last executing test programs: 10.169431395s ago: executing program 2 (id=1374): mmap$auto(0x0, 0x4020009, 0x9, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ptywc\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r1 = mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) bind$auto(r1, &(0x7f0000000080)=@qipcrtr={0x2a, 0x0, 0xfffffffe}, 0x3) r2 = socket(0xa, 0x2, 0x73) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/sysname\x00', 0x145381, 0x0) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xc1}, 0x8, 0x4) symlink$auto(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x80000, 0x1f) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="08020000", @ANYRES16=0x0, @ANYBLOB="040025bd7000fedbdf251e000000ad00028097b52361536fe24409fb323c11b8007c5076a4f0738c201930c5b9b3800a18bded7a4bde3b1174039cdaeb541d5137a4afa33ab3cf790013b4caeb002233b34d6d1918d3f850c77a5e0a4b59c442c07f592637d4cd1f97d00e6547a92355c24edd84b0ec93da810593d9f3c508316b74739f00b1e2a03260bf48e7f66051d793e371e26a9b0e55ba5103fcc2887bae2635f2ee8f7c47bfd66f60af089a0ec5f8c8aab072096b018223cbf2c1582dd0a3908bc39e4b93b0b068e0cdcdedb1d8dcc32eb15500006700050003000900000064000180140002006d6163736563", @ANYRES32=0x0, @ANYBLOB="1400020069703665727370616e3000000000000014000200776c616e30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="1400020062617461647630000000000000000000b0000280aa00e280e5cc84a0b8d5414f9548b3c416c3ce2a43c34c60c8f5ce1df6b1292674076f261a73abfac64a406a4ee54ded0d7b94d98fb186cd7007cd6a1aa10604adafa142a500a6ccb8b29e1cc42be9113ab112e8c5cf73e05adc2a5e23d2c4cc188eda6ebb90bc5c5b737cafac01cd12d8ed51131f05d354521470d67fab3bc7391eeff7c1d83ae3d46470c92cb9ee19390aa6f3b225b5704a812ef939f3040010800400ec8004001d80000028000180080003000000010008000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f3000000000"], 0x208}, 0x1, 0x0, 0x0, 0x20000010}, 0x80c4) getsockname$auto(0x3, 0x0, &(0x7f0000000d40)=0x4) 9.09921075s ago: executing program 0 (id=1380): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40007, 0x1000000005, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket(0x23, 0xa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000005, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x28800, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) 8.989774656s ago: executing program 3 (id=1382): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000fbdbdf25020000000800", @ANYRES32, @ANYBLOB='\b'], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 8.741948052s ago: executing program 3 (id=1383): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40007, 0x1000000005, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x23, 0xa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) 8.220477435s ago: executing program 2 (id=1385): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) r0 = socket(0x29, 0x2, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) getpid() r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x110c230000, 0x1, 0x9) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_kbytes\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x7fffe000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x4) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), r0) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)={0x78c, r5, 0x200, 0x9, 0x25dfdbfd, {}, [@HWSIM_ATTR_PMSR_RESULT={0x764, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x760, 0x5, 0x0, 0x1, [{0x518, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x102, 0x1, "f2a19048cb9d02cc7947a74de51001320ad24b6bcef17bc4e0bb8c8dd93f4b6e3dd40e03d6ede008a257ae5e4f3e46f57e89d9f30b6bfd6a98ebd527fd7d80360b26a1e6a940e676ff2744b5109e509cae31e37d555e2a8086e678cfa31add7b82638f8af2976bdb31a615079dc5448cd63332b9b4a4e5f52b6529756a6fbe4ec4d0b91c41dc387f511c4db8b9a95556fc8ddc00f5c0c825e9a6b373c142f6cdb5d6a7b642e2f6ee88119bcc98a8423d0f3160f82f209f4745724900ae5f6cd7177ff0e6e85f47d6cecc051f6351b5a8e9ddcb0d4fbdfd646c85fadfa92176d90a6bb8b049d605a3f62b862e6adac2e012b3b42f8a450ed636d0af322529"}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffff0c36}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x2}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x5}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x91, 0x1, "33786f39502f7db8d26f02d629b078e50297e43a965b9935e8bd78f240c51254f50be25bbd8b84d78c31848817da9dd17128b54e0cf538e31611f93d95cd10f5b0dcef7cb6715f17f1cfe600f1d017a3409980293a3f73636301a46d1b25741e1018ae70101716f3ddf5ead101eeb0504791686b75c9afc3f0eeec6eb41530b79fe49bbc39e633c83a94d7f700"}, @NL80211_PMSR_PEER_ATTR_RESP={0x12c, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_DATA={0x128, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x28}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x2b, 0x14, '/sys/kernel/tracing/per_cpu/cpu1/trace\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0xc, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x79}]}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x8000000000000001}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x5, 0x14, '^'}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0xf}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0xd5d1}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x70}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x9a}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x4c7d}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0xc, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x7}]}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x5}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x2}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x9c, 0x1, "71ed965d3c917ba5207dd7c5dde8b3797bc01ba30fab97f0c36a53570bb1eca0a902412c7fe3829378dc6243773492841d09f08881ffd5d912176438f3d1b17153cf3686cd4a0baa99d08e205825a7101ea4ae02f46817086ad047a28079854d5121e4e88785f0904c658d31a36014f1f20429cae9ab8648831b8804cda57cacc18f8f1d888921bf6678d2d4cb42737b867e6b05c10f1ce4"}, @NL80211_PMSR_PEER_ATTR_RESP={0x7c, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0xffffffffffffffc0}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1000}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x560}, @NL80211_PMSR_RESP_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x8, 0x14, '#):\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x30}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x95, 0x1, "76d872e410eb3f63262322f9a6e8c1f888f3e92425117a52787aea50fffa34e7fbbe9a075a2a2bf8ea74ac76ada802083ec0c36a5d86123a3b82b2c51f0a44f59d48bba09cc24315ddf5188b2fda32b7a8937fa0f59f86195c89b8b5d0a2aa1036967a20831fc1b0f59142754bcf32d885f511d257366b3f4421fd169b0c39c91ff679fc21b659c282643cd09d501fee8c"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x57, 0x1, "46974a15aa48c9676f55a872d3e37b89cae23083999d36419c8d7645f7f88187d22ace63aab2ad38f3ac807d8cf7ca8353ab4d47296421e18a6d49ec22c8b257b7bcb76a5127fd9db7dfb0b22d18f75a3fdf29"}]}, {0x240, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x10000}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffa1}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x5}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xcf, 0x1, "438b01cf4c689c460dd69684dad881fa0ac00dd5ff3f4efcdc693d43e2fd7af20db2d790518bb5acba4b5a2761c814725bfd081903421d3cc9622f17fd73b6602247f5f90cd298009a0a4f8de27fb94e3159b9b1022551c43d5cb621d292d3595497eb6de3a72279dfbbcaa0691c5c1c56ae40bf276e531caf3d2323b96663f279570a419a285def0018787ebeeb962f33be594f7f655a0a7c121b2484d9d1a1d8ed316946805daaa8f6f469b2701f3511fd4bf9d72195dfc53f0c374e4cb04e94018f12f062fc02b4117d"}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x5}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xeab6}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa9, 0x1, "22ca9ad446eeecedbc86f65eda129e8ed22b81aee49485cee9cedf47b86c37afc7780026b2ba9f322b7c05aa508df1bd1db64ee17628044ba950d59cfea8e83470ed2aee818062ed8528bde634afe81630191e1e4deb7814f59f8ddcb3a049eff3c10c2d5049aeb1092cce7a95dc97145b56cb6aba5db5616e90c0736052b99f69e05ce9b169f9a456ae5294991b9b0cd7ab363aaf764c89d12d4f6196a766c9387ad39e26"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x71, 0x1, "82deaec6dbefc5ae133226fe8868f4610a6c9f088fbdb476831904041f4511eb5f59e9591515d89c23ea9382cc2c22773629468aad853213e94fe2b2783beae67d82ba645ac10f98d0780fd7be6157c5f2005a292db3ecf5eb2a486da28f6fa4ace1801674a80f89cf58d4e6bc"}]}, {0x4}]}]}, @HWSIM_ATTR_FLAGS={0x8, 0x4, 0x5}, @HWSIM_ATTR_FLAGS={0x8, 0x4, 0x7}, @HWSIM_ATTR_SUPPORT_P2P_DEVICE={0x4}]}, 0x78c}, 0x1, 0x0, 0x0, 0x8000001}, 0x4000080) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20000000020009, 0x7, 0xb5f6, r2, 0x8000) r6 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) pread64$auto(r6, 0x0, 0x100000009, 0xa4000000000002) madvise$auto(0x0, 0x20499d, 0x9) 7.766867445s ago: executing program 3 (id=1386): mq_open$auto(0x0, 0x8000dd1, 0xf, 0x0) mq_notify$auto(0x4, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 7.59027273s ago: executing program 3 (id=1387): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) socket(0x28, 0x2, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) select$auto(0x9, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x80280, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) prctl$auto_PR_SYS_DISPATCH_ON(0x7, 0x1, r1, 0x9, 0x6) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x48542, 0x0) read$auto_clk_dump_fops_(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKRRPART(r2, 0x125f, 0x0) 7.58609748s ago: executing program 0 (id=1395): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event2\x00', 0x250a82, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x11, &(0x7f00000001c0)={&(0x7f0000003180)={0x20, 0x0, 0x0, 0x70bd26, 0x8, {}, [@OVS_FLOW_ATTR_MASK={0xc, 0x7, 0x0, 0x1, [@generic="90cc6a523c03060e"]}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4008010) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r3, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) write$auto(r4, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) 6.483323279s ago: executing program 0 (id=1388): getsockopt$auto_SO_PEEK_OFF(0xffffffffffffffff, 0x8, 0x2a, 0x0, &(0x7f00000001c0)=0x6) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r2, 0x0, 0x10a, 0x6, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) socket(0x2a, 0x2, 0x88) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0) r5 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, 0x0, 0x101000, 0x0) listen$auto(r5, 0x5) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0) socket(0x2, 0x1, 0x0) read$auto_rng_chrdev_ops_core(r1, 0x0, 0x0) mmap$auto(0xfffffffffffffffc, 0x8, 0x8, 0x7fffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x3ff, 0x0) setfsgid$auto(0xee00) listen$auto(0x3, 0x3) 5.543612193s ago: executing program 0 (id=1389): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x20000041, 0x80000000000006, 0x0, 0x7, 0x401) r0 = socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xcf\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0x8000dd1, 0xf, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred=r0, 0x2}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_VHOST_SET_FEATURES2(0xffffffffffffffff, 0x4008af00, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 5.405958722s ago: executing program 0 (id=1390): semget$auto(0x0, 0x13c, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x1, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x80000001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x101002, 0x0) ioctl$auto(r1, 0x9000643a, 0xc35) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) read$auto(r0, 0x0, 0xffffffffffffffef) write$auto(0x3, 0x0, 0xfffffdef) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200204, 0x15) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) uname$auto(0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) socket(0x10, 0x2, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x601, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x5}, 0x7}, 0x3, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x800, 0x0) r2 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_IOCTL_GET_NUM_DEVICES(r2, 0x40046104, &(0x7f0000000080)=0x7f) ioctl$auto_NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0) 5.286700863s ago: executing program 2 (id=1392): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000fbdbdf2502000000080007", @ANYRES32, @ANYBLOB='\b'], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 4.78369184s ago: executing program 2 (id=1393): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x20881, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x10003c, 0x1, 0x1ffde, 0x7, 0x3, 0x1, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x80, 0x4, 0xffffffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17d, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0x0, 0x20000000000007, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd) write$auto(r0, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x7, 0x7, 0x90, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xffffffffffffffff, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyu4\x00', 0x401, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, 0x0, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x80000, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_DRAIN2(r2, 0x4144, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r4 = timerfd_create$auto(0x9, 0x8000) bpf$auto_BPF_MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)=@bpf_attr_3={0x6b, 0xff, 0x9, 0xfffffffffffffff1, 0x5, 0x9, 0xff, 0x7fffffff, 0x7f, "b989c94f56957351219eb159ba7a2f07", r3, 0x5, r1, 0x6000000, 0x5, 0x8, 0x0, 0x7be, 0x9af0, 0x8, @attach_btf_obj_fd=r1, 0xcd, 0xe5, 0x0, 0xa, 0x1, r2, r4}, 0x1ff) unshare$auto(0x40000080) splice$auto(0xffffffffffffffff, &(0x7f00000000c0)=0x4, 0xffffffffffffffff, 0x0, 0x7, 0x267b) mmap$auto(0x4, 0x8, 0x2, 0x19, 0xffffffffffffffff, 0x3) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, 0x0) 4.647139335s ago: executing program 3 (id=1396): mmap$auto(0x0, 0x2020009, 0x100003, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x73) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2, 0xdf, 0x7f, 0x2, 0x6) write$auto(0xca, 0x0, 0x4) getdents64$auto(0xffffffffffffffff, 0x0, 0x400) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) clock_settime$auto(0x0, &(0x7f0000000000)={0x100000004, 0x8}) r0 = socket(0x1d, 0x2, 0x7) io_uring_setup$auto(0x59, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x8) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x2001, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x7, 0x6, 0x1f2, 0x9, 0xe8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x5, 0x7]}, 0x0, 0x0) r1 = socket(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x26a) sendto$auto(r0, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can, 0x36) close_range$auto(0x2, 0x8, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x44, 0x0, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x11e789c}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x3}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) ptrace$auto_PTRACE_GETFPREGS(0xe, 0x0, 0x5, 0x3) 4.102852931s ago: executing program 0 (id=1398): openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x2003, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r2 = fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r3 = bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x4, 0x9}, 0x92) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd11\x00', 0xd00, 0x0) ioctl$auto_NS_GET_NSTYPE(r2, 0xb703, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@bpf_attr_11={0x4, 0x8001, 0x10, 0x7fffffff, 0x8007ff, 0x7, 0x8001, r3}, 0x6) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x7) unshare$auto(0x40000080) socket(0x1e, 0x1, 0x0) lsm_set_self_attr$auto(0x1, &(0x7f0000000100)={0x68, 0x8, 0x80}, 0x80, 0x0) r4 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0) readv$auto(r4, &(0x7f0000000080)={0x0, 0x200}, 0xa) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0x3, 0x0, 0x5) sendfile$auto(r6, 0xffffffffffffffff, 0x0, 0x47) r7 = syz_open_procfs$namespace(0x0, 0x0) getdents$auto(r7, 0x0, 0xfff) 3.793710175s ago: executing program 2 (id=1399): getsockopt$auto_SO_PEEK_OFF(0xffffffffffffffff, 0x8, 0x2a, 0x0, &(0x7f00000001c0)=0x6) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r2, 0x0, 0x10a, 0x6, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) socket(0x2a, 0x2, 0x88) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0) r5 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, 0x0, 0x101000, 0x0) listen$auto(r5, 0x5) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0) socket(0x2, 0x1, 0x0) read$auto_rng_chrdev_ops_core(r1, 0x0, 0x0) mmap$auto(0xfffffffffffffffc, 0x8, 0x8, 0x7fffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x3ff, 0x0) setfsgid$auto(0xee00) listen$auto(0x3, 0x3) 3.224868326s ago: executing program 1 (id=1400): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x20000041, 0x80000000000006, 0x0, 0x7, 0x401) r0 = socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xcf\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0x8000dd1, 0xf, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred=r0, 0x2}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_VHOST_SET_FEATURES2(0xffffffffffffffff, 0x4008af00, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) 2.92104386s ago: executing program 1 (id=1401): r0 = socket(0x2, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_DONE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd22, 0x25dfdbff, {}, [@HANDSHAKE_A_DONE_SOCKFD={0x8, 0x2, r0}]}, 0x1c}}, 0xd4) (fail_nth: 2) 2.528206103s ago: executing program 2 (id=1402): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) r0 = socket(0x29, 0x2, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) getpid() r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x110c230000, 0x1, 0x9) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_kbytes\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x7fffe000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x4) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), r0) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)={0x78c, r5, 0x200, 0x9, 0x25dfdbfd, {}, [@HWSIM_ATTR_PMSR_RESULT={0x764, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x760, 0x5, 0x0, 0x1, [{0x518, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x102, 0x1, "f2a19048cb9d02cc7947a74de51001320ad24b6bcef17bc4e0bb8c8dd93f4b6e3dd40e03d6ede008a257ae5e4f3e46f57e89d9f30b6bfd6a98ebd527fd7d80360b26a1e6a940e676ff2744b5109e509cae31e37d555e2a8086e678cfa31add7b82638f8af2976bdb31a615079dc5448cd63332b9b4a4e5f52b6529756a6fbe4ec4d0b91c41dc387f511c4db8b9a95556fc8ddc00f5c0c825e9a6b373c142f6cdb5d6a7b642e2f6ee88119bcc98a8423d0f3160f82f209f4745724900ae5f6cd7177ff0e6e85f47d6cecc051f6351b5a8e9ddcb0d4fbdfd646c85fadfa92176d90a6bb8b049d605a3f62b862e6adac2e012b3b42f8a450ed636d0af322529"}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffff0c36}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x2}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x5}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x91, 0x1, "33786f39502f7db8d26f02d629b078e50297e43a965b9935e8bd78f240c51254f50be25bbd8b84d78c31848817da9dd17128b54e0cf538e31611f93d95cd10f5b0dcef7cb6715f17f1cfe600f1d017a3409980293a3f73636301a46d1b25741e1018ae70101716f3ddf5ead101eeb0504791686b75c9afc3f0eeec6eb41530b79fe49bbc39e633c83a94d7f700"}, @NL80211_PMSR_PEER_ATTR_RESP={0x12c, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_DATA={0x128, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x28}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x2b, 0x14, '/sys/kernel/tracing/per_cpu/cpu1/trace\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0xc, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x79}]}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x8000000000000001}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x5, 0x14, '^'}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0xf}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0xd5d1}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x70}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x9a}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x4c7d}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0xc, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x7}]}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x5}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x2}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x9c, 0x1, "71ed965d3c917ba5207dd7c5dde8b3797bc01ba30fab97f0c36a53570bb1eca0a902412c7fe3829378dc6243773492841d09f08881ffd5d912176438f3d1b17153cf3686cd4a0baa99d08e205825a7101ea4ae02f46817086ad047a28079854d5121e4e88785f0904c658d31a36014f1f20429cae9ab8648831b8804cda57cacc18f8f1d888921bf6678d2d4cb42737b867e6b05c10f1ce4"}, @NL80211_PMSR_PEER_ATTR_RESP={0x7c, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0xffffffffffffffc0}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1000}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x560}, @NL80211_PMSR_RESP_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x8, 0x14, '#):\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x30}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x95, 0x1, "76d872e410eb3f63262322f9a6e8c1f888f3e92425117a52787aea50fffa34e7fbbe9a075a2a2bf8ea74ac76ada802083ec0c36a5d86123a3b82b2c51f0a44f59d48bba09cc24315ddf5188b2fda32b7a8937fa0f59f86195c89b8b5d0a2aa1036967a20831fc1b0f59142754bcf32d885f511d257366b3f4421fd169b0c39c91ff679fc21b659c282643cd09d501fee8c"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x57, 0x1, "46974a15aa48c9676f55a872d3e37b89cae23083999d36419c8d7645f7f88187d22ace63aab2ad38f3ac807d8cf7ca8353ab4d47296421e18a6d49ec22c8b257b7bcb76a5127fd9db7dfb0b22d18f75a3fdf29"}]}, {0x240, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x10000}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffa1}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x5}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xcf, 0x1, "438b01cf4c689c460dd69684dad881fa0ac00dd5ff3f4efcdc693d43e2fd7af20db2d790518bb5acba4b5a2761c814725bfd081903421d3cc9622f17fd73b6602247f5f90cd298009a0a4f8de27fb94e3159b9b1022551c43d5cb621d292d3595497eb6de3a72279dfbbcaa0691c5c1c56ae40bf276e531caf3d2323b96663f279570a419a285def0018787ebeeb962f33be594f7f655a0a7c121b2484d9d1a1d8ed316946805daaa8f6f469b2701f3511fd4bf9d72195dfc53f0c374e4cb04e94018f12f062fc02b4117d"}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x5}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xeab6}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa9, 0x1, "22ca9ad446eeecedbc86f65eda129e8ed22b81aee49485cee9cedf47b86c37afc7780026b2ba9f322b7c05aa508df1bd1db64ee17628044ba950d59cfea8e83470ed2aee818062ed8528bde634afe81630191e1e4deb7814f59f8ddcb3a049eff3c10c2d5049aeb1092cce7a95dc97145b56cb6aba5db5616e90c0736052b99f69e05ce9b169f9a456ae5294991b9b0cd7ab363aaf764c89d12d4f6196a766c9387ad39e26"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x71, 0x1, "82deaec6dbefc5ae133226fe8868f4610a6c9f088fbdb476831904041f4511eb5f59e9591515d89c23ea9382cc2c22773629468aad853213e94fe2b2783beae67d82ba645ac10f98d0780fd7be6157c5f2005a292db3ecf5eb2a486da28f6fa4ace1801674a80f89cf58d4e6bc"}]}, {0x4}]}]}, @HWSIM_ATTR_FLAGS={0x8, 0x4, 0x5}, @HWSIM_ATTR_FLAGS={0x8, 0x4, 0x7}, @HWSIM_ATTR_SUPPORT_P2P_DEVICE={0x4}]}, 0x78c}, 0x1, 0x0, 0x0, 0x8000001}, 0x4000080) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20000000020009, 0x7, 0xb5f6, r2, 0x8000) r6 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) pread64$auto(r6, 0x0, 0x100000009, 0xa4000000000002) madvise$auto(0x0, 0x20499d, 0x9) 2.193159457s ago: executing program 1 (id=1403): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000fbdbdf2502000000080007", @ANYRES32, @ANYBLOB='\b'], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 1.984948556s ago: executing program 1 (id=1404): socket(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000140), 0xffffffffffffffff) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram8\x00', 0x80900, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40002, 0x300) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) ioctl$auto_TCFLSH2(r1, 0x5453, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r4, &(0x7f0000003900)='\t', 0x1) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) sendfile$auto(r5, r5, 0x0, 0x7ffff000) prctl$auto_PR_SET_MM_START_STACK(0x5, 0x5, 0xffffffffffffffff, 0x2, 0x2) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) write$auto_mousedev_fops_mousedev(0xffffffffffffffff, 0x0, 0x0) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$auto_TUNGETVNETLE2(0xffffffffffffffff, 0x800454dd, &(0x7f0000000040)=0x3) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="070986acbdecd86de29e8200000008000300", @ANYRES32=r8], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000080) 857.583108ms ago: executing program 3 (id=1405): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) capget$auto(0x0, 0xfffffffffffffffe) kexec_load$auto(0x400000000009, 0x10000, 0x0, 0x1003e0000) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) bind$auto(0x3, 0x0, 0x6a) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x80000000, 0x700, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x80000, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) socket(0x2b, 0x1, 0x1) socket(0x1, 0x2, 0x0) socket(0xa, 0x2, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103841, 0x0) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) shmctl$auto_SHM_UNLOCK(0xd, 0xc, 0x0) msgctl$auto_MSG_STAT_ANY(0x4f55, 0xd, 0x0) sendmsg$auto_IPVS_CMD_GET_DEST(r0, 0x0, 0x11) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nfsd(0x0, r0) 196.863397ms ago: executing program 1 (id=1406): semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff) 0s ago: executing program 1 (id=1407): socketcall$auto_SYS_LISTEN(0x4, &(0x7f0000000000)=0x1) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event\x00', 0x40800, 0x0) socketcall$auto_SYS_LISTEN(0x4, &(0x7f0000000040)=0x1) pread64$auto(r0, &(0x7f0000002680)='/dev/snapshot\x00', 0x73528428, 0x3) (fail_nth: 2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80402, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000007ec0)=""/254, 0xfe) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0xa, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x101082, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, 0x0, 0x4d) ioctl$auto(r3, 0xc0045543, r4) socketcall$auto_SYS_LISTEN(0x4, &(0x7f0000000080)=0xfffffffffffffffa) prctl$auto(0x4d, 0x1, 0x0, 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) kernel console output (not intermixed with test programs): e:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:15432kB local_pcp:5396kB free_cma:0kB [ 239.018540][ T8017] lowmem_reserve[]: 0 0 0 0 0 [ 239.030462][ T8017] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 239.176070][ T8017] Node 0 DMA32: 536*4kB (UM) 425*8kB (UM) 505*16kB (UME) 741*32kB (UME) 243*64kB (UME) 135*128kB (UME) 59*256kB (UME) 24*512kB (ME) 9*1024kB (UM) 2*2048kB (UM) 324*4096kB (UM) = 1437976kB [ 239.277256][ T8017] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 239.300822][ T8017] Node 1 Normal: 151*4kB (UME) 37*8kB (UME) 30*16kB (UME) 90*32kB (UME) 30*64kB (UME) 9*128kB (UME) 5*256kB (UME) 2*512kB (M) 3*1024kB (UME) 3*2048kB (UME) 944*4096kB (M) = 3885476kB [ 239.403491][ T8017] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 239.433385][ T8017] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 239.555816][ T8034] netlink: 4 bytes leftover after parsing attributes in process `syz.1.356'. [ 239.565318][ T8017] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 239.694378][ T8017] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 239.724524][ T8017] 49462 total pagecache pages [ 239.729487][ T8017] 5 pages in swap cache [ 239.733641][ T8017] Free swap = 124976kB [ 239.795245][ T8017] Total swap = 124996kB [ 239.799442][ T8017] 2097051 pages RAM [ 239.803230][ T8017] 0 pages HighMem/MovableOnly [ 239.924733][ T8017] 430185 pages reserved [ 239.964688][ T8017] 0 pages cma reserved [ 240.631615][ T8044] FAULT_INJECTION: forcing a failure. [ 240.631615][ T8044] name failslab, interval 1, probability 0, space 0, times 0 [ 240.664999][ T8044] CPU: 1 UID: 0 PID: 8044 Comm: syz.1.359 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 240.665035][ T8044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 240.665056][ T8044] Call Trace: [ 240.665070][ T8044] [ 240.665079][ T8044] dump_stack_lvl+0x16c/0x1f0 [ 240.665115][ T8044] should_fail_ex+0x512/0x640 [ 240.665153][ T8044] ? __kvmalloc_node_noprof+0x124/0x620 [ 240.665179][ T8044] should_failslab+0xc2/0x120 [ 240.665206][ T8044] __kvmalloc_node_noprof+0x137/0x620 [ 240.665228][ T8044] ? alloc_fdtable+0x175/0x2d0 [ 240.665254][ T8044] ? alloc_fdtable+0x175/0x2d0 [ 240.665271][ T8044] alloc_fdtable+0x175/0x2d0 [ 240.665291][ T8044] dup_fd+0x83b/0xb90 [ 240.665315][ T8044] ? apparmor_task_alloc+0x2c2/0x3b0 [ 240.665338][ T8044] copy_process+0x230c/0x7690 [ 240.665363][ T8044] ? __pfx___futex_wait+0x10/0x10 [ 240.665400][ T8044] ? __pfx_copy_process+0x10/0x10 [ 240.665423][ T8044] ? futex_private_hash_put+0x176/0x300 [ 240.665449][ T8044] ? futex_private_hash_put+0x18a/0x300 [ 240.665476][ T8044] kernel_clone+0xfc/0x930 [ 240.665502][ T8044] ? __pfx_kernel_clone+0x10/0x10 [ 240.665540][ T8044] __do_sys_clone+0xce/0x120 [ 240.665564][ T8044] ? __pfx___do_sys_clone+0x10/0x10 [ 240.665600][ T8044] ? xfd_validate_state+0x61/0x180 [ 240.665636][ T8044] do_syscall_64+0xcd/0x490 [ 240.665663][ T8044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.665682][ T8044] RIP: 0033:0x7f212558ebe9 [ 240.665698][ T8044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.665716][ T8044] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 240.665734][ T8044] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 240.665747][ T8044] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 240.665768][ T8044] RBP: 00007f2125611e19 R08: 0000000000000000 R09: 0000000000000000 [ 240.665781][ T8044] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 240.665793][ T8044] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 240.665820][ T8044] [ 245.056217][ T8098] netlink: 342 bytes leftover after parsing attributes in process `syz.1.369'. [ 245.133706][ T8097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.370'. [ 247.925909][ T8128] syz.0.374: vmalloc error: size 8192, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 248.054460][ T8128] CPU: 0 UID: 0 PID: 8128 Comm: syz.0.374 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 248.054497][ T8128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 248.054511][ T8128] Call Trace: [ 248.054520][ T8128] [ 248.054530][ T8128] dump_stack_lvl+0x16c/0x1f0 [ 248.054567][ T8128] warn_alloc+0x248/0x3a0 [ 248.054599][ T8128] ? __pfx_warn_alloc+0x10/0x10 [ 248.054632][ T8128] ? alloc_pages_mpol+0x25a/0x550 [ 248.054667][ T8128] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 248.054714][ T8128] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 248.054765][ T8128] ? kernel_clone+0xfc/0x930 [ 248.054804][ T8128] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 248.054855][ T8128] ? kernel_clone+0xfc/0x930 [ 248.054884][ T8128] __vmalloc_node_noprof+0xad/0xf0 [ 248.054921][ T8128] ? kernel_clone+0xfc/0x930 [ 248.054953][ T8128] copy_process+0x2c70/0x7690 [ 248.055008][ T8128] ? __pfx_copy_process+0x10/0x10 [ 248.055040][ T8128] ? futex_private_hash_put+0x176/0x300 [ 248.055075][ T8128] ? futex_private_hash_put+0x18a/0x300 [ 248.055112][ T8128] kernel_clone+0xfc/0x930 [ 248.055144][ T8128] ? __pfx_futex_wake+0x10/0x10 [ 248.055181][ T8128] ? __pfx_kernel_clone+0x10/0x10 [ 248.055227][ T8128] __do_sys_clone+0xce/0x120 [ 248.055254][ T8128] ? __pfx___do_sys_clone+0x10/0x10 [ 248.055298][ T8128] ? xfd_validate_state+0x61/0x180 [ 248.055342][ T8128] do_syscall_64+0xcd/0x490 [ 248.055373][ T8128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.055397][ T8128] RIP: 0033:0x7fbffd78ebe9 [ 248.055417][ T8128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.055440][ T8128] RSP: 002b:00007fbffe5a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 248.055463][ T8128] RAX: ffffffffffffffda RBX: 00007fbffd9b5fa0 RCX: 00007fbffd78ebe9 [ 248.055481][ T8128] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 248.055496][ T8128] RBP: 00007fbffd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 248.055511][ T8128] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 248.055526][ T8128] R13: 00007fbffd9b6038 R14: 00007fbffd9b5fa0 R15: 00007ffea40d6c78 [ 248.055559][ T8128] [ 248.055656][ T8128] Mem-Info: [ 248.364575][ T8128] active_anon:12003 inactive_anon:0 isolated_anon:0 [ 248.364575][ T8128] active_file:4103 inactive_file:40757 isolated_file:0 [ 248.364575][ T8128] unevictable:768 dirty:576 writeback:0 [ 248.364575][ T8128] slab_reclaimable:10298 slab_unreclaimable:93980 [ 248.364575][ T8128] mapped:34496 shmem:6157 pagetables:1233 [ 248.364575][ T8128] sec_pagetables:0 bounce:0 [ 248.364575][ T8128] kernel_misc_reclaimable:0 [ 248.364575][ T8128] free:1333742 free_pcp:10849 free_cma:0 [ 248.451877][ T8128] Node 0 active_anon:44812kB inactive_anon:0kB active_file:16412kB inactive_file:162828kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138184kB dirty:2304kB writeback:0kB shmem:23192kB shmem_thp:2048kB shmem_pmdmapped:2048kB anon_thp:0kB kernel_stack:11896kB pagetables:4780kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 248.572049][ T8128] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 248.625018][ T8128] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 248.692443][ T8128] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 248.725569][ T8128] Node 0 DMA32 free:1435128kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:47668kB inactive_anon:0kB active_file:16412kB inactive_file:161520kB unevictable:1536kB writepending:2304kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:31460kB local_pcp:13136kB free_cma:0kB [ 248.915003][ T8128] lowmem_reserve[]: 0 0 1 1 1 [ 248.926589][ T8128] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 248.984482][ T8128] lowmem_reserve[]: 0 0 0 0 0 [ 248.991595][ T8128] Node 1 Normal free:3885760kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:11968kB local_pcp:3816kB free_cma:0kB [ 249.117917][ T8138] netlink: 342 bytes leftover after parsing attributes in process `syz.3.376'. [ 249.177238][ T8128] lowmem_reserve[]: 0 0 0 0 0 [ 249.182392][ T8128] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 249.248212][ T8128] Node 0 DMA32: 97*4kB (UM) 263*8kB (UE) 16*16kB (UME) 551*32kB (UE) 188*64kB (UME) 141*128kB (UME) 64*256kB (UME) 30*512kB (ME) 9*1024kB (UM) 7*2048kB (UM) 322*4096kB (UM) = 1424668kB [ 249.280539][ T8128] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 249.312914][ T8128] Node 1 Normal: 151*4kB (UME) 38*8kB (UME) 13*16kB (UME) 91*32kB (UME) 30*64kB (UME) 9*128kB (UME) 6*256kB (UME) 1*512kB (M) 4*1024kB (UME) 3*2048kB (UME) 944*4096kB (M) = 3886012kB [ 249.331673][ T8128] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 249.341298][ T8128] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 249.350681][ T8128] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 249.360351][ T8128] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 249.369912][ T8128] 55511 total pagecache pages [ 249.374783][ T8128] 5 pages in swap cache [ 249.379073][ T8128] Free swap = 124976kB [ 249.383367][ T8128] Total swap = 124996kB [ 249.387743][ T8128] 2097051 pages RAM [ 249.391677][ T8128] 0 pages HighMem/MovableOnly [ 249.396540][ T8128] 430185 pages reserved [ 249.400804][ T8128] 0 pages cma reserved [ 249.920596][ T8141] netlink: 4 bytes leftover after parsing attributes in process `syz.2.378'. [ 250.195652][ T8149] netlink: 342 bytes leftover after parsing attributes in process `syz.3.380'. [ 251.774970][ T8173] FAULT_INJECTION: forcing a failure. [ 251.774970][ T8173] name failslab, interval 1, probability 0, space 0, times 0 [ 251.798629][ T8173] CPU: 0 UID: 0 PID: 8173 Comm: syz.2.387 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 251.798666][ T8173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 251.798681][ T8173] Call Trace: [ 251.798688][ T8173] [ 251.798695][ T8173] dump_stack_lvl+0x16c/0x1f0 [ 251.798717][ T8173] should_fail_ex+0x512/0x640 [ 251.798737][ T8173] ? __kvmalloc_node_noprof+0x124/0x620 [ 251.798755][ T8173] should_failslab+0xc2/0x120 [ 251.798775][ T8173] __kvmalloc_node_noprof+0x137/0x620 [ 251.798790][ T8173] ? alloc_fdtable+0x175/0x2d0 [ 251.798808][ T8173] ? alloc_fdtable+0x175/0x2d0 [ 251.798820][ T8173] alloc_fdtable+0x175/0x2d0 [ 251.798835][ T8173] dup_fd+0x83b/0xb90 [ 251.798852][ T8173] ? apparmor_task_alloc+0x2c2/0x3b0 [ 251.798869][ T8173] copy_process+0x230c/0x7690 [ 251.798887][ T8173] ? __pfx___futex_wait+0x10/0x10 [ 251.798914][ T8173] ? __pfx_copy_process+0x10/0x10 [ 251.798931][ T8173] ? futex_private_hash_put+0x176/0x300 [ 251.798949][ T8173] ? futex_private_hash_put+0x18a/0x300 [ 251.798967][ T8173] kernel_clone+0xfc/0x930 [ 251.798986][ T8173] ? __pfx_kernel_clone+0x10/0x10 [ 251.799013][ T8173] __do_sys_clone+0xce/0x120 [ 251.799030][ T8173] ? __pfx___do_sys_clone+0x10/0x10 [ 251.799055][ T8173] ? xfd_validate_state+0x61/0x180 [ 251.799081][ T8173] do_syscall_64+0xcd/0x490 [ 251.799100][ T8173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.799114][ T8173] RIP: 0033:0x7feec5d8ebe9 [ 251.799126][ T8173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.799139][ T8173] RSP: 002b:00007feec6bfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 251.799153][ T8173] RAX: ffffffffffffffda RBX: 00007feec5fb5fa0 RCX: 00007feec5d8ebe9 [ 251.799162][ T8173] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 251.799170][ T8173] RBP: 00007feec5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 251.799178][ T8173] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 251.799186][ T8173] R13: 00007feec5fb6038 R14: 00007feec5fb5fa0 R15: 00007ffde4622028 [ 251.799204][ T8173] [ 252.221803][ T8175] netlink: 4 bytes leftover after parsing attributes in process `syz.0.386'. [ 252.757190][ T8179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.388'. [ 254.075192][ T8203] netlink: 342 bytes leftover after parsing attributes in process `syz.0.392'. [ 254.089443][ T8204] netlink: 342 bytes leftover after parsing attributes in process `syz.2.393'. [ 254.100458][ T8204] netlink: 342 bytes leftover after parsing attributes in process `syz.2.393'. [ 254.146235][ T8203] netlink: 342 bytes leftover after parsing attributes in process `syz.0.392'. [ 254.982279][ T8218] netlink: 4 bytes leftover after parsing attributes in process `syz.3.398'. [ 256.505042][ T8242] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 256.511582][ T8242] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 256.517979][ T8242] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 256.524271][ T8242] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 257.606182][ T8262] netlink: 334 bytes leftover after parsing attributes in process `syz.1.408'. [ 258.224947][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.409'. [ 258.358478][ T8274] netlink: 4 bytes leftover after parsing attributes in process `syz.0.410'. [ 258.544565][ T5865] Bluetooth: hci3: command 0x0406 tx timeout [ 258.550703][ T5185] Bluetooth: hci2: command 0x0406 tx timeout [ 258.554548][ T5865] Bluetooth: hci1: command 0x0406 tx timeout [ 258.556811][ T5185] Bluetooth: hci0: command 0x0406 tx timeout [ 258.764899][ T8280] netlink: 342 bytes leftover after parsing attributes in process `syz.1.412'. [ 260.364786][ T8304] zswap: compressor not available [ 261.158986][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.169098][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.881175][ T8329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.424'. [ 261.902685][ T8335] netlink: 4 bytes leftover after parsing attributes in process `syz.2.425'. [ 263.209322][ T8350] FAULT_INJECTION: forcing a failure. [ 263.209322][ T8350] name failslab, interval 1, probability 0, space 0, times 0 [ 263.254469][ T8350] CPU: 0 UID: 0 PID: 8350 Comm: syz.3.429 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 263.254509][ T8350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 263.254524][ T8350] Call Trace: [ 263.254535][ T8350] [ 263.254545][ T8350] dump_stack_lvl+0x16c/0x1f0 [ 263.254585][ T8350] should_fail_ex+0x512/0x640 [ 263.254619][ T8350] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 263.254663][ T8350] should_failslab+0xc2/0x120 [ 263.254697][ T8350] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 263.254726][ T8350] ? dup_fd+0x6ac/0xb90 [ 263.254752][ T8350] ? copy_fs_struct+0x49/0x340 [ 263.254791][ T8350] copy_fs_struct+0x49/0x340 [ 263.254827][ T8350] copy_process+0x3219/0x7690 [ 263.254858][ T8350] ? __pfx___futex_wait+0x10/0x10 [ 263.254908][ T8350] ? __pfx_copy_process+0x10/0x10 [ 263.254938][ T8350] ? futex_private_hash_put+0x176/0x300 [ 263.254972][ T8350] ? futex_private_hash_put+0x18a/0x300 [ 263.255008][ T8350] kernel_clone+0xfc/0x930 [ 263.255041][ T8350] ? __pfx_kernel_clone+0x10/0x10 [ 263.255092][ T8350] __do_sys_clone+0xce/0x120 [ 263.255122][ T8350] ? __pfx___do_sys_clone+0x10/0x10 [ 263.255169][ T8350] ? xfd_validate_state+0x61/0x180 [ 263.255216][ T8350] do_syscall_64+0xcd/0x490 [ 263.255249][ T8350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.255275][ T8350] RIP: 0033:0x7f1ac038ebe9 [ 263.255296][ T8350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.255320][ T8350] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 263.255345][ T8350] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 263.255363][ T8350] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 263.255380][ T8350] RBP: 00007f1ac0411e19 R08: 0000000000000000 R09: 0000000000000000 [ 263.255394][ T8350] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 263.255409][ T8350] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 263.255445][ T8350] [ 263.767158][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.431'. [ 264.183808][ T8359] netlink: 4 bytes leftover after parsing attributes in process `syz.2.432'. [ 264.241099][ T8360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.433'. [ 265.550690][ T8378] netlink: 4 bytes leftover after parsing attributes in process `syz.2.436'. [ 265.775053][ T8380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.437'. [ 265.951617][ T8385] netlink: 4 bytes leftover after parsing attributes in process `syz.0.438'. [ 266.575535][ T8392] FAULT_INJECTION: forcing a failure. [ 266.575535][ T8392] name failslab, interval 1, probability 0, space 0, times 0 [ 266.623672][ T8392] CPU: 1 UID: 0 PID: 8392 Comm: syz.3.439 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 266.623715][ T8392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 266.623729][ T8392] Call Trace: [ 266.623737][ T8392] [ 266.623743][ T8392] dump_stack_lvl+0x16c/0x1f0 [ 266.623765][ T8392] should_fail_ex+0x512/0x640 [ 266.623785][ T8392] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 266.623805][ T8392] should_failslab+0xc2/0x120 [ 266.623824][ T8392] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 266.623839][ T8392] ? dup_fd+0x6ac/0xb90 [ 266.623853][ T8392] ? copy_fs_struct+0x49/0x340 [ 266.623875][ T8392] copy_fs_struct+0x49/0x340 [ 266.623897][ T8392] copy_process+0x3219/0x7690 [ 266.623914][ T8392] ? __pfx___futex_wait+0x10/0x10 [ 266.623942][ T8392] ? __pfx_copy_process+0x10/0x10 [ 266.623958][ T8392] ? futex_private_hash_put+0x176/0x300 [ 266.623977][ T8392] ? futex_private_hash_put+0x18a/0x300 [ 266.623996][ T8392] kernel_clone+0xfc/0x930 [ 266.624014][ T8392] ? __pfx_kernel_clone+0x10/0x10 [ 266.624042][ T8392] __do_sys_clone+0xce/0x120 [ 266.624069][ T8392] ? __pfx___do_sys_clone+0x10/0x10 [ 266.624102][ T8392] ? xfd_validate_state+0x61/0x180 [ 266.624129][ T8392] do_syscall_64+0xcd/0x490 [ 266.624148][ T8392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.624162][ T8392] RIP: 0033:0x7f1ac038ebe9 [ 266.624174][ T8392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.624187][ T8392] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 266.624201][ T8392] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 266.624210][ T8392] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 266.624218][ T8392] RBP: 00007f1ac0411e19 R08: 0000000000000000 R09: 0000000000000000 [ 266.624227][ T8392] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 266.624235][ T8392] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 266.624254][ T8392] [ 267.583255][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.3.441'. [ 267.824860][ T8401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.442'. [ 268.849718][ T8417] netlink: 4 bytes leftover after parsing attributes in process `syz.0.447'. [ 270.112858][ T8429] zswap: compressor not available [ 270.783699][ T8437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.449'. [ 271.021766][ T8447] netlink: 342 bytes leftover after parsing attributes in process `syz.2.452'. [ 271.036278][ T8447] netlink: 342 bytes leftover after parsing attributes in process `syz.2.452'. [ 272.015828][ T8448] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 272.292769][ T8459] netlink: 342 bytes leftover after parsing attributes in process `syz.3.455'. [ 272.408225][ T8468] warn_alloc: 1 callbacks suppressed [ 272.408240][ T8468] syz.1.458: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 272.455776][ T8468] CPU: 1 UID: 0 PID: 8468 Comm: syz.1.458 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 272.455813][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 272.455828][ T8468] Call Trace: [ 272.455837][ T8468] [ 272.455847][ T8468] dump_stack_lvl+0x16c/0x1f0 [ 272.455885][ T8468] warn_alloc+0x248/0x3a0 [ 272.455918][ T8468] ? __pfx_warn_alloc+0x10/0x10 [ 272.455949][ T8468] ? alloc_pages_mpol+0x25a/0x550 [ 272.455985][ T8468] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 272.456029][ T8468] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 272.456079][ T8468] ? kernel_clone+0xfc/0x930 [ 272.456119][ T8468] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 272.456170][ T8468] ? kernel_clone+0xfc/0x930 [ 272.456199][ T8468] __vmalloc_node_noprof+0xad/0xf0 [ 272.456236][ T8468] ? kernel_clone+0xfc/0x930 [ 272.456270][ T8468] copy_process+0x2c70/0x7690 [ 272.456301][ T8468] ? __pfx___futex_wait+0x10/0x10 [ 272.456349][ T8468] ? __pfx_copy_process+0x10/0x10 [ 272.456379][ T8468] ? futex_private_hash_put+0x176/0x300 [ 272.456413][ T8468] ? futex_private_hash_put+0x18a/0x300 [ 272.456448][ T8468] kernel_clone+0xfc/0x930 [ 272.456480][ T8468] ? __pfx_kernel_clone+0x10/0x10 [ 272.456530][ T8468] __do_sys_clone+0xce/0x120 [ 272.456562][ T8468] ? __pfx___do_sys_clone+0x10/0x10 [ 272.456608][ T8468] ? xfd_validate_state+0x61/0x180 [ 272.456654][ T8468] do_syscall_64+0xcd/0x490 [ 272.456697][ T8468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.456723][ T8468] RIP: 0033:0x7f212558ebe9 [ 272.456745][ T8468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.456768][ T8468] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 272.456792][ T8468] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 272.456809][ T8468] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 272.456825][ T8468] RBP: 00007f2125611e19 R08: 0000000000000000 R09: 0000000000000000 [ 272.456841][ T8468] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 272.456857][ T8468] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 272.456890][ T8468] [ 272.456969][ T8468] Mem-Info: [ 272.723417][ T8471] netlink: 342 bytes leftover after parsing attributes in process `syz.0.459'. [ 272.737324][ T8471] netlink: 342 bytes leftover after parsing attributes in process `syz.0.459'. [ 272.825912][ T8468] active_anon:6751 inactive_anon:0 isolated_anon:0 [ 272.825912][ T8468] active_file:4359 inactive_file:41772 isolated_file:0 [ 272.825912][ T8468] unevictable:768 dirty:874 writeback:0 [ 272.825912][ T8468] slab_reclaimable:10281 slab_unreclaimable:93127 [ 272.825912][ T8468] mapped:29054 shmem:1906 pagetables:1192 [ 272.825912][ T8468] sec_pagetables:0 bounce:0 [ 272.825912][ T8468] kernel_misc_reclaimable:0 [ 272.825912][ T8468] free:1339310 free_pcp:11835 free_cma:0 [ 272.874548][ T8468] Node 0 active_anon:27004kB inactive_anon:0kB active_file:17436kB inactive_file:166888kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116216kB dirty:3496kB writeback:0kB shmem:6088kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11884kB pagetables:4616kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 272.944676][ T8468] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 273.175381][ T8468] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 273.210688][ T8468] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 273.217364][ T8468] Node 0 DMA32 free:1454140kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27872kB inactive_anon:0kB active_file:17436kB inactive_file:165664kB unevictable:1536kB writepending:3500kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:34748kB local_pcp:17508kB free_cma:0kB [ 273.458404][ T8468] lowmem_reserve[]: 0 0 1 1 1 [ 273.463218][ T8468] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 273.572156][ T8468] lowmem_reserve[]: 0 0 0 0 0 [ 273.580006][ T8468] Node 1 Normal free:3887428kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:11744kB local_pcp:3104kB free_cma:0kB [ 273.694467][ T8468] lowmem_reserve[]: 0 0 0 0 0 [ 273.720073][ T8468] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 273.733456][ T8468] Node 0 DMA32: 1240*4kB (UM) 992*8kB (UME) 310*16kB (UME) 836*32kB (UME) 238*64kB (UME) 147*128kB (UME) 66*256kB (UME) 31*512kB (ME) 9*1024kB (UM) 9*2048kB (UM) 320*4096kB (UM) = 1449792kB [ 273.763854][ T8468] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 273.812406][ T8468] Node 1 Normal: 213*4kB (UME) 56*8kB (UME) 35*16kB (UME) 88*32kB (UME) 34*64kB (UME) 5*128kB (UME) 4*256kB (UME) 2*512kB (M) 3*1024kB (UME) 4*2048kB (UME) 944*4096kB (M) = 3887428kB [ 274.104442][ T8468] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 274.114233][ T8468] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 274.123634][ T8468] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 274.152258][ T8468] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 274.185219][ T8468] 52010 total pagecache pages [ 274.203211][ T8468] 5 pages in swap cache [ 274.235193][ T8468] Free swap = 124976kB [ 274.239417][ T8468] Total swap = 124996kB [ 274.280444][ T8468] 2097051 pages RAM [ 274.354544][ T8468] 0 pages HighMem/MovableOnly [ 274.362144][ T8468] 430185 pages reserved [ 274.366468][ T8468] 0 pages cma reserved [ 274.610411][ T8490] netlink: 4 bytes leftover after parsing attributes in process `syz.1.465'. [ 274.674021][ T8487] netlink: 4 bytes leftover after parsing attributes in process `syz.3.464'. [ 276.107272][ T8514] netlink: 342 bytes leftover after parsing attributes in process `syz.0.471'. [ 276.500314][ T8500] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 277.162308][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.475'. [ 278.076137][ T8542] netlink: 4 bytes leftover after parsing attributes in process `syz.1.477'. [ 278.185597][ T8546] netlink: 4 bytes leftover after parsing attributes in process `syz.2.482'. [ 279.348902][ T8554] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 280.866909][ T8585] netlink: 342 bytes leftover after parsing attributes in process `syz.0.490'. [ 281.739081][ T8605] netlink: 4 bytes leftover after parsing attributes in process `syz.1.497'. [ 282.186442][ T8612] netlink: 342 bytes leftover after parsing attributes in process `syz.0.507'. [ 282.514885][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.500'. [ 283.040884][ T8623] FAULT_INJECTION: forcing a failure. [ 283.040884][ T8623] name failslab, interval 1, probability 0, space 0, times 0 [ 283.123551][ T8623] CPU: 1 UID: 0 PID: 8623 Comm: syz.3.501 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 283.123577][ T8623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 283.123586][ T8623] Call Trace: [ 283.123592][ T8623] [ 283.123598][ T8623] dump_stack_lvl+0x16c/0x1f0 [ 283.123622][ T8623] should_fail_ex+0x512/0x640 [ 283.123642][ T8623] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.123661][ T8623] should_failslab+0xc2/0x120 [ 283.123680][ T8623] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.123697][ T8623] ? copy_process+0x3798/0x7690 [ 283.123715][ T8623] ? _raw_spin_unlock_irq+0x23/0x50 [ 283.123732][ T8623] copy_process+0x3798/0x7690 [ 283.123749][ T8623] ? __pfx___futex_wait+0x10/0x10 [ 283.123776][ T8623] ? __pfx_copy_process+0x10/0x10 [ 283.123793][ T8623] ? futex_private_hash_put+0x176/0x300 [ 283.123812][ T8623] ? futex_private_hash_put+0x18a/0x300 [ 283.123830][ T8623] kernel_clone+0xfc/0x930 [ 283.123849][ T8623] ? __pfx_kernel_clone+0x10/0x10 [ 283.123877][ T8623] __do_sys_clone+0xce/0x120 [ 283.123894][ T8623] ? __pfx___do_sys_clone+0x10/0x10 [ 283.123920][ T8623] ? xfd_validate_state+0x61/0x180 [ 283.123946][ T8623] do_syscall_64+0xcd/0x490 [ 283.123965][ T8623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.123979][ T8623] RIP: 0033:0x7f1ac038ebe9 [ 283.123992][ T8623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.124005][ T8623] RSP: 002b:00007f1ac1119038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 283.124020][ T8623] RAX: ffffffffffffffda RBX: 00007f1ac05b6090 RCX: 00007f1ac038ebe9 [ 283.124029][ T8623] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 283.124037][ T8623] RBP: 00007f1ac0411e19 R08: 0000000000000000 R09: 0000000000000000 [ 283.124046][ T8623] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 283.124054][ T8623] R13: 00007f1ac05b6128 R14: 00007f1ac05b6090 R15: 00007ffcc4cc5b88 [ 283.124072][ T8623] [ 283.945163][ T8628] zswap: compressor not available [ 284.381849][ T8640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.506'. [ 285.238622][ T8656] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 285.469601][ T8664] netlink: 342 bytes leftover after parsing attributes in process `syz.1.511'. [ 287.929674][ T8706] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 290.225934][ T8747] warn_alloc: 1 callbacks suppressed [ 290.225949][ T8747] syz.2.524: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 290.266233][ T8747] CPU: 1 UID: 0 PID: 8747 Comm: syz.2.524 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 290.266265][ T8747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 290.266276][ T8747] Call Trace: [ 290.266282][ T8747] [ 290.266288][ T8747] dump_stack_lvl+0x16c/0x1f0 [ 290.266310][ T8747] warn_alloc+0x248/0x3a0 [ 290.266330][ T8747] ? __pfx_warn_alloc+0x10/0x10 [ 290.266348][ T8747] ? alloc_pages_mpol+0x25a/0x550 [ 290.266370][ T8747] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 290.266395][ T8747] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 290.266425][ T8747] ? kernel_clone+0xfc/0x930 [ 290.266446][ T8747] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 290.266475][ T8747] ? kernel_clone+0xfc/0x930 [ 290.266491][ T8747] __vmalloc_node_noprof+0xad/0xf0 [ 290.266513][ T8747] ? kernel_clone+0xfc/0x930 [ 290.266531][ T8747] copy_process+0x2c70/0x7690 [ 290.266548][ T8747] ? __pfx___futex_wait+0x10/0x10 [ 290.266576][ T8747] ? __pfx_copy_process+0x10/0x10 [ 290.266592][ T8747] ? futex_private_hash_put+0x176/0x300 [ 290.266613][ T8747] ? futex_private_hash_put+0x18a/0x300 [ 290.266632][ T8747] kernel_clone+0xfc/0x930 [ 290.266650][ T8747] ? __pfx_kernel_clone+0x10/0x10 [ 290.266677][ T8747] __do_sys_clone+0xce/0x120 [ 290.266694][ T8747] ? __pfx___do_sys_clone+0x10/0x10 [ 290.266719][ T8747] ? xfd_validate_state+0x61/0x180 [ 290.266745][ T8747] do_syscall_64+0xcd/0x490 [ 290.266764][ T8747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.266778][ T8747] RIP: 0033:0x7feec5d8ebe9 [ 290.266790][ T8747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.266803][ T8747] RSP: 002b:00007feec6bfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 290.266817][ T8747] RAX: ffffffffffffffda RBX: 00007feec5fb5fa0 RCX: 00007feec5d8ebe9 [ 290.266826][ T8747] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 290.266834][ T8747] RBP: 00007feec5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 290.266843][ T8747] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 290.266860][ T8747] R13: 00007feec5fb6038 R14: 00007feec5fb5fa0 R15: 00007ffde4622028 [ 290.266879][ T8747] [ 290.266885][ T8747] Mem-Info: [ 290.519929][ T8747] active_anon:7899 inactive_anon:0 isolated_anon:0 [ 290.519929][ T8747] active_file:4359 inactive_file:40775 isolated_file:0 [ 290.519929][ T8747] unevictable:768 dirty:854 writeback:0 [ 290.519929][ T8747] slab_reclaimable:10297 slab_unreclaimable:92666 [ 290.519929][ T8747] mapped:25693 shmem:3178 pagetables:1114 [ 290.519929][ T8747] sec_pagetables:0 bounce:0 [ 290.519929][ T8747] kernel_misc_reclaimable:0 [ 290.519929][ T8747] free:1338908 free_pcp:12509 free_cma:0 [ 290.634755][ T8747] Node 0 active_anon:24596kB inactive_anon:0kB active_file:17436kB inactive_file:164700kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102772kB dirty:3412kB writeback:0kB shmem:3976kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11608kB pagetables:4404kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 290.705617][ T8747] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 290.746370][ T8752] netlink: 342 bytes leftover after parsing attributes in process `syz.3.523'. [ 290.758569][ T8747] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 290.790777][ T8747] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 290.797646][ T8747] Node 0 DMA32 free:1452688kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24652kB inactive_anon:0kB active_file:17436kB inactive_file:163592kB unevictable:1536kB writepending:3412kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:39476kB local_pcp:21660kB free_cma:0kB [ 290.834007][ T8747] lowmem_reserve[]: 0 0 1 1 1 [ 290.838931][ T8747] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 290.871329][ T8747] lowmem_reserve[]: 0 0 0 0 0 [ 290.880981][ T8747] Node 1 Normal free:3886664kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:16056kB local_pcp:4276kB free_cma:0kB [ 290.914647][ T8747] lowmem_reserve[]: 0 0 0 0 0 [ 290.919779][ T8747] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 290.949969][ T8747] Node 0 DMA32: 1506*4kB (UM) 1100*8kB (UME) 212*16kB (UME) 653*32kB (UME) 258*64kB (UME) 154*128kB (UME) 70*256kB (UME) 31*512kB (ME) 10*1024kB (UM) 7*2048kB (UM) 322*4096kB (UM) = 1452616kB [ 290.975196][ T8747] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 290.993034][ T8747] Node 1 Normal: 111*4kB (UME) 56*8kB (UME) 22*16kB (UME) 99*32kB (UME) 33*64kB (UE) 4*128kB (UE) 3*256kB (UME) 2*512kB (M) 3*1024kB (UME) 4*2048kB (UME) 944*4096kB (M) = 3886716kB [ 291.038356][ T8751] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 291.127691][ T8747] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.144717][ T8747] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 291.161900][ T8747] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.214040][ T8747] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 291.285373][ T8747] 47005 total pagecache pages [ 291.294874][ T8747] 5 pages in swap cache [ 291.300833][ T8747] Free swap = 124976kB [ 291.313724][ T8747] Total swap = 124996kB [ 291.346868][ T8747] 2097051 pages RAM [ 291.350734][ T8747] 0 pages HighMem/MovableOnly [ 291.359875][ T8747] 430185 pages reserved [ 291.364069][ T8747] 0 pages cma reserved [ 291.623455][ T8765] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'. [ 291.933100][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.2.529'. [ 292.306197][ T8777] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 295.018520][ T8830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.536'. [ 295.892846][ T8856] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 302.437181][ T8941] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 303.046991][ T8946] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 303.152358][ T8948] zswap: compressor not available [ 303.262407][ T8962] netlink: 334 bytes leftover after parsing attributes in process `syz.3.553'. [ 303.392509][ T8965] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 303.606391][ T8963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.555'. [ 304.141991][ T8972] zswap: compressor not available [ 304.169671][ T8970] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 304.969878][ T8997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.559'. [ 306.740391][ T9018] netlink: 342 bytes leftover after parsing attributes in process `syz.0.567'. [ 306.935421][ T9022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.569'. [ 308.102038][ T9035] netlink: 342 bytes leftover after parsing attributes in process `syz.1.572'. [ 308.847004][ T9045] netlink: 4 bytes leftover after parsing attributes in process `syz.2.573'. [ 308.985452][ T9044] netlink: 4 bytes leftover after parsing attributes in process `syz.0.581'. [ 310.054676][ T9060] zswap: compressor not available [ 310.108455][ T9066] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 310.185323][ T9067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.576'. [ 312.322500][ T9119] netlink: 342 bytes leftover after parsing attributes in process `syz.1.584'. [ 314.117621][ T9137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.594'. [ 315.376303][ T9159] zswap: compressor not available [ 315.786822][ T9165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.590'. [ 316.767591][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.595'. [ 318.690920][ T9207] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 322.550214][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.556768][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.397070][ T9278] netlink: 4 bytes leftover after parsing attributes in process `syz.1.608'. [ 324.121773][ T9290] netlink: 342 bytes leftover after parsing attributes in process `syz.2.610'. [ 324.570137][ T9299] netlink: 4 bytes leftover after parsing attributes in process `syz.1.612'. [ 325.002565][ T9303] netlink: 4 bytes leftover after parsing attributes in process `syz.0.622'. [ 325.969183][ T9317] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 326.483894][ T9328] netlink: 342 bytes leftover after parsing attributes in process `syz.1.618'. [ 327.193251][ T9331] FAULT_INJECTION: forcing a failure. [ 327.193251][ T9331] name failslab, interval 1, probability 0, space 0, times 0 [ 327.285219][ T9331] CPU: 1 UID: 0 PID: 9331 Comm: syz.3.619 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 327.285255][ T9331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 327.285270][ T9331] Call Trace: [ 327.285279][ T9331] [ 327.285290][ T9331] dump_stack_lvl+0x16c/0x1f0 [ 327.285330][ T9331] should_fail_ex+0x512/0x640 [ 327.285367][ T9331] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 327.285402][ T9331] should_failslab+0xc2/0x120 [ 327.285435][ T9331] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 327.285468][ T9331] ? copy_process+0x3798/0x7690 [ 327.285499][ T9331] ? _raw_spin_unlock_irq+0x23/0x50 [ 327.285529][ T9331] copy_process+0x3798/0x7690 [ 327.285575][ T9331] ? __pfx_copy_process+0x10/0x10 [ 327.285606][ T9331] ? futex_private_hash_put+0x176/0x300 [ 327.285641][ T9331] ? futex_private_hash_put+0x18a/0x300 [ 327.285685][ T9331] kernel_clone+0xfc/0x930 [ 327.285717][ T9331] ? __pfx_futex_wake+0x10/0x10 [ 327.285753][ T9331] ? __pfx_kernel_clone+0x10/0x10 [ 327.285806][ T9331] __do_sys_clone+0xce/0x120 [ 327.285839][ T9331] ? __pfx___do_sys_clone+0x10/0x10 [ 327.285886][ T9331] ? xfd_validate_state+0x61/0x180 [ 327.285930][ T9331] do_syscall_64+0xcd/0x490 [ 327.285963][ T9331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.285987][ T9331] RIP: 0033:0x7f1ac038ebe9 [ 327.286007][ T9331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.286032][ T9331] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 327.286056][ T9331] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 327.286074][ T9331] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 327.286089][ T9331] RBP: 00007f1ac0411e19 R08: 0000000000000000 R09: 0000000000000000 [ 327.286104][ T9331] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 327.286121][ T9331] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 327.286155][ T9331] [ 328.144481][ T9339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.623'. [ 329.573507][ T9360] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 329.583544][ T9356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.625'. [ 330.301986][ T9374] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 331.048146][ T9400] warn_alloc: 1 callbacks suppressed [ 331.048161][ T9400] syz.3.632: vmalloc error: size 16384, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 331.105004][ T9389] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'. [ 331.126893][ T9400] CPU: 0 UID: 0 PID: 9400 Comm: syz.3.632 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 331.126933][ T9400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 331.126948][ T9400] Call Trace: [ 331.126956][ T9400] [ 331.126967][ T9400] dump_stack_lvl+0x16c/0x1f0 [ 331.127004][ T9400] warn_alloc+0x248/0x3a0 [ 331.127036][ T9400] ? __pfx_warn_alloc+0x10/0x10 [ 331.127069][ T9400] ? alloc_pages_mpol+0x25a/0x550 [ 331.127102][ T9400] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 331.127143][ T9400] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 331.127189][ T9400] ? kernel_clone+0xfc/0x930 [ 331.127225][ T9400] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 331.127272][ T9400] ? kernel_clone+0xfc/0x930 [ 331.127299][ T9400] __vmalloc_node_noprof+0xad/0xf0 [ 331.127332][ T9400] ? kernel_clone+0xfc/0x930 [ 331.127363][ T9400] copy_process+0x2c70/0x7690 [ 331.127404][ T9400] ? __pfx_copy_process+0x10/0x10 [ 331.127431][ T9400] ? futex_private_hash_put+0x176/0x300 [ 331.127461][ T9400] ? futex_private_hash_put+0x18a/0x300 [ 331.127496][ T9400] kernel_clone+0xfc/0x930 [ 331.127538][ T9400] ? __pfx_futex_wake+0x10/0x10 [ 331.127570][ T9400] ? __pfx_kernel_clone+0x10/0x10 [ 331.127619][ T9400] __do_sys_clone+0xce/0x120 [ 331.127648][ T9400] ? __pfx___do_sys_clone+0x10/0x10 [ 331.127689][ T9400] ? xfd_validate_state+0x61/0x180 [ 331.127732][ T9400] do_syscall_64+0xcd/0x490 [ 331.127764][ T9400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.127788][ T9400] RIP: 0033:0x7f1ac038ebe9 [ 331.127809][ T9400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.127833][ T9400] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 331.127857][ T9400] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 331.127874][ T9400] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 331.127889][ T9400] RBP: 00007f1ac0411e19 R08: 0000000000000000 R09: 0000000000000000 [ 331.127904][ T9400] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 331.127920][ T9400] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 331.127952][ T9400] [ 331.127961][ T9400] Mem-Info: [ 331.517560][ T9400] active_anon:7696 inactive_anon:0 isolated_anon:9 [ 331.517560][ T9400] active_file:4935 inactive_file:40791 isolated_file:0 [ 331.517560][ T9400] unevictable:768 dirty:754 writeback:0 [ 331.517560][ T9400] slab_reclaimable:10343 slab_unreclaimable:92419 [ 331.517560][ T9400] mapped:30433 shmem:1833 pagetables:1211 [ 331.517560][ T9400] sec_pagetables:0 bounce:0 [ 331.517560][ T9400] kernel_misc_reclaimable:0 [ 331.517560][ T9400] free:1336583 free_pcp:14332 free_cma:0 [ 331.584697][ T9400] Node 0 active_anon:30784kB inactive_anon:0kB active_file:19740kB inactive_file:162964kB unevictable:1536kB isolated(anon):36kB isolated(file):0kB mapped:121832kB dirty:3016kB writeback:0kB shmem:5796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11900kB pagetables:4692kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 331.640384][ T9400] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 331.744138][ T9400] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 331.840799][ T9400] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 331.902830][ T9400] Node 0 DMA32 free:1449836kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28140kB inactive_anon:0kB active_file:19740kB inactive_file:161656kB unevictable:1536kB writepending:3016kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:34748kB local_pcp:20928kB free_cma:0kB [ 332.052948][ T9400] lowmem_reserve[]: 0 0 1 1 1 [ 332.175158][ T9400] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 332.286965][ T9400] lowmem_reserve[]: 0 0 0 0 0 [ 332.291861][ T9400] Node 1 Normal free:3885480kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:19820kB local_pcp:4568kB free_cma:0kB [ 332.364486][ T9400] lowmem_reserve[]: 0 0 0 0 0 [ 332.379631][ T9400] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 332.474176][ T9400] Node 0 DMA32: 790*4kB (UM) 1158*8kB (UME) 530*16kB (UME) 625*32kB (UME) 222*64kB (UME) 139*128kB (UME) 78*256kB (UME) 37*512kB (ME) 19*1024kB (UM) 7*2048kB (UM) 318*4096kB (UM) = 1448136kB [ 332.530615][ T9400] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 332.598095][ T9400] Node 1 Normal: 129*4kB (UME) 59*8kB (UME) 20*16kB (UME) 122*32kB (UME) 42*64kB (UME) 6*128kB (UME) 2*256kB (UE) 1*512kB (M) 3*1024kB (UME) 3*2048kB (UME) 944*4096kB (M) = 3885532kB [ 332.745047][ T9400] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 332.767073][ T9400] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 332.957920][ T9400] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 333.073273][ T9400] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 333.190308][ T9400] 50277 total pagecache pages [ 333.267981][ T9400] 5 pages in swap cache [ 333.272852][ T9400] Free swap = 124976kB [ 333.309278][ T9400] Total swap = 124996kB [ 333.390581][ T9400] 2097051 pages RAM [ 333.424710][ T9400] 0 pages HighMem/MovableOnly [ 333.429445][ T9400] 430185 pages reserved [ 333.466827][ T9400] 0 pages cma reserved [ 334.442962][ T9440] program syz.2.637 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 335.017753][ T9446] netlink: 4 bytes leftover after parsing attributes in process `syz.3.638'. [ 335.749296][ T9454] zswap: compressor not available [ 341.831211][ T9527] zswap: compressor not available [ 342.172282][ T9535] netlink: 4 bytes leftover after parsing attributes in process `syz.0.657'. [ 343.502311][ T9552] netlink: 4 bytes leftover after parsing attributes in process `syz.2.660'. [ 343.568734][ T9550] zswap: compressor not available [ 344.167944][ T9561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.662'. [ 344.410124][ T9571] FAULT_INJECTION: forcing a failure. [ 344.410124][ T9571] name failslab, interval 1, probability 0, space 0, times 0 [ 344.454715][ T9571] CPU: 0 UID: 0 PID: 9571 Comm: syz.2.665 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 344.454740][ T9571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 344.454750][ T9571] Call Trace: [ 344.454755][ T9571] [ 344.454761][ T9571] dump_stack_lvl+0x16c/0x1f0 [ 344.454784][ T9571] should_fail_ex+0x512/0x640 [ 344.454805][ T9571] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 344.454825][ T9571] should_failslab+0xc2/0x120 [ 344.454844][ T9571] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 344.454860][ T9571] ? dup_fd+0x6ac/0xb90 [ 344.454883][ T9571] ? copy_fs_struct+0x49/0x340 [ 344.454906][ T9571] copy_fs_struct+0x49/0x340 [ 344.454929][ T9571] copy_process+0x3219/0x7690 [ 344.454948][ T9571] ? __pfx___futex_wait+0x10/0x10 [ 344.454975][ T9571] ? __pfx_copy_process+0x10/0x10 [ 344.454993][ T9571] ? futex_private_hash_put+0x176/0x300 [ 344.455011][ T9571] ? futex_private_hash_put+0x18a/0x300 [ 344.455030][ T9571] kernel_clone+0xfc/0x930 [ 344.455049][ T9571] ? __pfx_kernel_clone+0x10/0x10 [ 344.455076][ T9571] __do_sys_clone+0xce/0x120 [ 344.455093][ T9571] ? __pfx___do_sys_clone+0x10/0x10 [ 344.455123][ T9571] ? xfd_validate_state+0x61/0x180 [ 344.455151][ T9571] do_syscall_64+0xcd/0x490 [ 344.455170][ T9571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.455184][ T9571] RIP: 0033:0x7feec5d8ebe9 [ 344.455196][ T9571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.455209][ T9571] RSP: 002b:00007feec6bfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 344.455225][ T9571] RAX: ffffffffffffffda RBX: 00007feec5fb5fa0 RCX: 00007feec5d8ebe9 [ 344.455234][ T9571] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 344.455242][ T9571] RBP: 00007feec5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 344.455251][ T9571] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 344.455259][ T9571] R13: 00007feec5fb6038 R14: 00007feec5fb5fa0 R15: 00007ffde4622028 [ 344.455278][ T9571] [ 345.953472][ T9592] netlink: 4 bytes leftover after parsing attributes in process `syz.0.668'. [ 347.855541][ T9615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.672'. [ 347.877940][ T9620] netlink: 342 bytes leftover after parsing attributes in process `syz.1.673'. [ 348.728841][ T9632] FAULT_INJECTION: forcing a failure. [ 348.728841][ T9632] name failslab, interval 1, probability 0, space 0, times 0 [ 348.743584][ T9632] CPU: 1 UID: 0 PID: 9632 Comm: syz.3.677 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 348.743625][ T9632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 348.743641][ T9632] Call Trace: [ 348.743650][ T9632] [ 348.743660][ T9632] dump_stack_lvl+0x16c/0x1f0 [ 348.743706][ T9632] should_fail_ex+0x512/0x640 [ 348.743741][ T9632] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 348.743775][ T9632] should_failslab+0xc2/0x120 [ 348.743808][ T9632] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 348.743839][ T9632] ? copy_process+0x3798/0x7690 [ 348.743870][ T9632] ? _raw_spin_unlock_irq+0x23/0x50 [ 348.743901][ T9632] copy_process+0x3798/0x7690 [ 348.743946][ T9632] ? __pfx_copy_process+0x10/0x10 [ 348.743974][ T9632] ? futex_private_hash_put+0x176/0x300 [ 348.744002][ T9632] ? futex_private_hash_put+0x18a/0x300 [ 348.744035][ T9632] kernel_clone+0xfc/0x930 [ 348.744059][ T9632] ? __pfx_futex_wake+0x10/0x10 [ 348.744090][ T9632] ? __pfx_kernel_clone+0x10/0x10 [ 348.744140][ T9632] __do_sys_clone+0xce/0x120 [ 348.744169][ T9632] ? __pfx___do_sys_clone+0x10/0x10 [ 348.744217][ T9632] ? xfd_validate_state+0x61/0x180 [ 348.744262][ T9632] do_syscall_64+0xcd/0x490 [ 348.744300][ T9632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.744324][ T9632] RIP: 0033:0x7f1ac038ebe9 [ 348.744343][ T9632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.744367][ T9632] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 348.744391][ T9632] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 348.744406][ T9632] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 348.744420][ T9632] RBP: 00007f1ac0411e19 R08: 0000000000000000 R09: 0000000000000000 [ 348.744435][ T9632] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 348.744450][ T9632] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 348.744480][ T9632] [ 349.161009][ T9640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.679'. [ 349.363188][ T9639] zswap: compressor not available [ 350.298149][ T9659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.681'. [ 352.634354][ T9683] netlink: 4 bytes leftover after parsing attributes in process `syz.0.684'. [ 352.843429][ T9684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.686'. [ 353.709429][ T9701] FAULT_INJECTION: forcing a failure. [ 353.709429][ T9701] name failslab, interval 1, probability 0, space 0, times 0 [ 353.753288][ T9701] CPU: 0 UID: 0 PID: 9701 Comm: syz.1.690 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 353.753329][ T9701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 353.753346][ T9701] Call Trace: [ 353.753354][ T9701] [ 353.753364][ T9701] dump_stack_lvl+0x16c/0x1f0 [ 353.753403][ T9701] should_fail_ex+0x512/0x640 [ 353.753437][ T9701] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 353.753472][ T9701] should_failslab+0xc2/0x120 [ 353.753504][ T9701] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 353.753534][ T9701] ? copy_process+0x3798/0x7690 [ 353.753565][ T9701] ? _raw_spin_unlock_irq+0x23/0x50 [ 353.753597][ T9701] copy_process+0x3798/0x7690 [ 353.753644][ T9701] ? __pfx_copy_process+0x10/0x10 [ 353.753674][ T9701] ? futex_private_hash_put+0x176/0x300 [ 353.753708][ T9701] ? futex_private_hash_put+0x18a/0x300 [ 353.753744][ T9701] kernel_clone+0xfc/0x930 [ 353.753775][ T9701] ? __pfx_futex_wake+0x10/0x10 [ 353.753810][ T9701] ? __pfx_kernel_clone+0x10/0x10 [ 353.753860][ T9701] __do_sys_clone+0xce/0x120 [ 353.753892][ T9701] ? __pfx___do_sys_clone+0x10/0x10 [ 353.753949][ T9701] ? xfd_validate_state+0x61/0x180 [ 353.753999][ T9701] do_syscall_64+0xcd/0x490 [ 353.754036][ T9701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.754062][ T9701] RIP: 0033:0x7f212558ebe9 [ 353.754083][ T9701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.754108][ T9701] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 353.754133][ T9701] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 353.754150][ T9701] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 353.754166][ T9701] RBP: 00007f2125611e19 R08: 0000000000000000 R09: 0000000000000000 [ 353.754180][ T9701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.754191][ T9701] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 353.754222][ T9701] [ 354.095667][ T9702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.698'. [ 355.114420][ T9709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'. [ 355.137799][ T9723] netlink: 334 bytes leftover after parsing attributes in process `syz.0.694'. [ 357.167164][ T9742] netlink: 4 bytes leftover after parsing attributes in process `syz.1.701'. [ 357.426140][ T9747] FAULT_INJECTION: forcing a failure. [ 357.426140][ T9747] name failslab, interval 1, probability 0, space 0, times 0 [ 357.453822][ T9747] CPU: 1 UID: 0 PID: 9747 Comm: syz.1.703 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 357.453861][ T9747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 357.453875][ T9747] Call Trace: [ 357.453884][ T9747] [ 357.453894][ T9747] dump_stack_lvl+0x16c/0x1f0 [ 357.453932][ T9747] should_fail_ex+0x512/0x640 [ 357.453966][ T9747] ? __kvmalloc_node_noprof+0x124/0x620 [ 357.453999][ T9747] should_failslab+0xc2/0x120 [ 357.454035][ T9747] __kvmalloc_node_noprof+0x137/0x620 [ 357.454065][ T9747] ? alloc_fdtable+0x175/0x2d0 [ 357.454113][ T9747] ? alloc_fdtable+0x175/0x2d0 [ 357.454137][ T9747] alloc_fdtable+0x175/0x2d0 [ 357.454166][ T9747] dup_fd+0x83b/0xb90 [ 357.454199][ T9747] ? apparmor_task_alloc+0x2c2/0x3b0 [ 357.454239][ T9747] copy_process+0x230c/0x7690 [ 357.454271][ T9747] ? __pfx___futex_wait+0x10/0x10 [ 357.454321][ T9747] ? __pfx_copy_process+0x10/0x10 [ 357.454352][ T9747] ? futex_private_hash_put+0x176/0x300 [ 357.454388][ T9747] ? futex_private_hash_put+0x18a/0x300 [ 357.454425][ T9747] kernel_clone+0xfc/0x930 [ 357.454460][ T9747] ? __pfx_kernel_clone+0x10/0x10 [ 357.454521][ T9747] __do_sys_clone+0xce/0x120 [ 357.454556][ T9747] ? __pfx___do_sys_clone+0x10/0x10 [ 357.454606][ T9747] ? xfd_validate_state+0x61/0x180 [ 357.454645][ T9747] do_syscall_64+0xcd/0x490 [ 357.454678][ T9747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.454706][ T9747] RIP: 0033:0x7f212558ebe9 [ 357.454727][ T9747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.454752][ T9747] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 357.454777][ T9747] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 357.454795][ T9747] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 357.454812][ T9747] RBP: 00007f2125611e19 R08: 0000000000000000 R09: 0000000000000000 [ 357.454828][ T9747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.454844][ T9747] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 357.454880][ T9747] [ 358.172981][ T9752] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 360.877285][ T9804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.711'. [ 362.032641][ T9820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.713'. [ 365.092493][ T9866] netlink: 342 bytes leftover after parsing attributes in process `syz.3.721'. [ 365.164950][ T9868] netlink: 342 bytes leftover after parsing attributes in process `syz.3.721'. [ 365.386324][ T9872] netlink: 4 bytes leftover after parsing attributes in process `syz.1.722'. [ 366.809125][ T9880] netlink: 4 bytes leftover after parsing attributes in process `syz.3.725'. [ 367.389396][ T9898] netlink: 4 bytes leftover after parsing attributes in process `syz.0.727'. [ 368.512540][ T9908] netlink: 342 bytes leftover after parsing attributes in process `syz.0.729'. [ 368.587066][ T9908] netlink: 342 bytes leftover after parsing attributes in process `syz.0.729'. [ 370.129733][ T9928] zswap: compressor not available [ 372.156413][ T9956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.740'. [ 373.194520][ T9966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.742'. [ 373.224855][ T9969] netlink: 330 bytes leftover after parsing attributes in process `syz.2.743'. [ 374.481793][ T9991] netlink: 4 bytes leftover after parsing attributes in process `syz.1.748'. [ 374.537268][ T9992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.750'. [ 375.926111][T10005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.753'. [ 376.400596][T10013] netlink: 4 bytes leftover after parsing attributes in process `syz.1.755'. [ 376.661424][T10019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.756'. [ 377.851151][T10031] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 378.197940][T10035] netlink: 4 bytes leftover after parsing attributes in process `syz.1.760'. [ 378.288993][T10040] blktrace: Concurrent blktraces are not allowed on loop2 [ 380.514589][T10072] zswap: compressor not available [ 380.527819][T10068] netlink: 4 bytes leftover after parsing attributes in process `syz.1.769'. [ 381.302570][T10090] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 382.385689][T10100] netlink: 342 bytes leftover after parsing attributes in process `syz.2.775'. [ 382.518048][T10101] netlink: 342 bytes leftover after parsing attributes in process `syz.2.775'. [ 382.885867][T10109] netlink: 342 bytes leftover after parsing attributes in process `syz.1.777'. [ 382.896787][T10109] netlink: 342 bytes leftover after parsing attributes in process `syz.1.777'. [ 383.796180][T10125] netlink: 342 bytes leftover after parsing attributes in process `syz.2.782'. [ 383.817074][T10125] netlink: 342 bytes leftover after parsing attributes in process `syz.2.782'. [ 383.989320][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.997307][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.098855][T10132] netlink: 342 bytes leftover after parsing attributes in process `syz.0.784'. [ 384.110541][T10132] netlink: 342 bytes leftover after parsing attributes in process `syz.0.784'. [ 384.539732][T10141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.787'. [ 386.137330][T10178] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 387.162824][T10196] netlink: 342 bytes leftover after parsing attributes in process `syz.2.798'. [ 387.198503][T10196] netlink: 342 bytes leftover after parsing attributes in process `syz.2.798'. [ 387.600567][T10203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.801'. [ 388.227935][T10210] zswap: compressor not available [ 388.622153][T10224] netlink: 342 bytes leftover after parsing attributes in process `syz.2.805'. [ 388.635655][T10224] netlink: 342 bytes leftover after parsing attributes in process `syz.2.805'. [ 388.877326][T10230] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 392.491901][T10270] netlink: 342 bytes leftover after parsing attributes in process `syz.1.813'. [ 392.503266][T10270] netlink: 342 bytes leftover after parsing attributes in process `syz.1.813'. [ 393.267939][T10287] blktrace: Concurrent blktraces are not allowed on loop2 [ 393.586939][T10290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.820'. [ 393.732522][T10299] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 395.017647][T10316] netlink: 334 bytes leftover after parsing attributes in process `syz.2.826'. [ 395.431428][T10331] netlink: 342 bytes leftover after parsing attributes in process `syz.1.829'. [ 395.444587][T10330] netlink: 342 bytes leftover after parsing attributes in process `syz.1.829'. [ 396.502325][T10340] blktrace: Concurrent blktraces are not allowed on loop2 [ 396.969358][T10341] zswap: compressor not available [ 397.129311][T10349] nvme_fabrics: missing parameter 'transport=%s' [ 397.136515][T10349] nvme_fabrics: missing parameter 'nqn=%s' [ 397.529995][T10356] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 397.832137][T10357] zswap: compressor not available [ 398.814786][T10380] netlink: 342 bytes leftover after parsing attributes in process `syz.1.840'. [ 398.859071][T10381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.841'. [ 399.992587][T10400] blktrace: Concurrent blktraces are not allowed on loop2 [ 400.886159][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.845'. [ 401.537006][T10413] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 402.098423][T10420] netlink: 4 bytes leftover after parsing attributes in process `syz.2.848'. [ 402.309341][T10429] netlink: 342 bytes leftover after parsing attributes in process `syz.3.852'. [ 402.729121][T10432] netlink: 4 bytes leftover after parsing attributes in process `syz.0.853'. [ 403.363083][T10440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.854'. [ 403.737167][T10439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.855'. [ 403.794756][T10446] netlink: 4 bytes leftover after parsing attributes in process `syz.3.856'. [ 404.270266][T10451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'. [ 405.229417][T10464] program syz.0.861 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 405.512581][T10473] netlink: 4 bytes leftover after parsing attributes in process `syz.2.862'. [ 405.743191][T10479] blktrace: Concurrent blktraces are not allowed on loop2 [ 406.735138][T10496] netlink: 4 bytes leftover after parsing attributes in process `syz.0.866'. [ 409.985452][T10523] netlink: 4 bytes leftover after parsing attributes in process `syz.3.873'. [ 410.189763][T10526] zswap: compressor not available [ 411.617014][T10550] netlink: 342 bytes leftover after parsing attributes in process `syz.0.878'. [ 411.697576][T10548] netlink: 342 bytes leftover after parsing attributes in process `syz.1.877'. [ 412.488628][T10571] netlink: 334 bytes leftover after parsing attributes in process `syz.0.882'. [ 412.662962][T10565] netlink: 4 bytes leftover after parsing attributes in process `syz.3.881'. [ 415.337535][T10609] netlink: 342 bytes leftover after parsing attributes in process `syz.1.889'. [ 415.616587][T10613] blktrace: Concurrent blktraces are not allowed on loop2 [ 415.961494][T10619] netlink: 342 bytes leftover after parsing attributes in process `syz.1.892'. [ 417.517666][T10636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.894'. [ 423.182022][T10690] netlink: 342 bytes leftover after parsing attributes in process `syz.2.904'. [ 424.642908][T10704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.909'. [ 425.238480][T10711] zswap: compressor not available [ 425.473623][T10721] netlink: 334 bytes leftover after parsing attributes in process `syz.2.911'. [ 428.018450][T10751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.918'. [ 428.328340][T10767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.921'. [ 429.531992][T10781] blktrace: Concurrent blktraces are not allowed on loop2 [ 436.857192][T10857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.936'. [ 438.565357][T10862] netlink: 4 bytes leftover after parsing attributes in process `syz.1.937'. [ 439.302799][T10866] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 440.761399][T10889] netlink: 4 bytes leftover after parsing attributes in process `syz.1.943'. [ 442.868404][T10921] netlink: 4 bytes leftover after parsing attributes in process `syz.3.949'. [ 445.429070][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.435562][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.463871][T10951] netlink: 330 bytes leftover after parsing attributes in process `syz.1.953'. [ 450.858250][T10997] netlink: 342 bytes leftover after parsing attributes in process `syz.0.959'. [ 451.284253][T11005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.963'. [ 451.308111][T11006] netlink: 4 bytes leftover after parsing attributes in process `syz.2.964'. [ 452.356826][T11022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.974'. [ 452.531754][T11021] netlink: 4 bytes leftover after parsing attributes in process `syz.2.966'. [ 453.627403][T11041] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 454.811077][T11051] netlink: 4 bytes leftover after parsing attributes in process `syz.3.972'. [ 454.916506][T11055] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 454.993549][T11059] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 455.568760][T11062] netlink: 4 bytes leftover after parsing attributes in process `syz.0.976'. [ 456.128286][T11068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.977'. [ 456.462240][T11072] netlink: 4 bytes leftover after parsing attributes in process `syz.1.979'. [ 457.651282][T11089] netlink: 4 bytes leftover after parsing attributes in process `syz.3.982'. [ 458.812657][T11104] netlink: 4 bytes leftover after parsing attributes in process `syz.3.984'. [ 461.677693][T11126] netlink: 4 bytes leftover after parsing attributes in process `syz.0.988'. [ 462.327426][T11137] netlink: 334 bytes leftover after parsing attributes in process `syz.2.991'. [ 462.538731][T11139] netlink: 330 bytes leftover after parsing attributes in process `syz.3.992'. [ 462.672138][T11142] blktrace: Concurrent blktraces are not allowed on loop2 [ 463.149969][T11148] netlink: 4 bytes leftover after parsing attributes in process `syz.2.993'. [ 463.391672][T11161] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1005'. [ 464.313164][T11173] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1007'. [ 464.683371][T11176] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 465.397336][T11186] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1000'. [ 465.796877][T11194] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1002'. [ 467.313048][T11207] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1004'. [ 467.996475][T11217] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1009'. [ 468.176933][T11219] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1008'. [ 468.300840][T11226] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1011'. [ 469.299743][T11232] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 469.508439][T11239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1015'. [ 472.325681][T11270] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1019'. [ 472.612100][T11277] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1020'. [ 473.334762][T11287] blktrace: Concurrent blktraces are not allowed on loop2 [ 475.770502][T11317] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1027'. [ 477.257371][T11328] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1030'. [ 477.341220][T11335] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1031'. [ 478.560836][T11353] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1034'. [ 479.486939][T11365] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1036'. [ 479.643382][T11373] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1037'. [ 482.243516][T11394] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1040'. [ 482.381591][T11398] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1041'. [ 482.934694][T11404] blktrace: Concurrent blktraces are not allowed on loop2 [ 484.990393][T11432] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1048'. [ 485.177610][T11447] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1060'. [ 485.989269][T11457] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1053'. [ 486.248204][T11464] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1055'. [ 486.733205][T11471] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1057'. [ 490.032428][T11510] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1067'. [ 498.012646][T11611] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1084'. [ 499.127697][T11626] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1087'. [ 502.819589][T11655] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1091'. [ 503.486666][T11660] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1093'. [ 503.999485][T11669] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1094'. [ 504.065851][T11671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1095'. [ 505.561505][T11689] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1099'. [ 506.885004][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.891335][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.957435][T11711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1103'. [ 508.803231][T11721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1105'. [ 509.346449][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1107'. [ 511.026611][T11757] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1112'. [ 511.166067][T11762] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1113'. [ 511.359259][T11763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1114'. [ 512.292842][T11774] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1115'. [ 513.378083][T11787] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1118'. [ 513.415972][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1117'. [ 514.946509][T11801] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1120'. [ 515.077608][T11806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1121'. [ 516.723411][T11823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1125'. [ 516.938440][T11822] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1124'. [ 518.583797][T11853] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1130'. [ 518.626793][T11850] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1129'. [ 519.403161][T11857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1131'. [ 522.456061][T11902] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1138'. [ 523.268116][T11915] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1140'. [ 524.250627][T11925] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1142'. [ 524.622803][T11931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'. [ 525.714449][T11937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1145'. [ 526.672774][T11965] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1151'. [ 526.865064][T11970] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1152'. [ 530.645989][T11994] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1156'. [ 530.999172][T12004] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1158'. [ 531.067622][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1157'. [ 531.906268][T12012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1161'. [ 532.436021][T12017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1162'. [ 533.921361][T12041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1165'. [ 534.920923][T12046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1166'. [ 536.548299][T12068] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1171'. [ 539.297087][T12096] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1176'. [ 539.920482][T12109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1178'. [ 540.256118][T12118] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1181'. [ 541.201541][T12128] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1183'. [ 541.836762][T12136] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1185'. [ 544.935402][T12174] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1191'. [ 544.949118][T12171] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1199'. [ 545.766610][T12180] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1193'. [ 547.484551][T12212] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1200'. [ 547.981352][T12218] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1202'. [ 548.860357][T12225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1204'. [ 550.252575][T12243] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1207'. [ 551.296540][T12256] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1209'. [ 551.866633][T12260] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1210'. [ 554.765601][T12288] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1216'. [ 554.801649][T12289] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1215'. [ 559.290083][T12354] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1230'. [ 559.852605][T12361] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1232'. [ 561.541228][T12386] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1237'. [ 562.592129][T12399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1240'. [ 564.274188][T12432] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1248'. [ 567.077661][T12471] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1258'. [ 568.326572][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.333016][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 570.017394][T12508] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1266'. [ 571.637438][T12539] FAULT_INJECTION: forcing a failure. [ 571.637438][T12539] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 571.724724][T12539] CPU: 1 UID: 0 PID: 12539 Comm: syz.2.1276 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 571.724760][T12539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 571.724772][T12539] Call Trace: [ 571.724778][T12539] [ 571.724783][T12539] dump_stack_lvl+0x16c/0x1f0 [ 571.724807][T12539] should_fail_ex+0x512/0x640 [ 571.724830][T12539] _copy_from_user+0x2e/0xd0 [ 571.724852][T12539] __do_sys_adjtimex+0x92/0x140 [ 571.724871][T12539] ? __pfx___do_sys_adjtimex+0x10/0x10 [ 571.724888][T12539] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 571.724917][T12539] ? __pfx_ksys_write+0x10/0x10 [ 571.724936][T12539] ? rcu_is_watching+0x12/0xc0 [ 571.724952][T12539] do_syscall_64+0xcd/0x490 [ 571.724971][T12539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.724985][T12539] RIP: 0033:0x7feec5d8ebe9 [ 571.724997][T12539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.725011][T12539] RSP: 002b:00007feec6bfc038 EFLAGS: 00000246 ORIG_RAX: 000000000000009f [ 571.725026][T12539] RAX: ffffffffffffffda RBX: 00007feec5fb5fa0 RCX: 00007feec5d8ebe9 [ 571.725035][T12539] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 571.725044][T12539] RBP: 00007feec6bfc090 R08: 0000000000000000 R09: 0000000000000000 [ 571.725052][T12539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 571.725060][T12539] R13: 00007feec5fb6038 R14: 00007feec5fb5fa0 R15: 00007ffde4622028 [ 571.725086][T12539] [ 572.092052][T12547] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 572.169038][T12550] __vm_enough_memory: pid: 12550, comm: syz.1.1277, bytes: 4398046511104 not enough memory for the allocation [ 572.440412][ T30] audit: type=1107 audit(1755101750.113:2): pid=12555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 574.398113][T12581] FAULT_INJECTION: forcing a failure. [ 574.398113][T12581] name failslab, interval 1, probability 0, space 0, times 0 [ 574.462917][T12581] CPU: 0 UID: 0 PID: 12581 Comm: syz.1.1285 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 574.462942][T12581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 574.462951][T12581] Call Trace: [ 574.462956][T12581] [ 574.462962][T12581] dump_stack_lvl+0x16c/0x1f0 [ 574.462984][T12581] should_fail_ex+0x512/0x640 [ 574.463004][T12581] ? fs_reclaim_acquire+0xae/0x150 [ 574.463029][T12581] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 574.463049][T12581] should_failslab+0xc2/0x120 [ 574.463073][T12581] __kmalloc_noprof+0xd2/0x510 [ 574.463094][T12581] tomoyo_realpath_from_path+0xc2/0x6e0 [ 574.463116][T12581] ? tomoyo_profile+0x47/0x60 [ 574.463139][T12581] tomoyo_path_number_perm+0x245/0x580 [ 574.463155][T12581] ? tomoyo_path_number_perm+0x237/0x580 [ 574.463174][T12581] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 574.463192][T12581] ? find_held_lock+0x2b/0x80 [ 574.463222][T12581] ? find_held_lock+0x2b/0x80 [ 574.463235][T12581] ? hook_file_ioctl_common+0x145/0x410 [ 574.463257][T12581] ? __fget_files+0x20e/0x3c0 [ 574.463276][T12581] security_file_ioctl+0x9b/0x240 [ 574.463295][T12581] __x64_sys_ioctl+0xb7/0x210 [ 574.463318][T12581] do_syscall_64+0xcd/0x490 [ 574.463341][T12581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.463357][T12581] RIP: 0033:0x7f212558ebe9 [ 574.463368][T12581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.463382][T12581] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 574.463396][T12581] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 574.463406][T12581] RDX: 0000000000000000 RSI: 0000000000005425 RDI: 0000000000000006 [ 574.463414][T12581] RBP: 00007f2126401090 R08: 0000000000000000 R09: 0000000000000000 [ 574.463423][T12581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 574.463431][T12581] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 574.463450][T12581] [ 574.463464][T12581] ERROR: Out of memory at tomoyo_realpath_from_path. [ 575.423896][T12602] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1290'. [ 577.065268][T12625] FAULT_INJECTION: forcing a failure. [ 577.065268][T12625] name failslab, interval 1, probability 0, space 0, times 0 [ 577.087322][T12625] CPU: 0 UID: 0 PID: 12625 Comm: syz.3.1296 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 577.087359][T12625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 577.087374][T12625] Call Trace: [ 577.087382][T12625] [ 577.087391][T12625] dump_stack_lvl+0x16c/0x1f0 [ 577.087427][T12625] should_fail_ex+0x512/0x640 [ 577.087457][T12625] ? fs_reclaim_acquire+0xae/0x150 [ 577.087491][T12625] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 577.087523][T12625] should_failslab+0xc2/0x120 [ 577.087553][T12625] __kmalloc_noprof+0xd2/0x510 [ 577.087588][T12625] tomoyo_realpath_from_path+0xc2/0x6e0 [ 577.087623][T12625] ? tomoyo_profile+0x47/0x60 [ 577.087652][T12625] tomoyo_path_number_perm+0x245/0x580 [ 577.087669][T12625] ? tomoyo_path_number_perm+0x237/0x580 [ 577.087687][T12625] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 577.087711][T12625] ? find_held_lock+0x2b/0x80 [ 577.087742][T12625] ? find_held_lock+0x2b/0x80 [ 577.087755][T12625] ? hook_file_ioctl_common+0x145/0x410 [ 577.087778][T12625] ? __fget_files+0x20e/0x3c0 [ 577.087797][T12625] security_file_ioctl+0x9b/0x240 [ 577.087816][T12625] __x64_sys_ioctl+0xb7/0x210 [ 577.087839][T12625] do_syscall_64+0xcd/0x490 [ 577.087859][T12625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.087873][T12625] RIP: 0033:0x7f1ac038ebe9 [ 577.087886][T12625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.087900][T12625] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 577.087914][T12625] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 577.087923][T12625] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 577.087932][T12625] RBP: 00007f1ac113a090 R08: 0000000000000000 R09: 0000000000000000 [ 577.087940][T12625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 577.087948][T12625] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 577.087967][T12625] [ 577.088359][T12625] ERROR: Out of memory at tomoyo_realpath_from_path. [ 577.385509][T12625] warn_alloc: 3 callbacks suppressed [ 577.385528][T12625] syz.3.1296: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 577.407787][T12625] CPU: 0 UID: 0 PID: 12625 Comm: syz.3.1296 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 577.407811][T12625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 577.407820][T12625] Call Trace: [ 577.407825][T12625] [ 577.407831][T12625] dump_stack_lvl+0x16c/0x1f0 [ 577.407854][T12625] warn_alloc+0x248/0x3a0 [ 577.407873][T12625] ? __pfx_warn_alloc+0x10/0x10 [ 577.407896][T12625] ? _printk+0xc7/0x100 [ 577.407919][T12625] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 577.407940][T12625] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 577.407964][T12625] ? __pfx___might_resched+0x10/0x10 [ 577.407979][T12625] ? rcu_is_watching+0x12/0xc0 [ 577.407994][T12625] ? trace_contention_end+0xdd/0x130 [ 577.408014][T12625] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 577.408034][T12625] ? tomoyo_path_number_perm+0x295/0x580 [ 577.408055][T12625] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 577.408076][T12625] ? __pfx___mutex_lock+0x10/0x10 [ 577.408095][T12625] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 577.408116][T12625] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 577.408134][T12625] __vmalloc_node_noprof+0xad/0xf0 [ 577.408156][T12625] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 577.408178][T12625] dvb_dvr_do_ioctl+0x15d/0x290 [ 577.408200][T12625] dvb_usercopy+0x164/0x340 [ 577.408219][T12625] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 577.408239][T12625] ? __pfx_dvb_usercopy+0x10/0x10 [ 577.408265][T12625] ? __fget_files+0x20e/0x3c0 [ 577.408285][T12625] dvb_dvr_ioctl+0x29/0x40 [ 577.408303][T12625] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 577.408322][T12625] __x64_sys_ioctl+0x18e/0x210 [ 577.408346][T12625] do_syscall_64+0xcd/0x490 [ 577.408365][T12625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.408389][T12625] RIP: 0033:0x7f1ac038ebe9 [ 577.408401][T12625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.408415][T12625] RSP: 002b:00007f1ac113a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 577.408430][T12625] RAX: ffffffffffffffda RBX: 00007f1ac05b5fa0 RCX: 00007f1ac038ebe9 [ 577.408439][T12625] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 577.408448][T12625] RBP: 00007f1ac113a090 R08: 0000000000000000 R09: 0000000000000000 [ 577.408456][T12625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 577.408465][T12625] R13: 00007f1ac05b6038 R14: 00007f1ac05b5fa0 R15: 00007ffcc4cc5b88 [ 577.408483][T12625] [ 577.408497][T12625] Mem-Info: [ 577.544986][T12627] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1295'. [ 577.600065][ C1] vkms_vblank_simulate: vblank timer overrun [ 577.701905][T12625] active_anon:9300 inactive_anon:0 isolated_anon:0 [ 577.701905][T12625] active_file:7335 inactive_file:41530 isolated_file:0 [ 577.701905][T12625] unevictable:768 dirty:939 writeback:0 [ 577.701905][T12625] slab_reclaimable:10832 slab_unreclaimable:92499 [ 577.701905][T12625] mapped:33312 shmem:3975 pagetables:1212 [ 577.701905][T12625] sec_pagetables:0 bounce:0 [ 577.701905][T12625] kernel_misc_reclaimable:0 [ 577.701905][T12625] free:1324085 free_pcp:17731 free_cma:0 [ 577.747487][ C1] vkms_vblank_simulate: vblank timer overrun [ 577.792060][T12625] Node 0 active_anon:36504kB inactive_anon:0kB active_file:29280kB inactive_file:165812kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:135884kB dirty:3728kB writeback:0kB shmem:15064kB shmem_thp:8192kB shmem_pmdmapped:6144kB anon_thp:0kB kernel_stack:11392kB pagetables:4696kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 578.055889][T12625] Node 1 active_anon:0kB inactive_anon:0kB active_file:60kB inactive_file:308kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:164kB dirty:28kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 578.132475][T12625] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 578.206283][T12625] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 578.234849][T12625] Node 0 DMA32 free:1393376kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45956kB inactive_anon:0kB active_file:29280kB inactive_file:164652kB unevictable:1536kB writepending:3740kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:43580kB local_pcp:26388kB free_cma:0kB [ 578.267557][ C1] vkms_vblank_simulate: vblank timer overrun [ 578.419581][T12625] lowmem_reserve[]: 0 0 1 1 1 [ 578.634593][T12625] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 578.663944][ C1] vkms_vblank_simulate: vblank timer overrun [ 578.747786][T12625] lowmem_reserve[]: 0 0 0 0 0 [ 578.752580][T12625] Node 1 Normal free:3885244kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:60kB inactive_file:308kB unevictable:1536kB writepending:28kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20688kB local_pcp:13720kB free_cma:0kB [ 578.784098][ C1] vkms_vblank_simulate: vblank timer overrun [ 578.790620][T12625] lowmem_reserve[]: 0 0 0 0 0 [ 578.796028][T12625] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 578.809234][T12625] Node 0 DMA32: 437*4kB (UME) 93*8kB (UE) 126*16kB (UME) 412*32kB (UME) 307*64kB (UM) 200*128kB (UM) 100*256kB (UM) 69*512kB (UM) 44*1024kB (M) 0*2048kB 298*4096kB (UM) = 1389532kB [ 578.829986][T12625] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 578.842537][T12625] Node 1 Normal: 101*4kB (UME) 63*8kB (UME) 41*16kB (UME) 201*32kB (UME) 70*64kB (UME) 12*128kB (UME) 4*256kB (ME) 3*512kB (UM) 4*1024kB (UME) 3*2048kB (UME) 942*4096kB (M) = 3885244kB [ 578.885333][T12634] FAULT_INJECTION: forcing a failure. [ 578.885333][T12634] name failslab, interval 1, probability 0, space 0, times 0 [ 578.898619][T12625] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 578.925633][T12625] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 578.948061][T12634] CPU: 0 UID: 0 PID: 12634 Comm: syz.0.1297 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 578.948087][T12634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 578.948096][T12634] Call Trace: [ 578.948102][T12634] [ 578.948109][T12634] dump_stack_lvl+0x16c/0x1f0 [ 578.948134][T12634] should_fail_ex+0x512/0x640 [ 578.948154][T12634] ? __kvmalloc_node_noprof+0x124/0x620 [ 578.948173][T12634] should_failslab+0xc2/0x120 [ 578.948192][T12634] __kvmalloc_node_noprof+0x137/0x620 [ 578.948208][T12634] ? __pfx___mutex_lock+0x10/0x10 [ 578.948227][T12634] ? traverse.part.0.constprop.0+0x392/0x640 [ 578.948246][T12634] ? traverse.part.0.constprop.0+0x392/0x640 [ 578.948259][T12634] traverse.part.0.constprop.0+0x392/0x640 [ 578.948274][T12634] ? aa_file_perm+0x28f/0x12e0 [ 578.948299][T12634] seq_read_iter+0x932/0x12c0 [ 578.948316][T12634] ? __pfx_aa_file_perm+0x10/0x10 [ 578.948339][T12634] seq_read+0x3a3/0x570 [ 578.948352][T12634] ? __pfx_seq_read+0x10/0x10 [ 578.948366][T12634] ? get_pid_task+0xfc/0x250 [ 578.948394][T12634] ? rw_verify_area+0xcf/0x6c0 [ 578.948408][T12634] ? __pfx_seq_read+0x10/0x10 [ 578.948421][T12634] vfs_read+0x1e4/0xcf0 [ 578.948441][T12634] ? __pfx_vfs_read+0x10/0x10 [ 578.948455][T12634] ? find_held_lock+0x2b/0x80 [ 578.948476][T12634] ? __fget_files+0x204/0x3c0 [ 578.948494][T12634] ? __fget_files+0x20e/0x3c0 [ 578.948507][T12634] ? __fget_files+0x200/0x3c0 [ 578.948526][T12634] __x64_sys_pread64+0x1eb/0x250 [ 578.948543][T12634] ? __pfx___x64_sys_pread64+0x10/0x10 [ 578.948566][T12634] do_syscall_64+0xcd/0x490 [ 578.948585][T12634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.948601][T12634] RIP: 0033:0x7fbffd78ebe9 [ 578.948612][T12634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.948626][T12634] RSP: 002b:00007fbffe5a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 578.948642][T12634] RAX: ffffffffffffffda RBX: 00007fbffd9b5fa0 RCX: 00007fbffd78ebe9 [ 578.948651][T12634] RDX: 0000000073528428 RSI: 0000200000002680 RDI: 0000000000000003 [ 578.948660][T12634] RBP: 00007fbffe5a3090 R08: 0000000000000000 R09: 0000000000000000 [ 578.948668][T12634] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 578.948677][T12634] R13: 00007fbffd9b6038 R14: 00007fbffd9b5fa0 R15: 00007ffea40d6c78 [ 578.948696][T12634] [ 579.194999][T12625] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 579.204636][T12625] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 579.214033][T12625] 58565 total pagecache pages [ 579.218814][T12625] 5 pages in swap cache [ 579.222986][T12625] Free swap = 124976kB [ 579.227311][T12625] Total swap = 124996kB [ 579.231491][T12625] 2097051 pages RAM [ 579.235449][T12625] 0 pages HighMem/MovableOnly [ 579.240647][T12625] 430185 pages reserved [ 579.245176][T12625] 0 pages cma reserved [ 579.613990][T12634] zswap: compressor not available [ 579.888233][T12642] zswap: compressor not available [ 580.258179][T12658] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1300'. [ 581.272001][T12686] FAULT_INJECTION: forcing a failure. [ 581.272001][T12686] name failslab, interval 1, probability 0, space 0, times 0 [ 581.310521][T12686] CPU: 1 UID: 0 PID: 12686 Comm: syz.0.1308 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 581.310556][T12686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 581.310570][T12686] Call Trace: [ 581.310578][T12686] [ 581.310586][T12686] dump_stack_lvl+0x16c/0x1f0 [ 581.310621][T12686] should_fail_ex+0x512/0x640 [ 581.310652][T12686] ? fs_reclaim_acquire+0xae/0x150 [ 581.310687][T12686] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 581.310720][T12686] should_failslab+0xc2/0x120 [ 581.310750][T12686] __kmalloc_noprof+0xd2/0x510 [ 581.310784][T12686] tomoyo_realpath_from_path+0xc2/0x6e0 [ 581.310818][T12686] ? tomoyo_profile+0x47/0x60 [ 581.310857][T12686] tomoyo_path_number_perm+0x245/0x580 [ 581.310884][T12686] ? tomoyo_path_number_perm+0x237/0x580 [ 581.310915][T12686] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 581.310946][T12686] ? find_held_lock+0x2b/0x80 [ 581.311068][T12686] ? find_held_lock+0x2b/0x80 [ 581.311104][T12686] ? hook_file_ioctl_common+0x145/0x410 [ 581.311143][T12686] ? __fget_files+0x20e/0x3c0 [ 581.311175][T12686] security_file_ioctl+0x9b/0x240 [ 581.311206][T12686] __x64_sys_ioctl+0xb7/0x210 [ 581.311242][T12686] do_syscall_64+0xcd/0x490 [ 581.311273][T12686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.311307][T12686] RIP: 0033:0x7fbffd78ebe9 [ 581.311334][T12686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.311354][T12686] RSP: 002b:00007fbffe5a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 581.311376][T12686] RAX: ffffffffffffffda RBX: 00007fbffd9b5fa0 RCX: 00007fbffd78ebe9 [ 581.311392][T12686] RDX: 0000200000000240 RSI: 00000000c0481273 RDI: 0000000000000003 [ 581.311408][T12686] RBP: 00007fbffe5a3090 R08: 0000000000000000 R09: 0000000000000000 [ 581.311423][T12686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 581.311437][T12686] R13: 00007fbffd9b6038 R14: 00007fbffd9b5fa0 R15: 00007ffea40d6c78 [ 581.311472][T12686] [ 581.311484][T12686] ERROR: Out of memory at tomoyo_realpath_from_path. [ 581.541066][T12686] blktrace: Concurrent blktraces are not allowed on loop2 [ 581.883817][T12701] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1312'. [ 582.367514][T12712] FAULT_INJECTION: forcing a failure. [ 582.367514][T12712] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 582.486946][T12712] CPU: 1 UID: 0 PID: 12712 Comm: syz.1.1315 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 582.486983][T12712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 582.487001][T12712] Call Trace: [ 582.487009][T12712] [ 582.487018][T12712] dump_stack_lvl+0x16c/0x1f0 [ 582.487053][T12712] should_fail_ex+0x512/0x640 [ 582.487090][T12712] _copy_from_user+0x2e/0xd0 [ 582.487133][T12712] copy_msghdr_from_user+0x98/0x160 [ 582.487165][T12712] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 582.487211][T12712] ___sys_sendmsg+0xfe/0x1d0 [ 582.487243][T12712] ? __pfx____sys_sendmsg+0x10/0x10 [ 582.487303][T12712] ? __mutex_unlock_slowpath+0x140/0x800 [ 582.487343][T12712] __sys_sendmsg+0x16d/0x220 [ 582.487374][T12712] ? __pfx___sys_sendmsg+0x10/0x10 [ 582.487425][T12712] do_syscall_64+0xcd/0x490 [ 582.487458][T12712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.487483][T12712] RIP: 0033:0x7f212558ebe9 [ 582.487502][T12712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.487525][T12712] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 582.487548][T12712] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 582.487564][T12712] RDX: 0000000004000040 RSI: 0000200000004100 RDI: 0000000000000003 [ 582.487579][T12712] RBP: 00007f2126401090 R08: 0000000000000000 R09: 0000000000000000 [ 582.487594][T12712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 582.487608][T12712] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 582.487637][T12712] [ 584.434612][T12741] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 585.162781][T12744] random: crng reseeded on system resumption [ 585.610666][T12753] FAULT_INJECTION: forcing a failure. [ 585.610666][T12753] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 585.695816][T12753] CPU: 0 UID: 0 PID: 12753 Comm: syz.2.1326 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 585.695852][T12753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 585.695865][T12753] Call Trace: [ 585.695874][T12753] [ 585.695883][T12753] dump_stack_lvl+0x16c/0x1f0 [ 585.695918][T12753] should_fail_ex+0x512/0x640 [ 585.695954][T12753] _copy_from_user+0x2e/0xd0 [ 585.695991][T12753] copy_clone_args_from_user+0x150/0x7e0 [ 585.696023][T12753] ? get_pid_task+0xfc/0x250 [ 585.696054][T12753] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 585.696101][T12753] __do_sys_clone3+0xbd/0x290 [ 585.696131][T12753] ? __pfx___do_sys_clone3+0x10/0x10 [ 585.696179][T12753] ? __fget_files+0x20e/0x3c0 [ 585.696230][T12753] do_syscall_64+0xcd/0x490 [ 585.696262][T12753] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.696286][T12753] RIP: 0033:0x7feec5d8ebe9 [ 585.696306][T12753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 585.696329][T12753] RSP: 002b:00007feec6bfbf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 585.696352][T12753] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007feec5d8ebe9 [ 585.696369][T12753] RDX: 00007feec6bfbf20 RSI: 0000000000000058 RDI: 00007feec6bfbf20 [ 585.696384][T12753] RBP: 00007feec6bfc090 R08: 0000000000000000 R09: 0000000000000058 [ 585.696398][T12753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 585.696413][T12753] R13: 00007feec5fb6038 R14: 00007feec5fb5fa0 R15: 00007ffde4622028 [ 585.696445][T12753] [ 588.528462][T12792] random: crng reseeded on system resumption [ 589.017119][T12801] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1337'. [ 589.443286][T12807] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1339'. [ 589.709688][T12810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1340'. [ 590.321117][T12822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1345'. [ 590.565301][T12825] mmap: syz.2.1345 (12825) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 591.109601][T12842] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 591.181546][ T30] audit: type=1800 audit(4294967306.499:3): pid=12837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1348" name="members" dev="configfs" ino=29696 res=0 errno=0 [ 592.184652][T12856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1353'. [ 593.298028][T12872] tipc: Started in network mode [ 593.325605][T12872] tipc: Node identity ee00, cluster identity 4711 [ 593.332070][T12872] tipc: Node number set to 60928 [ 594.819566][T12900] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1363'. [ 594.866225][T12898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1362'. [ 595.215783][T12905] FAULT_INJECTION: forcing a failure. [ 595.215783][T12905] name failslab, interval 1, probability 0, space 0, times 0 [ 595.254283][T12905] CPU: 0 UID: 0 PID: 12905 Comm: syz.2.1365 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 595.254317][T12905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 595.254331][T12905] Call Trace: [ 595.254339][T12905] [ 595.254348][T12905] dump_stack_lvl+0x16c/0x1f0 [ 595.254381][T12905] should_fail_ex+0x512/0x640 [ 595.254412][T12905] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 595.254440][T12905] should_failslab+0xc2/0x120 [ 595.254469][T12905] __kmalloc_cache_noprof+0x6a/0x3e0 [ 595.254494][T12905] ? tty_open+0x13e/0xf90 [ 595.254526][T12905] ? __pfx_tty_open+0x10/0x10 [ 595.254564][T12905] tty_open+0x13e/0xf90 [ 595.254598][T12905] ? __pfx_tty_open+0x10/0x10 [ 595.254624][T12905] ? chrdev_open+0x10b/0x6a0 [ 595.254653][T12905] ? __pfx_tty_open+0x10/0x10 [ 595.254682][T12905] chrdev_open+0x231/0x6a0 [ 595.254709][T12905] ? __pfx_apparmor_file_open+0x10/0x10 [ 595.254735][T12905] ? __pfx_chrdev_open+0x10/0x10 [ 595.254766][T12905] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 595.254798][T12905] do_dentry_open+0x97f/0x1530 [ 595.254824][T12905] ? __pfx_chrdev_open+0x10/0x10 [ 595.254858][T12905] vfs_open+0x82/0x3f0 [ 595.254893][T12905] path_openat+0x1de4/0x2cb0 [ 595.254927][T12905] ? __pfx_path_openat+0x10/0x10 [ 595.254959][T12905] do_filp_open+0x20b/0x470 [ 595.254986][T12905] ? __pfx_do_filp_open+0x10/0x10 [ 595.255036][T12905] ? alloc_fd+0x471/0x7d0 [ 595.255071][T12905] do_sys_openat2+0x11b/0x1d0 [ 595.255104][T12905] ? __pfx_do_sys_openat2+0x10/0x10 [ 595.255141][T12905] ? __fget_files+0x20e/0x3c0 [ 595.255171][T12905] __x64_sys_openat+0x174/0x210 [ 595.255206][T12905] ? __pfx___x64_sys_openat+0x10/0x10 [ 595.255239][T12905] ? ksys_write+0x1ac/0x250 [ 595.255278][T12905] do_syscall_64+0xcd/0x490 [ 595.255310][T12905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.255346][T12905] RIP: 0033:0x7feec5d8ebe9 [ 595.255366][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.255390][T12905] RSP: 002b:00007feec6bdb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 595.255413][T12905] RAX: ffffffffffffffda RBX: 00007feec5fb6090 RCX: 00007feec5d8ebe9 [ 595.255429][T12905] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 595.255445][T12905] RBP: 00007feec6bdb090 R08: 0000000000000000 R09: 0000000000000000 [ 595.255460][T12905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 595.255474][T12905] R13: 00007feec5fb6128 R14: 00007feec5fb6090 R15: 00007ffde4622028 [ 595.255508][T12905] [ 595.863680][T12905] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 597.902583][T12960] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1373'. [ 598.580789][T12966] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1375'. [ 599.267556][T12984] zswap: compressor not available [ 599.522118][T13004] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1382'. [ 601.510725][ T30] audit: type=1800 audit(4294967316.829:4): pid=13035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1387" name="members" dev="configfs" ino=30501 res=0 errno=0 [ 602.498166][T13041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1388'. [ 603.130022][T13053] FAULT_INJECTION: forcing a failure. [ 603.130022][T13053] name failslab, interval 1, probability 0, space 0, times 0 [ 603.224582][T13053] CPU: 1 UID: 0 PID: 13053 Comm: syz.1.1391 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 603.224618][T13053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 603.224631][T13053] Call Trace: [ 603.224639][T13053] [ 603.224649][T13053] dump_stack_lvl+0x16c/0x1f0 [ 603.224684][T13053] should_fail_ex+0x512/0x640 [ 603.224714][T13053] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 603.224754][T13053] should_failslab+0xc2/0x120 [ 603.224785][T13053] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 603.224811][T13053] ? rcu_is_watching+0x12/0xc0 [ 603.224835][T13053] ? get_random_u64+0x57c/0x7d0 [ 603.224857][T13053] ? prepare_creds+0x2c/0x7d0 [ 603.224894][T13053] prepare_creds+0x2c/0x7d0 [ 603.224929][T13053] copy_creds+0xa7/0xa50 [ 603.224966][T13053] copy_process+0xff6/0x7690 [ 603.225009][T13053] ? __pfx_copy_process+0x10/0x10 [ 603.225056][T13053] kernel_clone+0xfc/0x930 [ 603.225087][T13053] ? __pfx_kernel_clone+0x10/0x10 [ 603.225128][T13053] ? __mutex_unlock_slowpath+0x163/0x800 [ 603.225163][T13053] __do_sys_clone+0xce/0x120 [ 603.225191][T13053] ? __pfx___do_sys_clone+0x10/0x10 [ 603.225235][T13053] ? ksys_write+0x1ac/0x250 [ 603.225262][T13053] ? __pfx_ksys_write+0x10/0x10 [ 603.225299][T13053] do_syscall_64+0xcd/0x490 [ 603.225331][T13053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.225357][T13053] RIP: 0033:0x7f212558ebe9 [ 603.225375][T13053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.225395][T13053] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 603.225418][T13053] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 603.225435][T13053] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 603.225448][T13053] RBP: 00007f2126401090 R08: 0000000000000000 R09: 0000000000000000 [ 603.225461][T13053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.225475][T13053] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 603.225504][T13053] [ 603.518262][T13057] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1392'. [ 603.896148][T13066] FAULT_INJECTION: forcing a failure. [ 603.896148][T13066] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 603.931803][T13066] CPU: 1 UID: 0 PID: 13066 Comm: syz.1.1394 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 603.931839][T13066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 603.931860][T13066] Call Trace: [ 603.931868][T13066] [ 603.931877][T13066] dump_stack_lvl+0x16c/0x1f0 [ 603.931910][T13066] should_fail_ex+0x512/0x640 [ 603.931944][T13066] _copy_from_iter+0x29f/0x16f0 [ 603.931987][T13066] ? __pfx__copy_from_iter+0x10/0x10 [ 603.932020][T13066] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 603.932065][T13066] skb_copy_datagram_from_iter+0x124/0x740 [ 603.932093][T13066] ? dev_get_by_index+0x17c/0x380 [ 603.932119][T13066] ? sock_cmsg_send+0x1a0/0x280 [ 603.932154][T13066] packet_sendmsg+0x2294/0x5850 [ 603.932195][T13066] ? __lock_acquire+0xb97/0x1ce0 [ 603.932225][T13066] ? __pfx___might_resched+0x10/0x10 [ 603.932258][T13066] ? aa_sk_perm+0x2f4/0xb10 [ 603.932290][T13066] ? __pfx_packet_sendmsg+0x10/0x10 [ 603.932314][T13066] ? __pfx_aa_sk_perm+0x10/0x10 [ 603.932353][T13066] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 603.932391][T13066] ____sys_sendmsg+0xa95/0xc70 [ 603.932429][T13066] ? __pfx_____sys_sendmsg+0x10/0x10 [ 603.932493][T13066] ? __pfx__kstrtoull+0x10/0x10 [ 603.932535][T13066] ___sys_sendmsg+0x134/0x1d0 [ 603.932567][T13066] ? __pfx____sys_sendmsg+0x10/0x10 [ 603.932611][T13066] ? find_held_lock+0x2b/0x80 [ 603.932670][T13066] __sys_sendmmsg+0x200/0x420 [ 603.932704][T13066] ? __pfx___sys_sendmmsg+0x10/0x10 [ 603.932745][T13066] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 603.932790][T13066] ? fput+0x9b/0xd0 [ 603.932821][T13066] ? ksys_write+0x1ac/0x250 [ 603.932852][T13066] ? __pfx_ksys_write+0x10/0x10 [ 603.932883][T13066] __x64_sys_sendmmsg+0x9c/0x100 [ 603.932909][T13066] ? lockdep_hardirqs_on+0x7c/0x110 [ 603.932937][T13066] do_syscall_64+0xcd/0x490 [ 603.932968][T13066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.932993][T13066] RIP: 0033:0x7f212558ebe9 [ 603.933011][T13066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.933033][T13066] RSP: 002b:00007f21263e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 603.933056][T13066] RAX: ffffffffffffffda RBX: 00007f21257b6090 RCX: 00007f212558ebe9 [ 603.933071][T13066] RDX: 0000000000000002 RSI: 0000200000000400 RDI: 0000000000000002 [ 603.933087][T13066] RBP: 00007f21263e0090 R08: 0000000000000000 R09: 0000000000000000 [ 603.933100][T13066] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 603.933114][T13066] R13: 00007f21257b6128 R14: 00007f21257b6090 R15: 00007ffd8c261b28 [ 603.933144][T13066] [ 604.197622][ C1] vkms_vblank_simulate: vblank timer overrun [ 604.582520][T13078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1397'. [ 605.118924][T13084] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1399'. [ 605.576485][T13091] FAULT_INJECTION: forcing a failure. [ 605.576485][T13091] name failslab, interval 1, probability 0, space 0, times 0 [ 605.607908][T13091] CPU: 1 UID: 0 PID: 13091 Comm: syz.1.1401 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 605.607939][T13091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 605.607948][T13091] Call Trace: [ 605.607953][T13091] [ 605.607959][T13091] dump_stack_lvl+0x16c/0x1f0 [ 605.607982][T13091] should_fail_ex+0x512/0x640 [ 605.608002][T13091] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 605.608021][T13091] should_failslab+0xc2/0x120 [ 605.608040][T13091] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 605.608057][T13091] ? __alloc_skb+0x2b2/0x380 [ 605.608076][T13091] __alloc_skb+0x2b2/0x380 [ 605.608092][T13091] ? __pfx___alloc_skb+0x10/0x10 [ 605.608110][T13091] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 605.608128][T13091] ? __lock_acquire+0xb97/0x1ce0 [ 605.608150][T13091] netlink_alloc_large_skb+0x69/0x130 [ 605.608169][T13091] netlink_sendmsg+0x6a1/0xdd0 [ 605.608190][T13091] ? __pfx_netlink_sendmsg+0x10/0x10 [ 605.608210][T13091] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 605.608228][T13091] ____sys_sendmsg+0xa95/0xc70 [ 605.608250][T13091] ? copy_msghdr_from_user+0x10a/0x160 [ 605.608267][T13091] ? __pfx_____sys_sendmsg+0x10/0x10 [ 605.608297][T13091] ___sys_sendmsg+0x134/0x1d0 [ 605.608315][T13091] ? __pfx____sys_sendmsg+0x10/0x10 [ 605.608348][T13091] ? __mutex_unlock_slowpath+0x140/0x800 [ 605.608371][T13091] __sys_sendmsg+0x16d/0x220 [ 605.608389][T13091] ? __pfx___sys_sendmsg+0x10/0x10 [ 605.608418][T13091] do_syscall_64+0xcd/0x490 [ 605.608437][T13091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.608452][T13091] RIP: 0033:0x7f212558ebe9 [ 605.608463][T13091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.608477][T13091] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 605.608491][T13091] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 605.608501][T13091] RDX: 00000000000000d4 RSI: 0000200000000200 RDI: 0000000000000004 [ 605.608510][T13091] RBP: 00007f2126401090 R08: 0000000000000000 R09: 0000000000000000 [ 605.608520][T13091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.608528][T13091] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 605.608546][T13091] [ 605.843879][ C1] vkms_vblank_simulate: vblank timer overrun [ 606.258581][T13096] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1403'. [ 606.546524][T13101] FAULT_INJECTION: forcing a failure. [ 606.546524][T13101] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 606.694862][T13101] CPU: 1 UID: 0 PID: 13101 Comm: syz.1.1404 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 606.694905][T13101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 606.694922][T13101] Call Trace: [ 606.694931][T13101] [ 606.694941][T13101] dump_stack_lvl+0x16c/0x1f0 [ 606.694981][T13101] should_fail_ex+0x512/0x640 [ 606.695021][T13101] should_fail_alloc_page+0xe7/0x130 [ 606.695059][T13101] prepare_alloc_pages+0x3c2/0x610 [ 606.695095][T13101] ? rcu_is_watching+0x12/0xc0 [ 606.695126][T13101] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 606.695163][T13101] ? rcu_is_watching+0x12/0xc0 [ 606.695188][T13101] ? trace_mm_page_alloc+0x11f/0x1a0 [ 606.695227][T13101] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 606.695260][T13101] ? __cgroup_account_cputime+0xcc/0x120 [ 606.695289][T13101] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 606.695326][T13101] ? find_held_lock+0x2b/0x80 [ 606.695359][T13101] ? trace_sched_exit_tp+0xd1/0x120 [ 606.695397][T13101] ? __schedule+0x11a3/0x5de0 [ 606.695423][T13101] ? map_create+0x58f/0x1f80 [ 606.695467][T13101] alloc_pages_bulk_noprof+0x71c/0x1410 [ 606.695497][T13101] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 606.695536][T13101] ? policy_nodemask+0xea/0x4e0 [ 606.695574][T13101] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 606.695649][T13101] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 606.695700][T13101] kasan_populate_vmalloc+0xf1/0x1f0 [ 606.695738][T13101] alloc_vmap_area+0x959/0x29c0 [ 606.695789][T13101] ? __pfx_alloc_vmap_area+0x10/0x10 [ 606.695835][T13101] __get_vm_area_node+0x1ca/0x330 [ 606.695880][T13101] __vmalloc_node_range_noprof+0x271/0x14b0 [ 606.695920][T13101] ? pcpu_mem_zalloc+0x54/0xb0 [ 606.695956][T13101] ? pcpu_mem_zalloc+0x54/0xb0 [ 606.695990][T13101] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 606.696044][T13101] ? pcpu_mem_zalloc+0x54/0xb0 [ 606.696068][T13101] __vmalloc_node_noprof+0xad/0xf0 [ 606.696106][T13101] ? pcpu_mem_zalloc+0x54/0xb0 [ 606.696134][T13101] pcpu_mem_zalloc+0x54/0xb0 [ 606.696159][T13101] pcpu_create_chunk+0x432/0x730 [ 606.696191][T13101] pcpu_alloc_noprof+0x11e3/0x1470 [ 606.696236][T13101] bpf_map_alloc_percpu+0x9a/0x4b0 [ 606.696273][T13101] htab_map_alloc+0x10ca/0x1570 [ 606.696319][T13101] ? ns_capable+0xd7/0x110 [ 606.696349][T13101] map_create+0x58f/0x1f80 [ 606.696395][T13101] ? __pfx_map_create+0x10/0x10 [ 606.696426][T13101] ? __might_fault+0xe3/0x190 [ 606.696454][T13101] ? __might_fault+0xe3/0x190 [ 606.696480][T13101] ? __might_fault+0x13b/0x190 [ 606.696522][T13101] __sys_bpf+0x44d2/0x4de0 [ 606.696555][T13101] ? __pfx_futex_wake+0x10/0x10 [ 606.696602][T13101] ? __pfx___sys_bpf+0x10/0x10 [ 606.696640][T13101] ? do_writev+0x218/0x340 [ 606.696677][T13101] ? do_futex+0x122/0x350 [ 606.696710][T13101] ? __pfx_do_futex+0x10/0x10 [ 606.696763][T13101] ? xfd_validate_state+0x61/0x180 [ 606.696798][T13101] ? __pfx_do_writev+0x10/0x10 [ 606.696831][T13101] __x64_sys_bpf+0x78/0xc0 [ 606.696866][T13101] ? lockdep_hardirqs_on+0x7c/0x110 [ 606.696896][T13101] do_syscall_64+0xcd/0x490 [ 606.696931][T13101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 606.696957][T13101] RIP: 0033:0x7f212558ebe9 [ 606.696978][T13101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 606.697003][T13101] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 606.697028][T13101] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 606.697046][T13101] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000 [ 606.697062][T13101] RBP: 00007f2125611e19 R08: 0000000000000000 R09: 0000000000000000 [ 606.697078][T13101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 606.697094][T13101] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 606.697130][T13101] [ 607.080515][ C1] vkms_vblank_simulate: vblank timer overrun [ 607.850392][T13101] zswap: compressor not available [ 607.986238][T13102] Setting dangerous option i915.mitigations - tainting kernel [ 608.454410][T13116] FAULT_INJECTION: forcing a failure. [ 608.454410][T13116] name failslab, interval 1, probability 0, space 0, times 0 [ 608.507342][T13116] CPU: 0 UID: 0 PID: 13116 Comm: syz.1.1407 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 608.507394][T13116] Tainted: [U]=USER [ 608.507401][T13116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 608.507414][T13116] Call Trace: [ 608.507422][T13116] [ 608.507431][T13116] dump_stack_lvl+0x16c/0x1f0 [ 608.507467][T13116] should_fail_ex+0x512/0x640 [ 608.507497][T13116] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 608.507524][T13116] should_failslab+0xc2/0x120 [ 608.507554][T13116] __kmalloc_cache_noprof+0x6a/0x3e0 [ 608.507577][T13116] ? rcu_is_watching+0x12/0xc0 [ 608.507601][T13116] ? s_start+0x7b/0x320 [ 608.507637][T13116] s_start+0x7b/0x320 [ 608.507674][T13116] traverse.part.0.constprop.0+0xac/0x640 [ 608.507700][T13116] ? aa_file_perm+0x28f/0x12e0 [ 608.507742][T13116] seq_read_iter+0x932/0x12c0 [ 608.507773][T13116] ? __pfx_aa_file_perm+0x10/0x10 [ 608.507808][T13116] seq_read+0x3a3/0x570 [ 608.507831][T13116] ? __pfx_seq_read+0x10/0x10 [ 608.507853][T13116] ? get_pid_task+0xfc/0x250 [ 608.507894][T13116] ? rw_verify_area+0xcf/0x6c0 [ 608.507917][T13116] ? __pfx_seq_read+0x10/0x10 [ 608.507938][T13116] vfs_read+0x1e4/0xcf0 [ 608.507968][T13116] ? __pfx_vfs_read+0x10/0x10 [ 608.507989][T13116] ? find_held_lock+0x2b/0x80 [ 608.508020][T13116] ? __fget_files+0x204/0x3c0 [ 608.508047][T13116] ? __fget_files+0x20e/0x3c0 [ 608.508066][T13116] ? __fget_files+0x200/0x3c0 [ 608.508097][T13116] __x64_sys_pread64+0x1eb/0x250 [ 608.508123][T13116] ? __pfx___x64_sys_pread64+0x10/0x10 [ 608.508158][T13116] do_syscall_64+0xcd/0x490 [ 608.508189][T13116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.508214][T13116] RIP: 0033:0x7f212558ebe9 [ 608.508234][T13116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.508257][T13116] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 608.508282][T13116] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 608.508298][T13116] RDX: 0000000073528428 RSI: 0000200000002680 RDI: 0000000000000003 [ 608.508313][T13116] RBP: 00007f2126401090 R08: 0000000000000000 R09: 0000000000000000 [ 608.508328][T13116] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 608.508342][T13116] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 608.508385][T13116] [ 608.508397][T13116] [ 608.756630][T13116] ===================================== [ 608.762255][T13116] WARNING: bad unlock balance detected! [ 608.767975][T13116] 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 Tainted: G U [ 608.776837][T13116] ------------------------------------- [ 608.782478][T13116] syz.1.1407/13116 is trying to release lock (event_mutex) at: [ 608.790374][T13116] [] traverse.part.0.constprop.0+0x2c0/0x640 [ 608.798384][T13116] but there are no more locks to release! [ 608.804274][T13116] [ 608.804274][T13116] other info that might help us debug this: [ 608.813263][T13116] 1 lock held by syz.1.1407/13116: [ 608.818464][T13116] #0: ffff888059ecd540 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0 [ 608.827354][T13116] [ 608.827354][T13116] stack backtrace: [ 608.833238][T13116] CPU: 0 UID: 0 PID: 13116 Comm: syz.1.1407 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 608.833270][T13116] Tainted: [U]=USER [ 608.833276][T13116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 608.833288][T13116] Call Trace: [ 608.833294][T13116] [ 608.833302][T13116] dump_stack_lvl+0x116/0x1f0 [ 608.833329][T13116] ? traverse.part.0.constprop.0+0x2c0/0x640 [ 608.833349][T13116] print_unlock_imbalance_bug+0x11b/0x130 [ 608.833373][T13116] ? traverse.part.0.constprop.0+0x2c0/0x640 [ 608.833391][T13116] lock_release+0x242/0x2f0 [ 608.833419][T13116] ? lockdep_hardirqs_on+0x7c/0x110 [ 608.833442][T13116] __mutex_unlock_slowpath+0xa7/0x800 [ 608.833467][T13116] ? rcu_is_watching+0x12/0xc0 [ 608.833486][T13116] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 608.833509][T13116] ? __kmalloc_cache_noprof+0x249/0x3e0 [ 608.833529][T13116] ? rcu_is_watching+0x12/0xc0 [ 608.833547][T13116] ? kfree+0x24f/0x4d0 [ 608.833563][T13116] ? s_start+0x28c/0x320 [ 608.833589][T13116] traverse.part.0.constprop.0+0x2c0/0x640 [ 608.833609][T13116] ? aa_file_perm+0x28f/0x12e0 [ 608.833638][T13116] seq_read_iter+0x932/0x12c0 [ 608.833657][T13116] ? __pfx_aa_file_perm+0x10/0x10 [ 608.833685][T13116] seq_read+0x3a3/0x570 [ 608.833701][T13116] ? __pfx_seq_read+0x10/0x10 [ 608.833718][T13116] ? get_pid_task+0xfc/0x250 [ 608.833748][T13116] ? rw_verify_area+0xcf/0x6c0 [ 608.833766][T13116] ? __pfx_seq_read+0x10/0x10 [ 608.833783][T13116] vfs_read+0x1e4/0xcf0 [ 608.833806][T13116] ? __pfx_vfs_read+0x10/0x10 [ 608.833824][T13116] ? find_held_lock+0x2b/0x80 [ 608.833842][T13116] ? __fget_files+0x204/0x3c0 [ 608.833863][T13116] ? __fget_files+0x20e/0x3c0 [ 608.833881][T13116] ? __fget_files+0x200/0x3c0 [ 608.833903][T13116] __x64_sys_pread64+0x1eb/0x250 [ 608.833925][T13116] ? __pfx___x64_sys_pread64+0x10/0x10 [ 608.833950][T13116] do_syscall_64+0xcd/0x490 [ 608.833975][T13116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.833994][T13116] RIP: 0033:0x7f212558ebe9 [ 608.834010][T13116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.834029][T13116] RSP: 002b:00007f2126401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 608.834048][T13116] RAX: ffffffffffffffda RBX: 00007f21257b5fa0 RCX: 00007f212558ebe9 [ 608.834067][T13116] RDX: 0000000073528428 RSI: 0000200000002680 RDI: 0000000000000003 [ 608.834082][T13116] RBP: 00007f2126401090 R08: 0000000000000000 R09: 0000000000000000 [ 608.834094][T13116] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 608.834105][T13116] R13: 00007f21257b6038 R14: 00007f21257b5fa0 R15: 00007ffd8c261b28 [ 608.834124][T13116] [ 608.835836][T13117] zswap: compressor not available