last executing test programs: 20m44.945473004s ago: executing program 1 (id=195): r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) getsockopt$auto(r0, 0x84, 0x66, 0x0, &(0x7f0000000000)=0x7ffe) 20m44.682254155s ago: executing program 1 (id=197): setresuid$auto(0xa, 0xff3d, 0x4) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x9) bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24, 0x400000}, 0x68) 20m44.511361035s ago: executing program 1 (id=199): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) memfd_create$auto(0x0, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c06, 0x0) 20m43.365854976s ago: executing program 1 (id=203): rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYBLOB="20062abd7000fddbdf250200"], 0x9c}, 0x1, 0x0, 0x0, 0x1}, 0x80) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x4007f, 0x0, &(0x7f00000001c0)={0x6}, 0x8) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) 20m43.091496749s ago: executing program 1 (id=217): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 20m42.608394391s ago: executing program 1 (id=214): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/mode\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)='4', 0x1) 20m42.226533656s ago: executing program 32 (id=214): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/mode\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)='4', 0x1) 20m39.719547132s ago: executing program 2 (id=244): socket(0x11, 0x80003, 0x300) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/mem\x00', 0x10b201, 0x0) r0 = socket(0x11, 0x3, 0x6) rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x1, @_sigpoll={0xd}}}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180), 0x36}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x140) 20m39.6207985s ago: executing program 2 (id=237): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) write$auto(0x3, 0x0, 0xfdef) 20m39.290932288s ago: executing program 2 (id=238): mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x40002, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYBLOB="6a0051b1"], 0x1ac}}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 20m38.487997412s ago: executing program 2 (id=252): rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYBLOB="20062abd7000fddbdf250200"], 0x9c}, 0x1, 0x0, 0x0, 0x1}, 0x80) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x4007f, 0x0, &(0x7f00000001c0)={0x6}, 0x8) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) 20m38.042770055s ago: executing program 2 (id=254): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 20m37.447621214s ago: executing program 2 (id=247): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x5, 0x3) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x9, 0x0) 20m37.05151588s ago: executing program 33 (id=247): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x5, 0x3) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x9, 0x0) 15m22.691112851s ago: executing program 3 (id=2989): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) madvise$auto(0x0, 0x20499d, 0x9) 15m22.292480032s ago: executing program 3 (id=2995): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @broadcast}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xf}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x7}, @HSR_A_IF2_AGE={0x8, 0x4, 0x9}]}, 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x8) 15m22.091642963s ago: executing program 3 (id=2999): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) select$auto(0x2, 0x0, 0x0, &(0x7f0000000100)={[0x1, 0x5, 0xe, 0x8, 0x1, 0xe9ed, 0x0, 0x8, 0x7, 0x64c, 0x6, 0x1ff, 0xfffffffffffffff8, 0xffffffffffffffff, 0x1ff, 0x6]}, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, 0x0, 0x2404c084) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x4, 0x9) 15m21.163876668s ago: executing program 3 (id=3010): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 15m20.836816288s ago: executing program 3 (id=3015): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) 15m20.039173621s ago: executing program 3 (id=3021): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) pipe$auto(0x0) write$auto(0x3, 0x0, 0xfdef) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) write$auto(0x1, 0x0, 0x100) close_range$auto(0x2, 0x8, 0x0) 15m19.699975961s ago: executing program 34 (id=3021): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) pipe$auto(0x0) write$auto(0x3, 0x0, 0xfdef) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) write$auto(0x1, 0x0, 0x100) close_range$auto(0x2, 0x8, 0x0) 14m3.535681223s ago: executing program 0 (id=3612): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x3, 0x100) sysfs$auto(0x2, 0x4c, 0x0) fsopen$auto(0x0, 0x1) socket(0x2, 0x5, 0x0) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16) bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24}, 0x68) 14m3.35479487s ago: executing program 0 (id=3615): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f0000000300)={0x2, 0x0, [{0x1, 0x7ff, 0x8}, {0x10002, 0x30, 0x5}, {0x0, 0x0, 0x7}]}) 14m2.80635792s ago: executing program 0 (id=3617): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x250, 0xfffffe05, 0x7702}]}) 14m2.570590994s ago: executing program 0 (id=3618): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(r0, &(0x7f00000000c0)="632d1bfe595046ab5c98199adf260600de16baef6176e669a216eae1836674fdd800000000000000e0ffffff003fffffff00000000000000", 0x38) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="1a01e0800c00b40008000000000000006c36cdef82941e891aa5ea8f02847281fccad381ac8a3e289f2a915bd7345a4682bc46ceb72875a199eb063ad6c09b7ab66e80d36146650a51bb5e4b78f4ed2181f9937fbd278be622c972ae2087e74f95078fefa7dee90dd6b3fb498446a7d4e4057bd615f6961904dcf3df1b5d6b8d3ca6f190e9d89cdf7709c275b2a2cba65afc4e8929257d7ef68dce5bec86ace0df665f0bdd87fa01eed3446bf0d65594bf92fb977dd77dbc3a4190e11c8917c87db434b82bf8e71862613d96db7b36f4aad34996e07350f3353a184c11f058a1d76d7e6c1471bdca327441937bf099b68b"], 0x33c}, 0x1, 0x0, 0x0, 0x20040050}, 0x4000) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a2b5ad9df2669e6f9cd2365", 0xfdef) 14m2.185779141s ago: executing program 0 (id=3620): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 14m1.822640756s ago: executing program 0 (id=3623): bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) write$auto_proc_pid_attr_operations_base(0xffffffffffffffff, &(0x7f0000000ec0)='9', 0x1) r1 = open(0x0, 0x4242, 0x40) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000900), r2) sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f0000002680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x4) flock$auto(r1, 0x1) 13m46.805105068s ago: executing program 35 (id=3623): bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) write$auto_proc_pid_attr_operations_base(0xffffffffffffffff, &(0x7f0000000ec0)='9', 0x1) r1 = open(0x0, 0x4242, 0x40) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000900), r2) sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f0000002680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x4) flock$auto(r1, 0x1) 9.519455099s ago: executing program 4 (id=7202): socket(0x11, 0x80003, 0x300) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0) unshare$auto(0x40000080) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20c8c2, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/etherd/revalidate\x00', 0x2, 0x0) pwritev$auto(r1, &(0x7f0000000140)={0x0, 0x5}, 0x9, 0x1, 0xc000000000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0xfffffffffffffffd, 0x9, 0x24de, 0x16, r0, 0xd5be) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x2381, 0x0) ioctl$auto(r0, 0xc0585605, 0xffffffffffffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r2 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="1ed95ddcaeb43cf0cbabfd4d3dbbe8bbffc942673c9d72f61831697725629eb9679500508013227d610a2b52af1c039d34310d5df6e40983c717c19e84603524c25e97cc29cbcf00bd4fdf9c6a8f0755e361ca4b4fa80c1373dc9d36b68626497f597b408cf4de43b4795692359b15518c2a402750be13ad068ccc134322808320ddb490500a34440a97c01b4c02000000f73927f75acc679941a834b34cb2cc9b837b2faf3c35b9d743b21be88b4e5d0e32b36346c1918435b6071240853f92fe25c9609c307bb499732625960a5976a7eb8e9c0548ee2b7d15ac6d2ce5c55ea59f9185230495442371d791c4f29d82e40c90b5b7b5ba71a957b7aac4c1540c01131f7fffd5169f56c907a30fe99564ca779858247489eaefe25fcd6122bddcb228ec72fe39cf46f8dfb4596c0c5719a395c3d7c0f4621b8fb315b6e0bc6f1b120b71c667c5f19adab60041b801d55c3c4238fe16d29fcc25c7bb5c54d2a249bd5481918d", @ANYRES16, @ANYBLOB="20002abd7000ffdbdf25210000000400b980080042010800000008004d01070000000500a2008100000024006200050000001f00c800a301c8fee01cfc9729127b0bbfef211668c1abc0a5320127c396d3000600eb000200000005002900bc0000007c0391006ad667e4b2b748b0692d69d067ecd312ab59b19e10bf509102a1d60365595f46d455759342aa19fb952f9ecffe005d066c200b94aff444382cc775c1ccc564bb5cec10f0249edc2ad220ae3855d0821d7a0e1c0b005dddd971b00ab5ecf14dbcb61f05f7d112c3c3a33c9c55a1df5ba46f72dd231a52adc23fcba5641b6da6dd2fef763f07671b93d3724a45cad6204996d58e9f5adca78d5c9833ef7292beebcdc069c553d6b035d2271f88d0f509200ab490d226d7398bc0f73e0c4b0bb83948b13957f5d32b9bd2d911649033c82cc6f5413c6ced4a55fbd0ad5e52a3a6255e1df3e6f4c96336c783b98a0c543292cc239e0fe2e48123d45bca1e5c0171a1b535492c68ce27cda652d639c6add5d2f825548723948149b56a3dce48ad1f4e1df27a296bd43410fad48098a35553b8e82bc3993557844a483f1df400a9911f8c46fb64cc7e39cf311270b5335a519ea0724933594bf5d20556e2f443b15dd50dc290c07a6abaa893dc239849ce710444ede943eda715b77f5ffd7004535d0ffb7d263d34aa68284f85de613fa2ec0e5754260b7629104face9e962ed3b8656ac200fd21bb86da9b3455cd46af148f7aed842d23e3054ec86daf61cd62f9255a5ccdb9447b9aa6288725407a81be263944c86a53785a165f5743ff8ed47c01a59e0bfa0cd98bbe7a677d7161411574902b76390610c9549003e716eba6a92e80148be37cb81ce043b5fbb90453c961ad08d8829a2a0c644ec92318ee4911ae9a156317b9063242565586b05cd28c91be64705f6352ac4552763962c58488854dfabc296f9fb4829329045ab280614d4c2cb0bbc207008a3ea9fbae546177ebc740856fceaa1fc5e006f2649e116c3092fbf61a180cafbbd4a69e089f2a9144559b9812ced07a2aae61e2ffc70615ac92f0711d63178e295efc546ab26a35e49fa67444aaa5254e3705a213e326f590064c92c102ff991df59befb48c6b7aefe17b3d014e401f4f729232f97fc31d401c783f0f5e6f47bea2e2dd670744ef911520b8b8e0c531874d740b90ace0d9057efe880197d7426177fd9664aa8d3fd240a6b7db767124268711fc74264c38b9c9c911be50f040d8efb796b079bfd75dfcb0ae47dfcce3b991dfdf6c2c2adbde0dfe3939d69dbb820f512b6bea9734d2839d92dfabf99618bd9e0eda2808bda55787ebba47b7a1e1c85fcaea1ac99a8c90a0bf8748a473daef6c1d981931bea76e1c88f7a906bebb1"], 0x3e4}, 0x1, 0x0, 0x0, 0x20000010}, 0x4080) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) 8.261098485s ago: executing program 4 (id=7206): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) shmctl$auto_IPC_RMID(0x0, 0x0, 0x0) chown$auto(&(0x7f00000000c0)='./file0\x00', 0xee01, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) write$auto(0xca, &(0x7f00000002c0)='\x04>2\x1e!\xe2\x00\x94\xf2\xa2\x00\x00\x8d\xa9p\xcc\xccV\xf9ozi\xb2:\x19\x92r\xcc9\x99f\xc5\xed\x84fe\x8a\x8c\xd3*\xfe\x1dE\xa1W8\x03\xcb\tSK\xb4\x893\xf3Q\x7f\xd1|\xefp\xb1\xb3\xcer8\b=\xa4y\xd4\x88\xbc\xe0\xd1\x03\x108a\x90KG,\xf8\v\x88\xe2+\xcb\xf2v\x8bL\xa6\xaa}\x1b\xa5\xd8\x98\xc9\\f\xccT\xa1\x05\x14\x84\xbb\aF,\xc8\xc7u\x93\xe8?\x92\t\xa9`\xff\x93l\x93\xac\n\xdd\xa4\n\x8e\xec\x14\x02|\xf7\xc4\xa0\x06h\xc0\x8f\xf3g6\xb8\x1a\x18\xf2\x93\t\xe8ips\xa7\x9a\x1cFPi\x13\x89DRSO\x97\xb1\xc3\xb8Q\xa2\xb2\xa8\xc3\xd3\xf9\xd4Y\x8d\x8d\xad\x8f[\xbe\xe5\xf1\x9f\x01s\x8eg\x05\xe8\xf9\x8f\xa6g\v', 0x80) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) 6.880192396s ago: executing program 7 (id=7209): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x13e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) get_mempolicy$auto(0x0, 0x0, 0xfffffffffffffffe, 0x99d6, 0x3) madvise$auto(0x108000, 0x800032, 0x4) madvise$auto(0x0, 0x200007, 0x19) socket(0x2, 0x1, 0x106) ioctl$auto(0xffffffffffffffff, 0x400064c8, 0xffffffffffffffff) setpriority$auto_PRIO_USER(0x2, 0x0, 0x3) 6.758385179s ago: executing program 4 (id=7210): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) socket(0x1e, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) tgkill$auto(0x0, 0x1, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000080)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000040)={0x15, 0x3, 0x1}}) 5.705344518s ago: executing program 6 (id=7213): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r0, 0x8000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon13\x00', 0x440, 0x0) r1 = socket(0x29, 0x2, 0x0) get_mempolicy$auto(&(0x7f0000000280)=0x8, &(0x7f00000002c0)=0x9, 0x2, 0x81, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b7f, 0x2, 0x200000008000) mmap$auto(0x9c5, 0x2000000, 0x10001, 0x10, r1, 0x7d) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') socket(0x23, 0x2, 0x0) clone$auto(0x20003b46, 0x0, 0x0, 0x0, 0x7fff) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0) read$auto(r3, 0x0, 0x1f40) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) 5.240282497s ago: executing program 6 (id=7214): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e22, @multicast2}, 0x5) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) setsockopt$auto(0x3, 0x10f, 0x9f06, 0x0, 0x17) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = pipe2$auto(0x0, 0x80) ioctl$auto(r1, 0x5761, 0x4) ioctl$auto_BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000080)="d7a13be3c14e950bc86ac4250954b7f9b37dd9020413b9c0e0437b1770f1e60e3016321fb32f747b55a5dc9aa9c22b1dce04ad94fac29031234d3619f36b2b2872d09c5d4c1cfb73312afd29d4257a5df2dd59a775625a1e196dab0cb2e1b2d6541cf92b53ca962bcdda378470c44ab0a64c4b64c9b43e54f87ea6b5832db97dcf93a6d4b9b9dc59bd74fc71a5359a31c4f31c95a12fe985109d1d4f81144690b512f4214444131cedbd0214a12d") r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x14000000000df, 0x40eb2, r2, 0x300000000000) semtimedop$auto(0x40, 0x0, 0x6, 0x0) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) 5.079948478s ago: executing program 4 (id=7216): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socketpair$auto(0x2, 0x4, 0x8, 0x0) r1 = timerfd_create$auto(0x4, 0x5) mmap$auto(0x2, 0x7, 0x2, 0x17, r1, 0x6) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20201, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) socket(0xa, 0x1, 0x100) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x9, 0x8000) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x400, 0x0) eventfd2$auto(0x6af3, 0x800) socket(0x1e, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7440, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x24600, 0x0) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x82202, 0x0) ioctl$auto_USBDEVFS_CONTROL(r4, 0xc0185500, 0x0) ioctl$auto(0xffffffffffffffff, 0x8983, 0x4) ioctl$auto_EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000040)={0x4, r2, 0x2, 0x81, 0x4e1, 0x9}) 5.062335484s ago: executing program 5 (id=7217): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x80) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYBLOB="6a0051b1"], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) socket(0x10, 0x2, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/bonding/bond0\x00', 0x18b000, 0x0) pread64$auto(r1, 0x0, 0x8100000041, 0x413e) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0002000000000000000000008869e71e0000", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f00000008000400010000880800030004"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) capget$auto(&(0x7f0000000000)={0x4, 0xffffffffffffffff}, &(0x7f0000000040)={0x6, 0x2a, 0x401}) getpgid$auto(r2) prctl$auto_PR_SET_MM_ENV_END(0x36020000, 0xb, r2, 0x4, 0x80000009) r3 = socket(0xa, 0x1, 0x100) setsockopt$auto_SO_BSDCOMPAT(r3, 0x6, 0xe, &(0x7f0000000340)='/Eev/audio1\x00Vi\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x5) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r5, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000740)={0x30, r4, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_HE_CAPABILITY={0x1a, 0x10d, "e2d1b2c3e0f4246df8a3901298f8aa701033e4ad8868"}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x40004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x300) 5.019090497s ago: executing program 7 (id=7218): keyctl$auto(0x3, 0xfffffffffffffffd, 0x0, 0x0, 0xa00002) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) msgsnd$auto(0xfffffffc, 0x0, 0x1, 0x963) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0x8, 0x0) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r0, [], {0x2, 0x4, 0x6, 0x2, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x1ff, 0x80000001, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}}) ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x800}}, 0x0) setsockopt$auto_SO_MAX_PACING_RATE(r1, 0x0, 0x2f, &(0x7f0000000180)='/dev/dvb/adapter0/dvr0\x00', 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0xc8, 0x0, 0x40f6) unshare$auto(0x40000080) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x2003, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff) mmap$auto(0x683b, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 3.974875057s ago: executing program 5 (id=7219): r0 = prctl$auto(0x34, 0x1, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000080), 0x2101, 0x0) setsockopt$auto(0xffffffffffffffff, 0x107, 0x9, 0x0, 0x20008004) ioctl$auto_SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) r2 = fcntl$auto(0x8000000000000001, 0x5, 0x8) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) write$auto(r2, &(0x7f00000001c0)='/Eek\xe4f\xf1\xb62\x0f\x86Xv/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"T\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9c\v\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\xc6\x7f#\x9ai\xb9\v\xf0\xd9\x12\x97:\xf9eh\x06\x0e\x86!\xc7\x1fz\xa1\xd3L~\xf4\xd0G\x9bx\x975\x90F\xec\xe3\xf9%G\xcc\x82\xf7\xfb\xccGE\r\xcd}\x1e\x14\xb2\xfe\xd4', 0x2) select$auto(0x12, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x24000001) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) ioctl$auto_SNDCTL_SEQ_RESET(r0, 0x5100, &(0x7f0000000200)="eace33f30df9fd5a87fdac7cf5378e5edb2a929c9320b353f60190be4998f57f79686c2357459d213ca11fe782ed22cb80e599cd7f68196e72fe0bf73dcd6af03106f403b76f19d8048e64543c02346f98b20b637bf64b0b2125eb60c5486b1265dc33dae43b730ecb87c1757b47dc2b3ce5a57a3ca25fe0919b5d2783e339a007493f603063f90118630253a487b9049db5dcb0b75c370dfaf06dcd6a723f159bf43be1f692ad832aa0e593a33dcc39901d23d6e4973787c1d2c45d1e20dd88fdaede") r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r3) r4 = set_tid_address$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r4) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) 2.891163508s ago: executing program 5 (id=7220): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) shmctl$auto_IPC_RMID(0x0, 0x0, 0x0) chown$auto(&(0x7f00000000c0)='./file0\x00', 0xee01, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) write$auto(0xca, &(0x7f00000002c0)='\x04>2\x1e!\xe2\x00\x94\xf2\xa2\x00\x00\x8d\xa9p\xcc\xccV\xf9ozi\xb2:\x19\x92r\xcc9\x99f\xc5\xed\x84fe\x8a\x8c\xd3*\xfe\x1dE\xa1W8\x03\xcb\tSK\xb4\x893\xf3Q\x7f\xd1|\xefp\xb1\xb3\xcer8\b=\xa4y\xd4\x88\xbc\xe0\xd1\x03\x108a\x90KG,\xf8\v\x88\xe2+\xcb\xf2v\x8bL\xa6\xaa}\x1b\xa5\xd8\x98\xc9\\f\xccT\xa1\x05\x14\x84\xbb\aF,\xc8\xc7u\x93\xe8?\x92\t\xa9`\xff\x93l\x93\xac\n\xdd\xa4\n\x8e\xec\x14\x02|\xf7\xc4\xa0\x06h\xc0\x8f\xf3g6\xb8\x1a\x18\xf2\x93\t\xe8ips\xa7\x9a\x1cFPi\x13\x89DRSO\x97\xb1\xc3\xb8Q\xa2\xb2\xa8\xc3\xd3\xf9\xd4Y\x8d\x8d\xad\x8f[\xbe\xe5\xf1\x9f\x01s\x8eg\x05\xe8\xf9\x8f\xa6g\v', 0x80) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.889023021s ago: executing program 6 (id=7221): socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) mincore$auto(0x1000, 0x8003, 0x0) setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x80000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r0 = ioctl$auto_TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000540)={0x2, &(0x7f0000000500)={0xa7, 0xf3, 0x1, @raw=0x2}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="08002cbd7000fcdbdf25030000001c00018008000100000200000800010001000000080001000500000044000180080001000000000008000200818100000800020001f8ffff080001004f0e00bfea1800419e08bdfe8b89d2000800010001000000502fe021ee08"], 0x74}, 0x1, 0x0, 0x0, 0x4000011}, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x81, 0x0, 0x0, &(0x7f0000000300)={[0x1ff, 0x5, 0xd, 0xfffffffffffff4d6, 0x948b, 0x3, 0x15f4da0e, 0x3, 0x0, 0x9, 0x80000001, 0x1000, 0x1, 0x9, 0x3, 0x1]}, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0x80002, 0x0) write$auto(r3, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x5014c0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(r4, 0x0, 0xfffffdef) 2.882889655s ago: executing program 7 (id=7228): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x204282, 0x0) setsockopt$auto_SO_DEVMEM_DONTNEED(r0, 0xdb, 0x50, 0x0, 0x9) r1 = socket(0xa, 0x2, 0x0) setsockopt$auto(r1, 0x25, 0xd, 0x0, 0x0) clock_nanosleep$auto(0x400000, 0x1, 0x0, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_history_size\x00', 0x1182, 0x0) io_uring_setup$auto(0x86, 0x0) r3 = socket(0x10, 0x4, 0xffffffc0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r4, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) adjtimex$auto(0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, 0x0) syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f00000000c0), r3) close_range$auto(0x2, 0xa, 0x0) 2.882127411s ago: executing program 4 (id=7222): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) write$auto(r0, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x20401, 0x0) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x80000) syz_clone3(&(0x7f0000000080)={0x123060000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) fsopen$auto(0x0, 0x1) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) shmget$auto(0x8, 0x10563, 0x568d1af2) ioperm$auto(0x7, 0x6, 0x2) 1.745196999s ago: executing program 6 (id=7223): r0 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) ioctl$auto(r2, 0x5646, r2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r3, 0x13, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_WIPHY_NAME={0xc, 0x2, '\x00\x00\x00\x00\x00\x00\x00\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100028bd7000fbdbdf257500000008009e7e81fb00fdffffff040073000400cf00080037000200000006006d000000000004003b010400e2000c002c8008000100ffff000004002101"], 0x4c}, 0x1, 0x0, 0x0, 0x44805}, 0x4000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r6) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r6, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000600)={0x38, r7, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}]}, @NET_SHAPER_A_LEAVES={0x10, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r8}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/misc/hw_random/rng_available\x00', 0x22000, 0x0) ioctl$auto(0x3, 0x541b, 0x38) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, 0x0, 0x0) getdents64$auto(r0, 0x0, 0x400) ioctl$auto(0xc8, 0x401054d5, 0x0) 1.651384693s ago: executing program 5 (id=7224): mmap$auto(0xfffffffffffffbff, 0x202000c, 0x3, 0xebd, 0xffffffffffffffff, 0x8010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) madvise$auto(0x9, 0x2003f0, 0x15) write$auto(r0, 0x0, 0x4000000000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1c}}, 0x40010) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80000, 0x0) prctl$auto(0x10003e, 0x1, 0x0, 0x97d8, 0xfffffffffffffffe) write$auto(0xca, &(0x7f0000000180)='\x04\x02\x00\r\xfb\xff\xf6\xdd\x90\x806\xc8\xbe\x94\xf2\xa2', 0x2d9) bind$auto(0xffffffffffffffff, &(0x7f0000000000)=@ax25={0x3, @bcast, 0x1}, 0x6a) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/lo/disable_ipv6\x00', 0x40001, 0x0) lseek$auto(r2, 0xffffffffffffffff, 0x1) connect$auto(0x3, &(0x7f0000000080)=@l2={0x1f, 0x3, @any, 0x9, 0x2}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 1.35620516s ago: executing program 7 (id=7225): socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/blkio.throttle.write_iops_device\x00', 0x121002, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00') openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/module/ib_srp/parameters/fast_io_fail_tmo\x00', 0x22000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 1.014014709s ago: executing program 6 (id=7226): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen\x00', 0x382c02, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20842, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8f3b7a51b8162d21, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 854.389904ms ago: executing program 7 (id=7227): socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) socket(0x1d, 0x2, 0x7) socket(0x10, 0x2, 0x0) socket(0x2, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) r0 = socket(0x10, 0x2, 0xf) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) socket(0xa, 0x3, 0xff) pipe$auto(0x0) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0xffffffff}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x40000, 0x4, 0x5, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_prog_fd=r0, 0x7e, 0x4, 0x1, 0x5, 0x3}, 0x5) 570.411321ms ago: executing program 6 (id=7229): keyctl$auto(0x3, 0xfffffffffffffffd, 0x0, 0x0, 0xa00002) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) msgsnd$auto(0xfffffffc, 0x0, 0x1, 0x963) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0x8, 0x0) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r0, [], {0x2, 0x4, 0x6, 0x2, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x1ff, 0x80000001, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}}) ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x800}}, 0x0) setsockopt$auto_SO_MAX_PACING_RATE(r1, 0x0, 0x2f, &(0x7f0000000180)='/dev/dvb/adapter0/dvr0\x00', 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0xc8, 0x0, 0x40f6) unshare$auto(0x40000080) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x2003, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff) mmap$auto(0x683b, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 568.68367ms ago: executing program 5 (id=7237): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r0 = socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) read$auto(r1, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1800"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00) r2 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x440500, 0x0) io_uring_setup$auto(0x7d2, &(0x7f0000000000)={0xbe2, 0x7ad, 0x1000, 0x8, 0x9a, 0xfffffff9, r2, [0x10001, 0x31f, 0xa], {0xb2, 0x4, 0x8, 0x98e, 0x2, 0x39, 0x101, 0x1, 0xd}, {0xfffffffc, 0x4, 0x0, 0x3, 0x2, 0x1000, 0x7fff, 0x0, 0xfffffffffffffffb}}) r3 = open(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x1c5) mprotect$auto(0x110c230000, 0x136, 0x2) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) pread64$auto(r3, 0x0, 0xe, 0x5) 434.30278ms ago: executing program 7 (id=7230): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e22, @multicast2}, 0x5) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) setsockopt$auto(0x3, 0x10f, 0x9f06, 0x0, 0x17) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = pipe2$auto(0x0, 0x80) ioctl$auto(r1, 0x5761, 0x4) ioctl$auto_BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000080)="d7a13be3c14e950bc86ac4250954b7f9b37dd9020413b9c0e0437b1770f1e60e3016321fb32f747b55a5dc9aa9c22b1dce04ad94fac29031234d3619f36b2b2872d09c5d4c1cfb73312afd29d4257a5df2dd59a775625a1e196dab0cb2e1b2d6541cf92b53ca962bcdda378470c44ab0a64c4b64c9b43e54f87ea6b5832db97dcf93a6d4b9b9dc59bd74fc71a5359a31c4f31c95a12fe985109d1d4f81144690b512f4214444131cedbd0214a12d") r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x14000000000df, 0x40eb2, r2, 0x300000000000) semtimedop$auto(0x40, 0x0, 0x6, 0x0) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) 184.202084ms ago: executing program 4 (id=7231): socket(0x11, 0xa, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x630b42, 0x0) socket(0x21, 0x1, 0x200001) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'caif0\x00'}) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8010) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0xffffffff, 0x3, 0xfffffffffffffff9, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) bpf$auto(0x0, 0x0, 0x6f4) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/cmdline\x00', 0x481, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) close_range$auto(0x2, 0xffffffffffffffff, 0xd) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x7fff) unshare$auto(0x40000080) 0s ago: executing program 5 (id=7232): mmap$auto(0x6, 0x2000d, 0x0, 0xebe, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(0x3, 0x3) eventfd$auto(0x8e) mlock$auto(0xfbe8, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, 0x0, 0x80000000) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x2, 0x0, 0x0) kernel console output (not intermixed with test programs): 0][T22342] prepare_alloc_pages+0x3c2/0x610 [ 912.640342][T22342] ? rcu_is_watching+0x12/0xc0 [ 912.640379][T22342] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 912.640415][T22342] ? __lock_acquire+0xb97/0x1ce0 [ 912.640488][T22342] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 912.640525][T22342] ? do_raw_spin_lock+0x12c/0x2b0 [ 912.640556][T22342] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 912.640586][T22342] ? find_held_lock+0x2b/0x80 [ 912.640628][T22342] ? __lock_acquire+0xb97/0x1ce0 [ 912.640671][T22342] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 912.640709][T22342] ? policy_nodemask+0xea/0x4e0 [ 912.640754][T22342] alloc_pages_mpol+0x1fb/0x550 [ 912.640797][T22342] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 912.640850][T22342] folio_alloc_mpol_noprof+0x36/0x2f0 [ 912.640883][T22342] shmem_alloc_folio+0x135/0x160 [ 912.640928][T22342] shmem_alloc_and_add_folio+0x499/0xc20 [ 912.640969][T22342] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 912.641006][T22342] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 912.641049][T22342] shmem_get_folio_gfp+0x67f/0x1610 [ 912.641092][T22342] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 912.641128][T22342] ? __pfx___might_resched+0x10/0x10 [ 912.641169][T22342] shmem_fallocate+0x794/0xf50 [ 912.641222][T22342] ? __pfx_shmem_fallocate+0x10/0x10 [ 912.641269][T22342] ? __lock_acquire+0xb97/0x1ce0 [ 912.641319][T22342] ? __lock_acquire+0x62e/0x1ce0 [ 912.641390][T22342] ? __pfx_shmem_fallocate+0x10/0x10 [ 912.641427][T22342] vfs_fallocate+0x5b4/0x10e0 [ 912.641471][T22342] ? __pfx_vfs_fallocate+0x10/0x10 [ 912.641529][T22342] __x64_sys_fallocate+0xd5/0x150 [ 912.641573][T22342] do_syscall_64+0xcd/0x4b0 [ 912.641609][T22342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.641637][T22342] RIP: 0033:0x7f107978eec9 [ 912.641663][T22342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 912.641688][T22342] RSP: 002b:00007f107a661038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 912.641717][T22342] RAX: ffffffffffffffda RBX: 00007f10799e6090 RCX: 00007f107978eec9 [ 912.641736][T22342] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003 [ 912.641753][T22342] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 912.641770][T22342] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 912.641789][T22342] R13: 00007f10799e6128 R14: 00007f10799e6090 R15: 00007ffe0f3bf5e8 [ 912.641829][T22342] [ 914.199835][T22363] FAULT_INJECTION: forcing a failure. [ 914.199835][T22363] name failslab, interval 1, probability 0, space 0, times 0 [ 914.246171][T22363] CPU: 1 UID: 0 PID: 22363 Comm: syz.7.5761 Not tainted syzkaller #0 PREEMPT(full) [ 914.246212][T22363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 914.246229][T22363] Call Trace: [ 914.246238][T22363] [ 914.246250][T22363] dump_stack_lvl+0x16c/0x1f0 [ 914.246297][T22363] should_fail_ex+0x512/0x640 [ 914.246331][T22363] ? fs_reclaim_acquire+0xae/0x150 [ 914.246374][T22363] should_failslab+0xc2/0x120 [ 914.246418][T22363] __kmalloc_noprof+0xdd/0x880 [ 914.246446][T22363] ? __pfx_from_kuid+0x10/0x10 [ 914.246473][T22363] ? tomoyo_init_log+0x1385/0x2140 [ 914.246520][T22363] ? tomoyo_init_log+0x1385/0x2140 [ 914.246561][T22363] tomoyo_init_log+0x1385/0x2140 [ 914.246622][T22363] ? __pfx_tomoyo_init_log+0x10/0x10 [ 914.246662][T22363] ? tomoyo_profile+0x47/0x60 [ 914.246689][T22363] ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0 [ 914.246743][T22363] tomoyo_supervisor+0x302/0x13b0 [ 914.246784][T22363] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 914.246812][T22363] ? __pfx_vsnprintf+0x10/0x10 [ 914.246863][T22363] ? tomoyo_check_path_number_acl+0xa6/0x2f0 [ 914.246918][T22363] tomoyo_path_number_perm+0x448/0x580 [ 914.246985][T22363] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 914.247067][T22363] ? find_held_lock+0x2b/0x80 [ 914.247105][T22363] ? hook_file_ioctl_common+0x145/0x410 [ 914.247158][T22363] ? __fget_files+0x20e/0x3c0 [ 914.247223][T22363] security_file_ioctl+0x9b/0x240 [ 914.247266][T22363] __x64_sys_ioctl+0xb7/0x210 [ 914.247316][T22363] do_syscall_64+0xcd/0x4b0 [ 914.247353][T22363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 914.247384][T22363] RIP: 0033:0x7fe01d18eec9 [ 914.247416][T22363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 914.247444][T22363] RSP: 002b:00007fe01b3b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 914.247472][T22363] RAX: ffffffffffffffda RBX: 00007fe01d3e6180 RCX: 00007fe01d18eec9 [ 914.247492][T22363] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000006 [ 914.247510][T22363] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 914.247530][T22363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 914.247549][T22363] R13: 00007fe01d3e6218 R14: 00007fe01d3e6180 R15: 00007fffe88b5fa8 [ 914.247591][T22363] [ 915.296675][T22376] FAULT_INJECTION: forcing a failure. [ 915.296675][T22376] name failslab, interval 1, probability 0, space 0, times 0 [ 915.324882][T22376] CPU: 1 UID: 0 PID: 22376 Comm: syz.7.5767 Not tainted syzkaller #0 PREEMPT(full) [ 915.324930][T22376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 915.324949][T22376] Call Trace: [ 915.324961][T22376] [ 915.324974][T22376] dump_stack_lvl+0x16c/0x1f0 [ 915.325016][T22376] should_fail_ex+0x512/0x640 [ 915.325052][T22376] ? fs_reclaim_acquire+0xae/0x150 [ 915.325103][T22376] should_failslab+0xc2/0x120 [ 915.325164][T22376] __kmalloc_noprof+0xdd/0x880 [ 915.325200][T22376] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 915.325260][T22376] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 915.325309][T22376] tomoyo_realpath_from_path+0xc2/0x6e0 [ 915.325364][T22376] ? tomoyo_profile+0x47/0x60 [ 915.325410][T22376] tomoyo_path_number_perm+0x245/0x580 [ 915.325451][T22376] ? tomoyo_path_number_perm+0x237/0x580 [ 915.325497][T22376] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 915.325555][T22376] ? find_held_lock+0x2b/0x80 [ 915.325621][T22376] ? __pfx___d_add+0x10/0x10 [ 915.325661][T22376] ? d_alloc+0x176/0x1e0 [ 915.325699][T22376] ? current_check_access_path+0x33c/0x460 [ 915.325752][T22376] ? __pfx_current_check_access_path+0x10/0x10 [ 915.325805][T22376] ? simple_lookup+0x105/0x1d0 [ 915.325840][T22376] ? lookup_one_qstr_excl+0xb3/0x250 [ 915.325896][T22376] tomoyo_path_mkdir+0x9b/0xe0 [ 915.325929][T22376] ? __pfx_tomoyo_path_mkdir+0x10/0x10 [ 915.325975][T22376] security_path_mkdir+0x154/0x2f0 [ 915.326022][T22376] do_mkdirat+0x175/0x3e0 [ 915.326067][T22376] ? __pfx_do_mkdirat+0x10/0x10 [ 915.326111][T22376] ? getname_flags.part.0+0x1c5/0x550 [ 915.326167][T22376] __x64_sys_mkdir+0xef/0x140 [ 915.326209][T22376] do_syscall_64+0xcd/0x4b0 [ 915.326244][T22376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 915.326274][T22376] RIP: 0033:0x7fe01d18eec9 [ 915.326301][T22376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 915.326335][T22376] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 915.326366][T22376] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 915.326399][T22376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0 [ 915.326420][T22376] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 915.326441][T22376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 915.326462][T22376] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 915.326507][T22376] [ 915.675531][T22376] ERROR: Out of memory at tomoyo_realpath_from_path. [ 919.815504][T22454] random: crng reseeded on system resumption [ 921.139559][T22476] FAULT_INJECTION: forcing a failure. [ 921.139559][T22476] name failslab, interval 1, probability 0, space 0, times 0 [ 921.489479][T22476] CPU: 1 UID: 0 PID: 22476 Comm: syz.7.5794 Not tainted syzkaller #0 PREEMPT(full) [ 921.489507][T22476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 921.489518][T22476] Call Trace: [ 921.489526][T22476] [ 921.489533][T22476] dump_stack_lvl+0x16c/0x1f0 [ 921.489559][T22476] should_fail_ex+0x512/0x640 [ 921.489580][T22476] ? __kmalloc_cache_noprof+0x5f/0x780 [ 921.489603][T22476] should_failslab+0xc2/0x120 [ 921.489630][T22476] __kmalloc_cache_noprof+0x72/0x780 [ 921.489649][T22476] ? lockdep_hardirqs_on+0x7c/0x110 [ 921.489666][T22476] ? sctp_endpoint_new+0xfc/0xb20 [ 921.489698][T22476] ? sctp_endpoint_new+0xfc/0xb20 [ 921.489717][T22476] sctp_endpoint_new+0xfc/0xb20 [ 921.489741][T22476] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 921.489763][T22476] ? lockdep_init_map_type+0x5c/0x280 [ 921.489793][T22476] ? lockdep_init_map_type+0x5c/0x280 [ 921.489825][T22476] sctp_init_sock+0xe2b/0x12f0 [ 921.489845][T22476] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 921.489865][T22476] sctp_v6_init_sock+0x16/0x70 [ 921.489883][T22476] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 921.489901][T22476] inet6_create+0xb30/0x12b0 [ 921.489929][T22476] ? inet6_create+0x7f/0x12b0 [ 921.489957][T22476] __sock_create+0x335/0x8d0 [ 921.489989][T22476] __sys_socket+0x14d/0x260 [ 921.490016][T22476] ? __pfx___sys_socket+0x10/0x10 [ 921.490041][T22476] ? xfd_validate_state+0x61/0x180 [ 921.490057][T22476] ? __pfx_ksys_write+0x10/0x10 [ 921.490083][T22476] __x64_sys_socket+0x72/0xb0 [ 921.490108][T22476] ? lockdep_hardirqs_on+0x7c/0x110 [ 921.490125][T22476] do_syscall_64+0xcd/0x4b0 [ 921.490145][T22476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.490163][T22476] RIP: 0033:0x7fe01d18eec9 [ 921.490179][T22476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 921.490197][T22476] RSP: 002b:00007fe01b3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 921.490215][T22476] RAX: ffffffffffffffda RBX: 00007fe01d3e6090 RCX: 00007fe01d18eec9 [ 921.490227][T22476] RDX: 0000000000000084 RSI: 0000000000000005 RDI: 000000000000000a [ 921.490237][T22476] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 921.490248][T22476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 921.490258][T22476] R13: 00007fe01d3e6128 R14: 00007fe01d3e6090 R15: 00007fffe88b5fa8 [ 921.490279][T22476] [ 922.165301][T22490] FAULT_INJECTION: forcing a failure. [ 922.165301][T22490] name failslab, interval 1, probability 0, space 0, times 0 [ 922.179539][T22490] CPU: 1 UID: 0 PID: 22490 Comm: syz.6.5796 Not tainted syzkaller #0 PREEMPT(full) [ 922.179584][T22490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 922.179605][T22490] Call Trace: [ 922.179623][T22490] [ 922.179637][T22490] dump_stack_lvl+0x16c/0x1f0 [ 922.179704][T22490] should_fail_ex+0x512/0x640 [ 922.179744][T22490] ? fs_reclaim_acquire+0xae/0x150 [ 922.179814][T22490] should_failslab+0xc2/0x120 [ 922.179849][T22490] kmem_cache_alloc_noprof+0x75/0x6e0 [ 922.179877][T22490] ? __pfx_map_id_range_down+0x10/0x10 [ 922.179906][T22490] ? security_inode_alloc+0x3b/0x2b0 [ 922.179966][T22490] ? security_inode_alloc+0x3b/0x2b0 [ 922.179994][T22490] security_inode_alloc+0x3b/0x2b0 [ 922.180023][T22490] inode_init_always_gfp+0xce4/0x1030 [ 922.180054][T22490] alloc_inode+0x86/0x240 [ 922.180084][T22490] sock_alloc+0x40/0x280 [ 922.180118][T22490] __sock_create+0xc1/0x8d0 [ 922.180148][T22490] __sys_socket+0x14d/0x260 [ 922.180181][T22490] ? __pfx___sys_socket+0x10/0x10 [ 922.180207][T22490] ? xfd_validate_state+0x61/0x180 [ 922.180223][T22490] ? __pfx___do_sys_close_range+0x10/0x10 [ 922.180250][T22490] __x64_sys_socket+0x72/0xb0 [ 922.180274][T22490] ? lockdep_hardirqs_on+0x7c/0x110 [ 922.180292][T22490] do_syscall_64+0xcd/0x4b0 [ 922.180313][T22490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.180331][T22490] RIP: 0033:0x7f107978eec9 [ 922.180347][T22490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 922.180365][T22490] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 922.180383][T22490] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 922.180395][T22490] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000011 [ 922.180405][T22490] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 922.180416][T22490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.180427][T22490] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 922.180449][T22490] [ 922.180480][T22490] socket: no more sockets [ 925.990143][T22543] random: crng reseeded on system resumption [ 927.707972][T22565] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5817'. [ 928.069172][T22570] random: crng reseeded on system resumption [ 928.100028][T21632] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 928.122754][T22570] FAULT_INJECTION: forcing a failure. [ 928.122754][T22570] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 928.161781][T22570] CPU: 0 UID: 0 PID: 22570 Comm: syz.6.5821 Not tainted syzkaller #0 PREEMPT(full) [ 928.161827][T22570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 928.161847][T22570] Call Trace: [ 928.161859][T22570] [ 928.161872][T22570] dump_stack_lvl+0x16c/0x1f0 [ 928.161913][T22570] should_fail_ex+0x512/0x640 [ 928.161958][T22570] should_fail_alloc_page+0xe7/0x130 [ 928.162008][T22570] prepare_alloc_pages+0x3c2/0x610 [ 928.162054][T22570] ? rcu_is_watching+0x12/0xc0 [ 928.162097][T22570] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 928.162141][T22570] ? __pfx_stack_trace_save+0x10/0x10 [ 928.162191][T22570] ? __lock_acquire+0x62e/0x1ce0 [ 928.162245][T22570] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 928.162302][T22570] ? rcu_read_unlock+0x17/0x60 [ 928.162353][T22570] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 928.162407][T22570] ? policy_nodemask+0xea/0x4e0 [ 928.162454][T22570] alloc_pages_mpol+0x1fb/0x550 [ 928.162501][T22570] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 928.162538][T22570] ? trace_kmalloc+0x2b/0xd0 [ 928.162576][T22570] ? trace_kmalloc+0x2b/0xd0 [ 928.162614][T22570] ? __kmalloc_noprof.cold+0x5d/0x62 [ 928.162654][T22570] ? relay_open_buf.part.0+0x194/0xc40 [ 928.162709][T22570] alloc_pages_noprof+0x131/0x390 [ 928.162756][T22570] relay_open_buf.part.0+0x262/0xc40 [ 928.162819][T22570] relay_open+0x653/0xad0 [ 928.162868][T22570] ? debugfs_create_file_full+0x41/0x60 [ 928.162917][T22570] do_blk_trace_setup+0x4c5/0xb00 [ 928.162968][T22570] blk_trace_setup+0xed/0x1b0 [ 928.163013][T22570] ? __pfx_blk_trace_setup+0x10/0x10 [ 928.163055][T22570] ? __pfx_snprintf+0x10/0x10 [ 928.163096][T22570] ? do_vfs_ioctl+0x128/0x14f0 [ 928.163152][T22570] blk_trace_ioctl+0x146/0x280 [ 928.163197][T22570] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 928.163250][T22570] ? find_held_lock+0x2b/0x80 [ 928.163287][T22570] ? hook_file_ioctl_common+0x145/0x410 [ 928.163347][T22570] blkdev_ioctl+0x108/0x6d0 [ 928.163405][T22570] ? __pfx_blkdev_ioctl+0x10/0x10 [ 928.163458][T22570] ? __pfx_blkdev_ioctl+0x10/0x10 [ 928.163506][T22570] __x64_sys_ioctl+0x18e/0x210 [ 928.163561][T22570] do_syscall_64+0xcd/0x4b0 [ 928.163599][T22570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.163627][T22570] RIP: 0033:0x7f107978eec9 [ 928.163652][T22570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 928.163680][T22570] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 928.163710][T22570] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 928.163730][T22570] RDX: 0000200000000240 RSI: 00000000c0481273 RDI: 0000000000000009 [ 928.163750][T22570] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 928.163770][T22570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 928.163789][T22570] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 928.163832][T22570] [ 928.985077][T22568] FAULT_INJECTION: forcing a failure. [ 928.985077][T22568] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 929.127930][T22568] CPU: 1 UID: 0 PID: 22568 Comm: syz.7.5813 Not tainted syzkaller #0 PREEMPT(full) [ 929.127975][T22568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 929.127995][T22568] Call Trace: [ 929.128006][T22568] [ 929.128019][T22568] dump_stack_lvl+0x16c/0x1f0 [ 929.128060][T22568] should_fail_ex+0x512/0x640 [ 929.128105][T22568] should_fail_alloc_page+0xe7/0x130 [ 929.128157][T22568] prepare_alloc_pages+0x3c2/0x610 [ 929.128212][T22568] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 929.128249][T22568] ? __lock_acquire+0x62e/0x1ce0 [ 929.128309][T22568] ? __lock_acquire+0x62e/0x1ce0 [ 929.128365][T22568] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 929.128431][T22568] ? is_bpf_text_address+0x8a/0x1a0 [ 929.128481][T22568] ? bpf_ksym_find+0x124/0x1c0 [ 929.128521][T22568] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 929.128567][T22568] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 929.128607][T22568] ? policy_nodemask+0xea/0x4e0 [ 929.128658][T22568] alloc_pages_mpol+0x1fb/0x550 [ 929.128705][T22568] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 929.128764][T22568] alloc_pages_noprof+0x131/0x390 [ 929.128812][T22568] __pud_alloc+0x3b/0x6b0 [ 929.128862][T22568] copy_page_range+0x4650/0x6930 [ 929.128909][T22568] ? __lock_acquire+0x62e/0x1ce0 [ 929.128990][T22568] ? __pfx_copy_page_range+0x10/0x10 [ 929.129028][T22568] ? mas_store+0x860/0x1030 [ 929.129063][T22568] ? __pfx___might_resched+0x10/0x10 [ 929.129104][T22568] ? find_held_lock+0x2b/0x80 [ 929.129144][T22568] ? __pfx_mas_store+0x10/0x10 [ 929.129180][T22568] ? __vma_enter_locked+0x163/0x3f0 [ 929.129237][T22568] dup_mmap+0xe80/0x2280 [ 929.129301][T22568] ? __pfx_dup_mmap+0x10/0x10 [ 929.129379][T22568] copy_process+0x3f0c/0x76a0 [ 929.129435][T22568] ? __pfx___futex_wait+0x10/0x10 [ 929.129466][T22568] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 929.129534][T22568] ? __pfx_copy_process+0x10/0x10 [ 929.129579][T22568] ? futex_private_hash_put+0x176/0x300 [ 929.129633][T22568] ? futex_private_hash_put+0x18a/0x300 [ 929.129684][T22568] kernel_clone+0xfc/0x930 [ 929.129733][T22568] ? __pfx_kernel_clone+0x10/0x10 [ 929.129803][T22568] __do_sys_clone+0xce/0x120 [ 929.129849][T22568] ? __pfx___do_sys_clone+0x10/0x10 [ 929.129893][T22568] ? ksys_unshare+0x687/0xa40 [ 929.129958][T22568] ? xfd_validate_state+0x61/0x180 [ 929.130014][T22568] do_syscall_64+0xcd/0x4b0 [ 929.130054][T22568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.130086][T22568] RIP: 0033:0x7fe01d18eec9 [ 929.130113][T22568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 929.130144][T22568] RSP: 002b:00007fe01b3d4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 929.130174][T22568] RAX: ffffffffffffffda RBX: 00007fe01d3e6090 RCX: 00007fe01d18eec9 [ 929.130195][T22568] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360011 [ 929.130214][T22568] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 929.130233][T22568] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 929.130251][T22568] R13: 00007fe01d3e6128 R14: 00007fe01d3e6090 R15: 00007fffe88b5fa8 [ 929.130295][T22568] [ 933.141316][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 933.147964][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 935.703466][T22665] random: crng reseeded on system resumption [ 935.737404][T22667] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5845'. [ 937.076667][T22685] FAULT_INJECTION: forcing a failure. [ 937.076667][T22685] name failslab, interval 1, probability 0, space 0, times 0 [ 937.094384][T22685] CPU: 1 UID: 0 PID: 22685 Comm: syz.7.5859 Not tainted syzkaller #0 PREEMPT(full) [ 937.094428][T22685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 937.094446][T22685] Call Trace: [ 937.094456][T22685] [ 937.094470][T22685] dump_stack_lvl+0x16c/0x1f0 [ 937.094509][T22685] should_fail_ex+0x512/0x640 [ 937.094545][T22685] ? __kmalloc_noprof+0xca/0x880 [ 937.094581][T22685] should_failslab+0xc2/0x120 [ 937.094639][T22685] __kmalloc_noprof+0xdd/0x880 [ 937.094666][T22685] ? rcu_is_watching+0x12/0xc0 [ 937.094702][T22685] ? sk_prot_alloc+0x1a8/0x2a0 [ 937.094746][T22685] ? sk_prot_alloc+0x1a8/0x2a0 [ 937.094783][T22685] sk_prot_alloc+0x1a8/0x2a0 [ 937.094825][T22685] sk_alloc+0x36/0xc20 [ 937.094855][T22685] packet_create+0x127/0x8e0 [ 937.094903][T22685] __sock_create+0x335/0x8d0 [ 937.094951][T22685] __sys_socket+0x14d/0x260 [ 937.094994][T22685] ? __pfx___sys_socket+0x10/0x10 [ 937.095037][T22685] ? xfd_validate_state+0x61/0x180 [ 937.095063][T22685] ? __pfx___do_sys_close_range+0x10/0x10 [ 937.095108][T22685] __x64_sys_socket+0x72/0xb0 [ 937.095149][T22685] ? lockdep_hardirqs_on+0x7c/0x110 [ 937.095179][T22685] do_syscall_64+0xcd/0x4b0 [ 937.095215][T22685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 937.095247][T22685] RIP: 0033:0x7fe01d18eec9 [ 937.095272][T22685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 937.095303][T22685] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 937.095329][T22685] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 937.095347][T22685] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000011 [ 937.095364][T22685] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 937.095382][T22685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 937.095398][T22685] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 937.095435][T22685] [ 937.872411][T22700] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 937.934867][T22700] CIFS mount error: No usable UNC path provided in device string! [ 937.934867][T22700] [ 937.966519][T22700] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 938.338474][T21632] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 939.100692][T22719] FAULT_INJECTION: forcing a failure. [ 939.100692][T22719] name failslab, interval 1, probability 0, space 0, times 0 [ 939.188617][T22719] CPU: 0 UID: 0 PID: 22719 Comm: syz.6.5861 Not tainted syzkaller #0 PREEMPT(full) [ 939.188670][T22719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 939.188690][T22719] Call Trace: [ 939.188701][T22719] [ 939.188715][T22719] dump_stack_lvl+0x16c/0x1f0 [ 939.188756][T22719] should_fail_ex+0x512/0x640 [ 939.188792][T22719] ? __kmalloc_noprof+0xca/0x880 [ 939.188828][T22719] should_failslab+0xc2/0x120 [ 939.188875][T22719] __kmalloc_noprof+0xdd/0x880 [ 939.188908][T22719] ? __register_sysctl_table+0xb3/0x1900 [ 939.188965][T22719] ? __register_sysctl_table+0xb3/0x1900 [ 939.189015][T22719] __register_sysctl_table+0xb3/0x1900 [ 939.189066][T22719] ? is_module_address+0x5f/0xf0 [ 939.189102][T22719] ? __pfx___register_sysctl_table+0x10/0x10 [ 939.189150][T22719] ? is_module_address+0x69/0xf0 [ 939.189179][T22719] ? register_net_sysctl_sz+0x228/0x3e0 [ 939.189220][T22719] ? __asan_memcpy+0x30/0x60 [ 939.189251][T22719] ? kmemdup_noprof+0x49/0x60 [ 939.189283][T22719] ipv6_sysctl_net_init+0x180/0x2b0 [ 939.189309][T22719] ? __pfx_ipv6_sysctl_net_init+0x10/0x10 [ 939.189332][T22719] ops_init+0x1e2/0x5f0 [ 939.189363][T22719] setup_net+0x100/0x390 [ 939.189391][T22719] ? __pfx_setup_net+0x10/0x10 [ 939.189419][T22719] ? debug_mutex_init+0x37/0x70 [ 939.189452][T22719] copy_net_ns+0x2f8/0x690 [ 939.189485][T22719] create_new_namespaces+0x3ea/0xa90 [ 939.189524][T22719] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 939.189558][T22719] ksys_unshare+0x45b/0xa40 [ 939.189593][T22719] ? __pfx_ksys_unshare+0x10/0x10 [ 939.189630][T22719] ? xfd_validate_state+0x61/0x180 [ 939.189674][T22719] __x64_sys_unshare+0x31/0x40 [ 939.189708][T22719] do_syscall_64+0xcd/0x4b0 [ 939.189736][T22719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 939.189760][T22719] RIP: 0033:0x7f107978eec9 [ 939.189780][T22719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 939.189804][T22719] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 939.189828][T22719] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 939.189845][T22719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 939.189860][T22719] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 939.189876][T22719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 939.189891][T22719] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 939.189925][T22719] [ 939.442080][ C0] vkms_vblank_simulate: vblank timer overrun [ 940.835608][T22732] Process accounting resumed [ 942.423452][T22761] FAULT_INJECTION: forcing a failure. [ 942.423452][T22761] name failslab, interval 1, probability 0, space 0, times 0 [ 942.424118][T22758] netlink: 354 bytes leftover after parsing attributes in process `syz.4.5871'. [ 942.457047][T22761] CPU: 1 UID: 0 PID: 22761 Comm: syz.7.5872 Not tainted syzkaller #0 PREEMPT(full) [ 942.457086][T22761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 942.457104][T22761] Call Trace: [ 942.457114][T22761] [ 942.457125][T22761] dump_stack_lvl+0x16c/0x1f0 [ 942.457162][T22761] should_fail_ex+0x512/0x640 [ 942.457222][T22761] ? __kmalloc_noprof+0xca/0x880 [ 942.457258][T22761] should_failslab+0xc2/0x120 [ 942.457302][T22761] __kmalloc_noprof+0xdd/0x880 [ 942.457329][T22761] ? lockdep_init_map_type+0x5c/0x280 [ 942.457376][T22761] ? xfrm_hash_alloc+0xd1/0x100 [ 942.457420][T22761] ? xfrm_hash_alloc+0xd1/0x100 [ 942.457452][T22761] xfrm_hash_alloc+0xd1/0x100 [ 942.457498][T22761] xfrm_net_init+0x35f/0xcc0 [ 942.457546][T22761] ? __pfx_xfrm_net_init+0x10/0x10 [ 942.457585][T22761] ops_init+0x1e2/0x5f0 [ 942.457635][T22761] setup_net+0x100/0x390 [ 942.457671][T22761] ? __pfx_setup_net+0x10/0x10 [ 942.457709][T22761] ? debug_mutex_init+0x37/0x70 [ 942.457753][T22761] copy_net_ns+0x2f8/0x690 [ 942.457797][T22761] create_new_namespaces+0x3ea/0xa90 [ 942.457849][T22761] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 942.457893][T22761] ksys_unshare+0x45b/0xa40 [ 942.457938][T22761] ? __pfx_ksys_unshare+0x10/0x10 [ 942.457985][T22761] ? xfd_validate_state+0x61/0x180 [ 942.458033][T22761] __x64_sys_unshare+0x31/0x40 [ 942.458077][T22761] do_syscall_64+0xcd/0x4b0 [ 942.458113][T22761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.458144][T22761] RIP: 0033:0x7fe01d18eec9 [ 942.458170][T22761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 942.458200][T22761] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 942.458231][T22761] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 942.458252][T22761] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 942.458270][T22761] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 942.458289][T22761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 942.458306][T22761] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 942.458348][T22761] [ 944.932322][ C1] sd 0:0:1:0: [sda] tag#3082 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 944.943239][ C1] sd 0:0:1:0: [sda] tag#3082 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 946.543424][T22826] FAULT_INJECTION: forcing a failure. [ 946.543424][T22826] name failslab, interval 1, probability 0, space 0, times 0 [ 946.588930][T22826] CPU: 0 UID: 0 PID: 22826 Comm: syz.6.5890 Not tainted syzkaller #0 PREEMPT(full) [ 946.588977][T22826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 946.588995][T22826] Call Trace: [ 946.589006][T22826] [ 946.589017][T22826] dump_stack_lvl+0x16c/0x1f0 [ 946.589054][T22826] should_fail_ex+0x512/0x640 [ 946.589088][T22826] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 946.589133][T22826] should_failslab+0xc2/0x120 [ 946.589178][T22826] __kvmalloc_node_noprof+0x141/0x9c0 [ 946.589229][T22826] ? devkmsg_open+0xc7/0x290 [ 946.589263][T22826] ? __pfx_devkmsg_open+0x10/0x10 [ 946.589296][T22826] ? devkmsg_open+0xc7/0x290 [ 946.589324][T22826] devkmsg_open+0xc7/0x290 [ 946.589356][T22826] memory_open+0x172/0x1e0 [ 946.589389][T22826] ? __pfx_memory_open+0x10/0x10 [ 946.589430][T22826] chrdev_open+0x231/0x6a0 [ 946.589468][T22826] ? __pfx_apparmor_file_open+0x10/0x10 [ 946.589503][T22826] ? __pfx_chrdev_open+0x10/0x10 [ 946.589545][T22826] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 946.589591][T22826] do_dentry_open+0x982/0x1530 [ 946.589644][T22826] ? __pfx_chrdev_open+0x10/0x10 [ 946.589692][T22826] vfs_open+0x82/0x3f0 [ 946.589744][T22826] path_openat+0x1de4/0x2cb0 [ 946.589794][T22826] ? __pfx_path_openat+0x10/0x10 [ 946.589842][T22826] do_filp_open+0x20b/0x470 [ 946.589879][T22826] ? __pfx_do_filp_open+0x10/0x10 [ 946.589945][T22826] ? alloc_fd+0x471/0x7d0 [ 946.589989][T22826] do_sys_openat2+0x11b/0x1d0 [ 946.590035][T22826] ? __pfx_do_sys_openat2+0x10/0x10 [ 946.590098][T22826] __x64_sys_openat+0x174/0x210 [ 946.590128][T22826] ? __pfx___x64_sys_openat+0x10/0x10 [ 946.590174][T22826] do_syscall_64+0xcd/0x4b0 [ 946.590210][T22826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 946.590242][T22826] RIP: 0033:0x7f107978eec9 [ 946.590267][T22826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 946.590298][T22826] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 946.590328][T22826] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 946.590348][T22826] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 946.590367][T22826] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 946.590385][T22826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 946.590404][T22826] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 946.590445][T22826] [ 948.868961][T22867] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5910'. [ 948.951814][T22867] netlink: 354 bytes leftover after parsing attributes in process `syz.7.5910'. [ 949.289825][ T30] audit: type=1326 audit(4294975349.213:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22873 comm="syz.7.5904" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe01d18eec9 code=0x0 [ 949.320635][T22875] FAULT_INJECTION: forcing a failure. [ 949.320635][T22875] name failslab, interval 1, probability 0, space 0, times 0 [ 949.359726][T22875] CPU: 1 UID: 0 PID: 22875 Comm: syz.7.5904 Not tainted syzkaller #0 PREEMPT(full) [ 949.359773][T22875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 949.359793][T22875] Call Trace: [ 949.359804][T22875] [ 949.359817][T22875] dump_stack_lvl+0x16c/0x1f0 [ 949.359856][T22875] should_fail_ex+0x512/0x640 [ 949.359892][T22875] ? __kmalloc_cache_noprof+0x5f/0x780 [ 949.359931][T22875] should_failslab+0xc2/0x120 [ 949.359977][T22875] __kmalloc_cache_noprof+0x72/0x780 [ 949.360019][T22875] ? snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 949.360068][T22875] ? snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 949.360109][T22875] snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 949.360155][T22875] ? trace_contention_end+0xdd/0x130 [ 949.360206][T22875] ? __mutex_lock+0x1c5/0x1060 [ 949.360245][T22875] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 949.360289][T22875] ? __pfx___mutex_lock+0x10/0x10 [ 949.360331][T22875] ? __fsnotify_parent+0x24b/0xc40 [ 949.360382][T22875] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 949.360434][T22875] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 949.360473][T22875] snd_pcm_oss_sync+0x1de/0x840 [ 949.360517][T22875] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 949.360558][T22875] snd_pcm_oss_release+0x28b/0x310 [ 949.360602][T22875] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 949.360640][T22875] __fput+0x3ff/0xb70 [ 949.360692][T22875] task_work_run+0x150/0x240 [ 949.360727][T22875] ? __pfx_task_work_run+0x10/0x10 [ 949.360759][T22875] ? __pfx___do_sys_close_range+0x10/0x10 [ 949.360803][T22875] exit_to_user_mode_loop+0xec/0x130 [ 949.360835][T22875] do_syscall_64+0x419/0x4b0 [ 949.360868][T22875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 949.360897][T22875] RIP: 0033:0x7fe01d18eec9 [ 949.360921][T22875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 949.360948][T22875] RSP: 002b:00007fe01b3d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 949.360976][T22875] RAX: 0000000000000000 RBX: 00007fe01d3e6090 RCX: 00007fe01d18eec9 [ 949.360995][T22875] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 949.361014][T22875] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 949.361033][T22875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 949.361051][T22875] R13: 00007fe01d3e6128 R14: 00007fe01d3e6090 R15: 00007fffe88b5fa8 [ 949.361092][T22875] [ 952.680101][T22915] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5917'. [ 953.455378][T22924] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5920'. [ 953.779597][T22926] FAULT_INJECTION: forcing a failure. [ 953.779597][T22926] name failslab, interval 1, probability 0, space 0, times 0 [ 953.793090][T22926] CPU: 0 UID: 0 PID: 22926 Comm: syz.7.5921 Not tainted syzkaller #0 PREEMPT(full) [ 953.793133][T22926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 953.793153][T22926] Call Trace: [ 953.793164][T22926] [ 953.793177][T22926] dump_stack_lvl+0x16c/0x1f0 [ 953.793217][T22926] should_fail_ex+0x512/0x640 [ 953.793260][T22926] should_failslab+0xc2/0x120 [ 953.793305][T22926] __kmalloc_cache_noprof+0x72/0x780 [ 953.793338][T22926] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 953.793371][T22926] ? tipc_nametbl_insert_publ+0x700/0x1720 [ 953.793416][T22926] ? tipc_nametbl_insert_publ+0x700/0x1720 [ 953.793450][T22926] tipc_nametbl_insert_publ+0x700/0x1720 [ 953.793491][T22926] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 953.793521][T22926] ? net_generic+0xea/0x2a0 [ 953.793566][T22926] tipc_nametbl_publish+0x137/0x280 [ 953.793610][T22926] tipc_sk_publish+0x1d8/0x430 [ 953.793650][T22926] ? __pfx_tipc_sk_publish+0x10/0x10 [ 953.793703][T22926] ? __local_bh_enable_ip+0xa4/0x120 [ 953.793750][T22926] tipc_sk_bind+0x16f/0x380 [ 953.793792][T22926] tipc_bind+0x190/0x2a0 [ 953.793833][T22926] __sys_bind+0x1a7/0x260 [ 953.793879][T22926] ? __pfx___sys_bind+0x10/0x10 [ 953.793941][T22926] ? xfd_validate_state+0x61/0x180 [ 953.793967][T22926] ? __pfx_do_writev+0x10/0x10 [ 953.794010][T22926] __x64_sys_bind+0x72/0xb0 [ 953.794048][T22926] ? lockdep_hardirqs_on+0x7c/0x110 [ 953.794078][T22926] do_syscall_64+0xcd/0x4b0 [ 953.794111][T22926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 953.794138][T22926] RIP: 0033:0x7fe01d18eec9 [ 953.794164][T22926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 953.794189][T22926] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 953.794217][T22926] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 953.794236][T22926] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000008 [ 953.794255][T22926] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 953.794274][T22926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 953.794292][T22926] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 953.794334][T22926] [ 953.794349][T22926] tipc: Failed to bind to 65,0,0 [ 954.431767][T22937] size and base must be multiples of 4 kiB [ 954.475955][T22937] CPU: 0 UID: 0 PID: 22937 Comm: syz.6.5922 Not tainted syzkaller #0 PREEMPT(full) [ 954.475999][T22937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 954.476019][T22937] Call Trace: [ 954.476029][T22937] [ 954.476043][T22937] dump_stack_lvl+0x16c/0x1f0 [ 954.476081][T22937] mtrr_add+0xdf/0x110 [ 954.476131][T22937] mtrr_ioctl+0x7ef/0xcf0 [ 954.476180][T22937] ? __pfx_mtrr_ioctl+0x10/0x10 [ 954.476235][T22937] ? find_held_lock+0x2b/0x80 [ 954.476282][T22937] ? __fget_files+0x20e/0x3c0 [ 954.476319][T22937] ? __pfx_mtrr_ioctl+0x10/0x10 [ 954.476363][T22937] proc_reg_unlocked_ioctl+0x229/0x320 [ 954.476407][T22937] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 954.476455][T22937] __x64_sys_ioctl+0x18e/0x210 [ 954.476505][T22937] do_syscall_64+0xcd/0x4b0 [ 954.476541][T22937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 954.476571][T22937] RIP: 0033:0x7f107978eec9 [ 954.476599][T22937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 954.476630][T22937] RSP: 002b:00007f107a661038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 954.476671][T22937] RAX: ffffffffffffffda RBX: 00007f10799e6090 RCX: 00007f107978eec9 [ 954.476693][T22937] RDX: 0000000000000005 RSI: 00000000400c4d01 RDI: 0000000000000005 [ 954.476712][T22937] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 954.476730][T22937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 954.476749][T22937] R13: 00007f10799e6128 R14: 00007f10799e6090 R15: 00007ffe0f3bf5e8 [ 954.476791][T22937] [ 955.156969][T22973] random: crng reseeded on system resumption [ 955.332834][T22973] FAULT_INJECTION: forcing a failure. [ 955.332834][T22973] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 955.351567][T22973] CPU: 1 UID: 0 PID: 22973 Comm: syz.6.5928 Not tainted syzkaller #0 PREEMPT(full) [ 955.351611][T22973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 955.351631][T22973] Call Trace: [ 955.351650][T22973] [ 955.351664][T22973] dump_stack_lvl+0x16c/0x1f0 [ 955.351706][T22973] should_fail_ex+0x512/0x640 [ 955.351751][T22973] should_fail_alloc_page+0xe7/0x130 [ 955.351803][T22973] prepare_alloc_pages+0x3c2/0x610 [ 955.351851][T22973] ? rcu_is_watching+0x12/0xc0 [ 955.351896][T22973] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 955.351941][T22973] ? __pfx_stack_trace_save+0x10/0x10 [ 955.351992][T22973] ? __lock_acquire+0x62e/0x1ce0 [ 955.352050][T22973] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 955.352110][T22973] ? rcu_read_unlock+0x17/0x60 [ 955.352163][T22973] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 955.352204][T22973] ? policy_nodemask+0xea/0x4e0 [ 955.352255][T22973] alloc_pages_mpol+0x1fb/0x550 [ 955.352304][T22973] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 955.352347][T22973] ? trace_kmalloc+0x2b/0xd0 [ 955.352391][T22973] ? trace_kmalloc+0x2b/0xd0 [ 955.352430][T22973] ? __kmalloc_noprof.cold+0x5d/0x62 [ 955.352474][T22973] ? relay_open_buf.part.0+0x194/0xc40 [ 955.352531][T22973] alloc_pages_noprof+0x131/0x390 [ 955.352585][T22973] relay_open_buf.part.0+0x262/0xc40 [ 955.352661][T22973] relay_open+0x653/0xad0 [ 955.352713][T22973] ? debugfs_create_file_full+0x41/0x60 [ 955.352764][T22973] do_blk_trace_setup+0x4c5/0xb00 [ 955.352816][T22973] blk_trace_setup+0xed/0x1b0 [ 955.352862][T22973] ? __pfx_blk_trace_setup+0x10/0x10 [ 955.352905][T22973] ? __pfx_snprintf+0x10/0x10 [ 955.352952][T22973] ? do_vfs_ioctl+0x128/0x14f0 [ 955.353009][T22973] blk_trace_ioctl+0x146/0x280 [ 955.353056][T22973] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 955.353109][T22973] ? find_held_lock+0x2b/0x80 [ 955.353147][T22973] ? hook_file_ioctl_common+0x145/0x410 [ 955.353198][T22973] blkdev_ioctl+0x108/0x6d0 [ 955.353246][T22973] ? __pfx_blkdev_ioctl+0x10/0x10 [ 955.353298][T22973] ? __pfx_blkdev_ioctl+0x10/0x10 [ 955.353346][T22973] __x64_sys_ioctl+0x18e/0x210 [ 955.353399][T22973] do_syscall_64+0xcd/0x4b0 [ 955.353438][T22973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 955.353469][T22973] RIP: 0033:0x7f107978eec9 [ 955.353496][T22973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 955.353526][T22973] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 955.353558][T22973] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 955.353580][T22973] RDX: 0000200000000240 RSI: 00000000c0481273 RDI: 0000000000000009 [ 955.353602][T22973] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 955.353621][T22973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 955.353647][T22973] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 955.353691][T22973] [ 955.962541][T22990] binder: 22989:22990 ioctl 5380 2000000000c0 returned -22 [ 956.034732][T22990] sd 0:0:1:0: PR command failed: 1026 [ 956.049527][T22990] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 956.084927][T22990] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 957.122592][T23018] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5945'. [ 957.739895][T23017] netlink: 354 bytes leftover after parsing attributes in process `syz.6.5938'. [ 959.805861][T23076] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 961.635070][T23073] kexec: Could not allocate control_code_buffer [ 962.170116][T23156] netlink: zone id is out of range [ 962.214535][T23156] netlink: del zone limit has 4 unknown bytes [ 962.370154][T23151] netlink: set zone limit has 8 unknown bytes [ 962.578634][T23156] HfR: entered promiscuous mode [ 964.347821][T23207] random: crng reseeded on system resumption [ 964.452559][T23207] Restarting kernel threads ... [ 964.510874][T23207] Done restarting kernel threads. [ 967.982890][T23233] [U]  [ 967.985947][T23233] [U] [ 967.988699][T23233] [U] [ 967.991449][T23233] [U] [ 968.063770][T23233] [U] [ 968.066749][T23233] [U] [ 968.069493][T23233] [U] [ 968.072243][T23233] [U] [ 968.183461][T23233] [U] [ 968.186255][T23233] [U] [ 968.189018][T23233] [U] [ 968.191855][T23233] [U] [ 968.311101][T23233] [U] [ 968.313990][T23233] [U] [ 968.316733][T23233] [U] [ 968.319559][T23233] [U] [ 968.500246][T23233] [U] [ 968.503033][T23233] [U] [ 968.505781][T23233] [U] [ 968.508547][T23233] [U] [ 968.599584][T23233] [U] [ 968.602380][T23233] [U] [ 968.605130][T23233] [U] [ 968.607902][T23233] [U] [ 968.630427][T23233] [U] [ 968.633229][T23233] [U] [ 968.636073][T23233] [U] [ 968.638877][T23233] [U] [ 968.804456][T23233] [U] [ 968.807538][T23233] [U] [ 968.810289][T23233] [U] [ 968.813045][T23233] [U] [ 968.853984][T23233] [U] [ 968.856771][T23233] [U] [ 968.859599][T23233] [U] [ 968.862353][T23233] [U] [ 968.877467][T23233] [U] [ 968.880349][T23233] [U] [ 968.883094][T23233] [U] [ 968.885840][T23233] [U] [ 968.891163][T23233] [U] [ 968.893924][T23233] [U] [ 968.896673][T23233] [U] [ 968.899420][T23233] [U] [ 968.903164][T23233] [U] [ 968.905914][T23233] [U] [ 968.908687][T23233] [U] [ 968.911447][T23233] [U] [ 968.917911][T23233] [U] [ 968.920672][T23233] [U] [ 968.923477][T23233] [U] [ 968.926226][T23233] [U] [ 968.929887][T23233] [U] [ 968.932637][T23233] [U] [ 968.935504][T23233] [U] [ 968.938399][T23233] [U] [ 968.943462][T23233] [U] [ 968.946231][T23233] [U] [ 968.948982][T23233] [U] [ 968.951726][T23233] [U] [ 968.955574][T23233] [U] [ 968.958338][T23233] [U] [ 968.961183][T23233] [U] [ 968.964039][T23233] [U] [ 968.967803][T23233] [U] [ 968.970754][T23233] [U] [ 968.973583][T23233] [U] [ 968.976339][T23233] [U] [ 968.993949][T23233] [U] [ 968.996745][T23233] [U] [ 968.999579][T23233] [U] [ 969.002377][T23233] [U] [ 969.006379][T23233] [U] [ 969.009159][T23233] [U] [ 969.011905][T23233] [U] [ 969.014733][T23233] [U] [ 969.075709][T23233] [U] [ 969.078492][T23233] [U] [ 969.081251][T23233] [U] [ 969.084034][T23233] [U] [ 969.186628][T23233] [U] [ 969.189725][T23233] [U] [ 969.192481][T23233] [U] [ 969.195454][T23233] [U] [ 969.334099][T23233] [U] [ 969.742600][T23281] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5971'. [ 970.689821][T23273] Process accounting paused [ 972.061348][T23313] FAULT_INJECTION: forcing a failure. [ 972.061348][T23313] name failslab, interval 1, probability 0, space 0, times 0 [ 972.103894][T23313] CPU: 1 UID: 0 PID: 23313 Comm: syz.6.5982 Not tainted syzkaller #0 PREEMPT(full) [ 972.103938][T23313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 972.103957][T23313] Call Trace: [ 972.103968][T23313] [ 972.103981][T23313] dump_stack_lvl+0x16c/0x1f0 [ 972.104023][T23313] should_fail_ex+0x512/0x640 [ 972.104059][T23313] ? __kmalloc_cache_noprof+0x5f/0x780 [ 972.104097][T23313] should_failslab+0xc2/0x120 [ 972.104141][T23313] __kmalloc_cache_noprof+0x72/0x780 [ 972.104174][T23313] ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 972.104219][T23313] ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 972.104251][T23313] vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 972.104287][T23313] drm_atomic_get_crtc_state+0x171/0x450 [ 972.104333][T23313] drm_atomic_get_plane_state+0x436/0x590 [ 972.104379][T23313] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 972.104423][T23313] ? __pfx___might_resched+0x10/0x10 [ 972.104474][T23313] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 972.104518][T23313] ? __mutex_lock+0x1c5/0x1060 [ 972.104547][T23313] ? rcu_is_watching+0x12/0xc0 [ 972.104636][T23313] drm_client_modeset_commit_locked+0x14d/0x580 [ 972.104690][T23313] drm_client_modeset_commit+0x4f/0x80 [ 972.104737][T23313] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 972.104787][T23313] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 972.104827][T23313] drm_fbdev_client_restore+0x2c/0x40 [ 972.104864][T23313] drm_client_dev_restore+0x1f6/0x2a0 [ 972.104917][T23313] drm_release+0x2c4/0x360 [ 972.104964][T23313] ? __pfx_drm_release+0x10/0x10 [ 972.105006][T23313] __fput+0x3ff/0xb70 [ 972.105057][T23313] task_work_run+0x150/0x240 [ 972.105089][T23313] ? __pfx_task_work_run+0x10/0x10 [ 972.105117][T23313] ? __pfx___do_sys_close_range+0x10/0x10 [ 972.105148][T23313] ? syscall_user_dispatch+0x78/0x140 [ 972.105188][T23313] exit_to_user_mode_loop+0xec/0x130 [ 972.105221][T23313] do_syscall_64+0x419/0x4b0 [ 972.105260][T23313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 972.105289][T23313] RIP: 0033:0x7f107978eec9 [ 972.105313][T23313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 972.105337][T23313] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 972.105362][T23313] RAX: 0000000000000000 RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 972.105377][T23313] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 972.105392][T23313] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 972.105406][T23313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 972.105420][T23313] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 972.105454][T23313] [ 977.681325][T23478] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5999'. [ 978.559755][T23494] random: crng reseeded on system resumption [ 978.687185][T23494] Restarting kernel threads ... [ 978.706855][T23494] Done restarting kernel threads. [ 979.686832][T23512] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6009'. [ 980.615795][T23522] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6012'. [ 981.478854][T23536] FAULT_INJECTION: forcing a failure. [ 981.478854][T23536] name failslab, interval 1, probability 0, space 0, times 0 [ 981.587832][T23536] CPU: 0 UID: 0 PID: 23536 Comm: syz.6.6014 Not tainted syzkaller #0 PREEMPT(full) [ 981.587878][T23536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 981.587897][T23536] Call Trace: [ 981.587908][T23536] [ 981.587921][T23536] dump_stack_lvl+0x16c/0x1f0 [ 981.587959][T23536] should_fail_ex+0x512/0x640 [ 981.587995][T23536] ? __kmalloc_noprof+0xca/0x880 [ 981.588034][T23536] should_failslab+0xc2/0x120 [ 981.588080][T23536] __kmalloc_noprof+0xdd/0x880 [ 981.588113][T23536] ? __register_sysctl_table+0xea2/0x1900 [ 981.588168][T23536] ? __register_sysctl_table+0xea2/0x1900 [ 981.588217][T23536] __register_sysctl_table+0xea2/0x1900 [ 981.588274][T23536] ? __pfx___register_sysctl_table+0x10/0x10 [ 981.588320][T23536] ? is_module_address+0x69/0xf0 [ 981.588349][T23536] ? register_net_sysctl_sz+0x228/0x3e0 [ 981.588402][T23536] ? __asan_memcpy+0x3c/0x60 [ 981.588442][T23536] sysctl_route_net_init+0x15e/0x2c0 [ 981.588486][T23536] ? __pfx_sysctl_route_net_init+0x10/0x10 [ 981.588528][T23536] ops_init+0x1e2/0x5f0 [ 981.588569][T23536] setup_net+0x100/0x390 [ 981.588605][T23536] ? __pfx_setup_net+0x10/0x10 [ 981.588640][T23536] ? debug_mutex_init+0x37/0x70 [ 981.588683][T23536] copy_net_ns+0x2f8/0x690 [ 981.588726][T23536] create_new_namespaces+0x3ea/0xa90 [ 981.588774][T23536] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 981.588820][T23536] ksys_unshare+0x45b/0xa40 [ 981.588864][T23536] ? __pfx_ksys_unshare+0x10/0x10 [ 981.588911][T23536] ? xfd_validate_state+0x61/0x180 [ 981.588952][T23536] __x64_sys_unshare+0x31/0x40 [ 981.588994][T23536] do_syscall_64+0xcd/0x4b0 [ 981.589030][T23536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.589060][T23536] RIP: 0033:0x7f107978eec9 [ 981.589087][T23536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.589118][T23536] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 981.589148][T23536] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 981.589170][T23536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 981.589189][T23536] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 981.589208][T23536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 981.589227][T23536] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 981.589269][T23536] [ 981.589283][T23536] sysctl could not get directory: /net/ipv4/route -12 [ 985.182749][T23641] sp0: Synchronizing with TNC [ 985.739271][T23592] kexec: Could not allocate control_code_buffer [ 987.351798][T23696] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6031'. [ 987.448422][T23696] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode [ 987.963850][T23709] FAULT_INJECTION: forcing a failure. [ 987.963850][T23709] name failslab, interval 1, probability 0, space 0, times 0 [ 988.437561][T23709] CPU: 1 UID: 0 PID: 23709 Comm: syz.6.6032 Not tainted syzkaller #0 PREEMPT(full) [ 988.437606][T23709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 988.437625][T23709] Call Trace: [ 988.437636][T23709] [ 988.437649][T23709] dump_stack_lvl+0x16c/0x1f0 [ 988.437688][T23709] should_fail_ex+0x512/0x640 [ 988.437724][T23709] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 988.437769][T23709] should_failslab+0xc2/0x120 [ 988.437812][T23709] __kvmalloc_node_noprof+0x141/0x9c0 [ 988.437854][T23709] ? alloc_fdtable+0x110/0x2d0 [ 988.437893][T23709] ? alloc_fdtable+0x110/0x2d0 [ 988.437922][T23709] alloc_fdtable+0x110/0x2d0 [ 988.437955][T23709] dup_fd+0x83b/0xb90 [ 988.437994][T23709] ? apparmor_task_alloc+0x2c2/0x3b0 [ 988.438034][T23709] copy_process+0x2312/0x76a0 [ 988.438077][T23709] ? __pfx___futex_wait+0x10/0x10 [ 988.438125][T23709] ? __pfx_copy_process+0x10/0x10 [ 988.438166][T23709] ? futex_private_hash_put+0x176/0x300 [ 988.438215][T23709] ? futex_private_hash_put+0x18a/0x300 [ 988.438277][T23709] kernel_clone+0xfc/0x930 [ 988.438312][T23709] ? __pfx_kernel_clone+0x10/0x10 [ 988.438378][T23709] __do_sys_clone+0xce/0x120 [ 988.438421][T23709] ? __pfx___do_sys_clone+0x10/0x10 [ 988.438482][T23709] ? xfd_validate_state+0x61/0x180 [ 988.438508][T23709] ? __task_pid_nr_ns+0x1f5/0x500 [ 988.438567][T23709] do_syscall_64+0xcd/0x4b0 [ 988.438607][T23709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 988.438638][T23709] RIP: 0033:0x7f107978eec9 [ 988.438662][T23709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 988.438691][T23709] RSP: 002b:00007f107a681fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 988.438721][T23709] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 988.438740][T23709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 988.438758][T23709] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 988.438776][T23709] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 988.438793][T23709] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 988.438831][T23709] [ 989.756333][T23716] kexec: Could not allocate control_code_buffer [ 990.668406][T23775] netlink: 186 bytes leftover after parsing attributes in process `syz.7.6044'. [ 994.252899][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 994.259980][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 997.772719][T24051] netlink: 'syz.6.6067': attribute type 4 has an invalid length. [ 997.788881][T24051] netlink: 314 bytes leftover after parsing attributes in process `syz.6.6067'. [ 1000.875162][T24132] sd 0:0:1:0: PR command failed: 1026 [ 1000.924893][T24132] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1000.950054][T24132] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1001.540035][T24076] kexec: Could not allocate control_code_buffer [ 1001.643657][T24076] Process accounting resumed [ 1003.573759][T24180] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6081'. [ 1003.859393][T24188] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6083'. [ 1004.314636][T24210] FAULT_INJECTION: forcing a failure. [ 1004.314636][T24210] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.364797][T24210] CPU: 0 UID: 0 PID: 24210 Comm: syz.6.6087 Not tainted syzkaller #0 PREEMPT(full) [ 1004.364846][T24210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1004.364865][T24210] Call Trace: [ 1004.364876][T24210] [ 1004.364889][T24210] dump_stack_lvl+0x16c/0x1f0 [ 1004.364929][T24210] should_fail_ex+0x512/0x640 [ 1004.364965][T24210] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1004.365007][T24210] should_failslab+0xc2/0x120 [ 1004.365048][T24210] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1004.365086][T24210] ? alloc_inode+0x64/0x240 [ 1004.365138][T24210] ? __pfx_rpc_alloc_inode+0x10/0x10 [ 1004.365177][T24210] ? alloc_inode+0x64/0x240 [ 1004.365218][T24210] alloc_inode+0x64/0x240 [ 1004.365262][T24210] new_inode+0x22/0x1c0 [ 1004.365310][T24210] rpc_new_dir+0xa1/0x440 [ 1004.365368][T24210] rpc_populate.constprop.0+0x51/0x1d0 [ 1004.365415][T24210] ? d_instantiate+0x77/0x90 [ 1004.365454][T24210] ? __pfx_rpc_fill_super+0x10/0x10 [ 1004.365498][T24210] rpc_fill_super+0x2b9/0x4f0 [ 1004.365544][T24210] ? __pfx_rpc_fill_super+0x10/0x10 [ 1004.365585][T24210] get_tree_keyed+0x10b/0x1d0 [ 1004.365623][T24210] vfs_get_tree+0x8e/0x340 [ 1004.365654][T24210] vfs_cmd_create+0xd7/0x2a0 [ 1004.365699][T24210] __do_sys_fsconfig+0x7b8/0xbe0 [ 1004.365745][T24210] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1004.365812][T24210] do_syscall_64+0xcd/0x4b0 [ 1004.365849][T24210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1004.365881][T24210] RIP: 0033:0x7f107978eec9 [ 1004.365907][T24210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1004.365936][T24210] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1004.365967][T24210] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 1004.365987][T24210] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 1004.366005][T24210] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1004.366023][T24210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1004.366041][T24210] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 1004.366082][T24210] [ 1004.367773][T24210] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 1010.812822][T24402] zswap: compressor 000 not available [ 1011.334082][T24420] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1011.388133][T24396] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6107'. [ 1012.003082][T21632] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9 [ 1012.729066][T24456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6118'. [ 1012.745328][T24456] netlink: 354 bytes leftover after parsing attributes in process `syz.4.6118'. [ 1014.017475][T24524] zswap: compressor not available [ 1014.180442][T24556] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6123'. [ 1017.096013][T24624] ima: policy update failed [ 1017.136842][ T30] audit: type=1802 audit(4294967303.990:14): pid=24624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.6130" res=0 errno=0 [ 1031.056662][T25171] mkiss: ax0: crc mode is auto. [ 1033.102738][T25187] Process accounting paused [ 1034.966032][T25301] netlink: 186 bytes leftover after parsing attributes in process `syz.7.6186'. [ 1035.580978][T25313] HfR: entered promiscuous mode [ 1036.800955][T25356] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6193'. [ 1037.153206][T25366] random: crng reseeded on system resumption [ 1039.073872][T25403] Console: switching to colour frame buffer device 4x6 [ 1040.900018][T25488] netlink: 186 bytes leftover after parsing attributes in process `syz.7.6204'. [ 1045.662803][T25555] FAULT_INJECTION: forcing a failure. [ 1045.662803][T25555] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1045.698913][T25555] CPU: 0 UID: 0 PID: 25555 Comm: syz.6.6211 Not tainted syzkaller #0 PREEMPT(full) [ 1045.698941][T25555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1045.698953][T25555] Call Trace: [ 1045.698960][T25555] [ 1045.698968][T25555] dump_stack_lvl+0x16c/0x1f0 [ 1045.698993][T25555] should_fail_ex+0x512/0x640 [ 1045.699017][T25555] get_futex_key+0x1d0/0x1560 [ 1045.699047][T25555] ? __pfx_get_futex_key+0x10/0x10 [ 1045.699080][T25555] futex_wake+0xea/0x530 [ 1045.699099][T25555] ? rcu_is_watching+0x12/0xc0 [ 1045.699122][T25555] ? __pfx_futex_wake+0x10/0x10 [ 1045.699142][T25555] ? kmem_cache_free+0x2d4/0x6c0 [ 1045.699165][T25555] ? putname+0x154/0x1a0 [ 1045.699194][T25555] do_futex+0x1e3/0x350 [ 1045.699229][T25555] ? __pfx_do_futex+0x10/0x10 [ 1045.699256][T25555] ? find_held_lock+0x2b/0x80 [ 1045.699278][T25555] ? handle_mm_fault+0x2ab/0xd10 [ 1045.699297][T25555] __x64_sys_futex+0x1e0/0x4c0 [ 1045.699328][T25555] ? __x64_sys_openat+0x174/0x210 [ 1045.699345][T25555] ? __pfx___x64_sys_futex+0x10/0x10 [ 1045.699380][T25555] do_syscall_64+0xcd/0x4b0 [ 1045.699401][T25555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1045.699419][T25555] RIP: 0033:0x7f107978eec9 [ 1045.699434][T25555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1045.699452][T25555] RSP: 002b:00007f107a6610e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1045.699472][T25555] RAX: ffffffffffffffda RBX: 00007f10799e6098 RCX: 00007f107978eec9 [ 1045.699484][T25555] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f10799e609c [ 1045.699495][T25555] RBP: 00007f10799e6090 R08: 00007f107a683000 R09: 0000000000000000 [ 1045.699506][T25555] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1045.699517][T25555] R13: 00007f10799e6128 R14: 00007ffe0f3bf500 R15: 00007ffe0f3bf5e8 [ 1045.699538][T25555] [ 1045.896755][ C0] vkms_vblank_simulate: vblank timer overrun [ 1047.505963][T25600] mkiss: ax0: crc mode is auto. [ 1048.244670][T25636] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6219'. [ 1048.288713][T25636] netlink: 354 bytes leftover after parsing attributes in process `syz.5.6219'. [ 1048.424752][T25638] random: crng reseeded on system resumption [ 1052.026261][T25679] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6229'. [ 1052.405844][T25685] usb usb36: usbfs: process 25685 (syz.7.6231) did not claim interface 0 before use [ 1053.330829][T25714] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6235'. [ 1054.839432][T25728] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1054.861081][T25728] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1054.878267][T25728] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1054.895967][T25728] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1055.372361][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.379459][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.482932][T21632] Bluetooth: hci2: command 0x0406 tx timeout [ 1056.880302][T21632] Bluetooth: hci3: command 0x0406 tx timeout [ 1056.886763][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 1056.970201][T21632] Bluetooth: hci4: command 0x0406 tx timeout [ 1061.317292][T25867] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1061.664583][T25884] Invalid ELF header magic: != ELF [ 1061.965214][T25889] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6265'. [ 1061.976672][T25888] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6266'. [ 1062.049637][T25889] \: renamed from lo (while UP) [ 1063.462921][T21632] Bluetooth: hci1: unexpected event 0x01 length: 5 > 1 [ 1064.891895][T26003] mkiss: ax0: crc mode is auto. [ 1064.939951][T25916] kexec: Could not allocate control_code_buffer [ 1065.055506][T25916] Process accounting resumed [ 1067.090612][T26082] netlink: 36332 bytes leftover after parsing attributes in process `syz.5.6281'. [ 1067.764756][T26104] Invalid ELF header magic: != ELF [ 1068.694321][T26118] FAULT_INJECTION: forcing a failure. [ 1068.694321][T26118] name failslab, interval 1, probability 0, space 0, times 0 [ 1068.708775][T26118] CPU: 0 UID: 0 PID: 26118 Comm: syz.7.6291 Not tainted syzkaller #0 PREEMPT(full) [ 1068.708821][T26118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1068.708840][T26118] Call Trace: [ 1068.708851][T26118] [ 1068.708863][T26118] dump_stack_lvl+0x16c/0x1f0 [ 1068.708903][T26118] should_fail_ex+0x512/0x640 [ 1068.708939][T26118] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1068.708979][T26118] should_failslab+0xc2/0x120 [ 1068.709027][T26118] __kmalloc_cache_noprof+0x72/0x780 [ 1068.709062][T26118] ? kvm_arch_vcpu_create+0x375/0xb20 [ 1068.709120][T26118] ? kvm_arch_vcpu_create+0x375/0xb20 [ 1068.709168][T26118] kvm_arch_vcpu_create+0x375/0xb20 [ 1068.709212][T26118] kvm_vm_ioctl+0xfec/0x4000 [ 1068.709257][T26118] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1068.709311][T26118] ? kasan_quarantine_put+0x10a/0x240 [ 1068.709350][T26118] ? lockdep_hardirqs_on+0x7c/0x110 [ 1068.709387][T26118] ? find_held_lock+0x2b/0x80 [ 1068.709441][T26118] ? tomoyo_path_number_perm+0x295/0x580 [ 1068.709491][T26118] ? tomoyo_path_number_perm+0x18d/0x580 [ 1068.709554][T26118] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1068.709600][T26118] ? futex_wake+0x1ad/0x530 [ 1068.709647][T26118] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1068.709684][T26118] ? do_vfs_ioctl+0x128/0x14f0 [ 1068.709735][T26118] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1068.709796][T26118] ? find_held_lock+0x2b/0x80 [ 1068.709834][T26118] ? hook_file_ioctl_common+0x145/0x410 [ 1068.709888][T26118] ? __fget_files+0x20e/0x3c0 [ 1068.709931][T26118] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1068.709967][T26118] __x64_sys_ioctl+0x18e/0x210 [ 1068.710021][T26118] do_syscall_64+0xcd/0x4b0 [ 1068.710057][T26118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1068.710089][T26118] RIP: 0033:0x7fe01d18eec9 [ 1068.710116][T26118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1068.710147][T26118] RSP: 002b:00007fe01b3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1068.710177][T26118] RAX: ffffffffffffffda RBX: 00007fe01d3e6090 RCX: 00007fe01d18eec9 [ 1068.710198][T26118] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 1068.710218][T26118] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1068.710238][T26118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1068.710257][T26118] R13: 00007fe01d3e6128 R14: 00007fe01d3e6090 R15: 00007fffe88b5fa8 [ 1068.710298][T26118] [ 1070.127263][T26151] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6294'. [ 1073.536241][T26350] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6307'. [ 1073.570232][T26350] netlink: 354 bytes leftover after parsing attributes in process `syz.7.6307'. [ 1075.144628][T26383] FAULT_INJECTION: forcing a failure. [ 1075.144628][T26383] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.163248][T26383] CPU: 1 UID: 0 PID: 26383 Comm: syz.7.6321 Not tainted syzkaller #0 PREEMPT(full) [ 1075.163277][T26383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1075.163288][T26383] Call Trace: [ 1075.163295][T26383] [ 1075.163303][T26383] dump_stack_lvl+0x16c/0x1f0 [ 1075.163328][T26383] should_fail_ex+0x512/0x640 [ 1075.163349][T26383] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1075.163375][T26383] should_failslab+0xc2/0x120 [ 1075.163404][T26383] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1075.163425][T26383] ? copy_fs_struct+0x49/0x340 [ 1075.163458][T26383] ? copy_fs_struct+0x49/0x340 [ 1075.163571][T26383] copy_fs_struct+0x49/0x340 [ 1075.163613][T26383] copy_process+0x3254/0x76a0 [ 1075.163641][T26383] ? __pfx___futex_wait+0x10/0x10 [ 1075.163671][T26383] ? __pfx_copy_process+0x10/0x10 [ 1075.163697][T26383] ? futex_private_hash_put+0x176/0x300 [ 1075.163727][T26383] ? futex_private_hash_put+0x18a/0x300 [ 1075.163758][T26383] kernel_clone+0xfc/0x930 [ 1075.163787][T26383] ? __pfx_kernel_clone+0x10/0x10 [ 1075.163825][T26383] __do_sys_clone+0xce/0x120 [ 1075.163853][T26383] ? __pfx___do_sys_clone+0x10/0x10 [ 1075.163889][T26383] ? xfd_validate_state+0x61/0x180 [ 1075.163922][T26383] do_syscall_64+0xcd/0x4b0 [ 1075.163946][T26383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.163965][T26383] RIP: 0033:0x7fe01d18eec9 [ 1075.163982][T26383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1075.164001][T26383] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1075.164019][T26383] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1075.164030][T26383] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 1075.164041][T26383] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1075.164052][T26383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1075.164063][T26383] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1075.164086][T26383] [ 1076.899835][T26450] tipc: Started in network mode [ 1076.904995][T26450] tipc: Node identity ee00, cluster identity 4711 [ 1076.922653][T26450] tipc: Node number set to 60928 [ 1078.674452][T26532] netlink: 'syz.6.6324': attribute type 2 has an invalid length. [ 1078.758391][T26532] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6324'. [ 1081.093297][T26616] Invalid ELF header magic: != ELF [ 1085.133007][T21632] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1087.093909][T26794] tipc: Started in network mode [ 1087.116453][T26794] tipc: Node identity ee00, cluster identity 4711 [ 1087.153830][T26794] tipc: Node number set to 60928 [ 1087.224490][T21632] Bluetooth: hci3: unexpected event 0x01 length: 5 > 1 [ 1089.286042][T26925] netlink: zone id is out of range [ 1089.318836][T26925] netlink: del zone limit has 4 unknown bytes [ 1089.344730][T26925] openvswitch: HfR: Dropping previously announced user features [ 1089.376182][ T30] audit: type=1804 audit(4294967376.626:15): pid=26923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.6354" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1090.891480][T26985] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6362'. [ 1095.288584][T26930] Process accounting paused [ 1095.320529][ T51] Bluetooth: hci0: command 0x1003 tx timeout [ 1095.327369][T21632] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1097.430210][T27278] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6389'. [ 1097.858077][T27287] FAULT_INJECTION: forcing a failure. [ 1097.858077][T27287] name failslab, interval 1, probability 0, space 0, times 0 [ 1097.930454][T27287] CPU: 1 UID: 0 PID: 27287 Comm: syz.6.6391 Not tainted syzkaller #0 PREEMPT(full) [ 1097.930499][T27287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1097.930519][T27287] Call Trace: [ 1097.930530][T27287] [ 1097.930543][T27287] dump_stack_lvl+0x16c/0x1f0 [ 1097.930584][T27287] should_fail_ex+0x512/0x640 [ 1097.930616][T27287] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1097.930662][T27287] should_failslab+0xc2/0x120 [ 1097.930706][T27287] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1097.930749][T27287] ? kstrdup_const+0x63/0x80 [ 1097.930794][T27287] ? kstrdup+0x53/0x100 [ 1097.930826][T27287] kstrdup+0x53/0x100 [ 1097.930861][T27287] kstrdup_const+0x63/0x80 [ 1097.930895][T27287] kvasprintf_const+0x10f/0x1a0 [ 1097.930936][T27287] kobject_set_name_vargs+0x5a/0x140 [ 1097.930977][T27287] dev_set_name+0xc7/0x100 [ 1097.931007][T27287] ? __pfx_dev_set_name+0x10/0x10 [ 1097.931044][T27287] ? lockdep_init_map_type+0x5c/0x280 [ 1097.931092][T27287] ? __init_waitqueue_head+0xca/0x150 [ 1097.931138][T27287] netdev_register_kobject+0xc5/0x3d0 [ 1097.931184][T27287] register_netdevice+0x13dc/0x2270 [ 1097.931243][T27287] ? __pfx_register_netdevice+0x10/0x10 [ 1097.931293][T27287] register_netdev+0x34/0x50 [ 1097.931330][T27287] sixpack_open+0x64e/0x990 [ 1097.931369][T27287] ? __pfx_sixpack_open+0x10/0x10 [ 1097.931400][T27287] ? tty_set_ldisc+0x2b8/0x780 [ 1097.931429][T27287] ? down_write+0x14d/0x200 [ 1097.931474][T27287] ? __pfx_sixpack_open+0x10/0x10 [ 1097.931511][T27287] tty_ldisc_open+0x9f/0x120 [ 1097.931545][T27287] tty_set_ldisc+0x32b/0x780 [ 1097.931583][T27287] tty_ioctl+0xc2d/0x1680 [ 1097.931622][T27287] ? __pfx_tty_ioctl+0x10/0x10 [ 1097.931670][T27287] ? find_held_lock+0x2b/0x80 [ 1097.931705][T27287] ? hook_file_ioctl_common+0x145/0x410 [ 1097.931754][T27287] ? __fget_files+0x20e/0x3c0 [ 1097.931794][T27287] ? __pfx_tty_ioctl+0x10/0x10 [ 1097.931831][T27287] __x64_sys_ioctl+0x18e/0x210 [ 1097.931881][T27287] do_syscall_64+0xcd/0x4b0 [ 1097.931917][T27287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1097.931949][T27287] RIP: 0033:0x7f107978eec9 [ 1097.931976][T27287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1097.932004][T27287] RSP: 002b:00007f107a682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1097.932035][T27287] RAX: ffffffffffffffda RBX: 00007f10799e5fa0 RCX: 00007f107978eec9 [ 1097.932057][T27287] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000009 [ 1097.932076][T27287] RBP: 00007f1079811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1097.932095][T27287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1097.932113][T27287] R13: 00007f10799e6038 R14: 00007f10799e5fa0 R15: 00007ffe0f3bf5e8 [ 1097.932152][T27287] [ 1100.313156][T27345] FAULT_INJECTION: forcing a failure. [ 1100.313156][T27345] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1100.433666][T27345] CPU: 0 UID: 0 PID: 27345 Comm: syz.6.6403 Not tainted syzkaller #0 PREEMPT(full) [ 1100.433707][T27345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1100.433723][T27345] Call Trace: [ 1100.433733][T27345] [ 1100.433744][T27345] dump_stack_lvl+0x16c/0x1f0 [ 1100.433782][T27345] should_fail_ex+0x512/0x640 [ 1100.433824][T27345] get_futex_key+0x1d0/0x1560 [ 1100.433875][T27345] ? __pfx_get_futex_key+0x10/0x10 [ 1100.433934][T27345] futex_wake+0xea/0x530 [ 1100.433968][T27345] ? rcu_is_watching+0x12/0xc0 [ 1100.434009][T27345] ? __pfx_futex_wake+0x10/0x10 [ 1100.434047][T27345] ? kmem_cache_free+0x2d4/0x6c0 [ 1100.434084][T27345] ? putname+0x154/0x1a0 [ 1100.434147][T27345] do_futex+0x1e3/0x350 [ 1100.434195][T27345] ? __pfx_do_futex+0x10/0x10 [ 1100.434254][T27345] __x64_sys_futex+0x1e0/0x4c0 [ 1100.434306][T27345] ? __x64_sys_openat+0x174/0x210 [ 1100.434337][T27345] ? __pfx___x64_sys_futex+0x10/0x10 [ 1100.434400][T27345] do_syscall_64+0xcd/0x4b0 [ 1100.434438][T27345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1100.434471][T27345] RIP: 0033:0x7f107978eec9 [ 1100.434496][T27345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1100.434527][T27345] RSP: 002b:00007f107a6610e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1100.434558][T27345] RAX: ffffffffffffffda RBX: 00007f10799e6098 RCX: 00007f107978eec9 [ 1100.434579][T27345] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f10799e609c [ 1100.434599][T27345] RBP: 00007f10799e6090 R08: 00007f107a683000 R09: 0000000000000000 [ 1100.434619][T27345] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 1100.434638][T27345] R13: 00007f10799e6128 R14: 00007ffe0f3bf500 R15: 00007ffe0f3bf5e8 [ 1100.434679][T27345] [ 1101.199268][T21632] Bluetooth: hci4: unexpected event 0x01 length: 5 > 1 [ 1102.004623][ T30] audit: type=1804 audit(4294967389.312:16): pid=27431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.6407" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1103.401408][T27477] Invalid ELF header magic: != ELF [ 1103.619605][T27479] FAULT_INJECTION: forcing a failure. [ 1103.619605][T27479] name failslab, interval 1, probability 0, space 0, times 0 [ 1103.695376][T27475] delete_channel: no stack [ 1103.757585][T27479] CPU: 1 UID: 0 PID: 27479 Comm: syz.7.6413 Not tainted syzkaller #0 PREEMPT(full) [ 1103.757631][T27479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1103.757649][T27479] Call Trace: [ 1103.757660][T27479] [ 1103.757673][T27479] dump_stack_lvl+0x16c/0x1f0 [ 1103.757713][T27479] should_fail_ex+0x512/0x640 [ 1103.757747][T27479] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1103.757787][T27479] should_failslab+0xc2/0x120 [ 1103.757830][T27479] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1103.757866][T27479] ? __proc_create+0x2ce/0x8e0 [ 1103.757921][T27479] ? __proc_create+0x2ce/0x8e0 [ 1103.757967][T27479] __proc_create+0x2ce/0x8e0 [ 1103.758017][T27479] ? __pfx___proc_create+0x10/0x10 [ 1103.758068][T27479] ? _raw_write_unlock+0x28/0x50 [ 1103.758094][T27479] ? proc_register+0x559/0x8b0 [ 1103.758124][T27479] proc_create_reg+0x7d/0x180 [ 1103.758156][T27479] proc_create_seq_private+0x8e/0x180 [ 1103.758189][T27479] ? __pfx_proc_create_seq_private+0x10/0x10 [ 1103.758221][T27479] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1103.758262][T27479] ? ops_init+0x77/0x5f0 [ 1103.758297][T27479] ? __pfx_dev_proc_net_init+0x10/0x10 [ 1103.758398][T27479] dev_proc_net_init+0xa8/0x220 [ 1103.758449][T27479] ops_init+0x1e2/0x5f0 [ 1103.758490][T27479] setup_net+0x100/0x390 [ 1103.758527][T27479] ? __pfx_setup_net+0x10/0x10 [ 1103.758567][T27479] ? debug_mutex_init+0x37/0x70 [ 1103.758611][T27479] copy_net_ns+0x2f8/0x690 [ 1103.758656][T27479] create_new_namespaces+0x3ea/0xa90 [ 1103.758709][T27479] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1103.758753][T27479] ksys_unshare+0x45b/0xa40 [ 1103.758801][T27479] ? __pfx_ksys_unshare+0x10/0x10 [ 1103.758849][T27479] ? xfd_validate_state+0x61/0x180 [ 1103.758890][T27479] __x64_sys_unshare+0x31/0x40 [ 1103.758936][T27479] do_syscall_64+0xcd/0x4b0 [ 1103.758972][T27479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1103.759005][T27479] RIP: 0033:0x7fe01d18eec9 [ 1103.759033][T27479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1103.759064][T27479] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1103.759096][T27479] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1103.759116][T27479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1103.759135][T27479] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1103.759154][T27479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1103.759173][T27479] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1103.759214][T27479] [ 1104.112297][T27491] hub 1-0:1.0: USB hub found [ 1104.130905][T27491] hub 1-0:1.0: 1 port detected [ 1107.579757][T27579] random: crng reseeded on system resumption [ 1107.984463][T21632] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1107.991511][ T51] Bluetooth: hci0: command 0x1003 tx timeout [ 1110.482328][T27661] __vm_enough_memory: pid: 27661, comm: syz.4.6441, bytes: 4398046511104 not enough memory for the allocation [ 1112.200335][T27684] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6438'. [ 1112.229266][T27689] ubi0: attaching mtd0 [ 1112.257917][T27689] ubi0: scanning is finished [ 1112.292083][T27689] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1112.751123][T27689] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1116.501720][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.508393][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1117.539262][T27871] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6457'. [ 1119.496077][T27905] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6466'. [ 1119.814344][T21209] Bluetooth: hci0: Frame reassembly failed (-84) [ 1119.832858][ T30] audit: type=1804 audit(4294967407.234:17): pid=27925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.6467" name="file0" dev="tmpfs" ino=8556 res=1 errno=0 [ 1119.932355][ T30] audit: type=1804 audit(4294967407.305:18): pid=27932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.6467" name="file0" dev="tmpfs" ino=8556 res=1 errno=0 [ 1120.904262][T27963] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6471'. [ 1120.946254][T27962] ima: policy update failed [ 1120.960213][ T30] audit: type=1802 audit(4294967408.360:19): pid=27962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.6471" res=0 errno=0 [ 1121.822795][ T51] Bluetooth: hci0: command 0xfc11 tx timeout [ 1121.823527][T21632] Bluetooth: hci0: Entering manufacturer mode failed (-110) [ 1121.875621][T27998] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6478'. [ 1122.601169][T28026] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6481'. [ 1123.347937][T28042] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6485'. [ 1123.801721][T28054] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6488'. [ 1125.102282][T28101] netlink: 206 bytes leftover after parsing attributes in process `syz.6.6495'. [ 1125.257521][T28101] Process accounting resumed [ 1125.563345][T21632] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1 [ 1128.800777][T28233] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6507'. [ 1130.411442][ T30] audit: type=1804 audit(41979.503:20): pid=28288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.6508" name="file0" dev="tmpfs" ino=8382 res=1 errno=0 [ 1130.500189][ T30] audit: type=1804 audit(41979.503:21): pid=28289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.6508" name="file0" dev="tmpfs" ino=8382 res=1 errno=0 [ 1131.211968][T28301] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1131.273587][T28301] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1131.356320][T28301] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1131.362634][T28301] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1131.429022][T28301] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1132.658302][T28322] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6517'. [ 1132.887674][T21632] Bluetooth: hci2: command 0x0406 tx timeout [ 1133.041730][ T30] audit: type=1326 audit(41982.147:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28328 comm="syz.5.6520" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fab0a38eec9 code=0x0 [ 1133.364773][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 1133.371264][T21632] Bluetooth: hci3: command 0x0406 tx timeout [ 1133.442795][T21632] Bluetooth: hci4: command 0x0406 tx timeout [ 1134.654510][T28392] FAULT_INJECTION: forcing a failure. [ 1134.654510][T28392] name failslab, interval 1, probability 0, space 0, times 0 [ 1134.742133][T28392] CPU: 1 UID: 0 PID: 28392 Comm: syz.7.6537 Not tainted syzkaller #0 PREEMPT(full) [ 1134.742180][T28392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1134.742201][T28392] Call Trace: [ 1134.742212][T28392] [ 1134.742226][T28392] dump_stack_lvl+0x16c/0x1f0 [ 1134.742268][T28392] should_fail_ex+0x512/0x640 [ 1134.742305][T28392] ? __kmalloc_noprof+0xca/0x880 [ 1134.742342][T28392] should_failslab+0xc2/0x120 [ 1134.742385][T28392] __kmalloc_noprof+0xdd/0x880 [ 1134.742418][T28392] ? group_cpus_evenly+0xeb/0x650 [ 1134.742475][T28392] ? group_cpus_evenly+0xeb/0x650 [ 1134.742515][T28392] group_cpus_evenly+0xeb/0x650 [ 1134.742561][T28392] ? __pfx_group_cpus_evenly+0x10/0x10 [ 1134.742622][T28392] blk_mq_map_queues+0xa5/0x4d0 [ 1134.742666][T28392] ? __pfx_blk_mq_map_queues+0x10/0x10 [ 1134.742705][T28392] ? rcu_is_watching+0x12/0xc0 [ 1134.742745][T28392] blk_mq_update_queue_map+0x34a/0x3e0 [ 1134.742782][T28392] blk_mq_alloc_tag_set+0x662/0x12e0 [ 1134.742823][T28392] ? idr_alloc_u32+0x263/0x2f0 [ 1134.742862][T28392] loop_add+0x3b2/0xb70 [ 1134.742893][T28392] ? __pfx_loop_add+0x10/0x10 [ 1134.742950][T28392] ? find_held_lock+0x2b/0x80 [ 1134.742989][T28392] loop_control_ioctl+0x13e/0x630 [ 1134.743021][T28392] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1134.743057][T28392] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1134.743097][T28392] __x64_sys_ioctl+0x18e/0x210 [ 1134.743157][T28392] do_syscall_64+0xcd/0x4b0 [ 1134.743191][T28392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1134.743220][T28392] RIP: 0033:0x7fe01d18eec9 [ 1134.743245][T28392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1134.743273][T28392] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1134.743300][T28392] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1134.743320][T28392] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1134.743338][T28392] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1134.743356][T28392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1134.743372][T28392] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1134.743409][T28392] [ 1135.147205][T21632] Bluetooth: hci2: command 0x0406 tx timeout [ 1135.641415][T28416] i2c i2c-0: new_device: Extra parameters [ 1137.645602][T28468] ptrace attach of "./syz-executor exec"[16055] was attempted by ""[28468] [ 1141.257055][ C1] sd 0:0:1:0: [sda] tag#3092 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1141.267679][ C1] sd 0:0:1:0: [sda] tag#3092 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 1142.906267][T28571] i2c i2c-0: new_device: Extra parameters [ 1143.070532][T28565] netlink: 'syz.5.6552': attribute type 1 has an invalid length. [ 1143.559822][T28583] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6556'. [ 1143.759987][T28596] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6559'. [ 1143.951304][T28601] syz.5.6561 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 1145.296903][T28624] random: crng reseeded on system resumption [ 1145.493764][T28629] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input18 [ 1150.687871][ T3461] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1156.091270][T28852] Process accounting paused [ 1163.347793][T28973] __vm_enough_memory: pid: 28973, comm: syz.5.6608, bytes: 4398046511104 not enough memory for the allocation [ 1167.744860][T29009] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6619'. [ 1168.129374][T29019] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6623'. [ 1169.444522][T29088] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6626'. [ 1170.015178][T29093] ubi0: attaching mtd0 [ 1170.066664][T29093] ubi0: scanning is finished [ 1170.086236][T29093] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1170.710437][T29093] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1174.052380][T29180] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6639'. [ 1174.181664][T29180] net veth1_virt_wifi : renamed from virt_wifi0 [ 1174.752480][T29196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6642'. [ 1174.779701][T29196] netlink: 354 bytes leftover after parsing attributes in process `syz.4.6642'. [ 1175.086366][T29200] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6644'. [ 1175.155168][T29200] hsr_slave_0: left promiscuous mode [ 1175.165019][T29200] hsr_slave_1: left promiscuous mode [ 1177.628902][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.642490][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1179.833576][T29315] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6659'. [ 1179.901692][T29319] netlink: 93 bytes leftover after parsing attributes in process `syz.7.6659'. [ 1181.344169][T29398] FAULT_INJECTION: forcing a failure. [ 1181.344169][T29398] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1181.422647][T29398] CPU: 0 UID: 0 PID: 29398 Comm: syz.7.6663 Not tainted syzkaller #0 PREEMPT(full) [ 1181.422692][T29398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1181.422711][T29398] Call Trace: [ 1181.422723][T29398] [ 1181.422735][T29398] dump_stack_lvl+0x16c/0x1f0 [ 1181.422774][T29398] should_fail_ex+0x512/0x640 [ 1181.422817][T29398] get_futex_key+0x1d0/0x1560 [ 1181.422868][T29398] ? __pfx_get_futex_key+0x10/0x10 [ 1181.422913][T29398] ? __lock_acquire+0x62e/0x1ce0 [ 1181.422966][T29398] futex_wake+0xea/0x530 [ 1181.422993][T29398] ? futex_wait+0x120/0x380 [ 1181.423028][T29398] ? __pfx_futex_wake+0x10/0x10 [ 1181.423068][T29398] ? __fget_files+0x204/0x3c0 [ 1181.423125][T29398] do_futex+0x1e3/0x350 [ 1181.423171][T29398] ? __pfx_do_futex+0x10/0x10 [ 1181.423217][T29398] ? fdget+0x187/0x210 [ 1181.423251][T29398] ? __sys_sendmsg+0x18c/0x220 [ 1181.423298][T29398] __x64_sys_futex+0x1e0/0x4c0 [ 1181.423350][T29398] ? __pfx___x64_sys_futex+0x10/0x10 [ 1181.423414][T29398] do_syscall_64+0xcd/0x4b0 [ 1181.423449][T29398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1181.423482][T29398] RIP: 0033:0x7fe01d18eec9 [ 1181.423508][T29398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1181.423538][T29398] RSP: 002b:00007fe01b3f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1181.423568][T29398] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa8 RCX: 00007fe01d18eec9 [ 1181.423588][T29398] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe01d3e5fac [ 1181.423607][T29398] RBP: 00007fe01d3e5fa0 R08: 00007fe01df23000 R09: 0000000000000000 [ 1181.423627][T29398] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1181.423646][T29398] R13: 00007fe01d3e6038 R14: 00007fffe88b5ec0 R15: 00007fffe88b5fa8 [ 1181.423686][T29398] [ 1183.678980][T29463] Invalid ELF header magic: != ELF [ 1183.791739][T29477] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6672'. [ 1184.029225][T29477] ima: policy update failed [ 1184.118570][ T30] audit: type=1802 audit(4294967329.251:23): pid=29477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.6672" res=0 errno=0 [ 1184.379028][T29463] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6669'. [ 1184.825077][T29513] nbd: socks must be embedded in a SOCK_ITEM attr [ 1186.873415][T29504] Process accounting resumed [ 1190.414515][T29646] netlink: 'syz.5.6691': attribute type 15 has an invalid length. [ 1190.425957][T29646] netlink: 252 bytes leftover after parsing attributes in process `syz.5.6691'. [ 1190.561585][T29650] netlink: 'syz.5.6691': attribute type 15 has an invalid length. [ 1190.606783][T29650] netlink: 252 bytes leftover after parsing attributes in process `syz.5.6691'. [ 1192.106329][T29695] netlink: 25 bytes leftover after parsing attributes in process `syz.7.6696'. [ 1192.508075][T29701] binder: 29697:29701 ioctl 400c620e 0 returned -22 [ 1193.070015][T29711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6700'. [ 1193.575491][T29723] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6702'. [ 1193.589397][T29723] bridge_slave_0: left allmulticast mode [ 1193.595079][T29723] bridge_slave_0: left promiscuous mode [ 1193.625105][T29723] bridge0: port 1(bridge_slave_0) entered disabled state [ 1195.664934][T29742] bond0: Unable to set peer notification delay as MII monitoring is disabled [ 1196.336020][T29800] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6711'. [ 1196.367064][T29800] netlink: 354 bytes leftover after parsing attributes in process `syz.4.6711'. [ 1200.965886][T29978] netlink: 268 bytes leftover after parsing attributes in process `syz.6.6723'. [ 1202.850833][T21632] Bluetooth: hci3: unexpected subevent 0x12 length: 123 > 5 [ 1206.308819][T30141] random: crng reseeded on system resumption [ 1209.760195][T30245] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6747'. [ 1209.860743][T30245] netlink: 354 bytes leftover after parsing attributes in process `syz.4.6747'. [ 1213.314575][T30299] sysfs_service_op_show: Client not running :-5: [ 1217.308413][T30434] Process accounting paused [ 1217.685208][T30445] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6763'. [ 1217.733875][T30445] bridge_slave_0: left allmulticast mode [ 1217.742447][T30445] bridge_slave_0: left promiscuous mode [ 1217.773335][T30445] bridge0: port 1(bridge_slave_0) entered disabled state [ 1218.018717][T30454] FAULT_INJECTION: forcing a failure. [ 1218.018717][T30454] name failslab, interval 1, probability 0, space 0, times 0 [ 1218.218948][T30454] CPU: 1 UID: 0 PID: 30454 Comm: syz.7.6765 Not tainted syzkaller #0 PREEMPT(full) [ 1218.218994][T30454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1218.219019][T30454] Call Trace: [ 1218.219034][T30454] [ 1218.219046][T30454] dump_stack_lvl+0x16c/0x1f0 [ 1218.219085][T30454] should_fail_ex+0x512/0x640 [ 1218.219120][T30454] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1218.219158][T30454] should_failslab+0xc2/0x120 [ 1218.219202][T30454] __kmalloc_cache_noprof+0x72/0x780 [ 1218.219236][T30454] ? cgroup_file_open+0x93/0x330 [ 1218.219278][T30454] ? cgroup_file_open+0x93/0x330 [ 1218.219312][T30454] cgroup_file_open+0x93/0x330 [ 1218.219344][T30454] ? __pfx_cgroup_file_open+0x10/0x10 [ 1218.219383][T30454] kernfs_fop_open+0x8c9/0xda0 [ 1218.219428][T30454] do_dentry_open+0x982/0x1530 [ 1218.219468][T30454] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1218.219510][T30454] vfs_open+0x82/0x3f0 [ 1218.219563][T30454] path_openat+0x1de4/0x2cb0 [ 1218.219615][T30454] ? __pfx_path_openat+0x10/0x10 [ 1218.219665][T30454] do_filp_open+0x20b/0x470 [ 1218.219704][T30454] ? __pfx_do_filp_open+0x10/0x10 [ 1218.219772][T30454] ? alloc_fd+0x471/0x7d0 [ 1218.219818][T30454] do_sys_openat2+0x11b/0x1d0 [ 1218.219866][T30454] ? __pfx_do_sys_openat2+0x10/0x10 [ 1218.220059][T30454] __x64_sys_openat+0x174/0x210 [ 1218.220090][T30454] ? __pfx___x64_sys_openat+0x10/0x10 [ 1218.220144][T30454] do_syscall_64+0xcd/0x4b0 [ 1218.220180][T30454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1218.220212][T30454] RIP: 0033:0x7fe01d18eec9 [ 1218.220237][T30454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1218.220266][T30454] RSP: 002b:00007fe01b3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1218.220296][T30454] RAX: ffffffffffffffda RBX: 00007fe01d3e6090 RCX: 00007fe01d18eec9 [ 1218.220317][T30454] RDX: 0000000000004400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1218.220337][T30454] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1218.220356][T30454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1218.220374][T30454] R13: 00007fe01d3e6128 R14: 00007fe01d3e6090 R15: 00007fffe88b5fa8 [ 1218.220416][T30454] [ 1219.965520][T30487] : Can't lookup blockdev [ 1220.381521][ T30] audit: type=1800 audit(4294967365.719:24): pid=30487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.6768" name="features" dev="configfs" ino=235593 res=0 errno=0 [ 1222.934720][ T30] audit: type=1804 audit(4294967368.263:25): pid=30514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.6774" name="file0" dev="tmpfs" ino=8753 res=1 errno=0 [ 1225.222976][T30577] Invalid ELF header magic: != ELF [ 1227.778458][T30600] kexec: Could not allocate control_code_buffer [ 1228.023416][T30621] ptrace attach of "./syz-executor exec"[16055] was attempted by ""[30621] [ 1228.371416][T30618] netlink: 268 bytes leftover after parsing attributes in process `syz.4.6787'. [ 1228.510363][T30615] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6788'. [ 1230.453067][T30673] serio: Serial port pty6 [ 1232.843535][T30721] netlink: 268 bytes leftover after parsing attributes in process `syz.5.6801'. [ 1233.937868][T30737] binder: 30735:30737 ioctl c0306201 200000000000 returned -11 [ 1234.474291][T30739] Invalid ELF header magic: != ELF [ 1238.742852][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.755010][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1245.399569][T31150] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6847'. [ 1245.470091][T31150] netlink: 'syz.5.6847': attribute type 1 has an invalid length. [ 1245.477886][T31150] netlink: 'syz.5.6847': attribute type 6 has an invalid length. [ 1247.274973][T31166] FAULT_INJECTION: forcing a failure. [ 1247.274973][T31166] name failslab, interval 1, probability 0, space 0, times 0 [ 1247.288918][T31166] CPU: 0 UID: 0 PID: 31166 Comm: syz.7.6852 Not tainted syzkaller #0 PREEMPT(full) [ 1247.288961][T31166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1247.288980][T31166] Call Trace: [ 1247.288991][T31166] [ 1247.289003][T31166] dump_stack_lvl+0x16c/0x1f0 [ 1247.289043][T31166] should_fail_ex+0x512/0x640 [ 1247.289079][T31166] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1247.289116][T31166] should_failslab+0xc2/0x120 [ 1247.289159][T31166] __kmalloc_cache_noprof+0x72/0x780 [ 1247.289203][T31166] ? find_held_lock+0x2b/0x80 [ 1247.289239][T31166] ? rpc_mkpipe_data+0x49/0x460 [ 1247.289289][T31166] ? rpc_mkpipe_data+0x49/0x460 [ 1247.289328][T31166] ? __init_waitqueue_head+0xca/0x150 [ 1247.289358][T31166] ? __pfx_nfs4blocklayout_net_init+0x10/0x10 [ 1247.289396][T31166] rpc_mkpipe_data+0x49/0x460 [ 1247.289440][T31166] ? __pfx_nfs4blocklayout_net_init+0x10/0x10 [ 1247.289477][T31166] nfs4blocklayout_net_init+0x95/0x1d0 [ 1247.289516][T31166] ? __pfx_nfs4blocklayout_net_init+0x10/0x10 [ 1247.289556][T31166] ops_init+0x1e2/0x5f0 [ 1247.289596][T31166] setup_net+0x100/0x390 [ 1247.289630][T31166] ? __pfx_setup_net+0x10/0x10 [ 1247.289667][T31166] ? debug_mutex_init+0x37/0x70 [ 1247.289709][T31166] copy_net_ns+0x2f8/0x690 [ 1247.289750][T31166] create_new_namespaces+0x3ea/0xa90 [ 1247.289801][T31166] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1247.289849][T31166] ksys_unshare+0x45b/0xa40 [ 1247.289889][T31166] ? native_tss_update_io_bitmap+0x3e1/0x770 [ 1247.289921][T31166] ? __pfx_ksys_unshare+0x10/0x10 [ 1247.289968][T31166] ? xfd_validate_state+0x61/0x180 [ 1247.290008][T31166] __x64_sys_unshare+0x31/0x40 [ 1247.290052][T31166] do_syscall_64+0xcd/0x4b0 [ 1247.290089][T31166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1247.290118][T31166] RIP: 0033:0x7fe01d18eec9 [ 1247.290144][T31166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1247.290186][T31166] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1247.290224][T31166] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1247.290245][T31166] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1247.290264][T31166] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1247.290283][T31166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1247.290302][T31166] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1247.290342][T31166] [ 1258.336744][T31423] FAULT_INJECTION: forcing a failure. [ 1258.336744][T31423] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1258.411631][T31423] CPU: 1 UID: 0 PID: 31423 Comm: syz.7.6887 Not tainted syzkaller #0 PREEMPT(full) [ 1258.411679][T31423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1258.411699][T31423] Call Trace: [ 1258.411711][T31423] [ 1258.411724][T31423] dump_stack_lvl+0x16c/0x1f0 [ 1258.411764][T31423] should_fail_ex+0x512/0x640 [ 1258.411807][T31423] should_fail_alloc_page+0xe7/0x130 [ 1258.411855][T31423] prepare_alloc_pages+0x3c2/0x610 [ 1258.411912][T31423] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1258.411949][T31423] ? __lock_acquire+0xb97/0x1ce0 [ 1258.412006][T31423] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1258.412036][T31423] ? do_raw_spin_lock+0x12c/0x2b0 [ 1258.412067][T31423] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1258.412106][T31423] ? find_held_lock+0x2b/0x80 [ 1258.412153][T31423] ? __lock_acquire+0xb97/0x1ce0 [ 1258.412201][T31423] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1258.412239][T31423] ? policy_nodemask+0xea/0x4e0 [ 1258.412289][T31423] alloc_pages_mpol+0x1fb/0x550 [ 1258.412335][T31423] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1258.412392][T31423] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1258.412426][T31423] shmem_alloc_folio+0x135/0x160 [ 1258.412478][T31423] shmem_alloc_and_add_folio+0x499/0xc20 [ 1258.412523][T31423] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1258.412562][T31423] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 1258.412608][T31423] shmem_get_folio_gfp+0x67f/0x1610 [ 1258.412653][T31423] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1258.412702][T31423] shmem_fault+0x1fe/0xa30 [ 1258.412736][T31423] ? find_held_lock+0x2b/0x80 [ 1258.412774][T31423] ? __pfx_shmem_fault+0x10/0x10 [ 1258.412806][T31423] ? __lock_acquire+0x62e/0x1ce0 [ 1258.412857][T31423] ? __pfx___up_read+0x10/0x10 [ 1258.412887][T31423] ? inode_to_bdi+0x9e/0x160 [ 1258.412935][T31423] ? __pfx_filemap_map_pages+0x10/0x10 [ 1258.412968][T31423] __do_fault+0x10d/0x490 [ 1258.413007][T31423] ? __pfx_filemap_map_pages+0x10/0x10 [ 1258.413039][T31423] do_pte_missing+0x1a6/0x3ba0 [ 1258.413071][T31423] ? find_held_lock+0x2b/0x80 [ 1258.413118][T31423] ? __handle_mm_fault+0x1529/0x2aa0 [ 1258.413156][T31423] __handle_mm_fault+0x1556/0x2aa0 [ 1258.413199][T31423] ? __pfx___handle_mm_fault+0x10/0x10 [ 1258.413233][T31423] ? __pte_offset_map_lock+0x174/0x310 [ 1258.413274][T31423] ? find_held_lock+0x2b/0x80 [ 1258.413325][T31423] ? follow_page_pte+0x5cf/0x1390 [ 1258.413373][T31423] handle_mm_fault+0x589/0xd10 [ 1258.413409][T31423] __get_user_pages+0x54e/0x3530 [ 1258.413467][T31423] ? down_read_killable+0x220/0x4b0 [ 1258.413508][T31423] ? __pfx___get_user_pages+0x10/0x10 [ 1258.413566][T31423] faultin_page_range+0x338/0x940 [ 1258.413621][T31423] madvise_do_behavior+0x34c/0x530 [ 1258.413672][T31423] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1258.413722][T31423] ? down_read+0x13d/0x480 [ 1258.413777][T31423] do_madvise+0x176/0x240 [ 1258.413825][T31423] ? __pfx_do_madvise+0x10/0x10 [ 1258.413868][T31423] ? do_futex+0x122/0x350 [ 1258.413943][T31423] ? xfd_validate_state+0x61/0x180 [ 1258.413982][T31423] __x64_sys_madvise+0xa9/0x110 [ 1258.414038][T31423] ? lockdep_hardirqs_on+0x7c/0x110 [ 1258.414069][T31423] do_syscall_64+0xcd/0x4b0 [ 1258.414114][T31423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1258.414146][T31423] RIP: 0033:0x7fe01d18eec9 [ 1258.414174][T31423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1258.414206][T31423] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1258.414237][T31423] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1258.414259][T31423] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1258.414279][T31423] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1258.414300][T31423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1258.414319][T31423] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1258.414358][T31423] [ 1259.388443][T31431] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6890'. [ 1259.651768][T31439] netlink: 268 bytes leftover after parsing attributes in process `syz.5.6892'. [ 1259.826725][T31428] kexec: Could not allocate control_code_buffer [ 1260.074441][T31431] team0 (unregistering): Port device team_slave_1 removed [ 1260.572570][T31480] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6895'. [ 1260.865744][T31496] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6897'. [ 1263.456435][T31601] random: crng reseeded on system resumption [ 1264.002999][T31603] Unrecognized hibernate image header format! [ 1264.010576][T31603] PM: hibernation: Image mismatch: architecture specific data [ 1264.269753][T31616] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6909'. [ 1274.038844][T32071] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6936'. [ 1274.821690][T32071] team_slave_0: left promiscuous mode [ 1274.856777][T32071] team_slave_0: left allmulticast mode [ 1274.973684][T32071] team0 (unregistering): Port device team_slave_0 removed [ 1274.998789][T32071] team_slave_1: left promiscuous mode [ 1275.014884][T32071] team_slave_1: left allmulticast mode [ 1275.041847][T32071] team0 (unregistering): Port device team_slave_1 removed [ 1275.495339][T32118] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6939'. [ 1276.488745][T32138] Console: switching to colour VGA+ 80x25 [ 1276.675049][T32145] Console: switching to colour frame buffer device 4x6 [ 1279.343805][T32208] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6945'. [ 1279.454334][T32212] kexec: Could not allocate control_code_buffer [ 1280.620396][T32308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6951'. [ 1281.092191][T32332] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6954'. [ 1283.617948][T32455] FAULT_INJECTION: forcing a failure. [ 1283.617948][T32455] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1283.686013][T32455] CPU: 1 UID: 0 PID: 32455 Comm: syz.7.6959 Not tainted syzkaller #0 PREEMPT(full) [ 1283.686057][T32455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1283.686074][T32455] Call Trace: [ 1283.686085][T32455] [ 1283.686098][T32455] dump_stack_lvl+0x16c/0x1f0 [ 1283.686137][T32455] should_fail_ex+0x512/0x640 [ 1283.686178][T32455] _copy_from_iter+0x29f/0x1720 [ 1283.686226][T32455] ? __pfx__copy_from_iter+0x10/0x10 [ 1283.686262][T32455] ? __pfx___mutex_lock+0x10/0x10 [ 1283.686313][T32455] copy_page_from_iter+0xde/0x180 [ 1283.686355][T32455] anon_pipe_write+0xed5/0x1bd0 [ 1283.686413][T32455] ? __pfx_anon_pipe_write+0x10/0x10 [ 1283.686454][T32455] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1283.686500][T32455] ? bpf_lsm_file_permission+0x9/0x10 [ 1283.686538][T32455] ? security_file_permission+0x71/0x210 [ 1283.686582][T32455] ? rw_verify_area+0xcf/0x6c0 [ 1283.686619][T32455] vfs_write+0x7d0/0x11d0 [ 1283.686657][T32455] ? __pfx_anon_pipe_write+0x10/0x10 [ 1283.686707][T32455] ? __pfx_vfs_write+0x10/0x10 [ 1283.686741][T32455] ? find_held_lock+0x2b/0x80 [ 1283.686803][T32455] ksys_write+0x1f8/0x250 [ 1283.686842][T32455] ? __pfx_ksys_write+0x10/0x10 [ 1283.686891][T32455] do_syscall_64+0xcd/0x4b0 [ 1283.686937][T32455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1283.686969][T32455] RIP: 0033:0x7fe01d18eec9 [ 1283.686994][T32455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1283.687024][T32455] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1283.687055][T32455] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1283.687077][T32455] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1283.687097][T32455] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1283.687117][T32455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1283.687136][T32455] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1283.687176][T32455] [ 1290.028827][T32640] FAULT_INJECTION: forcing a failure. [ 1290.028827][T32640] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.073763][T32640] CPU: 0 UID: 0 PID: 32640 Comm: syz.7.6985 Not tainted syzkaller #0 PREEMPT(full) [ 1290.073809][T32640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1290.073837][T32640] Call Trace: [ 1290.073848][T32640] [ 1290.073861][T32640] dump_stack_lvl+0x16c/0x1f0 [ 1290.073901][T32640] should_fail_ex+0x512/0x640 [ 1290.073936][T32640] ? fs_reclaim_acquire+0xae/0x150 [ 1290.073983][T32640] should_failslab+0xc2/0x120 [ 1290.074028][T32640] __kmalloc_noprof+0xdd/0x880 [ 1290.074062][T32640] ? tomoyo_encode2+0x100/0x3e0 [ 1290.074113][T32640] ? tomoyo_encode2+0x100/0x3e0 [ 1290.074152][T32640] tomoyo_encode2+0x100/0x3e0 [ 1290.074203][T32640] tomoyo_encode+0x29/0x50 [ 1290.074247][T32640] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1290.074301][T32640] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1290.074343][T32640] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1290.074425][T32640] ? do_raw_spin_lock+0x12c/0x2b0 [ 1290.074473][T32640] tomoyo_file_open+0x6b/0x90 [ 1290.074507][T32640] security_file_open+0x84/0x1e0 [ 1290.074553][T32640] do_dentry_open+0x596/0x1530 [ 1290.074607][T32640] vfs_open+0x82/0x3f0 [ 1290.074659][T32640] path_openat+0x1de4/0x2cb0 [ 1290.074713][T32640] ? __pfx_path_openat+0x10/0x10 [ 1290.074764][T32640] do_filp_open+0x20b/0x470 [ 1290.074804][T32640] ? __pfx_do_filp_open+0x10/0x10 [ 1290.074891][T32640] ? alloc_fd+0x471/0x7d0 [ 1290.074942][T32640] do_sys_openat2+0x11b/0x1d0 [ 1290.074991][T32640] ? __pfx_do_sys_openat2+0x10/0x10 [ 1290.075063][T32640] __x64_sys_openat+0x174/0x210 [ 1290.075093][T32640] ? __pfx___x64_sys_openat+0x10/0x10 [ 1290.075145][T32640] do_syscall_64+0xcd/0x4b0 [ 1290.075184][T32640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1290.075215][T32640] RIP: 0033:0x7fe01d18eec9 [ 1290.075243][T32640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1290.075273][T32640] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1290.075305][T32640] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1290.075326][T32640] RDX: 0000000000002002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1290.075346][T32640] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1290.075366][T32640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1290.075384][T32640] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1290.075427][T32640] [ 1290.075461][T32640] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1290.996110][T32659] ptrace attach of "./syz-executor exec"[6563] was attempted by ""[32659] [ 1292.116926][T32699] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6994'. [ 1292.162176][T32699] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1293.505846][T32746] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6997'. [ 1293.530780][T32746] hsr_slave_0: left promiscuous mode [ 1293.567541][T32746] hsr_slave_1: left promiscuous mode [ 1297.596580][ T444] FAULT_INJECTION: forcing a failure. [ 1297.596580][ T444] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1297.645646][ T444] CPU: 0 UID: 0 PID: 444 Comm: syz.7.7013 Not tainted syzkaller #0 PREEMPT(full) [ 1297.645689][ T444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1297.645709][ T444] Call Trace: [ 1297.645720][ T444] [ 1297.645733][ T444] dump_stack_lvl+0x16c/0x1f0 [ 1297.645772][ T444] should_fail_ex+0x512/0x640 [ 1297.645815][ T444] should_fail_alloc_page+0xe7/0x130 [ 1297.645862][ T444] prepare_alloc_pages+0x3c2/0x610 [ 1297.645912][ T444] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1297.645953][ T444] ? stack_trace_save+0x8e/0xc0 [ 1297.645996][ T444] ? __pfx_stack_trace_save+0x10/0x10 [ 1297.646038][ T444] ? stack_depot_save_flags+0x29/0x9c0 [ 1297.646072][ T444] ? bpf_ksym_find+0x124/0x1c0 [ 1297.646114][ T444] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1297.646157][ T444] ? __kasan_kmalloc+0xaa/0xb0 [ 1297.646194][ T444] ? copy_splice_read+0x1a8/0xc20 [ 1297.646227][ T444] ? splice_direct_to_actor+0x2a1/0xa30 [ 1297.646254][ T444] ? do_splice_direct+0x174/0x240 [ 1297.646284][ T444] ? do_sendfile+0xb06/0xe50 [ 1297.646316][ T444] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1297.646357][ T444] ? do_syscall_64+0xcd/0x4b0 [ 1297.646388][ T444] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1297.646449][ T444] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1297.646500][ T444] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1297.646548][ T444] ? copy_splice_read+0x1a8/0xc20 [ 1297.646588][ T444] copy_splice_read+0x1e1/0xc20 [ 1297.646631][ T444] ? __pfx_copy_splice_read+0x10/0x10 [ 1297.646668][ T444] ? look_up_lock_class+0x59/0x150 [ 1297.646703][ T444] ? lockdep_init_map_type+0x5c/0x280 [ 1297.646747][ T444] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1297.646780][ T444] ? __pfx_copy_splice_read+0x10/0x10 [ 1297.646810][ T444] do_splice_read+0x282/0x370 [ 1297.646846][ T444] splice_direct_to_actor+0x2a1/0xa30 [ 1297.646881][ T444] ? __pfx_direct_splice_actor+0x10/0x10 [ 1297.646922][ T444] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1297.646970][ T444] do_splice_direct+0x174/0x240 [ 1297.647005][ T444] ? __pfx_do_splice_direct+0x10/0x10 [ 1297.647040][ T444] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1297.647076][ T444] ? bpf_lsm_file_permission+0x9/0x10 [ 1297.647116][ T444] ? security_file_permission+0x71/0x210 [ 1297.647172][ T444] ? rw_verify_area+0xcf/0x6c0 [ 1297.647208][ T444] do_sendfile+0xb06/0xe50 [ 1297.647251][ T444] ? __pfx_do_sendfile+0x10/0x10 [ 1297.647294][ T444] ? __x64_sys_futex+0x1e0/0x4c0 [ 1297.647337][ T444] ? __x64_sys_futex+0x1e9/0x4c0 [ 1297.647386][ T444] __x64_sys_sendfile64+0x1d8/0x220 [ 1297.647432][ T444] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1297.647488][ T444] do_syscall_64+0xcd/0x4b0 [ 1297.647522][ T444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1297.647549][ T444] RIP: 0033:0x7fe01d18eec9 [ 1297.647571][ T444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1297.647600][ T444] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1297.647630][ T444] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1297.647650][ T444] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008 [ 1297.647669][ T444] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1297.647688][ T444] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000 [ 1297.647707][ T444] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1297.647746][ T444] [ 1299.871799][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1299.886930][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1302.533901][ T599] ptrace attach of "./syz-executor exec"[16055] was attempted by ""[599] [ 1304.444495][ T628] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7034'. [ 1304.488013][ T628] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1304.514636][ T628] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1304.550809][ T628] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1304.634740][ T628] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1307.430787][ T738] FAULT_INJECTION: forcing a failure. [ 1307.430787][ T738] name failslab, interval 1, probability 0, space 0, times 0 [ 1307.462543][ T738] CPU: 1 UID: 0 PID: 738 Comm: syz.7.7046 Not tainted syzkaller #0 PREEMPT(full) [ 1307.462586][ T738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1307.462605][ T738] Call Trace: [ 1307.462614][ T738] [ 1307.462626][ T738] dump_stack_lvl+0x16c/0x1f0 [ 1307.462664][ T738] should_fail_ex+0x512/0x640 [ 1307.462698][ T738] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1307.462735][ T738] ? __pfx_objects_open+0x10/0x10 [ 1307.462772][ T738] should_failslab+0xc2/0x120 [ 1307.462825][ T738] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1307.462859][ T738] ? debug_mutex_init+0x37/0x70 [ 1307.462895][ T738] ? seq_open+0x55/0x170 [ 1307.462942][ T738] ? __pfx_objects_open+0x10/0x10 [ 1307.462979][ T738] ? seq_open+0x55/0x170 [ 1307.463020][ T738] seq_open+0x55/0x170 [ 1307.463059][ T738] objects_open+0x22/0xd0 [ 1307.463093][ T738] full_proxy_open_regular+0x1b6/0x360 [ 1307.463127][ T738] do_dentry_open+0x982/0x1530 [ 1307.463156][ T738] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1307.463192][ T738] vfs_open+0x82/0x3f0 [ 1307.463239][ T738] path_openat+0x1de4/0x2cb0 [ 1307.463289][ T738] ? __pfx_path_openat+0x10/0x10 [ 1307.463334][ T738] do_filp_open+0x20b/0x470 [ 1307.463372][ T738] ? __pfx_do_filp_open+0x10/0x10 [ 1307.463438][ T738] ? alloc_fd+0x471/0x7d0 [ 1307.463483][ T738] do_sys_openat2+0x11b/0x1d0 [ 1307.463531][ T738] ? __pfx_do_sys_openat2+0x10/0x10 [ 1307.463595][ T738] __x64_sys_openat+0x174/0x210 [ 1307.463625][ T738] ? __pfx___x64_sys_openat+0x10/0x10 [ 1307.463672][ T738] do_syscall_64+0xcd/0x4b0 [ 1307.463710][ T738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1307.463742][ T738] RIP: 0033:0x7fe01d18eec9 [ 1307.463769][ T738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1307.463812][ T738] RSP: 002b:00007fe01b3b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1307.463843][ T738] RAX: ffffffffffffffda RBX: 00007fe01d3e6180 RCX: 00007fe01d18eec9 [ 1307.463865][ T738] RDX: 0000000000040042 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1307.463886][ T738] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1307.463906][ T738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1307.463924][ T738] R13: 00007fe01d3e6218 R14: 00007fe01d3e6180 R15: 00007fffe88b5fa8 [ 1307.463965][ T738] [ 1308.677551][ T771] FAULT_INJECTION: forcing a failure. [ 1308.677551][ T771] name failslab, interval 1, probability 0, space 0, times 0 [ 1308.728855][ T771] CPU: 1 UID: 0 PID: 771 Comm: syz.7.7048 Not tainted syzkaller #0 PREEMPT(full) [ 1308.728901][ T771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1308.728922][ T771] Call Trace: [ 1308.728933][ T771] [ 1308.728946][ T771] dump_stack_lvl+0x16c/0x1f0 [ 1308.728986][ T771] should_fail_ex+0x512/0x640 [ 1308.729021][ T771] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1308.729079][ T771] should_failslab+0xc2/0x120 [ 1308.729124][ T771] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1308.729167][ T771] ? key_alloc+0x43e/0x1330 [ 1308.729207][ T771] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 1308.729247][ T771] ? kmemdup_noprof+0x29/0x60 [ 1308.729281][ T771] kmemdup_noprof+0x29/0x60 [ 1308.729317][ T771] key_alloc+0x43e/0x1330 [ 1308.729370][ T771] ? rcu_is_watching+0x12/0xc0 [ 1308.729420][ T771] ? __pfx_key_alloc+0x10/0x10 [ 1308.729473][ T771] keyring_alloc+0x44/0xc0 [ 1308.729524][ T771] install_session_keyring_to_cred+0x190/0x230 [ 1308.729569][ T771] join_session_keyring+0x1b8/0x340 [ 1308.729610][ T771] lookup_user_key+0xe3f/0x1300 [ 1308.729656][ T771] ? __pfx_lookup_user_key+0x10/0x10 [ 1308.729694][ T771] ? find_held_lock+0x2b/0x80 [ 1308.729734][ T771] ? setid_policy_lookup+0x10c/0x350 [ 1308.729767][ T771] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1308.729813][ T771] ? bpf_lsm_capable+0x9/0x10 [ 1308.729858][ T771] ? security_capable+0x7e/0x260 [ 1308.729895][ T771] keyctl_get_persistent+0x1a5/0x8c0 [ 1308.729943][ T771] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 1308.729995][ T771] ? __x64_sys_futex+0x1e0/0x4c0 [ 1308.730048][ T771] ? __x64_sys_futex+0x1e9/0x4c0 [ 1308.730100][ T771] ? xfd_validate_state+0x61/0x180 [ 1308.730129][ T771] ? __pfx_do_writev+0x10/0x10 [ 1308.730179][ T771] __do_sys_keyctl+0x1a9/0x590 [ 1308.730218][ T771] do_syscall_64+0xcd/0x4b0 [ 1308.730256][ T771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1308.730288][ T771] RIP: 0033:0x7fe01d18eec9 [ 1308.730313][ T771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1308.730341][ T771] RSP: 002b:00007fe01b3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1308.730373][ T771] RAX: ffffffffffffffda RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1308.730394][ T771] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000016 [ 1308.730414][ T771] RBP: 00007fe01d211f91 R08: 0000000000000001 R09: 0000000000000000 [ 1308.730433][ T771] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 1308.730452][ T771] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1308.730492][ T771] [ 1309.452258][ T779] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7050'. [ 1313.703889][ T904] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7063'. [ 1313.858086][ T911] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7066'. [ 1317.688404][ T1011] __vm_enough_memory: pid: 1011, comm: syz.4.7086, bytes: 4398046511104 not enough memory for the allocation [ 1318.860337][ T1054] Invalid ELF header magic: != ELF [ 1320.853459][ T1152] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 1323.638407][ T1247] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7105'. [ 1327.827716][ T1414] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7122'. [ 1327.881157][ T1414] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7122'. [ 1328.769294][ T1428] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7127'. [ 1331.130242][ T1457] __vm_enough_memory: pid: 1457, comm: syz.4.7133, bytes: 4398046511104 not enough memory for the allocation [ 1332.458667][ T1487] ICMPv6: process `syz.7.7137' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 1334.450101][ T1542] Invalid ELF header magic: != ELF [ 1334.482937][ T1508] kexec: Could not allocate control_code_buffer [ 1336.607766][T21632] Bluetooth: hci2: unexpected event 0x30 length: 47 > 3 [ 1340.883386][ T1688] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7160'. [ 1341.180132][ T1694] netlink: 306 bytes leftover after parsing attributes in process `syz.6.7162'. [ 1341.858804][ T1691] FAULT_INJECTION: forcing a failure. [ 1341.858804][ T1691] name failslab, interval 1, probability 0, space 0, times 0 [ 1342.007588][ T1691] CPU: 1 UID: 0 PID: 1691 Comm: syz.7.7159 Not tainted syzkaller #0 PREEMPT(full) [ 1342.007622][ T1691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1342.007634][ T1691] Call Trace: [ 1342.007640][ T1691] [ 1342.007648][ T1691] dump_stack_lvl+0x16c/0x1f0 [ 1342.007673][ T1691] should_fail_ex+0x512/0x640 [ 1342.007695][ T1691] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1342.007720][ T1691] should_failslab+0xc2/0x120 [ 1342.007746][ T1691] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1342.007767][ T1691] ? getname_flags.part.0+0x4c/0x550 [ 1342.007803][ T1691] ? getname_flags.part.0+0x4c/0x550 [ 1342.007830][ T1691] getname_flags.part.0+0x4c/0x550 [ 1342.007861][ T1691] getname_flags+0x93/0xf0 [ 1342.007881][ T1691] __do_sys_newstat+0x8a/0x130 [ 1342.007908][ T1691] ? __pfx___do_sys_newstat+0x10/0x10 [ 1342.007934][ T1691] ? find_held_lock+0x2b/0x80 [ 1342.007967][ T1691] ? xfd_validate_state+0x61/0x180 [ 1342.007987][ T1691] ? rcu_is_watching+0x12/0xc0 [ 1342.008011][ T1691] do_syscall_64+0xcd/0x4b0 [ 1342.008043][ T1691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1342.008061][ T1691] RIP: 0033:0x7fe01d18eec9 [ 1342.008077][ T1691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1342.008095][ T1691] RSP: 002b:00007fe01b3d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 1342.008114][ T1691] RAX: ffffffffffffffda RBX: 00007fe01d3e6090 RCX: 00007fe01d18eec9 [ 1342.008126][ T1691] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000040 [ 1342.008137][ T1691] RBP: 00007fe01d211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1342.008148][ T1691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1342.008159][ T1691] R13: 00007fe01d3e6128 R14: 00007fe01d3e6090 R15: 00007fffe88b5fa8 [ 1342.008182][ T1691] [ 1342.901290][ T1692] kexec: Could not allocate control_code_buffer [ 1343.231161][ T1732] syz.7.7164 (1732): /proc/1730/oom_adj is deprecated, please use /proc/1730/oom_score_adj instead. [ 1344.030866][ T1786] netlink: 338 bytes leftover after parsing attributes in process `syz.6.7167'. [ 1345.854199][ T1857] netlink: 342 bytes leftover after parsing attributes in process `syz.7.7178'. [ 1345.917908][ T1867] netlink: 342 bytes leftover after parsing attributes in process `syz.7.7178'. [ 1348.352423][ T1954] Invalid ELF header magic: != ELF [ 1354.232118][ T2115] __vm_enough_memory: pid: 2115, comm: syz.6.7197, bytes: 4398046511104 not enough memory for the allocation [ 1354.442865][ T2116] Invalid ELF header magic: != ELF [ 1355.854318][ T2137] netlink: 28 bytes leftover after parsing attributes in process `syz.7.7200'. [ 1356.598198][ T2137] team0: Port device team_slave_1 removed [ 1360.741365][ T2390] netlink: 330 bytes leftover after parsing attributes in process `syz.5.7217'. [ 1360.995054][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.005847][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1364.285287][T21632] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 1365.262524][ T2522] netlink: 'syz.5.7237': attribute type 4 has an invalid length. [ 1365.286371][ T2522] netlink: 'syz.5.7237': attribute type 5 has an invalid length. [ 1365.294218][ T2522] netlink: 10 bytes leftover after parsing attributes in process `syz.5.7237'. [ 1365.479410][ T2264] ------------[ cut here ]------------ [ 1365.485034][ T2264] WARNING: CPU: 1 PID: 2264 at kernel/trace/trace.c:8604 tracing_buffers_mmap_close+0xdd/0x130 [ 1365.496126][ T2264] Modules linked in: [ 1365.500827][ T2264] CPU: 1 UID: 0 PID: 2264 Comm: syz.7.7208 Not tainted syzkaller #0 PREEMPT(full) [ 1365.510324][ T2264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1365.521079][ T2264] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 1365.528424][ T2264] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 27 4c fb ff 85 db 75 0a 48 83 c4 08 5b e9 d9 50 fb ff e8 d4 50 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 c6 50 fb ff e8 31 cf 62 00 eb 87 e8 5a [ 1365.549342][ T2264] RSP: 0018:ffffc9000d7879c0 EFLAGS: 00010293 [ 1365.558339][ T2264] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bf5479 [ 1365.567167][ T2264] RDX: ffff888068621e40 RSI: ffffffff81bf548c RDI: 0000000000000005 [ 1365.575802][ T2264] RBP: ffffffff81bf53b0 R08: 0000000000000005 R09: 0000000000000000 [ 1365.585393][ T2264] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff888033e03048 [ 1365.593508][ T2264] R13: dffffc0000000000 R14: ffffc9000d787a48 R15: 0000000000000000 [ 1365.602050][ T2264] FS: 0000000000000000(0000) GS:ffff888124f8c000(0000) knlGS:0000000000000000 [ 1365.611659][ T2264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1365.619010][ T2264] CR2: 000000110df9e660 CR3: 0000000049bc0000 CR4: 00000000003526f0 [ 1365.627635][ T2264] Call Trace: [ 1365.630971][ T2264] [ 1365.634047][ T2264] remove_vma+0x85/0x160 [ 1365.638840][ T2264] exit_mmap+0x50a/0xb90 [ 1365.643256][ T2264] ? __pfx_exit_mmap+0x10/0x10 [ 1365.648473][ T2264] ? __lock_acquire+0xb97/0x1ce0 [ 1365.653600][ T2264] ? arch_uprobe_clear_state+0x16/0x150 [ 1365.659369][ T2264] __mmput+0x12a/0x410 [ 1365.663596][ T2264] mmput+0x62/0x70 [ 1365.667685][ T2264] do_exit+0x7c7/0x2bf0 [ 1365.671999][ T2264] ? proc_coredump_connector+0x2d1/0x4f0 [ 1365.677994][ T2264] ? __pfx_do_exit+0x10/0x10 [ 1365.682673][ T2264] do_group_exit+0xd3/0x2a0 [ 1365.687578][ T2264] get_signal+0x2671/0x26d0 [ 1365.692460][ T2264] ? force_sig_fault+0xc4/0x100 [ 1365.697885][ T2264] ? __pfx_get_signal+0x10/0x10 [ 1365.703016][ T2264] arch_do_signal_or_restart+0x8f/0x790 [ 1365.708757][ T2264] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 1365.715188][ T2264] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1365.721743][ T2264] irqentry_exit_to_user_mode+0x141/0x2b0 [ 1365.728295][ T2264] asm_exc_page_fault+0x26/0x30 [ 1365.733366][ T2264] RIP: 0033:0x40fff [ 1365.737761][ T2264] Code: Unable to access opcode bytes at 0x40fd5. [ 1365.744594][ T2264] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 1365.750895][ T2264] RAX: 0000000000000000 RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1365.759065][ T2264] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1365.767190][ T2264] RBP: 00007fe01d211f91 R08: 0000000000000002 R09: 0000000000000000 [ 1365.775421][ T2264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1365.783507][ T2264] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1365.792046][ T2264] [ 1365.795426][ T2264] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1365.802967][ T2264] CPU: 1 UID: 0 PID: 2264 Comm: syz.7.7208 Not tainted syzkaller #0 PREEMPT(full) [ 1365.812724][ T2264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1365.823224][ T2264] Call Trace: [ 1365.826602][ T2264] [ 1365.829740][ T2264] dump_stack_lvl+0x3d/0x1f0 [ 1365.834371][ T2264] vpanic+0x640/0x6f0 [ 1365.838490][ T2264] ? tracing_buffers_mmap_close+0xdd/0x130 [ 1365.844507][ T2264] panic+0xca/0xd0 [ 1365.848256][ T2264] ? __pfx_panic+0x10/0x10 [ 1365.852710][ T2264] ? check_panic_on_warn+0x1f/0xb0 [ 1365.857836][ T2264] check_panic_on_warn+0xab/0xb0 [ 1365.862983][ T2264] __warn+0xf6/0x3c0 [ 1365.866927][ T2264] ? tracing_buffers_mmap_close+0xdd/0x130 [ 1365.872758][ T2264] report_bug+0x3c3/0x580 [ 1365.877190][ T2264] ? tracing_buffers_mmap_close+0xdd/0x130 [ 1365.883051][ T2264] handle_bug+0x184/0x210 [ 1365.887532][ T2264] exc_invalid_op+0x17/0x50 [ 1365.892314][ T2264] asm_exc_invalid_op+0x1a/0x20 [ 1365.897189][ T2264] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 1365.903719][ T2264] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 27 4c fb ff 85 db 75 0a 48 83 c4 08 5b e9 d9 50 fb ff e8 d4 50 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 c6 50 fb ff e8 31 cf 62 00 eb 87 e8 5a [ 1365.923539][ T2264] RSP: 0018:ffffc9000d7879c0 EFLAGS: 00010293 [ 1365.929975][ T2264] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bf5479 [ 1365.937988][ T2264] RDX: ffff888068621e40 RSI: ffffffff81bf548c RDI: 0000000000000005 [ 1365.946145][ T2264] RBP: ffffffff81bf53b0 R08: 0000000000000005 R09: 0000000000000000 [ 1365.954137][ T2264] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff888033e03048 [ 1365.963530][ T2264] R13: dffffc0000000000 R14: ffffc9000d787a48 R15: 0000000000000000 [ 1365.971793][ T2264] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 1365.978267][ T2264] ? tracing_buffers_mmap_close+0xc9/0x130 [ 1365.984104][ T2264] ? tracing_buffers_mmap_close+0xdc/0x130 [ 1365.990113][ T2264] remove_vma+0x85/0x160 [ 1365.994403][ T2264] exit_mmap+0x50a/0xb90 [ 1365.998915][ T2264] ? __pfx_exit_mmap+0x10/0x10 [ 1366.004603][ T2264] ? __lock_acquire+0xb97/0x1ce0 [ 1366.009811][ T2264] ? arch_uprobe_clear_state+0x16/0x150 [ 1366.015409][ T2264] __mmput+0x12a/0x410 [ 1366.019726][ T2264] mmput+0x62/0x70 [ 1366.023462][ T2264] do_exit+0x7c7/0x2bf0 [ 1366.027632][ T2264] ? proc_coredump_connector+0x2d1/0x4f0 [ 1366.033399][ T2264] ? __pfx_do_exit+0x10/0x10 [ 1366.038195][ T2264] do_group_exit+0xd3/0x2a0 [ 1366.042727][ T2264] get_signal+0x2671/0x26d0 [ 1366.047265][ T2264] ? force_sig_fault+0xc4/0x100 [ 1366.052144][ T2264] ? __pfx_get_signal+0x10/0x10 [ 1366.057129][ T2264] arch_do_signal_or_restart+0x8f/0x790 [ 1366.062891][ T2264] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 1366.068978][ T2264] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1366.075245][ T2264] irqentry_exit_to_user_mode+0x141/0x2b0 [ 1366.081061][ T2264] asm_exc_page_fault+0x26/0x30 [ 1366.086052][ T2264] RIP: 0033:0x40fff [ 1366.089900][ T2264] Code: Unable to access opcode bytes at 0x40fd5. [ 1366.096311][ T2264] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 1366.102394][ T2264] RAX: 0000000000000000 RBX: 00007fe01d3e5fa0 RCX: 00007fe01d18eec9 [ 1366.110483][ T2264] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1366.118593][ T2264] RBP: 00007fe01d211f91 R08: 0000000000000002 R09: 0000000000000000 [ 1366.126584][ T2264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1366.134757][ T2264] R13: 00007fe01d3e6038 R14: 00007fe01d3e5fa0 R15: 00007fffe88b5fa8 [ 1366.142856][ T2264] [ 1366.146282][ T2264] Kernel Offset: disabled [ 1366.150608][ T2264] Rebooting in 86400 seconds..