last executing test programs: 19m47.015016586s ago: executing program 0 (id=471): syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000180)='/:$]\x00', 0x0) socket$nl_generic(0x11, 0x3, 0x10) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82800, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x8000d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x5, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000280)="e90500") prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x40009, 0x3, 0x19, 0xffffffffffffffff, 0x28000) madvise$auto(0x1f00000000000000, 0x2003f0, 0x15) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) getpid() mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttywd\x00', 0xc0200, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="1f91f2c3881f4610e18d", 0xa) 19m45.734468437s ago: executing program 0 (id=477): open(&(0x7f00000001c0)='./cgroup\x00', 0x800, 0x8a) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.9/usb28/power/runtime_status\x00', 0xa142, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x800, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f00000001c0)=""/185, 0xb9) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x8}) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) pipe2$auto(&(0x7f0000000040), 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000000)=""/188, 0xbc) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) socket(0x15, 0x4, 0x3) ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c00, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4f64a1d2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000005c0), r3) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4, @ANYBLOB="010027bd7000fedbdf2501000000040001804fc1cca1e1f4b6f8fe73d8500781d01c540ff75a1450be20f496953394af6974b5ca01aef452484a6795f9fd6b891b25c6879d44064fc74e9287af9146e09bd789a7ef5ad6503b0245366c15336a75c663b8526aea22a6500b272db00e4a8f784d7340cd5d6a1ff5909be217da846c8e4781540b81bc3d2d858d9b56a2d1a5f90464cb1d46f8e471df680719f82622324da40706dba2c7525590"], 0x18}, 0x1, 0x0, 0x0, 0x4104}, 0x10) 19m45.535470464s ago: executing program 0 (id=478): syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)={0x34, r2, 0x1, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_FEC_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_FEC_AUTO={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0xac8fe2812c61ec00) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, 0x0, 0x4, 0x8000040006) ptrace$auto(0xf, 0x0, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000080), r1) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x10, 0xffffffffffffff81, 0x7fa4826e, 0x19, 0x2, 0x100000001) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x141401, 0x0) clock_adjtime$auto(0xfffeffff, 0x0) 19m44.318035494s ago: executing program 0 (id=482): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x501900, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x9) socket(0x2, 0x1, 0x84) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x2000, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000020, 0xd95, 0x2}, 0x0, 0x7ffffffff000, 0x0) r2 = socket(0x15, 0x5, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) msgrcv$auto(0xff, &(0x7f00000000c0)={0x6, 0xd}, 0x2400000000, 0x6, 0x6bc2cc7d) ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) close_range$auto(0x2, 0x8, 0x0) 19m43.767572992s ago: executing program 0 (id=484): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="0000000000000000e51ad45ec3ba07a0b325dc33ab2c42e2d300c7634d0c73926bb9c81c55f3a459682b04b82b26018c86fffebe020000f8942ab051a0c0dc582be215d2351cc413906d8d3a250000000000144f7a545edb164a141baa57d61c7b5060022b3052a446a503b2a88a52d836842daff83b47de69dfe9fd7dc3258273f9552479afa98a798b2072ebe3dd14b1ac871a9f40a3a9267f7804b4ba4f7438c0361c1986ea3eadb64b336616a0f51a360b0ad7130bae1ab562966f619b1c3d612b50e2c785b6b0c0ab649c8d6b19", @ANYRES16, @ANYBLOB="01002abd7000fcdbdf251400000005000b00060000000c00018008000100", @ANYRES32=r1, @ANYBLOB="0800020008000000"], 0x30}, 0x1, 0x0, 0x0, 0x4089c}, 0x80) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/zram0/mm_stat\x00', 0x8900, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) keyctl$auto(0x17, 0x4, 0x7fffffffefff, 0x400, 0x0) r3 = socket(0x2c, 0x3, 0x0) getsockopt$auto_SO_DEBUG(r3, 0x4, 0x1, 0x0, 0x0) r4 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) r5 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000480), 0x76ada171f3b49e34, 0x0) ioctl$auto_SNAPSHOT_FREE(r5, 0x3305, 0x0) ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR32(r4, 0xc0844123, &(0x7f0000000c80)={0xfffff0de, @status={0xe93f, 0x0, 0x3, 0x806, 0x1, 0x2df, 0x7ff, 0xccf6}, @control={0x4}}) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)=""/233, 0xe9) rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x1402, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000440), 0x20000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000240), 0x880, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r6, 0x1, &(0x7f0000000140)="539d4671812c5770bc1f6b367d417f91acca6d5bc5433b08c9c80b915d3e95c5a2fec22ce2417d41ea52e548a61ad77b7a5b50fa578b8468a117b7206f34d4a2a9efb16685e278e8dd4c6e68723d36ce716ac67bf8840682f4d7c6f133201dd6f9a58da4873b39e7ae6e9b4514bc65792bd590e26c8dd13d5e65b00f8b4c6fc18810d4ff3a794f6bb4c2af873f4af4ec07b9860bdd5a19a458ba8c1dcd0862d2a2e6b2e319b0e672d128d97c2d1b8c1c75032bb992cc9c48cc482143e8ff9c8679e94496ac7c2b70") 19m41.810337544s ago: executing program 0 (id=487): r0 = open(0x0, 0x591083, 0x408) fanotify_init$auto(0xa9e, 0x311d) ioctl$auto(0xffffffffffffffff, 0x64c5, 0xffffffffffffffff) ioctl$auto_USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000140)=0x91d) pipe$auto(&(0x7f0000000040)) socket(0x1d, 0x2, 0x2) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x4000, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8081, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, 0x0, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_ATTACH_BPF(r1, 0x1, 0x32, &(0x7f0000000180)='/dev/mtd0\x00', 0x4) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x16, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 19m41.303216274s ago: executing program 32 (id=487): r0 = open(0x0, 0x591083, 0x408) fanotify_init$auto(0xa9e, 0x311d) ioctl$auto(0xffffffffffffffff, 0x64c5, 0xffffffffffffffff) ioctl$auto_USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000140)=0x91d) pipe$auto(&(0x7f0000000040)) socket(0x1d, 0x2, 0x2) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x4000, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8081, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, 0x0, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_ATTACH_BPF(r1, 0x1, 0x32, &(0x7f0000000180)='/dev/mtd0\x00', 0x4) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x16, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 7.613380386s ago: executing program 3 (id=5324): openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) ioctl$auto(0x3, 0x80004508, 0x10000000000402) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x101000, 0x0) r1 = gettid() setpriority$auto_PRIO_PROCESS(0x0, r1, 0x3) ioctl$auto_BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYBLOB="010527bd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="180002"], 0x34}, 0x1, 0x0, 0x0, 0x4028811}, 0x4080) sendmsg$auto_L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000002355aab531d8addc6fd17f0fd4257d9ef63d3b28f41d0069e61e238c26c3a05227490aac352a9421484df39c730c19f9cf5467a1376855cbbbd6b678cd58b22de187614504983b3dfea99418d498efd0a935ab34af0574b8c6523982c562893488db188625315a7624d9db38e84abf746c9c038c4401f9b36ce4a1953f88bfcc3b33d284384d68266f0ea3fafe37aa000000000000ffff26a635e3c9e31e5dfa62fa064dcd6d1e40204b8071f41a0e308bacc59e7a96f2a115e8a6d4799b5a9b1036bc671a91167a5c61f680c61ab15daf861880ca576e1ba087e7cd4d10b9a66dc69f663ef5434729bee84e14c0e0ee1715fa37", @ANYRES16=0x0, @ANYBLOB="010027bd7000fedbdf2507000000"], 0x14}, 0x1, 0x0, 0x0, 0x8108}, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x3, 0x1000df, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyx3\x00', 0x2200, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1000000000001, 0x948b, 0x3, 0x3ca6, 0xffffffffdfffffff, 0x3, 0x62, 0x84000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) setsockopt$auto_SO_DEBUG(r2, 0xe38, 0x1, &(0x7f0000000000)='/dev/audio1\x00', 0x5) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r3, 0x9, &(0x7f0000000180)="3f27587e2e230949f15206416584bb0334ef5c9dd230d03b7ddbfd35490dad1476275f04420e6ad5f3fedbad958722b4cd3ad2a6d6fd3d41eb3d03f85110c5648444d2e195c44688c8a4c807ae91b1ca82f92789bb7c2b3fdbb8c74aa53412ba5546eb6d166f0feee4a023e8077c02b9ecb51303f155373f6d182aa29f0260091acef25f2d4f0596c50ce6dcf3f7454f6cacf2f46332839201388a5878047acac1b753f30dbe09ecc74ed937c7d274325e", 0x9) msync$auto(0x0, 0xe0, 0x6) socket(0x15, 0x5, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0) pread64$auto(r4, &(0x7f0000000040)='veth1\x00', 0x200000000006, 0x8) 6.587940515s ago: executing program 3 (id=5328): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/ocfs2/max_locking_protocol\x00', 0xa2500, 0x0) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x521100, 0x0) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r0, &(0x7f0000008d40)='($}-)#@\x00', 0x3) 6.115722028s ago: executing program 3 (id=5331): r0 = socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x5, 0x1b, 0x93c, 0x1ffdc, 0x7, 0x2000000000000006, 0x2, 0x9, 0x6, 0x2, 0x8001, 0xae, 0x9, 0x922, 0x7, 0x5, 0x5, 0x3, 0xfffffffe, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioperm$auto(0x3, 0x8001, 0x2000000000000149) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000340)=@bpf_attr_4={0x3, r0, 0x40, r2}, 0x2) shmctl$auto(0xa0000000, 0x6, &(0x7f00000002c0)={{0x3, 0x0, 0x0, 0x0, 0x7, 0xd, 0xff}, 0x2, 0xffffffff80000001, 0x3ff, 0x800, @raw=0x61a, @inferred=0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0}) sendmsg$auto_IPVS_CMD_GET_DAEMON(r0, 0x0, 0x20000000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) r3 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r3, 0x29, 0x39, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x10) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) socket(0x11, 0x80003, 0x300) rt_sigqueueinfo$auto(0x0, 0xc74, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) 5.700172079s ago: executing program 1 (id=5336): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) (async) socket(0x2, 0x5, 0x0) (async) getsockopt$auto(0x5, 0x0, 0x7, &(0x7f0000000100)='ns/cgroup\x00', &(0x7f0000000140)=0x7) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/system/clockevents/clockevent0/current_device\x00', 0x80500, 0x0) openat$auto_null_fops_mem(0xffffffffffffff9c, 0x0, 0x80000, 0x0) (async) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0x1000df, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) (async) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) (async) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0x1c3481, 0x0) write$auto(r2, &(0x7f0000000180)='7\x00\x00\xec\x007\xfe(\xbd\xb0\x86\xe0K\xcf\xcf\x8d\xf2S6\x9e\x81\xcdc\xd7\x19-7\xc2\x89\x9d\x8cR`\xab6F\xd6O\x8b[\"\x80\xd0\xd2!\xc5\xdf\x8c&\xbd\x12\xb0\xa9v\vK\xfe+\xfb4\x02l\t5:a\xbf\xaf\xe3VX\x8d/l\f\xef\x1c\xc9\x13\xf6\x86\xb9N\xeeq\'\xb8\xb0\xa4\xd8\x94\xb8\xbc\b1\xc5\xb7\xca\x8e\x94\x0e\xc9\x99C\x97\xc2]\x80,\xaa\xf5\x17\xacn\x05\xbd\xdd\x89\x93\xb8\'\xc2f\xcf\x8d\xaa\x00\xd5\x91\x9f\x96\xc6\xa4\'N\xebE\x8b', 0x5) (async) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000001040), 0xffffffffffffffff) getsockopt$auto_SO_PREFER_BUSY_POLL(r0, 0x6, 0x45, &(0x7f00000010c0)='}h\x00', &(0x7f0000001100)=0x8) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x14) (async) r3 = gettid() rt_sigqueueinfo$auto(r3, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ptrace$auto_PTRACE_GETSIGMASK(0x420a, r5, 0x6e3, 0x1) (async) prlimit64$auto(r5, 0x8, &(0x7f0000001140)={0x0, 0xc9}, &(0x7f0000001180)={0x4, 0xfffffffffffffff8}) (async) r6 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r4) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x1e0, r6, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1c6, 0x1, 0x0, 0x1, [@nested={0x4, 0x6}, @typed={0x8, 0xc9, 0x0, 0x0, @pid}, @typed={0x8, 0xd2, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @generic="f3c1881feb99fe432d5fa89114591690f2efcbe9a7f87a8774637face20e7a821c481a653778aaf92185e8bfb092c2900920cca139540fd90efab653551552721f2b2889999ce801e47cfad8f735f702c852bd40e1ef6f259c36d7d8bc31748c903b1ceadd56ead8730d0e727f333855c6b3b286c779abbfff5f47e390b1336271492db0b266e2b8910bf339d4037a7dcf9c8a0669629580c65489f41db5adb59f53f3acd871444d9f34952c00ec9365f3dd", @nested={0xf9, 0x6, 0x0, 0x1, [@generic="486f4e7ae56277538ec4a72e319cc4bec5007b47d02e74262f5afe9a689e1dabe246ee018b5e5859bcf70d8f2930910d6571f47fccb40d4a3175f0924e59a71e6698955f3758d87bbffeb569d8df8e25cca9e444ab372529276021c689d870d20aff2a01f6377c612c076b2fe555f944ce17025121946428ce48c55aa1af845976234cc28b9a91ec10120c1b26ef58370d41ca0c03ad1203336e519b845a47a1607fbdab9791f78331c76ea0aa91a0ec5cf3f9b8c6c6abed70", @typed={0x14, 0x14, 0x0, 0x0, @ipv6=@local}, @typed={0x8, 0xa4, 0x0, 0x0, @uid}, @nested={0xc, 0x103, 0x0, 0x1, [@generic, @typed={0x8, 0x82, 0x0, 0x0, @uid}]}, @typed={0x14, 0x82e, 0x0, 0x0, @ipv6=@local}]}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x40}, 0x4) 5.630833628s ago: executing program 1 (id=5337): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3) read$auto(r3, &(0x7f0000000040)='nl80211\x00', 0xbe62) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000080)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20042084}, 0x2040881) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r5 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x88900, 0x0) readv$auto(r5, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000240)={r4, 0x5, 0x2}, 0x68, 0x0, 0x0, 0x8) ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0xfffffffffffffffc) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000100), 0x8880, 0x0) read$auto(r1, 0x0, 0x7e5) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) r6 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r6, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getpid() 5.33661806s ago: executing program 3 (id=5339): socket(0x11, 0x80003, 0x300) r0 = openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) pread64$auto(r0, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(0xffffffffffffffff, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000000fc0)={0x18, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) r3 = geteuid() keyctl$auto(0x1d, r3, r3, 0x0, 0x8) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r0, &(0x7f0000001b40)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x40881) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x2001, 0x0) pread64$auto(r1, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x78, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) 4.096101671s ago: executing program 2 (id=5342): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/yama/ptrace_scope\x00', 0x88c42, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = io_uring_setup$auto(0xc, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x0) sendmsg$auto_NFC_CMD_GET_SE(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40850}, 0x20000001) pread64$auto(r0, 0x0, 0x640, 0x2da5) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, 0x0, 0x6f3) write$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffffff, 0x0, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c5041, 0x0) 3.307379942s ago: executing program 2 (id=5343): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/dummy0/name_assign_type\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/213, 0xd5) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYRESOCT=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4000045}, 0x40011) 3.060926023s ago: executing program 2 (id=5345): r0 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6tnl0\x00'}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x10900, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48340, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000340), r1) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) mbind$auto(0x0, 0x2, 0x4, 0x0, 0x6, 0x2) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/arch_status\x00', 0x100, 0x0) read$auto_proc_single_file_operations_base(r2, &(0x7f0000000040)=""/58, 0x20) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/oom_adj\x00', 0xec1c2, 0x0) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000300), r1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/oops_count\x00', 0x149000, 0x0) sendmsg$auto_L2TP_CMD_NOOP(r1, &(0x7f0000000440)={&(0x7f0000000140), 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYRESOCT=r2, @ANYRES16=r4, @ANYBLOB="04002bbd7000fddbdf25000040006806f65087fe3c6b050007000900000006001a004e230000"], 0x2c}, 0x1, 0x0, 0x0, 0x20008010}, 0x8044) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=ANY=[@ANYRES16=r6, @ANYBLOB="2f212cbd7000fcdbdf2521000000080003", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4000000) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xfffffffffffffd08}, 0x1, 0x0, 0x0, 0x10}, 0x11) read$auto(r3, 0x0, 0x1f40) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x14, 0x100000001, 0x63, 0x0, 0x0, 0x0, 0x3, 0x1, 0xf2, 0x401, 0x7ffffff3, 0x5, 0x1000, 0x7, 0x61, 0x105}) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 3.014955418s ago: executing program 4 (id=5346): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x100000000) fcntl$auto(0x8000000000000001, 0x5, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x10e, 0x5, 0x0, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/dev_snmp6/gretap0\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0xf42c, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x7ff) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) write$auto_proc_pid_attr_operations_base(r3, &(0x7f0000000ec0)='9', 0x1) (fail_nth: 1) mmap$auto(0x10000000000, 0x20009, 0xdf, 0x400eb1, 0x401, 0x8000) poll$auto(0x0, 0x6, 0x8) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x9, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) read$auto(0x3, 0x0, 0x80) r4 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) socket(0x11, 0xa, 0x300) io_uring_enter$auto(r4, 0x7, 0x7ffffffb, 0x6, 0x0, 0x3) move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2) io_uring_enter$auto(0x3, 0x5, 0xff, 0x3, 0x0, 0x100) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) 2.905870123s ago: executing program 1 (id=5347): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x100000000) r0 = fcntl$auto(0x8000000000000001, 0x5, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r1, 0x10e, 0x5, 0x0, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/dev_snmp6/gretap0\x00', 0x0, 0x0) pread64$auto(r2, 0x0, 0xf42c, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x7ff) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) write$auto_proc_pid_attr_operations_base(r4, &(0x7f0000000ec0)='\x00', 0x1) mmap$auto(0x10000000000, 0x20009, 0xdf, 0x400eb1, 0x401, 0x8000) poll$auto(0x0, 0x6, 0x8) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x9, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) read$auto(r0, 0x0, 0x80) r5 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x5, 0x1000009, 0x4, 0x17, r1, 0x887) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) socket(0x11, 0xa, 0x300) io_uring_enter$auto(r5, 0x7, 0x7ffffffb, 0x6, 0x0, 0x3) move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2) io_uring_enter$auto(0x3, 0x5, 0xff, 0x3, 0x0, 0x100) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) 2.877424987s ago: executing program 2 (id=5348): unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$auto_ovs_ct_limit(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(0xffffffffffffffff, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000000fc0)={0x18, r0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) keyctl$auto(0x1d, 0x0, 0x0, 0x0, 0x8) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, 0x0, 0x40881) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x2001, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x78, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) writev$auto(r1, &(0x7f0000000280)={&(0x7f0000000180)="bf955582c6880b6636cb98e7fa8c9e6c893ff450af5f53573f343fc2f84a95fbff92436cc702c1c073b902b961ebdcc9bc4731f95068c8cbd8ce39552bfcc37fc2ff612de3c1c6799dbea4e9d5e1edbcdb9f9ead26d0d4199390b1a4bb38fd65dcb378ab0ba78379eccf48d5d689c362581791e138237b4cc44a6564665aaa0478e28362484d4e3438d5141f77b4ada9b7bcf9a40d74b2cd225982678da7fb1eaeeeedb9cf49f7b31ce7fde98839878e960a88bdda38e438f11044cd3b3b74889138eba5de9985f345fd51dca6ec7e4b9a19bed3834bfeab7854ba6e204b1f6d5c", 0x5bd}, 0xffffffffffffffc0) madvise$auto(0x0, 0x2003f0, 0x15) 2.462002693s ago: executing program 3 (id=5349): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000040), 0x1c, &(0x7f00000000c0)={0x0, 0x1a004}, 0x7, 0x0, 0x0, 0xb}, 0xfff}, 0x5, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/audit\x00', 0x20080, 0x0) read$auto_tomoyo_operations_securityfs_if(r1, 0x0, 0x0) pread64$auto(r1, 0x0, 0xb69c, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/auto_online_blocks\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000e80)=""/193, 0xc1) r3 = open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x5, &(0x7f0000000080)={0xffffffffffffffff, 0x6, 0xa, @raw}, 0xffff) ioctl$auto_CEC_TRANSMIT(r3, 0xc0386105, &(0x7f00000000c0)={0x6, 0x1, 0x0, 0x3, 0xb0c, 0x1, "37a54040fd1a5eaf4ced936047dde728", 0x6, 0x7, 0x2, 0x0, 0xac, 0x1, 0x6}) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), r3) syz_clone3(&(0x7f0000000400)={0x9002000, &(0x7f00000002c0), &(0x7f0000000300)=0x0, &(0x7f0000000340), {0x20}, &(0x7f0000000f80)=""/4096, 0x1000, &(0x7f0000000380)=""/45, &(0x7f00000003c0)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x4, {r3}}, 0x58) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_max_time_ms\x00', 0xb480, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)=""/268, 0x10c) sendmsg$auto_TIPC_NL_BEARER_SET(r3, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000480)={&(0x7f0000001f80)={0x17c8, r4, 0x4, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_NAME_TABLE={0x1530, 0x8, 0x0, 0x1, [@typed={0x9, 0xa6, 0x0, 0x0, @str='./{(\x00'}, @typed={0x8, 0xa9, 0x0, 0x0, @fd=r2}, @nested={0x210, 0x122, 0x0, 0x1, [@generic="5f81dc66ae3ebac4b6d7db52aa83e5531242e26c2ac8008e4c9635713b077db90b8d1c81bdb59fa195eda794369560fd15975fc2b5e4a41659554166d4fc4305f22cd32bb8886b3731c20cf1476d", @generic="6f86515ab69ef81de2bf26f875b3e16a9e5911d18899ce6a5f7bbc299a2fe5ce97967fb6a344e2b468342def7eb12235728719db0984b3b7c11001d2d146f584f75dddfee426502ef0dc41d40c82899de9496491da164a8e059c4c4879bcd8453a5fe6eca84966cb0eeac6f84d7748aab506fcbae8c9e2480596ce10fd40e2ce7a2fefaba6d88f1cfbdfb235dc2c113f7cad3ff5f427548aec2472c08386ab281ac4f5eccaea", @typed={0x8, 0xb9, 0x0, 0x0, @u32=0xc7e4}, @typed={0x8, 0x59, 0x0, 0x0, @fd=r3}, @generic="9db02a72d61a20eb038201d5d0011fcb8d22de3ce75daf2e0c1d8e284dcca41893c13351682d1294be123a680cbb4990e3d2ef6bcf191fccd8e1ed2eef3b1c477ae69d29c6ea8e59280f36dcaaa5059cf112129451459aa8a4394f3f6630cea267ff9922a1186a65b9eb0ca25171ad5009be5d3ed7349a3fd81c6d4188ad5fbf92e8ba97a173ed7126d3382db5233d6ca93025b4ae484c519792e634c86a3421c49605d4978b2ce846802abe36b48caebf2691de10", @nested={0x4, 0x11b}, @generic="cc2f54fadfb1b30da4844af632d85e1092e5d26f165b7e6ca2c0684cf1ea38d08a689544e509416dc98ee5b57acc7964c4bb6ed08c64d9ff7c43b394391728dd5395ca536f1cbafbc58324", @nested={0x4, 0xec}]}, @nested={0xb3, 0x81, 0x0, 0x1, [@nested={0x4, 0x4}, @nested={0x4, 0x8}, @typed={0x32, 0xbf, 0x0, 0x0, @str='/sys/devices/system/memory/auto_online_blocks\x00'}, @generic="207059bdc909538fea1ca5be44a817b223bea87f2e945106e53b3e92e1e375fb90cbb8ff5e5bd886bc81be0e2d73764eb5b343369189f6609fd2719b285f89f6965b66016e0cf15712e68f08935e252bd71ed6478a368537e21abbf70ea35d629a19f05c2d848a3ad00e9dafb557adb466afe3"]}, @typed={0x32, 0x3c, 0x0, 0x0, @str='/sys/devices/system/memory/auto_online_blocks\x00'}, @typed={0x4, 0x1}, @nested={0x121b, 0x10c, 0x0, 0x1, [@nested={0x4, 0x107}, @generic="9f89faa95107c95b05706e417086df545a7a130472b75aee0582d5c9c84a1d1caa470418d09e0995c321ec9cfc093fc3fd1cf3d0b8d0593d04cd603447c7fb8127d5cbff0e8f4414e1ecea080c7cdeba36098d599b0af34b3b0d67b1d2613d2022de0cde39256debd8e1e101c9f994211bcb68ea2602d310dc8aea338903cb0c5557eed90068d5213ac3dc2768a343d19e24172e8355a32f018c1c1b36095eba30785f199f44fde7b68f38079afcc5cc32f562b50603e018b8845972c13d41f566fdc4badc09853d77bca0c436b77466edae4c5b0c59ab2158cefd3588bc7077f8af29719fa48bbb1697ce0c0d7ec4e19c56f93a6e", @typed={0xe6, 0x3, 0x0, 0x0, @binary="625b1e1a35efab6f64f7bc0178e5575659765e97281dc7567f0e48a6ffcb66e67f27cb163c63fbadf04a6b8443d6baa1300239509777f6cae1b49a6976d3824021deb91401741533f456f42a8eb9d202cc8fc4848157bb44abc3c51e98b2c69680b1ce3abc06294fe3384a3e105c019a5f510382f6c4927be5a74f283cf740a51982054f71d92fe5dcda0cfd1aa4dd4159572aa7476a879b02e4b1f248e8defadc414b03ad78d706774ce62f2a5e777a8ab9692e3a91584580b825735f2ca5bc13c87a5bfb3c25f5313261a4c7f9e9885776776f46da8477cfb5db69d6377af2bf7d"}, @typed={0x4, 0x34}, @generic="b479371bfeab32f140cf3cfc8d4f17346dd8cbf704756f2e1754b4ead4639fc5848884a8513f6e4271d4", @generic="624c873517947b49616e7c12f7db2ae154fda2ea018d6faf78cd3a526af8ff35d47b2092aae58345524fa220a832c54a75474037f5707da95d56c7a255896ed5892117491b31078e1e921bf0fbc5d2ad74611754650d14075a7a1d45a6551c5295ce273f0793eb25453604a33675d60742336ce9aa3b4044e2a05e682e232ab5d6ae9b7deecfb9ffc4c79931e6cea59eb76c234185b398018b9b979c69c647685ffe431e619a263d58c1c6d7df306581fe1036d2bc1c952dcac4f5ddae65516fafafa5b2939202d27a7b4c91e495ce72420e32459b7d3ba6469f8d01a63b656a8e17afe143b13eb6fb71fe243531f103912f2fedf1323db941b6649515186fc7dee9dd3d402848de08b4d52f1f206564690d6ddf0415ca0305d1e574c2204cca85dfb8b881d0997c2d3daed6a864336d32c4a30a02f245007234b1fd3ec267b4f6e5ab37f4f7e96301b4af3e01edb18b9cdfa02592c231d2f5051142bc120136a9215262c0ea50eac1fbaa1f7ef7ed94485fafdcd9700abea78657e25d4a764a1d7527c3ddd5c9fa16e46cee2db3a582711a5a5f420d676cc65a484bff208babc8074f5b8cc4c3f40225fae9a0ebbc0cfadbe4eb6d8ad61e7efedb48dd2fa23fb1e3ed11deb937390b0c1e4c0856acbbf64ab18a6385daebb075588ddce742474a49867e2bcaa7991dc02a466bd476f6c2d3976806b7106b5bb785c69e902d2e298661624f96f936a2ca0dda0d845f494b55b89219a9ff8059fb7452cf0e0ed067ad1dcdff74520ad6d6ffc1c18c6a6691b09432ef9dcf44af1f7d7d12a5f1828567317cd5faf7bb6fa14c06b22997cb54bc6933bc9c4829d14325834859fc13d82414b8ba0d0b93407117091de7f355344b0b54ef2f99c8b7fb4e15187e2cc21069f159c15cb55c0e49a600152295ec915dad1d345b7f2750dd86c1789b882ea488647591499b86fee14b4410d2ceff0de05cb568a0cb1d6e206aa13fbd3e51da221aec7e59af1c5482a212bdb336e4721dcc984c1ffd19d96a754c70330c826a92c7a0591d849eb349a63e5c8186fab36d8a0b32c3cc3235b55d940db33cd6f506f1f9022df4692c218e64f704122c3e5f591d7ee4c3c3fb97a7bc405ef30ef9f1084b251b7c79fca58c58e89d8051de99f2b94b3a1a98aa63d7a5fd26f7f87d4191d7e32e53cab5ad43b2af04a883b1b45523ae13b43971d437621e21f176b531f9aa5c057a51dea67345a4adbd6521450319cd8410106426e6d9296ab17935ed048c2488acc70665d2f6794beb5f86b373f44c075d2891c046e5c37dd68bd13d95a1141dbe80db001c87ae2a27250d45aef637c21b918b10240856120977215f421d9fb88b8d19183fe9982c5187b18afef45c881856a2ac65ff5d34fe53599ae0aa6d151914fe4558a20015b57d9dc4f10aadc18a4af9fb95a65fe82d4e0203c817cff5b8cf58309ffd80c9bf37b2daf15f83d94b736708696c939944c30f2c7137d6b61ecfcf19e4af13ec1aea59ab7c6bd1ff072cef543369402ae4cb9a64181e84f2d33858d5aa427a731db9cc15a9988ff499ae813b74e243dd32d1091317a4b9a74a56037fae44e67e6b3dcb6dc412545b85d44c52f94253b27d24133f13028d1f8fe7e764e8a76693d04329c91ff32af3cc5be783e3e59c6bcd71c7b82f49ee43c2cdc9dec6f90e5b492b483b70523e5d4790c4018464e0ab3e004922fd690342565c02a31942ef4a683dc32cb3314c39814288682e5868c5ee61f0a2e3c05112e526a048ad7a21f22090b106b71406ec3c6af28407d03e88435a06013982544948882c453fa5792de83a2f5fb830b89b1326efc3d1debabe1b9a59ccc670b833f5a0f5091a271fca7db6e0dcc4bd57d4d0f839456654e21f6f847c214cd589559ebb76959290ebc625983825704ae2502508eeb669b7f6b74a13bfbe0eacc6845dc5cf109f6be755097131623096897d6b45eeaa3ceea3da8c642ed3b9ea2ed0d5827ad9aae1dfd4045cbe05f85f3da8b83a4abf0ae5cd5d8c4e84bba103217dbd82092b3693e944ee7f261cdcde5ca27c34a10140e51a00d1fe5c42e6cd57b9ae2537374628129e105f454c3bcbed1353ba83e87d42ada1c39e2bc7b9d8b9f90187a85b5ea7a35425751564962fc7ae3a76e7e72d70f7f87ef2cd47a8cb32c56d186a0e0cb5fa66ad519fb4f7714570dad398504d96b882a5099a717c58e943282d3f2fad6a0b0c46cc2458c122f9d089984c5a08775b1e1ed751c18732d270e8ce3e92e7666a989d0d496d2bfa9713a098b60b3bf1781815289b013c40409a207d398db4e981b5eefcedb11d928612f7c4ce397c33052b18199da29a074ca84d3a5ed35a4fdbbec5e510ab3f8ae936fdc4d6ad42ea0cc49f9ec1d7247d5111e01110f5028459eb1758632e5431f7bb2b3fbd7e0d79711b16f8923dc09585a6f980b350462763853d9d6b21553a28dd8dfb77317999db8fc3239f594fc8eb7dfb3b1f6b8fe4d67ee4ed674bbbe3cc8655e80b8c40fb1371c5ec2e44ad85738a7c0455ade03ccc4023c62e3e99e6287a553119ee72ed603866f7739c1dfbb39bcddd77b1923de020c069364ea3c8926b86b1956d871530fa6d376f08181234def72ae0f9d52a6a7baed0de08d68d1f0fdbda53456326eeadf2a30e83f08043df9cccddf6b1b41f615344875432f5dc54c10f410a6c6fa89c4f48c9b321d6c57cb2edcde8609cfe83e2f9f66260f1db1da08680c4283d6f4b4241065c80c9e088f1735a683d2db1325dd8c4312106cd761acec779acf83ba3fed71672da1bb65480fb4f5deaf5cf7b8c485bc3d34a13f0ebe82bef3fe901efea6c71250b830bfe5f07d42212596ddfec812998b88c70a3b845fa29515d4163cc69a9094edd6189095e1342202a3f01f1eb080a230a28f0be1d059593fa3c9e3e8008140bf19fd79f8d695f17858b7198ac43af680b0f075650c6f4f43fdea4beeb30f0275dc293f32e0cf4152b69556f829b0637e0c16f55df110e6acc23e86e7b1886d409538c2745e960fb5e8d9cff915706f435f01eb3351d2b8c6937c46beeb603ac1b380481013fef75777bee6973a08ad61aa74f14ff48d65fbbba1d5a33bb7d953262c4ecdf19682b92d60c588caf325618dc8120a87f965ab645c65af8d9017262a1eef4535c7b632ead2aa0eb883404612dad184e34cc91ef21e8942aebf5ca1ff2602b4abb863f1aa7c6d5fa17b1b0f5ba08c335b5160d1f1e0d7ead594d150a9e51b5c83bfcaeab4859bc3097fe3b45988cc9c7dd21bb914556fa8328c9a0a8b02270726e4bbcf6807a3baaa15d4f34ce2dd317bee2f8f2144e953806937853890a4275bc56d8cbbdc3912636ecd4f3e4177cfebb4def299d2e429ec7498cab6a3d73aa8df14b360c47ae9cb9b26dfd83a9be40345c4e5c96f393722e7502a7d0bdfc2ae7af696d8af72da23d5acc3f87beb6166fc704a571e826d97bb99d0bf99e79f4f81d01c93769ee393c910bb4423d9f3f247c8e1a40c9af670fa0b29af7794efe9e314b7918990be14c0cf64eb663fd365ec8ea0ccbfd73699faa0ac9dde09be63794698f7203e28a8d4be7a53c93e7ab0fe3c3ae65ea08dc56987a917dac7b1e9ef343be517be543df7b54e381b8207c41e8f5ea4f4730d3a27219f19919881924c7178b0cd29f5546fb13b3999c0a9c62ad35bde66ae6acd0ade15a322d35a739d13c66d201d0bfd0bf20e9f741503c9e0eb31a2e8a2c3b3085c9357ded769040db772f2a8e1a4aa8ea54b59b295b794020eb87d44bc7b7b0c4a30dd42336279f4be1d9cd2fa0d722968111ae270ec21fdcef471148e35e9264b78ed27aedc30a85f26efbe16bc2dfb3995e7a4e7e8a0363e924b2a5e406bf109a5e41698388a020da1bb63f5a076e03d5a3b8abae6b292b9b823d8387c1e4f9282e5337643d25d33f66fb347113f475c4b118f1dfe3bd975024accd379d08227e4a6a287200133a769ababe77b80facb057129e54fbb4f8a98985ab74be4451ddf6d1750b7cf8a516a314ef32b907a6d3479fb267bce6b5b63873a1fd8a4b111b0514c4e6c622a2c7dd84bb64fd5e80a29c62f662eabe47f05b7351ae290ce6c9be3aac098b394cb9fc73ebbac4396bca61c246b453b2fc6cbd8525124214489304d70c9cc9c4fc166b0110f6691500f8713aa73af50a983ef6286368a66a9aea0a1bf09cca19f7a7ad0aa36e1a4a67579ba54f78a810f9ae909d3e7f330b6b5f049ceef90b7b4e9af66c61429eb92d0d1e07ffa9b8e5ee7c710f4ab2897d70aba660b5d6951a9298257a6b25c41bb038afed094ed3042a79b14f210dedcc9181bd5091e6d800be61878d9a06732f13d7c0880968977da254b6636a258658c146a8d0609cf32cff71c123908dc1ca3aa09459cfac6944e3b1e1a08759d2631270b0273a999f514f45293c562b8bd532b65899fb70f5aae6502dc88d98bb95d8122048de1400dd020542d658948da461c94a765b294b732e360944a4be5c36535c647a4a60d91bc9877990247a593e27fc2ca0e2a8fe76fabafdd6e8bdc616f65a2b9f6f4f74c646fe11f7f92238658a83e14b6b2d3bd8cc11d63737de9e9f139dd4891cdfb9848828d91eb788281d6020fb2df867392b67d66f423318f3625c3ae2413d264904c6c849a1b022d420fe815acd6e78f5710adaa96d5dcab829d33e0b29dbcc5858f7987593bae3eda166effc0cce1ce93beae3132d72a1c684ca7118290b9209b758be0bf6be71938a2e65ff537fccc61fc782af45aa5271baf269f3cbbd0cd13d8449ac16129b4d4728c488a1071d5636a173f1f773f333ad537d21810bfc843020800beb3f45a767463025be9dd9c9f9868c8aee4b17d8df82579ac082d721f089d14bf8765dc6030a9afb17e207468ed102fb1a8eafc56a592d10f187a8cba03ed73fb83ae51b46b992bc22015a0ebbb7a17262a5232f1e2f49be8d55f7668792c985c1f1fb180a6a755f1b3e6f92b5f046aefe30fa9c71b164f807cac22c3642d2d87f389d2df35bce758a7c3330e243bcf1ad09568d6f0b099d4b6a3991ec19b7e54ddc78141f806fe45aa284dd52078736b313edef58006a8cea06da9738d6e150746f105af392e87818d3c477f733c9ce56a847ef0336d4c5b42a15e759b7ecfc1b6a6f6e22f3a257fd1a9110fbb63699cd23ff68dec9e6151a87e01e159729018cfde722478514052ae9a2792785d7e37511c69d69aeee01855b9106c96a48af1b7b0ce2128016b1696cec1c05a26b72d35248c1d873bac236b0815895d4fb3e51461984f821b1c60c627d52b1f16c9fcc51f57bf459d9db9a37023710c1f978caf733c891e879bf1ab7a06a95be9b0d29804e316b67cfefaa7b178a5c3d6ad6d3788a38c46ddd05dab0c83826f03fa8c13dfeb3244d876de5daf0f977e154b4eacf42bc18f3ec540978a5125efeefee1c2b7b1728bc55f8003a5b08657be0a5ed3c3b0b4f79fb9884513f05fe0f4523838d6373b72d742ab63f1dc83dc07d6b7e797d68ed8591a2342c1f87f133615a5ae522984161fecb32ca73ea07942bc953b011a0cecec5f2e436711b09f9aa57732ec46becb89e3d11bcf359d1e590cda1e7a451cbceae42805122b0cd4b1a8d596eecc6d57b73e26f753e29a14f4e81846f9f90e99cfb5cc95406b8fa09c5f2b1457ac7d8764233d108e6ad7231fd58df11f85dc1257e98787300fbbe9c4ce7c3e2cf134ae8823a42f1d890f4660a94848746513b0563e6d1b1c1a65c5e398464823ef4", @typed={0x8, 0x45, 0x0, 0x0, @uid}]}]}, @TIPC_NLA_NET={0x283, 0x7, 0x0, 0x1, [@typed={0x32, 0x4f, 0x0, 0x0, @str='/sys/devices/system/memory/auto_online_blocks\x00'}, @nested={0x18, 0x1c, 0x0, 0x1, [@typed={0x14, 0x33, 0x0, 0x0, @ipv6=@private0}]}, @generic="a62e0ede335fd9dee6cd481ec4f6c799965309577a589d8bca7e07371544b88a310ad52c5be49dfb49d9224d9e4692a4e17277f96dab911eae8ed690496621cc314a6b74eb4035ae312e49aeec518dc6eb4efb294f6382fd5760219d1a9bb94cb42b7fa466877aa9025ad4dea356f388d997e4e7e060af9cfab8911edf604b2b55b17f1c0a909735dab2ea23fe6ea94694c9be0d41d234b81a184defe39cd1e00139c4cdb9370ecdac2af740e571ffe8f62e9e71aa0a063160f352c42d1942c88f8b1d2aafc915a11b1a621e70b842053b6feb8ece0ba03ccdb624a64c1ec2964d56c57c15fa7b7e80b40454", @typed={0x8, 0x129, 0x0, 0x0, @pid=r5}, @typed={0x8, 0x4f, 0x0, 0x0, @pid}, @typed={0x59, 0xf4, 0x0, 0x0, @binary="007ea12178cca063bd0adb60dbf6d4ba35787f85b44f385e78acf4588789e7e77f9555b38f986a47cf3095f7a196805d505ba04195ad0163c7c2439501341709aaf9197e8092dbf52c34de24448f42774d1e386cc1"}, @generic="b7b86ab00ba0f4c40aa355a033277faf0c9ea1fd6aed6780c6c68871a5d2662eaa6c5c347c0666e0c5bb50f54e364e98bdd3c8784c74155c7bcfb511b0bce235dd1d99ea7d7e6d20c4e0a8cebb541b00b7665e194202096c012aaca23b615dfb5beea6ab8e9f31b67f1ac51d5f3d8e9122025cb68d6fb25e4f113178400ae81e3786169e86e12504b7016dd6373a60b85a276b923ce7380692cc28c594fe1425eb9273cba522bca442949920d31492acd43ce221f624c560358313b84692cce90ebfb4d4bb877e97447c7ce9ceb281036fb12414b26587cd6bf847"]}]}, 0x17c8}, 0x1, 0x0, 0x0, 0x8014}, 0x0) 1.512528408s ago: executing program 1 (id=5350): openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/workqueue/writeback/max_active\x00', 0x1a2b02, 0x0) write$auto(r0, &(0x7f0000000240)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\x03\x00\x00\x00\x00\x00\x00\x00\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x801) r1 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f00000089c0)='/sys/kernel/debug/netdevsim/netdevsim1/max_vfs\x00', 0x101000, 0x0) read$auto_nsim_dev_max_vfs_fops_dev(r1, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket(0x0, 0x3, 0x9) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x2, 0xffffffffffffffff, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) fstatfs$auto(0x3, 0x0) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r2, 0x7ab, 0x0) modify_ldt$auto(0x1, &(0x7f0000000340)="22eec1b1b9617bd6065487c037389b9f7aae83a6aef856464740e870ad613e168032ae942f4fe0fd93f2c7628978a65ea8c0eb7944037a4a9e4b76f739e84f86f4f96016835ae1ca6ec456a72164f0846de7dfacc62a63a1fd375c634741c83a55a9de1b323b5771603368c65e2e4328306a17f40bd8c03c0be9832eed738ff3e89f21bab50d1908be13914e3f5e378fe01fbe4f5991e4fd88106bba96e11606280eef4bdee01fa0a9e743ebfd1b60", 0x5) close_range$auto(0x2, 0x8, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon37\x00', 0x501280, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg1\x00', 0xa242, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) sendfile$auto(r3, r3, 0x0, 0x7) 1.389337203s ago: executing program 4 (id=5351): r0 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x40, 0x0) pread64$auto(r0, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/allop_area/format\x00\x00\x00\x00\x00\x00\x0f:\xe23j\xb2\x93\x99\r\x02\xd0f\x87Wz\x1b\xc7\x9f\x0f7\xe8\x94\xac(,\x03\x03\xff\xc4*o\xcbf\xe4\x8a\x10\xf3\x7fA\x02:Y\xcf\x1b\x8e\x91%\x00\xf9\xff6\xa6\\\x80\x0f\xfa\xd4\xec\xa6\x0e\x1c,\'\\Aq\xae\x8e\x9c_ \x0f\v\xd3\xcb\xe4\"\xf2\x95\x8e\xc0q\x03;\x16\x84apq\xb4\x88o\xe2\x8c\xb2\xbf\x18z\xee\x8f\x05\x84\xdb\xcbP\xfa\xcec\xa4\xec\xd3\xa9[\x91xV\xd5g\xdf)\xfbJ\xaeNI\x13o\xb8\x98\xc9\x06yP>N\xe7\xf4e\xc2\x97\x02_\xeaV\xc9Vk\xaff\v\xc7\x7f\xdc\xd4\xca\xcf\x94\xb6\x1dK\xc0\xdd\x83w\xe0\x8dx\f\x17>\xa1\riQ\xb7\x03=1\xb7\xed\x1e&t\xffHx>\xc9\xac\x17/\x16\x92y\x87\xc6\x90\x8c\xcb\x86H5\n\xa2\xe8\x03\x92\xc3\xa9\xfb\x9eh\xec\xa9\x8d\xb80\x86\xa6\xa5\xd4I\xfe\xc6]F\xbe\xa0\xda\xa2\x13\xc6\xfb\xe6\xee\xf4Z,\x10\x10C0\x8b\xfd\xfb\xee\x93\x125\xfe\xc4z\"\xc6=Z\xacM\x14\x8f?w\x88S;eNL\xcd.(\xccT\xfaI\a\x1c\xb5\x8d\xf8\xccd\x1f\x1b\xb48\xb1\xbc\xfb\x13f\xa5\xd2\xfb\x17\xff\xe8\xd9\b3\x95\xa7\x85\xb1\x98\xd0\xcf\xbf=\xf7\xd0q1\b\xd2|\xc1B\xcc#5', 0xffffffff, 0x7) 1.387496848s ago: executing program 3 (id=5352): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/scsi/sg/def_reserved_size\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000300)=""/236, 0xec) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xb00, 0x0) pread64$auto(r1, 0x0, 0xf469, 0x3) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101502, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) r2 = openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f00000000c0), 0x86c40, 0x0) read$auto_lowpan_control_fops_6lowpan(r2, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2b, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_FS_IOC_FIEMAP(r3, 0xc020660b, 0x9) unshare$auto(0x40000080) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0xfffffdef) r4 = socket(0x10, 0x2, 0x0) r5 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000b00)={0x14, r5, 0xf1b, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0xa6ff, 0x0, 0x44040}, 0x8040) 1.32787113s ago: executing program 4 (id=5353): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/dummy0/name_assign_type\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/213, 0xd5) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYRESOCT=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4000045}, 0x40011) 1.254266819s ago: executing program 2 (id=5354): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x23, 0x5, 0x2009, 0x0, 0x0) r2 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/self/numa_maps\x00', 0x600000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x196, 0x400008, 0xdf, 0x9b72, 0x2, 0x8001) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r3, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(r3, 0x8926, r3) read$auto_proc_sessionid_operations_base(r2, &(0x7f00000000c0)=""/4096, 0x1000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0xfffffffffffffffd, 0x2003f0, 0xffffff04) madvise$auto(0x0, 0x200007, 0x419) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001140)=ANY=[@ANYRESDEC=r4, @ANYRES16=r3, @ANYRES64=0x0, @ANYRESHEX=r1, @ANYRES64=r4], 0x124c}, 0x1, 0x0, 0x0, 0x24008002}, 0x24000880) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) syz_open_procfs$namespace(0x0, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x40, 0x0, 0xfffffffffffffffd) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/can/rcvlist_sff\x00', 0x400, 0x0) pread64$auto(r5, 0x0, 0x101fb, 0x8800000005) 1.198068142s ago: executing program 1 (id=5355): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x40000, 0x0) readv$auto(r0, &(0x7f0000004d80)={&(0x7f0000004cc0), 0x73a5}, 0x4) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) socket(0x2, 0x1, 0x106) r1 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000001080)='\xcb:\x00', 0x2) 1.041191594s ago: executing program 4 (id=5356): mmap$auto(0x2, 0x2020009, 0x8000000000000003, 0x11, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe4800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) r2 = fcntl$auto(r1, 0x402, 0x8000007fffffdf) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getdents$auto(r3, 0x0, 0x101) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r4, 0x4, 0x7ff) ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r4, 0xf72, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) mmap$auto(0x0, 0x68, 0x3, 0x8012, 0x3, 0x82000000) r5 = set_tid_address$auto(0x0) syz_open_procfs$namespace(r5, &(0x7f0000000080)) msgctl$auto_IPC_STAT(0x4, 0x2, &(0x7f0000000280)={{0x8, 0xee01, 0x0, 0x6, 0x3, 0x10000, 0x5}, &(0x7f0000000200)=0x2, &(0x7f0000000240)=0x41, 0x6, 0x3, 0x989, 0x40232dde, 0x3, 0x2, 0x7, 0x1, @inferred, @inferred=r5}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r6 = getsockopt$auto(0x3, 0x200000000001, 0x3b, 0x0, 0x0) sendmsg$auto_TIPC_NL_BEARER_ADD(r6, &(0x7f0000001b00)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x44) sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f0000001b80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001b40)={&(0x7f0000001a80)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6, 0x6, 0x81}, @GTPA_I_TEI={0x8, 0x8, 0x40}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x804) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f00000000c0)={0x2, 0x87e}) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r7, 0x4b4a, 0x9) 723.370942ms ago: executing program 1 (id=5357): syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, 0x0, 0x20004000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_IEEE802154_LLSEC_LIST_DEV(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x58, r1, 0xe91, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LBT_ENABLED={0x5}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x4}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, 0x401}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x5}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x8}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0x98b}, @IEEE802154_ATTR_CAPABILITY={0x5, 0x11, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x24040091}, 0x4) shmdt$auto(0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mincore$auto(0x1000, 0x4000000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x7, 0x4, 0x4, 0x13, r2, 0x6) r3 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r2) sendmsg$auto_TCP_METRICS_CMD_DEL(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)={0x14, r3, 0x901, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) 620.949954ms ago: executing program 4 (id=5358): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/spi/drivers_autoprobe\x00', 0xca481, 0x0) write$auto(r0, &(0x7f00000000c0)='\x14\xf4\xb6\xc6\x97\xdb\x18B\f\xef\x1dQZ\xa66\xe7\x06\\\xe0)+\x86\xa7\x9bv\xe1\x18\xf5\x83\b\x11\x19\xdd\x1c', 0x8) setsockopt$auto(0x3, 0x81, 0x1, 0x0, 0x83) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x7, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x5, 0x0, 0xa, 0x22004, 0x200, 0xffffff28, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffd, 0x0, 0xffff, 0x10, 0x0, 0x7f, 0x10000, 0x0, 0x0, 0x0, 0x6, 0x0, 0x200000000000000, 0xfffffffffffffffd]}, 0x1fe, 0x9) r1 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x20040001) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x3, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netfilter/nfnetlink_queue\x00', 0x101000, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x12d280, 0x0) r3 = clone$auto(0x7fff, 0x200, 0x0, 0x0, 0xf) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x9, 0x2, r3, 0x9, 0x10001) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r4 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r4, 0x29, 0xd1, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) r5 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f00000000c0)=@bpf_attr_7={@map_id=0x3, 0x0, 0x9, 0xffffffffffffffff}, 0x3) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="08002cbd7000ffdbdf2521000000080009003b00000008003700040000000500d300040000000800c3008000000004827685008c00"], 0x38}, 0x1, 0x0, 0x0, 0x40000000}, 0x44000010) socket$nl_generic(0x10, 0x3, 0x10) 105.719546ms ago: executing program 2 (id=5359): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) write$auto(r1, &(0x7f0000000300)='N\x00\xf9\xa06\x8c]\x8b\x12\xfa\b\x1c\xc7k\x06\xf36Y\x8c\xcb\xf56\xc4\x11h;F\x0f\b\xa9\xa9[\xb4\xde\x00\x00\x97!\xfa\xa6\xd6?\x1c [ 1346.769341][ T30] audit: type=1800 audit(4294967385.082:17): pid=26355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5060" name="dbroot" dev="configfs" ino=102845 res=0 errno=0 [ 1347.136525][T26376] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5065'. [ 1347.175870][T15490] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 1347.857220][T26390] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5068'. [ 1348.058424][T26395] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5070'. [ 1348.421147][T26401] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5072'. [ 1348.514609][T26399] FAULT_INJECTION: forcing a failure. [ 1348.514609][T26399] name failslab, interval 1, probability 0, space 0, times 0 [ 1348.536072][T26399] CPU: 1 UID: 0 PID: 26399 Comm: syz.1.5071 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1348.536115][T26399] Tainted: [U]=USER [ 1348.536124][T26399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1348.536138][T26399] Call Trace: [ 1348.536146][T26399] [ 1348.536156][T26399] dump_stack_lvl+0x16c/0x1f0 [ 1348.536195][T26399] should_fail_ex+0x512/0x640 [ 1348.536233][T26399] should_failslab+0xc2/0x120 [ 1348.536257][T26399] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1348.536292][T26399] ? __pfx___vma_enter_locked+0x10/0x10 [ 1348.536325][T26399] ? vm_area_dup+0x27/0x8d0 [ 1348.536358][T26399] vm_area_dup+0x27/0x8d0 [ 1348.536390][T26399] dup_mmap+0x877/0x21d0 [ 1348.536425][T26399] ? __pfx_dup_mmap+0x10/0x10 [ 1348.536454][T26399] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1348.536492][T26399] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1348.536528][T26399] ? __pfx___might_resched+0x10/0x10 [ 1348.536554][T26399] ? mm_init+0xd68/0x13f0 [ 1348.536582][T26399] copy_process+0x4081/0x76a0 [ 1348.536610][T26399] ? preempt_schedule_thunk+0x16/0x30 [ 1348.536647][T26399] ? __pfx_copy_process+0x10/0x10 [ 1348.536675][T26399] ? plist_check_head+0xa3/0x150 [ 1348.536701][T26399] ? futex_wake+0x456/0x530 [ 1348.536736][T26399] ? futex_private_hash_put+0xc7/0x240 [ 1348.536766][T26399] kernel_clone+0xfc/0x960 [ 1348.536795][T26399] ? __pfx_futex_wake+0x10/0x10 [ 1348.536828][T26399] ? __pfx_kernel_clone+0x10/0x10 [ 1348.536856][T26399] ? __pfx_vfs_writev+0x10/0x10 [ 1348.536895][T26399] __do_sys_clone+0xce/0x120 [ 1348.536925][T26399] ? __pfx___do_sys_clone+0x10/0x10 [ 1348.536969][T26399] ? xfd_validate_state+0x61/0x180 [ 1348.537001][T26399] ? __pfx_do_writev+0x10/0x10 [ 1348.537036][T26399] do_syscall_64+0xcd/0x490 [ 1348.537072][T26399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1348.537097][T26399] RIP: 0033:0x7f399138e929 [ 1348.537117][T26399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1348.537140][T26399] RSP: 002b:00007f398f1f5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1348.537165][T26399] RAX: ffffffffffffffda RBX: 00007f39915b5fa0 RCX: 00007f399138e929 [ 1348.537182][T26399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1348.537197][T26399] RBP: 00007f3991410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1348.537211][T26399] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1348.537226][T26399] R13: 0000000000000000 R14: 00007f39915b5fa0 R15: 00007ffd91261538 [ 1348.537250][T26399] [ 1349.405089][T26429] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5078'. [ 1349.545932][T26433] netlink: 252 bytes leftover after parsing attributes in process `syz.4.5080'. [ 1349.588529][T26433] netlink: 252 bytes leftover after parsing attributes in process `syz.4.5080'. [ 1349.589237][T26437] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1349.621846][T26437] CPU: 0 UID: 0 PID: 26437 Comm: syz.2.5082 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1349.621892][T26437] Tainted: [U]=USER [ 1349.621901][T26437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1349.621917][T26437] Call Trace: [ 1349.621926][T26437] [ 1349.621936][T26437] dump_stack_lvl+0x16c/0x1f0 [ 1349.621980][T26437] sysfs_warn_dup+0x7f/0xa0 [ 1349.622014][T26437] sysfs_create_dir_ns+0x24b/0x2b0 [ 1349.622049][T26437] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1349.622083][T26437] ? kobject_add_internal+0x25b/0x9b0 [ 1349.622109][T26437] ? lock_release+0x201/0x2f0 [ 1349.622143][T26437] ? nfs_netns_namespace+0xd/0x40 [ 1349.622171][T26437] kobject_add_internal+0x2c4/0x9b0 [ 1349.622198][T26437] kobject_init_and_add+0x11b/0x190 [ 1349.622224][T26437] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1349.622260][T26437] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1349.622290][T26437] nfs_net_init+0x10a/0x340 [ 1349.622322][T26437] ? __pfx_nfs_net_init+0x10/0x10 [ 1349.622352][T26437] ops_init+0x1df/0x5f0 [ 1349.622377][T26437] setup_net+0x1ff/0x510 [ 1349.622399][T26437] ? lockdep_init_map_type+0x5c/0x280 [ 1349.622434][T26437] ? __pfx_setup_net+0x10/0x10 [ 1349.622455][T26437] ? __raw_spin_lock_init+0x3a/0x110 [ 1349.622493][T26437] ? debug_mutex_init+0x37/0x70 [ 1349.622521][T26437] copy_net_ns+0x2a6/0x5f0 [ 1349.622549][T26437] create_new_namespaces+0x3ea/0xa90 [ 1349.622591][T26437] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1349.622623][T26437] ksys_unshare+0x45b/0xa40 [ 1349.622660][T26437] ? __pfx_ksys_unshare+0x10/0x10 [ 1349.622692][T26437] ? __pkru_allows_pkey+0x41/0xb0 [ 1349.622727][T26437] ? do_user_addr_fault+0x843/0x1370 [ 1349.622766][T26437] __x64_sys_unshare+0x31/0x40 [ 1349.622799][T26437] do_syscall_64+0xcd/0x490 [ 1349.622837][T26437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1349.622864][T26437] RIP: 0033:0x7f367bf8e929 [ 1349.622884][T26437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1349.622909][T26437] RSP: 002b:00007f367ce70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1349.622936][T26437] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1349.622955][T26437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1349.622972][T26437] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1349.622988][T26437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1349.623004][T26437] R13: 0000000000000001 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1349.623028][T26437] [ 1349.623053][T26437] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1350.283476][T26446] FAULT_INJECTION: forcing a failure. [ 1350.283476][T26446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1350.310602][T26446] CPU: 0 UID: 0 PID: 26446 Comm: syz.3.5083 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1350.310643][T26446] Tainted: [U]=USER [ 1350.310652][T26446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1350.310666][T26446] Call Trace: [ 1350.310674][T26446] [ 1350.310682][T26446] dump_stack_lvl+0x16c/0x1f0 [ 1350.310720][T26446] should_fail_ex+0x512/0x640 [ 1350.310756][T26446] _copy_from_user+0x2e/0xd0 [ 1350.310779][T26446] do_fcntl+0xba2/0x15a0 [ 1350.310804][T26446] ? __pfx_do_fcntl+0x10/0x10 [ 1350.310839][T26446] ? tomoyo_file_fcntl+0x6c/0xc0 [ 1350.310864][T26446] __x64_sys_fcntl+0x163/0x200 [ 1350.310890][T26446] do_syscall_64+0xcd/0x490 [ 1350.310925][T26446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1350.310948][T26446] RIP: 0033:0x7feab158e929 [ 1350.310967][T26446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1350.310991][T26446] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 1350.311015][T26446] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1350.311033][T26446] RDX: 0000000000000008 RSI: 0000000000000026 RDI: 8000000000000001 [ 1350.311048][T26446] RBP: 00007feab23b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1350.311063][T26446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1350.311078][T26446] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1350.311102][T26446] [ 1351.074992][T15490] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1351.231612][T26464] FAULT_INJECTION: forcing a failure. [ 1351.231612][T26464] name failslab, interval 1, probability 0, space 0, times 0 [ 1351.293989][T26464] CPU: 0 UID: 0 PID: 26464 Comm: syz.3.5086 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1351.294015][T26464] Tainted: [U]=USER [ 1351.294020][T26464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1351.294029][T26464] Call Trace: [ 1351.294034][T26464] [ 1351.294040][T26464] dump_stack_lvl+0x16c/0x1f0 [ 1351.294065][T26464] should_fail_ex+0x512/0x640 [ 1351.294087][T26464] should_failslab+0xc2/0x120 [ 1351.294102][T26464] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1351.294123][T26464] ? print_track+0x11/0x50 [ 1351.294137][T26464] ? anon_vma_fork+0x200/0x620 [ 1351.294157][T26464] anon_vma_fork+0x200/0x620 [ 1351.294177][T26464] dup_mmap+0x152e/0x21d0 [ 1351.294197][T26464] ? __pfx_dup_mmap+0x10/0x10 [ 1351.294213][T26464] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1351.294236][T26464] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1351.294256][T26464] ? __pfx___might_resched+0x10/0x10 [ 1351.294272][T26464] ? mm_init+0xd68/0x13f0 [ 1351.294289][T26464] copy_process+0x4081/0x76a0 [ 1351.294305][T26464] ? __pfx___futex_wait+0x10/0x10 [ 1351.294329][T26464] ? __pfx_copy_process+0x10/0x10 [ 1351.294346][T26464] ? lock_release+0x201/0x2f0 [ 1351.294367][T26464] kernel_clone+0xfc/0x960 [ 1351.294385][T26464] ? __pfx_kernel_clone+0x10/0x10 [ 1351.294407][T26464] __do_sys_clone+0xce/0x120 [ 1351.294424][T26464] ? __pfx___do_sys_clone+0x10/0x10 [ 1351.294445][T26464] ? xfd_validate_state+0x61/0x180 [ 1351.294464][T26464] ? __pfx_do_writev+0x10/0x10 [ 1351.294492][T26464] do_syscall_64+0xcd/0x490 [ 1351.294514][T26464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1351.294528][T26464] RIP: 0033:0x7feab158e929 [ 1351.294539][T26464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1351.294553][T26464] RSP: 002b:00007feab23b2fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1351.294567][T26464] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1351.294577][T26464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1351.294585][T26464] RBP: 00007feab1610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1351.294594][T26464] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1351.294602][T26464] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1351.294615][T26464] [ 1351.795904][T26488] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1351.814027][T26488] CPU: 1 UID: 0 PID: 26488 Comm: syz.2.5094 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1351.814076][T26488] Tainted: [U]=USER [ 1351.814086][T26488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1351.814101][T26488] Call Trace: [ 1351.814110][T26488] [ 1351.814121][T26488] dump_stack_lvl+0x16c/0x1f0 [ 1351.814165][T26488] sysfs_warn_dup+0x7f/0xa0 [ 1351.814199][T26488] sysfs_create_dir_ns+0x24b/0x2b0 [ 1351.814233][T26488] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1351.814280][T26488] ? kobject_add_internal+0x25b/0x9b0 [ 1351.814307][T26488] ? lock_release+0x201/0x2f0 [ 1351.814340][T26488] ? nfs_netns_namespace+0xd/0x40 [ 1351.814368][T26488] kobject_add_internal+0x2c4/0x9b0 [ 1351.814396][T26488] kobject_init_and_add+0x11b/0x190 [ 1351.814421][T26488] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1351.814457][T26488] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1351.814489][T26488] nfs_net_init+0x10a/0x340 [ 1351.814521][T26488] ? __pfx_nfs_net_init+0x10/0x10 [ 1351.814552][T26488] ops_init+0x1df/0x5f0 [ 1351.814576][T26488] setup_net+0x1ff/0x510 [ 1351.814598][T26488] ? lockdep_init_map_type+0x5c/0x280 [ 1351.814633][T26488] ? __pfx_setup_net+0x10/0x10 [ 1351.814655][T26488] ? __raw_spin_lock_init+0x3a/0x110 [ 1351.814704][T26488] ? debug_mutex_init+0x37/0x70 [ 1351.814732][T26488] copy_net_ns+0x2a6/0x5f0 [ 1351.814759][T26488] create_new_namespaces+0x3ea/0xa90 [ 1351.814792][T26488] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1351.814822][T26488] ksys_unshare+0x45b/0xa40 [ 1351.814856][T26488] ? __pfx_ksys_unshare+0x10/0x10 [ 1351.814890][T26488] ? xfd_validate_state+0x61/0x180 [ 1351.814929][T26488] __x64_sys_unshare+0x31/0x40 [ 1351.814970][T26488] do_syscall_64+0xcd/0x490 [ 1351.815010][T26488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1351.815037][T26488] RIP: 0033:0x7f367bf8e929 [ 1351.815058][T26488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1351.815084][T26488] RSP: 002b:00007f367ce70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1351.815110][T26488] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1351.815129][T26488] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1351.815145][T26488] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1351.815162][T26488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1351.815178][T26488] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1351.815203][T26488] [ 1351.815252][T26488] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1351.852363][T26485] zswap: compressor 000 not available [ 1351.854858][T26489] FAULT_INJECTION: forcing a failure. [ 1351.854858][T26489] name failslab, interval 1, probability 0, space 0, times 0 [ 1352.154902][T26489] CPU: 1 UID: 0 PID: 26489 Comm: syz.3.5092 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1352.154941][T26489] Tainted: [U]=USER [ 1352.154949][T26489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1352.154966][T26489] Call Trace: [ 1352.154974][T26489] [ 1352.154982][T26489] dump_stack_lvl+0x16c/0x1f0 [ 1352.155021][T26489] should_fail_ex+0x512/0x640 [ 1352.155056][T26489] should_failslab+0xc2/0x120 [ 1352.155080][T26489] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1352.155111][T26489] ? rcu_is_watching+0x12/0xc0 [ 1352.155137][T26489] ? alloc_pipe_info+0x10e/0x590 [ 1352.155160][T26489] alloc_pipe_info+0x10e/0x590 [ 1352.155183][T26489] splice_direct_to_actor+0x77d/0xa30 [ 1352.155215][T26489] ? __pfx_direct_splice_actor+0x10/0x10 [ 1352.155248][T26489] ? __pfx_aa_file_perm+0x10/0x10 [ 1352.155281][T26489] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1352.155312][T26489] ? lock_release+0x201/0x2f0 [ 1352.155347][T26489] do_splice_direct+0x174/0x240 [ 1352.155377][T26489] ? __pfx_do_splice_direct+0x10/0x10 [ 1352.155408][T26489] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1352.155438][T26489] ? bpf_lsm_file_permission+0x9/0x10 [ 1352.155465][T26489] ? security_file_permission+0x71/0x210 [ 1352.155498][T26489] ? rw_verify_area+0xcf/0x680 [ 1352.155530][T26489] do_sendfile+0xb06/0xe50 [ 1352.155565][T26489] ? __pfx_do_sendfile+0x10/0x10 [ 1352.155595][T26489] ? __fget_files+0x20e/0x3c0 [ 1352.155635][T26489] __x64_sys_sendfile64+0x1d8/0x220 [ 1352.155658][T26489] ? ksys_write+0x1ac/0x250 [ 1352.155690][T26489] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1352.155717][T26489] do_syscall_64+0xcd/0x490 [ 1352.155749][T26489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1352.155771][T26489] RIP: 0033:0x7feab158e929 [ 1352.155790][T26489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1352.155812][T26489] RSP: 002b:00007feab2392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1352.155835][T26489] RAX: ffffffffffffffda RBX: 00007feab17b6080 RCX: 00007feab158e929 [ 1352.155850][T26489] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 1352.155864][T26489] RBP: 00007feab2392090 R08: 0000000000000000 R09: 0000000000000000 [ 1352.155879][T26489] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 1352.155894][T26489] R13: 0000000000000000 R14: 00007feab17b6080 R15: 00007ffef4e1a288 [ 1352.155916][T26489] [ 1352.399928][ C1] vkms_vblank_simulate: vblank timer overrun [ 1352.428255][T26484] can: request_module (can-proto-0) failed. [ 1352.461711][T26492] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1352.472222][T26492] CPU: 1 UID: 0 PID: 26492 Comm: syz.2.5094 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1352.472263][T26492] Tainted: [U]=USER [ 1352.472272][T26492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1352.472287][T26492] Call Trace: [ 1352.472296][T26492] [ 1352.472305][T26492] dump_stack_lvl+0x16c/0x1f0 [ 1352.472403][T26492] sysfs_warn_dup+0x7f/0xa0 [ 1352.472430][T26492] sysfs_create_dir_ns+0x24b/0x2b0 [ 1352.472457][T26492] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1352.472485][T26492] ? kobject_add_internal+0x25b/0x9b0 [ 1352.472505][T26492] ? lock_release+0x201/0x2f0 [ 1352.472530][T26492] ? nfs_netns_namespace+0xd/0x40 [ 1352.472552][T26492] kobject_add_internal+0x2c4/0x9b0 [ 1352.472572][T26492] kobject_init_and_add+0x11b/0x190 [ 1352.472596][T26492] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1352.472629][T26492] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1352.472655][T26492] nfs_net_init+0x10a/0x340 [ 1352.472698][T26492] ? __pfx_nfs_net_init+0x10/0x10 [ 1352.472727][T26492] ops_init+0x1df/0x5f0 [ 1352.472751][T26492] setup_net+0x1ff/0x510 [ 1352.472772][T26492] ? lockdep_init_map_type+0x5c/0x280 [ 1352.472808][T26492] ? __pfx_setup_net+0x10/0x10 [ 1352.472829][T26492] ? __raw_spin_lock_init+0x3a/0x110 [ 1352.472867][T26492] ? debug_mutex_init+0x37/0x70 [ 1352.472895][T26492] copy_net_ns+0x2a6/0x5f0 [ 1352.472922][T26492] create_new_namespaces+0x3ea/0xa90 [ 1352.472959][T26492] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1352.472990][T26492] ksys_unshare+0x45b/0xa40 [ 1352.473024][T26492] ? __pfx_ksys_unshare+0x10/0x10 [ 1352.473057][T26492] ? xfd_validate_state+0x61/0x180 [ 1352.473095][T26492] __x64_sys_unshare+0x31/0x40 [ 1352.473127][T26492] do_syscall_64+0xcd/0x490 [ 1352.473162][T26492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1352.473186][T26492] RIP: 0033:0x7f367bf8e929 [ 1352.473205][T26492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1352.473229][T26492] RSP: 002b:00007f367ce2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1352.473251][T26492] RAX: ffffffffffffffda RBX: 00007f367c1b6160 RCX: 00007f367bf8e929 [ 1352.473268][T26492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1352.473284][T26492] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1352.473300][T26492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1352.473316][T26492] R13: 0000000000000000 R14: 00007f367c1b6160 R15: 00007ffed3a666c8 [ 1352.473350][T26492] [ 1352.473379][T26492] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1353.126212][T26505] zswap: compressor not available [ 1353.758419][T26516] can: request_module (can-proto-0) failed. [ 1354.258820][T26527] FAULT_INJECTION: forcing a failure. [ 1354.258820][T26527] name failslab, interval 1, probability 0, space 0, times 0 [ 1354.271768][T26527] CPU: 0 UID: 0 PID: 26527 Comm: syz.2.5101 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1354.271792][T26527] Tainted: [U]=USER [ 1354.271796][T26527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1354.271805][T26527] Call Trace: [ 1354.271810][T26527] [ 1354.271815][T26527] dump_stack_lvl+0x16c/0x1f0 [ 1354.271840][T26527] should_fail_ex+0x512/0x640 [ 1354.271862][T26527] should_failslab+0xc2/0x120 [ 1354.271877][T26527] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1354.271897][T26527] ? __pfx___vma_enter_locked+0x10/0x10 [ 1354.271916][T26527] ? vm_area_dup+0x27/0x8d0 [ 1354.271935][T26527] vm_area_dup+0x27/0x8d0 [ 1354.271954][T26527] dup_mmap+0x877/0x21d0 [ 1354.271974][T26527] ? __pfx_dup_mmap+0x10/0x10 [ 1354.271990][T26527] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1354.272012][T26527] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1354.272032][T26527] ? __pfx___might_resched+0x10/0x10 [ 1354.272048][T26527] ? mm_init+0xd68/0x13f0 [ 1354.272064][T26527] copy_process+0x4081/0x76a0 [ 1354.272081][T26527] ? __pfx___futex_wait+0x10/0x10 [ 1354.272105][T26527] ? __pfx_copy_process+0x10/0x10 [ 1354.272122][T26527] ? lock_release+0x201/0x2f0 [ 1354.272143][T26527] kernel_clone+0xfc/0x960 [ 1354.272160][T26527] ? __pfx_kernel_clone+0x10/0x10 [ 1354.272181][T26527] __do_sys_clone+0xce/0x120 [ 1354.272198][T26527] ? __pfx___do_sys_clone+0x10/0x10 [ 1354.272220][T26527] ? xfd_validate_state+0x61/0x180 [ 1354.272239][T26527] ? __pfx_do_writev+0x10/0x10 [ 1354.272260][T26527] do_syscall_64+0xcd/0x490 [ 1354.272281][T26527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1354.272295][T26527] RIP: 0033:0x7f367bf8e929 [ 1354.272308][T26527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1354.272322][T26527] RSP: 002b:00007f367ce6ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1354.272335][T26527] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1354.272345][T26527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1354.272354][T26527] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1354.272362][T26527] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1354.272371][T26527] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1354.272384][T26527] [ 1357.451579][T15490] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 1357.763220][T26594] caif:caif_disconnect_client(): nothing to disconnect [ 1358.241787][T26600] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5116'. [ 1358.669301][T26611] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1358.697857][T26611] CPU: 1 UID: 0 PID: 26611 Comm: syz.3.5119 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1358.697904][T26611] Tainted: [U]=USER [ 1358.697913][T26611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1358.697928][T26611] Call Trace: [ 1358.697937][T26611] [ 1358.697946][T26611] dump_stack_lvl+0x16c/0x1f0 [ 1358.697988][T26611] sysfs_warn_dup+0x7f/0xa0 [ 1358.698025][T26611] sysfs_create_dir_ns+0x24b/0x2b0 [ 1358.698069][T26611] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1358.698105][T26611] ? kobject_add_internal+0x25b/0x9b0 [ 1358.698130][T26611] ? lock_release+0x201/0x2f0 [ 1358.698164][T26611] ? nfs_netns_namespace+0xd/0x40 [ 1358.698190][T26611] kobject_add_internal+0x2c4/0x9b0 [ 1358.698215][T26611] kobject_init_and_add+0x11b/0x190 [ 1358.698241][T26611] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1358.698279][T26611] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1358.698307][T26611] nfs_net_init+0x10a/0x340 [ 1358.698336][T26611] ? __pfx_nfs_net_init+0x10/0x10 [ 1358.698365][T26611] ops_init+0x1df/0x5f0 [ 1358.698389][T26611] setup_net+0x1ff/0x510 [ 1358.698411][T26611] ? lockdep_init_map_type+0x5c/0x280 [ 1358.698446][T26611] ? __pfx_setup_net+0x10/0x10 [ 1358.698467][T26611] ? __raw_spin_lock_init+0x3a/0x110 [ 1358.698503][T26611] ? debug_mutex_init+0x37/0x70 [ 1358.698529][T26611] copy_net_ns+0x2a6/0x5f0 [ 1358.698554][T26611] create_new_namespaces+0x3ea/0xa90 [ 1358.698587][T26611] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1358.698616][T26611] ksys_unshare+0x45b/0xa40 [ 1358.698650][T26611] ? __pfx_ksys_unshare+0x10/0x10 [ 1358.698681][T26611] ? __pkru_allows_pkey+0x41/0xb0 [ 1358.698715][T26611] ? do_user_addr_fault+0x843/0x1370 [ 1358.698751][T26611] __x64_sys_unshare+0x31/0x40 [ 1358.698788][T26611] do_syscall_64+0xcd/0x490 [ 1358.698827][T26611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1358.698853][T26611] RIP: 0033:0x7feab158e929 [ 1358.698871][T26611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1358.698893][T26611] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1358.698918][T26611] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1358.698936][T26611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1358.698951][T26611] RBP: 00007feab1610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1358.698968][T26611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1358.698984][T26611] R13: 0000000000000001 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1358.699009][T26611] [ 1358.700196][T26611] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1359.949932][T26648] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5126'. [ 1360.324489][T26654] FAULT_INJECTION: forcing a failure. [ 1360.324489][T26654] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1360.415615][T26654] CPU: 1 UID: 0 PID: 26654 Comm: syz.4.5127 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1360.415670][T26654] Tainted: [U]=USER [ 1360.415680][T26654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1360.415696][T26654] Call Trace: [ 1360.415705][T26654] [ 1360.415716][T26654] dump_stack_lvl+0x16c/0x1f0 [ 1360.415759][T26654] should_fail_ex+0x512/0x640 [ 1360.415800][T26654] should_fail_alloc_page+0xe7/0x130 [ 1360.415830][T26654] prepare_alloc_pages+0x3c2/0x610 [ 1360.415861][T26654] ? rcu_is_watching+0x12/0xc0 [ 1360.415890][T26654] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1360.415929][T26654] ? rcu_is_watching+0x12/0xc0 [ 1360.415955][T26654] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1360.415982][T26654] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1360.416018][T26654] ? xas_alloc+0x34f/0x460 [ 1360.416049][T26654] ? xas_alloc+0x27c/0x460 [ 1360.416079][T26654] ? rcu_is_watching+0x12/0xc0 [ 1360.416102][T26654] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1360.416139][T26654] ? css_rstat_updated+0x9d/0xd30 [ 1360.416165][T26654] ? folios_put_refs+0x5ce/0x740 [ 1360.416193][T26654] ? __pfx_folios_put_refs+0x10/0x10 [ 1360.416217][T26654] ? folio_batch_move_lru+0x2b4/0x3b0 [ 1360.416240][T26654] ? rcu_is_watching+0x12/0xc0 [ 1360.416266][T26654] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1360.416305][T26654] ? policy_nodemask+0xea/0x4e0 [ 1360.416330][T26654] alloc_pages_mpol+0x1fb/0x550 [ 1360.416355][T26654] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1360.416380][T26654] ? __pfx_folio_batch_move_lru+0x10/0x10 [ 1360.416405][T26654] ? __folio_batch_add_and_move+0x602/0xc90 [ 1360.416429][T26654] ? rcu_is_watching+0x12/0xc0 [ 1360.416455][T26654] ? lock_release+0x201/0x2f0 [ 1360.416489][T26654] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1360.416519][T26654] shmem_alloc_folio+0x135/0x160 [ 1360.416550][T26654] shmem_alloc_and_add_folio+0x499/0xc20 [ 1360.416588][T26654] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1360.416624][T26654] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1360.416675][T26654] shmem_get_folio_gfp+0x67f/0x1600 [ 1360.416715][T26654] ? rcu_is_watching+0x12/0xc0 [ 1360.416743][T26654] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1360.416782][T26654] ? filemap_map_pages+0xf6f/0x1680 [ 1360.416822][T26654] shmem_fault+0x1fe/0xa30 [ 1360.416857][T26654] ? __pfx_shmem_fault+0x10/0x10 [ 1360.416893][T26654] ? __pfx_filemap_map_pages+0x10/0x10 [ 1360.416936][T26654] __do_fault+0x10a/0x490 [ 1360.416975][T26654] __handle_mm_fault+0x3c2a/0x5490 [ 1360.417012][T26654] ? __pfx___handle_mm_fault+0x10/0x10 [ 1360.417045][T26654] ? __pte_offset_map_lock+0x174/0x310 [ 1360.417079][T26654] ? follow_page_pte+0x3af/0x14c0 [ 1360.417112][T26654] handle_mm_fault+0x589/0xd10 [ 1360.417147][T26654] __get_user_pages+0x589/0x3b80 [ 1360.417179][T26654] ? __pfx___futex_wait+0x10/0x10 [ 1360.417216][T26654] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1360.417256][T26654] ? __pfx___get_user_pages+0x10/0x10 [ 1360.417286][T26654] ? __pfx_futex_wake_mark+0x10/0x10 [ 1360.417327][T26654] faultin_page_range+0x249/0x980 [ 1360.417361][T26654] madvise_do_behavior+0x268/0x3f0 [ 1360.417391][T26654] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1360.417428][T26654] do_madvise+0x161/0x230 [ 1360.417455][T26654] ? __pfx_do_madvise+0x10/0x10 [ 1360.417490][T26654] ? xfd_validate_state+0x61/0x180 [ 1360.417522][T26654] ? __pfx_do_writev+0x10/0x10 [ 1360.417560][T26654] __x64_sys_madvise+0xa9/0x110 [ 1360.417586][T26654] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1360.417625][T26654] do_syscall_64+0xcd/0x490 [ 1360.417672][T26654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1360.417698][T26654] RIP: 0033:0x7f4cb818e929 [ 1360.417720][T26654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1360.417748][T26654] RSP: 002b:00007f4cb9006038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1360.417774][T26654] RAX: ffffffffffffffda RBX: 00007f4cb83b6080 RCX: 00007f4cb818e929 [ 1360.417794][T26654] RDX: 0000000000000016 RSI: 0000000000100000 RDI: 0000000000000000 [ 1360.417811][T26654] RBP: 00007f4cb8210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1360.417827][T26654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1360.417842][T26654] R13: 0000000000000000 R14: 00007f4cb83b6080 R15: 00007ffed064db48 [ 1360.417867][T26654] [ 1360.421641][T26650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078003740 pfn:0x78000 [ 1360.955241][T26650] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1360.963793][T26650] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 1361.038141][T26650] page_type: f5(slab) [ 1361.042176][T26650] raw: 00fff00000000240 ffff88801faa8c80 ffffea0001f41410 ffffea0000cdc110 [ 1361.053492][T26650] raw: ffff888078003740 0000000000130004 00000000f5000000 0000000000000000 [ 1361.062453][T26650] head: 00fff00000000240 ffff88801faa8c80 ffffea0001f41410 ffffea0000cdc110 [ 1361.085737][T26650] head: ffff888078003740 0000000000130004 00000000f5000000 0000000000000000 [ 1361.121928][T26656] base_sock_release(ffff8880463eb600) sk=ffff88807db3f000 [ 1361.139324][T26650] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 1361.300851][T26650] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 1361.353045][T26650] page dumped because: unmovable page [ 1361.394975][T26650] page_owner tracks the page as allocated [ 1361.400753][T26650] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 25245, tgid 25244 (syz.3.4793), ts 1287977037709, free_ts 1285093427490 [ 1361.458357][T26650] post_alloc_hook+0x1c0/0x230 [ 1361.463192][T26650] get_page_from_freelist+0x1321/0x3890 [ 1361.479112][T26650] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1361.496086][T26650] alloc_pages_mpol+0x1fb/0x550 [ 1361.501092][T26650] new_slab+0x23b/0x330 [ 1361.506302][T26650] ___slab_alloc+0xd9c/0x1940 [ 1361.511031][T26650] __slab_alloc.constprop.0+0x56/0xb0 [ 1361.525503][T26650] kmem_cache_alloc_node_noprof+0xf5/0x3b0 [ 1361.535046][T26650] kmalloc_reserve+0x18b/0x2c0 [ 1361.542517][T26650] __alloc_skb+0x166/0x380 [ 1361.552139][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.554878][T26650] alloc_uevent_skb+0x7d/0x210 [ 1361.562383][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1361.570358][T26650] kobject_uevent_env+0x11cc/0x1870 [ 1361.579784][T26650] net_rx_queue_update_kobjects+0x1de/0x770 [ 1361.601558][T26650] netdev_register_kobject+0x269/0x3a0 [ 1361.617361][T26650] register_netdevice+0x13dc/0x2270 [ 1361.622510][T26665] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5129'. [ 1361.622599][T26650] __ip_tunnel_create+0x540/0x6e0 [ 1361.646497][T26663] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5130'. [ 1361.665090][T26650] page last free pid 9708 tgid 9708 stack trace: [ 1361.671513][T26650] __free_frozen_pages+0x7fe/0x1180 [ 1361.681933][T26650] __folio_put+0x329/0x450 [ 1361.687092][T26650] ops_undo_list+0x487/0xab0 [ 1361.692501][T26650] cleanup_net+0x408/0x890 [ 1361.705070][T26650] process_one_work+0x9cf/0x1b70 [ 1361.713428][T26650] worker_thread+0x6c8/0xf10 [ 1361.723097][T26650] kthread+0x3c5/0x780 [ 1361.731204][T26650] ret_from_fork+0x5d4/0x6f0 [ 1361.740535][T26650] ret_from_fork_asm+0x1a/0x30 [ 1361.783656][T26654] page: refcount:3 mapcount:2 mapping:0000000000000000 index:0xffff888078016600 pfn:0x78010 [ 1361.808754][T26654] flags: 0xfff00000000014(referenced|dirty|node=0|zone=1|lastcpupid=0x7ff) [ 1361.819412][T26654] raw: 00fff00000000014 0000000000000000 dead000000000122 0000000000000000 [ 1361.828566][T26654] raw: ffff888078016600 0000000000000000 0000000300000001 0000000000000000 [ 1361.838586][T26654] page dumped because: unmovable page [ 1361.844041][T26654] page_owner tracks the page as allocated [ 1361.850104][T26654] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 25259, tgid 25259 (syz-executor), ts 1288498867292, free_ts 1288182358148 [ 1361.959911][T26654] post_alloc_hook+0x1c0/0x230 [ 1361.971362][T26654] get_page_from_freelist+0x1321/0x3890 [ 1361.993143][T26654] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1362.014502][T26654] alloc_pages_mpol+0x1fb/0x550 [ 1362.032459][T26654] alloc_pages_noprof+0x131/0x390 [ 1362.049625][T26654] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 1362.072801][T26671] can: request_module (can-proto-0) failed. [ 1362.078899][T26654] vmalloc_user_noprof+0x9e/0xe0 [ 1362.084074][T26654] kcov_ioctl+0x4c/0x730 [ 1362.089026][T26654] __x64_sys_ioctl+0x18b/0x210 [ 1362.095530][T26654] do_syscall_64+0xcd/0x490 [ 1362.100176][T26654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1362.117051][T26654] page last free pid 9708 tgid 9708 stack trace: [ 1362.124175][T26654] __free_frozen_pages+0x7fe/0x1180 [ 1362.129792][T26654] tlb_remove_table_rcu+0x116/0x1a0 [ 1362.136879][T26654] rcu_core+0x799/0x14e0 [ 1362.141226][T26654] handle_softirqs+0x219/0x8e0 [ 1362.146336][T26654] __irq_exit_rcu+0x109/0x170 [ 1362.151174][T26654] irq_exit_rcu+0x9/0x30 [ 1362.155745][T26654] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1362.161550][T26654] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1362.172700][T26665] bond0: (slave bond_slave_1): Releasing backup interface [ 1362.358762][T26679] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1362.418597][T26679] CPU: 1 UID: 0 PID: 26679 Comm: syz.4.5135 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1362.418629][T26679] Tainted: [U]=USER [ 1362.418635][T26679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1362.418645][T26679] Call Trace: [ 1362.418650][T26679] [ 1362.418656][T26679] dump_stack_lvl+0x16c/0x1f0 [ 1362.418682][T26679] sysfs_warn_dup+0x7f/0xa0 [ 1362.418703][T26679] sysfs_create_dir_ns+0x24b/0x2b0 [ 1362.418722][T26679] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1362.418741][T26679] ? kobject_add_internal+0x25b/0x9b0 [ 1362.418755][T26679] ? lock_release+0x201/0x2f0 [ 1362.418775][T26679] ? nfs_netns_namespace+0xd/0x40 [ 1362.418790][T26679] kobject_add_internal+0x2c4/0x9b0 [ 1362.418806][T26679] kobject_init_and_add+0x11b/0x190 [ 1362.418820][T26679] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1362.418839][T26679] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1362.418855][T26679] nfs_net_init+0x10a/0x340 [ 1362.418873][T26679] ? __pfx_nfs_net_init+0x10/0x10 [ 1362.418890][T26679] ops_init+0x1df/0x5f0 [ 1362.418904][T26679] setup_net+0x1ff/0x510 [ 1362.418915][T26679] ? lockdep_init_map_type+0x5c/0x280 [ 1362.418935][T26679] ? __pfx_setup_net+0x10/0x10 [ 1362.418946][T26679] ? __raw_spin_lock_init+0x3a/0x110 [ 1362.418968][T26679] ? debug_mutex_init+0x37/0x70 [ 1362.418983][T26679] copy_net_ns+0x2a6/0x5f0 [ 1362.418998][T26679] create_new_namespaces+0x3ea/0xa90 [ 1362.419016][T26679] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1362.419033][T26679] ksys_unshare+0x45b/0xa40 [ 1362.419052][T26679] ? __pfx_ksys_unshare+0x10/0x10 [ 1362.419071][T26679] ? xfd_validate_state+0x61/0x180 [ 1362.419092][T26679] __x64_sys_unshare+0x31/0x40 [ 1362.419110][T26679] do_syscall_64+0xcd/0x490 [ 1362.419132][T26679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1362.419146][T26679] RIP: 0033:0x7f4cb818e929 [ 1362.419158][T26679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1362.419172][T26679] RSP: 002b:00007f4cb9027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1362.419186][T26679] RAX: ffffffffffffffda RBX: 00007f4cb83b5fa0 RCX: 00007f4cb818e929 [ 1362.419196][T26679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1362.419204][T26679] RBP: 00007f4cb8210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1362.419213][T26679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1362.419221][T26679] R13: 0000000000000000 R14: 00007f4cb83b5fa0 R15: 00007ffed064db48 [ 1362.419238][T26679] [ 1362.419268][T26679] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1362.840670][T15490] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1363.041801][T26679] FAULT_INJECTION: forcing a failure. [ 1363.041801][T26679] name failslab, interval 1, probability 0, space 0, times 0 [ 1363.066076][T26679] CPU: 1 UID: 0 PID: 26679 Comm: syz.4.5135 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1363.066118][T26679] Tainted: [U]=USER [ 1363.066127][T26679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1363.066142][T26679] Call Trace: [ 1363.066150][T26679] [ 1363.066160][T26679] dump_stack_lvl+0x16c/0x1f0 [ 1363.066200][T26679] should_fail_ex+0x512/0x640 [ 1363.066238][T26679] should_failslab+0xc2/0x120 [ 1363.066263][T26679] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1363.066299][T26679] ? trace_cap_capable+0x18d/0x200 [ 1363.066324][T26679] ? vm_area_dup+0x27/0x8d0 [ 1363.066357][T26679] vm_area_dup+0x27/0x8d0 [ 1363.066390][T26679] dup_mmap+0x877/0x21d0 [ 1363.066459][T26679] ? __pfx_dup_mmap+0x10/0x10 [ 1363.066490][T26679] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1363.066529][T26679] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1363.066565][T26679] ? __pfx___might_resched+0x10/0x10 [ 1363.066593][T26679] ? mm_init+0xd68/0x13f0 [ 1363.066622][T26679] copy_process+0x4081/0x76a0 [ 1363.066652][T26679] ? __pfx___futex_wait+0x10/0x10 [ 1363.066693][T26679] ? __pfx_copy_process+0x10/0x10 [ 1363.066724][T26679] ? futex_wake+0x456/0x530 [ 1363.066762][T26679] kernel_clone+0xfc/0x960 [ 1363.066791][T26679] ? __pfx_kernel_clone+0x10/0x10 [ 1363.066830][T26679] __do_sys_clone+0xce/0x120 [ 1363.066860][T26679] ? __pfx___do_sys_clone+0x10/0x10 [ 1363.066898][T26679] ? xfd_validate_state+0x61/0x180 [ 1363.066930][T26679] ? __pfx_do_writev+0x10/0x10 [ 1363.066969][T26679] do_syscall_64+0xcd/0x490 [ 1363.067006][T26679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1363.067031][T26679] RIP: 0033:0x7f4cb818e929 [ 1363.067051][T26679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1363.067075][T26679] RSP: 002b:00007f4cb9026fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1363.067100][T26679] RAX: ffffffffffffffda RBX: 00007f4cb83b5fa0 RCX: 00007f4cb818e929 [ 1363.067117][T26679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1363.067133][T26679] RBP: 00007f4cb8210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1363.067150][T26679] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1363.067166][T26679] R13: 0000000000000000 R14: 00007f4cb83b5fa0 R15: 00007ffed064db48 [ 1363.067191][T26679] [ 1363.426125][T26693] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5139'. [ 1363.471057][T26693] bond0: (slave bond_slave_1): Releasing backup interface [ 1363.939167][T26708] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5142'. [ 1364.113927][T26712] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81 [ 1364.207262][T26713] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82 [ 1364.698974][T26717] can: request_module (can-proto-0) failed. [ 1365.273463][T26737] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1365.292120][T26737] CPU: 0 UID: 0 PID: 26737 Comm: syz.2.5149 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1365.292167][T26737] Tainted: [U]=USER [ 1365.292176][T26737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1365.292193][T26737] Call Trace: [ 1365.292202][T26737] [ 1365.292212][T26737] dump_stack_lvl+0x16c/0x1f0 [ 1365.292257][T26737] sysfs_warn_dup+0x7f/0xa0 [ 1365.292294][T26737] sysfs_create_dir_ns+0x24b/0x2b0 [ 1365.292328][T26737] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1365.292365][T26737] ? kobject_add_internal+0x25b/0x9b0 [ 1365.292391][T26737] ? lock_release+0x201/0x2f0 [ 1365.292425][T26737] ? nfs_netns_namespace+0xd/0x40 [ 1365.292452][T26737] kobject_add_internal+0x2c4/0x9b0 [ 1365.292487][T26737] kobject_init_and_add+0x11b/0x190 [ 1365.292516][T26737] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1365.292552][T26737] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1365.292584][T26737] nfs_net_init+0x10a/0x340 [ 1365.292617][T26737] ? __pfx_nfs_net_init+0x10/0x10 [ 1365.292648][T26737] ops_init+0x1df/0x5f0 [ 1365.292674][T26737] setup_net+0x1ff/0x510 [ 1365.292695][T26737] ? lockdep_init_map_type+0x5c/0x280 [ 1365.292730][T26737] ? __pfx_setup_net+0x10/0x10 [ 1365.292752][T26737] ? __raw_spin_lock_init+0x3a/0x110 [ 1365.292791][T26737] ? debug_mutex_init+0x37/0x70 [ 1365.292819][T26737] copy_net_ns+0x2a6/0x5f0 [ 1365.292847][T26737] create_new_namespaces+0x3ea/0xa90 [ 1365.292880][T26737] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1365.292911][T26737] ksys_unshare+0x45b/0xa40 [ 1365.292949][T26737] ? __pfx_ksys_unshare+0x10/0x10 [ 1365.292981][T26737] ? xfd_validate_state+0x61/0x180 [ 1365.293019][T26737] __x64_sys_unshare+0x31/0x40 [ 1365.293053][T26737] do_syscall_64+0xcd/0x490 [ 1365.293092][T26737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1365.293119][T26737] RIP: 0033:0x7f367bf8e929 [ 1365.293140][T26737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1365.293166][T26737] RSP: 002b:00007f367ce70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1365.293192][T26737] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1365.293211][T26737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1365.293228][T26737] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1365.293244][T26737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1365.293260][T26737] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1365.293285][T26737] [ 1365.666318][T26737] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1366.090103][T26737] FAULT_INJECTION: forcing a failure. [ 1366.090103][T26737] name failslab, interval 1, probability 0, space 0, times 0 [ 1366.172699][T26737] CPU: 0 UID: 0 PID: 26737 Comm: syz.2.5149 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1366.172742][T26737] Tainted: [U]=USER [ 1366.172750][T26737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1366.172765][T26737] Call Trace: [ 1366.172774][T26737] [ 1366.172784][T26737] dump_stack_lvl+0x16c/0x1f0 [ 1366.172821][T26737] should_fail_ex+0x512/0x640 [ 1366.172860][T26737] should_failslab+0xc2/0x120 [ 1366.172885][T26737] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1366.172919][T26737] ? trace_cap_capable+0x18d/0x200 [ 1366.172944][T26737] ? vm_area_dup+0x27/0x8d0 [ 1366.172978][T26737] vm_area_dup+0x27/0x8d0 [ 1366.173010][T26737] dup_mmap+0x877/0x21d0 [ 1366.173046][T26737] ? __pfx_dup_mmap+0x10/0x10 [ 1366.173074][T26737] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1366.173110][T26737] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1366.173146][T26737] ? __pfx___might_resched+0x10/0x10 [ 1366.173173][T26737] ? mm_init+0xd68/0x13f0 [ 1366.173201][T26737] copy_process+0x4081/0x76a0 [ 1366.173229][T26737] ? preempt_schedule_thunk+0x16/0x30 [ 1366.173267][T26737] ? __pfx_copy_process+0x10/0x10 [ 1366.173295][T26737] ? plist_check_head+0xd1/0x150 [ 1366.173324][T26737] ? futex_wake+0x456/0x530 [ 1366.173359][T26737] ? futex_private_hash_put+0xc7/0x240 [ 1366.173388][T26737] kernel_clone+0xfc/0x960 [ 1366.173423][T26737] ? __pfx_futex_wake+0x10/0x10 [ 1366.173456][T26737] ? __pfx_kernel_clone+0x10/0x10 [ 1366.173484][T26737] ? __pfx_vfs_writev+0x10/0x10 [ 1366.173525][T26737] __do_sys_clone+0xce/0x120 [ 1366.173555][T26737] ? __pfx___do_sys_clone+0x10/0x10 [ 1366.173592][T26737] ? xfd_validate_state+0x61/0x180 [ 1366.173623][T26737] ? __pfx_do_writev+0x10/0x10 [ 1366.173659][T26737] do_syscall_64+0xcd/0x490 [ 1366.173695][T26737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1366.173720][T26737] RIP: 0033:0x7f367bf8e929 [ 1366.173740][T26737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1366.173764][T26737] RSP: 002b:00007f367ce6ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1366.173789][T26737] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1366.173807][T26737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1366.173822][T26737] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1366.173838][T26737] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1366.173853][T26737] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1366.173877][T26737] [ 1366.824609][T26752] FAULT_INJECTION: forcing a failure. [ 1366.824609][T26752] name failslab, interval 1, probability 0, space 0, times 0 [ 1366.845369][T26752] CPU: 0 UID: 0 PID: 26752 Comm: syz.1.5154 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1366.845416][T26752] Tainted: [U]=USER [ 1366.845425][T26752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1366.845441][T26752] Call Trace: [ 1366.845451][T26752] [ 1366.845462][T26752] dump_stack_lvl+0x16c/0x1f0 [ 1366.845506][T26752] should_fail_ex+0x512/0x640 [ 1366.845544][T26752] ? __register_sysctl_table+0xb3/0x1900 [ 1366.845567][T26752] should_failslab+0xc2/0x120 [ 1366.845590][T26752] __kmalloc_noprof+0xd2/0x510 [ 1366.845629][T26752] __register_sysctl_table+0xb3/0x1900 [ 1366.845652][T26752] ? rcu_is_watching+0x12/0xc0 [ 1366.845679][T26752] ? lock_release+0x201/0x2f0 [ 1366.845713][T26752] ? __pfx___register_sysctl_table+0x10/0x10 [ 1366.845739][T26752] ? is_module_address+0x69/0xf0 [ 1366.845774][T26752] ? register_net_sysctl_sz+0x228/0x3e0 [ 1366.845801][T26752] ? __asan_memcpy+0x3c/0x60 [ 1366.845835][T26752] devinet_init_net+0x378/0x910 [ 1366.845866][T26752] ? __pfx_devinet_init_net+0x10/0x10 [ 1366.845896][T26752] ops_init+0x1df/0x5f0 [ 1366.845921][T26752] setup_net+0x1ff/0x510 [ 1366.845941][T26752] ? lockdep_init_map_type+0x5c/0x280 [ 1366.845976][T26752] ? __pfx_setup_net+0x10/0x10 [ 1366.845998][T26752] ? __raw_spin_lock_init+0x3a/0x110 [ 1366.846038][T26752] ? debug_mutex_init+0x37/0x70 [ 1366.846062][T26752] copy_net_ns+0x2a6/0x5f0 [ 1366.846087][T26752] create_new_namespaces+0x3ea/0xa90 [ 1366.846115][T26752] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1366.846143][T26752] ksys_unshare+0x45b/0xa40 [ 1366.846175][T26752] ? __pfx_ksys_unshare+0x10/0x10 [ 1366.846205][T26752] ? xfd_validate_state+0x61/0x180 [ 1366.846241][T26752] __x64_sys_unshare+0x31/0x40 [ 1366.846272][T26752] do_syscall_64+0xcd/0x490 [ 1366.846317][T26752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1366.846344][T26752] RIP: 0033:0x7f399138e929 [ 1366.846365][T26752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1366.846391][T26752] RSP: 002b:00007f398f1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1366.846415][T26752] RAX: ffffffffffffffda RBX: 00007f39915b5fa0 RCX: 00007f399138e929 [ 1366.846434][T26752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1366.846450][T26752] RBP: 00007f3991410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1366.846466][T26752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1366.846482][T26752] R13: 0000000000000000 R14: 00007f39915b5fa0 R15: 00007ffd91261538 [ 1366.846508][T26752] [ 1367.225689][T26758] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1367.233942][T26758] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1367.241499][T26758] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1367.367551][T26758] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1367.375853][T26754] FAULT_INJECTION: forcing a failure. [ 1367.375853][T26754] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1367.392212][T26758] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1367.492629][T26754] CPU: 1 UID: 0 PID: 26754 Comm: syz.2.5155 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1367.492670][T26754] Tainted: [U]=USER [ 1367.492678][T26754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1367.492692][T26754] Call Trace: [ 1367.492700][T26754] [ 1367.492708][T26754] dump_stack_lvl+0x16c/0x1f0 [ 1367.492747][T26754] should_fail_ex+0x512/0x640 [ 1367.492784][T26754] _copy_from_user+0x2e/0xd0 [ 1367.492807][T26754] copy_msghdr_from_user+0x98/0x160 [ 1367.492841][T26754] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1367.492877][T26754] ? kfree+0x24f/0x4d0 [ 1367.492909][T26754] ___sys_sendmsg+0xfe/0x1d0 [ 1367.492942][T26754] ? __pfx____sys_sendmsg+0x10/0x10 [ 1367.492976][T26754] ? lock_release+0x201/0x2f0 [ 1367.493017][T26754] ? __pfx___might_resched+0x10/0x10 [ 1367.493046][T26754] __sys_sendmmsg+0x200/0x420 [ 1367.493082][T26754] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1367.493114][T26754] ? lock_release+0x201/0x2f0 [ 1367.493148][T26754] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1367.493195][T26754] ? fput+0x70/0xf0 [ 1367.493218][T26754] ? ksys_write+0x1ac/0x250 [ 1367.493251][T26754] ? __pfx_ksys_write+0x10/0x10 [ 1367.493292][T26754] __x64_sys_sendmmsg+0x9c/0x100 [ 1367.493325][T26754] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1367.493361][T26754] do_syscall_64+0xcd/0x490 [ 1367.493398][T26754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1367.493420][T26754] RIP: 0033:0x7f367bf8e929 [ 1367.493439][T26754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1367.493463][T26754] RSP: 002b:00007f367ce70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1367.493486][T26754] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1367.493503][T26754] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1367.493518][T26754] RBP: 00007f367ce70090 R08: 0000000000000000 R09: 0000000000000000 [ 1367.493533][T26754] R10: 000000000000003f R11: 0000000000000246 R12: 0000000000000002 [ 1367.493549][T26754] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1367.493572][T26754] [ 1368.110608][T26755] chnl_net:caif_netlink_parms(): no params data found [ 1368.418901][T26755] bridge0: port 1(bridge_slave_0) entered blocking state [ 1368.566248][T26755] bridge0: port 1(bridge_slave_0) entered disabled state [ 1368.831369][T26755] bridge_slave_0: entered allmulticast mode [ 1368.838311][T26755] bridge_slave_0: entered promiscuous mode [ 1368.852921][T26755] bridge0: port 2(bridge_slave_1) entered blocking state [ 1368.860082][T26755] bridge0: port 2(bridge_slave_1) entered disabled state [ 1368.879272][T26755] bridge_slave_1: entered allmulticast mode [ 1368.902249][T26755] bridge_slave_1: entered promiscuous mode [ 1368.990270][T26755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1369.080080][T26755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1369.138491][T26755] team0: Port device team_slave_0 added [ 1369.198091][T10785] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1369.232134][T26755] team0: Port device team_slave_1 added [ 1369.239626][T26793] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1369.275538][T26793] CPU: 1 UID: 0 PID: 26793 Comm: syz.3.5162 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1369.275583][T26793] Tainted: [U]=USER [ 1369.275593][T26793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1369.275610][T26793] Call Trace: [ 1369.275618][T26793] [ 1369.275628][T26793] dump_stack_lvl+0x16c/0x1f0 [ 1369.275671][T26793] sysfs_warn_dup+0x7f/0xa0 [ 1369.275706][T26793] sysfs_create_dir_ns+0x24b/0x2b0 [ 1369.275741][T26793] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1369.275776][T26793] ? kobject_add_internal+0x25b/0x9b0 [ 1369.275801][T26793] ? lock_release+0x201/0x2f0 [ 1369.275835][T26793] ? nfs_netns_namespace+0xd/0x40 [ 1369.275860][T26793] kobject_add_internal+0x2c4/0x9b0 [ 1369.275888][T26793] kobject_init_and_add+0x11b/0x190 [ 1369.275915][T26793] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1369.275950][T26793] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1369.275980][T26793] nfs_net_init+0x10a/0x340 [ 1369.276012][T26793] ? __pfx_nfs_net_init+0x10/0x10 [ 1369.276042][T26793] ops_init+0x1df/0x5f0 [ 1369.276067][T26793] setup_net+0x1ff/0x510 [ 1369.276088][T26793] ? lockdep_init_map_type+0x5c/0x280 [ 1369.276133][T26793] ? __pfx_setup_net+0x10/0x10 [ 1369.276156][T26793] ? __raw_spin_lock_init+0x3a/0x110 [ 1369.276196][T26793] ? debug_mutex_init+0x37/0x70 [ 1369.276224][T26793] copy_net_ns+0x2a6/0x5f0 [ 1369.276251][T26793] create_new_namespaces+0x3ea/0xa90 [ 1369.276283][T26793] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1369.276314][T26793] ksys_unshare+0x45b/0xa40 [ 1369.276348][T26793] ? __pfx_ksys_unshare+0x10/0x10 [ 1369.276382][T26793] ? xfd_validate_state+0x61/0x180 [ 1369.276420][T26793] __x64_sys_unshare+0x31/0x40 [ 1369.276453][T26793] do_syscall_64+0xcd/0x490 [ 1369.276491][T26793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1369.276518][T26793] RIP: 0033:0x7feab158e929 [ 1369.276538][T26793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1369.276564][T26793] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1369.276590][T26793] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1369.276609][T26793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1369.276625][T26793] RBP: 00007feab1610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1369.276643][T26793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1369.276659][T26793] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1369.276684][T26793] [ 1369.276706][T26793] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1369.563836][T10785] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1369.662372][T26755] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1369.690892][T26755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1369.717480][T26755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1369.829131][T10785] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1369.845822][T26755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1369.853322][T26755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1369.915114][T26755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1369.942000][T26758] Bluetooth: hci2: command tx timeout [ 1370.055052][T10785] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1370.129246][T26755] hsr_slave_0: entered promiscuous mode [ 1370.154437][T26755] hsr_slave_1: entered promiscuous mode [ 1370.209514][T26755] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1370.237613][T26755] Cannot create hsr debugfs directory [ 1370.541184][T10785] batadv0: left allmulticast mode [ 1370.549694][T10785] batadv0: left promiscuous mode [ 1370.619692][T10785] bridge0: port 3(batadv0) entered disabled state [ 1370.657844][T10785] bridge_slave_1: left allmulticast mode [ 1370.663686][T10785] bridge_slave_1: left promiscuous mode [ 1370.669385][T10785] bridge0: port 2(bridge_slave_1) entered disabled state [ 1370.714583][T10785] bridge_slave_0: left allmulticast mode [ 1370.734137][T10785] bridge_slave_0: left promiscuous mode [ 1370.783844][T10785] bridge0: port 1(bridge_slave_0) entered disabled state [ 1371.770099][T10785] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1371.826275][T10785] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1371.862569][T10785] bond0 (unregistering): Released all slaves [ 1371.964992][T10785] tipc: Left network mode [ 1372.022949][T26758] Bluetooth: hci2: command tx timeout [ 1372.484079][T10785] hsr_slave_0: left promiscuous mode [ 1372.508165][T10785] hsr_slave_1: left promiscuous mode [ 1372.556198][T10785] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1372.570414][T10785] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1372.588386][T10785] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1372.602951][T10785] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1372.671493][T10785] veth1_macvtap: left promiscuous mode [ 1372.693802][T10785] veth0_macvtap: left promiscuous mode [ 1372.722598][T10785] veth1_vlan: left promiscuous mode [ 1372.728367][T10785] veth0_vlan: left promiscuous mode [ 1373.509287][T26847] FAULT_INJECTION: forcing a failure. [ 1373.509287][T26847] name failslab, interval 1, probability 0, space 0, times 0 [ 1373.545806][T26847] CPU: 1 UID: 0 PID: 26847 Comm: syz.3.5174 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1373.545845][T26847] Tainted: [U]=USER [ 1373.545851][T26847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1373.545864][T26847] Call Trace: [ 1373.545871][T26847] [ 1373.545880][T26847] dump_stack_lvl+0x16c/0x1f0 [ 1373.545919][T26847] should_fail_ex+0x512/0x640 [ 1373.545957][T26847] should_failslab+0xc2/0x120 [ 1373.545982][T26847] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1373.546018][T26847] ? security_file_alloc+0x34/0x2b0 [ 1373.546052][T26847] security_file_alloc+0x34/0x2b0 [ 1373.546083][T26847] init_file+0x93/0x4c0 [ 1373.546108][T26847] alloc_empty_file+0x73/0x1e0 [ 1373.546134][T26847] path_openat+0xda/0x2cb0 [ 1373.546166][T26847] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1373.546194][T26847] ? __pfx_path_openat+0x10/0x10 [ 1373.546231][T26847] do_filp_open+0x20b/0x470 [ 1373.546265][T26847] ? __pfx_do_filp_open+0x10/0x10 [ 1373.546308][T26847] ? alloc_fd+0x471/0x7d0 [ 1373.546344][T26847] do_sys_openat2+0x11b/0x1d0 [ 1373.546372][T26847] ? __pfx_do_sys_openat2+0x10/0x10 [ 1373.546397][T26847] ? __fget_files+0x20e/0x3c0 [ 1373.546426][T26847] __x64_sys_openat+0x174/0x210 [ 1373.546451][T26847] ? __pfx___x64_sys_openat+0x10/0x10 [ 1373.546475][T26847] ? ksys_write+0x1ac/0x250 [ 1373.546511][T26847] do_syscall_64+0xcd/0x490 [ 1373.546547][T26847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1373.546570][T26847] RIP: 0033:0x7feab158e929 [ 1373.546587][T26847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1373.546608][T26847] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1373.546628][T26847] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1373.546645][T26847] RDX: 0000000000080303 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1373.546660][T26847] RBP: 00007feab23b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1373.546674][T26847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1373.546686][T26847] R13: 0000000000000001 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1373.546706][T26847] [ 1373.640878][T10785] team0 (unregistering): Port device team_slave_1 removed [ 1374.098950][T26758] Bluetooth: hci2: command tx timeout [ 1374.162969][T26755] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1374.261247][T26755] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1374.286431][T26755] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1374.304519][T26755] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1374.419433][T26863] FAULT_INJECTION: forcing a failure. [ 1374.419433][T26863] name failslab, interval 1, probability 0, space 0, times 0 [ 1374.456432][T26755] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1374.478851][T26863] CPU: 1 UID: 0 PID: 26863 Comm: syz.3.5177 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1374.478891][T26863] Tainted: [U]=USER [ 1374.478899][T26863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1374.478913][T26863] Call Trace: [ 1374.478921][T26863] [ 1374.478930][T26863] dump_stack_lvl+0x16c/0x1f0 [ 1374.478968][T26863] should_fail_ex+0x512/0x640 [ 1374.479005][T26863] ? tomoyo_encode2+0x100/0x3e0 [ 1374.479037][T26863] should_failslab+0xc2/0x120 [ 1374.479062][T26863] __kmalloc_noprof+0xd2/0x510 [ 1374.479100][T26863] tomoyo_encode2+0x100/0x3e0 [ 1374.479133][T26863] tomoyo_encode+0x29/0x50 [ 1374.479164][T26863] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1374.479199][T26863] ? tomoyo_profile+0x47/0x60 [ 1374.479222][T26863] tomoyo_path_number_perm+0x245/0x580 [ 1374.479250][T26863] ? tomoyo_path_number_perm+0x237/0x580 [ 1374.479280][T26863] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1374.479314][T26863] ? preempt_count_add+0x76/0x150 [ 1374.479359][T26863] ? rcu_is_watching+0x12/0xc0 [ 1374.479385][T26863] ? __fget_files+0x204/0x3c0 [ 1374.479424][T26863] ? hook_file_ioctl_common+0x145/0x410 [ 1374.479451][T26863] ? lock_release+0x201/0x2f0 [ 1374.479485][T26863] ? __fget_files+0x20e/0x3c0 [ 1374.479519][T26863] security_file_ioctl+0x9b/0x240 [ 1374.479550][T26863] __x64_sys_ioctl+0xb7/0x210 [ 1374.479574][T26863] do_syscall_64+0xcd/0x490 [ 1374.479610][T26863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1374.479635][T26863] RIP: 0033:0x7feab158e929 [ 1374.479661][T26863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1374.479685][T26863] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1374.479707][T26863] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1374.479723][T26863] RDX: 0000000000000006 RSI: 000000004188aec6 RDI: 0000000000000003 [ 1374.479739][T26863] RBP: 00007feab23b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1374.479753][T26863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1374.479767][T26863] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1374.479790][T26863] [ 1374.479808][T26863] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1374.779807][T26755] 8021q: adding VLAN 0 to HW filter on device team0 [ 1374.797102][ T8635] bridge0: port 1(bridge_slave_0) entered blocking state [ 1374.804264][ T8635] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1374.845512][ T8635] bridge0: port 2(bridge_slave_1) entered blocking state [ 1374.852672][ T8635] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1374.985185][T26875] FAULT_INJECTION: forcing a failure. [ 1374.985185][T26875] name failslab, interval 1, probability 0, space 0, times 0 [ 1375.078654][T26875] CPU: 0 UID: 0 PID: 26875 Comm: syz.1.5181 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1375.078696][T26875] Tainted: [U]=USER [ 1375.078705][T26875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1375.078719][T26875] Call Trace: [ 1375.078727][T26875] [ 1375.078737][T26875] dump_stack_lvl+0x16c/0x1f0 [ 1375.078775][T26875] should_fail_ex+0x512/0x640 [ 1375.078812][T26875] should_failslab+0xc2/0x120 [ 1375.078837][T26875] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1375.078872][T26875] ? security_file_alloc+0x34/0x2b0 [ 1375.078906][T26875] security_file_alloc+0x34/0x2b0 [ 1375.078936][T26875] init_file+0x93/0x4c0 [ 1375.078960][T26875] alloc_empty_file+0x73/0x1e0 [ 1375.078983][T26875] path_openat+0xda/0x2cb0 [ 1375.079019][T26875] ? stack_trace_save+0x8e/0xc0 [ 1375.079038][T26875] ? __pfx_path_openat+0x10/0x10 [ 1375.079057][T26875] ? stack_depot_save_flags+0x28/0xa40 [ 1375.079080][T26875] do_filp_open+0x20b/0x470 [ 1375.079098][T26875] ? kasan_save_track+0x14/0x30 [ 1375.079119][T26875] ? __pfx_do_filp_open+0x10/0x10 [ 1375.079138][T26875] ? __x64_sys_execveat+0xc4/0x120 [ 1375.079157][T26875] ? do_syscall_64+0xcd/0x490 [ 1375.079177][T26875] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1375.079199][T26875] do_open_execat+0xf9/0x450 [ 1375.079217][T26875] ? __pfx_do_open_execat+0x10/0x10 [ 1375.079234][T26875] ? rcu_is_watching+0x12/0xc0 [ 1375.079251][T26875] alloc_bprm+0x2d/0x6f0 [ 1375.079269][T26875] do_execveat_common.isra.0+0x1ce/0x610 [ 1375.079290][T26875] __x64_sys_execveat+0xda/0x120 [ 1375.079310][T26875] do_syscall_64+0xcd/0x490 [ 1375.079336][T26875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1375.079349][T26875] RIP: 0033:0x7f399138e929 [ 1375.079361][T26875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1375.079379][T26875] RSP: 002b:00007f398f1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 1375.079394][T26875] RAX: ffffffffffffffda RBX: 00007f39915b5fa0 RCX: 00007f399138e929 [ 1375.079403][T26875] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1375.079412][T26875] RBP: 00007f398f1f6090 R08: 0000000000010000 R09: 0000000000000000 [ 1375.079420][T26875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1375.079429][T26875] R13: 0000000000000000 R14: 00007f39915b5fa0 R15: 00007ffd91261538 [ 1375.079441][T26875] [ 1375.767517][T26884] FAULT_INJECTION: forcing a failure. [ 1375.767517][T26884] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1375.772692][T26755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1375.867861][T26884] CPU: 1 UID: 0 PID: 26884 Comm: syz.2.5183 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1375.867901][T26884] Tainted: [U]=USER [ 1375.867909][T26884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1375.867923][T26884] Call Trace: [ 1375.867932][T26884] [ 1375.867941][T26884] dump_stack_lvl+0x16c/0x1f0 [ 1375.867980][T26884] should_fail_ex+0x512/0x640 [ 1375.868017][T26884] should_fail_alloc_page+0xe7/0x130 [ 1375.868043][T26884] prepare_alloc_pages+0x3c2/0x610 [ 1375.868073][T26884] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1375.868110][T26884] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1375.868139][T26884] ? is_bpf_text_address+0x94/0x1a0 [ 1375.868173][T26884] ? kernel_text_address+0x8d/0x100 [ 1375.868195][T26884] ? __kernel_text_address+0xd/0x40 [ 1375.868216][T26884] ? unwind_get_return_address+0x59/0xa0 [ 1375.868254][T26884] ? arch_stack_walk+0xa6/0x100 [ 1375.868277][T26884] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1375.868329][T26884] ? _kstrtoull+0x145/0x200 [ 1375.868357][T26884] ? __pfx__kstrtoull+0x10/0x10 [ 1375.868385][T26884] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1375.868422][T26884] ? policy_nodemask+0xea/0x4e0 [ 1375.868447][T26884] alloc_pages_mpol+0x1fb/0x550 [ 1375.868472][T26884] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1375.868501][T26884] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1375.868530][T26884] vma_alloc_folio_noprof+0xed/0x1e0 [ 1375.868558][T26884] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1375.868586][T26884] ? __handle_mm_fault+0x1092/0x5490 [ 1375.868617][T26884] ? rcu_is_watching+0x12/0xc0 [ 1375.868643][T26884] ? lock_release+0x201/0x2f0 [ 1375.868677][T26884] __handle_mm_fault+0x2f21/0x5490 [ 1375.868713][T26884] ? __pfx___handle_mm_fault+0x10/0x10 [ 1375.868744][T26884] ? lock_vma_under_rcu+0x47d/0x970 [ 1375.868776][T26884] ? rcu_is_watching+0x12/0xc0 [ 1375.868801][T26884] ? lock_release+0x201/0x2f0 [ 1375.868842][T26884] handle_mm_fault+0x589/0xd10 [ 1375.868874][T26884] ? __pkru_allows_pkey+0x41/0xb0 [ 1375.868906][T26884] do_user_addr_fault+0x60c/0x1370 [ 1375.868940][T26884] ? rcu_is_watching+0x12/0xc0 [ 1375.868967][T26884] exc_page_fault+0x5c/0xb0 [ 1375.868999][T26884] asm_exc_page_fault+0x26/0x30 [ 1375.869023][T26884] RIP: 0033:0x7f367be5a33b [ 1375.869048][T26884] Code: 00 00 00 48 8d 3d fd 2b 19 00 48 89 c1 31 c0 e8 fb 3c ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 31 2c 19 00 48 89 34 24 48 8b 14 24 48 8b [ 1375.869072][T26884] RSP: 002b:00007f367ce6efb0 EFLAGS: 00010202 [ 1375.869092][T26884] RAX: 0000000000000000 RBX: 00007f367c1b5fa0 RCX: 0000000000000000 [ 1375.869109][T26884] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000200000000080 [ 1375.869125][T26884] RBP: 00007f367ce70090 R08: 0000000000000000 R09: 0000000000000000 [ 1375.869140][T26884] R10: 0000200000000080 R11: 0000000000000000 R12: 0000000000000001 [ 1375.869156][T26884] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1375.869180][T26884] [ 1375.869194][T26884] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 1376.177939][T26758] Bluetooth: hci2: command tx timeout [ 1376.194365][T26755] veth0_vlan: entered promiscuous mode [ 1376.250400][T26755] veth1_vlan: entered promiscuous mode [ 1376.337890][T26755] veth0_macvtap: entered promiscuous mode [ 1376.354422][T26755] veth1_macvtap: entered promiscuous mode [ 1376.468375][T26755] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1376.493178][T26755] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1376.557225][T26755] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.627373][T26755] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.627414][T26755] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.627476][T26755] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1376.748047][T26755] ieee80211 phy43: Selected rate control algorithm 'minstrel_ht' [ 1376.912045][T26755] ieee80211 phy44: Selected rate control algorithm 'minstrel_ht' [ 1376.918062][T10785] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1376.918085][T10785] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1376.966619][ T8643] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1376.966643][ T8643] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1377.201795][T26906] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5186'. [ 1377.277798][T26910] FAULT_INJECTION: forcing a failure. [ 1377.277798][T26910] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1377.294273][T26910] CPU: 1 UID: 0 PID: 26910 Comm: syz.3.5187 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1377.294313][T26910] Tainted: [U]=USER [ 1377.294321][T26910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1377.294335][T26910] Call Trace: [ 1377.294343][T26910] [ 1377.294351][T26910] dump_stack_lvl+0x16c/0x1f0 [ 1377.294389][T26910] should_fail_ex+0x512/0x640 [ 1377.294424][T26910] should_fail_alloc_page+0xe7/0x130 [ 1377.294451][T26910] prepare_alloc_pages+0x3c2/0x610 [ 1377.294481][T26910] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1377.294519][T26910] ? ima_match_policy+0x803/0x22e0 [ 1377.294549][T26910] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1377.294586][T26910] ? rcu_is_watching+0x12/0xc0 [ 1377.294611][T26910] ? lock_acquire+0x2cd/0x350 [ 1377.294645][T26910] ? rcu_is_watching+0x12/0xc0 [ 1377.294670][T26910] ? unwind_next_frame+0x3f4/0x20a0 [ 1377.294704][T26910] ? rcu_is_watching+0x12/0xc0 [ 1377.294728][T26910] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1377.294763][T26910] ? policy_nodemask+0xea/0x4e0 [ 1377.294787][T26910] alloc_pages_mpol+0x1fb/0x550 [ 1377.294812][T26910] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1377.294833][T26910] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1377.294862][T26910] ? is_bpf_text_address+0x94/0x1a0 [ 1377.294895][T26910] ? kernel_text_address+0x8d/0x100 [ 1377.294919][T26910] alloc_pages_noprof+0x131/0x390 [ 1377.294943][T26910] __pmd_alloc+0x3b/0x930 [ 1377.294970][T26910] __handle_mm_fault+0xaac/0x5490 [ 1377.295005][T26910] ? __pfx___handle_mm_fault+0x10/0x10 [ 1377.295035][T26910] ? __pfx_mt_find+0x10/0x10 [ 1377.295065][T26910] ? find_vma+0xbf/0x140 [ 1377.295089][T26910] ? __pfx_find_vma+0x10/0x10 [ 1377.295114][T26910] handle_mm_fault+0x589/0xd10 [ 1377.295146][T26910] ? __pkru_allows_pkey+0x41/0xb0 [ 1377.295185][T26910] do_user_addr_fault+0x7a6/0x1370 [ 1377.295218][T26910] ? rcu_is_watching+0x12/0xc0 [ 1377.295245][T26910] exc_page_fault+0x5c/0xb0 [ 1377.295277][T26910] asm_exc_page_fault+0x26/0x30 [ 1377.295300][T26910] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1377.295329][T26910] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 [ 1377.295353][T26910] RSP: 0018:ffffc9000438fbd8 EFLAGS: 00050202 [ 1377.295372][T26910] RAX: 0000000000000001 RBX: 000000000000ffff RCX: 0000000000000004 [ 1377.295388][T26910] RDX: ffffed100543cb20 RSI: 000000000000ffff RDI: ffff88802a1e5900 [ 1377.295404][T26910] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed100543cb20 [ 1377.295419][T26910] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 1377.295433][T26910] R13: ffff88802a1e5900 R14: ffff88807af53500 R15: 1ffff92000871f86 [ 1377.295465][T26910] _copy_from_user+0x98/0xd0 [ 1377.295488][T26910] map_delete_elem+0x70f/0xa10 [ 1377.295519][T26910] ? __might_fault+0x30/0x190 [ 1377.295553][T26910] ? __pfx_map_delete_elem+0x10/0x10 [ 1377.295589][T26910] __sys_bpf+0x631/0x4d80 [ 1377.295611][T26910] ? lock_release+0x201/0x2f0 [ 1377.295642][T26910] ? __pfx___sys_bpf+0x10/0x10 [ 1377.295663][T26910] ? ksys_write+0x190/0x250 [ 1377.295696][T26910] ? rcu_is_watching+0x12/0xc0 [ 1377.295720][T26910] ? lock_release+0x201/0x2f0 [ 1377.295752][T26910] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1377.295796][T26910] ? fput+0x70/0xf0 [ 1377.295819][T26910] ? ksys_write+0x1ac/0x250 [ 1377.295896][T26910] ? __pfx_ksys_write+0x10/0x10 [ 1377.295933][T26910] __x64_sys_bpf+0x78/0xc0 [ 1377.295955][T26910] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1377.295987][T26910] do_syscall_64+0xcd/0x490 [ 1377.296018][T26910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1377.296038][T26910] RIP: 0033:0x7feab158e929 [ 1377.296054][T26910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1377.296074][T26910] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1377.296094][T26910] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1377.296110][T26910] RDX: 000000000000000c RSI: 00002000000001c0 RDI: 0000000000000003 [ 1377.296123][T26910] RBP: 00007feab23b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1377.296136][T26910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1377.296149][T26910] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1377.296177][T26910] [ 1377.767909][T26912] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5188'. [ 1377.947815][T26903] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5152'. [ 1378.379642][T26925] bridge0: port 3(batadv0) entered blocking state [ 1378.418208][T26925] bridge0: port 3(batadv0) entered disabled state [ 1378.425210][T26925] batadv0: entered allmulticast mode [ 1378.473654][T26925] batadv0: entered promiscuous mode [ 1378.514134][T26925] bridge0: port 3(batadv0) entered blocking state [ 1378.520649][T26925] bridge0: port 3(batadv0) entered forwarding state [ 1379.934317][T26952] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1379.941476][T26952] CPU: 1 UID: 0 PID: 26952 Comm: syz.3.5200 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1379.941513][T26952] Tainted: [U]=USER [ 1379.941522][T26952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1379.941535][T26952] Call Trace: [ 1379.941541][T26952] [ 1379.941550][T26952] dump_stack_lvl+0x16c/0x1f0 [ 1379.941589][T26952] sysfs_warn_dup+0x7f/0xa0 [ 1379.941618][T26952] sysfs_create_dir_ns+0x24b/0x2b0 [ 1379.941644][T26952] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1379.941669][T26952] ? kobject_add_internal+0x25b/0x9b0 [ 1379.941688][T26952] ? lock_release+0x201/0x2f0 [ 1379.941714][T26952] ? nfs_netns_namespace+0xd/0x40 [ 1379.941741][T26952] kobject_add_internal+0x2c4/0x9b0 [ 1379.941767][T26952] kobject_init_and_add+0x11b/0x190 [ 1379.941793][T26952] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1379.941819][T26952] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1379.941841][T26952] nfs_net_init+0x10a/0x340 [ 1379.941864][T26952] ? __pfx_nfs_net_init+0x10/0x10 [ 1379.941886][T26952] ops_init+0x1df/0x5f0 [ 1379.941906][T26952] setup_net+0x1ff/0x510 [ 1379.941937][T26952] ? lockdep_init_map_type+0x5c/0x280 [ 1379.941967][T26952] ? __pfx_setup_net+0x10/0x10 [ 1379.941983][T26952] ? __raw_spin_lock_init+0x3a/0x110 [ 1379.942016][T26952] ? debug_mutex_init+0x37/0x70 [ 1379.942039][T26952] copy_net_ns+0x2a6/0x5f0 [ 1379.942062][T26952] create_new_namespaces+0x3ea/0xa90 [ 1379.942092][T26952] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1379.942119][T26952] ksys_unshare+0x45b/0xa40 [ 1379.942149][T26952] ? __pfx_ksys_unshare+0x10/0x10 [ 1379.942181][T26952] ? xfd_validate_state+0x61/0x180 [ 1379.942215][T26952] __x64_sys_unshare+0x31/0x40 [ 1379.942244][T26952] do_syscall_64+0xcd/0x490 [ 1379.942277][T26952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.942301][T26952] RIP: 0033:0x7feab158e929 [ 1379.942321][T26952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1379.942346][T26952] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1379.942369][T26952] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1379.942387][T26952] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1379.942401][T26952] RBP: 00007feab1610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1379.942415][T26952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1379.942431][T26952] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1379.942456][T26952] [ 1379.942479][T26952] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1381.607245][T26965] can: request_module (can-proto-0) failed. [ 1382.324977][T26976] FAULT_INJECTION: forcing a failure. [ 1382.324977][T26976] name failslab, interval 1, probability 0, space 0, times 0 [ 1382.337755][T26976] CPU: 1 UID: 0 PID: 26976 Comm: syz.3.5203 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1382.337795][T26976] Tainted: [U]=USER [ 1382.337804][T26976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1382.337819][T26976] Call Trace: [ 1382.337827][T26976] [ 1382.337837][T26976] dump_stack_lvl+0x16c/0x1f0 [ 1382.337875][T26976] should_fail_ex+0x512/0x640 [ 1382.337912][T26976] should_failslab+0xc2/0x120 [ 1382.337943][T26976] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1382.337976][T26976] ? rcu_is_watching+0x12/0xc0 [ 1382.338002][T26976] ? alloc_pipe_info+0x10e/0x590 [ 1382.338026][T26976] alloc_pipe_info+0x10e/0x590 [ 1382.338050][T26976] splice_direct_to_actor+0x77d/0xa30 [ 1382.338083][T26976] ? __pfx_direct_splice_actor+0x10/0x10 [ 1382.338117][T26976] ? __pfx_aa_file_perm+0x10/0x10 [ 1382.338151][T26976] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1382.338182][T26976] ? lock_release+0x201/0x2f0 [ 1382.338216][T26976] do_splice_direct+0x174/0x240 [ 1382.338248][T26976] ? __pfx_do_splice_direct+0x10/0x10 [ 1382.338279][T26976] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1382.338311][T26976] ? bpf_lsm_file_permission+0x9/0x10 [ 1382.338338][T26976] ? security_file_permission+0x71/0x210 [ 1382.338371][T26976] ? rw_verify_area+0xcf/0x680 [ 1382.338404][T26976] do_sendfile+0xb06/0xe50 [ 1382.338439][T26976] ? __pfx_do_sendfile+0x10/0x10 [ 1382.338470][T26976] ? __fget_files+0x20e/0x3c0 [ 1382.338507][T26976] __x64_sys_sendfile64+0x1d8/0x220 [ 1382.338531][T26976] ? ksys_write+0x1ac/0x250 [ 1382.338564][T26976] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1382.338593][T26976] do_syscall_64+0xcd/0x490 [ 1382.338629][T26976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1382.338654][T26976] RIP: 0033:0x7feab158e929 [ 1382.338673][T26976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1382.338697][T26976] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1382.338722][T26976] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1382.338739][T26976] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 1382.338755][T26976] RBP: 00007feab23b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1382.338771][T26976] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000001 [ 1382.338787][T26976] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1382.338812][T26976] [ 1385.847523][T27017] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5211'. [ 1385.888330][T27017] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5211'. [ 1386.008387][T27017] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5211'. [ 1386.040195][T27017] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5211'. [ 1386.105204][T27017] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5211'. [ 1386.257970][T27017] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 1386.680694][T27020] FAULT_INJECTION: forcing a failure. [ 1386.680694][T27020] name failslab, interval 1, probability 0, space 0, times 0 [ 1386.739854][T27020] CPU: 1 UID: 0 PID: 27020 Comm: syz.1.5212 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1386.739892][T27020] Tainted: [U]=USER [ 1386.739900][T27020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1386.739913][T27020] Call Trace: [ 1386.739922][T27020] [ 1386.739932][T27020] dump_stack_lvl+0x16c/0x1f0 [ 1386.739972][T27020] should_fail_ex+0x512/0x640 [ 1386.740009][T27020] should_failslab+0xc2/0x120 [ 1386.740034][T27020] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1386.740069][T27020] ? __pfx___vma_enter_locked+0x10/0x10 [ 1386.740102][T27020] ? vm_area_dup+0x27/0x8d0 [ 1386.740134][T27020] vm_area_dup+0x27/0x8d0 [ 1386.740166][T27020] dup_mmap+0x877/0x21d0 [ 1386.740201][T27020] ? __pfx_dup_mmap+0x10/0x10 [ 1386.740229][T27020] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1386.740265][T27020] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1386.740299][T27020] ? __pfx___might_resched+0x10/0x10 [ 1386.740326][T27020] ? mm_init+0xd68/0x13f0 [ 1386.740354][T27020] copy_process+0x4081/0x76a0 [ 1386.740383][T27020] ? preempt_schedule_thunk+0x16/0x30 [ 1386.740420][T27020] ? __pfx_copy_process+0x10/0x10 [ 1386.740447][T27020] ? plist_check_head+0xa3/0x150 [ 1386.740475][T27020] ? futex_wake+0x456/0x530 [ 1386.740510][T27020] ? futex_private_hash_put+0xc7/0x240 [ 1386.740541][T27020] kernel_clone+0xfc/0x960 [ 1386.740570][T27020] ? __pfx_futex_wake+0x10/0x10 [ 1386.740609][T27020] ? __pfx_kernel_clone+0x10/0x10 [ 1386.740638][T27020] ? __pfx_vfs_writev+0x10/0x10 [ 1386.740678][T27020] __do_sys_clone+0xce/0x120 [ 1386.740708][T27020] ? __pfx___do_sys_clone+0x10/0x10 [ 1386.740745][T27020] ? xfd_validate_state+0x61/0x180 [ 1386.740776][T27020] ? __pfx_do_writev+0x10/0x10 [ 1386.740811][T27020] do_syscall_64+0xcd/0x490 [ 1386.740847][T27020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1386.740872][T27020] RIP: 0033:0x7f399138e929 [ 1386.740891][T27020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1386.740915][T27020] RSP: 002b:00007f398f1f5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1386.740939][T27020] RAX: ffffffffffffffda RBX: 00007f39915b5fa0 RCX: 00007f399138e929 [ 1386.740957][T27020] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1386.740972][T27020] RBP: 00007f3991410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1386.740988][T27020] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1386.741003][T27020] R13: 0000000000000000 R14: 00007f39915b5fa0 R15: 00007ffd91261538 [ 1386.741027][T27020] [ 1388.095271][T27032] base_sock_release(ffff888049ee5a00) sk=ffff88805a098000 [ 1388.907313][T27065] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1389.081227][T27065] CPU: 1 UID: 0 PID: 27065 Comm: syz.2.5224 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1389.081274][T27065] Tainted: [U]=USER [ 1389.081284][T27065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1389.081298][T27065] Call Trace: [ 1389.081306][T27065] [ 1389.081315][T27065] dump_stack_lvl+0x16c/0x1f0 [ 1389.081357][T27065] sysfs_warn_dup+0x7f/0xa0 [ 1389.081392][T27065] sysfs_create_dir_ns+0x24b/0x2b0 [ 1389.081427][T27065] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1389.081468][T27065] ? kobject_add_internal+0x25b/0x9b0 [ 1389.081495][T27065] ? lock_release+0x201/0x2f0 [ 1389.081530][T27065] ? nfs_netns_namespace+0xd/0x40 [ 1389.081558][T27065] kobject_add_internal+0x2c4/0x9b0 [ 1389.081585][T27065] kobject_init_and_add+0x11b/0x190 [ 1389.081611][T27065] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1389.081646][T27065] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1389.081677][T27065] nfs_net_init+0x10a/0x340 [ 1389.081707][T27065] ? __pfx_nfs_net_init+0x10/0x10 [ 1389.081737][T27065] ops_init+0x1df/0x5f0 [ 1389.081762][T27065] setup_net+0x1ff/0x510 [ 1389.081785][T27065] ? lockdep_init_map_type+0x5c/0x280 [ 1389.081820][T27065] ? __pfx_setup_net+0x10/0x10 [ 1389.081842][T27065] ? __raw_spin_lock_init+0x3a/0x110 [ 1389.081881][T27065] ? debug_mutex_init+0x37/0x70 [ 1389.081908][T27065] copy_net_ns+0x2a6/0x5f0 [ 1389.081935][T27065] create_new_namespaces+0x3ea/0xa90 [ 1389.081968][T27065] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1389.081998][T27065] ksys_unshare+0x45b/0xa40 [ 1389.082032][T27065] ? __pfx_ksys_unshare+0x10/0x10 [ 1389.082066][T27065] ? xfd_validate_state+0x61/0x180 [ 1389.082105][T27065] __x64_sys_unshare+0x31/0x40 [ 1389.082138][T27065] do_syscall_64+0xcd/0x490 [ 1389.082176][T27065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1389.082201][T27065] RIP: 0033:0x7f367bf8e929 [ 1389.082222][T27065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1389.082247][T27065] RSP: 002b:00007f367ce70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1389.082274][T27065] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1389.082294][T27065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1389.082308][T27065] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1389.082324][T27065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1389.082340][T27065] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1389.082366][T27065] [ 1389.082388][T27065] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1390.642236][T27097] FAULT_INJECTION: forcing a failure. [ 1390.642236][T27097] name failslab, interval 1, probability 0, space 0, times 0 [ 1390.664414][T27097] CPU: 0 UID: 0 PID: 27097 Comm: syz.3.5232 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1390.664456][T27097] Tainted: [U]=USER [ 1390.664465][T27097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1390.664478][T27097] Call Trace: [ 1390.664487][T27097] [ 1390.664496][T27097] dump_stack_lvl+0x16c/0x1f0 [ 1390.664535][T27097] should_fail_ex+0x512/0x640 [ 1390.664572][T27097] should_failslab+0xc2/0x120 [ 1390.664596][T27097] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1390.664633][T27097] ? skb_clone+0x190/0x3f0 [ 1390.664669][T27097] skb_clone+0x190/0x3f0 [ 1390.664703][T27097] netlink_deliver_tap+0xabd/0xd30 [ 1390.664729][T27097] netlink_unicast+0x5df/0x7f0 [ 1390.664756][T27097] ? __pfx_netlink_unicast+0x10/0x10 [ 1390.664786][T27097] netlink_sendmsg+0x8d1/0xdd0 [ 1390.664813][T27097] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1390.664844][T27097] ____sys_sendmsg+0xa98/0xc70 [ 1390.664871][T27097] ? copy_msghdr_from_user+0x10a/0x160 [ 1390.664903][T27097] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1390.664926][T27097] ? __pfx_kstrtouint+0x10/0x10 [ 1390.664957][T27097] ? kstrtouint_from_user+0x13c/0x1d0 [ 1390.664988][T27097] ___sys_sendmsg+0x134/0x1d0 [ 1390.665023][T27097] ? __pfx____sys_sendmsg+0x10/0x10 [ 1390.665069][T27097] ? rcu_is_watching+0x12/0xc0 [ 1390.665106][T27097] __sys_sendmsg+0x16d/0x220 [ 1390.665139][T27097] ? __pfx___sys_sendmsg+0x10/0x10 [ 1390.665183][T27097] do_syscall_64+0xcd/0x490 [ 1390.665218][T27097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1390.665242][T27097] RIP: 0033:0x7feab158e929 [ 1390.665261][T27097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1390.665285][T27097] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1390.665310][T27097] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1390.665328][T27097] RDX: 0000000000000004 RSI: 000020000000ca40 RDI: 0000000000000003 [ 1390.665343][T27097] RBP: 00007feab23b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1390.665359][T27097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1390.665374][T27097] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1390.665398][T27097] [ 1390.905868][T27093] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5231'. [ 1391.575427][T27114] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83 [ 1391.623768][T27115] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5237'. [ 1392.364357][T27136] netlink: 'syz.2.5241': attribute type 2 has an invalid length. [ 1392.581500][T27147] netlink: 206 bytes leftover after parsing attributes in process `syz.2.5243'. [ 1392.995369][T27152] caif:caif_disconnect_client(): nothing to disconnect [ 1393.119843][T27163] FAULT_INJECTION: forcing a failure. [ 1393.119843][T27163] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1393.155264][T27163] CPU: 1 UID: 0 PID: 27163 Comm: syz.4.5247 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1393.155304][T27163] Tainted: [U]=USER [ 1393.155309][T27163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1393.155318][T27163] Call Trace: [ 1393.155323][T27163] [ 1393.155328][T27163] dump_stack_lvl+0x16c/0x1f0 [ 1393.155353][T27163] should_fail_ex+0x512/0x640 [ 1393.155375][T27163] _copy_from_iter+0x29f/0x16f0 [ 1393.155398][T27163] ? __alloc_skb+0x200/0x380 [ 1393.155418][T27163] ? __pfx__copy_from_iter+0x10/0x10 [ 1393.155440][T27163] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1393.155460][T27163] netlink_sendmsg+0x829/0xdd0 [ 1393.155486][T27163] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1393.155513][T27163] ____sys_sendmsg+0xa98/0xc70 [ 1393.155536][T27163] ? copy_msghdr_from_user+0x10a/0x160 [ 1393.155555][T27163] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1393.155569][T27163] ? __pfx_kstrtouint+0x10/0x10 [ 1393.155593][T27163] ? kstrtouint_from_user+0x13c/0x1d0 [ 1393.155611][T27163] ___sys_sendmsg+0x134/0x1d0 [ 1393.155631][T27163] ? __pfx____sys_sendmsg+0x10/0x10 [ 1393.155654][T27163] ? rcu_is_watching+0x12/0xc0 [ 1393.155678][T27163] __sys_sendmsg+0x16d/0x220 [ 1393.155698][T27163] ? __pfx___sys_sendmsg+0x10/0x10 [ 1393.155723][T27163] do_syscall_64+0xcd/0x490 [ 1393.155750][T27163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.155765][T27163] RIP: 0033:0x7f9ef9b8e929 [ 1393.155776][T27163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.155789][T27163] RSP: 002b:00007f9efaabe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1393.155803][T27163] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1393.155812][T27163] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000003 [ 1393.155821][T27163] RBP: 00007f9efaabe090 R08: 0000000000000000 R09: 0000000000000000 [ 1393.155834][T27163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1393.155842][T27163] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1393.155855][T27163] [ 1393.368162][ C1] vkms_vblank_simulate: vblank timer overrun [ 1393.466735][T27167] FAULT_INJECTION: forcing a failure. [ 1393.466735][T27167] name failslab, interval 1, probability 0, space 0, times 0 [ 1393.479444][T27167] CPU: 1 UID: 0 PID: 27167 Comm: syz.3.5248 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1393.479467][T27167] Tainted: [U]=USER [ 1393.479472][T27167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1393.479481][T27167] Call Trace: [ 1393.479486][T27167] [ 1393.479491][T27167] dump_stack_lvl+0x16c/0x1f0 [ 1393.479518][T27167] should_fail_ex+0x512/0x640 [ 1393.479539][T27167] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1393.479560][T27167] should_failslab+0xc2/0x120 [ 1393.479574][T27167] __kmalloc_noprof+0xd2/0x510 [ 1393.479597][T27167] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1393.479617][T27167] ? tomoyo_profile+0x47/0x60 [ 1393.479631][T27167] tomoyo_path_number_perm+0x245/0x580 [ 1393.479647][T27167] ? tomoyo_path_number_perm+0x237/0x580 [ 1393.479664][T27167] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1393.479683][T27167] ? preempt_count_add+0x76/0x150 [ 1393.479709][T27167] ? rcu_is_watching+0x12/0xc0 [ 1393.479730][T27167] ? __fget_files+0x204/0x3c0 [ 1393.479750][T27167] ? hook_file_ioctl_common+0x145/0x410 [ 1393.479765][T27167] ? lock_release+0x201/0x2f0 [ 1393.479784][T27167] ? __fget_files+0x20e/0x3c0 [ 1393.479803][T27167] security_file_ioctl+0x9b/0x240 [ 1393.479821][T27167] __x64_sys_ioctl+0xb7/0x210 [ 1393.479838][T27167] do_syscall_64+0xcd/0x490 [ 1393.479859][T27167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.479874][T27167] RIP: 0033:0x7feab158e929 [ 1393.479885][T27167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.479898][T27167] RSP: 002b:00007feab2392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1393.479912][T27167] RAX: ffffffffffffffda RBX: 00007feab17b6080 RCX: 00007feab158e929 [ 1393.479921][T27167] RDX: 0000000000000000 RSI: 0000000000005412 RDI: 0000000000000003 [ 1393.479930][T27167] RBP: 00007feab2392090 R08: 0000000000000000 R09: 0000000000000000 [ 1393.479938][T27167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1393.479946][T27167] R13: 0000000000000000 R14: 00007feab17b6080 R15: 00007ffef4e1a288 [ 1393.479959][T27167] [ 1393.479965][T27167] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1393.638899][ C1] vkms_vblank_simulate: vblank timer overrun [ 1393.836326][T27170] FAULT_INJECTION: forcing a failure. [ 1393.836326][T27170] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1393.936105][T27170] CPU: 1 UID: 0 PID: 27170 Comm: syz.4.5249 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1393.936135][T27170] Tainted: [U]=USER [ 1393.936140][T27170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1393.936149][T27170] Call Trace: [ 1393.936154][T27170] [ 1393.936160][T27170] dump_stack_lvl+0x16c/0x1f0 [ 1393.936185][T27170] should_fail_ex+0x512/0x640 [ 1393.936207][T27170] _copy_from_user+0x2e/0xd0 [ 1393.936221][T27170] move_addr_to_kernel+0x65/0x170 [ 1393.936238][T27170] __sys_connect+0xb1/0x160 [ 1393.936255][T27170] ? __pfx___sys_connect+0x10/0x10 [ 1393.936275][T27170] ? __pfx_ksys_write+0x10/0x10 [ 1393.936297][T27170] __x64_sys_connect+0x72/0xb0 [ 1393.936314][T27170] do_syscall_64+0xcd/0x490 [ 1393.936335][T27170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.936350][T27170] RIP: 0033:0x7f9ef9b8e929 [ 1393.936361][T27170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.936374][T27170] RSP: 002b:00007f9efaabe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1393.936388][T27170] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1393.936398][T27170] RDX: 0000000000000056 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1393.936407][T27170] RBP: 00007f9efaabe090 R08: 0000000000000000 R09: 0000000000000000 [ 1393.936416][T27170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1393.936424][T27170] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1393.936437][T27170] [ 1394.095978][ C1] vkms_vblank_simulate: vblank timer overrun [ 1394.240749][T27175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5252'. [ 1394.415986][T27181] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5253'. [ 1395.643606][T27207] can: request_module (can-proto-0) failed. [ 1395.679376][T27213] FAULT_INJECTION: forcing a failure. [ 1395.679376][T27213] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1395.750567][T27213] CPU: 0 UID: 0 PID: 27213 Comm: syz.4.5259 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1395.750603][T27213] Tainted: [U]=USER [ 1395.750610][T27213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1395.750623][T27213] Call Trace: [ 1395.750631][T27213] [ 1395.750640][T27213] dump_stack_lvl+0x16c/0x1f0 [ 1395.750680][T27213] should_fail_ex+0x512/0x640 [ 1395.750715][T27213] _copy_from_user+0x2e/0xd0 [ 1395.750738][T27213] copy_msghdr_from_user+0x98/0x160 [ 1395.750770][T27213] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1395.750802][T27213] ? __pfx_kstrtouint+0x10/0x10 [ 1395.750834][T27213] ? kstrtouint_from_user+0x13c/0x1d0 [ 1395.750864][T27213] ___sys_sendmsg+0xfe/0x1d0 [ 1395.750898][T27213] ? __pfx____sys_sendmsg+0x10/0x10 [ 1395.750937][T27213] ? rcu_is_watching+0x12/0xc0 [ 1395.750973][T27213] __sys_sendmsg+0x16d/0x220 [ 1395.751008][T27213] ? __pfx___sys_sendmsg+0x10/0x10 [ 1395.751052][T27213] do_syscall_64+0xcd/0x490 [ 1395.751088][T27213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1395.751111][T27213] RIP: 0033:0x7f9ef9b8e929 [ 1395.751130][T27213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1395.751153][T27213] RSP: 002b:00007f9efaabe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1395.751176][T27213] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1395.751193][T27213] RDX: 0000000000004000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1395.751208][T27213] RBP: 00007f9efaabe090 R08: 0000000000000000 R09: 0000000000000000 [ 1395.751222][T27213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1395.751236][T27213] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1395.751258][T27213] [ 1396.064994][T27222] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5263'. [ 1396.227545][T27227] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1396.268272][T27227] CPU: 1 UID: 0 PID: 27227 Comm: syz.4.5264 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1396.268320][T27227] Tainted: [U]=USER [ 1396.268329][T27227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1396.268344][T27227] Call Trace: [ 1396.268353][T27227] [ 1396.268364][T27227] dump_stack_lvl+0x16c/0x1f0 [ 1396.268407][T27227] sysfs_warn_dup+0x7f/0xa0 [ 1396.268443][T27227] sysfs_create_dir_ns+0x24b/0x2b0 [ 1396.268486][T27227] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1396.268525][T27227] ? kobject_add_internal+0x25b/0x9b0 [ 1396.268552][T27227] ? lock_release+0x201/0x2f0 [ 1396.268595][T27227] ? nfs_netns_namespace+0xd/0x40 [ 1396.268625][T27227] kobject_add_internal+0x2c4/0x9b0 [ 1396.268655][T27227] kobject_init_and_add+0x11b/0x190 [ 1396.268682][T27227] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1396.268717][T27227] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1396.268746][T27227] nfs_net_init+0x10a/0x340 [ 1396.268778][T27227] ? __pfx_nfs_net_init+0x10/0x10 [ 1396.268809][T27227] ops_init+0x1df/0x5f0 [ 1396.268834][T27227] setup_net+0x1ff/0x510 [ 1396.268856][T27227] ? lockdep_init_map_type+0x5c/0x280 [ 1396.268890][T27227] ? __pfx_setup_net+0x10/0x10 [ 1396.268912][T27227] ? __raw_spin_lock_init+0x3a/0x110 [ 1396.268950][T27227] ? debug_mutex_init+0x37/0x70 [ 1396.268978][T27227] copy_net_ns+0x2a6/0x5f0 [ 1396.269005][T27227] create_new_namespaces+0x3ea/0xa90 [ 1396.269037][T27227] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1396.269068][T27227] ksys_unshare+0x45b/0xa40 [ 1396.269109][T27227] ? __pfx_ksys_unshare+0x10/0x10 [ 1396.269145][T27227] ? xfd_validate_state+0x61/0x180 [ 1396.269183][T27227] __x64_sys_unshare+0x31/0x40 [ 1396.269216][T27227] do_syscall_64+0xcd/0x490 [ 1396.269254][T27227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1396.269281][T27227] RIP: 0033:0x7f9ef9b8e929 [ 1396.269301][T27227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1396.269327][T27227] RSP: 002b:00007f9efaabe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1396.269353][T27227] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1396.269371][T27227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1396.269387][T27227] RBP: 00007f9ef9c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1396.269403][T27227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1396.269418][T27227] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1396.269443][T27227] [ 1396.269520][T27227] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1397.938743][T27248] can: request_module (can-proto-0) failed. [ 1398.136599][T27262] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5271'. [ 1398.419355][T27262] team0: Port device team_slave_0 removed [ 1398.610642][T27276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5273'. [ 1398.758965][T27271] FAULT_INJECTION: forcing a failure. [ 1398.758965][T27271] name failslab, interval 1, probability 0, space 0, times 0 [ 1398.791920][T27271] CPU: 1 UID: 0 PID: 27271 Comm: syz.1.5272 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1398.791961][T27271] Tainted: [U]=USER [ 1398.791969][T27271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1398.791983][T27271] Call Trace: [ 1398.791991][T27271] [ 1398.792000][T27271] dump_stack_lvl+0x16c/0x1f0 [ 1398.792040][T27271] should_fail_ex+0x512/0x640 [ 1398.792077][T27271] should_failslab+0xc2/0x120 [ 1398.792101][T27271] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1398.792135][T27271] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1398.792172][T27271] ? ptlock_alloc+0x1f/0x70 [ 1398.792203][T27271] ptlock_alloc+0x1f/0x70 [ 1398.792233][T27271] pte_alloc_one+0x82/0x3a0 [ 1398.792256][T27271] __pte_alloc+0x6d/0x3c0 [ 1398.792279][T27271] ? __pfx___pte_alloc+0x10/0x10 [ 1398.792303][T27271] ? __pfx___might_resched+0x10/0x10 [ 1398.792329][T27271] ? lock_release+0x201/0x2f0 [ 1398.792360][T27271] copy_page_range+0x1aed/0x5740 [ 1398.792408][T27271] ? __pfx_copy_page_range+0x10/0x10 [ 1398.792439][T27271] ? mas_store+0x7a9/0x1160 [ 1398.792461][T27271] ? rcu_is_watching+0x12/0xc0 [ 1398.792488][T27271] ? __pfx___might_resched+0x10/0x10 [ 1398.792512][T27271] ? __vma_enter_locked+0x163/0x3f0 [ 1398.792545][T27271] ? lock_release+0x201/0x2f0 [ 1398.792582][T27271] ? down_write+0x14d/0x200 [ 1398.792606][T27271] ? up_write+0x1b2/0x520 [ 1398.792641][T27271] dup_mmap+0xe88/0x21d0 [ 1398.792675][T27271] ? __pfx_dup_mmap+0x10/0x10 [ 1398.792703][T27271] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1398.792740][T27271] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1398.792774][T27271] ? __pfx___might_resched+0x10/0x10 [ 1398.792800][T27271] ? mm_init+0xd68/0x13f0 [ 1398.792828][T27271] copy_process+0x4081/0x76a0 [ 1398.792857][T27271] ? __pfx___futex_wait+0x10/0x10 [ 1398.792896][T27271] ? __pfx_copy_process+0x10/0x10 [ 1398.792925][T27271] ? lock_release+0x201/0x2f0 [ 1398.792960][T27271] kernel_clone+0xfc/0x960 [ 1398.792989][T27271] ? __pfx_kernel_clone+0x10/0x10 [ 1398.793026][T27271] __do_sys_clone+0xce/0x120 [ 1398.793055][T27271] ? __pfx___do_sys_clone+0x10/0x10 [ 1398.793091][T27271] ? xfd_validate_state+0x61/0x180 [ 1398.793122][T27271] ? __pfx_do_writev+0x10/0x10 [ 1398.793157][T27271] do_syscall_64+0xcd/0x490 [ 1398.793193][T27271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.793217][T27271] RIP: 0033:0x7f399138e929 [ 1398.793236][T27271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1398.793259][T27271] RSP: 002b:00007f398f1f5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1398.793282][T27271] RAX: ffffffffffffffda RBX: 00007f39915b5fa0 RCX: 00007f399138e929 [ 1398.793299][T27271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1398.793313][T27271] RBP: 00007f3991410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1398.793329][T27271] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1398.793344][T27271] R13: 0000000000000000 R14: 00007f39915b5fa0 R15: 00007ffd91261538 [ 1398.793367][T27271] [ 1400.032287][T27306] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5280'. [ 1401.579999][T27349] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5290'. [ 1401.652422][T27339] FAULT_INJECTION: forcing a failure. [ 1401.652422][T27339] name failslab, interval 1, probability 0, space 0, times 0 [ 1401.735220][T27339] CPU: 0 UID: 0 PID: 27339 Comm: syz.4.5286 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1401.735262][T27339] Tainted: [U]=USER [ 1401.735270][T27339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1401.735286][T27339] Call Trace: [ 1401.735294][T27339] [ 1401.735303][T27339] dump_stack_lvl+0x16c/0x1f0 [ 1401.735342][T27339] should_fail_ex+0x512/0x640 [ 1401.735379][T27339] should_failslab+0xc2/0x120 [ 1401.735402][T27339] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1401.735436][T27339] ? print_track+0x11/0x50 [ 1401.735461][T27339] ? anon_vma_fork+0x200/0x620 [ 1401.735493][T27339] anon_vma_fork+0x200/0x620 [ 1401.735524][T27339] dup_mmap+0x152e/0x21d0 [ 1401.735557][T27339] ? __pfx_dup_mmap+0x10/0x10 [ 1401.735583][T27339] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1401.735621][T27339] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1401.735655][T27339] ? __pfx___might_resched+0x10/0x10 [ 1401.735681][T27339] ? mm_init+0xd68/0x13f0 [ 1401.735710][T27339] copy_process+0x4081/0x76a0 [ 1401.735736][T27339] ? __pfx___futex_wait+0x10/0x10 [ 1401.735775][T27339] ? __pfx_copy_process+0x10/0x10 [ 1401.735803][T27339] ? lock_release+0x201/0x2f0 [ 1401.735839][T27339] kernel_clone+0xfc/0x960 [ 1401.735868][T27339] ? __pfx_kernel_clone+0x10/0x10 [ 1401.735907][T27339] __do_sys_clone+0xce/0x120 [ 1401.735936][T27339] ? __pfx___do_sys_clone+0x10/0x10 [ 1401.735973][T27339] ? xfd_validate_state+0x61/0x180 [ 1401.736012][T27339] ? __pfx_do_writev+0x10/0x10 [ 1401.736048][T27339] do_syscall_64+0xcd/0x490 [ 1401.736085][T27339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1401.736109][T27339] RIP: 0033:0x7f9ef9b8e929 [ 1401.736129][T27339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1401.736151][T27339] RSP: 002b:00007f9efaabdfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1401.736175][T27339] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1401.736192][T27339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1401.736207][T27339] RBP: 00007f9ef9c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1401.736222][T27339] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1401.736238][T27339] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1401.736261][T27339] [ 1403.076259][T27368] FAULT_INJECTION: forcing a failure. [ 1403.076259][T27368] name failslab, interval 1, probability 0, space 0, times 0 [ 1403.141596][T27368] CPU: 1 UID: 0 PID: 27368 Comm: syz.2.5297 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1403.141640][T27368] Tainted: [U]=USER [ 1403.141649][T27368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1403.141663][T27368] Call Trace: [ 1403.141671][T27368] [ 1403.141681][T27368] dump_stack_lvl+0x16c/0x1f0 [ 1403.141720][T27368] should_fail_ex+0x512/0x640 [ 1403.141758][T27368] ? netdev_rx_queue_set_rps_mask+0x55/0x3d0 [ 1403.141790][T27368] should_failslab+0xc2/0x120 [ 1403.141813][T27368] __kmalloc_noprof+0xd2/0x510 [ 1403.141851][T27368] netdev_rx_queue_set_rps_mask+0x55/0x3d0 [ 1403.141884][T27368] store_rps_map+0x154/0x190 [ 1403.141908][T27368] ? __pfx_store_rps_map+0x10/0x10 [ 1403.141933][T27368] ? sysfs_file_kobj+0xe4/0x290 [ 1403.141961][T27368] ? rcu_is_watching+0x12/0xc0 [ 1403.141987][T27368] ? __pfx_store_rps_map+0x10/0x10 [ 1403.142011][T27368] rx_queue_attr_store+0x53/0x80 [ 1403.142035][T27368] ? __pfx_rx_queue_attr_store+0x10/0x10 [ 1403.142059][T27368] sysfs_kf_write+0xf2/0x150 [ 1403.142088][T27368] kernfs_fop_write_iter+0x351/0x510 [ 1403.142114][T27368] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1403.142150][T27368] vfs_write+0x6c4/0x1150 [ 1403.142185][T27368] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1403.142212][T27368] ? __pfx___mutex_lock+0x10/0x10 [ 1403.142248][T27368] ? __pfx_vfs_write+0x10/0x10 [ 1403.142292][T27368] ksys_write+0x12a/0x250 [ 1403.142325][T27368] ? __pfx_ksys_write+0x10/0x10 [ 1403.142364][T27368] do_syscall_64+0xcd/0x490 [ 1403.142400][T27368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1403.142425][T27368] RIP: 0033:0x7f367bf8e929 [ 1403.142444][T27368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1403.142469][T27368] RSP: 002b:00007f367ce70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1403.142493][T27368] RAX: ffffffffffffffda RBX: 00007f367c1b5fa0 RCX: 00007f367bf8e929 [ 1403.142511][T27368] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 1403.142527][T27368] RBP: 00007f367ce70090 R08: 0000000000000000 R09: 0000000000000000 [ 1403.142544][T27368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1403.142559][T27368] R13: 0000000000000000 R14: 00007f367c1b5fa0 R15: 00007ffed3a666c8 [ 1403.142584][T27368] [ 1403.561073][T27379] can: request_module (can-proto-0) failed. [ 1404.954735][T27403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5304'. [ 1407.470099][T27465] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5317'. [ 1407.738062][T27469] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1407.758617][T27469] CPU: 1 UID: 0 PID: 27469 Comm: syz.4.5320 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1407.758662][T27469] Tainted: [U]=USER [ 1407.758670][T27469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1407.758684][T27469] Call Trace: [ 1407.758692][T27469] [ 1407.758702][T27469] dump_stack_lvl+0x16c/0x1f0 [ 1407.758744][T27469] sysfs_warn_dup+0x7f/0xa0 [ 1407.758777][T27469] sysfs_create_dir_ns+0x24b/0x2b0 [ 1407.758808][T27469] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1407.758840][T27469] ? kobject_add_internal+0x25b/0x9b0 [ 1407.758864][T27469] ? lock_release+0x201/0x2f0 [ 1407.758896][T27469] ? nfs_netns_namespace+0xd/0x40 [ 1407.758922][T27469] kobject_add_internal+0x2c4/0x9b0 [ 1407.758949][T27469] kobject_init_and_add+0x11b/0x190 [ 1407.758979][T27469] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1407.759013][T27469] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1407.759042][T27469] nfs_net_init+0x10a/0x340 [ 1407.759072][T27469] ? __pfx_nfs_net_init+0x10/0x10 [ 1407.759099][T27469] ops_init+0x1df/0x5f0 [ 1407.759123][T27469] setup_net+0x1ff/0x510 [ 1407.759143][T27469] ? lockdep_init_map_type+0x5c/0x280 [ 1407.759174][T27469] ? __pfx_setup_net+0x10/0x10 [ 1407.759195][T27469] ? __raw_spin_lock_init+0x3a/0x110 [ 1407.759230][T27469] ? debug_mutex_init+0x37/0x70 [ 1407.759262][T27469] copy_net_ns+0x2a6/0x5f0 [ 1407.759289][T27469] create_new_namespaces+0x3ea/0xa90 [ 1407.759320][T27469] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1407.759349][T27469] ksys_unshare+0x45b/0xa40 [ 1407.759380][T27469] ? __pfx_ksys_unshare+0x10/0x10 [ 1407.759411][T27469] ? xfd_validate_state+0x61/0x180 [ 1407.759447][T27469] __x64_sys_unshare+0x31/0x40 [ 1407.759478][T27469] do_syscall_64+0xcd/0x490 [ 1407.759520][T27469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1407.759548][T27469] RIP: 0033:0x7f9ef9b8e929 [ 1407.759567][T27469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1407.759594][T27469] RSP: 002b:00007f9efaabe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1407.759618][T27469] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1407.759636][T27469] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1407.759651][T27469] RBP: 00007f9ef9c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1407.759667][T27469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1407.759681][T27469] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1407.759705][T27469] [ 1407.759727][T27469] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1407.859826][T27478] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5323'. [ 1409.621967][T27509] kAFS: Invalid Command on /proc/fs/afs/cells file [ 1409.753950][T27513] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5331'. [ 1410.767692][T27547] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 1410.930205][T27547] CPU: 1 UID: 0 PID: 27547 Comm: syz.3.5339 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1410.930232][T27547] Tainted: [U]=USER [ 1410.930237][T27547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1410.930246][T27547] Call Trace: [ 1410.930251][T27547] [ 1410.930257][T27547] dump_stack_lvl+0x16c/0x1f0 [ 1410.930284][T27547] sysfs_warn_dup+0x7f/0xa0 [ 1410.930310][T27547] sysfs_create_dir_ns+0x24b/0x2b0 [ 1410.930331][T27547] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1410.930350][T27547] ? kobject_add_internal+0x25b/0x9b0 [ 1410.930365][T27547] ? lock_release+0x201/0x2f0 [ 1410.930384][T27547] ? nfs_netns_namespace+0xd/0x40 [ 1410.930400][T27547] kobject_add_internal+0x2c4/0x9b0 [ 1410.930415][T27547] kobject_init_and_add+0x11b/0x190 [ 1410.930429][T27547] ? __pfx_kobject_init_and_add+0x10/0x10 [ 1410.930448][T27547] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 1410.930471][T27547] nfs_net_init+0x10a/0x340 [ 1410.930489][T27547] ? __pfx_nfs_net_init+0x10/0x10 [ 1410.930507][T27547] ops_init+0x1df/0x5f0 [ 1410.930521][T27547] setup_net+0x1ff/0x510 [ 1410.930533][T27547] ? lockdep_init_map_type+0x5c/0x280 [ 1410.930552][T27547] ? __pfx_setup_net+0x10/0x10 [ 1410.930564][T27547] ? __raw_spin_lock_init+0x3a/0x110 [ 1410.930585][T27547] ? debug_mutex_init+0x37/0x70 [ 1410.930600][T27547] copy_net_ns+0x2a6/0x5f0 [ 1410.930615][T27547] create_new_namespaces+0x3ea/0xa90 [ 1410.930633][T27547] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1410.930650][T27547] ksys_unshare+0x45b/0xa40 [ 1410.930668][T27547] ? __pfx_ksys_unshare+0x10/0x10 [ 1410.930687][T27547] ? xfd_validate_state+0x61/0x180 [ 1410.930708][T27547] __x64_sys_unshare+0x31/0x40 [ 1410.930726][T27547] do_syscall_64+0xcd/0x490 [ 1410.930748][T27547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1410.930762][T27547] RIP: 0033:0x7feab158e929 [ 1410.930774][T27547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1410.930788][T27547] RSP: 002b:00007feab23b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1410.930803][T27547] RAX: ffffffffffffffda RBX: 00007feab17b5fa0 RCX: 00007feab158e929 [ 1410.930813][T27547] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1410.930822][T27547] RBP: 00007feab1610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1410.930831][T27547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1410.930839][T27547] R13: 0000000000000000 R14: 00007feab17b5fa0 R15: 00007ffef4e1a288 [ 1410.930852][T27547] [ 1410.933137][T27547] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 1411.357571][T27557] zram: Cannot change disksize for initialized device [ 1411.839539][T27566] FAULT_INJECTION: forcing a failure. [ 1411.839539][T27566] name failslab, interval 1, probability 0, space 0, times 0 [ 1411.852384][T27566] CPU: 0 UID: 0 PID: 27566 Comm: syz.2.5342 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1411.852427][T27566] Tainted: [U]=USER [ 1411.852437][T27566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1411.852453][T27566] Call Trace: [ 1411.852462][T27566] [ 1411.852472][T27566] dump_stack_lvl+0x16c/0x1f0 [ 1411.852516][T27566] should_fail_ex+0x512/0x640 [ 1411.852557][T27566] should_failslab+0xc2/0x120 [ 1411.852585][T27566] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1411.852621][T27566] ? fuse_dev_alloc+0x8e/0x280 [ 1411.852657][T27566] ? kasan_save_track+0x14/0x30 [ 1411.852695][T27566] fuse_dev_alloc+0x8e/0x280 [ 1411.852732][T27566] fuse_dev_alloc_install+0x13/0x40 [ 1411.852769][T27566] cuse_channel_open+0x100/0x7f0 [ 1411.852803][T27566] ? __pfx_cuse_channel_open+0x10/0x10 [ 1411.852838][T27566] misc_open+0x35a/0x420 [ 1411.852870][T27566] ? __pfx_misc_open+0x10/0x10 [ 1411.852901][T27566] chrdev_open+0x231/0x6a0 [ 1411.852924][T27566] ? __pfx_apparmor_file_open+0x10/0x10 [ 1411.852957][T27566] ? __pfx_chrdev_open+0x10/0x10 [ 1411.852982][T27566] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1411.853021][T27566] do_dentry_open+0x744/0x1c10 [ 1411.853058][T27566] ? __pfx_chrdev_open+0x10/0x10 [ 1411.853096][T27566] vfs_open+0x82/0x3f0 [ 1411.853127][T27566] path_openat+0x1de4/0x2cb0 [ 1411.853169][T27566] ? __pfx_path_openat+0x10/0x10 [ 1411.853209][T27566] do_filp_open+0x20b/0x470 [ 1411.853245][T27566] ? __pfx_do_filp_open+0x10/0x10 [ 1411.853292][T27566] ? alloc_fd+0x471/0x7d0 [ 1411.853331][T27566] do_sys_openat2+0x11b/0x1d0 [ 1411.853358][T27566] ? __pfx_do_sys_openat2+0x10/0x10 [ 1411.853393][T27566] __x64_sys_openat+0x174/0x210 [ 1411.853423][T27566] ? __pfx___x64_sys_openat+0x10/0x10 [ 1411.853459][T27566] do_syscall_64+0xcd/0x490 [ 1411.853498][T27566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1411.853524][T27566] RIP: 0033:0x7f367bf8e929 [ 1411.853545][T27566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1411.853573][T27566] RSP: 002b:00007f367ce4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1411.853599][T27566] RAX: ffffffffffffffda RBX: 00007f367c1b6080 RCX: 00007f367bf8e929 [ 1411.853618][T27566] RDX: 00000000001c5041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 1411.853636][T27566] RBP: 00007f367c010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1411.853654][T27566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1411.853669][T27566] R13: 0000000000000000 R14: 00007f367c1b6080 R15: 00007ffed3a666c8 [ 1411.853694][T27566] [ 1412.279394][T27561] caif:caif_disconnect_client(): nothing to disconnect [ 1412.751869][T27577] FAULT_INJECTION: forcing a failure. [ 1412.751869][T27577] name failslab, interval 1, probability 0, space 0, times 0 [ 1412.824535][T27577] CPU: 1 UID: 0 PID: 27577 Comm: syz.4.5346 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1412.824577][T27577] Tainted: [U]=USER [ 1412.824585][T27577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1412.824599][T27577] Call Trace: [ 1412.824606][T27577] [ 1412.824616][T27577] dump_stack_lvl+0x16c/0x1f0 [ 1412.824652][T27577] should_fail_ex+0x512/0x640 [ 1412.824687][T27577] ? kernfs_fop_write_iter+0x237/0x510 [ 1412.824712][T27577] should_failslab+0xc2/0x120 [ 1412.824736][T27577] __kmalloc_noprof+0xd2/0x510 [ 1412.824774][T27577] kernfs_fop_write_iter+0x237/0x510 [ 1412.824800][T27577] vfs_write+0x6c4/0x1150 [ 1412.824832][T27577] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1412.824858][T27577] ? __pfx___mutex_lock+0x10/0x10 [ 1412.824889][T27577] ? __pfx_vfs_write+0x10/0x10 [ 1412.824929][T27577] ksys_write+0x12a/0x250 [ 1412.824960][T27577] ? __pfx_ksys_write+0x10/0x10 [ 1412.824995][T27577] do_syscall_64+0xcd/0x490 [ 1412.825026][T27577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1412.825049][T27577] RIP: 0033:0x7f9ef9b8e929 [ 1412.825069][T27577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1412.825091][T27577] RSP: 002b:00007f9efaabe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1412.825112][T27577] RAX: ffffffffffffffda RBX: 00007f9ef9db5fa0 RCX: 00007f9ef9b8e929 [ 1412.825129][T27577] RDX: 0000000000000001 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 1412.825144][T27577] RBP: 00007f9efaabe090 R08: 0000000000000000 R09: 0000000000000000 [ 1412.825160][T27577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1412.825174][T27577] R13: 0000000000000000 R14: 00007f9ef9db5fa0 R15: 00007ffdde2d7898 [ 1412.825197][T27577] [ 1414.801543][T15490] Bluetooth: hci4: command 0x0406 tx timeout [ 1415.178370][T27619] tc_dump_action: action bad kind [ 1415.219627][T27624] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5358'. [ 1415.889474][T27636] ================================================================== [ 1415.897571][T27636] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340 [ 1415.905461][T27636] Read of size 8 at addr ffff888028ed6800 by task syz.4.5360/27636 [ 1415.913424][T27636] [ 1415.915740][T27636] CPU: 0 UID: 0 PID: 27636 Comm: syz.4.5360 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1415.915765][T27636] Tainted: [U]=USER [ 1415.915771][T27636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1415.915781][T27636] Call Trace: [ 1415.915788][T27636] [ 1415.915795][T27636] dump_stack_lvl+0x116/0x1f0 [ 1415.915821][T27636] print_report+0xcd/0x680 [ 1415.915836][T27636] ? __virt_addr_valid+0x81/0x610 [ 1415.915852][T27636] ? __phys_addr+0xe8/0x180 [ 1415.915867][T27636] ? force_devcd_write+0x312/0x340 [ 1415.915880][T27636] kasan_report+0xe0/0x110 [ 1415.915894][T27636] ? force_devcd_write+0x312/0x340 [ 1415.915909][T27636] force_devcd_write+0x312/0x340 [ 1415.915922][T27636] ? __pfx_force_devcd_write+0x10/0x10 [ 1415.915936][T27636] ? __debugfs_file_get+0x1fe/0x840 [ 1415.915951][T27636] ? __pfx___debugfs_file_get+0x10/0x10 [ 1415.915966][T27636] ? rcu_is_watching+0x12/0xc0 [ 1415.915987][T27636] full_proxy_write+0x13c/0x200 [ 1415.916002][T27636] ? __pfx_full_proxy_write+0x10/0x10 [ 1415.916016][T27636] vfs_write+0x29d/0x1150 [ 1415.916038][T27636] ? __pfx___mutex_lock+0x10/0x10 [ 1415.916060][T27636] ? __pfx_vfs_write+0x10/0x10 [ 1415.916079][T27636] ? __fget_files+0x204/0x3c0 [ 1415.916098][T27636] ? rcu_is_watching+0x12/0xc0 [ 1415.916113][T27636] ? __fget_files+0x20e/0x3c0 [ 1415.916134][T27636] ksys_write+0x12a/0x250 [ 1415.916154][T27636] ? __pfx_ksys_write+0x10/0x10 [ 1415.916176][T27636] do_syscall_64+0xcd/0x490 [ 1415.916198][T27636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1415.916213][T27636] RIP: 0033:0x7f9ef9b8e929 [ 1415.916226][T27636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1415.916239][T27636] RSP: 002b:00007f9efaa9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1415.916253][T27636] RAX: ffffffffffffffda RBX: 00007f9ef9db6080 RCX: 00007f9ef9b8e929 [ 1415.916263][T27636] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 1415.916272][T27636] RBP: 00007f9ef9c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1415.916280][T27636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1415.916289][T27636] R13: 0000000000000000 R14: 00007f9ef9db6080 R15: 00007ffdde2d7898 [ 1415.916303][T27636] [ 1415.916308][T27636] [ 1416.143797][T27636] Allocated by task 8643: [ 1416.148106][T27636] kasan_save_stack+0x33/0x60 [ 1416.152786][T27636] kasan_save_track+0x14/0x30 [ 1416.157459][T27636] __kasan_kmalloc+0xaa/0xb0 [ 1416.162041][T27636] __kmalloc_noprof+0x223/0x510 [ 1416.166883][T27636] ieee802_11_parse_elems_full+0x1d7/0x3780 [ 1416.172793][T27636] ieee80211_ibss_rx_queued_mgmt+0xc69/0x2fd0 [ 1416.178859][T27636] ieee80211_iface_work+0xbf4/0x1020 [ 1416.184137][T27636] cfg80211_wiphy_work+0x3dc/0x550 [ 1416.189244][T27636] process_one_work+0x9cf/0x1b70 [ 1416.194187][T27636] worker_thread+0x6c8/0xf10 [ 1416.198777][T27636] kthread+0x3c5/0x780 [ 1416.202839][T27636] ret_from_fork+0x5d4/0x6f0 [ 1416.207420][T27636] ret_from_fork_asm+0x1a/0x30 [ 1416.212171][T27636] [ 1416.214475][T27636] Freed by task 8643: [ 1416.218438][T27636] kasan_save_stack+0x33/0x60 [ 1416.223115][T27636] kasan_save_track+0x14/0x30 [ 1416.227782][T27636] kasan_save_free_info+0x3b/0x60 [ 1416.232900][T27636] __kasan_slab_free+0x51/0x70 [ 1416.237675][T27636] kfree+0x2b4/0x4d0 [ 1416.241578][T27636] ieee80211_ibss_rx_queued_mgmt+0x1a92/0x2fd0 [ 1416.247730][T27636] ieee80211_iface_work+0xbf4/0x1020 [ 1416.253006][T27636] cfg80211_wiphy_work+0x3dc/0x550 [ 1416.258106][T27636] process_one_work+0x9cf/0x1b70 [ 1416.263070][T27636] worker_thread+0x6c8/0xf10 [ 1416.267667][T27636] kthread+0x3c5/0x780 [ 1416.271735][T27636] ret_from_fork+0x5d4/0x6f0 [ 1416.276321][T27636] ret_from_fork_asm+0x1a/0x30 [ 1416.281114][T27636] [ 1416.283434][T27636] The buggy address belongs to the object at ffff888028ed6800 [ 1416.283434][T27636] which belongs to the cache kmalloc-1k of size 1024 [ 1416.297650][T27636] The buggy address is located 0 bytes inside of [ 1416.297650][T27636] freed 1024-byte region [ffff888028ed6800, ffff888028ed6c00) [ 1416.311358][T27636] [ 1416.313683][T27636] The buggy address belongs to the physical page: [ 1416.320099][T27636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28ed0 [ 1416.328844][T27636] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1416.337326][T27636] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1416.345286][T27636] page_type: f5(slab) [ 1416.349254][T27636] raw: 00fff00000000040 ffff88801b841dc0 0000000000000000 dead000000000001 [ 1416.357908][T27636] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1416.366474][T27636] head: 00fff00000000040 ffff88801b841dc0 0000000000000000 dead000000000001 [ 1416.375140][T27636] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1416.383815][T27636] head: 00fff00000000003 ffffea0000a3b401 00000000ffffffff 00000000ffffffff [ 1416.392570][T27636] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1416.401222][T27636] page dumped because: kasan: bad access detected [ 1416.407619][T27636] page_owner tracks the page as allocated [ 1416.413315][T27636] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 61, tgid 61 (kworker/u8:4), ts 90264002762, free_ts 90187638948 [ 1416.432665][T27636] post_alloc_hook+0x1c0/0x230 [ 1416.437435][T27636] get_page_from_freelist+0x1321/0x3890 [ 1416.443006][T27636] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1416.448906][T27636] alloc_pages_mpol+0x1fb/0x550 [ 1416.453747][T27636] new_slab+0x23b/0x330 [ 1416.457893][T27636] ___slab_alloc+0xd9c/0x1940 [ 1416.462562][T27636] __slab_alloc.constprop.0+0x56/0xb0 [ 1416.467930][T27636] __kmalloc_noprof+0x2f2/0x510 [ 1416.472779][T27636] ___neigh_create+0x14e6/0x28c0 [ 1416.477710][T27636] ip6_finish_output2+0x1299/0x2020 [ 1416.482894][T27636] ip6_finish_output+0x3f9/0x1360 [ 1416.487907][T27636] ip6_output+0x1f9/0x540 [ 1416.492221][T27636] ndisc_send_skb+0xa91/0x1e40 [ 1416.496970][T27636] ndisc_send_ns+0xc6/0x140 [ 1416.501462][T27636] addrconf_dad_work+0xbc1/0x14e0 [ 1416.506467][T27636] process_one_work+0x9cf/0x1b70 [ 1416.511399][T27636] page last free pid 5917 tgid 5917 stack trace: [ 1416.517782][T27636] __free_frozen_pages+0x7fe/0x1180 [ 1416.522989][T27636] __put_partials+0x16d/0x1c0 [ 1416.527665][T27636] qlist_free_all+0x4d/0x120 [ 1416.532245][T27636] kasan_quarantine_reduce+0x195/0x1e0 [ 1416.537697][T27636] __kasan_slab_alloc+0x69/0x90 [ 1416.542530][T27636] __kmalloc_cache_noprof+0x1f1/0x3e0 [ 1416.547892][T27636] nsim_fib_event_work+0x17f5/0x2e80 [ 1416.553220][T27636] process_one_work+0x9cf/0x1b70 [ 1416.558157][T27636] worker_thread+0x6c8/0xf10 [ 1416.562742][T27636] kthread+0x3c5/0x780 [ 1416.566798][T27636] ret_from_fork+0x5d4/0x6f0 [ 1416.571375][T27636] ret_from_fork_asm+0x1a/0x30 [ 1416.576135][T27636] [ 1416.578450][T27636] Memory state around the buggy address: [ 1416.584069][T27636] ffff888028ed6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1416.592141][T27636] ffff888028ed6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1416.600196][T27636] >ffff888028ed6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1416.608262][T27636] ^ [ 1416.612311][T27636] ffff888028ed6880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1416.620443][T27636] ffff888028ed6900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1416.628573][T27636] ================================================================== [ 1416.667401][T27636] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1416.674642][T27636] CPU: 0 UID: 0 PID: 27636 Comm: syz.4.5360 Tainted: G U 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 1416.688379][T27636] Tainted: [U]=USER [ 1416.692175][T27636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1416.702225][T27636] Call Trace: [ 1416.705500][T27636] [ 1416.708428][T27636] dump_stack_lvl+0x3d/0x1f0 [ 1416.713029][T27636] panic+0x71c/0x800 [ 1416.716932][T27636] ? __pfx_panic+0x10/0x10 [ 1416.721351][T27636] ? rcu_is_watching+0x12/0xc0 [ 1416.726111][T27636] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1416.732101][T27636] ? preempt_schedule_thunk+0x16/0x30 [ 1416.737485][T27636] ? force_devcd_write+0x312/0x340 [ 1416.742590][T27636] ? preempt_schedule_common+0x44/0xc0 [ 1416.748056][T27636] ? force_devcd_write+0x312/0x340 [ 1416.753165][T27636] check_panic_on_warn+0xab/0xb0 [ 1416.758112][T27636] end_report+0x107/0x170 [ 1416.762437][T27636] kasan_report+0xee/0x110 [ 1416.766852][T27636] ? force_devcd_write+0x312/0x340 [ 1416.771963][T27636] force_devcd_write+0x312/0x340 [ 1416.776895][T27636] ? __pfx_force_devcd_write+0x10/0x10 [ 1416.782352][T27636] ? __debugfs_file_get+0x1fe/0x840 [ 1416.787632][T27636] ? __pfx___debugfs_file_get+0x10/0x10 [ 1416.793180][T27636] ? rcu_is_watching+0x12/0xc0 [ 1416.798034][T27636] full_proxy_write+0x13c/0x200 [ 1416.802882][T27636] ? __pfx_full_proxy_write+0x10/0x10 [ 1416.808251][T27636] vfs_write+0x29d/0x1150 [ 1416.812586][T27636] ? __pfx___mutex_lock+0x10/0x10 [ 1416.817616][T27636] ? __pfx_vfs_write+0x10/0x10 [ 1416.822387][T27636] ? __fget_files+0x204/0x3c0 [ 1416.827089][T27636] ? rcu_is_watching+0x12/0xc0 [ 1416.831856][T27636] ? __fget_files+0x20e/0x3c0 [ 1416.836716][T27636] ksys_write+0x12a/0x250 [ 1416.841056][T27636] ? __pfx_ksys_write+0x10/0x10 [ 1416.845915][T27636] do_syscall_64+0xcd/0x490 [ 1416.850430][T27636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1416.856321][T27636] RIP: 0033:0x7f9ef9b8e929 [ 1416.860749][T27636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1416.880357][T27636] RSP: 002b:00007f9efaa9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1416.888772][T27636] RAX: ffffffffffffffda RBX: 00007f9ef9db6080 RCX: 00007f9ef9b8e929 [ 1416.896742][T27636] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 1416.904707][T27636] RBP: 00007f9ef9c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1416.912675][T27636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1416.920640][T27636] R13: 0000000000000000 R14: 00007f9ef9db6080 R15: 00007ffdde2d7898 [ 1416.928618][T27636] [ 1416.931751][T27636] Kernel Offset: disabled [ 1416.936069][T27636] Rebooting in 86400 seconds..