last executing test programs: 9m37.215864485s ago: executing program 1 (id=5260): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon11\x00', 0x20402, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) readv$auto(0x3, &(0x7f00000000c0)={&(0x7f0000000000), 0x7}, 0x10) ioctl$auto_PROCMAP_QUERY(0xffffffffffffffff, 0xc0686611, &(0x7f0000000000)={0x29ee, 0x17c1, 0x6, 0x800, 0x3, 0x6, 0x7, 0x4, 0x7, 0xa, 0x8ab9, 0x8, 0x3, 0xc39, 0x96}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000003fc0)='/dev/bus/usb/017/001\x00', 0xa300, 0x0) 9m36.237832735s ago: executing program 1 (id=5265): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x8a303, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r3, 0xae03, 0xa) ioctl$auto_USBDEVFS_DISCSIGNAL32(r2, 0x8008550e, &(0x7f0000000000)={0x3503, 0x8}) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/ifb0/iflink\x00', 0x80040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/17, 0x11) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x2882, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x766e, 0x7, 0x62, 0x4000008000001d, 0x7, 0x6d3e, 0x9, 0x1, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto(0xffffffffffffffff, 0x8004510b, 0x3) r5 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) ioctl$auto_VHOST_SET_FEATURES2(r5, 0x4008af00, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x43102, 0x0) syz_clone(0x20a49000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)={0x20, r1, 0x1, 0x703d25, 0x21dfdaf9, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x7ff}]}, 0x20}}, 0x4008880) 9m35.211909582s ago: executing program 1 (id=5267): socket(0x10, 0x2, 0x4) r0 = epoll_create$auto(0x4) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) epoll_ctl$auto(r0, 0x1, r1, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4004040) 9m35.014432979s ago: executing program 1 (id=5269): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000300)='/dev/bus/usb/011/001\x00', 0x2d4a01, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, 0x0, 0x4d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r5, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) r6 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000040)) r7 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r6, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r7, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x7}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0xffffffc5}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x440c0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x102, 0x0) ioctl$auto(r4, 0x89f0, r4) r8 = timerfd_create$auto(0x9, 0x0) timerfd_settime$auto(r8, 0x0, &(0x7f0000000000)={{0x10, 0x3ff}, {0x10, 0x9}}, 0x0) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r1) sendmsg$auto_NL80211_CMD_LEAVE_MESH(r8, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="ec00000070b475fb35ccbb042e8bb7534547ea9b7302344f00835fa62018c262b817bed6b417300cac1dd0ce8cc5d78c497156498fbc74f44bfc6f5df843c6d67f59a729f4034d431aa0a4899ddf48fc42af14c64128c1c7d22be8fc841eaf1ae4d7d38fc581555d36f3897751655b200d468c3258d476c20c646d62db8ae59c02eb562cda37015f2bdcab074132689b7e6a0fddcd8361926bbc221c83690123c5574851a1ac1c89de341ee83af8790dcdd294f76fb2ee805f4476", @ANYRES16=r9, @ANYBLOB="000126bd7000fcdbdf254500000005000a000600000008006900090000000400f400c300d7003c53ff0aee6fba55e502fa948aebf6fe84b2be47b7797d28c9a0595ddf053ae44968f1c4188d2b20001168a4162ed16d3730b4764df9ca7bea7e3f955cc2d0b5144fd7375c1a698c084136b486f8049b762ce647c930fba2c43e69a4bb8bf75ccd72270d5cadab597829347a175f9296830635588db90c317e3a8e7eeb1efe3466f183e6290e3e2f8c7b6f411f1bd573835c384a2047a29784c4efb93e5c3898fa095f1a580d2168e9b0c8ded29c59e3ac5e3836e89991ef4ed582ea9e0fc300"], 0xec}, 0x1, 0x0, 0x0, 0x1}, 0x4000081) 9m33.260474219s ago: executing program 1 (id=5273): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/ip6_flowlabel\x00', 0x42000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setreuid$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) io_uring_setup$auto(0x6, 0x0) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x80000001}, 0x1) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) fchown$auto(0xffffffffffffffff, 0x0, 0x0) flock$auto(0xffffffffffffffff, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/cgroup\x00') r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/cgroup\x00') syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) r3 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r3, 0x0, 0x8fb5) dup2$auto(0x0, 0x3) tkill$auto(0x1, 0x7) sysfs$auto(0x1000006, 0x1, 0x80000000) fcntl$auto(0x3, 0x4, 0xa553) mknod$auto(0x0, 0x1001, 0x4) fcntl$auto(0x3, 0x4, 0xa553) socket(0x1e, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r4, 0xffffffffffffffff, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r4) sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYRES64=r2, @ANYBLOB="104bbcfa7984b612fe8c0a57e3a8d31c87c00043577ff81c3cb224e963700f9a7559e5782486d0a6ad65aa6b6baee527fd37b780dbed361b8d5b1c01fa4a6c1acf14608e80b854080fbcce429ec6800011d29bfc0b5f8f01beceac3a0003633ac7472f6c6cb6040c947dd59f43b6dc04006f0f09a2c4c4c728a4ddfac26daec6747c78f87144ec73915ea24a78fd8b590ff73fe0aff341c5d7d1e50d81dc974e14da2892434e60ee6204ab0419596e3210361e6e1ed4484e1ed9180686d563e73464e86b4929ef51413b83bb0a4a19fe8173560e542eb2", @ANYRESDEC=r1], 0x18}, 0x1, 0x0, 0x0, 0x20000084}, 0x54) 9m31.357724112s ago: executing program 1 (id=5276): openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0) getsockopt$auto_SO_TXREHASH(0xffffffffffffffff, 0x1, 0x4a, 0x0, 0x0) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x5, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x80000541b, 0x38) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x480101, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x23}}, 0x54) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000240)={0x3, 0x81, 0x5b, 0x2, &(0x7f0000000280)="df8ffd0e0fe88b8c8b1cdc85c62b43d253524cdfa6c75162a8ee185e84dde7237c7a12f5eeb1c1f78079f434e99d1b1eddf7323094b7b1c9dd89d18d010100006d91af1b8105cac351711eede10da21a283278dedcb8791f6aa19b1616432b108497d10d020df54c4bce9a1e6f60c676ca7ee9e63d39a40ba03d276c1bd949be8110f55f285e123ed5dc228c1589ba96696277c5be7583603887fa2c28a236025d24368666a4e91cb309ecf663c8c090255f934ab663ce487ef449045d7b44e6db8d4abf151545f68386ca3b24be503290000052074815d1337fbf60e9a8c843d5b7e2358e24beeb19bfc2d42fc708eaac8d87f99c24a95cbf00a0fdc62606f8c717171bf2847e304ebfaf611e00a99850282435600010eca8fcbd8deb6d9966aa4fcf9f9701fd29a855c4b5be77f17c81d1a49d40997904d326690ce868bc192384e95d7915b41447bc2d80da7988fc907290f2a35a8cf788c89f013035ce00adac3d0aad65cdcb81991ea154b367a6fc54938adfc65ecc4dbe0754868cd9f9fe7fec137b81ec61d0fec8c5f536d511b386750fa30a17f618e85fff86178eeac55826a04dcd27052f2642f4a20d3ce40e3180f01245566ce461aeffeb6f000d032d40fbad4ba7f76a8525fcc603ac51d05bc46719499730d1433fb44491f12b18bc404ec3f6ae421677f13440deb11312a7a6142a016d09bcdadb8be6e52ced6aa47a7114079d754f", 0xa, 0xeb90, 0x2, @stream_id=0x100, 0x7, 0x476, 0x0}) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xcf, 0xfffffffffffffffc, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) writev$auto(0xffffffffffffffff, 0x0, 0x3) socket(0x2b, 0xa, 0xf11) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) r5 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_RTC_PARAM_GET(r5, 0x40187013, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="00000400", @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090008000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfc\xff\xff\xff', 0x8587) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000040)="205c2020027e0dc0203af10e9bfa1babfa203753ca9a20370a", 0x19) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) close_range$auto(0x2, 0x8, 0x0) getsockopt$auto_SO_TIMESTAMPNS_NEW(r2, 0x6, 0x40, &(0x7f00000000c0)='/dev/bus/usb/036/001\x00', &(0x7f0000000100)=0x3) 9m30.630985776s ago: executing program 32 (id=5276): openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0) getsockopt$auto_SO_TXREHASH(0xffffffffffffffff, 0x1, 0x4a, 0x0, 0x0) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x5, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x80000541b, 0x38) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x480101, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x23}}, 0x54) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000240)={0x3, 0x81, 0x5b, 0x2, &(0x7f0000000280)="df8ffd0e0fe88b8c8b1cdc85c62b43d253524cdfa6c75162a8ee185e84dde7237c7a12f5eeb1c1f78079f434e99d1b1eddf7323094b7b1c9dd89d18d010100006d91af1b8105cac351711eede10da21a283278dedcb8791f6aa19b1616432b108497d10d020df54c4bce9a1e6f60c676ca7ee9e63d39a40ba03d276c1bd949be8110f55f285e123ed5dc228c1589ba96696277c5be7583603887fa2c28a236025d24368666a4e91cb309ecf663c8c090255f934ab663ce487ef449045d7b44e6db8d4abf151545f68386ca3b24be503290000052074815d1337fbf60e9a8c843d5b7e2358e24beeb19bfc2d42fc708eaac8d87f99c24a95cbf00a0fdc62606f8c717171bf2847e304ebfaf611e00a99850282435600010eca8fcbd8deb6d9966aa4fcf9f9701fd29a855c4b5be77f17c81d1a49d40997904d326690ce868bc192384e95d7915b41447bc2d80da7988fc907290f2a35a8cf788c89f013035ce00adac3d0aad65cdcb81991ea154b367a6fc54938adfc65ecc4dbe0754868cd9f9fe7fec137b81ec61d0fec8c5f536d511b386750fa30a17f618e85fff86178eeac55826a04dcd27052f2642f4a20d3ce40e3180f01245566ce461aeffeb6f000d032d40fbad4ba7f76a8525fcc603ac51d05bc46719499730d1433fb44491f12b18bc404ec3f6ae421677f13440deb11312a7a6142a016d09bcdadb8be6e52ced6aa47a7114079d754f", 0xa, 0xeb90, 0x2, @stream_id=0x100, 0x7, 0x476, 0x0}) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xcf, 0xfffffffffffffffc, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) writev$auto(0xffffffffffffffff, 0x0, 0x3) socket(0x2b, 0xa, 0xf11) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) r5 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_RTC_PARAM_GET(r5, 0x40187013, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="00000400", @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090008000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfc\xff\xff\xff', 0x8587) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000040)="205c2020027e0dc0203af10e9bfa1babfa203753ca9a20370a", 0x19) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) close_range$auto(0x2, 0x8, 0x0) getsockopt$auto_SO_TIMESTAMPNS_NEW(r2, 0x6, 0x40, &(0x7f00000000c0)='/dev/bus/usb/036/001\x00', &(0x7f0000000100)=0x3) 13.356254699s ago: executing program 2 (id=6475): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x1, 0x84) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x5, 0xfffffffffffffffa, 0x1ffdb, 0x0, 0xa, 0x1, 0x9, 0x3, 0x9, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xadd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x8]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x54e3, 0x80000001) setgroups$auto(0xeb2, 0x0) madvise$auto(0x0, 0x200007, 0x19) read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, 0x0, 0x0) 11.140967038s ago: executing program 3 (id=6480): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x0, @rand_addr=0xe0}, 0x55) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x3, 0x4) ioctl$auto(r1, 0xebe1, r2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macsec0\x00'}) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r3, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x1a4, r4, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}]}, @MACSEC_ATTR_SA_CONFIG={0x17d, 0x3, 0x0, 0x1, [@typed={0x5, 0x118, 0x0, 0x0, @str='\x00'}, @nested={0xdc, 0x126, 0x0, 0x1, [@nested={0x4, 0xa1}, @typed={0x9a, 0x108, 0x0, 0x0, @binary="fd310af9c0cb4fcfdde8a7317b275fd28c9e71c4be416bc9e10c72062880d5998839e60c5da9000c094f2e063d6cab28e0119dda6a0e4741d3165a286ff9211283228603a81fc07b5b263c3ede3117f0102de46cfc021c699bbb0dfd2cd79859dd4ca10745626b47afd43a7ac3be478c73f707c15d99a39b56a8d26cc85b22717e4f751e4282f3df79208bbf73ab93d05009cd043412"}, @nested={0x4, 0xd}, @typed={0x8, 0xed, 0x0, 0x0, @pid}, @nested={0x4, 0x110}, @generic="4ea5cac7cb24887cde74bf061dd0cf9519b0bc24df246c86", @typed={0x8, 0xf1, 0x0, 0x0, @pid}, @nested={0x4, 0xa0}, @nested={0x4, 0x6e}]}, @generic="4bd6d4678ba1ee271835e345da499a65162f9fbd25255e331d01e272de05129db799120a65dd89c1d7f022bed058e75e0064e05ef98fb73756566312c133290c33dda0283e36460f1381f06c05fed4f7b5082f8bd2d1bbe9d552d5405b4c6f52219b1c27372cd17f36563d7fbf936ac1d01a250d1cb47542f1d7d29b3c07c6b245720336f78651db92488f526c220ef08ee71c8045"]}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x20040800}, 0x4000040) r5 = bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) rt_tgsigqueueinfo$auto(0x3, 0x96, 0x803, &(0x7f0000000180)={@siginfo_0_0={0x8, 0x7, 0x8000, @_sigpoll={0x8000000000000000, r5}}}) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0xa, 0x3, 0x87) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa, "0019e183e9b1a751a300"}, 0x55) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r6 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) fspick$auto(r6, &(0x7f00000001c0)='./file0\x00', 0x1) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 9.277154738s ago: executing program 2 (id=6482): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/admmidi2\x00', 0x400001, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\@\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100002a3d9) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0xc00000000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x8000000000000003, 0x200006, 0xd83c, 0x40eb1, 0x602, 0x400081) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) pread64$auto(0xffffffffffffffff, 0x0, 0x800003, 0x270) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) getdents$auto(r3, 0x0, 0x5de9) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x404000, 0x0) fchdir$auto(r4) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(0x0, 0x4) prctl$auto(0x3e, 0x4, 0x0, 0xb, 0xea) select$auto(0x400e, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0xd3f, 0x1, 0x948b, 0x20000002, 0x95f4da0a, 0xffffffffffbfffff, 0x3, 0x100000062, 0x80000001, 0x7, 0x6d3f, 0x49, 0x1000000000002, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000100)='/dev/audio1\x00', 0x100000a3dd) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x80d, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) 8.812031076s ago: executing program 3 (id=6484): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xfff, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x103002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0x5) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x0, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/ipvlan0/temp_prefered_lft\x00', 0x42a81, 0x0) sendfile$auto(r2, r1, 0x0, 0x1000202) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) r3 = socket(0x1f, 0x3, 0x2) r4 = socket(0x15, 0x6, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="41869c45", @ANYRES16=0x0, @ANYBLOB="040026bd7000fcdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/power/wakeup_count\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000001c0)=""/17, 0xffffffb8) recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x3, 0x8}, 0x803}, 0x80000000, 0x8, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000040), 0x28000, 0x0) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0x50, 0x0) setsockopt$auto(r3, 0x1, 0x6, 0x0, 0xc089) 7.493635633s ago: executing program 4 (id=6485): unshare$auto(0x40000082) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x981001, 0x0) read$auto_rb_simple_fops_trace(r0, &(0x7f0000000180)=""/227, 0xe3) r1 = getpid() waitid$auto_P_PGID(0x2, r1, &(0x7f0000000340)={@_si_pad}, 0x1, &(0x7f00000003c0)={{0xffffffff, 0xed0e}, {0x2, 0x5}, 0xfffffffffffffff9, 0x7, 0x7, 0x2, 0x1, 0x1, 0x3, 0xfffffffffffffff8, 0xfffffffffffff022, 0x0, 0x800, 0x8000, 0xa7, 0xe}) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, r1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x309, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x204040, 0x0) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) 5.774716164s ago: executing program 3 (id=6488): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000300)='/dev/bus/usb/011/001\x00', 0x2d4a01, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, 0x0, 0x4d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r5, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) r6 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000040)) r7 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r6, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r7, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x7}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0xffffffc5}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x440c0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x102, 0x0) ioctl$auto(r4, 0x89f0, r4) r8 = timerfd_create$auto(0x9, 0x0) timerfd_settime$auto(r8, 0x0, &(0x7f0000000000)={{0x10, 0x3ff}, {0x10, 0x9}}, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r1) sendmsg$auto_NL80211_CMD_LEAVE_MESH(r8, 0x0, 0x4000081) 5.627669304s ago: executing program 4 (id=6489): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000040)={0x0, 0x3}, 0x3) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) lsm_list_modules$auto(0x0, 0x0, 0x0) r2 = socket(0x2, 0x801, 0x106) bind$auto(0x3, 0x0, 0x6b) getsockopt$auto(r2, 0x11c, 0x3, 0x0, 0x0) mmap$auto(0x7fb, 0xa70, 0x10000003, 0x17, 0xfffffffffffffffa, 0x8004) close_range$auto(r0, r1, 0x1) fcntl$auto_F_SETPIPE_SZ(0xffffffffffffffff, 0x407, 0x9) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) r3 = open(0x0, 0x149443, 0x14) r4 = fcntl$auto(r3, 0x409, 0x40003f) r5 = seccomp$auto(0x8af7, 0x8, &(0x7f0000000080)="fb8ed871c4196364b0e048745ca1a6cfda9df67e3e9017a5d58db57fa0dff602f3030375a62ea63ae222ecec358cca9ef4fd262f2ee4627dc25034a919411fce501f9d3df2a5b82f97e08b58c9b83ab586317c1a961d5a087a876a7b7984f74c1cef54f2e0ed27b317a858e7456abd6446bc03b45894c380c915013512d928b7813204d05272") ioctl$auto(r4, 0x6, r5) ioctl$auto_RTC_SET_TIME(r3, 0x4024700a, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r6, 0x0, 0x1f40) 5.411211556s ago: executing program 4 (id=6490): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r0, &(0x7f0000001440)={0x0, 0xf0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a9e1279d7000ffdbdf25010000000500060007000004009600c938565f5a11c4fe68d64f9c94a9000000000000000000000000004f4dabdd7aebb46002cec81c730fdf6c0a61424a54892acf75d9ef1f"], 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x400c810) mmap$auto(0x3, 0x4, 0x7ffffffffdffffff, 0x8000012, r0, 0x4006) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110) io_uring_setup$auto(0x1, 0x0) unshare$auto(0x3b) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) r2 = socket(0x2b, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xf, 0x3, 0x2) mmap$auto(0x0, 0x20009, 0x7, 0xff, 0x401, 0x8000) r3 = socket(0x2, 0x801, 0x109) getsockopt$auto(r3, 0x11c, 0x4, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) shutdown$auto(0x200000003, 0x2) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) pivot_root$auto(&(0x7f0000000080)='..\x00', 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/tty/ptyxe/power/runtime_active_time\x00', 0x2aab42, 0x0) sendfile$auto(r5, r5, 0x0, 0x4f64a1d2) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r6, &(0x7f00000012c0), 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x1e) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0x3, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) 5.094531544s ago: executing program 2 (id=6492): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop15\x00', 0x290000, 0x0) capset$auto(&(0x7f0000000080)={0x895, 0xffffffffffffffff}, &(0x7f00000000c0)={0x4, 0x400, 0x4}) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000100)={"a270f963333460c6173ebe66e13909c114dfa7e146663c4562b7d95fbf61cf23", 0x4, 0x6, 0x1f, 0x6e63, 0x4, r2}) io_uring_setup$auto(0x2, 0x0) socket(0x27, 0x7, 0x0) socket(0x2, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r3, 0x0) 4.130682407s ago: executing program 4 (id=6494): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r0 = openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, 0x0, 0x82622, 0x0) writev$auto(r0, 0x0, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (fail_nth: 5) 3.571159862s ago: executing program 2 (id=6495): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/console\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000440)="671d26", 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x22000, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x88900, 0x0) readv$auto(r1, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) mmap$auto(0x1, 0x6020009, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x8003) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0xc7, &(0x7f0000000180), 0x3) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) mmap$auto(0x8000000000003, 0x20009, 0x8, 0xeb2, 0xffffffffffffffff, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200]}, 0x1fe, 0x81) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) 3.444825715s ago: executing program 4 (id=6496): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x1, 0x84) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x5, 0xfffffffffffffffa, 0x1ffdb, 0x0, 0xa, 0x1, 0x9, 0x3, 0x9, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xadd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x8]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x54e3, 0x80000001) setgroups$auto(0xeb2, 0x0) madvise$auto(0x0, 0x200007, 0x19) read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, 0x0, 0x0) 2.995402258s ago: executing program 3 (id=6497): close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket(0x1d, 0x2, 0x9) bind$auto(r1, &(0x7f0000000100)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x10) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim0/ieee80211/phy0/addresses\x00', 0x82200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/162, 0xa2) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, 0x0, 0x48080) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop1/integrity/device_is_integrity_capable\x00', 0x109080, 0x0) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x400c000) (async) prctl$auto(0x23, 0x20000000000000c, 0x7fffffffefff, 0xfffffffffffffffe, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_GET_TXSC(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x14, r4, 0x186f202170196f7b, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x200008d0}, 0x40080c4) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async, rerun: 32) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) (rerun: 32) fchdir$auto(r5) (async) mkdir$auto(&(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xff) 2.980933582s ago: executing program 0 (id=6498): syz_clone3(&(0x7f0000000080)={0x123060020, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) 2.852833837s ago: executing program 0 (id=6499): socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) move_pages$auto(0x0, 0x3, 0x0, &(0x7f00000000c0)=0xa071, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x29, 0x5, 0x0) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r1, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) sendfile$auto(r0, r0, 0x0, 0x2) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0xa}, 0x7}, 0x3, 0x7fffffff) 2.566222406s ago: executing program 3 (id=6500): futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000340)="e3466055fec4a3c2fbc89686e869c201ff78755178cf538b81f927f3a6d1c492eaedc84c402e81100fa5ac864698556667311f05b163b315479e0c7e050902bbd2b5429244d9146f23a4f5a3044d") ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, 0x0, 0x80000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) futex_wait$auto(0x0, 0x2, 0x1, 0x2, 0xfffffffffffffffe, 0x1) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sysfs$auto(0xad1, 0x9, 0xfffffffffffffffc) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) sysfs$auto(0x4, 0x2, 0x81) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[], 0xb0}, 0x1, 0x0, 0x0, 0x20008000}, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0) read$auto(r4, 0x0, 0x8) syz_genetlink_get_family_id$auto_ethtool(0x0, r3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) r5 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000004c0), 0x40400, 0x0) pread64$auto(r5, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf4\x00\x00\x00\x00\x00\x00', 0x100000002, 0x100000001) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000280)={{0x3, 0x10000, 0x0, 0x1, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) mremap$auto(0x0, 0x40000000006, 0x4, 0x7, 0x200000) socket$nl_generic(0x10, 0x3, 0x10) 2.54385582s ago: executing program 0 (id=6501): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) pipe$auto(0x0) r0 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/devices\x00', 0x600, 0x0) read$auto_proc_mountinfo_operations_mnt_namespace(r0, &(0x7f0000001100)=""/4096, 0x1000) io_uring_setup$auto(0x2, 0x0) r1 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x540, 0x0) dup2$auto(0xffffffffffffffff, r1) socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) r3 = openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x48c02, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/rmi4/drivers/rmi4_f30/unbind\x00', 0x509100, 0x0) read$auto(r6, 0x0, 0x20) writev$auto(r5, &(0x7f0000000200)={0x0, 0x3}, 0x3) accept$auto(r6, 0x0, 0x0) connect$auto(0x3, 0x0, 0x54) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)="bdcd", 0x2) pread64$auto(r3, 0x0, 0x80000000, 0xef) close_range$auto(0x2, r0, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r7) ioctl$auto_KVM_CREATE_VM(r2, 0x4048aecb, 0x0) swapon$auto(&(0x7f00000028c0)='/proc/bus/pci/00/01.3\x00\xd99\xf0q\xb8\xd7]\xa8\xac\x1f\r\x04\x00\x00\x00\x00\x00\x00\x00\xb8\x8a\x8a\x9f\xd9\x9f\x9e\xe3\xfc\\\x18\x9d\xa3x\x97U(\x99\xa8u\x96\xd0\xe6F\xcb\x1eH\xca\x8e)\xf4\xc0z\xbfo\xc4a`\x8fs\xf6\xb9\xe17\x89\x1b^} \xf1\x83\x12\xb5\xa7\xfef\xa6#{15\x89\xfa\xab9\xa3\xb1\x95\x8a\xc9:O\xb5\x89B3\x9aZ{@\xd3<\xe2VC\xe3\xce%\xde=\xd4R\x927\xd9l\x01\x8f2U', 0x3) 1.41159197s ago: executing program 0 (id=6502): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="24008000", @ANYRES16=r1, @ANYBLOB="10002dbd7000fddbdf252500000005002a010400000007003a01b63c3b00"], 0x24}, 0x1, 0x0, 0x0, 0x40004}, 0x24044000) write$auto(r0, &(0x7f0000000040)='7\x00\\\x90]\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xcbx\xcb.xb\x95\x99%\xcb\x85\xadt\xef`!#\x12\xa3\xd3\bS\x98t \x939\rA\x1f~\nV\xce\x8c\x91\x13\xda\xe2L\x05\xc1O\x10\xd0e\xf5r\xdd_\x1b\xe4\x03\xed\xd0D\x1c\x1f\xfeA6\xe9nx\xc5{\aT\xb56\x03\xa5H,~', 0x81) r2 = fanotify_init$auto(0x5, 0x2000000000002) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x44081, 0x80) readlinkat$auto(r3, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='/dev/dsp1\x00', 0x0) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000000)) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r6) sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r6, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="24010000e837e04188aa6ff705b51d42a2a76df8df41cf4a364335a59d4c", @ANYRES16=r8, @ANYBLOB="080029bd7000fedbdf256800000046004801dc266fcebd92e437b03d6f7bf9019872a79c693a679ed22accb537c0e7b86a6641f38fba40c4623d6f5d31e08fa592572d8f8631d0b241452f8273acea88c518c6d7000008001f01860500009b00ac00d5fb21b57f2aaef65f36010e3597d5a0d707fcc310c0f13f1ebf22f33ea9b602785d17a91c243cad82c39a98c0b2c14d849b4d627d5b63d863515931d690f629ad36f02ec82d5b866f3516187c3c764608ab53564ab8391b5b6ef78588cd1757d4795d34a59aa5569eb281557d56c9bee8d12c5c78e163ae057bf565ac20223d3123715a0c847638ac41ab7833bd8ce06fef549ad461d6000800420006000000060096000800000008004200070000000c002e010100000000000000"], 0x124}, 0x1, 0x0, 0x0, 0x48080}, 0x20000010) sendmsg$auto_NBD_CMD_CONNECT(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x38, r7, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x1020}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x200}]}, 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) r9 = fcntl$auto_F_GETOWN(r4, 0x9, 0x3) sendmsg$auto_NBD_CMD_DISCONNECT(r5, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x330, r7, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x80000000}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7e9}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1ff}, @NBD_ATTR_INDEX={0x8}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x8}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x80000000}, @NBD_ATTR_DEVICE_LIST={0x2c0, 0x9, 0x0, 0x1, [@nested={0x249, 0x1d, 0x0, 0x1, [@generic="14ea7f0bd2ecf77e8dcdfa0617d928095e38e8f2562394b16548926071896b9cc0beb7cde4785bdbcfe6769abd79e4", @typed={0x8, 0x10b, 0x0, 0x0, @fd=r3}, @typed={0x8, 0xc, 0x0, 0x0, @pid=r9}, @generic="4954f9144301ff78c09430a51cefd3a43cfc5e0ecd3951f2e437c98fc5fd14eb7c00ec4d1c8d197ebee1346df18d8ff3c8be552902f6d84fb8b1553f61f6e5e76025f8fa1e3a22c8839edba59a2c8064f24bbab67a2f2c56", @generic="90a033ae406be8b1b10b31be8bfc6d8fd1a6b05b6d764c0e27b2f77e6ef126200108b3efcb5ba8f2e85422fb12543cf8aa2400cc8d5d38af886d5a9737f3f0a50c3e693e9b367bef08421b9ad1251f583c8c0e7785dbb9f68b525122dda79e2326d5605e1a2ce4881ea44c8a4a48ee4a4ddd486bb1753c43e5b3af1a000c0b351e06f09097b4ba9f5c9a821df65f76c1d4ef5b8d63ae7a1b9b5a7938e4a6a4f2b110a3a272704e3ad518ea819f702ff5dba406001d2341c1f26e6fcc26db502cb4ddbe0a451ffe60feb8d9507196c220809368b36d47109bab9a9f90ab95606bd85f474cdef67209c569bbf0160a3d4b065cc1dbe91252e4d8", @nested={0x4, 0x110}, @generic="f66e8ed8d9c8e46a940111a583a10b65643dde07cb07d755848c8740bed3e1926e261d077a482b3dd63daa3bcdd5513c30fde4cc6966a529baead50d0c7258d8c2dc471c2ba56a1e79c12d0b6e7d281b424ddb00c1a967cc2b373165966caf6ece0f192003b66a6f0710ac9271201cd2f9c90179801b71c1e3abc33204b125da6d266b38d7046ad972e6b5fa87bdd9b844a518d2cab0c56904e6248e685e264bab703531535ae82efb9e06f412", @nested={0x4, 0x73}]}, @typed={0x70, 0x11, 0x0, 0x0, @binary="84b8a3dc3c7ad16ad788040032cef0466844395417498389410326f966da0c9085780cba5865f69a6a1561954eaf5f953c540855f702808bee324199ce20a368859847812c362f362d3a9e4fc0cb03b1ef99d0a5b34e65b805f5261f8e9beff149a339f92985f48a40c99a75"}]}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x2}]}, 0x330}, 0x1, 0x0, 0x0, 0x80}, 0x810) capset$auto(&(0x7f0000000180)={0x19980330, r9}, 0x0) socketpair$auto(0x800, 0x0, 0xc, &(0x7f0000000840)=0x80000001) write$auto_proc_gid_map_operations_base(r2, &(0x7f0000000240)="dce23587cbc821ad6774a0e3ea2d4935472301caaa485604c200f8b85f87d2126ac166542530287088a871e5eb3dd6c0f7cb828847b3aee83481b8a89b5c13a5b3573b0eb5fe902e709ebcf1a8b8f46686e28cc6ee57365f8a247d12b14963f62b44fba065a912d37f744e8b4010639d43643d3580ff515a3138b36bcbe3a88346d540d19c3f2332c18e61151f9d3d937983f717bfa62cb7381384bf68cc843567ec45018752b722e76b", 0xaa) brk$auto(0xffffffffffffff66) socket(0x2, 0x2, 0x0) 596.768345ms ago: executing program 2 (id=6503): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000740), 0x101001, 0x0) mmap$auto(0x0, 0x6, 0x10000000000df, 0xeb2, 0x401, 0x8000) write$auto(0x3, 0x0, 0x3f00) sysfs$auto(0x2, 0xe, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='}[,&*}\x00', &(0x7f0000000080)={0x220000, 0x0, 0x10}, 0x18) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) prctl$auto_PR_SCHED_CORE_CREATE(0x1, 0x1, 0x0, 0x0, 0x4) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000002c0), 0x44100, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0) fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000100)="000004") sendmsg$auto_ETHTOOL_MSG_PHY_GET(r1, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={0x0, 0x20}, 0x1, 0x0, 0x0, 0xc050}, 0x80) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000000)="612a5be7e2aa56ea96d1abe2c263") close_range$auto(0x2, 0x8, 0x0) open(0x0, 0xeee00, 0x31) unshare$auto(0x40000080) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0xa, 0x2, 0x73) setsockopt$auto_SO_DEVMEM_DONTNEED(r3, 0x2, 0x50, &(0x7f0000000040)='(]}(\x00', 0x5) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendto$auto(r3, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 551.524272ms ago: executing program 4 (id=6504): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xa, 0x15) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x0, 0x0) readv$auto(r0, &(0x7f0000000140)={0x0, 0x8}, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop15/queue/scheduler\x00', 0x982, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x0, 0x0, 0xfffffffffffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = prctl$auto(0x35, 0x8, 0x10, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKSTATE_GET(r2, 0x0, 0x20000000) mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x3, 0x3) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x9, 0x0, 0xe, 0x9b72, r1, 0x2f81) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0xecb02, 0x0) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/17, 0x11) socket(0x10, 0x2, 0x0) 395.387388ms ago: executing program 3 (id=6505): msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x2000, 0x9) 352.338842ms ago: executing program 0 (id=6506): sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xfffffffffffffed1, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x24044085}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8004) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) msgget$auto(0xf, 0x20000007) 199.985196ms ago: executing program 0 (id=6507): r0 = set_tid_address$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dmmidi2\x00', 0x101001, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000180)='/:$]\x00', 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x7ffd, 0x12) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x80000000, 0x9, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd700000dcdf251200000018000180140002007665746830029d6c616e0000135800000800060027000000"], 0x34}, 0x1, 0xf00000000000000, 0x0, 0x2000c010}, 0x100) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) io_uring_setup$auto(0x4c2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) pwrite64$auto(r4, 0x0, 0x1, 0x27) mmap$auto(0x0, 0x8000400008, 0x6, 0x18, 0xffffffffffffffff, 0x5) socket(0x2, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000040)={{&(0x7f0000000040), 0x15, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) splice$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x5, 0xe) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x46) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x7fff, 0x9, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x4, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0xa1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ea], "0d35b8667d65f6268731cbe05a27ea298da30a28e19f916ff16ebd2c28381855a79642792ebff97548ee41e0c5a025d9b06ed36107db0825dd494e69ba9c80fe72b8960d32f92ea549cabc60411038264ad0f44b172a36d58ec44d9654dedd12a3ab2360ffdbcec881d3fb48b9a8ec534362b5dd54d3efa09b3b16ea8c0c4705ec0792697ff02fad45a4902976463b683bcd99895d7e958e08fafda7"}, 0x1fe, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 0s ago: executing program 2 (id=6508): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fcdbdf2503000000180002800c000100060000000000000008000200", @ANYRES32=0x0, @ANYBLOB="080001"], 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000) kernel console output (not intermixed with test programs): tfile_fmode+0x37/0xa0 [ 1994.905875][ T1860] __do_sys_fanotify_init+0x96d/0xc00 [ 1994.905932][ T1860] do_syscall_64+0xcd/0x490 [ 1994.905967][ T1860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1994.905994][ T1860] RIP: 0033:0x7f4097b8ebe9 [ 1994.906016][ T1860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1994.906043][ T1860] RSP: 002b:00007f4098a5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 1994.906068][ T1860] RAX: ffffffffffffffda RBX: 00007f4097db5fa0 RCX: 00007f4097b8ebe9 [ 1994.906087][ T1860] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 1994.906105][ T1860] RBP: 00007f4097c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1994.906121][ T1860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1994.906137][ T1860] R13: 00007f4097db6038 R14: 00007f4097db5fa0 R15: 00007fff922ae948 [ 1994.906172][ T1860] [ 1995.240890][ T30] audit: type=1804 audit(4294967454.809:264): pid=1856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.6015" name="/newroot/315/file0" dev="tmpfs" ino=1661 res=1 errno=0 [ 1995.262341][ T30] audit: type=1804 audit(4294967454.859:265): pid=1856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.6015" name="/newroot/315/file0" dev="tmpfs" ino=1661 res=1 errno=0 [ 1996.161738][ T1878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6021'. [ 1997.312217][ T1888] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1997.413521][ T1888] FAULT_INJECTION: forcing a failure. [ 1997.413521][ T1888] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1997.427654][ T1888] CPU: 0 UID: 0 PID: 1888 Comm: syz.3.6023 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 1997.427706][ T1888] Tainted: [U]=USER [ 1997.427715][ T1888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1997.427733][ T1888] Call Trace: [ 1997.427742][ T1888] [ 1997.427753][ T1888] dump_stack_lvl+0x16c/0x1f0 [ 1997.427788][ T1888] should_fail_ex+0x512/0x640 [ 1997.427828][ T1888] strncpy_from_user+0x3b/0x2e0 [ 1997.427862][ T1888] getname_flags.part.0+0x8f/0x550 [ 1997.427905][ T1888] getname_flags+0x93/0xf0 [ 1997.427933][ T1888] do_sys_openat2+0xb8/0x1d0 [ 1997.427970][ T1888] ? __pfx_do_sys_openat2+0x10/0x10 [ 1997.428005][ T1888] ? __sock_release+0x20b/0x270 [ 1997.428048][ T1888] __x64_sys_openat+0x174/0x210 [ 1997.428086][ T1888] ? __pfx___x64_sys_openat+0x10/0x10 [ 1997.428140][ T1888] do_syscall_64+0xcd/0x490 [ 1997.428172][ T1888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1997.428199][ T1888] RIP: 0033:0x7f4097b8ebe9 [ 1997.428221][ T1888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1997.428246][ T1888] RSP: 002b:00007f4098a18038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1997.428271][ T1888] RAX: ffffffffffffffda RBX: 00007f4097db6180 RCX: 00007f4097b8ebe9 [ 1997.428288][ T1888] RDX: 00000000001810c1 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1997.428306][ T1888] RBP: 00007f4097c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1997.428322][ T1888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1997.428337][ T1888] R13: 00007f4097db6218 R14: 00007f4097db6180 R15: 00007fff922ae948 [ 1997.428373][ T1888] [ 1997.991872][ T1870] random: crng reseeded on system resumption [ 1998.154591][T32443] ERROR: Out of memory at tomoyo_memory_ok. [ 1998.183923][T27219] ERROR: Out of memory at tomoyo_memory_ok. [ 1998.860547][ T1885] kexec: Could not allocate control_code_buffer [ 1999.529915][ T1912] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2000.422595][ T1912] FAULT_INJECTION: forcing a failure. [ 2000.422595][ T1912] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2001.264190][ T1912] CPU: 0 UID: 0 PID: 1912 Comm: syz.4.6027 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2001.264242][ T1912] Tainted: [U]=USER [ 2001.264252][ T1912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2001.264268][ T1912] Call Trace: [ 2001.264278][ T1912] [ 2001.264288][ T1912] dump_stack_lvl+0x16c/0x1f0 [ 2001.264319][ T1912] should_fail_ex+0x512/0x640 [ 2001.264353][ T1912] get_futex_key+0x1d0/0x1560 [ 2001.264389][ T1912] ? __pfx_get_futex_key+0x10/0x10 [ 2001.264415][ T1912] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 2001.264452][ T1912] ? lockdep_hardirqs_on+0x7c/0x110 [ 2001.264479][ T1912] ? __destroy_inode+0x2e4/0x730 [ 2001.264510][ T1912] ? __pfx_sock_free_inode+0x10/0x10 [ 2001.264545][ T1912] futex_wake+0xea/0x530 [ 2001.264580][ T1912] ? __pfx_evict+0x10/0x10 [ 2001.264610][ T1912] ? __pfx_futex_wake+0x10/0x10 [ 2001.264647][ T1912] ? iput+0x519/0x880 [ 2001.264686][ T1912] do_futex+0x1e3/0x350 [ 2001.264716][ T1912] ? __pfx_do_futex+0x10/0x10 [ 2001.264745][ T1912] ? __sock_release+0x20b/0x270 [ 2001.264778][ T1912] __x64_sys_futex+0x1e0/0x4c0 [ 2001.264814][ T1912] ? __sys_socket+0xac/0x260 [ 2001.264846][ T1912] ? __pfx___x64_sys_futex+0x10/0x10 [ 2001.264878][ T1912] ? xfd_validate_state+0x61/0x180 [ 2001.264912][ T1912] ? __task_pid_nr_ns+0x17c/0x500 [ 2001.264954][ T1912] do_syscall_64+0xcd/0x490 [ 2001.264982][ T1912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2001.265008][ T1912] RIP: 0033:0x7f12a498ebe9 [ 2001.265029][ T1912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2001.265054][ T1912] RSP: 002b:00007f12a57500e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2001.265078][ T1912] RAX: ffffffffffffffda RBX: 00007f12a4bb6098 RCX: 00007f12a498ebe9 [ 2001.265096][ T1912] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f12a4bb609c [ 2001.265113][ T1912] RBP: 00007f12a4bb6090 R08: 00007f12a5772000 R09: 0000000000000000 [ 2001.265130][ T1912] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 2001.265146][ T1912] R13: 00007f12a4bb6128 R14: 00007ffe3ba408e0 R15: 00007ffe3ba409c8 [ 2001.265180][ T1912] [ 2002.769083][ T1908] kexec: Could not allocate control_code_buffer [ 2004.144443][ T1953] FAULT_INJECTION: forcing a failure. [ 2004.144443][ T1953] name failslab, interval 1, probability 0, space 0, times 0 [ 2004.237857][ T1953] CPU: 1 UID: 0 PID: 1953 Comm: syz.3.6033 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2004.237890][ T1953] Tainted: [U]=USER [ 2004.237895][ T1953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2004.237907][ T1953] Call Trace: [ 2004.237913][ T1953] [ 2004.237920][ T1953] dump_stack_lvl+0x16c/0x1f0 [ 2004.237942][ T1953] should_fail_ex+0x512/0x640 [ 2004.237961][ T1953] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2004.237981][ T1953] should_failslab+0xc2/0x120 [ 2004.238001][ T1953] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2004.238018][ T1953] ? d_instantiate+0x77/0x90 [ 2004.238035][ T1953] ? alloc_empty_file+0x55/0x1e0 [ 2004.238058][ T1953] alloc_empty_file+0x55/0x1e0 [ 2004.238079][ T1953] alloc_file_pseudo+0x13a/0x230 [ 2004.238101][ T1953] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2004.238123][ T1953] ? do_raw_spin_unlock+0x172/0x230 [ 2004.238147][ T1953] __anon_inode_getfile+0xe8/0x280 [ 2004.238167][ T1953] anon_inode_getfile_fmode+0x37/0xa0 [ 2004.238186][ T1953] __do_sys_fanotify_init+0x96d/0xc00 [ 2004.238210][ T1953] do_syscall_64+0xcd/0x490 [ 2004.238227][ T1953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2004.238242][ T1953] RIP: 0033:0x7f4097b8ebe9 [ 2004.238254][ T1953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2004.238269][ T1953] RSP: 002b:00007f4098a5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2004.238284][ T1953] RAX: ffffffffffffffda RBX: 00007f4097db5fa0 RCX: 00007f4097b8ebe9 [ 2004.238294][ T1953] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2004.238302][ T1953] RBP: 00007f4097c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2004.238311][ T1953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2004.238319][ T1953] R13: 00007f4097db6038 R14: 00007f4097db5fa0 R15: 00007fff922ae948 [ 2004.238337][ T1953] [ 2005.514215][ T1962] random: crng reseeded on system resumption [ 2006.955856][ T1969] Process accounting paused [ 2007.989749][ T2011] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6043'. [ 2009.633617][ T2015] zswap: compressor not available [ 2011.776330][ T769] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 2011.776355][ T769] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 2011.791414][ T769] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 2011.791461][ T769] Bluetooth: hci0: adv larger than maximum supported [ 2011.799957][ T769] Bluetooth: hci0: Unknown advertising packet type: 0x7b [ 2011.807144][ T769] Bluetooth: hci0: Malformed LE Event: 0x0d [ 2012.093385][ T2005] ima: policy update failed [ 2012.130867][ T30] audit: type=1802 audit(4294967471.829:266): pid=2005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.6043" res=0 errno=0 [ 2012.757294][ T2044] netlink: 'syz.4.6051': attribute type 1 has an invalid length. [ 2012.767690][ T2044] netlink: 54 bytes leftover after parsing attributes in process `syz.4.6051'. [ 2013.257436][ T2038] ima: policy update failed [ 2013.294576][ T30] audit: type=1802 audit(4294967472.959:267): pid=2038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.6051" res=0 errno=0 [ 2014.144875][ T2055] FAULT_INJECTION: forcing a failure. [ 2014.144875][ T2055] name failslab, interval 1, probability 0, space 0, times 0 [ 2014.254296][ T2055] CPU: 0 UID: 0 PID: 2055 Comm: syz.0.6053 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2014.254339][ T2055] Tainted: [U]=USER [ 2014.254348][ T2055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2014.254363][ T2055] Call Trace: [ 2014.254371][ T2055] [ 2014.254382][ T2055] dump_stack_lvl+0x16c/0x1f0 [ 2014.254414][ T2055] should_fail_ex+0x512/0x640 [ 2014.254443][ T2055] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2014.254476][ T2055] should_failslab+0xc2/0x120 [ 2014.254508][ T2055] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2014.254539][ T2055] ? alloc_inode+0xc3/0x240 [ 2014.254577][ T2055] alloc_inode+0xc3/0x240 [ 2014.254610][ T2055] alloc_anon_inode+0x28/0x3e0 [ 2014.254640][ T2055] anon_inode_make_secure_inode+0x31/0x140 [ 2014.254673][ T2055] __anon_inode_getfile+0x1cf/0x280 [ 2014.254706][ T2055] new_userfaultfd+0x25e/0x3d0 [ 2014.254742][ T2055] __x64_sys_userfaultfd+0x4b/0xb0 [ 2014.254769][ T2055] do_syscall_64+0xcd/0x490 [ 2014.254798][ T2055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2014.254828][ T2055] RIP: 0033:0x7f7c1eb8ebe9 [ 2014.254849][ T2055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2014.254874][ T2055] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 2014.254905][ T2055] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2014.254923][ T2055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 2014.254938][ T2055] RBP: 00007f7c1f9ac090 R08: 0000000000000000 R09: 0000000000000000 [ 2014.254954][ T2055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2014.254969][ T2055] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2014.255003][ T2055] [ 2015.485460][ T2079] FAULT_INJECTION: forcing a failure. [ 2015.485460][ T2079] name failslab, interval 1, probability 0, space 0, times 0 [ 2015.524167][ T2079] CPU: 1 UID: 0 PID: 2079 Comm: syz.4.6060 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2015.524210][ T2079] Tainted: [U]=USER [ 2015.524219][ T2079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2015.524235][ T2079] Call Trace: [ 2015.524244][ T2079] [ 2015.524255][ T2079] dump_stack_lvl+0x16c/0x1f0 [ 2015.524289][ T2079] should_fail_ex+0x512/0x640 [ 2015.524320][ T2079] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2015.524356][ T2079] should_failslab+0xc2/0x120 [ 2015.524391][ T2079] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2015.524421][ T2079] ? d_instantiate+0x77/0x90 [ 2015.524452][ T2079] ? alloc_empty_file+0x55/0x1e0 [ 2015.524493][ T2079] alloc_empty_file+0x55/0x1e0 [ 2015.524530][ T2079] alloc_file_pseudo+0x13a/0x230 [ 2015.524568][ T2079] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2015.524608][ T2079] ? do_raw_spin_unlock+0x172/0x230 [ 2015.524650][ T2079] __anon_inode_getfile+0xe8/0x280 [ 2015.524686][ T2079] anon_inode_getfile_fmode+0x37/0xa0 [ 2015.524720][ T2079] __do_sys_fanotify_init+0x96d/0xc00 [ 2015.524770][ T2079] do_syscall_64+0xcd/0x490 [ 2015.524802][ T2079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2015.524827][ T2079] RIP: 0033:0x7f12a498ebe9 [ 2015.524848][ T2079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2015.524874][ T2079] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2015.524899][ T2079] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2015.524917][ T2079] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2015.524933][ T2079] RBP: 00007f12a4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2015.524948][ T2079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2015.524964][ T2079] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2015.524996][ T2079] [ 2018.236466][ T2095] FAULT_INJECTION: forcing a failure. [ 2018.236466][ T2095] name failslab, interval 1, probability 0, space 0, times 0 [ 2018.458610][ T2095] CPU: 1 UID: 0 PID: 2095 Comm: syz.2.6063 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2018.458656][ T2095] Tainted: [U]=USER [ 2018.458662][ T2095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2018.458673][ T2095] Call Trace: [ 2018.458680][ T2095] [ 2018.458686][ T2095] dump_stack_lvl+0x16c/0x1f0 [ 2018.458708][ T2095] should_fail_ex+0x512/0x640 [ 2018.458726][ T2095] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2018.458747][ T2095] should_failslab+0xc2/0x120 [ 2018.458768][ T2095] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2018.458785][ T2095] ? security_file_alloc+0x34/0x2b0 [ 2018.458806][ T2095] security_file_alloc+0x34/0x2b0 [ 2018.458835][ T2095] init_file+0x93/0x4c0 [ 2018.458871][ T2095] alloc_empty_file+0x73/0x1e0 [ 2018.458903][ T2095] alloc_file_pseudo+0x13a/0x230 [ 2018.458925][ T2095] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2018.458947][ T2095] ? do_raw_spin_unlock+0x172/0x230 [ 2018.458971][ T2095] __anon_inode_getfile+0xe8/0x280 [ 2018.458991][ T2095] anon_inode_getfile_fmode+0x37/0xa0 [ 2018.459010][ T2095] __do_sys_fanotify_init+0x96d/0xc00 [ 2018.459034][ T2095] do_syscall_64+0xcd/0x490 [ 2018.459052][ T2095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2018.459068][ T2095] RIP: 0033:0x7f06cd18ebe9 [ 2018.459080][ T2095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2018.459095][ T2095] RSP: 002b:00007f06cdf3a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2018.459115][ T2095] RAX: ffffffffffffffda RBX: 00007f06cd3b5fa0 RCX: 00007f06cd18ebe9 [ 2018.459125][ T2095] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2018.459135][ T2095] RBP: 00007f06cd211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2018.459150][ T2095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2018.459159][ T2095] R13: 00007f06cd3b6038 R14: 00007f06cd3b5fa0 R15: 00007ffc186b8658 [ 2018.459177][ T2095] [ 2020.115443][ T2094] random: crng reseeded on system resumption [ 2020.229248][T32445] ERROR: Out of memory at tomoyo_memory_ok. [ 2020.340504][T32443] ERROR: Out of memory at tomoyo_memory_ok. [ 2023.404057][ T2138] tipc: Started in network mode [ 2023.408963][ T2138] tipc: Node identity 30303030, cluster identity 4711 [ 2023.473011][ T2142] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2023.704420][ T2138] tipc: Node number set to 808464432 [ 2024.952972][ T2142] FAULT_INJECTION: forcing a failure. [ 2024.952972][ T2142] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2025.172760][ T2142] CPU: 1 UID: 0 PID: 2142 Comm: syz.2.6072 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2025.172801][ T2142] Tainted: [U]=USER [ 2025.172810][ T2142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2025.172824][ T2142] Call Trace: [ 2025.172832][ T2142] [ 2025.172842][ T2142] dump_stack_lvl+0x16c/0x1f0 [ 2025.172873][ T2142] should_fail_ex+0x512/0x640 [ 2025.172907][ T2142] get_futex_key+0x293/0x1560 [ 2025.172941][ T2142] ? __pfx_get_futex_key+0x10/0x10 [ 2025.172969][ T2142] ? __mutex_trylock_common+0xe9/0x250 [ 2025.173011][ T2142] futex_wake+0xea/0x530 [ 2025.173048][ T2142] ? __pfx_futex_wake+0x10/0x10 [ 2025.173098][ T2142] do_futex+0x1e3/0x350 [ 2025.173128][ T2142] ? __pfx_do_futex+0x10/0x10 [ 2025.173155][ T2142] ? __might_fault+0xe3/0x190 [ 2025.173192][ T2142] mm_release+0x24e/0x300 [ 2025.173222][ T2142] do_exit+0x68e/0x2bf0 [ 2025.173261][ T2142] ? __pfx_do_exit+0x10/0x10 [ 2025.173292][ T2142] ? do_raw_spin_lock+0x12c/0x2b0 [ 2025.173324][ T2142] ? find_held_lock+0x2b/0x80 [ 2025.173353][ T2142] do_group_exit+0xd3/0x2a0 [ 2025.173386][ T2142] get_signal+0x2673/0x26d0 [ 2025.173417][ T2142] ? iput+0x519/0x880 [ 2025.173452][ T2142] ? __pfx_get_signal+0x10/0x10 [ 2025.173479][ T2142] ? do_futex+0x122/0x350 [ 2025.173508][ T2142] ? __pfx_do_futex+0x10/0x10 [ 2025.173547][ T2142] arch_do_signal_or_restart+0x8f/0x790 [ 2025.173581][ T2142] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2025.173622][ T2142] ? xfd_validate_state+0x61/0x180 [ 2025.173653][ T2142] ? __pfx_ksys_write+0x10/0x10 [ 2025.173686][ T2142] exit_to_user_mode_loop+0x84/0x110 [ 2025.173722][ T2142] do_syscall_64+0x3f6/0x490 [ 2025.173750][ T2142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2025.173774][ T2142] RIP: 0033:0x7f06cd18ebe9 [ 2025.173794][ T2142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2025.173816][ T2142] RSP: 002b:00007f06caff60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2025.173839][ T2142] RAX: fffffffffffffe00 RBX: 00007f06cd3b6188 RCX: 00007f06cd18ebe9 [ 2025.173854][ T2142] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f06cd3b6188 [ 2025.173869][ T2142] RBP: 00007f06cd3b6180 R08: 0000000000000000 R09: 0000000000000000 [ 2025.173883][ T2142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2025.173898][ T2142] R13: 00007f06cd3b6218 R14: 00007ffc186b8570 R15: 00007ffc186b8658 [ 2025.173933][ T2142] [ 2027.058313][ T2136] kexec: Could not allocate control_code_buffer [ 2028.062894][ T2176] random: crng reseeded on system resumption [ 2030.849032][ T2211] FAULT_INJECTION: forcing a failure. [ 2030.849032][ T2211] name failslab, interval 1, probability 0, space 0, times 0 [ 2030.903410][ T2211] CPU: 0 UID: 0 PID: 2211 Comm: syz.2.6082 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2030.903452][ T2211] Tainted: [U]=USER [ 2030.903461][ T2211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2030.903475][ T2211] Call Trace: [ 2030.903485][ T2211] [ 2030.903495][ T2211] dump_stack_lvl+0x16c/0x1f0 [ 2030.903527][ T2211] should_fail_ex+0x512/0x640 [ 2030.903556][ T2211] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2030.903589][ T2211] should_failslab+0xc2/0x120 [ 2030.903620][ T2211] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2030.903648][ T2211] ? __proc_create+0xc3/0x8e0 [ 2030.903680][ T2211] ? __proc_create+0x2ce/0x8e0 [ 2030.903721][ T2211] __proc_create+0x2ce/0x8e0 [ 2030.903755][ T2211] ? __pfx___proc_create+0x10/0x10 [ 2030.903795][ T2211] ? mark_held_locks+0x49/0x80 [ 2030.903835][ T2211] proc_create_reg+0x7d/0x180 [ 2030.903873][ T2211] proc_create_net_data+0x8e/0x1c0 [ 2030.903909][ T2211] ? __pfx_proc_create_net_data+0x10/0x10 [ 2030.903944][ T2211] ? __pfx___netlink_kernel_create+0x10/0x10 [ 2030.903970][ T2211] ? fib4_semantics_init+0x25/0x100 [ 2030.904010][ T2211] fib_proc_init+0x58/0x1b0 [ 2030.904034][ T2211] fib_net_init+0x2af/0x3f0 [ 2030.904058][ T2211] ? __pfx___register_sysctl_table+0x10/0x10 [ 2030.904096][ T2211] ? __pfx_fib_net_init+0x10/0x10 [ 2030.904122][ T2211] ? lockdep_init_map_type+0x5c/0x280 [ 2030.904154][ T2211] ? __pfx_nl_fib_input+0x10/0x10 [ 2030.904184][ T2211] ? devinet_init_net+0x5c2/0x910 [ 2030.904218][ T2211] ? __pfx_fib_net_init+0x10/0x10 [ 2030.904243][ T2211] ops_init+0x1df/0x5f0 [ 2030.904272][ T2211] setup_net+0x10f/0x380 [ 2030.904295][ T2211] ? lockdep_init_map_type+0x5c/0x280 [ 2030.904328][ T2211] ? __pfx_setup_net+0x10/0x10 [ 2030.904356][ T2211] ? debug_mutex_init+0x37/0x70 [ 2030.904385][ T2211] copy_net_ns+0x2a6/0x5f0 [ 2030.904418][ T2211] create_new_namespaces+0x3ea/0xa90 [ 2030.904456][ T2211] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2030.904486][ T2211] ksys_unshare+0x45b/0xa40 [ 2030.904516][ T2211] ? __pfx_ksys_unshare+0x10/0x10 [ 2030.904545][ T2211] ? xfd_validate_state+0x61/0x180 [ 2030.904585][ T2211] __x64_sys_unshare+0x31/0x40 [ 2030.904615][ T2211] do_syscall_64+0xcd/0x490 [ 2030.904643][ T2211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2030.904666][ T2211] RIP: 0033:0x7f06cd18ebe9 [ 2030.904686][ T2211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2030.904709][ T2211] RSP: 002b:00007f06cdf3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2030.904733][ T2211] RAX: ffffffffffffffda RBX: 00007f06cd3b5fa0 RCX: 00007f06cd18ebe9 [ 2030.904750][ T2211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2030.904764][ T2211] RBP: 00007f06cd211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2030.904778][ T2211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2030.904791][ T2211] R13: 00007f06cd3b6038 R14: 00007f06cd3b5fa0 R15: 00007ffc186b8658 [ 2030.904824][ T2211] [ 2031.519213][ T2226] syz.2.6084(2226): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 2032.344166][ T30] audit: type=1804 audit(4294967491.979:268): pid=2240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.6086" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 2036.738327][ T2318] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2037.064888][ T2313] FAULT_INJECTION: forcing a failure. [ 2037.064888][ T2313] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2037.230001][ T2313] CPU: 0 UID: 0 PID: 2313 Comm: syz.2.6099 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2037.230043][ T2313] Tainted: [U]=USER [ 2037.230051][ T2313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2037.230067][ T2313] Call Trace: [ 2037.230077][ T2313] [ 2037.230088][ T2313] dump_stack_lvl+0x16c/0x1f0 [ 2037.230121][ T2313] should_fail_ex+0x512/0x640 [ 2037.230169][ T2313] get_futex_key+0x1d0/0x1560 [ 2037.230206][ T2313] ? __pfx_get_futex_key+0x10/0x10 [ 2037.230234][ T2313] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 2037.230271][ T2313] ? lockdep_hardirqs_on+0x7c/0x110 [ 2037.230301][ T2313] ? __destroy_inode+0x2e4/0x730 [ 2037.230333][ T2313] ? __pfx_sock_free_inode+0x10/0x10 [ 2037.230368][ T2313] futex_wake+0xea/0x530 [ 2037.230404][ T2313] ? __pfx_evict+0x10/0x10 [ 2037.230436][ T2313] ? __pfx_futex_wake+0x10/0x10 [ 2037.230487][ T2313] do_futex+0x1e3/0x350 [ 2037.230520][ T2313] ? __pfx_do_futex+0x10/0x10 [ 2037.230551][ T2313] ? __sock_release+0x20b/0x270 [ 2037.230586][ T2313] __x64_sys_futex+0x1e0/0x4c0 [ 2037.230620][ T2313] ? __sys_socket+0xac/0x260 [ 2037.230654][ T2313] ? __pfx___x64_sys_futex+0x10/0x10 [ 2037.230697][ T2313] ? xfd_validate_state+0x61/0x180 [ 2037.230734][ T2313] ? __task_pid_nr_ns+0x17c/0x500 [ 2037.230780][ T2313] do_syscall_64+0xcd/0x490 [ 2037.230814][ T2313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2037.230841][ T2313] RIP: 0033:0x7f06cd18ebe9 [ 2037.230863][ T2313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2037.230888][ T2313] RSP: 002b:00007f06cdf190e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2037.230913][ T2313] RAX: ffffffffffffffda RBX: 00007f06cd3b6098 RCX: 00007f06cd18ebe9 [ 2037.230931][ T2313] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f06cd3b609c [ 2037.230948][ T2313] RBP: 00007f06cd3b6090 R08: 00007f06cdf3b000 R09: 0000000000000000 [ 2037.230965][ T2313] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 2037.230981][ T2313] R13: 00007f06cd3b6128 R14: 00007ffc186b8570 R15: 00007ffc186b8658 [ 2037.231017][ T2313] [ 2037.339109][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 2037.527009][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 2038.813758][ T2319] Process accounting resumed [ 2039.532324][ T2311] kexec: Could not allocate control_code_buffer [ 2040.292339][ T30] audit: type=1800 audit(4294967499.979:269): pid=2360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6106" name="features" dev="configfs" ino=140019 res=0 errno=0 [ 2041.119842][ T2365] FAULT_INJECTION: forcing a failure. [ 2041.119842][ T2365] name failslab, interval 1, probability 0, space 0, times 0 [ 2041.208557][ T2365] CPU: 0 UID: 0 PID: 2365 Comm: syz.3.6108 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2041.208605][ T2365] Tainted: [U]=USER [ 2041.208616][ T2365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2041.208632][ T2365] Call Trace: [ 2041.208642][ T2365] [ 2041.208653][ T2365] dump_stack_lvl+0x16c/0x1f0 [ 2041.208694][ T2365] should_fail_ex+0x512/0x640 [ 2041.208727][ T2365] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2041.208763][ T2365] should_failslab+0xc2/0x120 [ 2041.208809][ T2365] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2041.208841][ T2365] ? d_instantiate+0x77/0x90 [ 2041.208874][ T2365] ? alloc_empty_file+0x55/0x1e0 [ 2041.208917][ T2365] alloc_empty_file+0x55/0x1e0 [ 2041.208955][ T2365] alloc_file_pseudo+0x13a/0x230 [ 2041.208994][ T2365] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2041.209034][ T2365] ? do_raw_spin_unlock+0x172/0x230 [ 2041.209076][ T2365] __anon_inode_getfile+0xe8/0x280 [ 2041.209112][ T2365] anon_inode_getfile_fmode+0x37/0xa0 [ 2041.209147][ T2365] __do_sys_fanotify_init+0x96d/0xc00 [ 2041.209191][ T2365] do_syscall_64+0xcd/0x490 [ 2041.209222][ T2365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2041.209249][ T2365] RIP: 0033:0x7f4097b8ebe9 [ 2041.209270][ T2365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2041.209296][ T2365] RSP: 002b:00007f4098a5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2041.209321][ T2365] RAX: ffffffffffffffda RBX: 00007f4097db5fa0 RCX: 00007f4097b8ebe9 [ 2041.209339][ T2365] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2041.209356][ T2365] RBP: 00007f4097c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2041.209372][ T2365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2041.209389][ T2365] R13: 00007f4097db6038 R14: 00007f4097db5fa0 R15: 00007fff922ae948 [ 2041.209425][ T2365] [ 2043.082790][ T2380] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6112'. [ 2043.133773][ T2380] mac80211_hwsim hwsim22 wlan1: entered allmulticast mode [ 2043.645121][ T2376] ima: policy update failed [ 2043.728456][ T30] audit: type=1802 audit(4294967503.419:270): pid=2376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.6111" res=0 errno=0 [ 2044.631072][ T2388] __vm_enough_memory: pid: 2388, comm: syz.3.6113, bytes: 4398046511104 not enough memory for the allocation [ 2045.335396][ T2417] FAULT_INJECTION: forcing a failure. [ 2045.335396][ T2417] name failslab, interval 1, probability 0, space 0, times 0 [ 2045.528288][ T2417] CPU: 0 UID: 0 PID: 2417 Comm: syz.2.6118 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2045.528335][ T2417] Tainted: [U]=USER [ 2045.528345][ T2417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2045.528363][ T2417] Call Trace: [ 2045.528372][ T2417] [ 2045.528384][ T2417] dump_stack_lvl+0x16c/0x1f0 [ 2045.528419][ T2417] should_fail_ex+0x512/0x640 [ 2045.528451][ T2417] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2045.528487][ T2417] should_failslab+0xc2/0x120 [ 2045.528521][ T2417] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2045.528557][ T2417] ? d_instantiate+0x77/0x90 [ 2045.528592][ T2417] ? alloc_empty_file+0x55/0x1e0 [ 2045.528636][ T2417] alloc_empty_file+0x55/0x1e0 [ 2045.528675][ T2417] alloc_file_pseudo+0x13a/0x230 [ 2045.528716][ T2417] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2045.528757][ T2417] ? do_raw_spin_unlock+0x172/0x230 [ 2045.528800][ T2417] __anon_inode_getfile+0xe8/0x280 [ 2045.528840][ T2417] anon_inode_getfile_fmode+0x37/0xa0 [ 2045.528874][ T2417] __do_sys_fanotify_init+0x96d/0xc00 [ 2045.528918][ T2417] do_syscall_64+0xcd/0x490 [ 2045.528950][ T2417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2045.528979][ T2417] RIP: 0033:0x7f06cd18ebe9 [ 2045.529001][ T2417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2045.529028][ T2417] RSP: 002b:00007f06cdf3a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2045.529055][ T2417] RAX: ffffffffffffffda RBX: 00007f06cd3b5fa0 RCX: 00007f06cd18ebe9 [ 2045.529073][ T2417] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2045.529090][ T2417] RBP: 00007f06cd211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2045.529106][ T2417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2045.529124][ T2417] R13: 00007f06cd3b6038 R14: 00007f06cd3b5fa0 R15: 00007ffc186b8658 [ 2045.529160][ T2417] [ 2047.762947][ T2442] FAULT_INJECTION: forcing a failure. [ 2047.762947][ T2442] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2047.849564][ T2442] CPU: 1 UID: 0 PID: 2442 Comm: syz.0.6123 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2047.849607][ T2442] Tainted: [U]=USER [ 2047.849615][ T2442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2047.849630][ T2442] Call Trace: [ 2047.849639][ T2442] [ 2047.849650][ T2442] dump_stack_lvl+0x16c/0x1f0 [ 2047.849686][ T2442] should_fail_ex+0x512/0x640 [ 2047.849721][ T2442] _copy_to_user+0x32/0xd0 [ 2047.849756][ T2442] simple_read_from_buffer+0xcb/0x170 [ 2047.849786][ T2442] proc_fail_nth_read+0x197/0x240 [ 2047.849815][ T2442] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2047.849845][ T2442] ? rw_verify_area+0xcf/0x6c0 [ 2047.849871][ T2442] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2047.849898][ T2442] vfs_read+0x1e1/0xc60 [ 2047.849931][ T2442] ? __pfx___mutex_lock+0x10/0x10 [ 2047.849958][ T2442] ? __pfx_vfs_read+0x10/0x10 [ 2047.849996][ T2442] ? __fget_files+0x20e/0x3c0 [ 2047.850034][ T2442] ksys_read+0x12a/0x250 [ 2047.850061][ T2442] ? __pfx_ksys_read+0x10/0x10 [ 2047.850089][ T2442] ? fput+0x9b/0xd0 [ 2047.850129][ T2442] do_syscall_64+0xcd/0x490 [ 2047.850158][ T2442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2047.850184][ T2442] RIP: 0033:0x7f7c1eb8d5fc [ 2047.850205][ T2442] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2047.850228][ T2442] RSP: 002b:00007f7c1f9ac030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2047.850252][ T2442] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8d5fc [ 2047.850270][ T2442] RDX: 000000000000000f RSI: 00007f7c1f9ac0a0 RDI: 0000000000000006 [ 2047.850291][ T2442] RBP: 00007f7c1f9ac090 R08: 0000000000000000 R09: 0000000000000000 [ 2047.850307][ T2442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2047.850322][ T2442] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2047.850358][ T2442] [ 2048.045771][ C1] vkms_vblank_simulate: vblank timer overrun [ 2051.492518][ T2486] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6131'. [ 2051.710506][ T2490] FAULT_INJECTION: forcing a failure. [ 2051.710506][ T2490] name failslab, interval 1, probability 0, space 0, times 0 [ 2051.760033][ T2490] CPU: 1 UID: 0 PID: 2490 Comm: syz.0.6133 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2051.760077][ T2490] Tainted: [U]=USER [ 2051.760086][ T2490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2051.760101][ T2490] Call Trace: [ 2051.760110][ T2490] [ 2051.760120][ T2490] dump_stack_lvl+0x16c/0x1f0 [ 2051.760152][ T2490] should_fail_ex+0x512/0x640 [ 2051.760181][ T2490] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 2051.760212][ T2490] should_failslab+0xc2/0x120 [ 2051.760243][ T2490] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2051.760272][ T2490] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 2051.760305][ T2490] ? genl_start+0x1e8/0x980 [ 2051.760338][ T2490] genl_start+0x1e8/0x980 [ 2051.760372][ T2490] __netlink_dump_start+0x60e/0x990 [ 2051.760403][ T2490] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 2051.760437][ T2490] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 2051.760476][ T2490] ? __pfx_genl_get_cmd+0x10/0x10 [ 2051.760499][ T2490] ? __pfx_genl_start+0x10/0x10 [ 2051.760525][ T2490] ? __pfx_genl_dumpit+0x10/0x10 [ 2051.760551][ T2490] ? __pfx_genl_done+0x10/0x10 [ 2051.760585][ T2490] ? __radix_tree_lookup+0x21f/0x2c0 [ 2051.760629][ T2490] genl_rcv_msg+0x46e/0x800 [ 2051.760672][ T2490] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2051.760704][ T2490] ? __pfx_nl802154_list_associations+0x10/0x10 [ 2051.760751][ T2490] netlink_rcv_skb+0x158/0x420 [ 2051.760777][ T2490] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2051.760808][ T2490] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2051.760850][ T2490] ? netlink_deliver_tap+0x1ae/0xd30 [ 2051.760882][ T2490] genl_rcv+0x28/0x40 [ 2051.760908][ T2490] netlink_unicast+0x5a7/0x870 [ 2051.760940][ T2490] ? __pfx_netlink_unicast+0x10/0x10 [ 2051.760967][ T2490] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2051.760992][ T2490] ? __lock_acquire+0xb97/0x1ce0 [ 2051.761032][ T2490] netlink_sendmsg+0x8d1/0xdd0 [ 2051.761065][ T2490] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2051.761096][ T2490] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 2051.761137][ T2490] ____sys_sendmsg+0xa98/0xc70 [ 2051.761167][ T2490] ? copy_msghdr_from_user+0x10a/0x160 [ 2051.761191][ T2490] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2051.761235][ T2490] ___sys_sendmsg+0x134/0x1d0 [ 2051.761263][ T2490] ? __pfx____sys_sendmsg+0x10/0x10 [ 2051.761322][ T2490] ? __mutex_unlock_slowpath+0x140/0x800 [ 2051.761369][ T2490] __sys_sendmsg+0x16d/0x220 [ 2051.761397][ T2490] ? __pfx___sys_sendmsg+0x10/0x10 [ 2051.761448][ T2490] do_syscall_64+0xcd/0x490 [ 2051.761478][ T2490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2051.761504][ T2490] RIP: 0033:0x7f7c1eb8ebe9 [ 2051.761526][ T2490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2051.761550][ T2490] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2051.761574][ T2490] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2051.761592][ T2490] RDX: 0000000000000084 RSI: 0000200000000180 RDI: 0000000000000003 [ 2051.761608][ T2490] RBP: 00007f7c1f9ac090 R08: 0000000000000000 R09: 0000000000000000 [ 2051.761623][ T2490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2051.761646][ T2490] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2051.761681][ T2490] [ 2052.109898][ T2498] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2052.448972][ T2501] nvme_fcloop: unknown parameter or missing value '7' [ 2052.460341][ T2498] FAULT_INJECTION: forcing a failure. [ 2052.460341][ T2498] name failslab, interval 1, probability 0, space 0, times 0 [ 2052.516444][ T2498] CPU: 0 UID: 0 PID: 2498 Comm: syz.2.6134 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2052.516487][ T2498] Tainted: [U]=USER [ 2052.516497][ T2498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2052.516511][ T2498] Call Trace: [ 2052.516522][ T2498] [ 2052.516532][ T2498] dump_stack_lvl+0x16c/0x1f0 [ 2052.516565][ T2498] should_fail_ex+0x512/0x640 [ 2052.516594][ T2498] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2052.516625][ T2498] should_failslab+0xc2/0x120 [ 2052.516657][ T2498] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2052.516687][ T2498] ? getname_flags.part.0+0x4c/0x550 [ 2052.516731][ T2498] getname_flags.part.0+0x4c/0x550 [ 2052.516772][ T2498] getname_flags+0x93/0xf0 [ 2052.516812][ T2498] do_sys_openat2+0xb8/0x1d0 [ 2052.516852][ T2498] ? __pfx_do_sys_openat2+0x10/0x10 [ 2052.516891][ T2498] ? __pfx___schedule+0x10/0x10 [ 2052.516935][ T2498] __x64_sys_openat+0x174/0x210 [ 2052.516970][ T2498] ? __pfx___x64_sys_openat+0x10/0x10 [ 2052.517016][ T2498] do_syscall_64+0xcd/0x490 [ 2052.517043][ T2498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2052.517068][ T2498] RIP: 0033:0x7f06cd18ebe9 [ 2052.517089][ T2498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2052.517112][ T2498] RSP: 002b:00007f06cdf19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2052.517135][ T2498] RAX: ffffffffffffffda RBX: 00007f06cd3b6090 RCX: 00007f06cd18ebe9 [ 2052.517152][ T2498] RDX: 00000000001810c1 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 2052.517167][ T2498] RBP: 00007f06cd211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2052.517180][ T2498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2052.517194][ T2498] R13: 00007f06cd3b6128 R14: 00007f06cd3b6090 R15: 00007ffc186b8658 [ 2052.517224][ T2498] [ 2053.787156][ T2497] kexec: Could not allocate control_code_buffer [ 2055.647221][ T2538] FAULT_INJECTION: forcing a failure. [ 2055.647221][ T2538] name failslab, interval 1, probability 0, space 0, times 0 [ 2055.695226][ T2538] CPU: 1 UID: 0 PID: 2538 Comm: syz.0.6141 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2055.695274][ T2538] Tainted: [U]=USER [ 2055.695284][ T2538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2055.695300][ T2538] Call Trace: [ 2055.695310][ T2538] [ 2055.695322][ T2538] dump_stack_lvl+0x16c/0x1f0 [ 2055.695358][ T2538] should_fail_ex+0x512/0x640 [ 2055.695390][ T2538] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2055.695426][ T2538] should_failslab+0xc2/0x120 [ 2055.695462][ T2538] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2055.695501][ T2538] ? d_instantiate+0x77/0x90 [ 2055.695534][ T2538] ? alloc_empty_file+0x55/0x1e0 [ 2055.695577][ T2538] alloc_empty_file+0x55/0x1e0 [ 2055.695616][ T2538] alloc_file_pseudo+0x13a/0x230 [ 2055.695656][ T2538] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2055.695697][ T2538] ? do_raw_spin_unlock+0x172/0x230 [ 2055.695740][ T2538] __anon_inode_getfile+0xe8/0x280 [ 2055.695776][ T2538] anon_inode_getfile_fmode+0x37/0xa0 [ 2055.695811][ T2538] __do_sys_fanotify_init+0x96d/0xc00 [ 2055.695854][ T2538] do_syscall_64+0xcd/0x490 [ 2055.695886][ T2538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2055.695914][ T2538] RIP: 0033:0x7f7c1eb8ebe9 [ 2055.695936][ T2538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2055.695962][ T2538] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2055.695987][ T2538] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2055.696006][ T2538] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2055.696023][ T2538] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2055.696039][ T2538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2055.696056][ T2538] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2055.696092][ T2538] [ 2058.340849][ T2575] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2058.414411][ T2575] FAULT_INJECTION: forcing a failure. [ 2058.414411][ T2575] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2058.449627][ T2575] CPU: 0 UID: 0 PID: 2575 Comm: syz.2.6147 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2058.449670][ T2575] Tainted: [U]=USER [ 2058.449679][ T2575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2058.449695][ T2575] Call Trace: [ 2058.449705][ T2575] [ 2058.449716][ T2575] dump_stack_lvl+0x16c/0x1f0 [ 2058.449750][ T2575] should_fail_ex+0x512/0x640 [ 2058.449786][ T2575] get_futex_key+0x1d0/0x1560 [ 2058.449836][ T2575] ? __pfx_get_futex_key+0x10/0x10 [ 2058.449864][ T2575] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 2058.449904][ T2575] ? lockdep_hardirqs_on+0x7c/0x110 [ 2058.449940][ T2575] ? __destroy_inode+0x2e4/0x730 [ 2058.449975][ T2575] ? __pfx_sock_free_inode+0x10/0x10 [ 2058.450013][ T2575] futex_wake+0xea/0x530 [ 2058.450051][ T2575] ? __pfx_evict+0x10/0x10 [ 2058.450082][ T2575] ? __pfx_futex_wake+0x10/0x10 [ 2058.450121][ T2575] ? iput+0x519/0x880 [ 2058.450162][ T2575] do_futex+0x1e3/0x350 [ 2058.450194][ T2575] ? __pfx_do_futex+0x10/0x10 [ 2058.450224][ T2575] ? __sock_release+0x20b/0x270 [ 2058.450259][ T2575] __x64_sys_futex+0x1e0/0x4c0 [ 2058.450293][ T2575] ? __sys_socket+0xac/0x260 [ 2058.450327][ T2575] ? __pfx___x64_sys_futex+0x10/0x10 [ 2058.450359][ T2575] ? xfd_validate_state+0x61/0x180 [ 2058.450394][ T2575] ? __task_pid_nr_ns+0x17c/0x500 [ 2058.450438][ T2575] do_syscall_64+0xcd/0x490 [ 2058.450469][ T2575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2058.450495][ T2575] RIP: 0033:0x7f06cd18ebe9 [ 2058.450517][ T2575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2058.450543][ T2575] RSP: 002b:00007f06cdf190e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2058.450569][ T2575] RAX: ffffffffffffffda RBX: 00007f06cd3b6098 RCX: 00007f06cd18ebe9 [ 2058.450586][ T2575] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f06cd3b609c [ 2058.450603][ T2575] RBP: 00007f06cd3b6090 R08: 00007f06cdf3b000 R09: 0000000000000000 [ 2058.450621][ T2575] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 2058.450638][ T2575] R13: 00007f06cd3b6128 R14: 00007ffc186b8570 R15: 00007ffc186b8658 [ 2058.450673][ T2575] [ 2059.616139][ T2574] kexec: Could not allocate control_code_buffer [ 2059.836920][ T2597] FAULT_INJECTION: forcing a failure. [ 2059.836920][ T2597] name failslab, interval 1, probability 0, space 0, times 0 [ 2059.913617][ T2597] CPU: 0 UID: 0 PID: 2597 Comm: syz.2.6151 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2059.913653][ T2597] Tainted: [U]=USER [ 2059.913659][ T2597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2059.913668][ T2597] Call Trace: [ 2059.913674][ T2597] [ 2059.913680][ T2597] dump_stack_lvl+0x16c/0x1f0 [ 2059.913701][ T2597] should_fail_ex+0x512/0x640 [ 2059.913720][ T2597] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2059.913741][ T2597] should_failslab+0xc2/0x120 [ 2059.913763][ T2597] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2059.913780][ T2597] ? d_instantiate+0x77/0x90 [ 2059.913798][ T2597] ? alloc_empty_file+0x55/0x1e0 [ 2059.913825][ T2597] alloc_empty_file+0x55/0x1e0 [ 2059.913846][ T2597] alloc_file_pseudo+0x13a/0x230 [ 2059.913868][ T2597] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2059.913891][ T2597] ? do_raw_spin_unlock+0x172/0x230 [ 2059.913916][ T2597] __anon_inode_getfile+0xe8/0x280 [ 2059.913936][ T2597] anon_inode_getfile_fmode+0x37/0xa0 [ 2059.913955][ T2597] __do_sys_fanotify_init+0x96d/0xc00 [ 2059.913981][ T2597] do_syscall_64+0xcd/0x490 [ 2059.914016][ T2597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2059.914042][ T2597] RIP: 0033:0x7f06cd18ebe9 [ 2059.914062][ T2597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2059.914087][ T2597] RSP: 002b:00007f06cdf3a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2059.914112][ T2597] RAX: ffffffffffffffda RBX: 00007f06cd3b5fa0 RCX: 00007f06cd18ebe9 [ 2059.914130][ T2597] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2059.914145][ T2597] RBP: 00007f06cd211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2059.914160][ T2597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2059.914175][ T2597] R13: 00007f06cd3b6038 R14: 00007f06cd3b5fa0 R15: 00007ffc186b8658 [ 2059.914209][ T2597] [ 2061.450572][ T2623] FAULT_INJECTION: forcing a failure. [ 2061.450572][ T2623] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2061.505032][ T2623] CPU: 0 UID: 0 PID: 2623 Comm: syz.0.6155 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2061.505076][ T2623] Tainted: [U]=USER [ 2061.505085][ T2623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2061.505099][ T2623] Call Trace: [ 2061.505108][ T2623] [ 2061.505119][ T2623] dump_stack_lvl+0x16c/0x1f0 [ 2061.505151][ T2623] should_fail_ex+0x512/0x640 [ 2061.505185][ T2623] _copy_to_iter+0x463/0x16f0 [ 2061.505228][ T2623] ? __pfx__copy_to_iter+0x10/0x10 [ 2061.505264][ T2623] ? __skb_recv_datagram+0x1b2/0x220 [ 2061.505303][ T2623] ? __pfx___skb_recv_datagram+0x10/0x10 [ 2061.505342][ T2623] simple_copy_to_iter+0x46/0x90 [ 2061.505377][ T2623] __skb_datagram_iter+0x129/0x900 [ 2061.505409][ T2623] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 2061.505444][ T2623] ? skb_recv_datagram+0x88/0xc0 [ 2061.505481][ T2623] skb_copy_datagram_iter+0x40/0x50 [ 2061.505516][ T2623] netlink_recvmsg+0x27e/0xa90 [ 2061.505543][ T2623] ? __pfx_netlink_recvmsg+0x10/0x10 [ 2061.505573][ T2623] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 2061.505617][ T2623] sock_recvmsg+0x1f6/0x250 [ 2061.505649][ T2623] ____sys_recvmsg+0x218/0x6b0 [ 2061.505685][ T2623] ? __pfx_____sys_recvmsg+0x10/0x10 [ 2061.505729][ T2623] ? __lock_acquire+0x62e/0x1ce0 [ 2061.505767][ T2623] ___sys_recvmsg+0x114/0x1a0 [ 2061.505795][ T2623] ? __pfx____sys_recvmsg+0x10/0x10 [ 2061.505829][ T2623] ? find_held_lock+0x2b/0x80 [ 2061.505875][ T2623] do_recvmmsg+0x2fe/0x750 [ 2061.505907][ T2623] ? __pfx_do_recvmmsg+0x10/0x10 [ 2061.505938][ T2623] ? ksys_write+0x190/0x250 [ 2061.505970][ T2623] ? __mutex_unlock_slowpath+0x163/0x800 [ 2061.506008][ T2623] ? __fget_files+0x20e/0x3c0 [ 2061.506042][ T2623] __x64_sys_recvmmsg+0x22a/0x280 [ 2061.506071][ T2623] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 2061.506108][ T2623] do_syscall_64+0xcd/0x490 [ 2061.506137][ T2623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2061.506163][ T2623] RIP: 0033:0x7f7c1eb8ebe9 [ 2061.506185][ T2623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2061.506208][ T2623] RSP: 002b:00007f7c1f98b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2061.506232][ T2623] RAX: ffffffffffffffda RBX: 00007f7c1edb6090 RCX: 00007f7c1eb8ebe9 [ 2061.506249][ T2623] RDX: 0000000000000007 RSI: 0000200000000100 RDI: 0000000000000003 [ 2061.506264][ T2623] RBP: 00007f7c1f98b090 R08: 0000000000000000 R09: 0000000000000000 [ 2061.506280][ T2623] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 2061.506295][ T2623] R13: 00007f7c1edb6128 R14: 00007f7c1edb6090 R15: 00007ffd33f45ca8 [ 2061.506329][ T2623] [ 2063.834594][ T2654] random: crng reseeded on system resumption [ 2063.844986][T27219] ERROR: Out of memory at tomoyo_memory_ok. [ 2063.883307][T32445] ERROR: Out of memory at tomoyo_memory_ok. [ 2065.402232][ T2678] FAULT_INJECTION: forcing a failure. [ 2065.402232][ T2678] name failslab, interval 1, probability 0, space 0, times 0 [ 2065.454525][ T2678] CPU: 1 UID: 0 PID: 2678 Comm: syz.0.6165 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2065.454569][ T2678] Tainted: [U]=USER [ 2065.454577][ T2678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2065.454591][ T2678] Call Trace: [ 2065.454599][ T2678] [ 2065.454610][ T2678] dump_stack_lvl+0x16c/0x1f0 [ 2065.454644][ T2678] should_fail_ex+0x512/0x640 [ 2065.454672][ T2678] ? __kmalloc_noprof+0xbf/0x510 [ 2065.454701][ T2678] ? lsm_blob_alloc+0x68/0x90 [ 2065.454734][ T2678] should_failslab+0xc2/0x120 [ 2065.454767][ T2678] __kmalloc_noprof+0xd2/0x510 [ 2065.454801][ T2678] lsm_blob_alloc+0x68/0x90 [ 2065.454834][ T2678] security_sk_alloc+0x30/0x270 [ 2065.454860][ T2678] sk_prot_alloc+0xfb/0x2a0 [ 2065.454894][ T2678] sk_alloc+0x36/0xc20 [ 2065.454922][ T2678] __vsock_create.constprop.0+0x3c/0xbb0 [ 2065.454961][ T2678] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2065.455001][ T2678] vsock_create+0x139/0x500 [ 2065.455030][ T2678] __sock_create+0x338/0x8d0 [ 2065.455070][ T2678] __sys_socket+0x14d/0x260 [ 2065.455101][ T2678] ? __pfx___sys_socket+0x10/0x10 [ 2065.455133][ T2678] ? xfd_validate_state+0x61/0x180 [ 2065.455166][ T2678] ? __task_pid_nr_ns+0x17c/0x500 [ 2065.455202][ T2678] __x64_sys_socket+0x72/0xb0 [ 2065.455232][ T2678] ? lockdep_hardirqs_on+0x7c/0x110 [ 2065.455268][ T2678] do_syscall_64+0xcd/0x490 [ 2065.455299][ T2678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2065.455326][ T2678] RIP: 0033:0x7f7c1eb8ebe9 [ 2065.455346][ T2678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2065.455371][ T2678] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2065.455395][ T2678] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2065.455417][ T2678] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 2065.455433][ T2678] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2065.455449][ T2678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2065.455465][ T2678] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2065.455500][ T2678] [ 2067.033648][ T2704] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 2068.116432][ T2709] zswap: compressor not available [ 2069.151663][ T2710] Process accounting paused [ 2076.328821][ T2778] FAULT_INJECTION: forcing a failure. [ 2076.328821][ T2778] name failslab, interval 1, probability 0, space 0, times 0 [ 2076.504174][ T2778] CPU: 1 UID: 0 PID: 2778 Comm: syz.0.6182 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2076.504213][ T2778] Tainted: [U]=USER [ 2076.504218][ T2778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2076.504228][ T2778] Call Trace: [ 2076.504234][ T2778] [ 2076.504240][ T2778] dump_stack_lvl+0x16c/0x1f0 [ 2076.504262][ T2778] should_fail_ex+0x512/0x640 [ 2076.504280][ T2778] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2076.504307][ T2778] should_failslab+0xc2/0x120 [ 2076.504328][ T2778] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2076.504346][ T2778] ? sk_prot_alloc+0x60/0x2a0 [ 2076.504367][ T2778] sk_prot_alloc+0x60/0x2a0 [ 2076.504386][ T2778] sk_alloc+0x36/0xc20 [ 2076.504401][ T2778] __vsock_create.constprop.0+0x3c/0xbb0 [ 2076.504423][ T2778] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2076.504446][ T2778] vsock_create+0x139/0x500 [ 2076.504462][ T2778] __sock_create+0x338/0x8d0 [ 2076.504484][ T2778] __sys_socket+0x14d/0x260 [ 2076.504504][ T2778] ? __pfx___sys_socket+0x10/0x10 [ 2076.504523][ T2778] ? xfd_validate_state+0x61/0x180 [ 2076.504546][ T2778] ? __task_pid_nr_ns+0x17c/0x500 [ 2076.504570][ T2778] __x64_sys_socket+0x72/0xb0 [ 2076.504588][ T2778] ? lockdep_hardirqs_on+0x7c/0x110 [ 2076.504603][ T2778] do_syscall_64+0xcd/0x490 [ 2076.504620][ T2778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2076.504635][ T2778] RIP: 0033:0x7f7c1eb8ebe9 [ 2076.504648][ T2778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2076.504663][ T2778] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2076.504677][ T2778] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2076.504687][ T2778] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 2076.504695][ T2778] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2076.504704][ T2778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2076.504712][ T2778] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2076.504730][ T2778] [ 2076.869649][ T2770] FAULT_INJECTION: forcing a failure. [ 2076.869649][ T2770] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2077.054064][ T2770] CPU: 1 UID: 0 PID: 2770 Comm: syz.2.6180 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2077.054107][ T2770] Tainted: [U]=USER [ 2077.054115][ T2770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2077.054131][ T2770] Call Trace: [ 2077.054140][ T2770] [ 2077.054150][ T2770] dump_stack_lvl+0x16c/0x1f0 [ 2077.054184][ T2770] should_fail_ex+0x512/0x640 [ 2077.054224][ T2770] get_futex_key+0x1d0/0x1560 [ 2077.054269][ T2770] ? __pfx_get_futex_key+0x10/0x10 [ 2077.054314][ T2770] futex_wait_setup+0x9d/0x550 [ 2077.054362][ T2770] __futex_wait+0x194/0x2f0 [ 2077.054400][ T2770] ? __pfx___futex_wait+0x10/0x10 [ 2077.054441][ T2770] ? __pfx_futex_wake_mark+0x10/0x10 [ 2077.054482][ T2770] ? futex_private_hash_put+0x176/0x300 [ 2077.054517][ T2770] ? futex_private_hash_put+0x18a/0x300 [ 2077.054560][ T2770] futex_wait+0xe8/0x380 [ 2077.054596][ T2770] ? __pfx_futex_wait+0x10/0x10 [ 2077.054642][ T2770] ? __lock_acquire+0x62e/0x1ce0 [ 2077.054685][ T2770] do_futex+0x229/0x350 [ 2077.054717][ T2770] ? __pfx_do_futex+0x10/0x10 [ 2077.054750][ T2770] ? find_held_lock+0x2b/0x80 [ 2077.054780][ T2770] __x64_sys_futex+0x1e0/0x4c0 [ 2077.054813][ T2770] ? __fget_files+0x20e/0x3c0 [ 2077.054841][ T2770] ? __pfx___x64_sys_futex+0x10/0x10 [ 2077.054880][ T2770] ? fdget+0x187/0x210 [ 2077.054913][ T2770] do_syscall_64+0xcd/0x490 [ 2077.054961][ T2770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2077.054989][ T2770] RIP: 0033:0x7f06cd18ebe9 [ 2077.055012][ T2770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2077.055039][ T2770] RSP: 002b:00007f06cdf3a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2077.055065][ T2770] RAX: ffffffffffffffda RBX: 00007f06cd3b5fa8 RCX: 00007f06cd18ebe9 [ 2077.055084][ T2770] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f06cd3b5fa8 [ 2077.055101][ T2770] RBP: 00007f06cd3b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 2077.055117][ T2770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2077.055133][ T2770] R13: 00007f06cd3b6038 R14: 00007ffc186b8570 R15: 00007ffc186b8658 [ 2077.055172][ T2770] [ 2079.406251][ T2822] kafs: addr_prefs: Too many elements in string [ 2081.420583][ T30] audit: type=1800 audit(4294967541.119:271): pid=2854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6193" name="dbroot" dev="configfs" ino=143180 res=0 errno=0 [ 2081.636481][ T2848] netlink: 'syz.0.6194': attribute type 1 has an invalid length. [ 2083.715188][ T2882] can: request_module (can-proto-0) failed. [ 2086.336162][ T2909] program syz.3.6207 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2087.477890][ T2929] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 2089.694548][ T2939] FAULT_INJECTION: forcing a failure. [ 2089.694548][ T2939] name failslab, interval 1, probability 0, space 0, times 0 [ 2089.774080][ T2939] CPU: 1 UID: 0 PID: 2939 Comm: syz.0.6211 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2089.774124][ T2939] Tainted: [U]=USER [ 2089.774131][ T2939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2089.774145][ T2939] Call Trace: [ 2089.774154][ T2939] [ 2089.774164][ T2939] dump_stack_lvl+0x16c/0x1f0 [ 2089.774197][ T2939] should_fail_ex+0x512/0x640 [ 2089.774227][ T2939] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2089.774259][ T2939] should_failslab+0xc2/0x120 [ 2089.774289][ T2939] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2089.774318][ T2939] ? d_instantiate+0x77/0x90 [ 2089.774346][ T2939] ? alloc_empty_file+0x55/0x1e0 [ 2089.774385][ T2939] alloc_empty_file+0x55/0x1e0 [ 2089.774420][ T2939] alloc_file_pseudo+0x13a/0x230 [ 2089.774455][ T2939] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2089.774495][ T2939] ? do_raw_spin_unlock+0x172/0x230 [ 2089.774535][ T2939] __anon_inode_getfile+0xe8/0x280 [ 2089.774568][ T2939] anon_inode_getfile_fmode+0x37/0xa0 [ 2089.774600][ T2939] __do_sys_fanotify_init+0x96d/0xc00 [ 2089.774642][ T2939] do_syscall_64+0xcd/0x490 [ 2089.774683][ T2939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2089.774711][ T2939] RIP: 0033:0x7f7c1eb8ebe9 [ 2089.774733][ T2939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2089.774758][ T2939] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2089.774783][ T2939] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2089.774802][ T2939] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2089.774819][ T2939] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2089.774835][ T2939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2089.774852][ T2939] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2089.774888][ T2939] [ 2090.761225][ T30] audit: type=1800 audit(4294967550.439:272): pid=2955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6215" name="features" dev="configfs" ino=143425 res=0 errno=0 [ 2090.799743][ T2944] binder: 2943:2944 ioctl 40088a01 1 returned -22 [ 2090.999247][ T2960] ERROR: Out of memory at tomoyo_memory_ok. [ 2091.381045][ T2969] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6218'. [ 2091.714586][ T769] Bluetooth: hci2: unexpected event 0x3c length: 728 > 7 [ 2091.714833][ T769] Bluetooth: hci2: unexpected event 0x3c length: 728 > 7 [ 2094.164603][ T2997] FAULT_INJECTION: forcing a failure. [ 2094.164603][ T2997] name failslab, interval 1, probability 0, space 0, times 0 [ 2094.307122][ T2997] CPU: 1 UID: 0 PID: 2997 Comm: syz.0.6223 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2094.307168][ T2997] Tainted: [U]=USER [ 2094.307176][ T2997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2094.307190][ T2997] Call Trace: [ 2094.307198][ T2997] [ 2094.307209][ T2997] dump_stack_lvl+0x16c/0x1f0 [ 2094.307242][ T2997] should_fail_ex+0x512/0x640 [ 2094.307272][ T2997] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2094.307307][ T2997] should_failslab+0xc2/0x120 [ 2094.307339][ T2997] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2094.307368][ T2997] ? d_instantiate+0x77/0x90 [ 2094.307406][ T2997] ? alloc_empty_file+0x55/0x1e0 [ 2094.307450][ T2997] alloc_empty_file+0x55/0x1e0 [ 2094.307489][ T2997] alloc_file_pseudo+0x13a/0x230 [ 2094.307527][ T2997] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2094.307568][ T2997] ? do_raw_spin_unlock+0x172/0x230 [ 2094.307611][ T2997] __anon_inode_getfile+0xe8/0x280 [ 2094.307647][ T2997] anon_inode_getfile_fmode+0x37/0xa0 [ 2094.307681][ T2997] __do_sys_fanotify_init+0x96d/0xc00 [ 2094.307723][ T2997] do_syscall_64+0xcd/0x490 [ 2094.307754][ T2997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2094.307780][ T2997] RIP: 0033:0x7f7c1eb8ebe9 [ 2094.307802][ T2997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2094.307826][ T2997] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2094.307852][ T2997] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2094.307871][ T2997] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2094.307887][ T2997] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2094.307903][ T2997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2094.307919][ T2997] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2094.307954][ T2997] [ 2094.556927][ T3000] FAULT_INJECTION: forcing a failure. [ 2094.556927][ T3000] name failslab, interval 1, probability 0, space 0, times 0 [ 2094.734159][ T3000] CPU: 0 UID: 0 PID: 3000 Comm: syz.4.6224 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2094.734188][ T3000] Tainted: [U]=USER [ 2094.734193][ T3000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2094.734203][ T3000] Call Trace: [ 2094.734209][ T3000] [ 2094.734216][ T3000] dump_stack_lvl+0x16c/0x1f0 [ 2094.734237][ T3000] should_fail_ex+0x512/0x640 [ 2094.734256][ T3000] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2094.734277][ T3000] should_failslab+0xc2/0x120 [ 2094.734298][ T3000] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2094.734332][ T3000] ? vma_merge_new_range+0x3ae/0xa50 [ 2094.734349][ T3000] ? vm_area_alloc+0x1f/0x160 [ 2094.734393][ T3000] vm_area_alloc+0x1f/0x160 [ 2094.734409][ T3000] __mmap_region+0xf90/0x27b0 [ 2094.734428][ T3000] ? finish_task_switch.isra.0+0x21c/0xc10 [ 2094.734444][ T3000] ? __pfx___mmap_region+0x10/0x10 [ 2094.734461][ T3000] ? rcu_is_watching+0x12/0xc0 [ 2094.734480][ T3000] ? rcu_is_watching+0x12/0xc0 [ 2094.734494][ T3000] ? trace_sched_exit_tp+0xd1/0x120 [ 2094.734516][ T3000] ? __schedule+0x11a3/0x5de0 [ 2094.734537][ T3000] ? __lock_acquire+0x62e/0x1ce0 [ 2094.734570][ T3000] ? __pfx___schedule+0x10/0x10 [ 2094.734613][ T3000] ? trace_cap_capable+0x18d/0x200 [ 2094.734642][ T3000] mmap_region+0x1ab/0x3f0 [ 2094.734662][ T3000] ? __get_unmapped_area+0x267/0x440 [ 2094.734685][ T3000] do_mmap+0xa3e/0x1210 [ 2094.734709][ T3000] ? __pfx_do_mmap+0x10/0x10 [ 2094.734729][ T3000] ? __pfx_down_write_killable+0x10/0x10 [ 2094.734751][ T3000] vm_mmap_pgoff+0x29e/0x470 [ 2094.734775][ T3000] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2094.734799][ T3000] ? __x64_sys_futex+0x1e0/0x4c0 [ 2094.734821][ T3000] ? __x64_sys_futex+0x1e9/0x4c0 [ 2094.734841][ T3000] ksys_mmap_pgoff+0x7d/0x5c0 [ 2094.734860][ T3000] ? xfd_validate_state+0x61/0x180 [ 2094.734881][ T3000] ? __pfx_ksys_write+0x10/0x10 [ 2094.734899][ T3000] __x64_sys_mmap+0x125/0x190 [ 2094.734924][ T3000] do_syscall_64+0xcd/0x490 [ 2094.734941][ T3000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2094.734956][ T3000] RIP: 0033:0x7f12a498ebe9 [ 2094.734968][ T3000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2094.734982][ T3000] RSP: 002b:00007f12a5750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2094.734997][ T3000] RAX: ffffffffffffffda RBX: 00007f12a4bb6090 RCX: 00007f12a498ebe9 [ 2094.735007][ T3000] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 2094.735016][ T3000] RBP: 00007f12a4a11e19 R08: 0000000000000401 R09: 0000000000008000 [ 2094.735025][ T3000] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 2094.735034][ T3000] R13: 00007f12a4bb6128 R14: 00007f12a4bb6090 R15: 00007ffe3ba409c8 [ 2094.735053][ T3000] [ 2096.039216][ T30] audit: type=1800 audit(4294967555.729:273): pid=3016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6228" name="features" dev="configfs" ino=144552 res=0 errno=0 [ 2098.529367][ T3040] FAULT_INJECTION: forcing a failure. [ 2098.529367][ T3040] name failslab, interval 1, probability 0, space 0, times 0 [ 2098.623096][ T3040] CPU: 1 UID: 0 PID: 3040 Comm: syz.4.6233 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2098.623126][ T3040] Tainted: [U]=USER [ 2098.623131][ T3040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2098.623140][ T3040] Call Trace: [ 2098.623146][ T3040] [ 2098.623152][ T3040] dump_stack_lvl+0x16c/0x1f0 [ 2098.623172][ T3040] should_fail_ex+0x512/0x640 [ 2098.623190][ T3040] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2098.623210][ T3040] should_failslab+0xc2/0x120 [ 2098.623230][ T3040] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2098.623247][ T3040] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 2098.623274][ T3040] acpi_ut_create_generic_state+0x5c/0xb0 [ 2098.623296][ T3040] acpi_ps_push_scope+0x22/0x230 [ 2098.623313][ T3040] acpi_ps_parse_loop+0x9f3/0x1d00 [ 2098.623334][ T3040] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 2098.623348][ T3040] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 2098.623365][ T3040] ? acpi_ut_create_thread_state+0x63/0x170 [ 2098.623392][ T3040] acpi_ps_parse_aml+0x3c1/0xcb0 [ 2098.623410][ T3040] acpi_ps_execute_method+0x55a/0xb30 [ 2098.623429][ T3040] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 2098.623450][ T3040] acpi_ns_evaluate+0x76c/0xca0 [ 2098.623469][ T3040] ? kasan_save_track+0x14/0x30 [ 2098.623487][ T3040] acpi_evaluate_object+0x1fa/0xa90 [ 2098.623509][ T3040] ? gr_queue.constprop.0+0xa26/0x1100 [ 2098.623527][ T3040] ? do_syscall_64+0xcd/0x490 [ 2098.623542][ T3040] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2098.623558][ T3040] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 2098.623581][ T3040] ? __mutex_trylock_common+0xe9/0x250 [ 2098.623604][ T3040] acpi_evaluate_integer+0xdd/0x200 [ 2098.623626][ T3040] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 2098.623659][ T3040] ? __pfx_status_show+0x10/0x10 [ 2098.623674][ T3040] status_show+0xa0/0x120 [ 2098.623689][ T3040] ? __pfx_status_show+0x10/0x10 [ 2098.623716][ T3040] dev_attr_show+0x53/0xe0 [ 2098.623738][ T3040] ? __pfx_dev_attr_show+0x10/0x10 [ 2098.623755][ T3040] sysfs_kf_seq_show+0x213/0x3e0 [ 2098.623776][ T3040] seq_read_iter+0x509/0x12c0 [ 2098.623792][ T3040] ? __mutex_trylock_common+0xe9/0x250 [ 2098.623822][ T3040] kernfs_fop_read_iter+0x40f/0x5a0 [ 2098.623846][ T3040] ? rw_verify_area+0xcf/0x6c0 [ 2098.623872][ T3040] vfs_read+0x8bf/0xc60 [ 2098.623891][ T3040] ? __pfx___mutex_lock+0x10/0x10 [ 2098.623908][ T3040] ? __pfx_vfs_read+0x10/0x10 [ 2098.623938][ T3040] ksys_read+0x12a/0x250 [ 2098.623954][ T3040] ? __pfx_ksys_read+0x10/0x10 [ 2098.623982][ T3040] do_syscall_64+0xcd/0x490 [ 2098.624009][ T3040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2098.624033][ T3040] RIP: 0033:0x7f12a498ebe9 [ 2098.624053][ T3040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2098.624074][ T3040] RSP: 002b:00007f12a5750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2098.624089][ T3040] RAX: ffffffffffffffda RBX: 00007f12a4bb6090 RCX: 00007f12a498ebe9 [ 2098.624099][ T3040] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000009 [ 2098.624108][ T3040] RBP: 00007f12a4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2098.624117][ T3040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2098.624126][ T3040] R13: 00007f12a4bb6128 R14: 00007f12a4bb6090 R15: 00007ffe3ba409c8 [ 2098.624147][ T3040] [ 2098.997681][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 2099.006278][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 2099.015785][ T3040] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250404/psparse-529) [ 2099.996426][ T3049] Process accounting resumed [ 2101.044501][ T3060] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6240'. [ 2102.387779][ T3074] netlink: 'syz.2.6238': attribute type 33 has an invalid length. [ 2102.395863][ T3074] netlink: 322 bytes leftover after parsing attributes in process `syz.2.6238'. [ 2103.125268][ T3061] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6239'. [ 2103.300786][ T3061] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6239'. [ 2103.390419][ T3061] netlink: 218 bytes leftover after parsing attributes in process `syz.0.6239'. [ 2104.110281][ T3087] ima: policy update failed [ 2104.192742][ T30] audit: type=1802 audit(4294967563.859:274): pid=3087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.6243" res=0 errno=0 [ 2105.011576][ T3080] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6242'. [ 2106.047333][ T3070] binder: 3066:3070 ioctl 40088a01 1 returned -22 [ 2106.574862][ T3100] random: crng reseeded on system resumption [ 2106.635219][T32418] ERROR: Out of memory at tomoyo_memory_ok. [ 2106.809318][T32443] ERROR: Out of memory at tomoyo_memory_ok. [ 2113.905420][ T30] audit: type=1800 audit(4294967573.609:275): pid=3175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6256" name="features" dev="configfs" ino=143886 res=0 errno=0 [ 2116.862301][ T3194] FAULT_INJECTION: forcing a failure. [ 2116.862301][ T3194] name failslab, interval 1, probability 0, space 0, times 0 [ 2116.976967][ T3194] CPU: 1 UID: 0 PID: 3194 Comm: syz.2.6260 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2116.976999][ T3194] Tainted: [U]=USER [ 2116.977004][ T3194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2116.977013][ T3194] Call Trace: [ 2116.977020][ T3194] [ 2116.977026][ T3194] dump_stack_lvl+0x16c/0x1f0 [ 2116.977047][ T3194] should_fail_ex+0x512/0x640 [ 2116.977067][ T3194] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2116.977089][ T3194] should_failslab+0xc2/0x120 [ 2116.977109][ T3194] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2116.977127][ T3194] ? __kernfs_new_node+0xd2/0x8e0 [ 2116.977148][ T3194] __kernfs_new_node+0xd2/0x8e0 [ 2116.977169][ T3194] ? __pfx___kernfs_new_node+0x10/0x10 [ 2116.977191][ T3194] ? find_held_lock+0x2b/0x80 [ 2116.977207][ T3194] ? kernfs_root+0xee/0x2a0 [ 2116.977228][ T3194] kernfs_new_node+0x13c/0x1e0 [ 2116.977252][ T3194] __kernfs_create_file+0x53/0x350 [ 2116.977269][ T3194] sysfs_add_file_mode_ns+0x207/0x3c0 [ 2116.977291][ T3194] internal_create_group+0x578/0xf30 [ 2116.977314][ T3194] ? __pfx_internal_create_group+0x10/0x10 [ 2116.977336][ T3194] ? kernfs_create_link+0x1bd/0x240 [ 2116.977353][ T3194] internal_create_groups+0x9d/0x150 [ 2116.977374][ T3194] device_add+0xf30/0x1aa0 [ 2116.977396][ T3194] ? __pfx_device_add+0x10/0x10 [ 2116.977415][ T3194] ? lockdep_init_map_type+0x5c/0x280 [ 2116.977435][ T3194] ? __init_waitqueue_head+0xca/0x150 [ 2116.977461][ T3194] netdev_register_kobject+0x1a9/0x3d0 [ 2116.977483][ T3194] register_netdevice+0x13dc/0x2270 [ 2116.977504][ T3194] ? __pfx_register_netdevice+0x10/0x10 [ 2116.977525][ T3194] ? __pfx_loopback_net_init+0x10/0x10 [ 2116.977548][ T3194] register_netdev+0x34/0x50 [ 2116.977564][ T3194] loopback_net_init+0x7a/0x170 [ 2116.977586][ T3194] ? __pfx_loopback_net_init+0x10/0x10 [ 2116.977606][ T3194] ops_init+0x1df/0x5f0 [ 2116.977624][ T3194] setup_net+0x10f/0x380 [ 2116.977638][ T3194] ? lockdep_init_map_type+0x5c/0x280 [ 2116.977658][ T3194] ? __pfx_setup_net+0x10/0x10 [ 2116.977674][ T3194] ? debug_mutex_init+0x37/0x70 [ 2116.977691][ T3194] copy_net_ns+0x2a6/0x5f0 [ 2116.977711][ T3194] create_new_namespaces+0x3ea/0xa90 [ 2116.977732][ T3194] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2116.977751][ T3194] ksys_unshare+0x45b/0xa40 [ 2116.977771][ T3194] ? __pfx_ksys_unshare+0x10/0x10 [ 2116.977791][ T3194] ? xfd_validate_state+0x61/0x180 [ 2116.977833][ T3194] __x64_sys_unshare+0x31/0x40 [ 2116.977867][ T3194] do_syscall_64+0xcd/0x490 [ 2116.977890][ T3194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2116.977906][ T3194] RIP: 0033:0x7f06cd18ebe9 [ 2116.977920][ T3194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2116.977935][ T3194] RSP: 002b:00007f06cdf3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2116.977950][ T3194] RAX: ffffffffffffffda RBX: 00007f06cd3b5fa0 RCX: 00007f06cd18ebe9 [ 2116.977960][ T3194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2116.977969][ T3194] RBP: 00007f06cd211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2116.977979][ T3194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2116.977988][ T3194] R13: 00007f06cd3b6038 R14: 00007f06cd3b5fa0 R15: 00007ffc186b8658 [ 2116.978011][ T3194] [ 2117.966931][ T3200] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2118.102095][ T3201] FAULT_INJECTION: forcing a failure. [ 2118.102095][ T3201] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2118.118526][ T3201] CPU: 1 UID: 0 PID: 3201 Comm: syz.2.6261 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2118.118572][ T3201] Tainted: [U]=USER [ 2118.118581][ T3201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2118.118597][ T3201] Call Trace: [ 2118.118606][ T3201] [ 2118.118617][ T3201] dump_stack_lvl+0x16c/0x1f0 [ 2118.118649][ T3201] should_fail_ex+0x512/0x640 [ 2118.118686][ T3201] get_futex_key+0x1d0/0x1560 [ 2118.118725][ T3201] ? __pfx_get_futex_key+0x10/0x10 [ 2118.118752][ T3201] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 2118.118788][ T3201] ? lockdep_hardirqs_on+0x7c/0x110 [ 2118.118816][ T3201] ? __destroy_inode+0x2e4/0x730 [ 2118.118848][ T3201] ? __pfx_sock_free_inode+0x10/0x10 [ 2118.118892][ T3201] futex_wake+0xea/0x530 [ 2118.118932][ T3201] ? __pfx_evict+0x10/0x10 [ 2118.118964][ T3201] ? __pfx_futex_wake+0x10/0x10 [ 2118.119004][ T3201] ? iput+0x519/0x880 [ 2118.119045][ T3201] do_futex+0x1e3/0x350 [ 2118.119077][ T3201] ? __pfx_do_futex+0x10/0x10 [ 2118.119108][ T3201] ? __sock_release+0x20b/0x270 [ 2118.119143][ T3201] __x64_sys_futex+0x1e0/0x4c0 [ 2118.119177][ T3201] ? __sys_socket+0xac/0x260 [ 2118.119211][ T3201] ? __pfx___x64_sys_futex+0x10/0x10 [ 2118.119244][ T3201] ? xfd_validate_state+0x61/0x180 [ 2118.119279][ T3201] ? __task_pid_nr_ns+0x17c/0x500 [ 2118.119323][ T3201] do_syscall_64+0xcd/0x490 [ 2118.119353][ T3201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2118.119380][ T3201] RIP: 0033:0x7f06cd18ebe9 [ 2118.119401][ T3201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2118.119426][ T3201] RSP: 002b:00007f06caff60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2118.119451][ T3201] RAX: ffffffffffffffda RBX: 00007f06cd3b6188 RCX: 00007f06cd18ebe9 [ 2118.119469][ T3201] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f06cd3b618c [ 2118.119486][ T3201] RBP: 00007f06cd3b6180 R08: 00007f06cdf3b000 R09: 0000000000000000 [ 2118.119504][ T3201] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 2118.119521][ T3201] R13: 00007f06cd3b6218 R14: 00007ffc186b8570 R15: 00007ffc186b8658 [ 2118.119556][ T3201] [ 2119.546183][ T3198] kexec: Could not allocate control_code_buffer [ 2119.848139][ T3207] ima: policy update failed [ 2119.852897][ T30] audit: type=1802 audit(4294967579.549:276): pid=3207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.6264" res=0 errno=0 [ 2124.328141][ T3261] zswap: compressor 0000 not available [ 2124.447854][ T3267] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2124.488581][ T3267] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2127.199231][ T3291] FAULT_INJECTION: forcing a failure. [ 2127.199231][ T3291] name failslab, interval 1, probability 0, space 0, times 0 [ 2127.254451][ T3291] CPU: 0 UID: 0 PID: 3291 Comm: syz.0.6279 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2127.254488][ T3291] Tainted: [U]=USER [ 2127.254494][ T3291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2127.254502][ T3291] Call Trace: [ 2127.254508][ T3291] [ 2127.254514][ T3291] dump_stack_lvl+0x16c/0x1f0 [ 2127.254535][ T3291] should_fail_ex+0x512/0x640 [ 2127.254553][ T3291] ? fs_reclaim_acquire+0xae/0x150 [ 2127.254577][ T3291] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2127.254595][ T3291] should_failslab+0xc2/0x120 [ 2127.254614][ T3291] __kmalloc_noprof+0xd2/0x510 [ 2127.254636][ T3291] tomoyo_realpath_from_path+0xc2/0x6e0 [ 2127.254661][ T3291] tomoyo_path_number_perm+0x245/0x580 [ 2127.254676][ T3291] ? tomoyo_path_number_perm+0x237/0x580 [ 2127.254695][ T3291] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2127.254709][ T3291] ? __schedule+0x11a3/0x5de0 [ 2127.254731][ T3291] ? preempt_schedule_common+0x44/0xc0 [ 2127.254762][ T3291] ? find_held_lock+0x2b/0x80 [ 2127.254776][ T3291] ? hook_file_ioctl_common+0x145/0x410 [ 2127.254797][ T3291] ? __fget_files+0x20e/0x3c0 [ 2127.254820][ T3291] security_file_ioctl+0x9b/0x240 [ 2127.254837][ T3291] __x64_sys_ioctl+0xb7/0x210 [ 2127.254861][ T3291] do_syscall_64+0xcd/0x490 [ 2127.254878][ T3291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2127.254894][ T3291] RIP: 0033:0x7f7c1eb8ebe9 [ 2127.254906][ T3291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2127.254921][ T3291] RSP: 002b:00007f7c1f949038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2127.254936][ T3291] RAX: ffffffffffffffda RBX: 00007f7c1edb6270 RCX: 00007f7c1eb8ebe9 [ 2127.254954][ T3291] RDX: 0000000000000007 RSI: 0000000000004b66 RDI: 0000000000000005 [ 2127.254963][ T3291] RBP: 00007f7c1f949090 R08: 0000000000000000 R09: 0000000000000000 [ 2127.254972][ T3291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2127.254980][ T3291] R13: 00007f7c1edb6308 R14: 00007f7c1edb6270 R15: 00007ffd33f45ca8 [ 2127.254999][ T3291] [ 2127.255030][ T3291] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2127.871004][ T3295] netlink: 10 bytes leftover after parsing attributes in process `syz.3.6280'. [ 2132.943938][ T3312] Process accounting paused [ 2133.559835][ T3362] FAULT_INJECTION: forcing a failure. [ 2133.559835][ T3362] name failslab, interval 1, probability 0, space 0, times 0 [ 2133.647145][ T3362] CPU: 0 UID: 0 PID: 3362 Comm: syz.0.6293 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2133.647189][ T3362] Tainted: [U]=USER [ 2133.647198][ T3362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2133.647213][ T3362] Call Trace: [ 2133.647222][ T3362] [ 2133.647233][ T3362] dump_stack_lvl+0x16c/0x1f0 [ 2133.647268][ T3362] should_fail_ex+0x512/0x640 [ 2133.647299][ T3362] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2133.647331][ T3362] should_failslab+0xc2/0x120 [ 2133.647365][ T3362] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2133.647396][ T3362] ? kcm_create+0x11e/0x690 [ 2133.647433][ T3362] kcm_create+0x11e/0x690 [ 2133.647469][ T3362] __sock_create+0x338/0x8d0 [ 2133.647510][ T3362] __sys_socket+0x14d/0x260 [ 2133.647544][ T3362] ? __pfx___sys_socket+0x10/0x10 [ 2133.647577][ T3362] ? xfd_validate_state+0x61/0x180 [ 2133.647610][ T3362] ? __pfx_ksys_write+0x10/0x10 [ 2133.647647][ T3362] __x64_sys_socket+0x72/0xb0 [ 2133.647679][ T3362] ? lockdep_hardirqs_on+0x7c/0x110 [ 2133.647705][ T3362] do_syscall_64+0xcd/0x490 [ 2133.647733][ T3362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2133.647758][ T3362] RIP: 0033:0x7f7c1eb8ebe9 [ 2133.647778][ T3362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2133.647803][ T3362] RSP: 002b:00007f7c1f96a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2133.647833][ T3362] RAX: ffffffffffffffda RBX: 00007f7c1edb6180 RCX: 00007f7c1eb8ebe9 [ 2133.647851][ T3362] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 2133.647868][ T3362] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2133.647884][ T3362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2133.647900][ T3362] R13: 00007f7c1edb6218 R14: 00007f7c1edb6180 R15: 00007ffd33f45ca8 [ 2133.647937][ T3362] [ 2139.514778][ T3393] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6295'. [ 2142.769125][ T3445] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6300'. [ 2142.842505][ T3445] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6300'. [ 2144.291423][ T3479] vivid-003: ================= START STATUS ================= [ 2144.400960][ T3479] vivid-003: Radio HW Seek Mode: Bounded [ 2144.518095][ T3479] vivid-003: Radio Programmable HW Seek: false [ 2144.683575][ T3479] vivid-003: RDS Rx I/O Mode: Block I/O [ 2144.699355][ T3479] vivid-003: Generate RBDS Instead of RDS: false [ 2144.726720][ T3479] vivid-003: RDS Reception: true [ 2144.743357][ T3479] vivid-003: RDS Program Type: 0 inactive [ 2144.984837][ T3479] vivid-003: RDS PS Name: inactive [ 2144.990149][ T3479] vivid-003: RDS Radio Text: inactive [ 2145.029890][ T3477] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6304'. [ 2145.066511][ T3479] vivid-003: RDS Traffic Announcement: false inactive [ 2145.074255][ T3479] vivid-003: RDS Traffic Program: false inactive [ 2145.089762][ T3479] vivid-003: RDS Music: false inactive [ 2145.113134][ T3479] vivid-003: ================== END STATUS ================== [ 2145.185694][ T3477] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6304'. [ 2145.584805][ T3491] FAULT_INJECTION: forcing a failure. [ 2145.584805][ T3491] name failslab, interval 1, probability 0, space 0, times 0 [ 2145.830034][ T3491] CPU: 0 UID: 0 PID: 3491 Comm: syz.0.6307 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2145.830082][ T3491] Tainted: [U]=USER [ 2145.830092][ T3491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2145.830109][ T3491] Call Trace: [ 2145.830120][ T3491] [ 2145.830132][ T3491] dump_stack_lvl+0x16c/0x1f0 [ 2145.830166][ T3491] should_fail_ex+0x512/0x640 [ 2145.830198][ T3491] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2145.830235][ T3491] should_failslab+0xc2/0x120 [ 2145.830269][ T3491] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2145.830301][ T3491] ? d_instantiate+0x77/0x90 [ 2145.830333][ T3491] ? alloc_empty_file+0x55/0x1e0 [ 2145.830376][ T3491] alloc_empty_file+0x55/0x1e0 [ 2145.830413][ T3491] alloc_file_pseudo+0x13a/0x230 [ 2145.830452][ T3491] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2145.830493][ T3491] ? do_raw_spin_unlock+0x172/0x230 [ 2145.830536][ T3491] __anon_inode_getfile+0xe8/0x280 [ 2145.830572][ T3491] anon_inode_getfile_fmode+0x37/0xa0 [ 2145.830606][ T3491] __do_sys_fanotify_init+0x96d/0xc00 [ 2145.830649][ T3491] do_syscall_64+0xcd/0x490 [ 2145.830680][ T3491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2145.830781][ T3491] RIP: 0033:0x7f7c1eb8ebe9 [ 2145.830797][ T3491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2145.830820][ T3491] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2145.830846][ T3491] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2145.830863][ T3491] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2145.830880][ T3491] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2145.830897][ T3491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2145.830915][ T3491] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2145.830951][ T3491] [ 2149.107912][ T3522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6315'. [ 2153.360120][ T3572] usbip-vudc usbip-vudc.0: gadget not bound [ 2155.465437][ T3601] FAULT_INJECTION: forcing a failure. [ 2155.465437][ T3601] name failslab, interval 1, probability 0, space 0, times 0 [ 2155.504271][ T3601] CPU: 0 UID: 0 PID: 3601 Comm: syz.0.6327 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2155.504312][ T3601] Tainted: [U]=USER [ 2155.504321][ T3601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2155.504335][ T3601] Call Trace: [ 2155.504345][ T3601] [ 2155.504355][ T3601] dump_stack_lvl+0x16c/0x1f0 [ 2155.504386][ T3601] should_fail_ex+0x512/0x640 [ 2155.504415][ T3601] ? __kvmalloc_node_noprof+0x124/0x620 [ 2155.504447][ T3601] should_failslab+0xc2/0x120 [ 2155.504478][ T3601] __kvmalloc_node_noprof+0x137/0x620 [ 2155.504505][ T3601] ? sysctl_head_grab+0x51/0x70 [ 2155.504536][ T3601] ? proc_sys_call_handler+0x281/0x570 [ 2155.504574][ T3601] ? proc_sys_call_handler+0x281/0x570 [ 2155.504606][ T3601] proc_sys_call_handler+0x281/0x570 [ 2155.504642][ T3601] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 2155.504676][ T3601] ? trace_kmalloc+0x2b/0xd0 [ 2155.504718][ T3601] copy_splice_read+0x618/0xba0 [ 2155.504752][ T3601] ? __pfx_copy_splice_read+0x10/0x10 [ 2155.504782][ T3601] ? look_up_lock_class+0x6b/0x150 [ 2155.504813][ T3601] ? lockdep_init_map_type+0x5c/0x280 [ 2155.504848][ T3601] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2155.504879][ T3601] ? __pfx_copy_splice_read+0x10/0x10 [ 2155.504905][ T3601] do_splice_read+0x282/0x370 [ 2155.504934][ T3601] splice_direct_to_actor+0x2a1/0xa30 [ 2155.504963][ T3601] ? __pfx_direct_splice_actor+0x10/0x10 [ 2155.505005][ T3601] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2155.505031][ T3601] ? get_pid_task+0xfc/0x250 [ 2155.505073][ T3601] do_splice_direct+0x174/0x240 [ 2155.505100][ T3601] ? __pfx_do_splice_direct+0x10/0x10 [ 2155.505127][ T3601] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2155.505159][ T3601] ? rw_verify_area+0xcf/0x6c0 [ 2155.505189][ T3601] do_sendfile+0xb06/0xe50 [ 2155.505222][ T3601] ? __pfx_do_sendfile+0x10/0x10 [ 2155.505250][ T3601] ? __fget_files+0x20e/0x3c0 [ 2155.505287][ T3601] __x64_sys_sendfile64+0x1d8/0x220 [ 2155.505319][ T3601] ? ksys_write+0x1ac/0x250 [ 2155.505345][ T3601] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2155.505388][ T3601] do_syscall_64+0xcd/0x490 [ 2155.505417][ T3601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2155.505443][ T3601] RIP: 0033:0x7f7c1eb8ebe9 [ 2155.505463][ T3601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2155.505487][ T3601] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2155.505512][ T3601] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2155.505530][ T3601] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 2155.505545][ T3601] RBP: 00007f7c1f9ac090 R08: 0000000000000000 R09: 0000000000000000 [ 2155.505560][ T3601] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 2155.505576][ T3601] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2155.505610][ T3601] [ 2156.085230][ T3613] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2156.085306][ T3613] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2158.425816][ T3628] FAULT_INJECTION: forcing a failure. [ 2158.425816][ T3628] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2158.539874][ T3628] CPU: 1 UID: 0 PID: 3628 Comm: syz.4.6332 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2158.539900][ T3628] Tainted: [U]=USER [ 2158.539905][ T3628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2158.539915][ T3628] Call Trace: [ 2158.539921][ T3628] [ 2158.539927][ T3628] dump_stack_lvl+0x16c/0x1f0 [ 2158.539947][ T3628] should_fail_ex+0x512/0x640 [ 2158.539968][ T3628] should_fail_alloc_page+0xe7/0x130 [ 2158.539989][ T3628] prepare_alloc_pages+0x3c2/0x610 [ 2158.540014][ T3628] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2158.540034][ T3628] ? stack_trace_save+0x8e/0xc0 [ 2158.540051][ T3628] ? __pfx_stack_trace_save+0x10/0x10 [ 2158.540067][ T3628] ? stack_depot_save_flags+0x29/0x9c0 [ 2158.540090][ T3628] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2158.540107][ T3628] ? __kasan_slab_alloc+0x89/0x90 [ 2158.540124][ T3628] ? __pmd_alloc+0xbf/0x930 [ 2158.540144][ T3628] ? handle_mm_fault+0x589/0xd10 [ 2158.540157][ T3628] ? __get_user_pages+0x551/0x34a0 [ 2158.540177][ T3628] ? populate_vma_page_range+0x267/0x3f0 [ 2158.540198][ T3628] ? __mm_populate+0x1d8/0x380 [ 2158.540218][ T3628] ? vm_mmap_pgoff+0x37f/0x470 [ 2158.540237][ T3628] ? ksys_mmap_pgoff+0x32c/0x5c0 [ 2158.540256][ T3628] ? __x64_sys_mmap+0x125/0x190 [ 2158.540285][ T3628] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2158.540308][ T3628] ? policy_nodemask+0xea/0x4e0 [ 2158.540328][ T3628] alloc_pages_mpol+0x1fb/0x550 [ 2158.540348][ T3628] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 2158.540372][ T3628] alloc_pages_noprof+0x131/0x390 [ 2158.540391][ T3628] pte_alloc_one+0x1c/0x3a0 [ 2158.540408][ T3628] do_pte_missing+0x1afc/0x3ba0 [ 2158.540424][ T3628] ? do_raw_spin_unlock+0x172/0x230 [ 2158.540455][ T3628] ? __pmd_alloc+0x3fb/0x930 [ 2158.540477][ T3628] __handle_mm_fault+0x152a/0x2a50 [ 2158.540498][ T3628] ? __pfx___handle_mm_fault+0x10/0x10 [ 2158.540529][ T3628] handle_mm_fault+0x589/0xd10 [ 2158.540548][ T3628] __get_user_pages+0x551/0x34a0 [ 2158.540577][ T3628] ? __pfx___get_user_pages+0x10/0x10 [ 2158.540603][ T3628] populate_vma_page_range+0x267/0x3f0 [ 2158.540627][ T3628] ? __pfx_populate_vma_page_range+0x10/0x10 [ 2158.540649][ T3628] ? __pfx_find_vma_intersection+0x10/0x10 [ 2158.540670][ T3628] ? do_mmap+0x69c/0x1210 [ 2158.540694][ T3628] __mm_populate+0x1d8/0x380 [ 2158.540717][ T3628] ? __pfx___mm_populate+0x10/0x10 [ 2158.540741][ T3628] ? up_write+0x1b2/0x520 [ 2158.540763][ T3628] vm_mmap_pgoff+0x37f/0x470 [ 2158.540785][ T3628] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2158.540809][ T3628] ? __fget_files+0x20e/0x3c0 [ 2158.540842][ T3628] ksys_mmap_pgoff+0x32c/0x5c0 [ 2158.540868][ T3628] ? __pfx_ksys_write+0x10/0x10 [ 2158.540888][ T3628] __x64_sys_mmap+0x125/0x190 [ 2158.540915][ T3628] do_syscall_64+0xcd/0x490 [ 2158.540933][ T3628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2158.540949][ T3628] RIP: 0033:0x7f12a498ebe9 [ 2158.540961][ T3628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2158.540976][ T3628] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2158.540990][ T3628] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2158.541000][ T3628] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 2158.541009][ T3628] RBP: 00007f12a5771090 R08: 0000000000000003 R09: 0000000000008000 [ 2158.541018][ T3628] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 2158.541027][ T3628] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2158.541045][ T3628] [ 2159.539128][ T3641] FAULT_INJECTION: forcing a failure. [ 2159.539128][ T3641] name failslab, interval 1, probability 0, space 0, times 0 [ 2159.924968][ T3641] CPU: 0 UID: 0 PID: 3641 Comm: syz.4.6336 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2159.925014][ T3641] Tainted: [U]=USER [ 2159.925023][ T3641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2159.925038][ T3641] Call Trace: [ 2159.925048][ T3641] [ 2159.925059][ T3641] dump_stack_lvl+0x16c/0x1f0 [ 2159.925091][ T3641] should_fail_ex+0x512/0x640 [ 2159.925121][ T3641] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2159.925153][ T3641] should_failslab+0xc2/0x120 [ 2159.925198][ T3641] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2159.925230][ T3641] ? security_file_alloc+0x34/0x2b0 [ 2159.925264][ T3641] security_file_alloc+0x34/0x2b0 [ 2159.925292][ T3641] init_file+0x93/0x4c0 [ 2159.925325][ T3641] alloc_empty_file+0x73/0x1e0 [ 2159.925359][ T3641] alloc_file_pseudo+0x13a/0x230 [ 2159.925397][ T3641] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2159.925434][ T3641] ? do_raw_spin_unlock+0x172/0x230 [ 2159.925469][ T3641] __anon_inode_getfile+0xe8/0x280 [ 2159.925503][ T3641] anon_inode_getfile_fmode+0x37/0xa0 [ 2159.925536][ T3641] __do_sys_fanotify_init+0x96d/0xc00 [ 2159.925577][ T3641] do_syscall_64+0xcd/0x490 [ 2159.925609][ T3641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2159.925638][ T3641] RIP: 0033:0x7f12a498ebe9 [ 2159.925660][ T3641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2159.925684][ T3641] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2159.925710][ T3641] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2159.925729][ T3641] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2159.925745][ T3641] RBP: 00007f12a4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2159.925762][ T3641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2159.925778][ T3641] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2159.925817][ T3641] [ 2160.261652][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 2160.268095][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 2160.805701][ T3656] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2160.835760][ T3656] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2161.038584][ T3659] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2162.747784][ T3653] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6338'. [ 2162.917434][ T3653] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6338'. [ 2163.370461][ T3673] Invalid ELF header magic: != ELF [ 2163.855522][ T3673] nbd: must specify at least one socket [ 2163.984392][ T3657] kexec: Could not allocate control_code_buffer [ 2164.017533][ T3673] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6342'. [ 2164.048174][ T3653] Process accounting resumed [ 2166.138267][ T3707] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2166.225604][ T3707] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2174.996002][ T30] audit: type=1800 audit(4294967634.689:277): pid=3816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6379" name="features" dev="configfs" ino=146838 res=0 errno=0 [ 2177.472948][ T3838] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2177.564990][ T3832] netlink: 338 bytes leftover after parsing attributes in process `syz.0.6380'. [ 2177.811758][ T3843] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2177.863051][ T3843] FAULT_INJECTION: forcing a failure. [ 2177.863051][ T3843] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2177.901567][ T3843] CPU: 0 UID: 0 PID: 3843 Comm: syz.3.6383 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2177.901611][ T3843] Tainted: [U]=USER [ 2177.901626][ T3843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2177.901635][ T3843] Call Trace: [ 2177.901641][ T3843] [ 2177.901648][ T3843] dump_stack_lvl+0x16c/0x1f0 [ 2177.901669][ T3843] should_fail_ex+0x512/0x640 [ 2177.901690][ T3843] get_futex_key+0x1d0/0x1560 [ 2177.901711][ T3843] ? __pfx_get_futex_key+0x10/0x10 [ 2177.901727][ T3843] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 2177.901749][ T3843] ? lockdep_hardirqs_on+0x7c/0x110 [ 2177.901765][ T3843] ? __destroy_inode+0x2e4/0x730 [ 2177.901784][ T3843] ? __pfx_sock_free_inode+0x10/0x10 [ 2177.901804][ T3843] futex_wake+0xea/0x530 [ 2177.901828][ T3843] ? __pfx_evict+0x10/0x10 [ 2177.901846][ T3843] ? __pfx_futex_wake+0x10/0x10 [ 2177.901868][ T3843] ? iput+0x519/0x880 [ 2177.901890][ T3843] do_futex+0x1e3/0x350 [ 2177.901908][ T3843] ? __pfx_do_futex+0x10/0x10 [ 2177.901925][ T3843] ? __sock_release+0x20b/0x270 [ 2177.901944][ T3843] __x64_sys_futex+0x1e0/0x4c0 [ 2177.901963][ T3843] ? __sys_socket+0xac/0x260 [ 2177.901982][ T3843] ? __pfx___x64_sys_futex+0x10/0x10 [ 2177.901999][ T3843] ? xfd_validate_state+0x61/0x180 [ 2177.902026][ T3843] do_syscall_64+0xcd/0x490 [ 2177.902043][ T3843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2177.902058][ T3843] RIP: 0033:0x7f4097b8ebe9 [ 2177.902071][ T3843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2177.902085][ T3843] RSP: 002b:00007f4098a5a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2177.902100][ T3843] RAX: ffffffffffffffda RBX: 00007f4097db5fa8 RCX: 00007f4097b8ebe9 [ 2177.902109][ T3843] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4097db5fac [ 2177.902118][ T3843] RBP: 00007f4097db5fa0 R08: 00007f4098a5b000 R09: 0000000000000000 [ 2177.902127][ T3843] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 2177.902136][ T3843] R13: 00007f4097db6038 R14: 00007fff922ae860 R15: 00007fff922ae948 [ 2177.902154][ T3843] [ 2178.320504][ T3828] kexec: Could not allocate control_code_buffer [ 2178.516578][ T3852] FAULT_INJECTION: forcing a failure. [ 2178.516578][ T3852] name failslab, interval 1, probability 0, space 0, times 0 [ 2178.580372][ T3852] CPU: 1 UID: 0 PID: 3852 Comm: syz.4.6385 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2178.580408][ T3852] Tainted: [U]=USER [ 2178.580415][ T3852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2178.580429][ T3852] Call Trace: [ 2178.580437][ T3852] [ 2178.580446][ T3852] dump_stack_lvl+0x16c/0x1f0 [ 2178.580474][ T3852] should_fail_ex+0x512/0x640 [ 2178.580510][ T3852] should_failslab+0xc2/0x120 [ 2178.580539][ T3852] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2178.580565][ T3852] ? proc_thread_self_get_link+0x1c6/0x240 [ 2178.580598][ T3852] proc_thread_self_get_link+0x1c6/0x240 [ 2178.580627][ T3852] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 2178.580656][ T3852] step_into+0x195e/0x2270 [ 2178.580688][ T3852] ? __pfx_step_into+0x10/0x10 [ 2178.580716][ T3852] ? lookup_fast+0x156/0x610 [ 2178.580741][ T3852] walk_component+0xfc/0x5b0 [ 2178.580769][ T3852] link_path_walk+0x627/0xe20 [ 2178.580807][ T3852] path_openat+0x1b0/0x2cb0 [ 2178.580832][ T3852] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2178.580870][ T3852] ? __pfx_path_openat+0x10/0x10 [ 2178.580905][ T3852] do_filp_open+0x20b/0x470 [ 2178.580933][ T3852] ? __pfx_do_filp_open+0x10/0x10 [ 2178.580985][ T3852] ? alloc_fd+0x471/0x7d0 [ 2178.581021][ T3852] do_sys_openat2+0x11b/0x1d0 [ 2178.581053][ T3852] ? __pfx_do_sys_openat2+0x10/0x10 [ 2178.581091][ T3852] ? __fget_files+0x20e/0x3c0 [ 2178.581122][ T3852] __x64_sys_openat+0x174/0x210 [ 2178.581158][ T3852] ? __pfx___x64_sys_openat+0x10/0x10 [ 2178.581191][ T3852] ? ksys_write+0x1ac/0x250 [ 2178.581232][ T3852] do_syscall_64+0xcd/0x490 [ 2178.581261][ T3852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2178.581295][ T3852] RIP: 0033:0x7f12a498ebe9 [ 2178.581315][ T3852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2178.581339][ T3852] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2178.581362][ T3852] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2178.581379][ T3852] RDX: 0000000000000802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2178.581396][ T3852] RBP: 00007f12a5771090 R08: 0000000000000000 R09: 0000000000000000 [ 2178.581411][ T3852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2178.581426][ T3852] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2178.581462][ T3852] [ 2180.850495][ T3888] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2180.919870][ T3888] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2180.930638][ T3891] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2181.213076][ T3897] FAULT_INJECTION: forcing a failure. [ 2181.213076][ T3897] name failslab, interval 1, probability 0, space 0, times 0 [ 2181.300114][ T3897] CPU: 1 UID: 0 PID: 3897 Comm: syz.3.6394 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2181.300161][ T3897] Tainted: [U]=USER [ 2181.300171][ T3897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2181.300187][ T3897] Call Trace: [ 2181.300197][ T3897] [ 2181.300209][ T3897] dump_stack_lvl+0x16c/0x1f0 [ 2181.300243][ T3897] should_fail_ex+0x512/0x640 [ 2181.300274][ T3897] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2181.300312][ T3897] should_failslab+0xc2/0x120 [ 2181.300348][ T3897] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2181.300381][ T3897] ? d_instantiate+0x77/0x90 [ 2181.300411][ T3897] ? alloc_empty_file+0x55/0x1e0 [ 2181.300454][ T3897] alloc_empty_file+0x55/0x1e0 [ 2181.300491][ T3897] alloc_file_pseudo+0x13a/0x230 [ 2181.300531][ T3897] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2181.300572][ T3897] ? do_raw_spin_unlock+0x172/0x230 [ 2181.300615][ T3897] __anon_inode_getfile+0xe8/0x280 [ 2181.300651][ T3897] anon_inode_getfile_fmode+0x37/0xa0 [ 2181.300685][ T3897] __do_sys_fanotify_init+0x96d/0xc00 [ 2181.300728][ T3897] do_syscall_64+0xcd/0x490 [ 2181.300759][ T3897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2181.300787][ T3897] RIP: 0033:0x7f4097b8ebe9 [ 2181.300809][ T3897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2181.300833][ T3897] RSP: 002b:00007f4098a5a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2181.300858][ T3897] RAX: ffffffffffffffda RBX: 00007f4097db5fa0 RCX: 00007f4097b8ebe9 [ 2181.300877][ T3897] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2181.300894][ T3897] RBP: 00007f4097c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2181.300910][ T3897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2181.300927][ T3897] R13: 00007f4097db6038 R14: 00007f4097db5fa0 R15: 00007fff922ae948 [ 2181.300963][ T3897] [ 2182.830609][ T3890] kexec: Could not allocate control_code_buffer [ 2182.839558][ T3907] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6395'. [ 2182.890750][ T3908] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.6395'. [ 2188.588360][ T30] audit: type=1800 audit(4294967648.289:278): pid=3980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6411" name="features" dev="configfs" ino=148035 res=0 errno=0 [ 2190.423702][ T4004] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6420'. [ 2190.991653][ T4029] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2191.010618][ T4029] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2192.737194][ T4051] FAULT_INJECTION: forcing a failure. [ 2192.737194][ T4051] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2192.771264][ T4051] CPU: 0 UID: 0 PID: 4051 Comm: syz.4.6430 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2192.771306][ T4051] Tainted: [U]=USER [ 2192.771314][ T4051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2192.771326][ T4051] Call Trace: [ 2192.771334][ T4051] [ 2192.771340][ T4051] dump_stack_lvl+0x16c/0x1f0 [ 2192.771360][ T4051] should_fail_ex+0x512/0x640 [ 2192.771382][ T4051] should_fail_alloc_page+0xe7/0x130 [ 2192.771403][ T4051] prepare_alloc_pages+0x3c2/0x610 [ 2192.771425][ T4051] ? rcu_is_watching+0x12/0xc0 [ 2192.771443][ T4051] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2192.771461][ T4051] ? __lock_acquire+0xb97/0x1ce0 [ 2192.771488][ T4051] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2192.771506][ T4051] ? do_raw_spin_lock+0x12c/0x2b0 [ 2192.771527][ T4051] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2192.771549][ T4051] ? find_held_lock+0x2b/0x80 [ 2192.771569][ T4051] ? __lock_acquire+0xb97/0x1ce0 [ 2192.771587][ T4051] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2192.771610][ T4051] ? policy_nodemask+0xea/0x4e0 [ 2192.771631][ T4051] alloc_pages_mpol+0x1fb/0x550 [ 2192.771650][ T4051] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 2192.771675][ T4051] folio_alloc_mpol_noprof+0x36/0x2f0 [ 2192.771697][ T4051] shmem_alloc_folio+0x135/0x160 [ 2192.771721][ T4051] shmem_alloc_and_add_folio+0x499/0xc20 [ 2192.771742][ T4051] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 2192.771764][ T4051] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 2192.771785][ T4051] shmem_get_folio_gfp+0x67f/0x1600 [ 2192.771806][ T4051] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 2192.771828][ T4051] ? __pfx___might_resched+0x10/0x10 [ 2192.771846][ T4051] shmem_fallocate+0x795/0xf50 [ 2192.771871][ T4051] ? __pfx_shmem_fallocate+0x10/0x10 [ 2192.771894][ T4051] ? __lock_acquire+0xb97/0x1ce0 [ 2192.771914][ T4051] ? __lock_acquire+0x62e/0x1ce0 [ 2192.771943][ T4051] ? __pfx_shmem_fallocate+0x10/0x10 [ 2192.771961][ T4051] vfs_fallocate+0x5b4/0x10e0 [ 2192.771981][ T4051] ? __pfx_vfs_fallocate+0x10/0x10 [ 2192.772022][ T4051] __x64_sys_fallocate+0xd5/0x150 [ 2192.772056][ T4051] do_syscall_64+0xcd/0x490 [ 2192.772086][ T4051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2192.772112][ T4051] RIP: 0033:0x7f12a498ebe9 [ 2192.772131][ T4051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2192.772155][ T4051] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 2192.772180][ T4051] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2192.772196][ T4051] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003 [ 2192.772211][ T4051] RBP: 00007f12a5771090 R08: 0000000000000000 R09: 0000000000000000 [ 2192.772227][ T4051] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 2192.772242][ T4051] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2192.772278][ T4051] [ 2194.340427][ T769] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 2194.730637][ T4063] ima: policy update failed [ 2194.738515][ T30] audit: type=1802 audit(4294967654.439:279): pid=4063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.6434" res=0 errno=0 [ 2194.950622][ T4061] Process accounting paused [ 2196.677274][ T4086] bond0: option all_slaves_active: invalid value () [ 2199.107945][ T30] audit: type=1800 audit(4294967658.719:280): pid=4132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6447" name="features" dev="configfs" ino=149623 res=0 errno=0 [ 2200.267949][ T4144] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 2200.536177][ T4153] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2200.620503][ T4153] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2202.606516][ T4176] ceph: Failed to parse sending metrics switch value 'P^' [ 2203.218220][ T4139] kexec: Could not allocate control_code_buffer [ 2203.450760][ T4189] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(4) [ 2208.269711][ T30] audit: type=1800 audit(4294967667.969:281): pid=4247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6466" name="features" dev="configfs" ino=149767 res=0 errno=0 [ 2208.914737][ T4241] serio: Serial port pty6 [ 2209.342992][ T4250] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6467'. [ 2209.385420][ T4250] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6467'. [ 2209.535730][ T4250] netlink: 290 bytes leftover after parsing attributes in process `syz.2.6467'. [ 2209.546443][ T4250] netlink: 290 bytes leftover after parsing attributes in process `syz.2.6467'. [ 2210.096093][ T4255] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6468'. [ 2210.184192][ T4255] bridge_slave_1: left allmulticast mode [ 2210.190057][ T4255] bridge_slave_1: left promiscuous mode [ 2210.386731][ T4255] bridge0: port 2(bridge_slave_1) entered disabled state [ 2210.723452][ T4272] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 2211.389168][ T4255] bridge_slave_0: left allmulticast mode [ 2211.496961][ T4255] bridge_slave_0: left promiscuous mode [ 2211.502803][ T4255] bridge0: port 1(bridge_slave_0) entered disabled state [ 2213.835281][ T30] audit: type=1800 audit(4294967673.519:282): pid=4301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6477" name="features" dev="configfs" ino=149182 res=0 errno=0 [ 2214.730891][ T4293] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6475'. [ 2214.781759][ T4293] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6475'. [ 2214.818036][ T4307] FAULT_INJECTION: forcing a failure. [ 2214.818036][ T4307] name failslab, interval 1, probability 0, space 0, times 0 [ 2215.025021][ T4293] netlink: 290 bytes leftover after parsing attributes in process `syz.2.6475'. [ 2215.047390][ T4307] CPU: 0 UID: 0 PID: 4307 Comm: syz.0.6479 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2215.047438][ T4307] Tainted: [U]=USER [ 2215.047447][ T4307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2215.047462][ T4307] Call Trace: [ 2215.047471][ T4307] [ 2215.047481][ T4307] dump_stack_lvl+0x16c/0x1f0 [ 2215.047512][ T4307] should_fail_ex+0x512/0x640 [ 2215.047541][ T4307] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 2215.047571][ T4307] should_failslab+0xc2/0x120 [ 2215.047603][ T4307] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2215.047630][ T4307] ? tcp_sendmsg_fastopen+0x24d/0x750 [ 2215.047669][ T4307] tcp_sendmsg_fastopen+0x24d/0x750 [ 2215.047709][ T4307] tcp_sendmsg_locked+0x23ff/0x42a0 [ 2215.047752][ T4307] ? __lock_acquire+0xb97/0x1ce0 [ 2215.047796][ T4307] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 2215.047835][ T4307] ? do_raw_spin_lock+0x12c/0x2b0 [ 2215.047871][ T4307] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2215.047915][ T4307] ? __local_bh_enable_ip+0xa4/0x120 [ 2215.047949][ T4307] tcp_sendmsg+0x2e/0x50 [ 2215.047978][ T4307] ? __pfx_tcp_sendmsg+0x10/0x10 [ 2215.048009][ T4307] inet_sendmsg+0xb9/0x140 [ 2215.048043][ T4307] ____sys_sendmsg+0x973/0xc70 [ 2215.048080][ T4307] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2215.048118][ T4307] ? __pfx__kstrtoull+0x10/0x10 [ 2215.048151][ T4307] ___sys_sendmsg+0x134/0x1d0 [ 2215.048179][ T4307] ? __pfx____sys_sendmsg+0x10/0x10 [ 2215.048224][ T4307] ? find_held_lock+0x2b/0x80 [ 2215.048273][ T4307] __sys_sendmmsg+0x200/0x420 [ 2215.048304][ T4307] ? __pfx___sys_sendmmsg+0x10/0x10 [ 2215.048343][ T4307] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2215.048386][ T4307] ? fput+0x9b/0xd0 [ 2215.048418][ T4307] ? ksys_write+0x1ac/0x250 [ 2215.048453][ T4307] ? __pfx_ksys_write+0x10/0x10 [ 2215.048488][ T4307] __x64_sys_sendmmsg+0x9c/0x100 [ 2215.048513][ T4307] ? lockdep_hardirqs_on+0x7c/0x110 [ 2215.048538][ T4307] do_syscall_64+0xcd/0x490 [ 2215.048569][ T4307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2215.048595][ T4307] RIP: 0033:0x7f7c1eb8ebe9 [ 2215.048616][ T4307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2215.048639][ T4307] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2215.048664][ T4307] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2215.048681][ T4307] RDX: 0000000000000007 RSI: 0000200000000140 RDI: 0000000000000003 [ 2215.048697][ T4307] RBP: 00007f7c1f9ac090 R08: 0000000000000000 R09: 0000000000000000 [ 2215.048713][ T4307] R10: 0000000020020000 R11: 0000000000000246 R12: 0000000000000001 [ 2215.048728][ T4307] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2215.048764][ T4307] [ 2215.609730][ T4293] netlink: 290 bytes leftover after parsing attributes in process `syz.2.6475'. [ 2217.380892][ T4328] FAULT_INJECTION: forcing a failure. [ 2217.380892][ T4328] name failslab, interval 1, probability 0, space 0, times 0 [ 2217.424235][ T4328] CPU: 0 UID: 0 PID: 4328 Comm: syz.4.6483 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2217.424285][ T4328] Tainted: [U]=USER [ 2217.424295][ T4328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2217.424311][ T4328] Call Trace: [ 2217.424322][ T4328] [ 2217.424333][ T4328] dump_stack_lvl+0x16c/0x1f0 [ 2217.424367][ T4328] should_fail_ex+0x512/0x640 [ 2217.424398][ T4328] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2217.424435][ T4328] should_failslab+0xc2/0x120 [ 2217.424478][ T4328] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2217.424511][ T4328] ? security_file_alloc+0x34/0x2b0 [ 2217.424548][ T4328] security_file_alloc+0x34/0x2b0 [ 2217.424581][ T4328] init_file+0x93/0x4c0 [ 2217.424620][ T4328] alloc_empty_file+0x73/0x1e0 [ 2217.424672][ T4328] alloc_file_pseudo+0x13a/0x230 [ 2217.424713][ T4328] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2217.424762][ T4328] ? do_raw_spin_unlock+0x172/0x230 [ 2217.424804][ T4328] __anon_inode_getfile+0xe8/0x280 [ 2217.424842][ T4328] anon_inode_getfile_fmode+0x37/0xa0 [ 2217.424878][ T4328] __do_sys_fanotify_init+0x96d/0xc00 [ 2217.424921][ T4328] do_syscall_64+0xcd/0x490 [ 2217.424953][ T4328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2217.424981][ T4328] RIP: 0033:0x7f12a498ebe9 [ 2217.425003][ T4328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2217.425029][ T4328] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2217.425055][ T4328] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2217.425074][ T4328] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2217.425091][ T4328] RBP: 00007f12a4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2217.425108][ T4328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2217.425125][ T4328] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2217.425159][ T4328] [ 2220.752969][ T4351] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6490'. [ 2220.878118][ T4354] FAULT_INJECTION: forcing a failure. [ 2220.878118][ T4354] name failslab, interval 1, probability 0, space 0, times 0 [ 2220.958941][ T4354] CPU: 1 UID: 0 PID: 4354 Comm: syz.0.6491 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2220.958984][ T4354] Tainted: [U]=USER [ 2220.958993][ T4354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2220.959008][ T4354] Call Trace: [ 2220.959023][ T4354] [ 2220.959034][ T4354] dump_stack_lvl+0x16c/0x1f0 [ 2220.959067][ T4354] should_fail_ex+0x512/0x640 [ 2220.959096][ T4354] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2220.959130][ T4354] should_failslab+0xc2/0x120 [ 2220.959162][ T4354] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2220.959193][ T4354] ? __pmd_alloc+0xbf/0x930 [ 2220.959233][ T4354] __pmd_alloc+0xbf/0x930 [ 2220.959272][ T4354] __handle_mm_fault+0xa06/0x2a50 [ 2220.959304][ T4354] ? mt_find+0x3ef/0xa30 [ 2220.959335][ T4354] ? __pfx___handle_mm_fault+0x10/0x10 [ 2220.959358][ T4354] ? __pfx_mt_find+0x10/0x10 [ 2220.959408][ T4354] ? find_vma+0xbf/0x140 [ 2220.959443][ T4354] ? __pfx_find_vma+0x10/0x10 [ 2220.959478][ T4354] handle_mm_fault+0x589/0xd10 [ 2220.959507][ T4354] ? __bpf_trace_exceptions+0x1/0x40 [ 2220.959546][ T4354] do_user_addr_fault+0x7a6/0x1370 [ 2220.959586][ T4354] ? rcu_is_watching+0x12/0xc0 [ 2220.959617][ T4354] exc_page_fault+0x5c/0xb0 [ 2220.959644][ T4354] asm_exc_page_fault+0x26/0x30 [ 2220.959669][ T4354] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 2220.959703][ T4354] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 2220.959728][ T4354] RSP: 0018:ffffc9000472fba0 EFLAGS: 00050202 [ 2220.959764][ T4354] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000003f02 [ 2220.959780][ T4354] RDX: ffffed100bb267e0 RSI: 0000000000000000 RDI: ffff88805d930000 [ 2220.959797][ T4354] RBP: 0000000000003f02 R08: 0000000000000001 R09: ffffed100bb267e0 [ 2220.959814][ T4354] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 2220.959828][ T4354] R13: ffff88805d930000 R14: 0000000000000000 R15: ffff8880331b8800 [ 2220.959865][ T4354] _copy_from_user+0x98/0xd0 [ 2220.959901][ T4354] memdup_user_nul+0x6c/0x120 [ 2220.959935][ T4354] handle_policy_update+0x1a8/0x1230 [ 2220.959982][ T4354] ? __pfx_handle_policy_update+0x10/0x10 [ 2220.960021][ T4354] ? apparmor_capable+0x114/0x1d0 [ 2220.960048][ T4354] ? bpf_lsm_capable+0x9/0x10 [ 2220.960071][ T4354] ? security_capable+0x7e/0x260 [ 2220.960112][ T4354] safesetid_uid_file_write+0x84/0xc0 [ 2220.960152][ T4354] ? __pfx_safesetid_uid_file_write+0x10/0x10 [ 2220.960185][ T4354] vfs_write+0x2a0/0x1150 [ 2220.960220][ T4354] ? __pfx___mutex_lock+0x10/0x10 [ 2220.960247][ T4354] ? __pfx_vfs_write+0x10/0x10 [ 2220.960287][ T4354] ? __fget_files+0x20e/0x3c0 [ 2220.960325][ T4354] ksys_write+0x12a/0x250 [ 2220.960353][ T4354] ? __pfx_ksys_write+0x10/0x10 [ 2220.960392][ T4354] do_syscall_64+0xcd/0x490 [ 2220.960422][ T4354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2220.960448][ T4354] RIP: 0033:0x7f7c1eb8ebe9 [ 2220.960468][ T4354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2220.960491][ T4354] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2220.960514][ T4354] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2220.960531][ T4354] RDX: 0000000000003f02 RSI: 0000000000000000 RDI: 0000000000000003 [ 2220.960547][ T4354] RBP: 00007f7c1f9ac090 R08: 0000000000000000 R09: 0000000000000000 [ 2220.960563][ T4354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2220.960578][ T4354] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2220.960614][ T4354] [ 2221.602433][ T4361] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 2221.611372][ T4361] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 2221.639354][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 2221.645957][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 2221.932971][ T4364] FAULT_INJECTION: forcing a failure. [ 2221.932971][ T4364] name failslab, interval 1, probability 0, space 0, times 0 [ 2222.014443][ T4364] CPU: 1 UID: 0 PID: 4364 Comm: syz.4.6494 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2222.014486][ T4364] Tainted: [U]=USER [ 2222.014496][ T4364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2222.014511][ T4364] Call Trace: [ 2222.014520][ T4364] [ 2222.014530][ T4364] dump_stack_lvl+0x16c/0x1f0 [ 2222.014562][ T4364] should_fail_ex+0x512/0x640 [ 2222.014591][ T4364] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2222.014625][ T4364] should_failslab+0xc2/0x120 [ 2222.014657][ T4364] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2222.014688][ T4364] ? __d_alloc+0x32/0xae0 [ 2222.014722][ T4364] __d_alloc+0x32/0xae0 [ 2222.014764][ T4364] d_alloc_pseudo+0x1c/0xc0 [ 2222.014799][ T4364] alloc_file_pseudo+0xcf/0x230 [ 2222.014837][ T4364] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2222.014883][ T4364] __shmem_file_setup+0x1a3/0x330 [ 2222.014914][ T4364] shmem_zero_setup+0x93/0x1a0 [ 2222.014946][ T4364] __mmap_region+0x2081/0x27b0 [ 2222.014981][ T4364] ? __pfx___mmap_region+0x10/0x10 [ 2222.015019][ T4364] ? is_bpf_text_address+0x8a/0x1a0 [ 2222.015050][ T4364] ? bpf_ksym_find+0x124/0x1c0 [ 2222.015075][ T4364] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 2222.015104][ T4364] ? is_bpf_text_address+0x94/0x1a0 [ 2222.015133][ T4364] ? kernel_text_address+0x8d/0x100 [ 2222.015158][ T4364] ? __kernel_text_address+0xd/0x40 [ 2222.015241][ T4364] ? trace_cap_capable+0x18d/0x200 [ 2222.015290][ T4364] mmap_region+0x1ab/0x3f0 [ 2222.015319][ T4364] ? __get_unmapped_area+0x267/0x440 [ 2222.015357][ T4364] do_mmap+0xa3e/0x1210 [ 2222.015397][ T4364] ? __pfx_do_mmap+0x10/0x10 [ 2222.015430][ T4364] ? __pfx_down_write_killable+0x10/0x10 [ 2222.015468][ T4364] vm_mmap_pgoff+0x29e/0x470 [ 2222.015509][ T4364] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2222.015545][ T4364] ? __fget_files+0x20e/0x3c0 [ 2222.015591][ T4364] ksys_mmap_pgoff+0x7d/0x5c0 [ 2222.015627][ T4364] ? __pfx_ksys_write+0x10/0x10 [ 2222.015659][ T4364] __x64_sys_mmap+0x125/0x190 [ 2222.015700][ T4364] do_syscall_64+0xcd/0x490 [ 2222.015730][ T4364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2222.015760][ T4364] RIP: 0033:0x7f12a498ebe9 [ 2222.015781][ T4364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2222.015805][ T4364] RSP: 002b:00007f12a5771038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2222.015828][ T4364] RAX: ffffffffffffffda RBX: 00007f12a4bb5fa0 RCX: 00007f12a498ebe9 [ 2222.015846][ T4364] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 2222.015861][ T4364] RBP: 00007f12a5771090 R08: 0000000000000401 R09: 0000000000008000 [ 2222.015877][ T4364] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 2222.015893][ T4364] R13: 00007f12a4bb6038 R14: 00007f12a4bb5fa0 R15: 00007ffe3ba409c8 [ 2222.015928][ T4364] [ 2222.710296][ T4368] block nbd0: Unsupported socket: shutdown callout must be supported. [ 2224.534690][ T4372] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6496'. [ 2224.562285][ T4372] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6496'. [ 2224.579548][ T4372] netlink: 290 bytes leftover after parsing attributes in process `syz.4.6496'. [ 2224.600006][ T4372] netlink: 290 bytes leftover after parsing attributes in process `syz.4.6496'. [ 2224.954337][ T4397] FAULT_INJECTION: forcing a failure. [ 2224.954337][ T4397] name failslab, interval 1, probability 0, space 0, times 0 [ 2224.993790][ T4397] CPU: 1 UID: 0 PID: 4397 Comm: syz.0.6502 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2224.993836][ T4397] Tainted: [U]=USER [ 2224.993846][ T4397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2224.993864][ T4397] Call Trace: [ 2224.993874][ T4397] [ 2224.993885][ T4397] dump_stack_lvl+0x16c/0x1f0 [ 2224.993919][ T4397] should_fail_ex+0x512/0x640 [ 2224.993950][ T4397] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2224.993988][ T4397] should_failslab+0xc2/0x120 [ 2224.994021][ T4397] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2224.994052][ T4397] ? d_instantiate+0x77/0x90 [ 2224.994083][ T4397] ? alloc_empty_file+0x55/0x1e0 [ 2224.994125][ T4397] alloc_empty_file+0x55/0x1e0 [ 2224.994162][ T4397] alloc_file_pseudo+0x13a/0x230 [ 2224.994201][ T4397] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2224.994243][ T4397] ? do_raw_spin_unlock+0x172/0x230 [ 2224.994285][ T4397] __anon_inode_getfile+0xe8/0x280 [ 2224.994321][ T4397] anon_inode_getfile_fmode+0x37/0xa0 [ 2224.994366][ T4397] __do_sys_fanotify_init+0x96d/0xc00 [ 2224.994413][ T4397] do_syscall_64+0xcd/0x490 [ 2224.994446][ T4397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2224.994473][ T4397] RIP: 0033:0x7f7c1eb8ebe9 [ 2224.994495][ T4397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2224.994523][ T4397] RSP: 002b:00007f7c1f9ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 2224.994549][ T4397] RAX: ffffffffffffffda RBX: 00007f7c1edb5fa0 RCX: 00007f7c1eb8ebe9 [ 2224.994568][ T4397] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 2224.994585][ T4397] RBP: 00007f7c1ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2224.994602][ T4397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2224.994618][ T4397] R13: 00007f7c1edb6038 R14: 00007f7c1edb5fa0 R15: 00007ffd33f45ca8 [ 2224.994654][ T4397] [ 2225.579302][ T4392] Process accounting resumed [ 2225.990238][ T4409] [ 2225.992585][ T4409] ====================================================== [ 2225.999590][ T4409] WARNING: possible circular locking dependency detected [ 2226.006606][ T4409] 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 Tainted: G U [ 2226.014925][ T4409] ------------------------------------------------------ [ 2226.021936][ T4409] syz.4.6504/4409 is trying to acquire lock: [ 2226.027905][ T4409] ffff88814377b6f8 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x103/0x400 [ 2226.037400][ T4409] [ 2226.037400][ T4409] but task is already holding lock: [ 2226.044761][ T4409] ffff88814377b1b8 (&q->q_usage_counter(io)#32){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 2226.056118][ T4409] [ 2226.056118][ T4409] which lock already depends on the new lock. [ 2226.056118][ T4409] [ 2226.066516][ T4409] [ 2226.066516][ T4409] the existing dependency chain (in reverse order) is: [ 2226.075518][ T4409] [ 2226.075518][ T4409] -> #3 (&q->q_usage_counter(io)#32){++++}-{0:0}: [ 2226.084132][ T4409] blk_alloc_queue+0x619/0x760 [ 2226.089603][ T4409] blk_mq_alloc_queue+0x172/0x280 [ 2226.095140][ T4409] __blk_mq_alloc_disk+0x29/0x120 [ 2226.100683][ T4409] loop_add+0x490/0xb70 [ 2226.105363][ T4409] loop_init+0x164/0x270 [ 2226.110209][ T4409] do_one_initcall+0x120/0x6e0 [ 2226.115492][ T4409] kernel_init_freeable+0x5c2/0x910 [ 2226.121258][ T4409] kernel_init+0x1c/0x2b0 [ 2226.126105][ T4409] ret_from_fork+0x5d7/0x6f0 [ 2226.131236][ T4409] ret_from_fork_asm+0x1a/0x30 [ 2226.136544][ T4409] [ 2226.136544][ T4409] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 2226.143765][ T4409] fs_reclaim_acquire+0x102/0x150 [ 2226.149331][ T4409] prepare_alloc_pages+0x162/0x610 [ 2226.154971][ T4409] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2226.161391][ T4409] __alloc_pages_noprof+0xb/0x1b0 [ 2226.166935][ T4409] pcpu_populate_chunk+0x110/0xb00 [ 2226.172566][ T4409] pcpu_alloc_noprof+0x86a/0x1470 [ 2226.178108][ T4409] bpf_map_alloc_percpu+0x9a/0x4b0 [ 2226.183742][ T4409] htab_map_alloc+0x10ca/0x1570 [ 2226.189108][ T4409] map_create+0x58f/0x1f80 [ 2226.194051][ T4409] __sys_bpf+0x44d2/0x4de0 [ 2226.198988][ T4409] __x64_sys_bpf+0x78/0xc0 [ 2226.203927][ T4409] do_syscall_64+0xcd/0x490 [ 2226.208958][ T4409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2226.215374][ T4409] [ 2226.215374][ T4409] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 2226.223098][ T4409] __mutex_lock+0x193/0x10b0 [ 2226.228206][ T4409] pcpu_alloc_noprof+0xb4c/0x1470 [ 2226.233754][ T4409] sbitmap_init_node+0x2fd/0x770 [ 2226.239233][ T4409] sbitmap_queue_init_node+0x41/0x560 [ 2226.245139][ T4409] blk_mq_init_tags+0x12d/0x2b0 [ 2226.250513][ T4409] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 2226.256576][ T4409] blk_mq_init_sched+0x30c/0x610 [ 2226.262036][ T4409] elevator_switch+0x1e1/0x7f0 [ 2226.267317][ T4409] elevator_change+0x2ac/0x400 [ 2226.272600][ T4409] elevator_set_default+0x2c4/0x360 [ 2226.278320][ T4409] blk_register_queue+0x393/0x4f0 [ 2226.283864][ T4409] __add_disk+0x74a/0xf00 [ 2226.288709][ T4409] add_disk_fwnode+0x13f/0x5d0 [ 2226.293992][ T4409] nbd_dev_add+0x783/0xbb0 [ 2226.298931][ T4409] nbd_init+0x181/0x320 [ 2226.303603][ T4409] do_one_initcall+0x120/0x6e0 [ 2226.308883][ T4409] kernel_init_freeable+0x5c2/0x910 [ 2226.314596][ T4409] kernel_init+0x1c/0x2b0 [ 2226.319463][ T4409] ret_from_fork+0x5d7/0x6f0 [ 2226.324572][ T4409] ret_from_fork_asm+0x1a/0x30 [ 2226.329950][ T4409] [ 2226.329950][ T4409] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 2226.337761][ T4409] __lock_acquire+0x12a6/0x1ce0 [ 2226.343132][ T4409] lock_acquire+0x179/0x350 [ 2226.348150][ T4409] __mutex_lock+0x193/0x10b0 [ 2226.353263][ T4409] elevator_change+0x103/0x400 [ 2226.358553][ T4409] elv_iosched_store+0x2eb/0x3a0 [ 2226.364012][ T4409] queue_attr_store+0x26b/0x310 [ 2226.369477][ T4409] sysfs_kf_write+0xef/0x150 [ 2226.374582][ T4409] kernfs_fop_write_iter+0x351/0x510 [ 2226.380381][ T4409] iter_file_splice_write+0x91c/0x1150 [ 2226.386367][ T4409] direct_splice_actor+0x192/0x6c0 [ 2226.391989][ T4409] splice_direct_to_actor+0x345/0xa30 [ 2226.397874][ T4409] do_splice_direct+0x174/0x240 [ 2226.403321][ T4409] do_sendfile+0xb06/0xe50 [ 2226.408252][ T4409] __x64_sys_sendfile64+0x1d8/0x220 [ 2226.413964][ T4409] do_syscall_64+0xcd/0x490 [ 2226.418983][ T4409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2226.425390][ T4409] [ 2226.425390][ T4409] other info that might help us debug this: [ 2226.425390][ T4409] [ 2226.435778][ T4409] Chain exists of: [ 2226.435778][ T4409] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#32 [ 2226.435778][ T4409] [ 2226.449523][ T4409] Possible unsafe locking scenario: [ 2226.449523][ T4409] [ 2226.456967][ T4409] CPU0 CPU1 [ 2226.462412][ T4409] ---- ---- [ 2226.467768][ T4409] lock(&q->q_usage_counter(io)#32); [ 2226.473144][ T4409] lock(fs_reclaim); [ 2226.479641][ T4409] lock(&q->q_usage_counter(io)#32); [ 2226.487530][ T4409] lock(&q->elevator_lock); [ 2226.492109][ T4409] [ 2226.492109][ T4409] *** DEADLOCK *** [ 2226.492109][ T4409] [ 2226.500238][ T4409] 6 locks held by syz.4.6504/4409: [ 2226.505352][ T4409] #0: ffff888078106428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30 [ 2226.515373][ T4409] #1: ffff88805b446888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 2226.525215][ T4409] #2: ffff88802546ba58 (kn->active#166){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 2226.535320][ T4409] #3: ffff88814379e368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: elv_iosched_store+0x337/0x3a0 [ 2226.545939][ T4409] #4: ffff88814377b1b8 (&q->q_usage_counter(io)#32){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 2226.557619][ T4409] #5: ffff88814377b1f0 (&q->q_usage_counter(queue)#26){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 2226.569576][ T4409] [ 2226.569576][ T4409] stack backtrace: [ 2226.575463][ T4409] CPU: 1 UID: 0 PID: 4409 Comm: syz.4.6504 Tainted: G U 6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(full) [ 2226.575493][ T4409] Tainted: [U]=USER [ 2226.575500][ T4409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2226.575512][ T4409] Call Trace: [ 2226.575521][ T4409] [ 2226.575530][ T4409] dump_stack_lvl+0x116/0x1f0 [ 2226.575552][ T4409] print_circular_bug+0x275/0x350 [ 2226.575578][ T4409] check_noncircular+0x14c/0x170 [ 2226.575604][ T4409] __lock_acquire+0x12a6/0x1ce0 [ 2226.575632][ T4409] lock_acquire+0x179/0x350 [ 2226.575656][ T4409] ? elevator_change+0x103/0x400 [ 2226.575683][ T4409] ? __pfx___might_resched+0x10/0x10 [ 2226.575704][ T4409] ? elevator_change+0x103/0x400 [ 2226.575729][ T4409] __mutex_lock+0x193/0x10b0 [ 2226.575749][ T4409] ? elevator_change+0x103/0x400 [ 2226.575774][ T4409] ? enable_work+0x245/0x340 [ 2226.575791][ T4409] ? __pfx_xa_find_after+0x10/0x10 [ 2226.575817][ T4409] ? __pfx___mutex_lock+0x10/0x10 [ 2226.575842][ T4409] ? blk_mq_cancel_work_sync+0xd8/0x110 [ 2226.575864][ T4409] ? __pfx_blk_mq_cancel_work_sync+0x10/0x10 [ 2226.575888][ T4409] ? elevator_change+0x103/0x400 [ 2226.575912][ T4409] elevator_change+0x103/0x400 [ 2226.575940][ T4409] elv_iosched_store+0x2eb/0x3a0 [ 2226.575968][ T4409] ? __pfx_elv_iosched_store+0x10/0x10 [ 2226.575998][ T4409] ? __mutex_trylock_common+0xe9/0x250 [ 2226.576023][ T4409] ? __pfx_elv_iosched_store+0x10/0x10 [ 2226.576051][ T4409] queue_attr_store+0x26b/0x310 [ 2226.576074][ T4409] ? __pfx_queue_attr_store+0x10/0x10 [ 2226.576102][ T4409] ? find_held_lock+0x2b/0x80 [ 2226.576120][ T4409] ? sysfs_file_kobj+0xe4/0x290 [ 2226.576142][ T4409] ? __pfx_queue_attr_store+0x10/0x10 [ 2226.576164][ T4409] sysfs_kf_write+0xef/0x150 [ 2226.576185][ T4409] kernfs_fop_write_iter+0x351/0x510 [ 2226.576203][ T4409] ? __pfx_sysfs_kf_write+0x10/0x10 [ 2226.576224][ T4409] iter_file_splice_write+0x91c/0x1150 [ 2226.576251][ T4409] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2226.576274][ T4409] ? __pfx_copy_splice_read+0x10/0x10 [ 2226.576298][ T4409] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2226.576319][ T4409] direct_splice_actor+0x192/0x6c0 [ 2226.576340][ T4409] splice_direct_to_actor+0x345/0xa30 [ 2226.576360][ T4409] ? __pfx_direct_splice_actor+0x10/0x10 [ 2226.576381][ T4409] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2226.576404][ T4409] do_splice_direct+0x174/0x240 [ 2226.576423][ T4409] ? __pfx_do_splice_direct+0x10/0x10 [ 2226.576442][ T4409] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2226.576467][ T4409] ? rw_verify_area+0xcf/0x6c0 [ 2226.576487][ T4409] do_sendfile+0xb06/0xe50 [ 2226.576509][ T4409] ? __pfx_do_sendfile+0x10/0x10 [ 2226.576528][ T4409] ? handle_mm_fault+0x2ab/0xd10 [ 2226.576549][ T4409] ? __x64_sys_futex+0x1e0/0x4c0 [ 2226.576572][ T4409] ? __x64_sys_futex+0x1e9/0x4c0 [ 2226.576596][ T4409] __x64_sys_sendfile64+0x1d8/0x220 [ 2226.576622][ T4409] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2226.576651][ T4409] do_syscall_64+0xcd/0x490 [ 2226.576672][ T4409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2226.576692][ T4409] RIP: 0033:0x7f12a498ebe9 [ 2226.576708][ T4409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2226.576728][ T4409] RSP: 002b:00007f12a5750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2226.576747][ T4409] RAX: ffffffffffffffda RBX: 00007f12a4bb6090 RCX: 00007f12a498ebe9 [ 2226.576760][ T4409] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 2226.576771][ T4409] RBP: 00007f12a4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2226.576784][ T4409] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 2226.576795][ T4409] R13: 00007f12a4bb6128 R14: 00007f12a4bb6090 R15: 00007ffe3ba409c8 [ 2226.576815][ T4409] [ 2226.987656][ T4417] netlink: 'syz.2.6508': attribute type 2 has an invalid length. [ 2227.072598][ T4411] random: crng reseeded on system resumption [ 2227.083261][T32418] ERROR: Out of memory at tomoyo_memory_ok. [ 2227.090065][ T36] ERROR: Out of memory at tomoyo_memory_ok. [ 2227.107098][ T4411] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff] [ 2227.115741][ T4411] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff] [ 2227.124162][ T4411] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff] [ 2227.138556][ T4411] PM: hibernation: Basic memory bitmaps created [ 2227.206585][ T4410] PM: hibernation: Basic memory bitmaps freed