last executing test programs: 17.626615272s ago: executing program 1 (id=3044): unshare$auto(0x40000080) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip_vti0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r0, 0xffffffffffffffff, 0x8000, 0x2, 0xffffffffffffffff, @relative_id=0x13, 0x6}, 0xf) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x100000000000012, 0xffffffffffffffff, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000040)='{\x00', 0xfff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/video30/dev_debug\x00', 0x129102, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0xcbf824a5043c546c, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x40000, 0x0) pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) 14.283693466s ago: executing program 1 (id=3049): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/thread-self/net/stat/rt_cache\x00', 0x0, 0x0) ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(0xffffffffffffffff, 0xc038586c, &(0x7f0000000400)={r0, &(0x7f0000000280)="dfd5937609829b8427dc2d3bbf6dc4c5d44c3b43b7a9e320b217fa5349caec6210ca2ef0db6131b98161e6ac7df8f027bddb86af03e9af918f7d8a39a7f86d46bf833702b90c2d2bce065aad0d86f999c49a4f721dcc2f31e6c4925a73f58560c930af5728684a03b01d1472c068ea3bca809d6831a28aa61ef2d7c65aa99cc001f9989a164f843d03048b0b39cab4e0eb5d680850587e0502bf5ea764cbbbf19479613d1a74bf0abf", 0x10, &(0x7f0000000340)="732174bd73d8163d94328d7dd988106e0be8c754a7e85a3e27a5f5739ccfa486917a1e664d45539513ba6945b85855a12b7fba5ee2dc36e714cdc2b772f6d6fd511b04059f82b247eef4676c38c91cd37495d48c2689ae2eceabed64c0c4ce9fd88e06d082d678559e10432a8cc19f58ce5c5f02660b4bacec36b59f46a69ace6d9619a3085b8db08d4acac15af706f4196ffc1112d4e586f8f5077159b7", 0x9, &(0x7f0000000040)="4e1e94fc275dda1e3158b3d3831a2f998ee8c6334d99d87552dc0ec8342550", &(0x7f00000000c0)=0xbe54}) capset$auto(&(0x7f0000000440)={0x3, 0xffffffffffffffff}, &(0x7f0000000480)={0x4, 0xe, 0x7ff}) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r3, 0x4, 0x7ff) ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f00000004c0)={"a9492cbffff8feec2818cef5f931203e169a32f64e432943fd485aa57a0c5ed8", 0xa, 0x7, 0x9, 0x8, 0x400, 0x0}) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001540), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r5) r7 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f00000003c0)='./file0\x00', 0x9, 0x9) mount$auto(&(0x7f0000000000)='veth0_macvtap\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, 0x0) r8 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r8, 0x1, 0x70bd27, 0x25dfdbff, {}, [@OVS_METER_ATTR_ID={0x8, 0x1, 0xfffffffe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x83b5a3da03b67f5b}, 0x404c040) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r9) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, r10, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) sendmsg$auto_WG_CMD_GET_DEVICE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r6, 0x703, 0x70bd27, 0x25dfd9fc}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x4) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000600)={{@inferred=r2, 0x0, 0x8df6, 0x0, "0396188aaeeaf74991e8dbff7d0e75b7ba3aa07795717b37d46f444f9711c8801da0e7b5c373d01106f6c9f2", @inferred=r3}, 0xfffffff4, 0x72, 0x1, @inferred=r4, @integer64={0x7ff, 0x5, 0x4}, "b7a3ef1e2fed3ad7fd412b8bb9ec341dda4696e7e26a794b85525cf5e26b0859b188dc3106809b0931ee5ebfc61b8ca36137664800a42c13127b4e0f6371449d"}) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyuc\x00', 0x2000, 0x0) r11 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r12 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) sendmsg$auto_BATADV_CMD_SET_MESH(r12, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010026bd7000fbdbdf250f000000050038000200000008000300f9b1ad19c2fe", @ANYRESOCT=r11, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x2000c081}, 0x140080e4) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/250, 0xfa) 12.902906346s ago: executing program 1 (id=3053): r0 = socket(0xf, 0x3, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, r0, 0x100008000) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0xa480, 0x0) readv$auto(0x3, 0x0, 0x87) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0x2, 0x0) select$auto(0x1f46, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0x100, 0x1, 0x9, 0x6, 0x95f4da0a, 0xffffffffffffffff, 0x4, 0xfffffffffffffffa, 0x80000001, 0x7, 0x6d3f, 0x400000c971, 0x2, 0x500000000]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000800)='./file0\x00', 0x183242, 0x154) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8002) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, r4, 0xb01, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x305080, 0x0) madvise$auto(0x0, 0xfffffffffffefffe, 0x5) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x0) socket(0x2, 0x1, 0x84) 8.661252136s ago: executing program 2 (id=3062): openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/options/event-fork\x00', 0x141702, 0x0) socket(0x11, 0x3, 0x9) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x4, 0x2020009, 0x988, 0xeb1, r1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e20, 0x1}}, 0x10) unshare$auto(0x188c) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) shmget$auto(0x400, 0x200000000008, 0x568c12f2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000001980), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) socket(0xf, 0x2, 0x40008) timerfd_create$auto(0x9, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) write$auto_tty_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) ioctl$auto(0x3, 0x40085400, 0x5) pread64$auto(0xffffffffffffffff, &(0x7f0000000000)='/proc/scsi/sg/devices\x00', 0x100000004, 0x100) 7.368398755s ago: executing program 0 (id=3064): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffb, 0x8000) setsockopt$auto(r0, 0x10000000084, 0x0, 0x0, 0x10) r1 = socket(0x18, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x80047437, 0x0) 7.228272057s ago: executing program 1 (id=3065): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x3, 0x2, 0xe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = prctl$auto(0x1000000003b, 0x3, 0x4, 0xd990, 0x3) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/net/netfilter/nf_log\x00', 0x8e40, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000080)=""/248, 0xf8) rseq$auto(0x0, 0xc000, 0x803, 0x407) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_NETDEV_CMD_BIND_RX(r2, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="84000000", @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf250d00000008000100", @ANYRES32=0x0, @ANYBLOB="24000280080003000600000008000100050000000800030004000000080001000004000008000300", @ANYRES32=r1, @ANYBLOB="a7fca8e5e0dbcc07f9fee0c1058be283690a4e46296094eee80b8b17fc76d27ba8088def7210e0db8a672b5b2f53c403851d", @ANYRES32=r0, @ANYBLOB="08000300", @ANYRES32=r0, @ANYBLOB="2c0002800800030005000000080001000900000008000100050000000800010001000000080001"], 0x84}, 0x1, 0x0, 0x0, 0x4000}, 0x4001000) setsockopt$auto(r1, 0x6, 0x1e, 0x0, 0xa1) write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000140)="653a6575b42146076c4f11b1be3e769f2059", 0x12) r4 = pipe$auto(0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) fadvise64$auto(r5, 0x8, 0x400000000000006, 0x4) mmap$auto(0x0, 0x5810, 0xffb, 0x12, r4, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) socketpair$auto(0xfffffffd, 0x1, 0x8000000000000000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 7.048199115s ago: executing program 0 (id=3067): openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, 0x0, 0x8081, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0xeb) 6.40825515s ago: executing program 2 (id=3068): open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x1f7) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/250, 0xfa) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0xa000, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC(r1, 0x80044dff, &(0x7f0000000180)) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0) ioctl$auto(r2, 0x64cc, 0x1e2) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x2, 0x4, 0x61, 0x8071, 0xffffffffffffffff, 0x7) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) msync$auto(0x7, 0xc272, 0x8) 6.212586935s ago: executing program 3 (id=3069): r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) mmap$auto(0x3f00, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mremap$auto(0x4001, 0xb8, 0x5, 0x3, 0x2) pread64$auto(r0, 0x0, 0x7ff, 0x400) 5.744705698s ago: executing program 0 (id=3070): mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x5, 0x1b, 0x93c, 0x1ffdc, 0x7, 0x2000000000000006, 0x2, 0x7a, 0x5, 0x2, 0x8001, 0xae, 0x9, 0x922, 0x7, 0x5, 0x7, 0x3, 0xfffffffe, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1000004, 0x0, 0x6, 0x4, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xe999, 0x0, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x8, 0x8000000000000, 0xfffffffffffffffd, 0x8000000000000001, 0x0, 0x10, 0x0, 0x0, 0x4, 0xb, 0x0, 0xfffffffffffffffc]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/pids.max\x00', 0x281, 0x0) write$auto(r1, &(0x7f0000000000)='.&\x00', 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) r2 = accept$auto(0xffffffffffffffff, 0x0, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x3, 0x5) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, 0x0, 0x4000000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0080"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='J'], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0xfffffffe, &(0x7f00000002c0)={0x0, 0xc5}, 0x1, 0x0, 0x0, 0x9}, 0x107}, 0x3, 0x0) unshare$auto(0x1ff) mmap$auto(0x0, 0xc, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) unshare$auto(0x6168) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000003c0)='n\x18r`\xf1\xc3m\xbb/\xddfs4\x00', 0x200, &(0x7f00000001c0)) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL802154_CMD_SET_MAX_ASSOCIATIONS(r4, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x24, 0x0, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x1}, @NL802154_ATTR_PID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x88044}, 0x11) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x303002, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 5.661024667s ago: executing program 3 (id=3071): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x8102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x62001, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/pages_volatile\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) socketcall$auto(0x5, &(0x7f00000001c0)=0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) r4 = socket(0x10, 0x2, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r5, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYBLOB="0456ed"], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r5) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r4, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 5.519896271s ago: executing program 2 (id=3072): mmap$auto(0x4, 0x2020009, 0x7, 0x19, 0xffffffffffffffff, 0x80000000006) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) pread64$auto(0xffffffffffffffff, 0x0, 0x7fc, 0x400) r0 = socket(0x22, 0x1, 0x80000000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) unshare$auto(0x40000080) sendmmsg$auto(r0, 0x0, 0x3b87, 0xa) mmap$auto(0x200, 0x400004, 0xe4, 0x9b72, 0x2, 0x408) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket(0xa, 0x2, 0x88) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x800, 0x100) r2 = socket(0x11, 0x80003, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x29, 0x2, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="dd57743e2da4fde41aa7fe52f1246d1c94c0a8cd48474efd37f993a1e435e4c166b7ff6b0cc0e8f3ea7545ec0ba04bcb1d693ff0e0ea05ab2cf8008ea015205d748468527b5ad3c04ab7aeccd7230d0075c09dcc4c6a137ebdc5291e5940841b103391e7c74604bf979b39b4257c117d025069e9e05d606beec2d2fae044", @ANYBLOB="1200", @ANYBLOB="8c521b9668fa73c15df12ed9f2d70ce5c85e791375ef2fa7263d7b5f3e94516b6f7865ca055e1f6be8f3cba8a4e7e7637363"], 0x1ac}, 0x1, 0x0, 0x0, 0x4050}, 0x40000) recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x89a3, 0x24) setsockopt$auto(r2, 0x107, 0x11, 0x0, 0x8) setsockopt$auto(r1, 0x29, 0x10, 0x0, 0x1) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0xffffffffffffffff, 0x0, 0xffffffe6) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 5.324368067s ago: executing program 3 (id=3073): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xffffffff, 0xfffff7fffffffffd, 0x3, 0x5, 0x7181, 0x4, 0xc8bffe, 0x709, 0x100000000009, 0x6, 0x80003, 0xfffffffffffffffd, 0x1ffffffffffd, 0x8, 0x1006, 0x7, 0x9, 0x80, 0x7ffffffffffffffc, 0x0, 0xc, 0x2, 0x101, 0x4, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, 0x6, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfff]}, 0x1fe, 0x5) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r0) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x45, 0x0) msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x7fffffff, 0x9, 0x8, 0xffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @raw=0x9}) (async) msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x7fffffff, 0x9, 0x8, 0xffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @raw=0x9}) setresgid$auto(0xffffffffffffffff, 0xffffffffffffffff, r1) fsopen$auto(0x0, 0x1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/compact_memory\x00', 0x80801, 0x0) (async) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/compact_memory\x00', 0x80801, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/softnet_stat\x00', 0x40102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x20000}, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x0) dup$auto(r2) (async) dup$auto(r2) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x3, r2, 0x5, r2}, 0x10) (async) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x3, r2, 0x5, r2}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@prog_fd, @target_ifindex, 0x3, 0x40081, @uprobe_multi={0x81, 0x1ff, 0x8, 0x0, 0x1, 0x4}}, 0x81) 4.744916507s ago: executing program 1 (id=3074): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x1a, 0x5, 0xfffffffd) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r1, 0x0, 0x67) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x90, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_DEL_PMK(r3, 0x0, 0x8000) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x560e, 0x7) 2.172837459s ago: executing program 0 (id=3075): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, &(0x7f0000000000)={0x43, 0x7, 0x9, 0xabe, 0x4, 0xc, "0924ca419dc4d8e4e1226f5fb4d8c264fe2de51f1c10b355c2333c335b0c767b2f4fcc6608d94bdba4a45745e84fbc35d2758e98981cb0abe163c77fa96bb62a"}) r1 = socket(0x11, 0xa, 0x300) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r1) mq_notify$auto(0xffffffffffffffff, &(0x7f00000002c0)={@sival_int=0x221a, @inferred, 0x0, @_sigev_thread={0x0, 0x0}}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001200)={&(0x7f0000001280)=ANY=[@ANYBLOB="78110000", @ANYRES16=r2, @ANYBLOB="00042bbd7000fbdbdf250400000004101600eea22d816d8cd2c1f11ec12ebba5c4c0d67a76e2becd095cd24cf429dc8006f3db76c59b880c731560959c07e072b708bd75196652799fe815f896f0bbcc1aff85e1995d4628a75563976ffa756c3129b197f1f0b83540f11a6bd2593eb9fffbbbfd49608598339277a717130ea624c401b24999dad2993647ae33146548b38252ecf9f60d18b85bbb0af3051250dd5caa744a1e21201ed1dccfccd4fd953401e41eb3322938dfb3c585c9fafa53ed1a75c5b77694a8876b873082820e77b70d0d54595c848cec2ec49fcb20917c98c7fffe5fb834dfe37042f061b2f676b9292e7126dc9d328cb4563b89de0aa2d29aaaa7d7e3a352ebcb0eeab6d1c45aff90564a88509a5efa768ca31a9e6975de7974957fa34f436cba72e285a2a18540db1fbd027a40acbe6104a787f20ecdcfdec00ec49528abf74b3eb8124547115864028501ab6e5801933dd0f866345293ccde67d280cb98a49ccdce74748bc19d5b686cc2b8792f83dff22287078cd8a879bed4ac21f3e5a67bfe988dc2d65d051bfb440979275debe1bb266561a8efc8827de8ebdac4e8ff5ccea75213645feb7319bf06eb1f19756e6621d013b5e28d91f1bb61fc52e626113ad6ca51958b1fcf44f91ec96f63e468bd8dd9e6fa7c69e19fe52af634497d3d4513f48418887fa06260626509e7de98950e7852998aea6ae94986bf79b9250d5c45547f9e74791e0a01a8100e6f4ea5fe8157eeffb6e9676b9ab2c0d89f49147b00b7a9650880f884201c4b7abdd02d93401f28340fafc1eb8d20600cfc79a18230898b2bbad7870f62dc1b1e42892a28a8ff8463d79f497499c710cdca2eb0c7b4a0014962c0816f0be8400d9e5a96ba8ffd2f19508274d6df4e8086828c552be64b648792cc83f0836f342d66fa06119a9f6d358d66c39114ab5bf2c64501d95116202ec3ee4d63164632036b3e63f33da2c87f96889d0a0bafbf21600b8fd9397a0eccb4de498f3b1be79586799eb852e9d8f8ba5021818e92f99b09992b17f0a23f2eadffbbcd98dc380feca53848381906d5f5e42a14ac7e848628b9bb6861e376e8ce8bcf889c7cb0f8596cea93253f4fd28c8eefe3c1783cb995dad5d581046566b6c4f6bbc5f6374dc5ce0eb346214826fed080f7e3d8502b5e2d121ef5f3159eed38de33116abe9298b1cfdc0b0e942efe54812fe6467f6e0a0e9715df79c3df6367f594fdea626fc840bb54e1520a7627dc3516eeaf37837a58cd7840329eb55a2ba231d9598f2d45e491fdb3d95a3157718c92b41897e025b239bf23e0e77f8df2684892c019b3f35983d2d2b74b73c18fcdb5369711cba8070c3267b12d891df2f109ccc429efa43ffdb2614007e7742d9c1d3b5c0ecd3b0177364514bf36fed64c668b07ba5687ea54527c524a2ff7307da4b973a0200f4873e09b4b7d66c169fee91b989e9efc9620dc38749858755f7d8aea99ce961f6aa6c05d76d5dbf25cd3e8028ae8a09dfe9863af67fee2cf9763dbe5bc2a81ca021321a7cb39d1a59f32e05949e13809f6c22096488ca089572127b9d1e477b7a60d15318aad08a81c5e83d7f755efbcaf0d186dce7879c8cad38f47bdc301b8dcbbbc0c8ab813f7206055323a29f553a7ec0e986866ae641b162f5139658ca6e766c1873f041508de80ef6ed037da694fdbe1bfa844bf1ed7660210a38ee3e2a4203873d300ae3442ffd99d77a4b0253fc29b3097ca7d0b91c8d0584d4aab7bfa6be4fdc5c89ab4f81d1f8d708a75c7421212d6b3494d9cc1676111e6f9809c89c4a6689d800e1e459494eaec770b5e723cb08263cb13ef5e730999dab9feaa8b70595747414c36beefb9a5d12e5410bd22f8a9366f902c13de617bfc26f13ac9158905ef96ace28b65fcb71dcb1726034b4b3aaea02fb6d0b4df5fded009f2c55f24030c305a2b58e0bea469ca3de3a2393255815d3997970020fc14b1eaca92858f1cd3342f3dbf8599867e0b88d0c69001dd54b0b7e37717442e8365872366c5e101ae0753e6424f28990fccfe3d76c372cf1b6d036a8a0d6736ed3e42e90064bb5b8288a727136c64ed721256249df9018b7d49288b6a59ee89d5fb1e08f2b702cecf4c25a9adc3a12ae87a90900cf71ebe58f71f0b418ad2382450af27010236f3be32d73f0509fa212b9aedda205c965db411429eecfaca2bfcb720136aa5a461b0ece906e16840cec2c95e3ea83dd1995f2fb67ad2db2b16b49e6a5587f4680d696d6d67787969693552aedb8f1b92dc501f8ddc5f2f1f70583eda5f99e4e697b8156198b5bad078fe7dcca012a297989b65a5b9a9e2cb577200e9a78a6397a92b5c4f956a8003aae4b54ee863f535f61bb604c6a19b6b56b000d68be3e837cc162656561658718e0fbc6f7ee6865c298d4e90ab086a09f97d8784a44a8cf5fd7c241620c80de55f8bddfaf2f618d289d4fc5072fba3b322b074ca32df59058c43914148ecc08b28b2cb4fc6f4004f6a357db041bfdd15db8f742177f6ce7e5dc36dfffe8c31f9a270ffb9fe03e3c2de377d50afa608199db00f7c91fb58cf695d6346849dc69742d0acdc5fd606d53b2c2ef87aceb2c18e186e4558a98c3b9761f9e4ae98f2689ba02966ad679aca1b56b6092ecfd98b5063b6ef379f35842f5d5e3ed270f31a0be7649c4d9c4a674962cc04c00cbf53aa31fd2758106cfadfd9e89b63a962879d86c710a7ca820ccd18bc886374ccfcffd1d6ef18feecfb258dc8988f2c9d538921c726d9d62f23e66d45dd270bf5b8505e19af35dd0a896959e779e88cc60e73c4bb6a26de7ce2765ab6bbae20e90afa1076a78c788535a5bd033a10f89429322d384491c2e1375a3dfb74b86030ee0f8e3aeeb58cd501fd728963f390e87725a78eb1983b699d99cac6d78a0cf367e7e0b2e8ba63be3f4466dfa4641b0af58caf06331a8bfde34db385eeb0dd8b4f6d3deeb5cf16d9d5a48851d7a63e70dca908a9fe5150c74b948e810425396a2a8dec4f5168af9e8d884e2ef60f38c9fbb7ea50901093359239419ffc2acc3b1e16c3077807f241ac18364bd2e6284c8d1674903bcf95e105590f8f636e3fd4793b3cf01d989b328f763a852301dddd3631527fb17e3490c94b451aa4f7bf4c0dabc7fc27c0bebcc6dbfbcfde92e1db6db6cd2ab9c1d775a325cefea123ca571d8174ae63f48a75260ed2aa4b262e2493efaf5f5e0a82ad7c515bc1cadbab63eada3203c32779faae4d8093518b11d1befeccfeb8d53be9ff8e4b02346b5e99e2f5ac2c33fb2430661abee1e6a098f253f2c4dba4ded236471341b751a008cf2ca5007a391373908927def4ceda7169b401388cb5a9cf66440a2139929783534b6c1d2a20f520ce240e018e7f9056330d9a8da64e544b717cc5069fdd9c185267abc667e28c68639ff09c872399f1647defc39f674e0dc87cd8462fc6a198e9daa684b9e8e55cd1786752f33efb60a86f1965a29d8532664ee62d44b4f3da682d99e842b750b4b8c026a983ed15ebd957f50f644ac30a250629a8008fea5235859fb4f482c92ed2557c0e6a624a8652f4a44985552d7796433fca5b0dc0f32a2465c59f775df77dd30919f351f779feed0ca259dd9a569ce01b935ebb5d81c9211d187b3396dfc5525876c5eac1326d0da6b01653117807a6c1d0798f0789a2ed63686b681c6408db04167bc74a3532015ade440bfcf4abeac72253ad2f0b6078423c2641417fd164b693852d237ffb78f3facfc25b5ebd68efd5d9188c84be1aee4c7560b2128ab6e3a4ab04f8a70dde16b2f9816d894cb053768a38012540d1bbdd786f7d27e36c052a1ed604117492e34f830b38aca76507e8571878668a365c69b60b4d23c0ef9d142354ecbdd61f18ea79524b8647f101c6a5aeba510af01bfd876c3d04b63d3d747ae6b736df4bfa2ff0c418ab332c640c71d8a11eff8e3094661df160060d7ec4ee5ceb9d295c76e4761eabedc0c81824beeb104386aab509c9199b571d78dbea71f09c38ee80ef48d23d0b0b82eb215717e9b51850ef8154130bdd879e15796c1c9fbd2c1d919cc3c776eacae05936c6e15773ae1f0c345da26c85f6a2f96b5a74debf00c95e4541f4fb7d2a7e60afb8c8f18bbd62f0241f2dcae78cc4d726d0bc7ab07ed8b0dec9f15433e8599ef89af64b0cc7d4b3de91eb0df5fe12748e484565a96ad942094793223fe46bed8e3ebdb65a585ce0b00d70782b07d1b6679568e86fab7325c302b70a57bfa085f63cf2c06c3e2482e67fcc05bbae26378e89ea3f9f1ecef9b4bb64d67905818f846c3b1c7ea11186d0b318d521ea249b7e574a6c384a8e18f3d332ec5058afed3ac279e23754cbc244b99cc7d264ade7729c12d3d6ea9b7cba19538d24c15d4620db7a5c43d1be8e35e4cb9b6bde61fff98bb9626f070df43806aa418274cadee0d47adc92e85082573c3a246d689dea732a17d8d0719b2caf8d3b3cc321d6be8dc915d15f8822e777c0748bdb427dd7d675a38923f9ca08a03b723f43ee3286a7a060c403536b3b194a320db93bc35eb4736240803fc92f91239ce701a0e8da97e2f5747009e31c7e3089d4a210482281136be03655d04fda7fd0ccd6e870c18c40aef46c2dc5627239636a1de275832aa140eb687a1c3b34e0003a8e075e79ae18c1eb64dff089d72c2ae1fe5d7287baa242402df234f5d553be5182c94f2b84d670c3d3c380ea81aadf7f0f11484c025e17659f0e74e3acbd0be74e1956afad174acc25e1dab67941859092dafe9abb9bc23193221db8be25a8e4479f0ac50c6b635b806e963e889f249ba2898148a2cf316579bc44c767cd5ae6122e31b60f3116281b561c503678a7d693e09ab2a9febab20a4e09122f49fd80975e2d9e2eee5e58a273e84b5db4464fc6e204abf2c3401df021e508ffe0c11dd79a95fa2495cad5efa04cfd8c349021dea49954340cc0b5753a68285d732c06ff2171f8da4a05f79e9845f56f084ab7589bc0979248ba5f7344dea42b638e965376806e1e21ed4db33d2dfbcc20edf538a17cedc1f37d6b563d22fad16a4f69c6694b00c577599d988ad2e40345cbe959547fb7c1ecbee06e46e943ed39b5363eaf963e88f41e83a4c3915a6379c3c6957451e4389757e9ebf4da8f71dd18ff96146a8307f6b740d3a4a9ed6bd7fbcace6b3a881d57d89ca50f878a11bb8b74f45176bc0b1cb169b9457f898003952d4bbf15a3522105ec12b6d2d66a8906cb97f127ba8e235bfd84c8dd3ef6fbe5685ef85e2729e850ce60af68205107f6c8c490c0e5806c9fd30640a33c453a052e85758409253c6d9a478acdfb8bc8705343b562261e4add203d9821e0e9d1fe07487cf9486e7ed328f068a0e631e1478da68b216837f20cbeb2df80f7ee5e7147d117d534e180626e8c7c6cbe1f6907ee96217b13cfb767ed753959a02a5a3ff27a0e8ccc1431588ff269daad64d311a2d2c9160bf76fe12b0e34a85b7d50a4d218b433c1e0c9e087fdc1ffc53a63b451cef4eefffdfa83bbc9db7db1bc9bbf165c089b24264a36e53207997e402a287d931e97be5f8d1aab5f25fa0834f03a9b863c9d791a228251782d282b478beae446a26fc2bb9ced2aceed6c4c18ef1a98a6968ce2565055ee20a1819c639fdf2c0768bd6a928d43d13cf7edf0bf76a3985245d963b4b2d2198f4a070b0a9f20175cb62b933a3b6489f163db0373329e0434dd670b25d8fde86f47aa5129e6529666761b2736cdd7769cd8b3fe9a77310d70aa36142c7710fcdf98e8080017000800000012001800d87af9f3af8be5922f76b01f906c000030011a8008000100030000008c0004800c0001800800060044000000300001800400030004000200080006000800000004000a000400020004000200050008000400000008000600120200003000018004000300040001000800050003000000050008000d00000008000600f8ffffff0400090008000600040000001c0001800400020004000100080006000900000008000500f10a000004000300040002008800048010000180050007000000000004000a002800018004000400080005000200000005000700090000000400020004000a0004000400040002002c00018004000a00040003000400020008000500894cffff040002000400020004000a00050007006f00000014000180040009000800050004000000040002000c00018004000a0004000100080001000400000014001a800800010001000000040003000400030053e5da61458edecddaf53bb7e9faab729ac13901b7df4738606837ac02017b6df8e620f11f9ae832daa9"], 0x1178}, 0x1, 0x0, 0x0, 0x40}, 0x4004055) r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) mq_timedsend$auto(r4, 0x0, 0x6, 0xc91, &(0x7f00000000c0)={0x6, 0x7}) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HWSYNC(r3, 0x4122, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2000, 0x0) 1.699063518s ago: executing program 3 (id=3076): mmap$auto(0x0, 0x1, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mlockall$auto(0x7) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/usbip-vudc.0/udc/usbip-vudc.0/current_speed\x00', 0x181040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)=""/206, 0xce) mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0x2, 0x8000) mlock$auto(0x1000, 0x6) mlockall$auto(0x800000000000005) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000100)={0x3fd, 0x0, [{0xffffffff, 0xffff5a9a, 0x7fffffff, 0x0, 0xf, 0x8, 0x6000}, {0x4, 0x1, 0x9, 0x8, 0x10000, 0x5, 0x2}]}) mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_options\x00', 0x80201, 0x0) write$auto(r2, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) prctl$auto(0x34, 0x0, 0x0, 0x0, 0x0) r3 = socket(0xa, 0x5, 0x84) bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x6, 0x4, 0xffffffffffffffff, @relative_fd=r3, 0xd}, 0xa2) sendto$auto(r3, 0x0, 0x3, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) prctl$auto_PR_SET_MM_BRK(0x9, 0x7, 0x0, 0x80000001, 0x2) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r1) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x200001, 0x0) r4 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x0, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x7, 0x5, 0x2, 0xffffffffffffffff, 0xf, 0xfff, 0xbf41055, 0xfffffffffffffffe, 0x3, 0x9, 0x6, 0x0, 0xffffffffffffffff, 0x80000000]}, 0x0, 0x0) ioctl$auto_CEC_S_MODE(r4, 0x40046109, &(0x7f0000002c40)=0xd0) 1.674562648s ago: executing program 0 (id=3077): openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/options/event-fork\x00', 0x141702, 0x0) socket(0x11, 0x3, 0x9) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) mmap$auto(0x4, 0x2020009, 0x988, 0xeb1, r1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e20, 0x1}}, 0x10) unshare$auto(0x188c) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) shmget$auto(0x400, 0x200000000008, 0x568c12f2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000001980), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8000) socket(0xf, 0x2, 0x40008) timerfd_create$auto(0x9, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) write$auto_tty_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) ioctl$auto(0x3, 0x40085400, 0x5) pread64$auto(0xffffffffffffffff, &(0x7f0000000000)='/proc/scsi/sg/devices\x00', 0x100000004, 0x100) 1.301320663s ago: executing program 2 (id=3078): openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000d00), 0x48900, 0x0) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x8, 0x3, 0x0, 0x2000000000000002, 0x4b4, 0x8, 0x80000000000103, 0xa, 0x4, 0x10000040, 0x5, 0x4006]}, 0x0, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x98) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x40000, 0x0) mmap$auto(0x0, 0xc, 0x0, 0x44eb2, 0x10006, 0x300000000000) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x8) ioctl$auto_EVIOCREVOKE(r0, 0x40044591, 0x0) pwrite64$auto(0x2, 0x0, 0x0, 0x5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ifb0/flags\x00', 0xb02, 0x0) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000000), 0x8802, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000080)={0x1, 0x7, 0x9, 0x4, 0x1}) socket$nl_generic(0x10, 0x3, 0x10) fanotify_mark$auto(0xffffffffffffffff, 0x0, 0x8, 0xffffffffffffffff, 0x0) socket(0x1d, 0x2, 0x6) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x440, 0x0) ioctl$auto(0x3, 0x80246f4d, 0x38) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000000), 0x8802, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000080)={0x1, 0x7, 0x9, 0x4, 0x1}) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x4c8800, 0x0) ioctl$auto_PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140)=0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xc18, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x5, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) 1.013510135s ago: executing program 3 (id=3079): r0 = socket(0x2, 0x2, 0x0) r1 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) read$auto_virtual_ncidev_fops_virtual_ncidev(r1, &(0x7f0000000040)=""/98, 0x62) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, 0x0, 0x54) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(r0, 0x0, 0x4) pwrite64$auto(0xc8, 0x0, 0x10, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x33, 0x0, 0x20056b) fallocate$auto(r0, 0x9, 0x0, 0x40) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x7f, 0x2, &(0x7f00000000c0)=0x9) munmap$auto(0x0, 0x180) 286.438011ms ago: executing program 2 (id=3080): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x8102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x62001, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) read$auto(0xffffffffffffffff, 0x0, 0x20) socketcall$auto(0x5, &(0x7f00000001c0)=0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) r3 = socket(0x10, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r4, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYBLOB="0456ed"], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r4) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r3, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 254.61819ms ago: executing program 1 (id=3081): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) fcntl$auto(r0, 0x400, 0x1) fcntl$auto(0x3, 0x8, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) open$dir(&(0x7f0000000000)='./file0\x00', 0x100, 0x1) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) 226.849225ms ago: executing program 0 (id=3082): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd10/queue/nr_requests\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200004000001, 0x384, 0xfffffffffffffffa, 0x0, 0x0, 0x30, 0x0, 0x864, 0xb, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x7fff, 0x0, 0x0, [0x0, 0x100000000, 0x0, 0x0, 0x2]}, 0xb, 0xd) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x9541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd08, &(0x7f00000001c0)) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d06, 0xe3, 0x100000007f}]}) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40, 0x0) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r5, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r6, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4) (async) sendmsg$auto_SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000040) (async) pselect6$auto(0x5, &(0x7f0000000400)={[0x8, 0x5, 0x0, 0x5, 0x8001, 0x6, 0xac, 0x2000009, 0x3, 0xffffffff, 0x7fffffffffffffff, 0x0, 0x1000, 0x2, 0x8, 0x3ff]}, 0x0, 0x0, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) landlock_create_ruleset$auto(&(0x7f0000000000)={0x2, 0x400, 0x7}, 0x9, 0x7ff) (async) landlock_restrict_self$auto(r7, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=&(0x7f0000000080)=',{\x00', &(0x7f0000000140)=&(0x7f0000000100)='}.\x00') (async) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) 43.003927ms ago: executing program 3 (id=3083): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = set_tid_address$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000180)='/:$]\x00', 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x7ffd, 0x12) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) socket(0xf, 0x3, 0x2) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r2 = socket(0x10, 0x2, 0x6) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) socket(0xf, 0x3, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) unshare$auto(0x20000080) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) io_uring_setup$auto(0x4c2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) 0s ago: executing program 2 (id=3084): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip_vti0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r1, r0, 0x8000, 0x2, 0xffffffffffffffff, @relative_id=0x13, 0x6}, 0xf) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x100000000000012, r0, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000040)='{\x00', 0xfff) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r4, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/video30/dev_debug\x00', 0x129102, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0xcbf824a5043c546c, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x40000, 0x0) pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) kernel console output (not intermixed with test programs): 1248.626058][T20055] RAX: ffffffffffffffda RBX: 00007fc58e3b5fa0 RCX: 00007fc58e18e929 [ 1248.626076][T20055] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 1248.626092][T20055] RBP: 00007fc58f0e4090 R08: 0000000000000000 R09: 0000000000000000 [ 1248.626108][T20055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1248.626125][T20055] R13: 0000000000000000 R14: 00007fc58e3b5fa0 R15: 00007ffcbfeca808 [ 1248.626160][T20055] [ 1248.626369][T20055] blk-mq: reduced tag depth (128 -> 64) [ 1250.294735][T20076] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2736'. [ 1250.572638][T20081] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2738'. [ 1250.602359][T20081] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2738'. [ 1254.513444][T20112] FAULT_INJECTION: forcing a failure. [ 1254.513444][T20112] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.690982][T20112] CPU: 1 UID: 0 PID: 20112 Comm: syz.3.2744 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1254.691031][T20112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1254.691051][T20112] Call Trace: [ 1254.691063][T20112] [ 1254.691075][T20112] dump_stack_lvl+0x16c/0x1f0 [ 1254.691145][T20112] should_fail_ex+0x512/0x640 [ 1254.691194][T20112] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1254.691247][T20112] should_failslab+0xc2/0x120 [ 1254.691278][T20112] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1254.691330][T20112] ? ksys_unshare+0x45b/0xa40 [ 1254.691371][T20112] ? __x64_sys_unshare+0x31/0x40 [ 1254.691412][T20112] ? sock_alloc_inode+0x25/0x1c0 [ 1254.691450][T20112] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1254.691480][T20112] sock_alloc_inode+0x25/0x1c0 [ 1254.691510][T20112] alloc_inode+0x61/0x240 [ 1254.691544][T20112] sock_alloc+0x40/0x280 [ 1254.691574][T20112] sock_create_lite+0x82/0x120 [ 1254.691607][T20112] __netlink_kernel_create+0xbd/0x750 [ 1254.691643][T20112] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1254.691673][T20112] ? find_held_lock+0x2b/0x80 [ 1254.691707][T20112] ? audit_net_init+0x190/0x440 [ 1254.691752][T20112] audit_net_init+0x1ae/0x440 [ 1254.691789][T20112] ? __pfx_audit_net_init+0x10/0x10 [ 1254.691826][T20112] ? __pfx_audit_receive+0x10/0x10 [ 1254.691864][T20112] ? __pfx_audit_multicast_bind+0x10/0x10 [ 1254.691905][T20112] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 1254.691947][T20112] ? __kmalloc_noprof+0x242/0x510 [ 1254.692002][T20112] ? __pfx_audit_net_init+0x10/0x10 [ 1254.692039][T20112] ops_init+0x1df/0x5f0 [ 1254.692100][T20112] setup_net+0x1ff/0x510 [ 1254.692144][T20112] ? lockdep_init_map_type+0x5c/0x280 [ 1254.692189][T20112] ? __pfx_setup_net+0x10/0x10 [ 1254.692241][T20112] ? debug_mutex_init+0x37/0x70 [ 1254.692278][T20112] copy_net_ns+0x2a6/0x5f0 [ 1254.692315][T20112] create_new_namespaces+0x3ea/0xa90 [ 1254.692361][T20112] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1254.692402][T20112] ksys_unshare+0x45b/0xa40 [ 1254.692444][T20112] ? __pfx_ksys_unshare+0x10/0x10 [ 1254.692488][T20112] ? xfd_validate_state+0x61/0x180 [ 1254.692543][T20112] __x64_sys_unshare+0x31/0x40 [ 1254.692584][T20112] do_syscall_64+0xcd/0x490 [ 1254.692635][T20112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1254.692666][T20112] RIP: 0033:0x7f965098e929 [ 1254.692693][T20112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1254.692722][T20112] RSP: 002b:00007f96517a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1254.692753][T20112] RAX: ffffffffffffffda RBX: 00007f9650bb5fa0 RCX: 00007f965098e929 [ 1254.692775][T20112] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1254.692794][T20112] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1254.692814][T20112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1254.692833][T20112] R13: 0000000000000000 R14: 00007f9650bb5fa0 R15: 00007fff4968e168 [ 1254.692873][T20112] [ 1254.996198][ C1] vkms_vblank_simulate: vblank timer overrun [ 1255.034573][T20115] FAULT_INJECTION: forcing a failure. [ 1255.034573][T20115] name failslab, interval 1, probability 0, space 0, times 0 [ 1255.048332][T20115] CPU: 0 UID: 0 PID: 20115 Comm: syz.0.2745 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1255.048376][T20115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1255.048394][T20115] Call Trace: [ 1255.048405][T20115] [ 1255.048417][T20115] dump_stack_lvl+0x16c/0x1f0 [ 1255.048465][T20115] should_fail_ex+0x512/0x640 [ 1255.048505][T20115] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1255.048554][T20115] should_failslab+0xc2/0x120 [ 1255.048582][T20115] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1255.048627][T20115] ? __alloc_skb+0x2b2/0x380 [ 1255.048682][T20115] __alloc_skb+0x2b2/0x380 [ 1255.048723][T20115] ? __pfx___alloc_skb+0x10/0x10 [ 1255.048770][T20115] ? __lock_acquire+0xb8a/0x1c90 [ 1255.048816][T20115] netlink_alloc_large_skb+0x69/0x130 [ 1255.048850][T20115] netlink_sendmsg+0x6a1/0xdd0 [ 1255.048887][T20115] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1255.048934][T20115] ____sys_sendmsg+0xa98/0xc70 [ 1255.048968][T20115] ? copy_msghdr_from_user+0x10a/0x160 [ 1255.049011][T20115] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1255.049051][T20115] ? kfree+0x24f/0x4d0 [ 1255.049094][T20115] ? __pfx__kstrtoull+0x10/0x10 [ 1255.049141][T20115] ___sys_sendmsg+0x134/0x1d0 [ 1255.049188][T20115] ? __pfx____sys_sendmsg+0x10/0x10 [ 1255.049269][T20115] ? __pfx___might_resched+0x10/0x10 [ 1255.049311][T20115] __sys_sendmmsg+0x200/0x420 [ 1255.049358][T20115] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1255.049414][T20115] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1255.049477][T20115] ? fput+0x70/0xf0 [ 1255.049506][T20115] ? ksys_write+0x1ac/0x250 [ 1255.049547][T20115] ? __pfx_ksys_write+0x10/0x10 [ 1255.049595][T20115] __x64_sys_sendmmsg+0x9c/0x100 [ 1255.049638][T20115] ? lockdep_hardirqs_on+0x7c/0x110 [ 1255.049679][T20115] do_syscall_64+0xcd/0x490 [ 1255.049726][T20115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1255.049763][T20115] RIP: 0033:0x7f962c78e929 [ 1255.049788][T20115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1255.049817][T20115] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1255.049846][T20115] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1255.049866][T20115] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1255.049886][T20115] RBP: 00007f962d675090 R08: 0000000000000000 R09: 0000000000000000 [ 1255.049904][T20115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1255.049923][T20115] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1255.049962][T20115] [ 1255.327014][T20112] audit: cannot initialize netlink socket in namespace [ 1257.536485][T20128] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2749'. [ 1258.473025][T20139] FAULT_INJECTION: forcing a failure. [ 1258.473025][T20139] name failslab, interval 1, probability 0, space 0, times 0 [ 1258.533407][T20139] CPU: 1 UID: 0 PID: 20139 Comm: syz.0.2753 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1258.533437][T20139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1258.533448][T20139] Call Trace: [ 1258.533455][T20139] [ 1258.533462][T20139] dump_stack_lvl+0x16c/0x1f0 [ 1258.533494][T20139] should_fail_ex+0x512/0x640 [ 1258.533520][T20139] ? __kmalloc_noprof+0xbf/0x510 [ 1258.533549][T20139] ? iter_file_splice_write+0x1cc/0x1150 [ 1258.533574][T20139] should_failslab+0xc2/0x120 [ 1258.533592][T20139] __kmalloc_noprof+0xd2/0x510 [ 1258.533624][T20139] iter_file_splice_write+0x1cc/0x1150 [ 1258.533653][T20139] ? kfree+0x2b4/0x4d0 [ 1258.533675][T20139] ? copy_splice_read+0x897/0xba0 [ 1258.533703][T20139] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1258.533729][T20139] ? __lock_acquire+0xb8a/0x1c90 [ 1258.533761][T20139] ? __pfx_copy_splice_read+0x10/0x10 [ 1258.533817][T20139] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1258.533857][T20139] direct_splice_actor+0x192/0x6c0 [ 1258.533900][T20139] splice_direct_to_actor+0x342/0xa30 [ 1258.533926][T20139] ? __pfx_direct_splice_actor+0x10/0x10 [ 1258.533955][T20139] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1258.533978][T20139] ? get_pid_task+0xfc/0x250 [ 1258.534009][T20139] do_splice_direct+0x174/0x240 [ 1258.534040][T20139] ? __pfx_do_splice_direct+0x10/0x10 [ 1258.534064][T20139] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1258.534091][T20139] ? rw_verify_area+0xcf/0x680 [ 1258.534120][T20139] do_sendfile+0xb06/0xe50 [ 1258.534149][T20139] ? __pfx_do_sendfile+0x10/0x10 [ 1258.534174][T20139] ? __fget_files+0x20e/0x3c0 [ 1258.534205][T20139] __x64_sys_sendfile64+0x1d8/0x220 [ 1258.534223][T20139] ? ksys_write+0x1ac/0x250 [ 1258.534248][T20139] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1258.534273][T20139] do_syscall_64+0xcd/0x490 [ 1258.534302][T20139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1258.534321][T20139] RIP: 0033:0x7f962c78e929 [ 1258.534337][T20139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1258.534356][T20139] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1258.534375][T20139] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1258.534387][T20139] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 1258.534398][T20139] RBP: 00007f962d675090 R08: 0000000000000000 R09: 0000000000000000 [ 1258.534409][T20139] R10: 0000000000000048 R11: 0000000000000246 R12: 0000000000000001 [ 1258.534420][T20139] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1258.534447][T20139] [ 1258.799470][ C1] vkms_vblank_simulate: vblank timer overrun [ 1259.575868][T20146] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2754'. [ 1260.530838][T20159] FAULT_INJECTION: forcing a failure. [ 1260.530838][T20159] name failslab, interval 1, probability 0, space 0, times 0 [ 1260.547763][T20159] CPU: 1 UID: 0 PID: 20159 Comm: syz.2.2756 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1260.547811][T20159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1260.547830][T20159] Call Trace: [ 1260.547851][T20159] [ 1260.547864][T20159] dump_stack_lvl+0x16c/0x1f0 [ 1260.547913][T20159] should_fail_ex+0x512/0x640 [ 1260.547953][T20159] ? __kmalloc_noprof+0xbf/0x510 [ 1260.547999][T20159] ? ops_init+0x77/0x5f0 [ 1260.548042][T20159] should_failslab+0xc2/0x120 [ 1260.548071][T20159] __kmalloc_noprof+0xd2/0x510 [ 1260.548122][T20159] ops_init+0x77/0x5f0 [ 1260.548175][T20159] setup_net+0x1ff/0x510 [ 1260.548218][T20159] ? lockdep_init_map_type+0x5c/0x280 [ 1260.548264][T20159] ? __pfx_setup_net+0x10/0x10 [ 1260.548312][T20159] ? debug_mutex_init+0x37/0x70 [ 1260.548351][T20159] copy_net_ns+0x2a6/0x5f0 [ 1260.548386][T20159] create_new_namespaces+0x3ea/0xa90 [ 1260.548433][T20159] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1260.548472][T20159] ksys_unshare+0x45b/0xa40 [ 1260.548516][T20159] ? __pfx_ksys_unshare+0x10/0x10 [ 1260.548565][T20159] ? xfd_validate_state+0x61/0x180 [ 1260.548619][T20159] __x64_sys_unshare+0x31/0x40 [ 1260.548662][T20159] do_syscall_64+0xcd/0x490 [ 1260.548710][T20159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1260.548741][T20159] RIP: 0033:0x7fc58e18e929 [ 1260.548766][T20159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1260.548796][T20159] RSP: 002b:00007fc58f0e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1260.548828][T20159] RAX: ffffffffffffffda RBX: 00007fc58e3b5fa0 RCX: 00007fc58e18e929 [ 1260.548856][T20159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1260.548875][T20159] RBP: 00007fc58e210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1260.548895][T20159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1260.548914][T20159] R13: 0000000000000000 R14: 00007fc58e3b5fa0 R15: 00007ffcbfeca808 [ 1260.548954][T20159] [ 1260.753502][ C1] vkms_vblank_simulate: vblank timer overrun [ 1262.511546][T20172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2757'. [ 1263.251183][T20188] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 1263.355794][T20187] netlink: zone id is out of range [ 1263.541831][T20191] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2764'. [ 1263.551918][T20191] FAULT_INJECTION: forcing a failure. [ 1263.551918][T20191] name failslab, interval 1, probability 0, space 0, times 0 [ 1263.567165][T20191] CPU: 1 UID: 0 PID: 20191 Comm: syz.0.2764 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1263.567200][T20191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1263.567213][T20191] Call Trace: [ 1263.567220][T20191] [ 1263.567228][T20191] dump_stack_lvl+0x16c/0x1f0 [ 1263.567260][T20191] should_fail_ex+0x512/0x640 [ 1263.567288][T20191] ? __kmalloc_noprof+0xbf/0x510 [ 1263.567318][T20191] ? tnode_new+0x25a/0x340 [ 1263.567345][T20191] should_failslab+0xc2/0x120 [ 1263.567363][T20191] __kmalloc_noprof+0xd2/0x510 [ 1263.567396][T20191] tnode_new+0x25a/0x340 [ 1263.567425][T20191] resize+0x3af/0x22a0 [ 1263.567453][T20191] ? trace_kmalloc+0x2b/0xd0 [ 1263.567482][T20191] fib_insert_alias+0x9b9/0xe30 [ 1263.567511][T20191] ? rtnl_trylock+0x10/0x20 [ 1263.567537][T20191] fib_trie_unmerge+0x2f9/0xcb0 [ 1263.567559][T20191] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1263.567576][T20191] ? fib_newrule+0x1562/0x1e60 [ 1263.567606][T20191] ? __pfx___mutex_lock+0x10/0x10 [ 1263.567639][T20191] fib_unmerge+0xf8/0x520 [ 1263.567659][T20191] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1263.567690][T20191] fib4_rule_configure+0x383/0x10c0 [ 1263.567719][T20191] fib_newrule+0x35c/0x1e60 [ 1263.567763][T20191] ? __pfx_fib_newrule+0x10/0x10 [ 1263.567792][T20191] ? kfree_skbmem+0x1a4/0x1f0 [ 1263.567833][T20191] ? find_held_lock+0x2b/0x80 [ 1263.567854][T20191] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1263.567882][T20191] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1263.567910][T20191] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1263.567941][T20191] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1263.567971][T20191] rtnetlink_rcv_msg+0x95b/0xe90 [ 1263.568006][T20191] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1263.568042][T20191] ? ref_tracker_free+0x37c/0x830 [ 1263.568080][T20191] netlink_rcv_skb+0x158/0x420 [ 1263.568110][T20191] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1263.568144][T20191] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1263.568177][T20191] ? netlink_deliver_tap+0x1ae/0xd30 [ 1263.568212][T20191] netlink_unicast+0x53a/0x7f0 [ 1263.568234][T20191] ? __pfx_netlink_unicast+0x10/0x10 [ 1263.568260][T20191] netlink_sendmsg+0x8d1/0xdd0 [ 1263.568283][T20191] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1263.568311][T20191] ____sys_sendmsg+0xa98/0xc70 [ 1263.568332][T20191] ? copy_msghdr_from_user+0x10a/0x160 [ 1263.568359][T20191] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1263.568383][T20191] ? kfree+0x24f/0x4d0 [ 1263.568407][T20191] ? futex_unqueue+0x133/0x2c0 [ 1263.568433][T20191] ___sys_sendmsg+0x134/0x1d0 [ 1263.568461][T20191] ? __pfx____sys_sendmsg+0x10/0x10 [ 1263.568510][T20191] ? __pfx___might_resched+0x10/0x10 [ 1263.568537][T20191] __sys_sendmmsg+0x200/0x420 [ 1263.568567][T20191] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1263.568601][T20191] ? __pfx_do_futex+0x10/0x10 [ 1263.568636][T20191] ? xfd_validate_state+0x61/0x180 [ 1263.568668][T20191] __x64_sys_sendmmsg+0x9c/0x100 [ 1263.568695][T20191] ? lockdep_hardirqs_on+0x7c/0x110 [ 1263.568722][T20191] do_syscall_64+0xcd/0x490 [ 1263.568758][T20191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1263.568777][T20191] RIP: 0033:0x7f962c78e929 [ 1263.568794][T20191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1263.568813][T20191] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1263.568832][T20191] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1263.568846][T20191] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1263.568858][T20191] RBP: 00007f962c810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1263.568869][T20191] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1263.568881][T20191] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1263.568904][T20191] [ 1263.939162][ C1] vkms_vblank_simulate: vblank timer overrun [ 1264.388080][T20193] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2765'. [ 1264.408070][T20193] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2765'. [ 1264.954867][T20203] FAULT_INJECTION: forcing a failure. [ 1264.954867][T20203] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.960026][ T30] audit: type=1804 audit(3124.000:89): pid=20203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2767" name="/newroot/111/file0" dev="tmpfs" ino=611 res=1 errno=0 [ 1264.968152][T20203] CPU: 1 UID: 0 PID: 20203 Comm: syz.1.2767 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1264.968193][T20203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1264.968209][T20203] Call Trace: [ 1264.968219][T20203] [ 1264.968230][T20203] dump_stack_lvl+0x16c/0x1f0 [ 1264.968276][T20203] should_fail_ex+0x512/0x640 [ 1264.968314][T20203] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1264.968359][T20203] should_failslab+0xc2/0x120 [ 1264.968385][T20203] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1264.968425][T20203] ? audit_log_start+0x2c5/0x7f0 [ 1264.968465][T20203] audit_log_start+0x2c5/0x7f0 [ 1264.968501][T20203] ? __pfx_audit_log_start+0x10/0x10 [ 1264.968536][T20203] ? __lock_acquire+0xb8a/0x1c90 [ 1264.968592][T20203] integrity_audit_message+0x10c/0x580 [ 1264.968629][T20203] ? take_dentry_name_snapshot+0x314/0x7d0 [ 1264.968659][T20203] ? __pfx_integrity_audit_message+0x10/0x10 [ 1264.968698][T20203] ? take_dentry_name_snapshot+0x319/0x7d0 [ 1264.968733][T20203] integrity_audit_msg+0x41/0x60 [ 1264.968772][T20203] ima_collect_measurement+0x784/0xa40 [ 1264.968811][T20203] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1264.968959][T20203] ? do_raw_read_unlock+0x44/0xe0 [ 1264.968998][T20203] ? vfs_getxattr_alloc+0xec/0x340 [ 1264.969045][T20203] ? ima_get_hash_algo+0x27c/0x400 [ 1264.969083][T20203] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1264.969129][T20203] ? process_measurement+0x11fa/0x23e0 [ 1264.969168][T20203] process_measurement+0x11fa/0x23e0 [ 1264.969221][T20203] ? __pfx_process_measurement+0x10/0x10 [ 1264.969266][T20203] ? futex_unqueue+0x133/0x2c0 [ 1264.969343][T20203] ? __futex_hash.constprop.0+0x1e9/0x440 [ 1264.969384][T20203] ima_file_mmap+0x1b1/0x1d0 [ 1264.969424][T20203] ? __pfx_ima_file_mmap+0x10/0x10 [ 1264.969461][T20203] ? __lock_acquire+0x622/0x1c90 [ 1264.969506][T20203] security_mmap_file+0x88c/0x990 [ 1264.969544][T20203] vm_mmap_pgoff+0xec/0x450 [ 1264.969575][T20203] ? find_held_lock+0x2b/0x80 [ 1264.969604][T20203] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1264.969641][T20203] ? __fget_files+0x20e/0x3c0 [ 1264.969685][T20203] ksys_mmap_pgoff+0x32c/0x5c0 [ 1264.969723][T20203] __x64_sys_mmap+0x125/0x190 [ 1264.969766][T20203] do_syscall_64+0xcd/0x490 [ 1264.969810][T20203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1264.969848][T20203] RIP: 0033:0x7efef898e929 [ 1264.969873][T20203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1264.969900][T20203] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1264.969928][T20203] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1264.969947][T20203] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 1264.969965][T20203] RBP: 00007efef8a10b39 R08: 0000000000000003 R09: 0000000000000000 [ 1264.969983][T20203] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 1264.970000][T20203] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1264.970037][T20203] [ 1264.970052][T20203] audit: audit_lost=8 audit_rate_limit=0 audit_backlog_limit=64 [ 1265.356960][T20208] binder: 20207:20208 ioctl c018620b 0 returned -14 [ 1265.431178][T20203] audit: out of memory in audit_log_start [ 1265.495579][T20210] binder: 20207:20210 ioctl 400c620e 0 returned -22 [ 1266.499931][T19717] syz.1.2659 (19717) used greatest stack depth: 18408 bytes left [ 1267.186201][T20225] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2774'. [ 1267.283307][T20225] FAULT_INJECTION: forcing a failure. [ 1267.283307][T20225] name failslab, interval 1, probability 0, space 0, times 0 [ 1267.321163][T20225] CPU: 0 UID: 0 PID: 20225 Comm: syz.3.2774 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1267.321213][T20225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1267.321230][T20225] Call Trace: [ 1267.321241][T20225] [ 1267.321252][T20225] dump_stack_lvl+0x16c/0x1f0 [ 1267.321296][T20225] should_fail_ex+0x512/0x640 [ 1267.321337][T20225] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1267.321378][T20225] should_failslab+0xc2/0x120 [ 1267.321402][T20225] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1267.321437][T20225] ? lockdep_rtnl_is_held+0x26/0x40 [ 1267.321472][T20225] ? fib_trie_unmerge+0x281/0xcb0 [ 1267.321504][T20225] fib_trie_unmerge+0x281/0xcb0 [ 1267.321541][T20225] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1267.321566][T20225] ? fib_newrule+0x1562/0x1e60 [ 1267.321607][T20225] ? __pfx___mutex_lock+0x10/0x10 [ 1267.321657][T20225] fib_unmerge+0xf8/0x520 [ 1267.321689][T20225] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1267.321739][T20225] fib4_rule_configure+0x383/0x10c0 [ 1267.321788][T20225] fib_newrule+0x35c/0x1e60 [ 1267.321860][T20225] ? __pfx_fib_newrule+0x10/0x10 [ 1267.321904][T20225] ? kfree_skbmem+0x1a4/0x1f0 [ 1267.321973][T20225] ? find_held_lock+0x2b/0x80 [ 1267.322003][T20225] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1267.322046][T20225] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1267.322087][T20225] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1267.322135][T20225] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1267.322181][T20225] rtnetlink_rcv_msg+0x95b/0xe90 [ 1267.322232][T20225] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1267.322290][T20225] ? ref_tracker_free+0x37c/0x830 [ 1267.322339][T20225] netlink_rcv_skb+0x158/0x420 [ 1267.322370][T20225] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1267.322416][T20225] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1267.322459][T20225] ? netlink_deliver_tap+0x1ae/0xd30 [ 1267.322516][T20225] netlink_unicast+0x53a/0x7f0 [ 1267.322551][T20225] ? __pfx_netlink_unicast+0x10/0x10 [ 1267.322592][T20225] netlink_sendmsg+0x8d1/0xdd0 [ 1267.322629][T20225] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1267.322675][T20225] ____sys_sendmsg+0xa98/0xc70 [ 1267.322706][T20225] ? copy_msghdr_from_user+0x10a/0x160 [ 1267.322746][T20225] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1267.322774][T20225] ? __pfx___schedule+0x10/0x10 [ 1267.322817][T20225] ? kfree+0x24f/0x4d0 [ 1267.322871][T20225] ___sys_sendmsg+0x134/0x1d0 [ 1267.322913][T20225] ? __pfx____sys_sendmsg+0x10/0x10 [ 1267.322991][T20225] ? __pfx___might_resched+0x10/0x10 [ 1267.323031][T20225] __sys_sendmmsg+0x200/0x420 [ 1267.323077][T20225] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1267.323129][T20225] ? __pfx_do_futex+0x10/0x10 [ 1267.323188][T20225] ? xfd_validate_state+0x61/0x180 [ 1267.323236][T20225] __x64_sys_sendmmsg+0x9c/0x100 [ 1267.323276][T20225] ? lockdep_hardirqs_on+0x7c/0x110 [ 1267.323314][T20225] do_syscall_64+0xcd/0x490 [ 1267.323358][T20225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1267.323387][T20225] RIP: 0033:0x7f965098e929 [ 1267.323412][T20225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1267.323441][T20225] RSP: 002b:00007f96517a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1267.323470][T20225] RAX: ffffffffffffffda RBX: 00007f9650bb5fa0 RCX: 00007f965098e929 [ 1267.323489][T20225] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1267.323508][T20225] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1267.323526][T20225] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1267.323543][T20225] R13: 0000000000000000 R14: 00007f9650bb5fa0 R15: 00007fff4968e168 [ 1267.323582][T20225] [ 1267.326181][T20227] FAULT_INJECTION: forcing a failure. [ 1267.326181][T20227] name failslab, interval 1, probability 0, space 0, times 0 [ 1267.713502][T20227] CPU: 0 UID: 0 PID: 20227 Comm: syz.0.2773 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1267.713549][T20227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1267.713568][T20227] Call Trace: [ 1267.713579][T20227] [ 1267.713592][T20227] dump_stack_lvl+0x16c/0x1f0 [ 1267.713642][T20227] should_fail_ex+0x512/0x640 [ 1267.713685][T20227] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1267.713728][T20227] should_failslab+0xc2/0x120 [ 1267.713757][T20227] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1267.713798][T20227] ? lockdep_init_map_type+0x5c/0x280 [ 1267.713838][T20227] ? slip_open+0x846/0x1150 [ 1267.713875][T20227] ? do_init_timer+0xc9/0x110 [ 1267.713918][T20227] slip_open+0x846/0x1150 [ 1267.713958][T20227] ? __pfx_n_tty_close+0x10/0x10 [ 1267.713991][T20227] ? find_held_lock+0x2b/0x80 [ 1267.714022][T20227] ? __pfx_slip_open+0x10/0x10 [ 1267.714058][T20227] ? down_write+0x14d/0x200 [ 1267.714097][T20227] ? __pfx_slip_open+0x10/0x10 [ 1267.714134][T20227] tty_ldisc_open+0x9c/0x120 [ 1267.714177][T20227] tty_set_ldisc+0x32b/0x780 [ 1267.714228][T20227] tty_ioctl+0xc2e/0x1640 [ 1267.714278][T20227] ? __pfx_tty_ioctl+0x10/0x10 [ 1267.714337][T20227] ? find_held_lock+0x2b/0x80 [ 1267.714368][T20227] ? hook_file_ioctl_common+0x145/0x410 [ 1267.714409][T20227] ? __fget_files+0x20e/0x3c0 [ 1267.714458][T20227] ? __pfx_tty_ioctl+0x10/0x10 [ 1267.714507][T20227] __x64_sys_ioctl+0x18e/0x210 [ 1267.714547][T20227] do_syscall_64+0xcd/0x490 [ 1267.714597][T20227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1267.714628][T20227] RIP: 0033:0x7f962c78e929 [ 1267.714655][T20227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1267.714686][T20227] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1267.714744][T20227] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1267.714766][T20227] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000c [ 1267.714785][T20227] RBP: 00007f962c810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1267.714804][T20227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1267.714823][T20227] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1267.714865][T20227] [ 1268.491801][T20245] snd_aloop snd_aloop.0: control 16781581:65533:6:é'x?F¢é/èìzFË·fCªáª:0 is already present [ 1269.482974][T20253] binder: 20252:20253 ioctl c018620b 0 returned -14 [ 1269.588643][T20260] binder: 20252:20260 ioctl 400c620e 0 returned -22 [ 1271.595095][ T30] audit: type=1804 audit(3126.020:90): pid=20284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2788" name="/newroot/71/file0" dev="tmpfs" ino=402 res=1 errno=0 [ 1271.661435][ T30] audit: type=1800 audit(3126.020:91): pid=20284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2788" name="file0" dev="tmpfs" ino=402 res=0 errno=0 [ 1272.803208][T20295] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1272.922909][T20295] input: jJǸ-¶š9ã%vø“û¨lÐQ  J8fi‘ as /devices/virtual/input/input115 [ 1272.962538][ T30] audit: type=1800 audit(3127.420:92): pid=20295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2790" name="members" dev="configfs" ino=68591 res=0 errno=0 [ 1273.527370][T20305] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2793'. [ 1273.621492][T20305] FAULT_INJECTION: forcing a failure. [ 1273.621492][T20305] name failslab, interval 1, probability 0, space 0, times 0 [ 1273.675734][T20305] CPU: 1 UID: 0 PID: 20305 Comm: syz.1.2793 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1273.675783][T20305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1273.675809][T20305] Call Trace: [ 1273.675820][T20305] [ 1273.675832][T20305] dump_stack_lvl+0x16c/0x1f0 [ 1273.675885][T20305] should_fail_ex+0x512/0x640 [ 1273.675929][T20305] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1273.675981][T20305] should_failslab+0xc2/0x120 [ 1273.676009][T20305] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1273.676050][T20305] ? lockdep_rtnl_is_held+0x26/0x40 [ 1273.676084][T20305] ? fib_trie_unmerge+0x281/0xcb0 [ 1273.676123][T20305] fib_trie_unmerge+0x281/0xcb0 [ 1273.676162][T20305] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1273.676191][T20305] ? fib_newrule+0x1562/0x1e60 [ 1273.676241][T20305] ? __pfx___mutex_lock+0x10/0x10 [ 1273.676298][T20305] fib_unmerge+0xf8/0x520 [ 1273.676332][T20305] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1273.676386][T20305] fib4_rule_configure+0x383/0x10c0 [ 1273.676438][T20305] fib_newrule+0x35c/0x1e60 [ 1273.676501][T20305] ? __pfx_fib_newrule+0x10/0x10 [ 1273.676549][T20305] ? kfree_skbmem+0x1a4/0x1f0 [ 1273.676623][T20305] ? find_held_lock+0x2b/0x80 [ 1273.676656][T20305] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1273.676703][T20305] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1273.676754][T20305] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1273.676811][T20305] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1273.676861][T20305] rtnetlink_rcv_msg+0x95b/0xe90 [ 1273.676914][T20305] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1273.676975][T20305] ? ref_tracker_free+0x37c/0x830 [ 1273.677028][T20305] netlink_rcv_skb+0x158/0x420 [ 1273.677061][T20305] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1273.677113][T20305] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1273.677163][T20305] ? netlink_deliver_tap+0x1ae/0xd30 [ 1273.677223][T20305] netlink_unicast+0x53a/0x7f0 [ 1273.677261][T20305] ? __pfx_netlink_unicast+0x10/0x10 [ 1273.677307][T20305] netlink_sendmsg+0x8d1/0xdd0 [ 1273.677348][T20305] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1273.677398][T20305] ____sys_sendmsg+0xa98/0xc70 [ 1273.677435][T20305] ? copy_msghdr_from_user+0x10a/0x160 [ 1273.677480][T20305] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1273.677522][T20305] ? kfree+0x24f/0x4d0 [ 1273.677559][T20305] ? futex_unqueue+0x133/0x2c0 [ 1273.677604][T20305] ___sys_sendmsg+0x134/0x1d0 [ 1273.677653][T20305] ? __pfx____sys_sendmsg+0x10/0x10 [ 1273.677738][T20305] ? __pfx___might_resched+0x10/0x10 [ 1273.677782][T20305] __sys_sendmmsg+0x200/0x420 [ 1273.677847][T20305] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1273.677908][T20305] ? __pfx_do_futex+0x10/0x10 [ 1273.677972][T20305] ? xfd_validate_state+0x61/0x180 [ 1273.678024][T20305] __x64_sys_sendmmsg+0x9c/0x100 [ 1273.678067][T20305] ? lockdep_hardirqs_on+0x7c/0x110 [ 1273.678110][T20305] do_syscall_64+0xcd/0x490 [ 1273.678159][T20305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1273.678191][T20305] RIP: 0033:0x7efef898e929 [ 1273.678217][T20305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1273.678249][T20305] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1273.678281][T20305] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1273.678302][T20305] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1273.678321][T20305] RBP: 00007efef8a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1273.678341][T20305] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1273.678360][T20305] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1273.678403][T20305] [ 1276.075643][T20326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2798'. [ 1276.277185][T20326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2798'. [ 1276.609741][T20333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2799'. [ 1279.189526][T20375] binder: 20372:20375 ioctl c018620b 0 returned -14 [ 1279.384136][T20379] binder: 20372:20379 ioctl 400c620e 0 returned -22 [ 1280.947406][T20391] vhci_hcd: invalid port number 21 [ 1280.982530][ T30] audit: type=1804 audit(3135.440:93): pid=20393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2815" name="/newroot/125/file0" dev="tmpfs" ino=689 res=1 errno=0 [ 1281.064865][ T30] audit: type=1800 audit(3135.440:94): pid=20393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2815" name="file0" dev="tmpfs" ino=689 res=0 errno=0 [ 1285.805614][T20447] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64 [ 1285.838028][T20447] audit: out of memory in audit_log_start [ 1285.864973][ T30] audit: type=1800 audit(3140.320:95): pid=20447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2826" name="file0" dev="tmpfs" ino=586 res=0 errno=0 [ 1285.909106][T20449] binder: 20448:20449 ioctl c018620b 0 returned -14 [ 1285.972510][T20452] binder: 20448:20452 ioctl 400c620e 0 returned -22 [ 1287.781896][T20474] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2833'. [ 1289.525668][T20494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2839'. [ 1291.112225][T20508] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2844'. [ 1291.196759][T20499] ima: Unable to open file: /surit‹¯Ròy/integrity?iqa/policy (-2) [ 1291.197586][T20499] ima: policy update failed [ 1291.199146][T20508] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2844'. [ 1291.219542][ T30] audit: type=1802 audit(3125.920:96): pid=20499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2841" res=0 errno=0 [ 1294.161389][T20536] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2850'. [ 1294.431492][T20544] FAULT_INJECTION: forcing a failure. [ 1294.431492][T20544] name failslab, interval 1, probability 0, space 0, times 0 [ 1294.463391][T20544] CPU: 1 UID: 0 PID: 20544 Comm: syz.1.2853 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1294.463437][T20544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1294.463456][T20544] Call Trace: [ 1294.463467][T20544] [ 1294.463480][T20544] dump_stack_lvl+0x16c/0x1f0 [ 1294.463530][T20544] should_fail_ex+0x512/0x640 [ 1294.463572][T20544] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1294.463622][T20544] should_failslab+0xc2/0x120 [ 1294.463662][T20544] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1294.463706][T20544] ? __pfx_acct_collect+0x10/0x10 [ 1294.463751][T20544] ? taskstats_exit+0x654/0xbe0 [ 1294.463800][T20544] taskstats_exit+0x654/0xbe0 [ 1294.463845][T20544] ? __pfx_taskstats_exit+0x10/0x10 [ 1294.463898][T20544] do_exit+0x5d9/0x2bd0 [ 1294.463946][T20544] ? __pfx_do_exit+0x10/0x10 [ 1294.463986][T20544] ? do_raw_spin_lock+0x12c/0x2b0 [ 1294.464032][T20544] ? find_held_lock+0x2b/0x80 [ 1294.464069][T20544] do_group_exit+0xd3/0x2a0 [ 1294.464120][T20544] get_signal+0x2673/0x26d0 [ 1294.464158][T20544] ? __do_sys_mremap+0x5d4/0x1590 [ 1294.464208][T20544] ? __pfx_get_signal+0x10/0x10 [ 1294.464242][T20544] ? do_futex+0x122/0x350 [ 1294.464279][T20544] ? __pfx_do_futex+0x10/0x10 [ 1294.464320][T20544] arch_do_signal_or_restart+0x8f/0x790 [ 1294.464359][T20544] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1294.464409][T20544] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1294.464462][T20544] exit_to_user_mode_loop+0x84/0x110 [ 1294.464552][T20544] do_syscall_64+0x3f6/0x490 [ 1294.464601][T20544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1294.464632][T20544] RIP: 0033:0x7efef898e929 [ 1294.464672][T20544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1294.464701][T20544] RSP: 002b:00007efef97e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1294.464732][T20544] RAX: fffffffffffffe00 RBX: 00007efef8bb6088 RCX: 00007efef898e929 [ 1294.464752][T20544] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efef8bb6088 [ 1294.464772][T20544] RBP: 00007efef8bb6080 R08: 0000000000000000 R09: 0000000000000000 [ 1294.464791][T20544] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efef8bb608c [ 1294.464809][T20544] R13: 0000000000000000 R14: 00007ffe7936d0f0 R15: 00007ffe7936d1d8 [ 1294.464848][T20544] [ 1298.770634][T20593] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2864'. [ 1299.385484][T20599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2865'. [ 1299.955769][T20601] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2866'. [ 1300.315077][T20601] FAULT_INJECTION: forcing a failure. [ 1300.315077][T20601] name failslab, interval 1, probability 0, space 0, times 0 [ 1300.381683][T20601] CPU: 0 UID: 0 PID: 20601 Comm: syz.3.2866 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1300.381729][T20601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1300.381758][T20601] Call Trace: [ 1300.381769][T20601] [ 1300.381782][T20601] dump_stack_lvl+0x16c/0x1f0 [ 1300.381834][T20601] should_fail_ex+0x512/0x640 [ 1300.381878][T20601] ? __kmalloc_noprof+0xbf/0x510 [ 1300.381927][T20601] ? tnode_new+0x25a/0x340 [ 1300.381969][T20601] should_failslab+0xc2/0x120 [ 1300.381999][T20601] __kmalloc_noprof+0xd2/0x510 [ 1300.382053][T20601] tnode_new+0x25a/0x340 [ 1300.382102][T20601] resize+0x822/0x22a0 [ 1300.382170][T20601] fib_insert_alias+0x9b9/0xe30 [ 1300.382218][T20601] ? rtnl_trylock+0x10/0x20 [ 1300.382259][T20601] fib_trie_unmerge+0x2f9/0xcb0 [ 1300.382298][T20601] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1300.382326][T20601] ? fib_newrule+0x1562/0x1e60 [ 1300.382376][T20601] ? __pfx___mutex_lock+0x10/0x10 [ 1300.382433][T20601] fib_unmerge+0xf8/0x520 [ 1300.382465][T20601] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1300.382518][T20601] fib4_rule_configure+0x383/0x10c0 [ 1300.382567][T20601] fib_newrule+0x35c/0x1e60 [ 1300.382629][T20601] ? __pfx_fib_newrule+0x10/0x10 [ 1300.382682][T20601] ? kfree_skbmem+0x1a4/0x1f0 [ 1300.382765][T20601] ? find_held_lock+0x2b/0x80 [ 1300.382796][T20601] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1300.382842][T20601] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1300.382888][T20601] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1300.382938][T20601] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1300.382990][T20601] rtnetlink_rcv_msg+0x95b/0xe90 [ 1300.383040][T20601] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1300.383097][T20601] ? ref_tracker_free+0x37c/0x830 [ 1300.383151][T20601] netlink_rcv_skb+0x158/0x420 [ 1300.383184][T20601] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1300.383233][T20601] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1300.383280][T20601] ? netlink_deliver_tap+0x1ae/0xd30 [ 1300.383328][T20601] netlink_unicast+0x53a/0x7f0 [ 1300.383357][T20601] ? __pfx_netlink_unicast+0x10/0x10 [ 1300.383391][T20601] netlink_sendmsg+0x8d1/0xdd0 [ 1300.383421][T20601] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1300.383459][T20601] ____sys_sendmsg+0xa98/0xc70 [ 1300.383487][T20601] ? copy_msghdr_from_user+0x10a/0x160 [ 1300.383521][T20601] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1300.383552][T20601] ? kfree+0x24f/0x4d0 [ 1300.383581][T20601] ? futex_unqueue+0x133/0x2c0 [ 1300.383614][T20601] ___sys_sendmsg+0x134/0x1d0 [ 1300.383651][T20601] ? __pfx____sys_sendmsg+0x10/0x10 [ 1300.383718][T20601] ? __pfx___might_resched+0x10/0x10 [ 1300.383760][T20601] __sys_sendmmsg+0x200/0x420 [ 1300.383799][T20601] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1300.383844][T20601] ? __pfx_do_futex+0x10/0x10 [ 1300.383892][T20601] ? xfd_validate_state+0x61/0x180 [ 1300.383932][T20601] __x64_sys_sendmmsg+0x9c/0x100 [ 1300.383966][T20601] ? lockdep_hardirqs_on+0x7c/0x110 [ 1300.384001][T20601] do_syscall_64+0xcd/0x490 [ 1300.384039][T20601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1300.384064][T20601] RIP: 0033:0x7f965098e929 [ 1300.384085][T20601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1300.384110][T20601] RSP: 002b:00007f96517a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1300.384136][T20601] RAX: ffffffffffffffda RBX: 00007f9650bb5fa0 RCX: 00007f965098e929 [ 1300.384153][T20601] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1300.384168][T20601] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1300.384183][T20601] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1300.384198][T20601] R13: 0000000000000000 R14: 00007f9650bb5fa0 R15: 00007fff4968e168 [ 1300.384231][T20601] [ 1302.200339][T20620] FAULT_INJECTION: forcing a failure. [ 1302.200339][T20620] name failslab, interval 1, probability 0, space 0, times 0 [ 1302.245114][T20620] CPU: 1 UID: 0 PID: 20620 Comm: syz.2.2871 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1302.245161][T20620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1302.245180][T20620] Call Trace: [ 1302.245191][T20620] [ 1302.245203][T20620] dump_stack_lvl+0x16c/0x1f0 [ 1302.245253][T20620] should_fail_ex+0x512/0x640 [ 1302.245298][T20620] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1302.245345][T20620] should_failslab+0xc2/0x120 [ 1302.245376][T20620] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1302.245420][T20620] ? ima_add_digest_entry+0x52/0x540 [ 1302.245470][T20620] ima_add_digest_entry+0x52/0x540 [ 1302.245521][T20620] ima_add_template_entry+0x478/0x870 [ 1302.245577][T20620] ? __pfx_ima_add_template_entry+0x10/0x10 [ 1302.245626][T20620] ? ima_alloc_init_template+0x536/0x720 [ 1302.245666][T20620] ima_add_violation+0x17f/0x3d0 [ 1302.245701][T20620] ? __pfx_ima_add_violation+0x10/0x10 [ 1302.245731][T20620] ? ima_d_path+0x12b/0x2a0 [ 1302.245761][T20620] ? __pfx_ima_d_path+0x10/0x10 [ 1302.245801][T20620] ? lockdep_init_map_type+0x5c/0x280 [ 1302.245848][T20620] ? ima_inode_get+0x39e/0x580 [ 1302.245907][T20620] process_measurement+0x1783/0x23e0 [ 1302.245969][T20620] ? __pfx_process_measurement+0x10/0x10 [ 1302.246022][T20620] ? futex_unqueue+0x133/0x2c0 [ 1302.246113][T20620] ? __futex_hash.constprop.0+0x1e9/0x440 [ 1302.246160][T20620] ima_file_mmap+0x1b1/0x1d0 [ 1302.246206][T20620] ? __pfx_ima_file_mmap+0x10/0x10 [ 1302.246249][T20620] ? __lock_acquire+0x622/0x1c90 [ 1302.246302][T20620] security_mmap_file+0x88c/0x990 [ 1302.246345][T20620] vm_mmap_pgoff+0xec/0x450 [ 1302.246380][T20620] ? find_held_lock+0x2b/0x80 [ 1302.246411][T20620] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1302.246451][T20620] ? __fget_files+0x20e/0x3c0 [ 1302.246503][T20620] ksys_mmap_pgoff+0x32c/0x5c0 [ 1302.246547][T20620] __x64_sys_mmap+0x125/0x190 [ 1302.246598][T20620] do_syscall_64+0xcd/0x490 [ 1302.246647][T20620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1302.246678][T20620] RIP: 0033:0x7fc58e18e929 [ 1302.246705][T20620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1302.246737][T20620] RSP: 002b:00007fc58f0e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1302.246769][T20620] RAX: ffffffffffffffda RBX: 00007fc58e3b5fa0 RCX: 00007fc58e18e929 [ 1302.246790][T20620] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 1302.246809][T20620] RBP: 00007fc58e210b39 R08: 0000000000000003 R09: 0000000000000000 [ 1302.246828][T20620] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 1302.246847][T20620] R13: 0000000000000000 R14: 00007fc58e3b5fa0 R15: 00007ffcbfeca808 [ 1302.246897][T20620] [ 1302.246910][T20620] ima: OUT OF MEMORY ERROR creating queue entry [ 1302.555844][ T30] audit: type=1804 audit(3129.570:97): pid=20620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.2871" name="/newroot/89/file0" dev="tmpfs" ino=497 res=0 errno=0 [ 1302.674300][ T30] audit: type=1804 audit(3129.570:98): pid=20620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2871" name="/newroot/89/file0" dev="tmpfs" ino=497 res=0 errno=0 [ 1302.791215][ T30] audit: type=1800 audit(3129.570:99): pid=20620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2871" name="file0" dev="tmpfs" ino=497 res=0 errno=0 [ 1303.095776][T20627] FAULT_INJECTION: forcing a failure. [ 1303.095776][T20627] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1303.140974][T20627] CPU: 0 UID: 0 PID: 20627 Comm: syz.1.2874 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1303.141018][T20627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1303.141030][T20627] Call Trace: [ 1303.141037][T20627] [ 1303.141045][T20627] dump_stack_lvl+0x16c/0x1f0 [ 1303.141077][T20627] should_fail_ex+0x512/0x640 [ 1303.141108][T20627] _copy_from_user+0x2e/0xd0 [ 1303.141138][T20627] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 1303.141169][T20627] snd_rawmidi_write+0x26e/0xc10 [ 1303.141196][T20627] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 1303.141219][T20627] ? __pfx_default_wake_function+0x10/0x10 [ 1303.141242][T20627] ? bpf_lsm_file_permission+0x9/0x10 [ 1303.141262][T20627] ? security_file_permission+0x71/0x210 [ 1303.141287][T20627] ? rw_verify_area+0xcf/0x680 [ 1303.141312][T20627] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 1303.141333][T20627] vfs_write+0x2a0/0x1150 [ 1303.141364][T20627] ? __pfx_vfs_write+0x10/0x10 [ 1303.141388][T20627] ? find_held_lock+0x2b/0x80 [ 1303.141408][T20627] ? __fget_files+0x204/0x3c0 [ 1303.141437][T20627] ? __fget_files+0x20e/0x3c0 [ 1303.141467][T20627] ksys_write+0x1f8/0x250 [ 1303.141493][T20627] ? __pfx_ksys_write+0x10/0x10 [ 1303.141526][T20627] do_syscall_64+0xcd/0x490 [ 1303.141555][T20627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1303.141575][T20627] RIP: 0033:0x7efef898e929 [ 1303.141591][T20627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1303.141609][T20627] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1303.141627][T20627] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1303.141640][T20627] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000004 [ 1303.141651][T20627] RBP: 00007efef9805090 R08: 0000000000000000 R09: 0000000000000000 [ 1303.141662][T20627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1303.141673][T20627] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1303.141695][T20627] [ 1303.148191][T20627] FAULT_INJECTION: forcing a failure. [ 1303.148191][T20627] name failslab, interval 1, probability 0, space 0, times 0 [ 1303.403578][T20627] CPU: 0 UID: 0 PID: 20627 Comm: syz.1.2874 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1303.403620][T20627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1303.403637][T20627] Call Trace: [ 1303.403648][T20627] [ 1303.403660][T20627] dump_stack_lvl+0x16c/0x1f0 [ 1303.403698][T20627] should_fail_ex+0x512/0x640 [ 1303.403729][T20627] should_failslab+0xc2/0x120 [ 1303.403754][T20627] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1303.403783][T20627] ? __alloc_skb+0x2b2/0x380 [ 1303.403812][T20627] __alloc_skb+0x2b2/0x380 [ 1303.403837][T20627] ? __pfx___alloc_skb+0x10/0x10 [ 1303.403871][T20627] new_skb+0x21/0x230 [ 1303.403888][T20627] aoecmd_cfg+0x21c/0x7d0 [ 1303.403908][T20627] ? __pfx_aoecmd_cfg+0x10/0x10 [ 1303.403935][T20627] ? apparmor_file_permission+0x251/0x400 [ 1303.403959][T20627] ? __pfx_aoechr_write+0x10/0x10 [ 1303.403989][T20627] ? aoechr_write+0x120/0x160 [ 1303.404017][T20627] aoechr_write+0x120/0x160 [ 1303.404046][T20627] vfs_writev+0x5df/0xde0 [ 1303.404078][T20627] ? __pfx_vfs_writev+0x10/0x10 [ 1303.404104][T20627] ? kmem_cache_free+0x2d1/0x4d0 [ 1303.404146][T20627] ? __fget_files+0x20e/0x3c0 [ 1303.404177][T20627] ? do_writev+0x132/0x340 [ 1303.404199][T20627] do_writev+0x132/0x340 [ 1303.404224][T20627] ? __pfx_do_writev+0x10/0x10 [ 1303.404255][T20627] do_syscall_64+0xcd/0x490 [ 1303.404284][T20627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1303.404303][T20627] RIP: 0033:0x7efef898e929 [ 1303.404318][T20627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1303.404338][T20627] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1303.404356][T20627] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1303.404368][T20627] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000009 [ 1303.404379][T20627] RBP: 00007efef8a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1303.404390][T20627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1303.404401][T20627] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1303.404424][T20627] [ 1303.628603][T20627] aoe: skb alloc failure [ 1303.672211][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1303.678675][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1303.757300][T20631] FAULT_INJECTION: forcing a failure. [ 1303.757300][T20631] name failslab, interval 1, probability 0, space 0, times 0 [ 1303.771036][T20631] CPU: 0 UID: 0 PID: 20631 Comm: syz.3.2875 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1303.771080][T20631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1303.771100][T20631] Call Trace: [ 1303.771111][T20631] [ 1303.771123][T20631] dump_stack_lvl+0x16c/0x1f0 [ 1303.771173][T20631] should_fail_ex+0x512/0x640 [ 1303.771215][T20631] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1303.771266][T20631] should_failslab+0xc2/0x120 [ 1303.771296][T20631] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1303.771342][T20631] ? __proc_create+0xc3/0x8c0 [ 1303.771386][T20631] ? __proc_create+0x2ce/0x8c0 [ 1303.771438][T20631] __proc_create+0x2ce/0x8c0 [ 1303.771497][T20631] ? __pfx___proc_create+0x10/0x10 [ 1303.771542][T20631] ? pcpu_chunk_relocate+0x126/0x190 [ 1303.771603][T20631] proc_create_reg+0x7d/0x180 [ 1303.771637][T20631] proc_create_net_data+0x8e/0x1b0 [ 1303.771697][T20631] ? __pfx_proc_create_net_data+0x10/0x10 [ 1303.771759][T20631] ? __pfx_netlink_net_init+0x10/0x10 [ 1303.771806][T20631] netlink_net_init+0x50/0x70 [ 1303.771850][T20631] ops_init+0x1df/0x5f0 [ 1303.771903][T20631] setup_net+0x1ff/0x510 [ 1303.771949][T20631] ? lockdep_init_map_type+0x5c/0x280 [ 1303.771990][T20631] ? __pfx_setup_net+0x10/0x10 [ 1303.772040][T20631] ? debug_mutex_init+0x37/0x70 [ 1303.772078][T20631] copy_net_ns+0x2a6/0x5f0 [ 1303.772116][T20631] create_new_namespaces+0x3ea/0xa90 [ 1303.772165][T20631] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1303.772207][T20631] ksys_unshare+0x45b/0xa40 [ 1303.772252][T20631] ? __pfx_ksys_unshare+0x10/0x10 [ 1303.772297][T20631] ? xfd_validate_state+0x61/0x180 [ 1303.772353][T20631] __x64_sys_unshare+0x31/0x40 [ 1303.772395][T20631] do_syscall_64+0xcd/0x490 [ 1303.772443][T20631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1303.772475][T20631] RIP: 0033:0x7f965098e929 [ 1303.772502][T20631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1303.772534][T20631] RSP: 002b:00007f96517a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1303.772566][T20631] RAX: ffffffffffffffda RBX: 00007f9650bb5fa0 RCX: 00007f965098e929 [ 1303.772586][T20631] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1303.772606][T20631] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1303.772625][T20631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1303.772651][T20631] R13: 0000000000000000 R14: 00007f9650bb5fa0 R15: 00007fff4968e168 [ 1303.772695][T20631] [ 1304.562692][T17451] Bluetooth: hci0: unexpected subevent 0x01 length: 2 < 18 [ 1305.277788][T20651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2879'. [ 1305.537575][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1305.544408][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1307.195643][T20670] FAULT_INJECTION: forcing a failure. [ 1307.195643][T20670] name failslab, interval 1, probability 0, space 0, times 0 [ 1307.223362][T20670] CPU: 0 UID: 0 PID: 20670 Comm: syz.3.2884 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1307.223412][T20670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1307.223431][T20670] Call Trace: [ 1307.223443][T20670] [ 1307.223455][T20670] dump_stack_lvl+0x16c/0x1f0 [ 1307.223506][T20670] should_fail_ex+0x512/0x640 [ 1307.223550][T20670] ? __kmalloc_noprof+0xbf/0x510 [ 1307.223598][T20670] ? lsm_blob_alloc+0x68/0x90 [ 1307.223652][T20670] should_failslab+0xc2/0x120 [ 1307.223684][T20670] __kmalloc_noprof+0xd2/0x510 [ 1307.223726][T20670] ? __pfx_perf_event_init_task+0x10/0x10 [ 1307.223763][T20670] ? audit_alloc+0xa2/0x7b0 [ 1307.223799][T20670] lsm_blob_alloc+0x68/0x90 [ 1307.223847][T20670] security_task_alloc+0x2d/0x260 [ 1307.223891][T20670] copy_process+0x2205/0x7650 [ 1307.223930][T20670] ? __pfx___futex_wait+0x10/0x10 [ 1307.223974][T20670] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1307.224030][T20670] ? __pfx_copy_process+0x10/0x10 [ 1307.224070][T20670] ? find_held_lock+0x2b/0x80 [ 1307.224119][T20670] kernel_clone+0xfc/0x960 [ 1307.224169][T20670] ? __pfx_kernel_clone+0x10/0x10 [ 1307.224231][T20670] __do_sys_clone+0xce/0x120 [ 1307.224271][T20670] ? __pfx___do_sys_clone+0x10/0x10 [ 1307.224327][T20670] ? xfd_validate_state+0x61/0x180 [ 1307.224383][T20670] do_syscall_64+0xcd/0x490 [ 1307.224433][T20670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1307.224464][T20670] RIP: 0033:0x7f965098e929 [ 1307.224490][T20670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1307.224519][T20670] RSP: 002b:00007f96517a1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1307.224550][T20670] RAX: ffffffffffffffda RBX: 00007f9650bb5fa0 RCX: 00007f965098e929 [ 1307.224571][T20670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1307.224590][T20670] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1307.224609][T20670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1307.224627][T20670] R13: 0000000000000000 R14: 00007f9650bb5fa0 R15: 00007fff4968e168 [ 1307.224678][T20670] [ 1307.468201][T20676] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2885'. [ 1308.116751][T20681] aoe: skb alloc failure [ 1308.126530][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1308.132992][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1308.558821][T20686] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2888'. [ 1310.148350][T20704] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2894'. [ 1311.118352][ T30] audit: type=1804 audit(3130.210:100): pid=20720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2898" name="/newroot/153/file0" dev="tmpfs" ino=841 res=1 errno=0 [ 1311.151747][ T30] audit: type=1800 audit(3130.210:101): pid=20720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2898" name="file0" dev="tmpfs" ino=841 res=0 errno=0 [ 1312.660829][T20743] netlink: 'syz.2.2902': attribute type 39 has an invalid length. [ 1312.921771][T20746] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2903'. [ 1312.943050][T20746] FAULT_INJECTION: forcing a failure. [ 1312.943050][T20746] name failslab, interval 1, probability 0, space 0, times 0 [ 1312.968128][T20746] CPU: 0 UID: 0 PID: 20746 Comm: syz.2.2903 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1312.968176][T20746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1312.968194][T20746] Call Trace: [ 1312.968205][T20746] [ 1312.968217][T20746] dump_stack_lvl+0x16c/0x1f0 [ 1312.968267][T20746] should_fail_ex+0x512/0x640 [ 1312.968309][T20746] ? __kmalloc_noprof+0xbf/0x510 [ 1312.968354][T20746] ? tnode_new+0x25a/0x340 [ 1312.968394][T20746] should_failslab+0xc2/0x120 [ 1312.968425][T20746] __kmalloc_noprof+0xd2/0x510 [ 1312.968468][T20746] ? rcu_is_watching+0x12/0xc0 [ 1312.968509][T20746] tnode_new+0x25a/0x340 [ 1312.968557][T20746] fib_insert_alias+0x6ee/0xe30 [ 1312.968606][T20746] ? lockdep_rtnl_is_held+0x26/0x40 [ 1312.968652][T20746] fib_trie_unmerge+0x2f9/0xcb0 [ 1312.968691][T20746] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1312.968731][T20746] ? fib_newrule+0x1562/0x1e60 [ 1312.968781][T20746] ? __pfx___mutex_lock+0x10/0x10 [ 1312.968837][T20746] fib_unmerge+0xf8/0x520 [ 1312.968871][T20746] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1312.968923][T20746] fib4_rule_configure+0x383/0x10c0 [ 1312.968974][T20746] fib_newrule+0x35c/0x1e60 [ 1312.969034][T20746] ? __pfx_fib_newrule+0x10/0x10 [ 1312.969079][T20746] ? kfree_skbmem+0x1a4/0x1f0 [ 1312.969150][T20746] ? find_held_lock+0x2b/0x80 [ 1312.969182][T20746] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1312.969227][T20746] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1312.969272][T20746] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1312.969322][T20746] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1312.969371][T20746] rtnetlink_rcv_msg+0x95b/0xe90 [ 1312.969424][T20746] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1312.969482][T20746] ? ref_tracker_free+0x37c/0x830 [ 1312.969535][T20746] netlink_rcv_skb+0x158/0x420 [ 1312.969568][T20746] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1312.969618][T20746] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1312.969664][T20746] ? netlink_deliver_tap+0x1ae/0xd30 [ 1312.969731][T20746] netlink_unicast+0x53a/0x7f0 [ 1312.969771][T20746] ? __pfx_netlink_unicast+0x10/0x10 [ 1312.969815][T20746] netlink_sendmsg+0x8d1/0xdd0 [ 1312.969857][T20746] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1312.969906][T20746] ____sys_sendmsg+0xa98/0xc70 [ 1312.969944][T20746] ? copy_msghdr_from_user+0x10a/0x160 [ 1312.969987][T20746] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1312.970029][T20746] ? kfree+0x24f/0x4d0 [ 1312.970066][T20746] ? futex_unqueue+0x133/0x2c0 [ 1312.970122][T20746] ___sys_sendmsg+0x134/0x1d0 [ 1312.970171][T20746] ? __pfx____sys_sendmsg+0x10/0x10 [ 1312.970256][T20746] ? __pfx___might_resched+0x10/0x10 [ 1312.970304][T20746] __sys_sendmmsg+0x200/0x420 [ 1312.970354][T20746] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1312.970424][T20746] ? __pfx_do_futex+0x10/0x10 [ 1312.970488][T20746] ? xfd_validate_state+0x61/0x180 [ 1312.970542][T20746] __x64_sys_sendmmsg+0x9c/0x100 [ 1312.970586][T20746] ? lockdep_hardirqs_on+0x7c/0x110 [ 1312.970632][T20746] do_syscall_64+0xcd/0x490 [ 1312.970685][T20746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1312.970723][T20746] RIP: 0033:0x7fc58e18e929 [ 1312.970749][T20746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1312.970780][T20746] RSP: 002b:00007fc58f0e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1312.970809][T20746] RAX: ffffffffffffffda RBX: 00007fc58e3b5fa0 RCX: 00007fc58e18e929 [ 1312.970831][T20746] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1312.970850][T20746] RBP: 00007fc58e210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1312.970867][T20746] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1312.970883][T20746] R13: 0000000000000000 R14: 00007fc58e3b5fa0 R15: 00007ffcbfeca808 [ 1312.970922][T20746] [ 1314.808159][T20758] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2908'. [ 1315.346182][T20768] syz.1.2911: vmalloc error: size 94208, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1315.405357][T20768] CPU: 1 UID: 0 PID: 20768 Comm: syz.1.2911 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1315.405409][T20768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1315.405428][T20768] Call Trace: [ 1315.405440][T20768] [ 1315.405452][T20768] dump_stack_lvl+0x16c/0x1f0 [ 1315.405502][T20768] warn_alloc+0x248/0x3a0 [ 1315.405551][T20768] ? __pfx_warn_alloc+0x10/0x10 [ 1315.405616][T20768] ? alloc_pages_mpol+0x25a/0x550 [ 1315.405650][T20768] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1315.405699][T20768] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 1315.405755][T20768] ? __snd_dma_alloc_pages+0x50/0x90 [ 1315.405806][T20768] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1315.405853][T20768] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1315.405908][T20768] ? __snd_dma_alloc_pages+0x50/0x90 [ 1315.405943][T20768] __vmalloc_node_noprof+0xad/0xf0 [ 1315.405980][T20768] ? __snd_dma_alloc_pages+0x50/0x90 [ 1315.406014][T20768] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 1315.406055][T20768] __snd_dma_alloc_pages+0x50/0x90 [ 1315.406092][T20768] snd_dma_alloc_dir_pages+0x151/0x240 [ 1315.406136][T20768] do_alloc_pages+0x115/0x280 [ 1315.406175][T20768] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 1315.406220][T20768] snd_pcm_hw_params+0x15e1/0x1b40 [ 1315.406262][T20768] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 1315.406298][T20768] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 1315.406335][T20768] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1315.406369][T20768] ? __asan_memset+0x23/0x50 [ 1315.406408][T20768] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 1315.406444][T20768] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 1315.406476][T20768] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1315.406499][T20768] ? snd_pcm_oss_sync+0x30c/0x840 [ 1315.406534][T20768] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1315.406556][T20768] snd_pcm_oss_sync+0x32e/0x840 [ 1315.406579][T20768] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1315.406608][T20768] snd_pcm_oss_release+0x28b/0x310 [ 1315.406629][T20768] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1315.406648][T20768] __fput+0x402/0xb70 [ 1315.406673][T20768] task_work_run+0x150/0x240 [ 1315.406705][T20768] ? __pfx_task_work_run+0x10/0x10 [ 1315.406735][T20768] ? __pfx___do_sys_close_range+0x10/0x10 [ 1315.406769][T20768] exit_to_user_mode_loop+0xeb/0x110 [ 1315.406800][T20768] do_syscall_64+0x3f6/0x490 [ 1315.406830][T20768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1315.406852][T20768] RIP: 0033:0x7efef898e929 [ 1315.406870][T20768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1315.406889][T20768] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1315.406909][T20768] RAX: 0000000000000000 RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1315.406921][T20768] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1315.406933][T20768] RBP: 00007efef8a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1315.406944][T20768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1315.406955][T20768] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1315.406978][T20768] [ 1315.407415][T20768] Mem-Info: [ 1315.775810][T20768] active_anon:16251 inactive_anon:45559 isolated_anon:22 [ 1315.775810][T20768] active_file:18606 inactive_file:40469 isolated_file:0 [ 1315.775810][T20768] unevictable:768 dirty:567 writeback:0 [ 1315.775810][T20768] slab_reclaimable:12100 slab_unreclaimable:95632 [ 1315.775810][T20768] mapped:51237 shmem:42712 pagetables:1229 [ 1315.775810][T20768] sec_pagetables:0 bounce:0 [ 1315.775810][T20768] kernel_misc_reclaimable:0 [ 1315.775810][T20768] free:1262451 free_pcp:13028 free_cma:0 [ 1315.822713][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1315.829125][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1315.840573][T20768] Node 0 active_anon:65004kB inactive_anon:182336kB active_file:74420kB inactive_file:161748kB unevictable:1536kB isolated(anon):88kB isolated(file):0kB mapped:205148kB dirty:2268kB writeback:0kB shmem:169412kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11852kB pagetables:4764kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1315.877836][T20768] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1315.923996][T20768] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1315.970228][T20768] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 1315.998114][T20768] Node 0 DMA32 free:1132476kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:64956kB inactive_anon:183936kB active_file:73176kB inactive_file:161676kB unevictable:1536kB writepending:2268kB present:3129332kB managed:2540352kB mlocked:0kB bounce:0kB free_pcp:36724kB local_pcp:17132kB free_cma:0kB [ 1316.042384][T20768] lowmem_reserve[]: 0 0 1 1 1 [ 1316.080254][T20768] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:1244kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 1316.120378][T20768] lowmem_reserve[]: 0 0 0 0 0 [ 1316.148206][T20768] Node 1 Normal free:3902352kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:13404kB local_pcp:6132kB free_cma:0kB [ 1316.197767][T20768] lowmem_reserve[]: 0 0 0 0 0 [ 1316.221125][T20768] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1316.245093][T20768] Node 0 DMA32: 6542*4kB (UME) 10699*8kB (UME) 5762*16kB (UME) 2519*32kB (UME) 1097*64kB (UME) 485*128kB (UME) 152*256kB (UME) 98*512kB (UME) 33*1024kB (UME) 5*2048kB (UME) 142*4096kB (UM) = 1131600kB [ 1316.275180][T20768] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 1316.291837][T20768] Node 1 Normal: 210*4kB (UME) 68*8kB (UME) 49*16kB (UME) 220*32kB (UME) 110*64kB (UME) 39*128kB (UME) 21*256kB (UME) 8*512kB (UME) 1*1024kB (U) 4*2048kB (UE) 943*4096kB (M) = 3902456kB [ 1316.335836][T20768] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1316.347992][T20768] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 1316.540918][T20768] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1316.575580][T20768] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1316.655178][T20768] 105295 total pagecache pages [ 1316.660101][T20768] 522 pages in swap cache [ 1316.691477][T20768] Free swap = 118724kB [ 1316.695680][T20768] Total swap = 124996kB [ 1316.745503][T20768] 2097051 pages RAM [ 1316.795474][T20768] 0 pages HighMem/MovableOnly [ 1316.820004][T20768] 429985 pages reserved [ 1316.857038][T20768] 0 pages cma reserved [ 1317.042450][T20784] FAULT_INJECTION: forcing a failure. [ 1317.042450][T20784] name failslab, interval 1, probability 0, space 0, times 0 [ 1317.183542][T20784] CPU: 0 UID: 0 PID: 20784 Comm: syz.1.2913 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1317.183593][T20784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1317.183613][T20784] Call Trace: [ 1317.183624][T20784] [ 1317.183655][T20784] dump_stack_lvl+0x16c/0x1f0 [ 1317.183709][T20784] should_fail_ex+0x512/0x640 [ 1317.183753][T20784] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1317.183806][T20784] should_failslab+0xc2/0x120 [ 1317.183838][T20784] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1317.183883][T20784] ? do_syscall_64+0xcd/0x490 [ 1317.183936][T20784] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1317.183968][T20784] ? sock_alloc_inode+0x25/0x1c0 [ 1317.184005][T20784] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1317.184035][T20784] sock_alloc_inode+0x25/0x1c0 [ 1317.184067][T20784] alloc_inode+0x61/0x240 [ 1317.184101][T20784] sock_alloc+0x40/0x280 [ 1317.184132][T20784] sock_create_lite+0x82/0x120 [ 1317.184166][T20784] __netlink_kernel_create+0xbd/0x750 [ 1317.184199][T20784] ? __lock_acquire+0x622/0x1c90 [ 1317.184249][T20784] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1317.184293][T20784] rtnetlink_net_init+0xb9/0x140 [ 1317.184333][T20784] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1317.184375][T20784] ? lockdep_init_map_type+0x5c/0x280 [ 1317.184416][T20784] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 1317.184453][T20784] ? __pfx_rtnetlink_bind+0x10/0x10 [ 1317.184492][T20784] ? lockdep_init_map_type+0x5c/0x280 [ 1317.184537][T20784] ? debug_mutex_init+0x37/0x70 [ 1317.184572][T20784] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1317.184609][T20784] ops_init+0x1df/0x5f0 [ 1317.184659][T20784] setup_net+0x1ff/0x510 [ 1317.184704][T20784] ? lockdep_init_map_type+0x5c/0x280 [ 1317.184748][T20784] ? __pfx_setup_net+0x10/0x10 [ 1317.184799][T20784] ? debug_mutex_init+0x37/0x70 [ 1317.184837][T20784] copy_net_ns+0x2a6/0x5f0 [ 1317.184874][T20784] create_new_namespaces+0x3ea/0xa90 [ 1317.184932][T20784] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1317.184973][T20784] ksys_unshare+0x45b/0xa40 [ 1317.185018][T20784] ? __pfx_ksys_unshare+0x10/0x10 [ 1317.185062][T20784] ? xfd_validate_state+0x61/0x180 [ 1317.185119][T20784] __x64_sys_unshare+0x31/0x40 [ 1317.185163][T20784] do_syscall_64+0xcd/0x490 [ 1317.185214][T20784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1317.185246][T20784] RIP: 0033:0x7efef898e929 [ 1317.185274][T20784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1317.185306][T20784] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1317.185337][T20784] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1317.185358][T20784] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1317.185377][T20784] RBP: 00007efef8a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1317.185396][T20784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1317.185416][T20784] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1317.185459][T20784] [ 1319.446077][T20804] FAULT_INJECTION: forcing a failure. [ 1319.446077][T20804] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1319.460573][T20804] CPU: 1 UID: 0 PID: 20804 Comm: syz.3.2917 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1319.460618][T20804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1319.460637][T20804] Call Trace: [ 1319.460648][T20804] [ 1319.460665][T20804] dump_stack_lvl+0x16c/0x1f0 [ 1319.460715][T20804] should_fail_ex+0x512/0x640 [ 1319.460766][T20804] should_fail_alloc_page+0xe7/0x130 [ 1319.460802][T20804] prepare_alloc_pages+0x3c2/0x610 [ 1319.460839][T20804] ? rcu_is_watching+0x12/0xc0 [ 1319.460878][T20804] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1319.460942][T20804] ? rcu_is_watching+0x12/0xc0 [ 1319.460976][T20804] ? trace_mm_page_alloc+0x11f/0x1a0 [ 1319.461013][T20804] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 1319.461062][T20804] ? __pfx_stack_trace_save+0x10/0x10 [ 1319.461098][T20804] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1319.461160][T20804] ? alloc_vmap_area+0x645/0x29c0 [ 1319.461193][T20804] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 1319.461232][T20804] ? __snd_dma_alloc_pages+0x50/0x90 [ 1319.461270][T20804] ? snd_dma_alloc_dir_pages+0x151/0x240 [ 1319.461308][T20804] ? do_alloc_pages+0x115/0x280 [ 1319.461340][T20804] ? snd_pcm_lib_malloc_pages+0x3df/0x980 [ 1319.461377][T20804] ? snd_pcm_hw_params+0x15e1/0x1b40 [ 1319.461414][T20804] ? snd_pcm_kernel_ioctl+0x147/0x2e0 [ 1319.461450][T20804] ? snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 1319.461490][T20804] ? exit_to_user_mode_loop+0xeb/0x110 [ 1319.461537][T20804] ? do_syscall_64+0x3f6/0x490 [ 1319.461581][T20804] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1319.461620][T20804] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1319.461665][T20804] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1319.461715][T20804] ? policy_nodemask+0xea/0x4e0 [ 1319.461752][T20804] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1319.461802][T20804] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1319.461854][T20804] kasan_populate_vmalloc+0xf1/0x1f0 [ 1319.461918][T20804] alloc_vmap_area+0x959/0x29c0 [ 1319.461976][T20804] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1319.462027][T20804] __get_vm_area_node+0x1ca/0x330 [ 1319.462076][T20804] __vmalloc_node_range_noprof+0x271/0x14b0 [ 1319.462119][T20804] ? __snd_dma_alloc_pages+0x50/0x90 [ 1319.462170][T20804] ? __snd_dma_alloc_pages+0x50/0x90 [ 1319.462211][T20804] ? rcu_is_watching+0x12/0xc0 [ 1319.462250][T20804] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1319.462296][T20804] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1319.462348][T20804] ? __snd_dma_alloc_pages+0x50/0x90 [ 1319.462386][T20804] __vmalloc_node_noprof+0xad/0xf0 [ 1319.462426][T20804] ? __snd_dma_alloc_pages+0x50/0x90 [ 1319.462463][T20804] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 1319.462508][T20804] __snd_dma_alloc_pages+0x50/0x90 [ 1319.462548][T20804] snd_dma_alloc_dir_pages+0x151/0x240 [ 1319.462593][T20804] do_alloc_pages+0x115/0x280 [ 1319.462635][T20804] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 1319.462678][T20804] snd_pcm_hw_params+0x15e1/0x1b40 [ 1319.462725][T20804] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 1319.462765][T20804] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 1319.462806][T20804] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1319.462839][T20804] ? snd_pcm_oss_format_from+0x18/0x140 [ 1319.462892][T20804] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 1319.462943][T20804] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 1319.463003][T20804] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1319.463043][T20804] ? snd_pcm_oss_sync+0x30c/0x840 [ 1319.463106][T20804] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1319.463146][T20804] snd_pcm_oss_sync+0x32e/0x840 [ 1319.463187][T20804] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1319.463222][T20804] snd_pcm_oss_release+0x28b/0x310 [ 1319.463269][T20804] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1319.463302][T20804] __fput+0x402/0xb70 [ 1319.463344][T20804] task_work_run+0x150/0x240 [ 1319.463395][T20804] ? __pfx_task_work_run+0x10/0x10 [ 1319.463444][T20804] ? __pfx___do_sys_close_range+0x10/0x10 [ 1319.463501][T20804] exit_to_user_mode_loop+0xeb/0x110 [ 1319.463554][T20804] do_syscall_64+0x3f6/0x490 [ 1319.463605][T20804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1319.463636][T20804] RIP: 0033:0x7f965098e929 [ 1319.463663][T20804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1319.463695][T20804] RSP: 002b:00007f9651781038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1319.463727][T20804] RAX: 0000000000000000 RBX: 00007f9650bb6080 RCX: 00007f965098e929 [ 1319.463748][T20804] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 1319.463768][T20804] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1319.463787][T20804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1319.463806][T20804] R13: 0000000000000000 R14: 00007f9650bb6080 R15: 00007fff4968e168 [ 1319.463848][T20804] [ 1320.799962][T20809] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2919'. [ 1321.072905][T20814] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2920'. [ 1321.393517][T20818] FAULT_INJECTION: forcing a failure. [ 1321.393517][T20818] name failslab, interval 1, probability 0, space 0, times 0 [ 1321.408704][T20818] CPU: 1 UID: 0 PID: 20818 Comm: syz.2.2921 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1321.408748][T20818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1321.408768][T20818] Call Trace: [ 1321.408778][T20818] [ 1321.408790][T20818] dump_stack_lvl+0x16c/0x1f0 [ 1321.408841][T20818] should_fail_ex+0x512/0x640 [ 1321.408893][T20818] should_failslab+0xc2/0x120 [ 1321.408934][T20818] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1321.408983][T20818] ? __alloc_skb+0x2b2/0x380 [ 1321.409034][T20818] __alloc_skb+0x2b2/0x380 [ 1321.409078][T20818] ? __pfx___alloc_skb+0x10/0x10 [ 1321.409138][T20818] new_skb+0x21/0x230 [ 1321.409189][T20818] aoecmd_cfg+0x21c/0x7d0 [ 1321.409227][T20818] ? __pfx_aoecmd_cfg+0x10/0x10 [ 1321.409274][T20818] ? apparmor_file_permission+0x251/0x400 [ 1321.409318][T20818] ? __pfx_aoechr_write+0x10/0x10 [ 1321.409367][T20818] ? aoechr_write+0x120/0x160 [ 1321.409414][T20818] aoechr_write+0x120/0x160 [ 1321.409463][T20818] vfs_writev+0x5df/0xde0 [ 1321.409518][T20818] ? __pfx_vfs_writev+0x10/0x10 [ 1321.409562][T20818] ? kmem_cache_free+0x2d1/0x4d0 [ 1321.409632][T20818] ? __fget_files+0x20e/0x3c0 [ 1321.409687][T20818] ? do_writev+0x132/0x340 [ 1321.409722][T20818] do_writev+0x132/0x340 [ 1321.409762][T20818] ? __pfx_do_writev+0x10/0x10 [ 1321.409815][T20818] do_syscall_64+0xcd/0x490 [ 1321.409866][T20818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1321.409899][T20818] RIP: 0033:0x7fc58e18e929 [ 1321.409935][T20818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1321.409968][T20818] RSP: 002b:00007fc58f0c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1321.409999][T20818] RAX: ffffffffffffffda RBX: 00007fc58e3b6080 RCX: 00007fc58e18e929 [ 1321.410020][T20818] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000009 [ 1321.410040][T20818] RBP: 00007fc58e210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1321.410059][T20818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1321.410078][T20818] R13: 0000000000000000 R14: 00007fc58e3b6080 R15: 00007ffcbfeca808 [ 1321.410132][T20818] [ 1321.697391][T20818] aoe: skb alloc failure [ 1321.706571][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1321.713132][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1325.334734][T20853] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2929'. [ 1325.751956][ T30] audit: type=1804 audit(3126.170:102): pid=20856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2930" name="/newroot/163/file0" dev="tmpfs" ino=895 res=1 errno=0 [ 1325.824363][ T30] audit: type=1800 audit(3126.190:103): pid=20856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2930" name="file0" dev="tmpfs" ino=895 res=0 errno=0 [ 1326.542974][T20865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2932'. [ 1326.555002][T20864] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2933'. [ 1326.584556][T20865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2932'. [ 1326.599818][T20864] FAULT_INJECTION: forcing a failure. [ 1326.599818][T20864] name failslab, interval 1, probability 0, space 0, times 0 [ 1326.637540][T20864] CPU: 1 UID: 0 PID: 20864 Comm: syz.1.2933 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1326.637589][T20864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1326.637608][T20864] Call Trace: [ 1326.637619][T20864] [ 1326.637633][T20864] dump_stack_lvl+0x16c/0x1f0 [ 1326.637693][T20864] should_fail_ex+0x512/0x640 [ 1326.637738][T20864] ? __kmalloc_noprof+0xbf/0x510 [ 1326.637787][T20864] ? tnode_new+0x25a/0x340 [ 1326.637831][T20864] should_failslab+0xc2/0x120 [ 1326.637861][T20864] __kmalloc_noprof+0xd2/0x510 [ 1326.637918][T20864] tnode_new+0x25a/0x340 [ 1326.637968][T20864] resize+0x7a9/0x22a0 [ 1326.638038][T20864] fib_insert_alias+0x9b9/0xe30 [ 1326.638086][T20864] ? __pfx_rtnl_trylock+0x2/0x10 [ 1326.638129][T20864] fib_trie_unmerge+0x2f9/0xcb0 [ 1326.638166][T20864] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1326.638196][T20864] ? fib_newrule+0x1562/0x1e60 [ 1326.638246][T20864] ? __pfx___mutex_lock+0x10/0x10 [ 1326.638304][T20864] fib_unmerge+0xf8/0x520 [ 1326.638339][T20864] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1326.638393][T20864] fib4_rule_configure+0x383/0x10c0 [ 1326.638444][T20864] fib_newrule+0x35c/0x1e60 [ 1326.638508][T20864] ? __pfx_fib_newrule+0x10/0x10 [ 1326.638562][T20864] ? kfree_skbmem+0x1a4/0x1f0 [ 1326.638639][T20864] ? find_held_lock+0x2b/0x80 [ 1326.638682][T20864] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1326.638729][T20864] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1326.638776][T20864] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1326.638828][T20864] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1326.638880][T20864] rtnetlink_rcv_msg+0x95b/0xe90 [ 1326.638932][T20864] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1326.638991][T20864] ? ref_tracker_free+0x37c/0x830 [ 1326.639046][T20864] netlink_rcv_skb+0x158/0x420 [ 1326.639079][T20864] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1326.639131][T20864] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1326.639179][T20864] ? netlink_deliver_tap+0x1ae/0xd30 [ 1326.639235][T20864] netlink_unicast+0x53a/0x7f0 [ 1326.639273][T20864] ? __pfx_netlink_unicast+0x10/0x10 [ 1326.639316][T20864] netlink_sendmsg+0x8d1/0xdd0 [ 1326.639354][T20864] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1326.639403][T20864] ____sys_sendmsg+0xa98/0xc70 [ 1326.639440][T20864] ? copy_msghdr_from_user+0x10a/0x160 [ 1326.639486][T20864] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1326.639517][T20864] ? __pfx___schedule+0x10/0x10 [ 1326.639563][T20864] ? kfree+0x24f/0x4d0 [ 1326.639611][T20864] ___sys_sendmsg+0x134/0x1d0 [ 1326.639669][T20864] ? __pfx____sys_sendmsg+0x10/0x10 [ 1326.639758][T20864] ? __pfx___might_resched+0x10/0x10 [ 1326.639803][T20864] __sys_sendmmsg+0x200/0x420 [ 1326.639855][T20864] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1326.639914][T20864] ? __pfx_do_futex+0x10/0x10 [ 1326.639978][T20864] ? xfd_validate_state+0x61/0x180 [ 1326.640030][T20864] __x64_sys_sendmmsg+0x9c/0x100 [ 1326.640075][T20864] ? lockdep_hardirqs_on+0x7c/0x110 [ 1326.640118][T20864] do_syscall_64+0xcd/0x490 [ 1326.640167][T20864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1326.640199][T20864] RIP: 0033:0x7efef898e929 [ 1326.640227][T20864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1326.640259][T20864] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1326.640289][T20864] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1326.640310][T20864] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1326.640330][T20864] RBP: 00007efef8a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1326.640348][T20864] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1326.640367][T20864] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1326.640406][T20864] [ 1327.588993][T20872] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2936'. [ 1327.673083][T20874] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2937'. [ 1328.676552][T20891] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2942'. [ 1328.875121][T20892] bridge0: port 3(vlan1) entered blocking state [ 1328.881888][T20892] bridge0: port 3(vlan1) entered disabled state [ 1328.896661][T20892] vlan1: entered allmulticast mode [ 1328.904433][T20892] veth0_vlan: entered allmulticast mode [ 1328.920065][T20892] vlan1: entered promiscuous mode [ 1329.184846][T20892] bridge0: port 3(vlan1) entered blocking state [ 1329.191682][T20892] bridge0: port 3(vlan1) entered forwarding state [ 1329.656928][T20897] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2943'. [ 1329.834386][T20897] FAULT_INJECTION: forcing a failure. [ 1329.834386][T20897] name failslab, interval 1, probability 0, space 0, times 0 [ 1329.890297][T20897] CPU: 1 UID: 0 PID: 20897 Comm: syz.2.2943 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1329.890348][T20897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1329.890367][T20897] Call Trace: [ 1329.890378][T20897] [ 1329.890391][T20897] dump_stack_lvl+0x16c/0x1f0 [ 1329.890444][T20897] should_fail_ex+0x512/0x640 [ 1329.890490][T20897] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1329.890542][T20897] should_failslab+0xc2/0x120 [ 1329.890574][T20897] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1329.890634][T20897] ? fib_insert_alias+0x444/0xe30 [ 1329.890692][T20897] fib_insert_alias+0x444/0xe30 [ 1329.890738][T20897] ? lockdep_rtnl_is_held+0x26/0x40 [ 1329.890776][T20897] ? fib_find_node+0x22b/0x2b0 [ 1329.890823][T20897] fib_trie_unmerge+0x2f9/0xcb0 [ 1329.890861][T20897] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1329.890890][T20897] ? fib_newrule+0x1562/0x1e60 [ 1329.890941][T20897] ? __pfx___mutex_lock+0x10/0x10 [ 1329.890997][T20897] fib_unmerge+0xf8/0x520 [ 1329.891028][T20897] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1329.891079][T20897] fib4_rule_configure+0x383/0x10c0 [ 1329.891130][T20897] fib_newrule+0x35c/0x1e60 [ 1329.891192][T20897] ? __pfx_fib_newrule+0x10/0x10 [ 1329.891238][T20897] ? kfree_skbmem+0x1a4/0x1f0 [ 1329.891311][T20897] ? find_held_lock+0x2b/0x80 [ 1329.891342][T20897] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1329.891384][T20897] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1329.891428][T20897] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1329.891479][T20897] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1329.891528][T20897] rtnetlink_rcv_msg+0x95b/0xe90 [ 1329.891580][T20897] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1329.891656][T20897] ? ref_tracker_free+0x37c/0x830 [ 1329.891708][T20897] netlink_rcv_skb+0x158/0x420 [ 1329.891742][T20897] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1329.891794][T20897] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1329.891841][T20897] ? netlink_deliver_tap+0x1ae/0xd30 [ 1329.891897][T20897] netlink_unicast+0x53a/0x7f0 [ 1329.891934][T20897] ? __pfx_netlink_unicast+0x10/0x10 [ 1329.891979][T20897] netlink_sendmsg+0x8d1/0xdd0 [ 1329.892018][T20897] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1329.892067][T20897] ____sys_sendmsg+0xa98/0xc70 [ 1329.892103][T20897] ? copy_msghdr_from_user+0x10a/0x160 [ 1329.892148][T20897] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1329.892188][T20897] ? kfree+0x24f/0x4d0 [ 1329.892226][T20897] ? futex_unqueue+0x133/0x2c0 [ 1329.892271][T20897] ___sys_sendmsg+0x134/0x1d0 [ 1329.892319][T20897] ? __pfx____sys_sendmsg+0x10/0x10 [ 1329.892405][T20897] ? __pfx___might_resched+0x10/0x10 [ 1329.892449][T20897] __sys_sendmmsg+0x200/0x420 [ 1329.892498][T20897] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1329.892557][T20897] ? __pfx_do_futex+0x10/0x10 [ 1329.892627][T20897] ? xfd_validate_state+0x61/0x180 [ 1329.892678][T20897] __x64_sys_sendmmsg+0x9c/0x100 [ 1329.892723][T20897] ? lockdep_hardirqs_on+0x7c/0x110 [ 1329.892768][T20897] do_syscall_64+0xcd/0x490 [ 1329.892817][T20897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1329.892847][T20897] RIP: 0033:0x7fc58e18e929 [ 1329.892875][T20897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1329.892906][T20897] RSP: 002b:00007fc58f0e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1329.892937][T20897] RAX: ffffffffffffffda RBX: 00007fc58e3b5fa0 RCX: 00007fc58e18e929 [ 1329.892958][T20897] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1329.892977][T20897] RBP: 00007fc58e210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1329.892997][T20897] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1329.893015][T20897] R13: 0000000000000000 R14: 00007fc58e3b5fa0 R15: 00007ffcbfeca808 [ 1329.893057][T20897] [ 1331.580742][T20920] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2950'. [ 1331.865514][T20924] FAULT_INJECTION: forcing a failure. [ 1331.865514][T20924] name failslab, interval 1, probability 0, space 0, times 0 [ 1331.917041][ T30] audit: type=1804 audit(3124.460:104): pid=20925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2952" name="/newroot/112/file0" dev="tmpfs" ino=620 res=1 errno=0 [ 1331.939629][T20925] FAULT_INJECTION: forcing a failure. [ 1331.939629][T20925] name failslab, interval 1, probability 0, space 0, times 0 [ 1331.954649][T20924] CPU: 1 UID: 0 PID: 20924 Comm: syz.1.2951 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1331.954693][T20924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1331.954714][T20924] Call Trace: [ 1331.954725][T20924] [ 1331.954738][T20924] dump_stack_lvl+0x16c/0x1f0 [ 1331.954790][T20924] should_fail_ex+0x512/0x640 [ 1331.954842][T20924] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1331.954893][T20924] should_failslab+0xc2/0x120 [ 1331.954924][T20924] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1331.954970][T20924] ? __proc_create+0xc3/0x8c0 [ 1331.955016][T20924] ? __proc_create+0x2ce/0x8c0 [ 1331.955069][T20924] __proc_create+0x2ce/0x8c0 [ 1331.955121][T20924] ? __pfx___proc_create+0x10/0x10 [ 1331.955166][T20924] ? pcpu_chunk_relocate+0x126/0x190 [ 1331.955225][T20924] proc_create_reg+0x7d/0x180 [ 1331.955260][T20924] proc_create_net_data+0x8e/0x1b0 [ 1331.955312][T20924] ? __pfx_proc_create_net_data+0x10/0x10 [ 1331.955372][T20924] ? __pfx_netlink_net_init+0x10/0x10 [ 1331.955419][T20924] netlink_net_init+0x50/0x70 [ 1331.955462][T20924] ops_init+0x1df/0x5f0 [ 1331.955515][T20924] setup_net+0x1ff/0x510 [ 1331.955560][T20924] ? lockdep_init_map_type+0x5c/0x280 [ 1331.955603][T20924] ? __pfx_setup_net+0x10/0x10 [ 1331.955655][T20924] ? debug_mutex_init+0x37/0x70 [ 1331.955692][T20924] copy_net_ns+0x2a6/0x5f0 [ 1331.955728][T20924] create_new_namespaces+0x3ea/0xa90 [ 1331.955775][T20924] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1331.955833][T20924] ksys_unshare+0x45b/0xa40 [ 1331.955877][T20924] ? __pfx_ksys_unshare+0x10/0x10 [ 1331.955922][T20924] ? xfd_validate_state+0x61/0x180 [ 1331.955979][T20924] __x64_sys_unshare+0x31/0x40 [ 1331.956017][T20924] do_syscall_64+0xcd/0x490 [ 1331.956065][T20924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.956091][T20924] RIP: 0033:0x7efef898e929 [ 1331.956112][T20924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1331.956137][T20924] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1331.956161][T20924] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1331.956178][T20924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1331.956193][T20924] RBP: 00007efef8a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1331.956208][T20924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1331.956223][T20924] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1331.956256][T20924] [ 1332.214626][T20925] CPU: 1 UID: 0 PID: 20925 Comm: syz.0.2952 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1332.214674][T20925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1332.214693][T20925] Call Trace: [ 1332.214705][T20925] [ 1332.214718][T20925] dump_stack_lvl+0x16c/0x1f0 [ 1332.214770][T20925] should_fail_ex+0x512/0x640 [ 1332.214816][T20925] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1332.214871][T20925] should_failslab+0xc2/0x120 [ 1332.214901][T20925] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1332.214951][T20925] ? __pfx__proc_mkdir+0x10/0x10 [ 1332.214977][T20925] ? nf_lwtunnel_net_init+0x38/0xf0 [ 1332.215014][T20925] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 1332.215049][T20925] kmemdup_noprof+0x29/0x60 [ 1332.215096][T20925] nf_lwtunnel_net_init+0x38/0xf0 [ 1332.215130][T20925] ops_init+0x1df/0x5f0 [ 1332.215184][T20925] setup_net+0x1ff/0x510 [ 1332.215229][T20925] ? lockdep_init_map_type+0x5c/0x280 [ 1332.215274][T20925] ? __pfx_setup_net+0x10/0x10 [ 1332.215326][T20925] ? debug_mutex_init+0x37/0x70 [ 1332.215363][T20925] copy_net_ns+0x2a6/0x5f0 [ 1332.215399][T20925] create_new_namespaces+0x3ea/0xa90 [ 1332.215446][T20925] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1332.215486][T20925] ksys_unshare+0x45b/0xa40 [ 1332.215529][T20925] ? __pfx_ksys_unshare+0x10/0x10 [ 1332.215573][T20925] ? xfd_validate_state+0x61/0x180 [ 1332.215637][T20925] __x64_sys_unshare+0x31/0x40 [ 1332.215680][T20925] do_syscall_64+0xcd/0x490 [ 1332.215730][T20925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1332.215761][T20925] RIP: 0033:0x7f962c78e929 [ 1332.215787][T20925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1332.215818][T20925] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1332.215846][T20925] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1332.215868][T20925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1332.215886][T20925] RBP: 00007f962c810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1332.215905][T20925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1332.215923][T20925] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1332.215965][T20925] [ 1332.216051][ T30] audit: type=1800 audit(3124.460:105): pid=20925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2952" name="file0" dev="tmpfs" ino=620 res=0 errno=0 [ 1332.479627][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1332.486083][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1335.740927][T20963] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2957'. [ 1336.143963][T20967] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2960'. [ 1336.145089][T20963] FAULT_INJECTION: forcing a failure. [ 1336.145089][T20963] name failslab, interval 1, probability 0, space 0, times 0 [ 1336.202894][T20970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2960'. [ 1336.231574][T20963] CPU: 1 UID: 0 PID: 20963 Comm: syz.2.2957 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1336.231620][T20963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1336.231637][T20963] Call Trace: [ 1336.231647][T20963] [ 1336.231659][T20963] dump_stack_lvl+0x16c/0x1f0 [ 1336.231705][T20963] should_fail_ex+0x512/0x640 [ 1336.231748][T20963] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1336.231797][T20963] should_failslab+0xc2/0x120 [ 1336.231837][T20963] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1336.231882][T20963] ? fib_insert_alias+0x444/0xe30 [ 1336.231934][T20963] fib_insert_alias+0x444/0xe30 [ 1336.231982][T20963] ? lockdep_rtnl_is_held+0x26/0x40 [ 1336.232019][T20963] ? fib_find_node+0x22b/0x2b0 [ 1336.232067][T20963] fib_trie_unmerge+0x2f9/0xcb0 [ 1336.232104][T20963] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1336.232134][T20963] ? fib_newrule+0x1562/0x1e60 [ 1336.232185][T20963] ? __pfx___mutex_lock+0x10/0x10 [ 1336.232243][T20963] fib_unmerge+0xf8/0x520 [ 1336.232277][T20963] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1336.232329][T20963] fib4_rule_configure+0x383/0x10c0 [ 1336.232379][T20963] fib_newrule+0x35c/0x1e60 [ 1336.232443][T20963] ? __pfx_fib_newrule+0x10/0x10 [ 1336.232489][T20963] ? kfree_skbmem+0x1a4/0x1f0 [ 1336.232571][T20963] ? find_held_lock+0x2b/0x80 [ 1336.232604][T20963] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1336.232652][T20963] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1336.232697][T20963] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1336.232747][T20963] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1336.232798][T20963] rtnetlink_rcv_msg+0x95b/0xe90 [ 1336.232864][T20963] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1336.232926][T20963] ? ref_tracker_free+0x37c/0x830 [ 1336.232975][T20963] netlink_rcv_skb+0x158/0x420 [ 1336.233007][T20963] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1336.233059][T20963] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1336.233109][T20963] ? netlink_deliver_tap+0x1ae/0xd30 [ 1336.233170][T20963] netlink_unicast+0x53a/0x7f0 [ 1336.233209][T20963] ? __pfx_netlink_unicast+0x10/0x10 [ 1336.233254][T20963] netlink_sendmsg+0x8d1/0xdd0 [ 1336.233294][T20963] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1336.233344][T20963] ____sys_sendmsg+0xa98/0xc70 [ 1336.233381][T20963] ? copy_msghdr_from_user+0x10a/0x160 [ 1336.233427][T20963] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1336.233468][T20963] ? kfree+0x24f/0x4d0 [ 1336.233508][T20963] ? futex_unqueue+0x133/0x2c0 [ 1336.233552][T20963] ___sys_sendmsg+0x134/0x1d0 [ 1336.233599][T20963] ? __pfx____sys_sendmsg+0x10/0x10 [ 1336.233686][T20963] ? __pfx___might_resched+0x10/0x10 [ 1336.233731][T20963] __sys_sendmmsg+0x200/0x420 [ 1336.233783][T20963] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1336.233850][T20963] ? __pfx_do_futex+0x10/0x10 [ 1336.233913][T20963] ? xfd_validate_state+0x61/0x180 [ 1336.233966][T20963] __x64_sys_sendmmsg+0x9c/0x100 [ 1336.234012][T20963] ? lockdep_hardirqs_on+0x7c/0x110 [ 1336.234057][T20963] do_syscall_64+0xcd/0x490 [ 1336.234108][T20963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1336.234141][T20963] RIP: 0033:0x7fc58e18e929 [ 1336.234174][T20963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1336.234204][T20963] RSP: 002b:00007fc58f0e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1336.234237][T20963] RAX: ffffffffffffffda RBX: 00007fc58e3b5fa0 RCX: 00007fc58e18e929 [ 1336.234258][T20963] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 1336.234277][T20963] RBP: 00007fc58e210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1336.234296][T20963] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 1336.234314][T20963] R13: 0000000000000000 R14: 00007fc58e3b5fa0 R15: 00007ffcbfeca808 [ 1336.234356][T20963] [ 1339.300483][T20990] aoe: skb alloc failure [ 1339.330861][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1339.337281][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1340.644447][T21006] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2970'. [ 1349.220335][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1355 with max blocks 18 with error 117 [ 1349.252066][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1349.252066][ T36] [ 1349.800162][T21100] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2985'. [ 1350.281437][T21111] FAULT_INJECTION: forcing a failure. [ 1350.281437][T21111] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.464110][T21111] CPU: 1 UID: 0 PID: 21111 Comm: syz.3.2987 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1350.464153][T21111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1350.464170][T21111] Call Trace: [ 1350.464180][T21111] [ 1350.464193][T21111] dump_stack_lvl+0x16c/0x1f0 [ 1350.464245][T21111] should_fail_ex+0x512/0x640 [ 1350.464285][T21111] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1350.464337][T21111] should_failslab+0xc2/0x120 [ 1350.464367][T21111] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1350.464415][T21111] ? kvasprintf_const+0x66/0x1a0 [ 1350.464452][T21111] kvasprintf+0xbc/0x160 [ 1350.464492][T21111] ? __pfx_kvasprintf+0x10/0x10 [ 1350.464524][T21111] ? rcu_read_unlock+0x17/0x60 [ 1350.464553][T21111] ? kernel_text_address+0x8d/0x100 [ 1350.464609][T21111] kvasprintf_const+0x66/0x1a0 [ 1350.464640][T21111] kobject_set_name_vargs+0x5a/0x140 [ 1350.464671][T21111] dev_set_name+0xc7/0x100 [ 1350.464706][T21111] ? __pfx_dev_set_name+0x10/0x10 [ 1350.464742][T21111] ? rcu_is_watching+0x12/0xc0 [ 1350.464786][T21111] ? trace_kmalloc+0x2b/0xd0 [ 1350.464814][T21111] ? __kmalloc_noprof.cold+0x5c/0x61 [ 1350.464862][T21111] ? wiphy_new_nm+0x797/0x2160 [ 1350.464895][T21111] wiphy_new_nm+0x811/0x2160 [ 1350.464925][T21111] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1350.464958][T21111] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1350.464990][T21111] ieee80211_alloc_hw_nm+0x1b7a/0x2260 [ 1350.465021][T21111] ? __local_bh_enable_ip+0xa4/0x120 [ 1350.465061][T21111] mac80211_hwsim_new_radio+0x1d4/0x54d0 [ 1350.465122][T21111] ? __asan_memset+0x23/0x50 [ 1350.465162][T21111] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1350.465216][T21111] hwsim_new_radio_nl+0xb51/0x12c0 [ 1350.465262][T21111] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1350.465317][T21111] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1350.465365][T21111] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1350.465412][T21111] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1350.465452][T21111] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1350.465488][T21111] ? trace_cap_capable+0x18d/0x200 [ 1350.465526][T21111] ? bpf_lsm_capable+0x9/0x10 [ 1350.465560][T21111] ? security_capable+0x7e/0x260 [ 1350.465585][T21111] ? ns_capable+0xd7/0x110 [ 1350.465607][T21111] genl_rcv_msg+0x55c/0x800 [ 1350.465633][T21111] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1350.465656][T21111] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1350.465692][T21111] netlink_rcv_skb+0x158/0x420 [ 1350.465711][T21111] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1350.465735][T21111] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1350.465771][T21111] ? netlink_deliver_tap+0x1ae/0xd30 [ 1350.465805][T21111] genl_rcv+0x28/0x40 [ 1350.465824][T21111] netlink_unicast+0x53a/0x7f0 [ 1350.465847][T21111] ? __pfx_netlink_unicast+0x10/0x10 [ 1350.465872][T21111] netlink_sendmsg+0x8d1/0xdd0 [ 1350.465895][T21111] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1350.465922][T21111] ____sys_sendmsg+0xa98/0xc70 [ 1350.465944][T21111] ? copy_msghdr_from_user+0x10a/0x160 [ 1350.465971][T21111] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1350.466002][T21111] ___sys_sendmsg+0x134/0x1d0 [ 1350.466031][T21111] ? __pfx____sys_sendmsg+0x10/0x10 [ 1350.466056][T21111] ? __lock_acquire+0x622/0x1c90 [ 1350.466110][T21111] __sys_sendmsg+0x16d/0x220 [ 1350.466138][T21111] ? __pfx___sys_sendmsg+0x10/0x10 [ 1350.466180][T21111] do_syscall_64+0xcd/0x490 [ 1350.466209][T21111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1350.466228][T21111] RIP: 0033:0x7f965098e929 [ 1350.466246][T21111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1350.466265][T21111] RSP: 002b:00007f965171e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1350.466284][T21111] RAX: ffffffffffffffda RBX: 00007f9650bb6320 RCX: 00007f965098e929 [ 1350.466296][T21111] RDX: 0000000004000800 RSI: 0000200000000e00 RDI: 0000000000000006 [ 1350.466307][T21111] RBP: 00007f965171e090 R08: 0000000000000000 R09: 0000000000000000 [ 1350.466318][T21111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1350.466328][T21111] R13: 0000000000000000 R14: 00007f9650bb6320 R15: 00007fff4968e168 [ 1350.466351][T21111] [ 1352.127736][T21114] zswap: compressor not available [ 1352.683459][T21124] ima: policy update failed [ 1352.688360][ T30] audit: type=1802 audit(3135.860:106): pid=21124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2989" res=0 errno=0 [ 1352.774901][T21127] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2989'. [ 1355.031562][T21151] FAULT_INJECTION: forcing a failure. [ 1355.031562][T21151] name failslab, interval 1, probability 0, space 0, times 0 [ 1355.060861][T21151] CPU: 1 UID: 0 PID: 21151 Comm: syz.0.2995 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1355.060911][T21151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1355.060931][T21151] Call Trace: [ 1355.060942][T21151] [ 1355.060954][T21151] dump_stack_lvl+0x16c/0x1f0 [ 1355.061016][T21151] should_fail_ex+0x512/0x640 [ 1355.061059][T21151] ? __kmalloc_noprof+0xbf/0x510 [ 1355.061110][T21151] ? __register_sysctl_table+0xea2/0x1900 [ 1355.061165][T21151] should_failslab+0xc2/0x120 [ 1355.061196][T21151] __kmalloc_noprof+0xd2/0x510 [ 1355.061237][T21151] ? __register_sysctl_table+0xe8e/0x1900 [ 1355.061296][T21151] __register_sysctl_table+0xea2/0x1900 [ 1355.061354][T21151] ? __pfx___register_sysctl_table+0x10/0x10 [ 1355.061402][T21151] ? is_module_address+0x69/0xf0 [ 1355.061444][T21151] ? register_net_sysctl_sz+0x228/0x3e0 [ 1355.061475][T21151] ? __asan_memcpy+0x3c/0x60 [ 1355.061519][T21151] nf_log_net_init+0x109/0x450 [ 1355.061569][T21151] ? __pfx_nf_log_net_init+0x10/0x10 [ 1355.061624][T21151] ops_init+0x1df/0x5f0 [ 1355.061679][T21151] setup_net+0x1ff/0x510 [ 1355.061723][T21151] ? lockdep_init_map_type+0x5c/0x280 [ 1355.061775][T21151] ? __pfx_setup_net+0x10/0x10 [ 1355.061826][T21151] ? debug_mutex_init+0x37/0x70 [ 1355.061881][T21151] copy_net_ns+0x2a6/0x5f0 [ 1355.061918][T21151] create_new_namespaces+0x3ea/0xa90 [ 1355.061966][T21151] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1355.062006][T21151] ksys_unshare+0x45b/0xa40 [ 1355.062049][T21151] ? __pfx_ksys_unshare+0x10/0x10 [ 1355.062091][T21151] ? xfd_validate_state+0x61/0x180 [ 1355.062147][T21151] __x64_sys_unshare+0x31/0x40 [ 1355.062188][T21151] do_syscall_64+0xcd/0x490 [ 1355.062233][T21151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1355.062265][T21151] RIP: 0033:0x7f962c78e929 [ 1355.062303][T21151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1355.062332][T21151] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1355.062365][T21151] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1355.062387][T21151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1355.062406][T21151] RBP: 00007f962c810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1355.062426][T21151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1355.062445][T21151] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1355.062488][T21151] [ 1355.063411][T21151] sysctl could not get directory: /net/netfilter/nf_log -12 [ 1356.816739][T21167] FAULT_INJECTION: forcing a failure. [ 1356.816739][T21167] name failslab, interval 1, probability 0, space 0, times 0 [ 1356.866644][T21167] CPU: 0 UID: 0 PID: 21167 Comm: syz.0.2998 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1356.866700][T21167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1356.866719][T21167] Call Trace: [ 1356.866731][T21167] [ 1356.866744][T21167] dump_stack_lvl+0x16c/0x1f0 [ 1356.866796][T21167] should_fail_ex+0x512/0x640 [ 1356.866841][T21167] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 1356.866892][T21167] should_failslab+0xc2/0x120 [ 1356.866922][T21167] __kmalloc_cache_node_noprof+0x6d/0x420 [ 1356.866970][T21167] ? blkg_alloc+0xb7/0xb00 [ 1356.867006][T21167] blkg_alloc+0xb7/0xb00 [ 1356.867047][T21167] blkcg_init_disk+0x51/0x160 [ 1356.867089][T21167] __alloc_disk_node+0x299/0x630 [ 1356.867140][T21167] __blk_mq_alloc_disk+0x89/0x120 [ 1356.867188][T21167] loop_add+0x49e/0xb70 [ 1356.867224][T21167] ? do_vfs_ioctl+0x523/0x1a60 [ 1356.867262][T21167] ? __pfx_loop_add+0x10/0x10 [ 1356.867292][T21167] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1356.867355][T21167] ? find_held_lock+0x2b/0x80 [ 1356.867394][T21167] loop_control_ioctl+0x13e/0x630 [ 1356.867432][T21167] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1356.867473][T21167] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1356.867513][T21167] __x64_sys_ioctl+0x18e/0x210 [ 1356.867562][T21167] do_syscall_64+0xcd/0x490 [ 1356.867613][T21167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1356.867647][T21167] RIP: 0033:0x7f962c78e929 [ 1356.867674][T21167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1356.867705][T21167] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1356.867736][T21167] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1356.867756][T21167] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 1356.867775][T21167] RBP: 00007f962c810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1356.867793][T21167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1356.867812][T21167] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1356.867853][T21167] [ 1366.983511][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1367.000768][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1368.221024][T21296] FAULT_INJECTION: forcing a failure. [ 1368.221024][T21296] name failslab, interval 1, probability 0, space 0, times 0 [ 1368.280567][T21296] CPU: 0 UID: 0 PID: 21296 Comm: syz.0.3028 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1368.280600][T21296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1368.280612][T21296] Call Trace: [ 1368.280620][T21296] [ 1368.280633][T21296] dump_stack_lvl+0x16c/0x1f0 [ 1368.280682][T21296] should_fail_ex+0x512/0x640 [ 1368.280730][T21296] ? aa_label_asxprint+0x75/0x140 [ 1368.280750][T21296] should_failslab+0xc2/0x120 [ 1368.280771][T21296] __kmalloc_noprof+0xd2/0x510 [ 1368.280804][T21296] aa_label_asxprint+0x75/0x140 [ 1368.280825][T21296] apparmor_lsmprop_to_secctx+0xb2/0x1a0 [ 1368.280852][T21296] security_lsmprop_to_secctx+0x94/0x260 [ 1368.280878][T21296] audit_log_task_context+0x134/0x1a0 [ 1368.280904][T21296] ? __pfx_audit_log_task_context+0x10/0x10 [ 1368.280930][T21296] ? from_kuid+0x8d/0xd0 [ 1368.280956][T21296] ? __pfx_from_kuid+0x10/0x10 [ 1368.280989][T21296] integrity_audit_message+0x269/0x580 [ 1368.281017][T21296] ? __pfx_integrity_audit_message+0x10/0x10 [ 1368.281044][T21296] ? __pfx_ima_add_template_entry+0x10/0x10 [ 1368.281075][T21296] integrity_audit_msg+0x41/0x60 [ 1368.281102][T21296] ima_add_violation+0x1b4/0x3d0 [ 1368.281124][T21296] ? __pfx_ima_add_violation+0x10/0x10 [ 1368.281141][T21296] ? ima_d_path+0x12b/0x2a0 [ 1368.281159][T21296] ? __pfx_ima_d_path+0x10/0x10 [ 1368.281181][T21296] ? lockdep_init_map_type+0x5c/0x280 [ 1368.281221][T21296] ? ima_inode_get+0x39e/0x580 [ 1368.281266][T21296] process_measurement+0x1783/0x23e0 [ 1368.281322][T21296] ? __pfx_process_measurement+0x10/0x10 [ 1368.281354][T21296] ? futex_unqueue+0x133/0x2c0 [ 1368.281403][T21296] ? __futex_hash.constprop.0+0x1e9/0x440 [ 1368.281430][T21296] ima_file_mmap+0x1b1/0x1d0 [ 1368.281457][T21296] ? __pfx_ima_file_mmap+0x10/0x10 [ 1368.281483][T21296] ? __lock_acquire+0x622/0x1c90 [ 1368.281522][T21296] security_mmap_file+0x88c/0x990 [ 1368.281548][T21296] vm_mmap_pgoff+0xec/0x450 [ 1368.281569][T21296] ? find_held_lock+0x2b/0x80 [ 1368.281589][T21296] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1368.281612][T21296] ? __fget_files+0x20e/0x3c0 [ 1368.281643][T21296] ksys_mmap_pgoff+0x32c/0x5c0 [ 1368.281669][T21296] __x64_sys_mmap+0x125/0x190 [ 1368.281698][T21296] do_syscall_64+0xcd/0x490 [ 1368.281729][T21296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1368.281748][T21296] RIP: 0033:0x7f962c78e929 [ 1368.281767][T21296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1368.281786][T21296] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1368.281805][T21296] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1368.281818][T21296] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 1368.281836][T21296] RBP: 00007f962c810b39 R08: 0000000000000003 R09: 0000000000000000 [ 1368.281854][T21296] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 1368.281872][T21296] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1368.281912][T21296] [ 1368.631076][T21296] audit: error in audit_log_task_context [ 1368.667558][ T30] audit: type=1804 audit(3126.330:107): pid=21296 uid=0 auid=4294967295 ses=4294967295 op=invalid_pcr cause=open_writers comm="syz.0.3028" name=2F6E6577726F6F742F3133312F307830303036303030300A dev="tmpfs" ino=721 res=1 errno=0 [ 1369.042465][ T30] audit: type=1800 audit(3126.770:108): pid=21296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3028" name=307830303036303030300A dev="tmpfs" ino=721 res=0 errno=0 [ 1369.839036][T21305] FAULT_INJECTION: forcing a failure. [ 1369.839036][T21305] name failslab, interval 1, probability 0, space 0, times 0 [ 1369.880623][T21305] CPU: 0 UID: 0 PID: 21305 Comm: syz.1.3029 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1369.880676][T21305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1369.880696][T21305] Call Trace: [ 1369.880707][T21305] [ 1369.880720][T21305] dump_stack_lvl+0x16c/0x1f0 [ 1369.880771][T21305] should_fail_ex+0x512/0x640 [ 1369.880815][T21305] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1369.880859][T21305] should_failslab+0xc2/0x120 [ 1369.880899][T21305] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1369.880941][T21305] ? ima_add_digest_entry+0x52/0x540 [ 1369.880991][T21305] ima_add_digest_entry+0x52/0x540 [ 1369.881042][T21305] ima_add_template_entry+0x478/0x870 [ 1369.881098][T21305] ? __pfx_ima_add_template_entry+0x10/0x10 [ 1369.881148][T21305] ? ima_alloc_init_template+0x536/0x720 [ 1369.881191][T21305] ima_add_violation+0x17f/0x3d0 [ 1369.881227][T21305] ? __pfx_ima_add_violation+0x10/0x10 [ 1369.881257][T21305] ? ima_d_path+0x12b/0x2a0 [ 1369.881287][T21305] ? __pfx_ima_d_path+0x10/0x10 [ 1369.881326][T21305] ? lockdep_init_map_type+0x5c/0x280 [ 1369.881372][T21305] ? ima_inode_get+0x39e/0x580 [ 1369.881423][T21305] process_measurement+0x1783/0x23e0 [ 1369.881495][T21305] ? __pfx_process_measurement+0x10/0x10 [ 1369.881551][T21305] ? futex_unqueue+0x133/0x2c0 [ 1369.881652][T21305] ? __futex_hash.constprop.0+0x1e9/0x440 [ 1369.881703][T21305] ima_file_mmap+0x1b1/0x1d0 [ 1369.881749][T21305] ? __pfx_ima_file_mmap+0x10/0x10 [ 1369.881792][T21305] ? __lock_acquire+0x622/0x1c90 [ 1369.881848][T21305] security_mmap_file+0x88c/0x990 [ 1369.881893][T21305] vm_mmap_pgoff+0xec/0x450 [ 1369.881928][T21305] ? find_held_lock+0x2b/0x80 [ 1369.881960][T21305] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1369.882002][T21305] ? __fget_files+0x20e/0x3c0 [ 1369.882056][T21305] ksys_mmap_pgoff+0x32c/0x5c0 [ 1369.882101][T21305] __x64_sys_mmap+0x125/0x190 [ 1369.882153][T21305] do_syscall_64+0xcd/0x490 [ 1369.882204][T21305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1369.882235][T21305] RIP: 0033:0x7efef898e929 [ 1369.882261][T21305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1369.882292][T21305] RSP: 002b:00007efef9805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1369.882323][T21305] RAX: ffffffffffffffda RBX: 00007efef8bb5fa0 RCX: 00007efef898e929 [ 1369.882343][T21305] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 1369.882362][T21305] RBP: 00007efef8a10b39 R08: 0000000000000003 R09: 0000000000000000 [ 1369.882381][T21305] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 1369.882400][T21305] R13: 0000000000000000 R14: 00007efef8bb5fa0 R15: 00007ffe7936d1d8 [ 1369.882442][T21305] [ 1370.403854][T21305] ima: OUT OF MEMORY ERROR creating queue entry [ 1370.590746][ T30] audit: type=1804 audit(3128.660:109): pid=21305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.3029" name=2F6E6577726F6F742F3138392F307830303036303030300A dev="tmpfs" ino=1033 res=0 errno=0 [ 1370.616650][ T30] audit: type=1804 audit(3128.660:110): pid=21305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3029" name=2F6E6577726F6F742F3138392F307830303036303030300A dev="tmpfs" ino=1033 res=0 errno=0 [ 1370.642994][ T30] audit: type=1800 audit(3128.660:111): pid=21305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3029" name=307830303036303030300A dev="tmpfs" ino=1033 res=0 errno=0 [ 1372.790094][T21347] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3041'. [ 1375.731697][T21386] binder: 21385:21386 ioctl c018620b 0 returned -14 [ 1375.853254][T21387] binder: 21385:21387 ioctl 400c620e 0 returned -22 [ 1375.919968][T21387] FAULT_INJECTION: forcing a failure. [ 1375.919968][T21387] name failslab, interval 1, probability 0, space 0, times 0 [ 1376.084890][T21387] CPU: 1 UID: 0 PID: 21387 Comm: syz.3.3048 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1376.084934][T21387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1376.084952][T21387] Call Trace: [ 1376.084962][T21387] [ 1376.084975][T21387] dump_stack_lvl+0x16c/0x1f0 [ 1376.085021][T21387] should_fail_ex+0x512/0x640 [ 1376.085061][T21387] ? __kvmalloc_node_noprof+0x124/0x620 [ 1376.085109][T21387] should_failslab+0xc2/0x120 [ 1376.085140][T21387] __kvmalloc_node_noprof+0x137/0x620 [ 1376.085184][T21387] ? seq_read_iter+0x826/0x12c0 [ 1376.085231][T21387] ? seq_read_iter+0x826/0x12c0 [ 1376.085268][T21387] seq_read_iter+0x826/0x12c0 [ 1376.085309][T21387] ? aa_file_perm+0x4d6/0xfb0 [ 1376.085363][T21387] seq_read+0x39e/0x4e0 [ 1376.085402][T21387] ? __pfx_seq_read+0x10/0x10 [ 1376.085436][T21387] ? __lock_acquire+0xb8a/0x1c90 [ 1376.085494][T21387] ? get_pid_task+0xfc/0x250 [ 1376.085557][T21387] full_proxy_read+0x13f/0x200 [ 1376.085590][T21387] ? __pfx_full_proxy_read+0x10/0x10 [ 1376.085622][T21387] vfs_read+0x1e1/0xc60 [ 1376.085670][T21387] ? __pfx___mutex_lock+0x10/0x10 [ 1376.085714][T21387] ? __pfx_vfs_read+0x10/0x10 [ 1376.085767][T21387] ? __fget_files+0x20e/0x3c0 [ 1376.085822][T21387] ksys_read+0x12a/0x250 [ 1376.085864][T21387] ? __pfx_ksys_read+0x10/0x10 [ 1376.085919][T21387] do_syscall_64+0xcd/0x490 [ 1376.085968][T21387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1376.085999][T21387] RIP: 0033:0x7f965098e929 [ 1376.086026][T21387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1376.086056][T21387] RSP: 002b:00007f9651781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1376.086087][T21387] RAX: ffffffffffffffda RBX: 00007f9650bb6080 RCX: 00007f965098e929 [ 1376.086107][T21387] RDX: 0000000000000051 RSI: 0000200000000180 RDI: 0000000000000008 [ 1376.086126][T21387] RBP: 00007f9651781090 R08: 0000000000000000 R09: 0000000000000000 [ 1376.086145][T21387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1376.086162][T21387] R13: 0000000000000000 R14: 00007f9650bb6080 R15: 00007fff4968e168 [ 1376.086204][T21387] [ 1377.378040][T21395] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3049'. [ 1379.161611][T21425] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3057'. [ 1379.761531][T21430] nvme_fabrics: missing parameter 'transport=%s' [ 1379.768588][T21430] nvme_fabrics: missing parameter 'nqn=%s' [ 1384.132829][T21482] FAULT_INJECTION: forcing a failure. [ 1384.132829][T21482] name failslab, interval 1, probability 0, space 0, times 0 [ 1384.145868][T21482] CPU: 0 UID: 0 PID: 21482 Comm: syz.3.3066 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1384.145897][T21482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1384.145909][T21482] Call Trace: [ 1384.145915][T21482] [ 1384.145923][T21482] dump_stack_lvl+0x16c/0x1f0 [ 1384.145955][T21482] should_fail_ex+0x512/0x640 [ 1384.145983][T21482] ? fs_reclaim_acquire+0xae/0x150 [ 1384.146007][T21482] should_failslab+0xc2/0x120 [ 1384.146027][T21482] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1384.146055][T21482] ? security_inode_alloc+0x3b/0x2b0 [ 1384.146079][T21482] security_inode_alloc+0x3b/0x2b0 [ 1384.146105][T21482] inode_init_always_gfp+0xce4/0x1030 [ 1384.146154][T21482] alloc_inode+0x86/0x240 [ 1384.146185][T21482] sock_alloc+0x40/0x280 [ 1384.146205][T21482] sock_create_lite+0x82/0x120 [ 1384.146224][T21482] __netlink_kernel_create+0xbd/0x750 [ 1384.146244][T21482] ? __lock_acquire+0x622/0x1c90 [ 1384.146271][T21482] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1384.146296][T21482] rtnetlink_net_init+0xb9/0x140 [ 1384.146321][T21482] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1384.146346][T21482] ? lockdep_init_map_type+0x5c/0x280 [ 1384.146372][T21482] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 1384.146395][T21482] ? __pfx_rtnetlink_bind+0x10/0x10 [ 1384.146420][T21482] ? lockdep_init_map_type+0x5c/0x280 [ 1384.146448][T21482] ? debug_mutex_init+0x37/0x70 [ 1384.146470][T21482] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1384.146494][T21482] ops_init+0x1df/0x5f0 [ 1384.146531][T21482] setup_net+0x1ff/0x510 [ 1384.146559][T21482] ? lockdep_init_map_type+0x5c/0x280 [ 1384.146585][T21482] ? __pfx_setup_net+0x10/0x10 [ 1384.146615][T21482] ? debug_mutex_init+0x37/0x70 [ 1384.146636][T21482] copy_net_ns+0x2a6/0x5f0 [ 1384.146658][T21482] create_new_namespaces+0x3ea/0xa90 [ 1384.146684][T21482] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1384.146708][T21482] ksys_unshare+0x45b/0xa40 [ 1384.146735][T21482] ? __pfx_ksys_unshare+0x10/0x10 [ 1384.146761][T21482] ? xfd_validate_state+0x61/0x180 [ 1384.146792][T21482] __x64_sys_unshare+0x31/0x40 [ 1384.146817][T21482] do_syscall_64+0xcd/0x490 [ 1384.146846][T21482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1384.146864][T21482] RIP: 0033:0x7f965098e929 [ 1384.146881][T21482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1384.146900][T21482] RSP: 002b:00007f96517a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1384.146919][T21482] RAX: ffffffffffffffda RBX: 00007f9650bb5fa0 RCX: 00007f965098e929 [ 1384.146931][T21482] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1384.146942][T21482] RBP: 00007f9650a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1384.146953][T21482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1384.146964][T21482] R13: 0000000000000000 R14: 00007f9650bb5fa0 R15: 00007fff4968e168 [ 1384.146986][T21482] [ 1385.096087][T21498] FAULT_INJECTION: forcing a failure. [ 1385.096087][T21498] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1385.138441][T21498] CPU: 0 UID: 0 PID: 21498 Comm: syz.3.3069 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1385.138491][T21498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1385.138512][T21498] Call Trace: [ 1385.138523][T21498] [ 1385.138536][T21498] dump_stack_lvl+0x16c/0x1f0 [ 1385.138589][T21498] should_fail_ex+0x512/0x640 [ 1385.138640][T21498] get_futex_key+0x1d0/0x1540 [ 1385.138682][T21498] ? __pfx_get_futex_key+0x10/0x10 [ 1385.138734][T21498] futex_wake+0xe7/0x4e0 [ 1385.138779][T21498] ? debugfs_file_put+0x72/0xc0 [ 1385.138808][T21498] ? __pfx_futex_wake+0x10/0x10 [ 1385.138850][T21498] ? full_proxy_read+0x154/0x200 [ 1385.138880][T21498] ? __pfx_full_proxy_read+0x10/0x10 [ 1385.138913][T21498] ? vfs_read+0x23b/0xc60 [ 1385.138967][T21498] do_futex+0x1e3/0x350 [ 1385.139008][T21498] ? __pfx_do_futex+0x10/0x10 [ 1385.139059][T21498] __x64_sys_futex+0x1e0/0x4c0 [ 1385.139099][T21498] ? fput+0x70/0xf0 [ 1385.139130][T21498] ? __pfx___x64_sys_futex+0x10/0x10 [ 1385.139171][T21498] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1385.139231][T21498] do_syscall_64+0xcd/0x490 [ 1385.139282][T21498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1385.139315][T21498] RIP: 0033:0x7f965098e929 [ 1385.139343][T21498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1385.139375][T21498] RSP: 002b:00007f96517a20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1385.139407][T21498] RAX: ffffffffffffffda RBX: 00007f9650bb5fa8 RCX: 00007f965098e929 [ 1385.139438][T21498] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9650bb5fac [ 1385.139458][T21498] RBP: 00007f9650bb5fa0 R08: 00007f96517a3000 R09: 0000000000000000 [ 1385.139478][T21498] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f9650bb5fac [ 1385.139499][T21498] R13: 0000000000000000 R14: 00007fff4968e080 R15: 00007fff4968e168 [ 1385.139540][T21498] [ 1385.673601][T21503] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3071'. [ 1386.585532][T21501] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3070'. [ 1386.676439][T21510] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3070'. [ 1391.199098][T21560] [ 1391.201504][T21560] ====================================================== [ 1391.208646][T21560] WARNING: possible circular locking dependency detected [ 1391.215794][T21560] 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 Not tainted [ 1391.222954][T21560] ------------------------------------------------------ [ 1391.230021][T21560] syz.0.3082/21560 is trying to acquire lock: [ 1391.236124][T21560] ffff8881423c67b0 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 1391.246057][T21560] [ 1391.246057][T21560] but task is already holding lock: [ 1391.253469][T21560] ffff8881423c6278 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 1391.264795][T21560] [ 1391.264795][T21560] which lock already depends on the new lock. [ 1391.264795][T21560] [ 1391.275238][T21560] [ 1391.275238][T21560] the existing dependency chain (in reverse order) is: [ 1391.284294][T21560] [ 1391.284294][T21560] -> #3 (&q->q_usage_counter(io)#59){++++}-{0:0}: [ 1391.292980][T21560] blk_alloc_queue+0x619/0x760 [ 1391.298330][T21560] blk_mq_alloc_queue+0x175/0x290 [ 1391.303938][T21560] __blk_mq_alloc_disk+0x29/0x120 [ 1391.309550][T21560] nbd_dev_add+0x4a0/0xbc0 [ 1391.314559][T21560] nbd_init+0x181/0x320 [ 1391.319299][T21560] do_one_initcall+0x120/0x6e0 [ 1391.324657][T21560] kernel_init_freeable+0x5c2/0x900 [ 1391.330576][T21560] kernel_init+0x1c/0x2b0 [ 1391.335495][T21560] ret_from_fork+0x5d7/0x6f0 [ 1391.340674][T21560] ret_from_fork_asm+0x1a/0x30 [ 1391.346022][T21560] [ 1391.346022][T21560] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 1391.353307][T21560] fs_reclaim_acquire+0x102/0x150 [ 1391.359002][T21560] prepare_alloc_pages+0x162/0x610 [ 1391.364871][T21560] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1391.371352][T21560] __alloc_pages_noprof+0xb/0x1b0 [ 1391.377109][T21560] pcpu_populate_chunk+0x110/0xb00 [ 1391.382813][T21560] pcpu_alloc_noprof+0x86a/0x1470 [ 1391.388428][T21560] xt_percpu_counter_alloc+0x13e/0x1b0 [ 1391.394576][T21560] find_check_entry.constprop.0+0xbc/0x9b0 [ 1391.400977][T21560] translate_table+0xc98/0x1720 [ 1391.406426][T21560] ipt_register_table+0x102/0x430 [ 1391.412125][T21560] iptable_nat_table_init+0x4b/0x250 [ 1391.417999][T21560] xt_find_table_lock+0x2e4/0x520 [ 1391.423649][T21560] xt_request_find_table_lock+0x28/0xf0 [ 1391.429952][T21560] get_info+0x190/0x610 [ 1391.434688][T21560] do_ipt_get_ctl+0x169/0xa10 [ 1391.439948][T21560] nf_getsockopt+0x79/0xe0 [ 1391.444936][T21560] ip_getsockopt+0x18c/0x1e0 [ 1391.450107][T21560] tcp_getsockopt+0xa1/0x100 [ 1391.455547][T21560] do_sock_getsockopt+0x3ff/0x800 [ 1391.461155][T21560] __sys_getsockopt+0x123/0x1b0 [ 1391.466679][T21560] __x64_sys_getsockopt+0xbd/0x160 [ 1391.472378][T21560] do_syscall_64+0xcd/0x490 [ 1391.477479][T21560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1391.483949][T21560] [ 1391.483949][T21560] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 1391.491756][T21560] __mutex_lock+0x199/0xb90 [ 1391.496849][T21560] pcpu_alloc_noprof+0xb4c/0x1470 [ 1391.502546][T21560] sbitmap_init_node+0x2fd/0x770 [ 1391.508062][T21560] sbitmap_queue_init_node+0x41/0x560 [ 1391.514011][T21560] blk_mq_init_tags+0x12d/0x2b0 [ 1391.519487][T21560] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 1391.525729][T21560] blk_mq_init_sched+0x30c/0x610 [ 1391.531248][T21560] elevator_switch+0x1e1/0x7f0 [ 1391.536589][T21560] elevator_change+0x2ac/0x400 [ 1391.541931][T21560] elevator_set_default+0x292/0x320 [ 1391.547722][T21560] blk_register_queue+0x393/0x4f0 [ 1391.553334][T21560] __add_disk+0x74a/0xf00 [ 1391.558252][T21560] add_disk_fwnode+0x13f/0x5d0 [ 1391.563612][T21560] nbd_dev_add+0x791/0xbc0 [ 1391.568703][T21560] nbd_init+0x181/0x320 [ 1391.573515][T21560] do_one_initcall+0x120/0x6e0 [ 1391.578855][T21560] kernel_init_freeable+0x5c2/0x900 [ 1391.584639][T21560] kernel_init+0x1c/0x2b0 [ 1391.589636][T21560] ret_from_fork+0x5d7/0x6f0 [ 1391.595074][T21560] ret_from_fork_asm+0x1a/0x30 [ 1391.600431][T21560] [ 1391.600431][T21560] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 1391.608408][T21560] __lock_acquire+0x126f/0x1c90 [ 1391.613950][T21560] lock_acquire+0x179/0x350 [ 1391.619134][T21560] __mutex_lock+0x199/0xb90 [ 1391.624416][T21560] queue_requests_store+0x1c7/0x310 [ 1391.630214][T21560] queue_attr_store+0x276/0x320 [ 1391.635671][T21560] sysfs_kf_write+0xef/0x150 [ 1391.640918][T21560] kernfs_fop_write_iter+0x354/0x510 [ 1391.646826][T21560] iter_file_splice_write+0x91f/0x1150 [ 1391.652965][T21560] direct_splice_actor+0x192/0x6c0 [ 1391.659009][T21560] splice_direct_to_actor+0x342/0xa30 [ 1391.665149][T21560] do_splice_direct+0x174/0x240 [ 1391.670586][T21560] do_sendfile+0xb06/0xe50 [ 1391.675755][T21560] __x64_sys_sendfile64+0x1d8/0x220 [ 1391.681696][T21560] do_syscall_64+0xcd/0x490 [ 1391.686790][T21560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1391.693442][T21560] [ 1391.693442][T21560] other info that might help us debug this: [ 1391.693442][T21560] [ 1391.703890][T21560] Chain exists of: [ 1391.703890][T21560] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#59 [ 1391.703890][T21560] [ 1391.718265][T21560] Possible unsafe locking scenario: [ 1391.718265][T21560] [ 1391.726021][T21560] CPU0 CPU1 [ 1391.731442][T21560] ---- ---- [ 1391.736853][T21560] lock(&q->q_usage_counter(io)#59); [ 1391.742400][T21560] lock(fs_reclaim); [ 1391.749044][T21560] lock(&q->q_usage_counter(io)#59); [ 1391.757021][T21560] lock(&q->elevator_lock); [ 1391.761670][T21560] [ 1391.761670][T21560] *** DEADLOCK *** [ 1391.761670][T21560] [ 1391.769941][T21560] 5 locks held by syz.0.3082/21560: [ 1391.775197][T21560] #0: ffff888035b22428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30 [ 1391.785315][T21560] #1: ffff8880356f3c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 1391.795165][T21560] #2: ffff8880268a4a58 (kn->active#221){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 1391.805367][T21560] #3: ffff8881423c6278 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 1391.817241][T21560] #4: ffff8881423c62b0 (&q->q_usage_counter(queue)#11){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 1391.829334][T21560] [ 1391.829334][T21560] stack backtrace: [ 1391.835296][T21560] CPU: 0 UID: 0 PID: 21560 Comm: syz.0.3082 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1391.835335][T21560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1391.835353][T21560] Call Trace: [ 1391.835363][T21560] [ 1391.835374][T21560] dump_stack_lvl+0x116/0x1f0 [ 1391.835427][T21560] print_circular_bug+0x275/0x350 [ 1391.835468][T21560] check_noncircular+0x14c/0x170 [ 1391.835510][T21560] __lock_acquire+0x126f/0x1c90 [ 1391.835550][T21560] ? __lock_acquire+0xb8a/0x1c90 [ 1391.835591][T21560] lock_acquire+0x179/0x350 [ 1391.835629][T21560] ? queue_requests_store+0x1c7/0x310 [ 1391.835676][T21560] ? __pfx___might_resched+0x10/0x10 [ 1391.835707][T21560] ? do_raw_spin_lock+0x12c/0x2b0 [ 1391.835754][T21560] __mutex_lock+0x199/0xb90 [ 1391.835796][T21560] ? queue_requests_store+0x1c7/0x310 [ 1391.835844][T21560] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1391.835882][T21560] ? queue_requests_store+0x1c7/0x310 [ 1391.835926][T21560] ? lockdep_hardirqs_on+0x7c/0x110 [ 1391.835964][T21560] ? __pfx___mutex_lock+0x10/0x10 [ 1391.836010][T21560] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1391.836051][T21560] ? queue_requests_store+0x1c7/0x310 [ 1391.836094][T21560] queue_requests_store+0x1c7/0x310 [ 1391.836140][T21560] ? __pfx_queue_requests_store+0x10/0x10 [ 1391.836188][T21560] ? __mutex_trylock_common+0xe9/0x250 [ 1391.836229][T21560] ? __pfx_queue_requests_store+0x10/0x10 [ 1391.836275][T21560] queue_attr_store+0x276/0x320 [ 1391.836318][T21560] ? __pfx_queue_attr_store+0x10/0x10 [ 1391.836360][T21560] ? __lock_acquire+0x622/0x1c90 [ 1391.836416][T21560] ? find_held_lock+0x2b/0x80 [ 1391.836447][T21560] ? sysfs_file_kobj+0xe4/0x290 [ 1391.836483][T21560] ? __pfx_queue_attr_store+0x10/0x10 [ 1391.836527][T21560] sysfs_kf_write+0xef/0x150 [ 1391.836563][T21560] kernfs_fop_write_iter+0x354/0x510 [ 1391.836594][T21560] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1391.836628][T21560] iter_file_splice_write+0x91f/0x1150 [ 1391.836675][T21560] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1391.836714][T21560] ? __pfx_copy_splice_read+0x10/0x10 [ 1391.836759][T21560] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1391.836798][T21560] direct_splice_actor+0x192/0x6c0 [ 1391.836838][T21560] splice_direct_to_actor+0x342/0xa30 [ 1391.836876][T21560] ? __pfx_direct_splice_actor+0x10/0x10 [ 1391.836917][T21560] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1391.836959][T21560] do_splice_direct+0x174/0x240 [ 1391.836994][T21560] ? __pfx_do_splice_direct+0x10/0x10 [ 1391.837028][T21560] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1391.837067][T21560] ? rw_verify_area+0xcf/0x680 [ 1391.837106][T21560] do_sendfile+0xb06/0xe50 [ 1391.837147][T21560] ? __pfx_do_sendfile+0x10/0x10 [ 1391.837184][T21560] ? handle_mm_fault+0x2ab/0xd10 [ 1391.837224][T21560] ? __x64_sys_futex+0x1e0/0x4c0 [ 1391.837258][T21560] ? __x64_sys_futex+0x1e9/0x4c0 [ 1391.837295][T21560] __x64_sys_sendfile64+0x1d8/0x220 [ 1391.837323][T21560] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1391.837356][T21560] do_syscall_64+0xcd/0x490 [ 1391.837399][T21560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1391.837438][T21560] RIP: 0033:0x7f962c78e929 [ 1391.837462][T21560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1391.837490][T21560] RSP: 002b:00007f962d675038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1391.837518][T21560] RAX: ffffffffffffffda RBX: 00007f962c9b5fa0 RCX: 00007f962c78e929 [ 1391.837538][T21560] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1391.837555][T21560] RBP: 00007f962c810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1391.837573][T21560] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000 [ 1391.837590][T21560] R13: 0000000000000000 R14: 00007f962c9b5fa0 R15: 00007fff62b4cfb8 [ 1391.837618][T21560]