817][T12334] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 493.041157][T12334] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 493.049291][T12334] Kernel panic - not syncing: Fatal exception [ 493.055767][T12334] Kernel Offset: disabled [ 493.060114][T12334] Rebooting in 86400 seconds..