last executing test programs: 5.396190526s ago: executing program 1 (id=3903): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bpf$auto(0x0, 0x0, 0xa3) bpf$auto(0x0, 0x0, 0x10) bpf$auto(0x2, 0x0, 0xcd) r0 = clone$auto(0x21, 0x8cd, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x8}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0) 4.993722619s ago: executing program 3 (id=3906): socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x20, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.697249953s ago: executing program 1 (id=3908): inotify_init1$auto(0x3000000000000) mmap$auto(0x0, 0xede8, 0xdf, 0x9b72, 0x5, 0x28000) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) open(0x0, 0xa240, 0x15e) open(0x0, 0x161342, 0x100) 4.664009656s ago: executing program 3 (id=3909): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0xa, 0xb) close_range$auto(0x2, 0x8000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x8000006, 0x6, 0x3, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x8000100, 0x1, 0x8000052, 0x5, 0x1, 0x40, 0x76c5, 0x9a, 0x100000000}}) io_uring_enter$auto(r0, 0x9, 0x820e, 0x9, 0x0, 0x18) 4.114020546s ago: executing program 1 (id=3913): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x800) r1 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) close_range$auto(0x2, 0x8, 0x0) 3.614315676s ago: executing program 1 (id=3916): socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8402, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/sctp/remaddr\x00', 0xb00, 0x0) pread64$auto(r0, 0x0, 0xf469, 0xbc3ab41) 3.304406536s ago: executing program 3 (id=3917): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x81f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.706738122s ago: executing program 3 (id=3920): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r0 = gettid() r1 = syz_open_procfs$namespace(r0, &(0x7f0000000080)) fchdir$auto(r1) r2 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r2, 0x0, 0x400) 2.315991712s ago: executing program 1 (id=3923): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) ioctl$auto_TUNSETPERSIST(r0, 0x400454cb, &(0x7f00000001c0)=0x1) close_range$auto(0x2, 0xa, 0x0) 2.252657293s ago: executing program 2 (id=3925): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_SCOPE={0x5, 0x4, '\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="1000"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.945276727s ago: executing program 0 (id=3926): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0000080800030000000000080001000000000008000200", @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c51d50e", @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf250200000008000300800040000800030009"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.876497912s ago: executing program 2 (id=3927): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(r0, 0x7) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x2000fdff) close_range$auto(0x2, 0x8, 0x0) 1.568650557s ago: executing program 2 (id=3928): socket(0x23, 0x80805, 0x0) open(0x0, 0x181040, 0x49b) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) readv$auto(0x3, 0x0, 0x1) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x4) 1.509019391s ago: executing program 0 (id=3929): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001800), 0x101101, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_DEVICE_ATTR(r0, 0x8040ae9f, &(0x7f0000000040)={0xd, 0x0, 0x0, 0xfffffffffffffffe}) 1.227627482s ago: executing program 2 (id=3930): close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x4020ae76, r2) 1.191714027s ago: executing program 1 (id=3931): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mknod$auto(0x0, 0xc9, 0xfffffffa) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\x80\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x00\x0e\v9\xb5j\x00\x04\xc8\x1fa\x1c\x1a\x05 \xfdr/D\xbf\x98\x06\xe5\xf6\x8d\x1fX\xe5\xbc\xbc\"}$', 0x7fffffff) landlock_restrict_self$auto(0xffffffffffffffff, 0x2) 1.013363078s ago: executing program 3 (id=3932): socket(0x28, 0x1, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0x4b564d07, 0x400, 0xffffffffffffffff}]}) 945.235321ms ago: executing program 0 (id=3933): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) socket(0x2, 0x1, 0x0) setsockopt$auto(0x6, 0x6, 0x14, &(0x7f0000000240)='ns/cgroup\x00', 0xc) 744.466326ms ago: executing program 2 (id=3934): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) io_uring_register$auto(0x2, 0x6, 0x0, 0x1) 686.299157ms ago: executing program 0 (id=3935): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40, 0x10, 0xc}, 0x18) io_uring_setup$auto(0x6, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00') socketpair$auto(0x1, 0x1, 0x0, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 286.973793ms ago: executing program 3 (id=3936): socket(0x28, 0x1, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0xc0010007, 0x400, 0xffffffffffffffff}]}) 286.328049ms ago: executing program 0 (id=3944): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x4) mmap$auto(0x0, 0x9, 0x40, 0x8000000008012, 0x3, 0x8000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 41.671339ms ago: executing program 2 (id=3937): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x103002, 0x0) write$auto_sg_fops_sg(r0, &(0x7f0000000140)="01000000000d0000624c492f4aa7a158ad329acb69abe1d4bbe91b3ddc84d02747403bbca33c95be8fb08baf91e29260d0", 0x31) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, r0, 0x9) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b4d", 0x3a) 0s ago: executing program 0 (id=3938): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b0500000000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='B'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x2, 0xc}, 0x9}, 0x2, 0x0) kernel console output (not intermixed with test programs): vfs_open+0x82/0x3f0 [ 458.127912][T12920] path_openat+0x1de4/0x2cb0 [ 458.127956][T12920] ? __pfx_path_openat+0x10/0x10 [ 458.127993][T12920] ? __lock_acquire+0xb8a/0x1c90 [ 458.128029][T12920] do_filp_open+0x20b/0x470 [ 458.128068][T12920] ? __pfx_do_filp_open+0x10/0x10 [ 458.128124][T12920] ? alloc_fd+0x471/0x7d0 [ 458.128164][T12920] do_sys_openat2+0x11b/0x1d0 [ 458.128190][T12920] ? __pfx_do_sys_openat2+0x10/0x10 [ 458.128228][T12920] __x64_sys_openat+0x174/0x210 [ 458.128255][T12920] ? __pfx___x64_sys_openat+0x10/0x10 [ 458.128295][T12920] do_syscall_64+0xcd/0x490 [ 458.128333][T12920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.128358][T12920] RIP: 0033:0x7f1ad5d8e929 [ 458.128377][T12920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.128400][T12920] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 458.128423][T12920] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 458.128439][T12920] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 458.128454][T12920] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 458.128468][T12920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.128482][T12920] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 458.128517][T12920] [ 458.670694][T12922] CPU: 1 UID: 0 PID: 12922 Comm: syz.0.2730 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 458.670732][T12922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 458.670746][T12922] Call Trace: [ 458.670754][T12922] [ 458.670763][T12922] dump_stack_lvl+0x16c/0x1f0 [ 458.670804][T12922] should_fail_ex+0x512/0x640 [ 458.670839][T12922] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 458.670876][T12922] should_failslab+0xc2/0x120 [ 458.670900][T12922] __kmalloc_cache_noprof+0x6a/0x3e0 [ 458.670933][T12922] ? open_substream+0xec/0x9b0 [ 458.670958][T12922] ? _raw_spin_unlock_irq+0x23/0x50 [ 458.670994][T12922] open_substream+0xec/0x9b0 [ 458.671023][T12922] rawmidi_open_priv+0x543/0x6e0 [ 458.671057][T12922] snd_rawmidi_open+0x4cc/0xbf0 [ 458.671094][T12922] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 458.671126][T12922] ? __pfx_default_wake_function+0x10/0x10 [ 458.671155][T12922] ? kobject_get_unless_zero+0x156/0x1e0 [ 458.671198][T12922] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 458.671227][T12922] snd_open+0x201/0x450 [ 458.671266][T12922] ? __pfx_snd_open+0x10/0x10 [ 458.671303][T12922] chrdev_open+0x234/0x6a0 [ 458.671339][T12922] ? __pfx_apparmor_file_open+0x10/0x10 [ 458.671378][T12922] ? __pfx_chrdev_open+0x10/0x10 [ 458.671419][T12922] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 458.671457][T12922] do_dentry_open+0x741/0x1c10 [ 458.671495][T12922] ? __pfx_chrdev_open+0x10/0x10 [ 458.671538][T12922] vfs_open+0x82/0x3f0 [ 458.671568][T12922] path_openat+0x1de4/0x2cb0 [ 458.671612][T12922] ? __pfx_path_openat+0x10/0x10 [ 458.671650][T12922] ? __lock_acquire+0xb8a/0x1c90 [ 458.671686][T12922] do_filp_open+0x20b/0x470 [ 458.671726][T12922] ? __pfx_do_filp_open+0x10/0x10 [ 458.671783][T12922] ? alloc_fd+0x471/0x7d0 [ 458.671823][T12922] do_sys_openat2+0x11b/0x1d0 [ 458.671850][T12922] ? __pfx_do_sys_openat2+0x10/0x10 [ 458.671889][T12922] __x64_sys_openat+0x174/0x210 [ 458.671917][T12922] ? __pfx___x64_sys_openat+0x10/0x10 [ 458.671957][T12922] do_syscall_64+0xcd/0x490 [ 458.671996][T12922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.672021][T12922] RIP: 0033:0x7f022a78e929 [ 458.672040][T12922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.672063][T12922] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 458.672086][T12922] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 458.672101][T12922] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 458.672117][T12922] RBP: 00007f022a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 458.672132][T12922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.672146][T12922] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 458.672177][T12922] [ 460.193458][T12932] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2736'. [ 460.317485][T12932] gre0: entered promiscuous mode [ 460.323021][T12932] gre0: entered allmulticast mode [ 460.857849][T12943] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2740'. [ 461.207889][T12948] FAULT_INJECTION: forcing a failure. [ 461.207889][T12948] name failslab, interval 1, probability 0, space 0, times 0 [ 461.302950][T12948] CPU: 1 UID: 0 PID: 12948 Comm: syz.0.2743 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 461.302987][T12948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 461.303002][T12948] Call Trace: [ 461.303009][T12948] [ 461.303018][T12948] dump_stack_lvl+0x16c/0x1f0 [ 461.303059][T12948] should_fail_ex+0x512/0x640 [ 461.303093][T12948] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 461.303137][T12948] should_failslab+0xc2/0x120 [ 461.303160][T12948] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 461.303207][T12948] ? __pfx_proc_create_net_data+0x10/0x10 [ 461.303248][T12948] ? nf_log_net_init+0x9f/0x450 [ 461.303288][T12948] ? __pfx_nf_log_net_init+0x10/0x10 [ 461.303328][T12948] kmemdup_noprof+0x29/0x60 [ 461.303365][T12948] nf_log_net_init+0x9f/0x450 [ 461.303405][T12948] ? __pfx_nf_log_net_init+0x10/0x10 [ 461.303444][T12948] ops_init+0x1e2/0x5f0 [ 461.303485][T12948] setup_net+0x1ff/0x510 [ 461.303521][T12948] ? lockdep_init_map_type+0x5c/0x280 [ 461.303560][T12948] ? __pfx_setup_net+0x10/0x10 [ 461.303600][T12948] ? debug_mutex_init+0x37/0x70 [ 461.303627][T12948] copy_net_ns+0x2a6/0x5f0 [ 461.303654][T12948] create_new_namespaces+0x3ea/0xa90 [ 461.303689][T12948] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 461.303719][T12948] ksys_unshare+0x45b/0xa40 [ 461.303756][T12948] ? __pfx_ksys_unshare+0x10/0x10 [ 461.303790][T12948] ? xfd_validate_state+0x61/0x180 [ 461.303831][T12948] __x64_sys_unshare+0x31/0x40 [ 461.303864][T12948] do_syscall_64+0xcd/0x490 [ 461.303903][T12948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.303926][T12948] RIP: 0033:0x7f022a78e929 [ 461.303945][T12948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.303968][T12948] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 461.303990][T12948] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 461.304006][T12948] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 461.304020][T12948] RBP: 00007f022a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 461.304034][T12948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.304049][T12948] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 461.304078][T12948] [ 461.842494][T12951] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2744'. [ 462.615018][T12966] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2752'. [ 463.045532][T12974] Loading of unsigned module is rejected [ 463.614102][T12987] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2759'. [ 463.835815][T12990] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2761'. [ 465.141417][T13017] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2771'. [ 466.167823][T13033] FAULT_INJECTION: forcing a failure. [ 466.167823][T13033] name failslab, interval 1, probability 0, space 0, times 0 [ 466.260825][T13033] CPU: 1 UID: 0 PID: 13033 Comm: syz.0.2780 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 466.260862][T13033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 466.260877][T13033] Call Trace: [ 466.260885][T13033] [ 466.260894][T13033] dump_stack_lvl+0x16c/0x1f0 [ 466.260935][T13033] should_fail_ex+0x512/0x640 [ 466.260976][T13033] ? __kmalloc_noprof+0xbf/0x510 [ 466.261014][T13033] ? lsm_blob_alloc+0x68/0x90 [ 466.261050][T13033] should_failslab+0xc2/0x120 [ 466.261072][T13033] __kmalloc_noprof+0xd2/0x510 [ 466.261113][T13033] lsm_blob_alloc+0x68/0x90 [ 466.261150][T13033] security_sk_alloc+0x30/0x270 [ 466.261182][T13033] sk_prot_alloc+0xfb/0x2a0 [ 466.261210][T13033] sk_alloc+0x36/0xc20 [ 466.261244][T13033] unix_create1+0xa6/0x700 [ 466.261276][T13033] unix_create+0x10e/0x1d0 [ 466.261307][T13033] __sock_create+0x338/0x8d0 [ 466.261339][T13033] __sys_socketpair+0x25c/0x5a0 [ 466.261369][T13033] ? __pfx___sys_socketpair+0x10/0x10 [ 466.261397][T13033] ? fput+0x70/0xf0 [ 466.261422][T13033] ? xfd_validate_state+0x61/0x180 [ 466.261454][T13033] ? __pfx_do_writev+0x10/0x10 [ 466.261491][T13033] __x64_sys_socketpair+0x96/0x100 [ 466.261519][T13033] ? lockdep_hardirqs_on+0x7c/0x110 [ 466.261553][T13033] do_syscall_64+0xcd/0x490 [ 466.261591][T13033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.261615][T13033] RIP: 0033:0x7f022a78e929 [ 466.261634][T13033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.261658][T13033] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 466.261681][T13033] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 466.261697][T13033] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 466.261711][T13033] RBP: 00007f022a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 466.261726][T13033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.261740][T13033] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 466.261769][T13033] [ 467.409735][T13048] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 467.992409][T13061] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2793'. [ 468.243344][T13064] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2794'. [ 468.538151][T13072] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2796'. [ 468.659067][T13073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2796'. [ 468.871363][ T5854] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 468.871398][ T5854] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 468.889873][ T5854] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 468.889902][ T5854] Bluetooth: hci0: adv larger than maximum supported [ 468.897718][ T5854] Bluetooth: hci0: Unknown advertising packet type: 0x7b [ 468.905116][ T5854] Bluetooth: hci0: Malformed LE Event: 0x0d [ 469.448790][T13087] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2801'. [ 471.764247][T13122] FAULT_INJECTION: forcing a failure. [ 471.764247][T13122] name failslab, interval 1, probability 0, space 0, times 0 [ 471.830113][T13122] CPU: 1 UID: 0 PID: 13122 Comm: syz.2.2814 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 471.830150][T13122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 471.830165][T13122] Call Trace: [ 471.830173][T13122] [ 471.830182][T13122] dump_stack_lvl+0x16c/0x1f0 [ 471.830223][T13122] should_fail_ex+0x512/0x640 [ 471.830258][T13122] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 471.830294][T13122] should_failslab+0xc2/0x120 [ 471.830317][T13122] __kmalloc_cache_noprof+0x6a/0x3e0 [ 471.830350][T13122] ? mon_bin_open+0x1a8/0x4a0 [ 471.830378][T13122] mon_bin_open+0x1a8/0x4a0 [ 471.830401][T13122] ? __pfx_mon_bin_open+0x10/0x10 [ 471.830425][T13122] chrdev_open+0x234/0x6a0 [ 471.830462][T13122] ? __pfx_apparmor_file_open+0x10/0x10 [ 471.830493][T13122] ? __pfx_chrdev_open+0x10/0x10 [ 471.830534][T13122] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 471.830572][T13122] do_dentry_open+0x741/0x1c10 [ 471.830609][T13122] ? __pfx_chrdev_open+0x10/0x10 [ 471.830653][T13122] vfs_open+0x82/0x3f0 [ 471.830681][T13122] path_openat+0x1de4/0x2cb0 [ 471.830726][T13122] ? __pfx_path_openat+0x10/0x10 [ 471.830763][T13122] ? __lock_acquire+0xb8a/0x1c90 [ 471.830816][T13122] do_filp_open+0x20b/0x470 [ 471.830851][T13122] ? __pfx_do_filp_open+0x10/0x10 [ 471.830908][T13122] ? alloc_fd+0x471/0x7d0 [ 471.830949][T13122] do_sys_openat2+0x11b/0x1d0 [ 471.830976][T13122] ? __pfx_do_sys_openat2+0x10/0x10 [ 471.831014][T13122] __x64_sys_openat+0x174/0x210 [ 471.831042][T13122] ? __pfx___x64_sys_openat+0x10/0x10 [ 471.831082][T13122] do_syscall_64+0xcd/0x490 [ 471.831121][T13122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.831145][T13122] RIP: 0033:0x7f1ad5d8e929 [ 471.831164][T13122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 471.831188][T13122] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 471.831211][T13122] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 471.831227][T13122] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 471.831242][T13122] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 471.831256][T13122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 471.831270][T13122] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 471.831300][T13122] [ 473.653201][T13139] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2822'. [ 473.833666][T13139] team0: Port device team_slave_1 removed [ 474.150108][T13143] FAULT_INJECTION: forcing a failure. [ 474.150108][T13143] name failslab, interval 1, probability 0, space 0, times 0 [ 474.205733][T13143] CPU: 1 UID: 0 PID: 13143 Comm: syz.2.2824 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 474.205771][T13143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 474.205786][T13143] Call Trace: [ 474.205794][T13143] [ 474.205803][T13143] dump_stack_lvl+0x16c/0x1f0 [ 474.205844][T13143] should_fail_ex+0x512/0x640 [ 474.205879][T13143] ? fs_reclaim_acquire+0xae/0x150 [ 474.205910][T13143] ? ima_alloc_init_template+0x19d/0x720 [ 474.205932][T13143] should_failslab+0xc2/0x120 [ 474.205955][T13143] __kmalloc_noprof+0xd2/0x510 [ 474.205991][T13143] ? __print_lock_name+0xb1/0xe0 [ 474.206021][T13143] ima_alloc_init_template+0x19d/0x720 [ 474.206046][T13143] ? take_dentry_name_snapshot+0x319/0x7d0 [ 474.206076][T13143] ima_store_measurement+0x1eb/0x5c0 [ 474.206103][T13143] ? __pfx_ima_store_measurement+0x10/0x10 [ 474.206129][T13143] ? vfs_getxattr_alloc+0xec/0x340 [ 474.206174][T13143] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 474.206214][T13143] process_measurement+0x1ddb/0x23e0 [ 474.206262][T13143] ? __pfx_process_measurement+0x10/0x10 [ 474.206302][T13143] ? alloc_empty_file+0x73/0x1e0 [ 474.206327][T13143] ? hugetlb_file_setup+0x4cd/0x620 [ 474.206351][T13143] ? ksys_mmap_pgoff+0x189/0x5c0 [ 474.206382][T13143] ? __x64_sys_mmap+0x125/0x190 [ 474.206457][T13143] ima_file_mmap+0x1b1/0x1d0 [ 474.206493][T13143] ? __pfx_ima_file_mmap+0x10/0x10 [ 474.206537][T13143] security_mmap_file+0x88c/0x990 [ 474.206570][T13143] vm_mmap_pgoff+0xec/0x450 [ 474.206598][T13143] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 474.206620][T13143] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 474.206648][T13143] ? hugetlbfs_get_inode+0x31f/0x730 [ 474.206681][T13143] ksys_mmap_pgoff+0x1c8/0x5c0 [ 474.206712][T13143] __x64_sys_mmap+0x125/0x190 [ 474.206750][T13143] do_syscall_64+0xcd/0x490 [ 474.206789][T13143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.206813][T13143] RIP: 0033:0x7f1ad5d8e929 [ 474.206832][T13143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 474.206855][T13143] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 474.206877][T13143] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 474.206893][T13143] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 474.206907][T13143] RBP: 00007f1ad5e10b39 R08: 0000000000000401 R09: 0000300000000000 [ 474.206922][T13143] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 474.206937][T13143] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 474.206966][T13143] [ 474.546963][ T30] audit: type=1804 audit(4294967337.500:9): pid=13143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.2824" name="anon_hugepage" dev="hugetlbfs" ino=33773 res=0 errno=0 [ 474.840676][T13152] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2829'. [ 475.177722][T13154] zswap: compressor 000 not available [ 475.790727][T13169] FAULT_INJECTION: forcing a failure. [ 475.790727][T13169] name failslab, interval 1, probability 0, space 0, times 0 [ 475.887675][T13169] CPU: 1 UID: 0 PID: 13169 Comm: syz.0.2834 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 475.887712][T13169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 475.887727][T13169] Call Trace: [ 475.887734][T13169] [ 475.887743][T13169] dump_stack_lvl+0x16c/0x1f0 [ 475.887784][T13169] should_fail_ex+0x512/0x640 [ 475.887819][T13169] ? fs_reclaim_acquire+0xae/0x150 [ 475.887851][T13169] should_failslab+0xc2/0x120 [ 475.887874][T13169] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 475.887911][T13169] ? security_inode_alloc+0x3b/0x2b0 [ 475.887942][T13169] security_inode_alloc+0x3b/0x2b0 [ 475.887969][T13169] inode_init_always_gfp+0xce4/0x1030 [ 475.888008][T13169] alloc_inode+0x86/0x240 [ 475.888033][T13169] path_from_stashed+0x2be/0xb00 [ 475.888068][T13169] ? do_raw_spin_lock+0x12c/0x2b0 [ 475.888110][T13169] ? __pfx_path_from_stashed+0x10/0x10 [ 475.888147][T13169] ? do_raw_spin_unlock+0x172/0x230 [ 475.888174][T13169] ns_get_path+0x5f/0x80 [ 475.888206][T13169] proc_ns_get_link+0x121/0x260 [ 475.888239][T13169] ? __pfx_proc_ns_get_link+0x10/0x10 [ 475.888275][T13169] ? atime_needs_update+0x8b/0x710 [ 475.888303][T13169] ? __pfx_proc_ns_get_link+0x10/0x10 [ 475.888335][T13169] step_into+0x1a29/0x2270 [ 475.888379][T13169] ? __pfx_step_into+0x10/0x10 [ 475.888409][T13169] ? find_held_lock+0x2b/0x80 [ 475.888443][T13169] path_openat+0x6db/0x2cb0 [ 475.888488][T13169] ? __pfx_path_openat+0x10/0x10 [ 475.888525][T13169] ? __lock_acquire+0xb8a/0x1c90 [ 475.888562][T13169] do_filp_open+0x20b/0x470 [ 475.888598][T13169] ? __pfx_do_filp_open+0x10/0x10 [ 475.888654][T13169] ? alloc_fd+0x471/0x7d0 [ 475.888693][T13169] do_sys_openat2+0x11b/0x1d0 [ 475.888723][T13169] ? __pfx_do_sys_openat2+0x10/0x10 [ 475.888762][T13169] __x64_sys_openat+0x174/0x210 [ 475.888789][T13169] ? __pfx___x64_sys_openat+0x10/0x10 [ 475.888828][T13169] do_syscall_64+0xcd/0x490 [ 475.888867][T13169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 475.888891][T13169] RIP: 0033:0x7f022a78d290 [ 475.888910][T13169] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 475.888933][T13169] RSP: 002b:00007f022b633f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 475.888955][T13169] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f022a78d290 [ 475.888971][T13169] RDX: 0000000000000002 RSI: 00007f022b633fa0 RDI: 00000000ffffff9c [ 475.888986][T13169] RBP: 00007f022b633fa0 R08: 0000000000000000 R09: 0000000000000000 [ 475.889000][T13169] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 475.889014][T13169] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 475.889044][T13169] [ 476.392364][T13175] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2838'. [ 476.826846][T13185] FAULT_INJECTION: forcing a failure. [ 476.826846][T13185] name failslab, interval 1, probability 0, space 0, times 0 [ 476.887596][T13185] CPU: 1 UID: 0 PID: 13185 Comm: syz.1.2841 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 476.887635][T13185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 476.887650][T13185] Call Trace: [ 476.887657][T13185] [ 476.887666][T13185] dump_stack_lvl+0x16c/0x1f0 [ 476.887706][T13185] should_fail_ex+0x512/0x640 [ 476.887741][T13185] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 476.887778][T13185] should_failslab+0xc2/0x120 [ 476.887806][T13185] __kmalloc_cache_noprof+0x6a/0x3e0 [ 476.887838][T13185] ? vsnprintf+0x318/0x1160 [ 476.887869][T13185] ? __alloc_workqueue+0xda2/0x1810 [ 476.887904][T13185] __alloc_workqueue+0xda2/0x1810 [ 476.887936][T13185] ? __pfx_vsnprintf+0x10/0x10 [ 476.887969][T13185] ? lockdep_hardirqs_on+0x7c/0x110 [ 476.888003][T13185] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 476.888039][T13185] alloc_workqueue+0xd2/0x200 [ 476.888070][T13185] ? __pfx_alloc_workqueue+0x10/0x10 [ 476.888109][T13185] ? __pfx___debug_object_init+0x10/0x10 [ 476.888142][T13185] nci_register_device+0x21e/0xb80 [ 476.888177][T13185] ? __pfx_nci_register_device+0x10/0x10 [ 476.888213][T13185] ? lockdep_init_map_type+0x5c/0x280 [ 476.888254][T13185] virtual_ncidev_open+0x141/0x220 [ 476.888285][T13185] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 476.888314][T13185] misc_open+0x35d/0x420 [ 476.888345][T13185] ? __pfx_misc_open+0x10/0x10 [ 476.888374][T13185] chrdev_open+0x234/0x6a0 [ 476.888411][T13185] ? __pfx_apparmor_file_open+0x10/0x10 [ 476.888443][T13185] ? __pfx_chrdev_open+0x10/0x10 [ 476.888490][T13185] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 476.888529][T13185] do_dentry_open+0x741/0x1c10 [ 476.888566][T13185] ? __pfx_chrdev_open+0x10/0x10 [ 476.888609][T13185] vfs_open+0x82/0x3f0 [ 476.888639][T13185] path_openat+0x1de4/0x2cb0 [ 476.888683][T13185] ? __pfx_path_openat+0x10/0x10 [ 476.888720][T13185] ? __lock_acquire+0xb8a/0x1c90 [ 476.888756][T13185] do_filp_open+0x20b/0x470 [ 476.888792][T13185] ? __pfx_do_filp_open+0x10/0x10 [ 476.888848][T13185] ? alloc_fd+0x471/0x7d0 [ 476.888888][T13185] do_sys_openat2+0x11b/0x1d0 [ 476.888915][T13185] ? __pfx_do_sys_openat2+0x10/0x10 [ 476.888953][T13185] __x64_sys_openat+0x174/0x210 [ 476.888981][T13185] ? __pfx___x64_sys_openat+0x10/0x10 [ 476.889020][T13185] do_syscall_64+0xcd/0x490 [ 476.889059][T13185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 476.889083][T13185] RIP: 0033:0x7f3f0938e929 [ 476.889102][T13185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 476.889126][T13185] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 476.889148][T13185] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 476.889164][T13185] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 476.889179][T13185] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 476.889197][T13185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 476.889211][T13185] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 476.889242][T13185] [ 477.702156][T13192] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2844'. [ 477.742481][T13192] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2844'. [ 477.900168][T13199] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2846'. [ 478.173899][T13204] ptp: physical clock is free running [ 478.354053][T13207] netlink: 'syz.3.2851': attribute type 15 has an invalid length. [ 478.395120][T13208] input: = as /devices/virtual/input/input8 [ 478.501392][T13211] netlink: 'syz.0.2853': attribute type 1 has an invalid length. [ 479.110098][T13222] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2857'. [ 479.244066][T13224] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2858'. [ 480.061137][T13238] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2864'. [ 481.204592][T13264] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2873'. [ 481.672639][T13276] sctp: Failed to create the SCTP UDP tunneling v4 sock [ 482.022796][T13281] ptp ptp0: max value is 20 [ 482.939912][T13297] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2885'. [ 483.295335][T13302] netlink: 'syz.2.2886': attribute type 1 has an invalid length. [ 483.612136][T13306] netlink: 'syz.3.2888': attribute type 27 has an invalid length. [ 483.661248][T13306] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2888'. [ 484.466577][T13315] zswap: compressor not available [ 485.699882][T13348] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2907'. [ 485.866075][ T5854] Bluetooth: hci1: ISO packet too small [ 485.952816][T13354] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2910'. [ 486.108285][T13354] team0: Port device team_slave_1 removed [ 488.690748][T13410] FAULT_INJECTION: forcing a failure. [ 488.690748][T13410] name failslab, interval 1, probability 0, space 0, times 0 [ 488.800298][T13410] CPU: 1 UID: 0 PID: 13410 Comm: syz.1.2933 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 488.800336][T13410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 488.800350][T13410] Call Trace: [ 488.800359][T13410] [ 488.800368][T13410] dump_stack_lvl+0x16c/0x1f0 [ 488.800408][T13410] should_fail_ex+0x512/0x640 [ 488.800451][T13410] ? __kmalloc_noprof+0xbf/0x510 [ 488.800490][T13410] ? __seq_open_private+0x22/0xd0 [ 488.800517][T13410] should_failslab+0xc2/0x120 [ 488.800540][T13410] __kmalloc_noprof+0xd2/0x510 [ 488.800575][T13410] ? apparmor_file_open+0x1a1/0x9c0 [ 488.800607][T13410] ? find_held_lock+0x2b/0x80 [ 488.800634][T13410] __seq_open_private+0x22/0xd0 [ 488.800663][T13410] sysvipc_proc_open+0x29/0x2d0 [ 488.800693][T13410] ? __pfx_sysvipc_proc_open+0x10/0x10 [ 488.800726][T13410] proc_reg_open+0x119/0x610 [ 488.800763][T13410] do_dentry_open+0x741/0x1c10 [ 488.800799][T13410] ? __pfx_proc_reg_open+0x10/0x10 [ 488.800840][T13410] vfs_open+0x82/0x3f0 [ 488.800868][T13410] path_openat+0x1de4/0x2cb0 [ 488.800913][T13410] ? __pfx_path_openat+0x10/0x10 [ 488.800949][T13410] ? __lock_acquire+0xb8a/0x1c90 [ 488.800986][T13410] do_filp_open+0x20b/0x470 [ 488.801021][T13410] ? __pfx_do_filp_open+0x10/0x10 [ 488.801082][T13410] ? alloc_fd+0x471/0x7d0 [ 488.801123][T13410] do_sys_openat2+0x11b/0x1d0 [ 488.801149][T13410] ? __pfx_do_sys_openat2+0x10/0x10 [ 488.801187][T13410] __x64_sys_openat+0x174/0x210 [ 488.801214][T13410] ? __pfx___x64_sys_openat+0x10/0x10 [ 488.801254][T13410] do_syscall_64+0xcd/0x490 [ 488.801292][T13410] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 488.801316][T13410] RIP: 0033:0x7f3f0938e929 [ 488.801335][T13410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 488.801360][T13410] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 488.801383][T13410] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 488.801398][T13410] RDX: 0000000000000082 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 488.801413][T13410] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 488.801428][T13410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 488.801482][T13410] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 488.801514][T13410] [ 490.007580][T13432] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2942'. [ 490.433815][T13439] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2945'. [ 492.020376][T13467] netlink: 'syz.1.2955': attribute type 1 has an invalid length. [ 493.837761][T13499] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2965'. [ 494.278938][T13508] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 497.907859][T13574] mkiss: ax0: crc mode is auto. [ 498.350356][T13585] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2998'. [ 499.782867][T13614] FAULT_INJECTION: forcing a failure. [ 499.782867][T13614] name failslab, interval 1, probability 0, space 0, times 0 [ 499.928878][T13614] CPU: 1 UID: 0 PID: 13614 Comm: syz.2.3011 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 499.928915][T13614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 499.928929][T13614] Call Trace: [ 499.928937][T13614] [ 499.928946][T13614] dump_stack_lvl+0x16c/0x1f0 [ 499.928986][T13614] should_fail_ex+0x512/0x640 [ 499.929021][T13614] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 499.929058][T13614] should_failslab+0xc2/0x120 [ 499.929081][T13614] __kmalloc_cache_noprof+0x6a/0x3e0 [ 499.929114][T13614] ? drm_master_create+0x43/0x4d0 [ 499.929149][T13614] drm_master_create+0x43/0x4d0 [ 499.929179][T13614] drm_new_set_master+0xd4/0x440 [ 499.929215][T13614] drm_master_open+0x181/0x1f0 [ 499.929247][T13614] drm_open_helper+0x439/0x550 [ 499.929275][T13614] drm_open+0x1a0/0x3e0 [ 499.929297][T13614] ? __pfx_drm_open+0x10/0x10 [ 499.929319][T13614] drm_stub_open+0x20c/0x380 [ 499.929343][T13614] ? __pfx_drm_stub_open+0x10/0x10 [ 499.929366][T13614] chrdev_open+0x234/0x6a0 [ 499.929402][T13614] ? __pfx_apparmor_file_open+0x10/0x10 [ 499.929433][T13614] ? __pfx_chrdev_open+0x10/0x10 [ 499.929472][T13614] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 499.929510][T13614] do_dentry_open+0x741/0x1c10 [ 499.929547][T13614] ? __pfx_chrdev_open+0x10/0x10 [ 499.929591][T13614] vfs_open+0x82/0x3f0 [ 499.929619][T13614] path_openat+0x1de4/0x2cb0 [ 499.929663][T13614] ? __pfx_path_openat+0x10/0x10 [ 499.929700][T13614] ? __lock_acquire+0xb8a/0x1c90 [ 499.929744][T13614] do_filp_open+0x20b/0x470 [ 499.929780][T13614] ? __pfx_do_filp_open+0x10/0x10 [ 499.929840][T13614] ? alloc_fd+0x471/0x7d0 [ 499.929881][T13614] do_sys_openat2+0x11b/0x1d0 [ 499.929907][T13614] ? __pfx_do_sys_openat2+0x10/0x10 [ 499.929946][T13614] __x64_sys_openat+0x174/0x210 [ 499.929973][T13614] ? __pfx___x64_sys_openat+0x10/0x10 [ 499.930013][T13614] do_syscall_64+0xcd/0x490 [ 499.930051][T13614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.930076][T13614] RIP: 0033:0x7f1ad5d8e929 [ 499.930094][T13614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.930117][T13614] RSP: 002b:00007f1ad6b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 499.930138][T13614] RAX: ffffffffffffffda RBX: 00007f1ad5fb6080 RCX: 00007f1ad5d8e929 [ 499.930154][T13614] RDX: 0000000000040000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 499.930169][T13614] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 499.930183][T13614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 499.930198][T13614] R13: 0000000000000000 R14: 00007f1ad5fb6080 R15: 00007ffeaf460af8 [ 499.930228][T13614] [ 500.229000][ C1] vkms_vblank_simulate: vblank timer overrun [ 500.392159][T13622] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3014'. [ 500.762467][T13630] netlink: 'syz.2.3018': attribute type 8 has an invalid length. [ 500.804207][T13630] netlink: 'syz.2.3018': attribute type 8 has an invalid length. [ 501.088522][T13635] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3020'. [ 501.109107][T13637] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3021'. [ 501.165921][T13635] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3020'. [ 501.217635][T13635] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3020'. [ 501.240261][T13640] FAULT_INJECTION: forcing a failure. [ 501.240261][T13640] name failslab, interval 1, probability 0, space 0, times 0 [ 501.329088][T13640] CPU: 1 UID: 0 PID: 13640 Comm: syz.3.3022 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 501.329126][T13640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 501.329140][T13640] Call Trace: [ 501.329148][T13640] [ 501.329157][T13640] dump_stack_lvl+0x16c/0x1f0 [ 501.329197][T13640] should_fail_ex+0x512/0x640 [ 501.329236][T13640] ? __kmalloc_noprof+0xbf/0x510 [ 501.329274][T13640] ? fib_default_rule_add+0x4f/0x420 [ 501.329310][T13640] should_failslab+0xc2/0x120 [ 501.329333][T13640] __kmalloc_noprof+0xd2/0x510 [ 501.329368][T13640] ? lockdep_init_map_type+0x5c/0x280 [ 501.329409][T13640] fib_default_rule_add+0x4f/0x420 [ 501.329447][T13640] ? __pfx_ipmr_net_init+0x10/0x10 [ 501.329472][T13640] ipmr_net_init+0x1ee/0x4e0 [ 501.329496][T13640] ? __pfx_ipmr_net_init+0x10/0x10 [ 501.329520][T13640] ops_init+0x1e2/0x5f0 [ 501.329560][T13640] setup_net+0x1ff/0x510 [ 501.329596][T13640] ? lockdep_init_map_type+0x5c/0x280 [ 501.329630][T13640] ? __pfx_setup_net+0x10/0x10 [ 501.329670][T13640] ? debug_mutex_init+0x37/0x70 [ 501.329706][T13640] copy_net_ns+0x2a6/0x5f0 [ 501.329733][T13640] create_new_namespaces+0x3ea/0xa90 [ 501.329769][T13640] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 501.329800][T13640] ksys_unshare+0x45b/0xa40 [ 501.329834][T13640] ? __pfx_ksys_unshare+0x10/0x10 [ 501.329868][T13640] ? xfd_validate_state+0x61/0x180 [ 501.329910][T13640] __x64_sys_unshare+0x31/0x40 [ 501.329942][T13640] do_syscall_64+0xcd/0x490 [ 501.329981][T13640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.330005][T13640] RIP: 0033:0x7fd14958e929 [ 501.330023][T13640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.330046][T13640] RSP: 002b:00007fd14a43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 501.330068][T13640] RAX: ffffffffffffffda RBX: 00007fd1497b5fa0 RCX: 00007fd14958e929 [ 501.330084][T13640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 501.330098][T13640] RBP: 00007fd149610b39 R08: 0000000000000000 R09: 0000000000000000 [ 501.330112][T13640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.330126][T13640] R13: 0000000000000000 R14: 00007fd1497b5fa0 R15: 00007ffd13d1e048 [ 501.330157][T13640] [ 501.586292][ C1] vkms_vblank_simulate: vblank timer overrun [ 502.471911][T13659] udevd[13659]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Exec format error [ 503.059780][T13665] FAULT_INJECTION: forcing a failure. [ 503.059780][T13665] name failslab, interval 1, probability 0, space 0, times 0 [ 503.144164][T13665] CPU: 1 UID: 0 PID: 13665 Comm: syz.0.3031 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 503.144200][T13665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 503.144215][T13665] Call Trace: [ 503.144222][T13665] [ 503.144232][T13665] dump_stack_lvl+0x16c/0x1f0 [ 503.144271][T13665] should_fail_ex+0x512/0x640 [ 503.144306][T13665] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 503.144342][T13665] should_failslab+0xc2/0x120 [ 503.144365][T13665] __kmalloc_cache_noprof+0x6a/0x3e0 [ 503.144398][T13665] ? sctp_auth_shkey_create+0x9e/0x210 [ 503.144427][T13665] sctp_auth_shkey_create+0x9e/0x210 [ 503.144452][T13665] sctp_endpoint_new+0x562/0xcd0 [ 503.144480][T13665] sctp_init_sock+0xe2d/0x1330 [ 503.144517][T13665] ? sock_init_data_uid+0x7f6/0xa00 [ 503.144547][T13665] ? __pfx_sctp_init_sock+0x10/0x10 [ 503.144592][T13665] inet_create+0x939/0x1090 [ 503.144625][T13665] ? inet_create+0x93/0x1090 [ 503.144661][T13665] __sock_create+0x338/0x8d0 [ 503.144693][T13665] __sys_socket+0x14d/0x260 [ 503.144721][T13665] ? __pfx___sys_socket+0x10/0x10 [ 503.144748][T13665] ? xfd_validate_state+0x61/0x180 [ 503.144780][T13665] ? __pfx_do_writev+0x10/0x10 [ 503.144817][T13665] __x64_sys_socket+0x72/0xb0 [ 503.144844][T13665] ? lockdep_hardirqs_on+0x7c/0x110 [ 503.144878][T13665] do_syscall_64+0xcd/0x490 [ 503.144916][T13665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.144940][T13665] RIP: 0033:0x7f022a78e929 [ 503.144958][T13665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.144982][T13665] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 503.145003][T13665] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 503.145019][T13665] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002 [ 503.145033][T13665] RBP: 00007f022a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 503.145052][T13665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 503.145066][T13665] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 503.145095][T13665] [ 503.380910][ C1] vkms_vblank_simulate: vblank timer overrun [ 504.092781][T13676] netlink: 'syz.1.3035': attribute type 22 has an invalid length. [ 504.126137][T13676] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3035'. [ 504.715879][T13687] FAULT_INJECTION: forcing a failure. [ 504.715879][T13687] name failslab, interval 1, probability 0, space 0, times 0 [ 504.815977][T13687] CPU: 1 UID: 0 PID: 13687 Comm: syz.1.3040 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 504.816013][T13687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 504.816027][T13687] Call Trace: [ 504.816035][T13687] [ 504.816044][T13687] dump_stack_lvl+0x16c/0x1f0 [ 504.816085][T13687] should_fail_ex+0x512/0x640 [ 504.816119][T13687] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 504.816163][T13687] should_failslab+0xc2/0x120 [ 504.816186][T13687] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 504.816225][T13687] ? kfree+0x24f/0x4d0 [ 504.816254][T13687] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 504.816296][T13687] krealloc_noprof+0x156/0x370 [ 504.816331][T13687] ? krealloc_noprof+0x1b1/0x370 [ 504.816370][T13687] snd_pcm_hw_rule_add+0x414/0x5a0 [ 504.816407][T13687] ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10 [ 504.816447][T13687] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 504.816491][T13687] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 504.816530][T13687] ? lockdep_init_map_type+0x5c/0x280 [ 504.816568][T13687] ? debug_mutex_init+0x37/0x70 [ 504.816593][T13687] ? snd_pcm_attach_substream+0x89d/0xd60 [ 504.816630][T13687] snd_pcm_open_substream+0x92c/0x17f0 [ 504.816664][T13687] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 504.816704][T13687] snd_pcm_oss_open+0x735/0x1400 [ 504.816740][T13687] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 504.816766][T13687] ? __lock_acquire+0xb8a/0x1c90 [ 504.816799][T13687] ? __pfx_default_wake_function+0x10/0x10 [ 504.816831][T13687] ? __lock_acquire+0xb8a/0x1c90 [ 504.816870][T13687] ? do_raw_spin_lock+0x12c/0x2b0 [ 504.816911][T13687] ? soundcore_open+0x35a/0x580 [ 504.816949][T13687] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 504.816974][T13687] soundcore_open+0x409/0x580 [ 504.817013][T13687] ? __pfx_soundcore_open+0x10/0x10 [ 504.817049][T13687] chrdev_open+0x234/0x6a0 [ 504.817086][T13687] ? __pfx_apparmor_file_open+0x10/0x10 [ 504.817118][T13687] ? __pfx_chrdev_open+0x10/0x10 [ 504.817158][T13687] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 504.817196][T13687] do_dentry_open+0x741/0x1c10 [ 504.817233][T13687] ? __pfx_chrdev_open+0x10/0x10 [ 504.817277][T13687] vfs_open+0x82/0x3f0 [ 504.817306][T13687] path_openat+0x1de4/0x2cb0 [ 504.817351][T13687] ? __pfx_path_openat+0x10/0x10 [ 504.817388][T13687] ? __lock_acquire+0xb8a/0x1c90 [ 504.817424][T13687] do_filp_open+0x20b/0x470 [ 504.817465][T13687] ? __pfx_do_filp_open+0x10/0x10 [ 504.817522][T13687] ? alloc_fd+0x471/0x7d0 [ 504.817562][T13687] do_sys_openat2+0x11b/0x1d0 [ 504.817588][T13687] ? __pfx_do_sys_openat2+0x10/0x10 [ 504.817627][T13687] __x64_sys_openat+0x174/0x210 [ 504.817655][T13687] ? __pfx___x64_sys_openat+0x10/0x10 [ 504.817695][T13687] do_syscall_64+0xcd/0x490 [ 504.817734][T13687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.817759][T13687] RIP: 0033:0x7f3f0938e929 [ 504.817777][T13687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 504.817801][T13687] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 504.817824][T13687] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 504.817839][T13687] RDX: 0000000000020342 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 504.817854][T13687] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 504.817869][T13687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 504.817882][T13687] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 504.817912][T13687] [ 505.197006][ C1] vkms_vblank_simulate: vblank timer overrun [ 506.926144][T13717] Process accounting resumed [ 507.700286][T13732] netlink: 'syz.0.3059': attribute type 1 has an invalid length. [ 507.759823][T13732] netlink: 306 bytes leftover after parsing attributes in process `syz.0.3059'. [ 507.850565][T13736] FAULT_INJECTION: forcing a failure. [ 507.850565][T13736] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 507.899813][T13735] FAULT_INJECTION: forcing a failure. [ 507.899813][T13735] name failslab, interval 1, probability 0, space 0, times 0 [ 507.914171][T13735] CPU: 1 UID: 0 PID: 13735 Comm: syz.1.3060 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 507.914208][T13735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 507.914224][T13735] Call Trace: [ 507.914231][T13735] [ 507.914262][T13735] dump_stack_lvl+0x16c/0x1f0 [ 507.914304][T13735] should_fail_ex+0x512/0x640 [ 507.914344][T13735] should_failslab+0xc2/0x120 [ 507.914368][T13735] __kmalloc_cache_noprof+0x6a/0x3e0 [ 507.914402][T13735] ? tipc_nametbl_insert_publ+0x700/0x1720 [ 507.914444][T13735] tipc_nametbl_insert_publ+0x700/0x1720 [ 507.914485][T13735] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 507.914523][T13735] ? net_generic+0xea/0x2a0 [ 507.914564][T13735] tipc_nametbl_publish+0x137/0x280 [ 507.914607][T13735] tipc_sk_publish+0x1d8/0x430 [ 507.914630][T13735] ? __pfx_tipc_sk_publish+0x10/0x10 [ 507.914655][T13735] ? __local_bh_enable_ip+0xa4/0x120 [ 507.914688][T13735] tipc_sk_bind+0x16f/0x380 [ 507.914712][T13735] tipc_bind+0x190/0x2a0 [ 507.914736][T13735] __sys_bind+0x1a7/0x260 [ 507.914766][T13735] ? __pfx___sys_bind+0x10/0x10 [ 507.914805][T13735] ? xfd_validate_state+0x61/0x180 [ 507.914837][T13735] ? __pfx_do_writev+0x10/0x10 [ 507.914875][T13735] __x64_sys_bind+0x72/0xb0 [ 507.914902][T13735] ? lockdep_hardirqs_on+0x7c/0x110 [ 507.914936][T13735] do_syscall_64+0xcd/0x490 [ 507.914974][T13735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.914998][T13735] RIP: 0033:0x7f3f0938e929 [ 507.915018][T13735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.915041][T13735] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 507.915063][T13735] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 507.915079][T13735] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000005 [ 507.915094][T13735] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 507.915109][T13735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.915123][T13735] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 507.915153][T13735] [ 507.915163][T13735] tipc: Failed to bind to 65,0,0 [ 508.177864][T13736] CPU: 1 UID: 0 PID: 13736 Comm: syz.3.3061 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 508.177901][T13736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 508.177916][T13736] Call Trace: [ 508.177924][T13736] [ 508.177934][T13736] dump_stack_lvl+0x16c/0x1f0 [ 508.177975][T13736] should_fail_ex+0x512/0x640 [ 508.178015][T13736] should_fail_alloc_page+0xe7/0x130 [ 508.178041][T13736] prepare_alloc_pages+0x3c2/0x610 [ 508.178074][T13736] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 508.178111][T13736] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 508.178156][T13736] ? __lock_acquire+0x622/0x1c90 [ 508.178193][T13736] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 508.178271][T13736] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 508.178314][T13736] ? look_up_lock_class+0x6b/0x150 [ 508.178360][T13736] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 508.178400][T13736] ? policy_nodemask+0xea/0x4e0 [ 508.178425][T13736] alloc_pages_mpol+0x1fb/0x550 [ 508.178449][T13736] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 508.178471][T13736] ? do_raw_spin_lock+0x12c/0x2b0 [ 508.178511][T13736] ? find_held_lock+0x2b/0x80 [ 508.178540][T13736] alloc_pages_noprof+0x131/0x390 [ 508.178564][T13736] __pmd_alloc+0x3b/0x930 [ 508.178589][T13736] ? __pud_alloc+0x526/0x750 [ 508.178618][T13736] copy_page_range+0x2419/0x5740 [ 508.178650][T13736] ? dup_mmap+0x152e/0x21d0 [ 508.178677][T13736] ? copy_process+0x4081/0x7650 [ 508.178706][T13736] ? kernel_clone+0xfc/0x960 [ 508.178734][T13736] ? __do_sys_clone+0xce/0x120 [ 508.178768][T13736] ? __lock_acquire+0x622/0x1c90 [ 508.178823][T13736] ? __pfx_copy_page_range+0x10/0x10 [ 508.178855][T13736] ? mas_store+0x7a9/0x1160 [ 508.178879][T13736] ? find_held_lock+0x2b/0x80 [ 508.178904][T13736] ? __pfx_mas_store+0x10/0x10 [ 508.178924][T13736] ? __vma_enter_locked+0x163/0x3f0 [ 508.178972][T13736] dup_mmap+0xe88/0x21d0 [ 508.179012][T13736] ? __pfx_dup_mmap+0x10/0x10 [ 508.179064][T13736] copy_process+0x4081/0x7650 [ 508.179096][T13736] ? __pfx___futex_wait+0x10/0x10 [ 508.179129][T13736] ? stack_depot_save_flags+0x28/0xa40 [ 508.179176][T13736] ? __pfx_copy_process+0x10/0x10 [ 508.179218][T13736] ? __futex_hash.constprop.0+0x1e9/0x440 [ 508.179258][T13736] kernel_clone+0xfc/0x960 [ 508.179291][T13736] ? __pfx_kernel_clone+0x10/0x10 [ 508.179339][T13736] ? 0xffffffffff600000 [ 508.179356][T13736] __do_sys_clone+0xce/0x120 [ 508.179386][T13736] ? __pfx___do_sys_clone+0x10/0x10 [ 508.179421][T13736] ? 0xffffffffff600000 [ 508.179448][T13736] ? xfd_validate_state+0x61/0x180 [ 508.179481][T13736] ? __pfx___x64_sys_mount+0x10/0x10 [ 508.179530][T13736] do_syscall_64+0xcd/0x490 [ 508.179568][T13736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.179593][T13736] RIP: 0033:0x7fd14958e929 [ 508.179611][T13736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.179635][T13736] RSP: 002b:00007fd14a43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 508.179657][T13736] RAX: ffffffffffffffda RBX: 00007fd1497b5fa0 RCX: 00007fd14958e929 [ 508.179673][T13736] RDX: ffffffffffffffff RSI: 0000000000000005 RDI: 0000000000000004 [ 508.179688][T13736] RBP: 00007fd149610b39 R08: 0000100000000006 R09: 0000000000000000 [ 508.179703][T13736] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000 [ 508.179717][T13736] R13: 0000000000000000 R14: 00007fd1497b5fa0 R15: 00007ffd13d1e048 [ 508.179738][T13736] ? 0xffffffffff600000 [ 508.179763][T13736] [ 509.395372][T13752] FAULT_INJECTION: forcing a failure. [ 509.395372][T13752] name failslab, interval 1, probability 0, space 0, times 0 [ 509.446842][T13752] CPU: 1 UID: 0 PID: 13752 Comm: syz.0.3068 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 509.446879][T13752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 509.446894][T13752] Call Trace: [ 509.446902][T13752] [ 509.446911][T13752] dump_stack_lvl+0x16c/0x1f0 [ 509.446951][T13752] should_fail_ex+0x512/0x640 [ 509.446986][T13752] ? __kmalloc_noprof+0xbf/0x510 [ 509.447024][T13752] ? lsm_blob_alloc+0x68/0x90 [ 509.447060][T13752] should_failslab+0xc2/0x120 [ 509.447082][T13752] __kmalloc_noprof+0xd2/0x510 [ 509.447124][T13752] lsm_blob_alloc+0x68/0x90 [ 509.447168][T13752] security_sk_alloc+0x30/0x270 [ 509.447195][T13752] sk_prot_alloc+0xfb/0x2a0 [ 509.447223][T13752] sk_alloc+0x36/0xc20 [ 509.447257][T13752] inet_create+0x3a1/0x1090 [ 509.447290][T13752] ? inet_create+0x93/0x1090 [ 509.447326][T13752] __sock_create+0x338/0x8d0 [ 509.447361][T13752] smc_create_clcsk+0x37/0xd0 [ 509.447391][T13752] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 509.447431][T13752] inet_create+0x939/0x1090 [ 509.447462][T13752] ? inet_create+0x93/0x1090 [ 509.447498][T13752] __sock_create+0x338/0x8d0 [ 509.447530][T13752] __sys_socket+0x14d/0x260 [ 509.447558][T13752] ? __pfx___sys_socket+0x10/0x10 [ 509.447586][T13752] ? xfd_validate_state+0x61/0x180 [ 509.447618][T13752] ? __pfx_do_writev+0x10/0x10 [ 509.447656][T13752] __x64_sys_socket+0x72/0xb0 [ 509.447682][T13752] ? lockdep_hardirqs_on+0x7c/0x110 [ 509.447716][T13752] do_syscall_64+0xcd/0x490 [ 509.447754][T13752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.447779][T13752] RIP: 0033:0x7f022a78e929 [ 509.447798][T13752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.447821][T13752] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 509.447844][T13752] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 509.447860][T13752] RDX: 0000000000000100 RSI: 0000000000000801 RDI: 0000000000000002 [ 509.447874][T13752] RBP: 00007f022a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 509.447888][T13752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 509.447902][T13752] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 509.447931][T13752] [ 510.289739][T13766] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3073'. [ 510.372942][T13766] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3073'. [ 510.950322][T13768] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 511.505123][T13791] Process accounting resumed [ 511.926661][T13801] netlink: 'syz.3.3086': attribute type 4 has an invalid length. [ 512.026469][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.035968][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 513.157199][T13824] netlink: 322 bytes leftover after parsing attributes in process `syz.0.3097'. [ 513.408716][T13830] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3099'. [ 513.690656][T13834] sd 0:0:1:0: PR command failed: 1026 [ 513.696682][T13834] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 513.765655][T13834] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 513.955308][T13840] netlink: 'syz.1.3104': attribute type 2 has an invalid length. [ 514.060416][T13844] udevd[13844]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Exec format error [ 515.170754][T13858] udevd[13858]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Exec format error [ 515.322207][T13860] Console: switching to colour VGA+ 80x25 [ 515.564834][T13835] syz.0.3102 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 515.682824][T13863] Console: switching to colour frame buffer device 128x48 [ 516.777912][T13891] mkiss: ax0: crc mode is auto. [ 518.757664][T13909] raw_sendmsg: syz.0.3127 forgot to set AF_INET. Fix it! [ 519.693038][T13933] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3135'. [ 519.746761][T13935] netlink: 'syz.0.3136': attribute type 28 has an invalid length. [ 519.798527][T13935] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3136'. [ 520.056747][T13940] serio: Serial port pty238 [ 522.425773][T13983] ovs_: entered promiscuous mode [ 522.942252][T13994] udevd[13994]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Exec format error [ 524.182919][T14017] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3167'. [ 525.632353][T14038] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3175'. [ 527.088641][T14060] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3184'. [ 528.892316][T14090] FAULT_INJECTION: forcing a failure. [ 528.892316][T14090] name failslab, interval 1, probability 0, space 0, times 0 [ 528.971046][T14090] CPU: 1 UID: 0 PID: 14090 Comm: syz.1.3197 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 528.971084][T14090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 528.971099][T14090] Call Trace: [ 528.971107][T14090] [ 528.971117][T14090] dump_stack_lvl+0x16c/0x1f0 [ 528.971158][T14090] should_fail_ex+0x512/0x640 [ 528.971193][T14090] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 528.971228][T14090] ? __pfx_debugfs_atomic_t_get+0x10/0x10 [ 528.971261][T14090] should_failslab+0xc2/0x120 [ 528.971283][T14090] __kmalloc_cache_noprof+0x6a/0x3e0 [ 528.971314][T14090] ? __debugfs_file_get+0x1fe/0x840 [ 528.971335][T14090] ? simple_attr_open+0x57/0x1c0 [ 528.971368][T14090] ? __pfx_debugfs_atomic_t_set+0x10/0x10 [ 528.971401][T14090] ? __pfx_debugfs_atomic_t_get+0x10/0x10 [ 528.971434][T14090] simple_attr_open+0x57/0x1c0 [ 528.971463][T14090] ? __pfx_fops_atomic_t_open+0x10/0x10 [ 528.971502][T14090] open_proxy_open+0x272/0x3e0 [ 528.971531][T14090] do_dentry_open+0x741/0x1c10 [ 528.971567][T14090] ? __pfx_open_proxy_open+0x10/0x10 [ 528.971599][T14090] vfs_open+0x82/0x3f0 [ 528.971628][T14090] path_openat+0x1de4/0x2cb0 [ 528.971673][T14090] ? __pfx_path_openat+0x10/0x10 [ 528.971709][T14090] ? __lock_acquire+0xb8a/0x1c90 [ 528.971745][T14090] do_filp_open+0x20b/0x470 [ 528.971780][T14090] ? __pfx_do_filp_open+0x10/0x10 [ 528.971835][T14090] ? alloc_fd+0x471/0x7d0 [ 528.971875][T14090] do_sys_openat2+0x11b/0x1d0 [ 528.971908][T14090] ? __pfx_do_sys_openat2+0x10/0x10 [ 528.971947][T14090] __x64_sys_openat+0x174/0x210 [ 528.971975][T14090] ? __pfx___x64_sys_openat+0x10/0x10 [ 528.972014][T14090] do_syscall_64+0xcd/0x490 [ 528.972053][T14090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.972077][T14090] RIP: 0033:0x7f3f0938e929 [ 528.972095][T14090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.972119][T14090] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 528.972141][T14090] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 528.972157][T14090] RDX: 0000000000000002 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 528.972172][T14090] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 528.972187][T14090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.972201][T14090] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 528.972231][T14090] [ 529.977835][T14106] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3203'. [ 530.508080][T14110] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3205'. [ 530.554992][T14110] bridge0: entered promiscuous mode [ 530.973990][T14121] FAULT_INJECTION: forcing a failure. [ 530.973990][T14121] name failslab, interval 1, probability 0, space 0, times 0 [ 531.041119][T14121] CPU: 1 UID: 0 PID: 14121 Comm: syz.1.3210 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 531.041156][T14121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 531.041172][T14121] Call Trace: [ 531.041180][T14121] [ 531.041190][T14121] dump_stack_lvl+0x16c/0x1f0 [ 531.041232][T14121] should_fail_ex+0x512/0x640 [ 531.041267][T14121] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 531.041307][T14121] should_failslab+0xc2/0x120 [ 531.041329][T14121] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 531.041365][T14121] ? __proc_create+0xc3/0x8c0 [ 531.041401][T14121] ? __proc_create+0x2ce/0x8c0 [ 531.041442][T14121] __proc_create+0x2ce/0x8c0 [ 531.041481][T14121] ? __pfx___proc_create+0x10/0x10 [ 531.041530][T14121] _proc_mkdir+0xb9/0x200 [ 531.041551][T14121] ? __pfx__proc_mkdir+0x10/0x10 [ 531.041572][T14121] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 531.041615][T14121] proc_net_ns_init+0x265/0x410 [ 531.041638][T14121] ? __pfx_proc_net_ns_init+0x10/0x10 [ 531.041659][T14121] ops_init+0x1e2/0x5f0 [ 531.041700][T14121] setup_net+0x1ff/0x510 [ 531.041735][T14121] ? lockdep_init_map_type+0x5c/0x280 [ 531.041786][T14121] ? __pfx_setup_net+0x10/0x10 [ 531.041826][T14121] ? debug_mutex_init+0x37/0x70 [ 531.041854][T14121] copy_net_ns+0x2a6/0x5f0 [ 531.041881][T14121] create_new_namespaces+0x3ea/0xa90 [ 531.041915][T14121] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 531.041946][T14121] ksys_unshare+0x45b/0xa40 [ 531.041979][T14121] ? __pfx_ksys_unshare+0x10/0x10 [ 531.042014][T14121] ? xfd_validate_state+0x61/0x180 [ 531.042054][T14121] __x64_sys_unshare+0x31/0x40 [ 531.042087][T14121] do_syscall_64+0xcd/0x490 [ 531.042126][T14121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.042149][T14121] RIP: 0033:0x7f3f0938e929 [ 531.042168][T14121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 531.042192][T14121] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 531.042215][T14121] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 531.042231][T14121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 531.042245][T14121] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 531.042259][T14121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 531.042273][T14121] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 531.042303][T14121] [ 532.069984][ T5854] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 532.080129][ T5854] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 534.054165][T14167] FAULT_INJECTION: forcing a failure. [ 534.054165][T14167] name failslab, interval 1, probability 0, space 0, times 0 [ 534.163686][T14167] CPU: 1 UID: 0 PID: 14167 Comm: syz.3.3227 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 534.163722][T14167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 534.163737][T14167] Call Trace: [ 534.163747][T14167] [ 534.163757][T14167] dump_stack_lvl+0x16c/0x1f0 [ 534.163799][T14167] should_fail_ex+0x512/0x640 [ 534.163834][T14167] ? fs_reclaim_acquire+0xae/0x150 [ 534.163865][T14167] ? tomoyo_encode2+0x100/0x3e0 [ 534.163899][T14167] should_failslab+0xc2/0x120 [ 534.163922][T14167] __kmalloc_noprof+0xd2/0x510 [ 534.163965][T14167] tomoyo_encode2+0x100/0x3e0 [ 534.164002][T14167] tomoyo_encode+0x29/0x50 [ 534.164033][T14167] tomoyo_path_perm+0x3a5/0x460 [ 534.164063][T14167] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 534.164105][T14167] ? d_add+0x47a/0x780 [ 534.164140][T14167] ? __pfx_current_check_access_path+0x10/0x10 [ 534.164171][T14167] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 534.164198][T14167] ? lookup_dcache+0x66/0x170 [ 534.164238][T14167] tomoyo_path_symlink+0x97/0xe0 [ 534.164276][T14167] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 534.164312][T14167] ? find_held_lock+0x2b/0x80 [ 534.164338][T14167] ? __might_fault+0xe3/0x190 [ 534.164378][T14167] security_path_symlink+0x152/0x2e0 [ 534.164406][T14167] do_symlinkat+0x10d/0x310 [ 534.164445][T14167] ? __pfx_do_symlinkat+0x10/0x10 [ 534.164483][T14167] ? getname_flags.part.0+0x1c5/0x550 [ 534.164516][T14167] __x64_sys_symlink+0x75/0x90 [ 534.164555][T14167] do_syscall_64+0xcd/0x490 [ 534.164600][T14167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.164625][T14167] RIP: 0033:0x7fd14958e929 [ 534.164643][T14167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.164666][T14167] RSP: 002b:00007fd14a43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 534.164688][T14167] RAX: ffffffffffffffda RBX: 00007fd1497b5fa0 RCX: 00007fd14958e929 [ 534.164704][T14167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 534.164718][T14167] RBP: 00007fd149610b39 R08: 0000000000000000 R09: 0000000000000000 [ 534.164732][T14167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.164746][T14167] R13: 0000000000000000 R14: 00007fd1497b5fa0 R15: 00007ffd13d1e048 [ 534.164776][T14167] [ 534.984270][T14170] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3228'. [ 535.056076][T14170] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3228'. [ 535.738858][T14179] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3232'. [ 536.079387][T14186] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3235'. [ 536.799084][T14202] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3242'. [ 537.641738][T14211] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 537.688895][T14218] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3249'. [ 537.699161][T14211] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 537.746443][T14201] Process accounting paused [ 539.820934][T14258] netlink: 86 bytes leftover after parsing attributes in process `syz.3.3267'. [ 540.555506][T14273] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3272'. [ 541.273066][T14289] netlink: 'syz.0.3277': attribute type 22 has an invalid length. [ 541.309269][T14289] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3277'. [ 541.464870][T14293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3278'. [ 541.489926][T14292] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3279'. [ 541.539205][T14293] netlink: 9 bytes leftover after parsing attributes in process `syz.2.3278'. [ 541.607651][T14293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3278'. [ 542.523552][T14307] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3286'. [ 543.174086][T14322] i2c i2c-0: delete_device: Can't find device in list [ 544.004603][T14338] serio: Serial port pty238 [ 544.423710][T14346] netlink: 'syz.2.3301': attribute type 27 has an invalid length. [ 544.467173][T14346] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3301'. [ 544.514867][T14347] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3302'. [ 545.470034][T14360] FAULT_INJECTION: forcing a failure. [ 545.470034][T14360] name failslab, interval 1, probability 0, space 0, times 0 [ 545.526459][T14360] CPU: 1 UID: 0 PID: 14360 Comm: syz.2.3307 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 545.526497][T14360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 545.526512][T14360] Call Trace: [ 545.526519][T14360] [ 545.526528][T14360] dump_stack_lvl+0x16c/0x1f0 [ 545.526570][T14360] should_fail_ex+0x512/0x640 [ 545.526606][T14360] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 545.526642][T14360] should_failslab+0xc2/0x120 [ 545.526664][T14360] __kmalloc_cache_noprof+0x6a/0x3e0 [ 545.526697][T14360] ? rcu_is_watching+0x12/0xc0 [ 545.526722][T14360] ? snd_pcm_oss_open+0x5eb/0x1400 [ 545.526750][T14360] snd_pcm_oss_open+0x5eb/0x1400 [ 545.526783][T14360] ? tomoyo_check_open_permission+0x1d8/0x3c0 [ 545.526814][T14360] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 545.526840][T14360] ? __lock_acquire+0xb8a/0x1c90 [ 545.526873][T14360] ? __pfx_default_wake_function+0x10/0x10 [ 545.526911][T14360] ? __lock_acquire+0xb8a/0x1c90 [ 545.526951][T14360] ? do_raw_spin_lock+0x12c/0x2b0 [ 545.526992][T14360] ? soundcore_open+0x35a/0x580 [ 545.527030][T14360] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 545.527056][T14360] soundcore_open+0x409/0x580 [ 545.527095][T14360] ? __pfx_soundcore_open+0x10/0x10 [ 545.527131][T14360] chrdev_open+0x234/0x6a0 [ 545.527168][T14360] ? __pfx_apparmor_file_open+0x10/0x10 [ 545.527199][T14360] ? __pfx_chrdev_open+0x10/0x10 [ 545.527239][T14360] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 545.527277][T14360] do_dentry_open+0x741/0x1c10 [ 545.527314][T14360] ? __pfx_chrdev_open+0x10/0x10 [ 545.527361][T14360] vfs_open+0x82/0x3f0 [ 545.527390][T14360] path_openat+0x1de4/0x2cb0 [ 545.527435][T14360] ? __pfx_path_openat+0x10/0x10 [ 545.527472][T14360] ? __lock_acquire+0xb8a/0x1c90 [ 545.527508][T14360] do_filp_open+0x20b/0x470 [ 545.527543][T14360] ? __pfx_do_filp_open+0x10/0x10 [ 545.527600][T14360] ? alloc_fd+0x471/0x7d0 [ 545.527640][T14360] do_sys_openat2+0x11b/0x1d0 [ 545.527667][T14360] ? __pfx_do_sys_openat2+0x10/0x10 [ 545.527705][T14360] __x64_sys_openat+0x174/0x210 [ 545.527733][T14360] ? __pfx___x64_sys_openat+0x10/0x10 [ 545.527772][T14360] do_syscall_64+0xcd/0x490 [ 545.527811][T14360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.527835][T14360] RIP: 0033:0x7f1ad5d8e929 [ 545.527854][T14360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 545.527878][T14360] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 545.527906][T14360] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 545.527922][T14360] RDX: 00000000000a2b40 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 545.527937][T14360] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 545.527951][T14360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 545.527965][T14360] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 545.527995][T14360] [ 545.846436][ C1] vkms_vblank_simulate: vblank timer overrun [ 546.531245][T14364] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 547.514521][T14379] FAULT_INJECTION: forcing a failure. [ 547.514521][T14379] name failslab, interval 1, probability 0, space 0, times 0 [ 547.667149][T14379] CPU: 1 UID: 0 PID: 14379 Comm: syz.2.3313 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 547.667187][T14379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 547.667202][T14379] Call Trace: [ 547.667209][T14379] [ 547.667218][T14379] dump_stack_lvl+0x16c/0x1f0 [ 547.667259][T14379] should_fail_ex+0x512/0x640 [ 547.667295][T14379] ? fs_reclaim_acquire+0xae/0x150 [ 547.667326][T14379] ? tomoyo_init_log+0x1385/0x2140 [ 547.667362][T14379] should_failslab+0xc2/0x120 [ 547.667385][T14379] __kmalloc_noprof+0xd2/0x510 [ 547.667427][T14379] tomoyo_init_log+0x1385/0x2140 [ 547.667476][T14379] ? __pfx_tomoyo_init_log+0x10/0x10 [ 547.667516][T14379] tomoyo_write_log2+0x2f7/0xc10 [ 547.667554][T14379] tomoyo_supervisor+0x15e/0x13b0 [ 547.667598][T14379] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 547.667649][T14379] ? lockdep_hardirqs_on+0x7c/0x110 [ 547.667688][T14379] ? tomoyo_check_path_acl+0xad/0x210 [ 547.667717][T14379] ? tomoyo_check_acl+0x1f7/0x410 [ 547.667745][T14379] tomoyo_path_permission+0x270/0x3b0 [ 547.667775][T14379] tomoyo_check_open_permission+0x37b/0x3c0 [ 547.667806][T14379] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 547.667865][T14379] ? do_raw_spin_lock+0x12c/0x2b0 [ 547.667912][T14379] tomoyo_file_open+0x6b/0x90 [ 547.667952][T14379] security_file_open+0x84/0x1e0 [ 547.667985][T14379] do_dentry_open+0x596/0x1c10 [ 547.668029][T14379] vfs_open+0x82/0x3f0 [ 547.668065][T14379] path_openat+0x1de4/0x2cb0 [ 547.668111][T14379] ? __pfx_path_openat+0x10/0x10 [ 547.668148][T14379] ? __lock_acquire+0xb8a/0x1c90 [ 547.668184][T14379] do_filp_open+0x20b/0x470 [ 547.668220][T14379] ? __pfx_do_filp_open+0x10/0x10 [ 547.668278][T14379] ? alloc_fd+0x471/0x7d0 [ 547.668319][T14379] do_sys_openat2+0x11b/0x1d0 [ 547.668345][T14379] ? __pfx_do_sys_openat2+0x10/0x10 [ 547.668384][T14379] __x64_sys_openat+0x174/0x210 [ 547.668411][T14379] ? __pfx___x64_sys_openat+0x10/0x10 [ 547.668451][T14379] do_syscall_64+0xcd/0x490 [ 547.668490][T14379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.668514][T14379] RIP: 0033:0x7f1ad5d8e929 [ 547.668533][T14379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.668557][T14379] RSP: 002b:00007f1ad6b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 547.668579][T14379] RAX: ffffffffffffffda RBX: 00007f1ad5fb6080 RCX: 00007f1ad5d8e929 [ 547.668595][T14379] RDX: 0000000000040000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 547.668610][T14379] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 547.668624][T14379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.668639][T14379] R13: 0000000000000000 R14: 00007f1ad5fb6080 R15: 00007ffeaf460af8 [ 547.668668][T14379] [ 547.969884][ C1] vkms_vblank_simulate: vblank timer overrun [ 548.364234][T14383] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3315'. [ 548.806301][T14383] hsr_slave_0: left promiscuous mode [ 548.823670][T14383] hsr_slave_1: left promiscuous mode [ 550.398955][T14410] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3323'. [ 551.740461][ T30] audit: type=1326 audit(4294967414.740:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14425 comm="syz.3.3332" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd14958e929 code=0x0 [ 551.872982][T14432] __vm_enough_memory: pid: 14432, comm: syz.0.3333, bytes: 4398046511104 not enough memory for the allocation [ 552.082491][T14436] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3334'. [ 553.057129][T14450] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3339'. [ 553.708967][T14459] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3342'. [ 554.795944][T14480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3351'. [ 554.857166][T14480] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3351'. [ 555.311749][T14487] FAULT_INJECTION: forcing a failure. [ 555.311749][T14487] name failslab, interval 1, probability 0, space 0, times 0 [ 555.495423][T14487] CPU: 1 UID: 0 PID: 14487 Comm: syz.2.3352 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 555.495459][T14487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 555.495474][T14487] Call Trace: [ 555.495482][T14487] [ 555.495491][T14487] dump_stack_lvl+0x16c/0x1f0 [ 555.495534][T14487] should_fail_ex+0x512/0x640 [ 555.495569][T14487] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 555.495610][T14487] should_failslab+0xc2/0x120 [ 555.495633][T14487] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 555.495671][T14487] ? __d_alloc+0x31/0xaa0 [ 555.495711][T14487] __d_alloc+0x31/0xaa0 [ 555.495751][T14487] d_alloc_pseudo+0x1c/0xc0 [ 555.495777][T14487] alloc_file_pseudo+0xcf/0x230 [ 555.495805][T14487] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 555.495839][T14487] __shmem_file_setup+0x1a3/0x330 [ 555.495874][T14487] shmem_zero_setup+0x93/0x1a0 [ 555.495912][T14487] __mmap_region+0x1ece/0x25e0 [ 555.495952][T14487] ? __pfx___mmap_region+0x10/0x10 [ 555.495987][T14487] ? find_held_lock+0x2b/0x80 [ 555.496018][T14487] ? finish_task_switch.isra.0+0x221/0xc10 [ 555.496044][T14487] ? lockdep_hardirqs_on+0x7c/0x110 [ 555.496078][T14487] ? finish_task_switch.isra.0+0x221/0xc10 [ 555.496105][T14487] ? rcu_is_watching+0x12/0xc0 [ 555.496130][T14487] ? trace_sched_exit_tp+0xde/0x130 [ 555.496160][T14487] ? __schedule+0x1181/0x5de0 [ 555.496238][T14487] ? trace_cap_capable+0x18d/0x200 [ 555.496270][T14487] mmap_region+0x1ab/0x3f0 [ 555.496313][T14487] ? __get_unmapped_area+0x267/0x440 [ 555.496344][T14487] do_mmap+0xa3e/0x1210 [ 555.496376][T14487] ? __pfx_do_mmap+0x10/0x10 [ 555.496403][T14487] ? __pfx_down_write_killable+0x10/0x10 [ 555.496437][T14487] vm_mmap_pgoff+0x281/0x450 [ 555.496467][T14487] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 555.496498][T14487] ? __x64_sys_futex+0x1e0/0x4c0 [ 555.496526][T14487] ? __x64_sys_futex+0x1e9/0x4c0 [ 555.496559][T14487] ksys_mmap_pgoff+0x7d/0x5c0 [ 555.496584][T14487] ? xfd_validate_state+0x61/0x180 [ 555.496615][T14487] ? __pfx_do_writev+0x10/0x10 [ 555.496650][T14487] __x64_sys_mmap+0x125/0x190 [ 555.496688][T14487] do_syscall_64+0xcd/0x490 [ 555.496727][T14487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.496751][T14487] RIP: 0033:0x7f1ad5d8e929 [ 555.496770][T14487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 555.496794][T14487] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 555.496816][T14487] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 555.496832][T14487] RDX: 00004000000000df RSI: 0000000000000100 RDI: 0000000000000000 [ 555.496846][T14487] RBP: 00007f1ad5e10b39 R08: 0000000000000401 R09: 0000000000008000 [ 555.496861][T14487] R10: 0000080000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 555.496875][T14487] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 555.496904][T14487] [ 556.216416][T14493] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3357'. [ 556.798019][T14503] misc userio: The device must be registered before sending interrupts [ 556.899830][T14508] random: crng reseeded on system resumption [ 557.015620][T14509] : renamed from gre0 (while UP) [ 557.573431][T14520] netlink: 'syz.1.3367': attribute type 4 has an invalid length. [ 558.209993][T14525] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3370'. [ 558.388540][T14525] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3370'. [ 560.996028][T14565] random: crng reseeded on system resumption [ 561.846205][T14575] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3389'. [ 561.897779][T14575] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3389'. [ 561.982663][T14580] netlink: 'syz.1.3391': attribute type 29 has an invalid length. [ 562.089687][T14580] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3391'. [ 562.963958][T14591] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3395'. [ 563.051150][T14594] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3395'. [ 563.170186][T14594] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3395'. [ 567.792835][T14655] netlink: 'syz.0.3418': attribute type 14 has an invalid length. [ 567.847577][T14655] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3418'. [ 568.295535][T14659] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3419'. [ 568.813685][T14642] Process accounting resumed [ 569.405618][T14670] FAULT_INJECTION: forcing a failure. [ 569.405618][T14670] name failslab, interval 1, probability 0, space 0, times 0 [ 569.487560][T14670] CPU: 1 UID: 0 PID: 14670 Comm: syz.0.3426 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 569.487597][T14670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 569.487612][T14670] Call Trace: [ 569.487619][T14670] [ 569.487628][T14670] dump_stack_lvl+0x16c/0x1f0 [ 569.487669][T14670] should_fail_ex+0x512/0x640 [ 569.487704][T14670] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 569.487745][T14670] should_failslab+0xc2/0x120 [ 569.487767][T14670] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 569.487805][T14670] ? shmem_alloc_inode+0x25/0x50 [ 569.487833][T14670] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 569.487855][T14670] shmem_alloc_inode+0x25/0x50 [ 569.487878][T14670] alloc_inode+0x61/0x240 [ 569.487904][T14670] new_inode+0x22/0x1c0 [ 569.487930][T14670] shmem_get_inode+0x19a/0xfb0 [ 569.487964][T14670] shmem_tmpfile+0x58/0x180 [ 569.487992][T14670] vfs_tmpfile+0x2be/0x890 [ 569.488033][T14670] path_openat+0x1683/0x2cb0 [ 569.488066][T14670] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.488101][T14670] ? __pfx_path_openat+0x10/0x10 [ 569.488143][T14670] do_filp_open+0x20b/0x470 [ 569.488179][T14670] ? __pfx_do_filp_open+0x10/0x10 [ 569.488234][T14670] ? _raw_spin_unlock+0x28/0x50 [ 569.488264][T14670] ? alloc_fd+0x471/0x7d0 [ 569.488304][T14670] do_sys_openat2+0x11b/0x1d0 [ 569.488331][T14670] ? __pfx_do_sys_openat2+0x10/0x10 [ 569.488376][T14670] __x64_sys_open+0x153/0x1e0 [ 569.488404][T14670] ? __pfx___x64_sys_open+0x10/0x10 [ 569.488438][T14670] ? rcu_is_watching+0x12/0xc0 [ 569.488467][T14670] do_syscall_64+0xcd/0x490 [ 569.488506][T14670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.488530][T14670] RIP: 0033:0x7f022a78e929 [ 569.488548][T14670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.488572][T14670] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 569.488594][T14670] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 569.488610][T14670] RDX: 0000000000000408 RSI: 0000000000591083 RDI: 0000200000000100 [ 569.488624][T14670] RBP: 00007f022a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 569.488639][T14670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 569.488654][T14670] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 569.488683][T14670] [ 573.484661][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.495353][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.997115][T14715] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3445'. [ 574.303737][T14719] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3447'. [ 574.767309][T14723] netlink: 'syz.3.3448': attribute type 33 has an invalid length. [ 574.817650][T14723] netlink: 322 bytes leftover after parsing attributes in process `syz.3.3448'. [ 576.201167][T14750] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3457'. [ 576.352352][T14754] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3459'. [ 578.158353][T14775] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3467'. [ 578.400944][T14778] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3468'. [ 579.509230][T14789] netlink: 306 bytes leftover after parsing attributes in process `syz.2.3472'. [ 581.469329][T14812] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3480'. [ 581.579264][T14805] [U] [ 581.582336][T14805] [U] [ 581.585315][T14805] [U] [ 581.588293][T14805] [U] [ 581.699993][T14805] [U] [ 581.703034][T14805] [U] [ 581.706020][T14805] [U] [ 581.709012][T14805] [U] [ 581.859081][T14805] [U] [ 582.471022][ T30] audit: type=1800 audit(4294967445.460:11): pid=14819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3482" name="dbroot" dev="configfs" ino=42678 res=0 errno=0 [ 584.430650][T14843] delete_channel: no stack [ 585.761981][T14857] FAULT_INJECTION: forcing a failure. [ 585.761981][T14857] name failslab, interval 1, probability 0, space 0, times 0 [ 585.916164][T14857] CPU: 1 UID: 0 PID: 14857 Comm: syz.1.3494 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 585.916206][T14857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 585.916221][T14857] Call Trace: [ 585.916229][T14857] [ 585.916238][T14857] dump_stack_lvl+0x16c/0x1f0 [ 585.916279][T14857] should_fail_ex+0x512/0x640 [ 585.916319][T14857] ? fs_reclaim_acquire+0xae/0x150 [ 585.916350][T14857] ? tomoyo_init_log+0x1385/0x2140 [ 585.916381][T14857] should_failslab+0xc2/0x120 [ 585.916403][T14857] __kmalloc_noprof+0xd2/0x510 [ 585.916446][T14857] tomoyo_init_log+0x1385/0x2140 [ 585.916494][T14857] ? __pfx_tomoyo_init_log+0x10/0x10 [ 585.916534][T14857] tomoyo_write_log2+0x2f7/0xc10 [ 585.916571][T14857] tomoyo_supervisor+0x15e/0x13b0 [ 585.916615][T14857] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 585.916665][T14857] ? lockdep_hardirqs_on+0x7c/0x110 [ 585.916704][T14857] ? tomoyo_check_path_acl+0xad/0x210 [ 585.916733][T14857] ? tomoyo_check_acl+0x1f7/0x410 [ 585.916761][T14857] tomoyo_path_permission+0x270/0x3b0 [ 585.916791][T14857] tomoyo_check_open_permission+0x37b/0x3c0 [ 585.916822][T14857] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 585.916880][T14857] ? do_raw_spin_lock+0x12c/0x2b0 [ 585.916927][T14857] tomoyo_file_open+0x6b/0x90 [ 585.916967][T14857] security_file_open+0x84/0x1e0 [ 585.916999][T14857] do_dentry_open+0x596/0x1c10 [ 585.917044][T14857] vfs_open+0x82/0x3f0 [ 585.917072][T14857] path_openat+0x1de4/0x2cb0 [ 585.917117][T14857] ? __pfx_path_openat+0x10/0x10 [ 585.917174][T14857] ? __lock_acquire+0xb8a/0x1c90 [ 585.917213][T14857] do_filp_open+0x20b/0x470 [ 585.917249][T14857] ? __pfx_do_filp_open+0x10/0x10 [ 585.917310][T14857] ? alloc_fd+0x471/0x7d0 [ 585.917350][T14857] do_sys_openat2+0x11b/0x1d0 [ 585.917377][T14857] ? __pfx_do_sys_openat2+0x10/0x10 [ 585.917415][T14857] __x64_sys_openat+0x174/0x210 [ 585.917443][T14857] ? __pfx___x64_sys_openat+0x10/0x10 [ 585.917483][T14857] do_syscall_64+0xcd/0x490 [ 585.917521][T14857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.917546][T14857] RIP: 0033:0x7f3f0938e929 [ 585.917564][T14857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 585.917588][T14857] RSP: 002b:00007f3f0a12b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 585.917610][T14857] RAX: ffffffffffffffda RBX: 00007f3f095b6080 RCX: 00007f3f0938e929 [ 585.917626][T14857] RDX: 0000000000062c00 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 585.917642][T14857] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 585.917656][T14857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 585.917670][T14857] R13: 0000000000000000 R14: 00007f3f095b6080 R15: 00007ffcbeefe9a8 [ 585.917700][T14857] [ 586.699862][T14858] vivid-007: kernel_thread() failed [ 587.115653][T14872] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3499'. [ 587.731014][T14870] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3498'. [ 587.864968][T14857] tty tty30: ldisc open failed (-12), clearing slot 29 [ 588.478555][T14881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3502'. [ 588.541208][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3502'. [ 588.800549][T14892] FAULT_INJECTION: forcing a failure. [ 588.800549][T14892] name failslab, interval 1, probability 0, space 0, times 0 [ 588.950835][T14892] CPU: 1 UID: 0 PID: 14892 Comm: syz.1.3507 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 588.950873][T14892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 588.950888][T14892] Call Trace: [ 588.950896][T14892] [ 588.950905][T14892] dump_stack_lvl+0x16c/0x1f0 [ 588.950946][T14892] should_fail_ex+0x512/0x640 [ 588.950980][T14892] ? fs_reclaim_acquire+0xae/0x150 [ 588.951011][T14892] ? tomoyo_init_log+0x1385/0x2140 [ 588.951042][T14892] should_failslab+0xc2/0x120 [ 588.951065][T14892] __kmalloc_noprof+0xd2/0x510 [ 588.951114][T14892] tomoyo_init_log+0x1385/0x2140 [ 588.951162][T14892] ? __pfx_tomoyo_init_log+0x10/0x10 [ 588.951204][T14892] tomoyo_write_log2+0x2f7/0xc10 [ 588.951254][T14892] tomoyo_supervisor+0x15e/0x13b0 [ 588.951315][T14892] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 588.951367][T14892] ? lockdep_hardirqs_on+0x7c/0x110 [ 588.951405][T14892] ? tomoyo_check_path_acl+0xad/0x210 [ 588.951434][T14892] ? tomoyo_check_acl+0x1f7/0x410 [ 588.951462][T14892] tomoyo_path_permission+0x270/0x3b0 [ 588.951493][T14892] tomoyo_check_open_permission+0x37b/0x3c0 [ 588.951523][T14892] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 588.951582][T14892] ? do_raw_spin_lock+0x12c/0x2b0 [ 588.951628][T14892] tomoyo_file_open+0x6b/0x90 [ 588.951668][T14892] security_file_open+0x84/0x1e0 [ 588.951700][T14892] do_dentry_open+0x596/0x1c10 [ 588.951746][T14892] vfs_open+0x82/0x3f0 [ 588.951774][T14892] path_openat+0x1de4/0x2cb0 [ 588.951819][T14892] ? __pfx_path_openat+0x10/0x10 [ 588.951856][T14892] ? __lock_acquire+0xb8a/0x1c90 [ 588.951892][T14892] do_filp_open+0x20b/0x470 [ 588.951927][T14892] ? __pfx_do_filp_open+0x10/0x10 [ 588.951983][T14892] ? alloc_fd+0x471/0x7d0 [ 588.952023][T14892] do_sys_openat2+0x11b/0x1d0 [ 588.952049][T14892] ? __pfx_do_sys_openat2+0x10/0x10 [ 588.952096][T14892] __x64_sys_openat+0x174/0x210 [ 588.952124][T14892] ? __pfx___x64_sys_openat+0x10/0x10 [ 588.952165][T14892] do_syscall_64+0xcd/0x490 [ 588.952204][T14892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.952228][T14892] RIP: 0033:0x7f3f0938e929 [ 588.952247][T14892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 588.952271][T14892] RSP: 002b:00007f3f0a12b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 588.952293][T14892] RAX: ffffffffffffffda RBX: 00007f3f095b6080 RCX: 00007f3f0938e929 [ 588.952309][T14892] RDX: 0000000000020000 RSI: 0000200000000840 RDI: ffffffffffffff9c [ 588.952324][T14892] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 588.952339][T14892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.952353][T14892] R13: 0000000000000000 R14: 00007f3f095b6080 R15: 00007ffcbeefe9a8 [ 588.952383][T14892] [ 590.099149][T14896] FAULT_INJECTION: forcing a failure. [ 590.099149][T14896] name failslab, interval 1, probability 0, space 0, times 0 [ 590.190022][T14896] CPU: 1 UID: 0 PID: 14896 Comm: syz.3.3508 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 590.190059][T14896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 590.190074][T14896] Call Trace: [ 590.190081][T14896] [ 590.190091][T14896] dump_stack_lvl+0x16c/0x1f0 [ 590.190133][T14896] should_fail_ex+0x512/0x640 [ 590.190167][T14896] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 590.190203][T14896] should_failslab+0xc2/0x120 [ 590.190225][T14896] __kmalloc_cache_noprof+0x6a/0x3e0 [ 590.190258][T14896] ? trace_pid_list_alloc+0x27c/0x3f0 [ 590.190290][T14896] ? kasan_save_track+0x14/0x30 [ 590.190328][T14896] trace_pid_list_alloc+0x27c/0x3f0 [ 590.190373][T14896] trace_pid_write+0x10e/0x460 [ 590.190413][T14896] ? event_pid_write.isra.0+0x11d/0x7c0 [ 590.190448][T14896] ? __pfx_trace_pid_write+0x10/0x10 [ 590.190484][T14896] ? __pfx___mutex_lock+0x10/0x10 [ 590.190523][T14896] ? update_last_data+0xb3/0x4f0 [ 590.190561][T14896] event_pid_write.isra.0+0x3cc/0x7c0 [ 590.190596][T14896] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 590.190638][T14896] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 590.190670][T14896] vfs_writev+0x5df/0xde0 [ 590.190701][T14896] ? __pfx___mutex_trylock_common+0x10/0x10 [ 590.190744][T14896] ? __pfx_vfs_writev+0x10/0x10 [ 590.190775][T14896] ? __mutex_lock+0x1ca/0xb90 [ 590.190817][T14896] ? __pfx___mutex_lock+0x10/0x10 [ 590.190863][T14896] ? __fget_files+0x20e/0x3c0 [ 590.190904][T14896] ? do_writev+0x132/0x340 [ 590.190933][T14896] do_writev+0x132/0x340 [ 590.190964][T14896] ? __pfx_do_writev+0x10/0x10 [ 590.191004][T14896] do_syscall_64+0xcd/0x490 [ 590.191048][T14896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.191073][T14896] RIP: 0033:0x7fd14958e929 [ 590.191091][T14896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.191115][T14896] RSP: 002b:00007fd14a43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 590.191137][T14896] RAX: ffffffffffffffda RBX: 00007fd1497b5fa0 RCX: 00007fd14958e929 [ 590.191153][T14896] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 590.191167][T14896] RBP: 00007fd149610b39 R08: 0000000000000000 R09: 0000000000000000 [ 590.191182][T14896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 590.191196][T14896] R13: 0000000000000000 R14: 00007fd1497b5fa0 R15: 00007ffd13d1e048 [ 590.191226][T14896] [ 595.084565][T14960] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3532'. [ 595.258730][T14962] [U] [ 595.261862][T14962] [U] [ 595.264848][T14962] [U] [ 595.267830][T14962] [U] [ 595.381086][T14962] [U] [ 595.384129][T14962] [U] [ 595.387112][T14962] [U] [ 595.390090][T14962] [U] [ 595.439168][T14962] [U] [ 595.442214][T14962] [U] [ 595.445195][T14962] [U] [ 595.448172][T14962] [U] [ 595.505270][T14962] [U] [ 595.508303][T14962] [U] [ 595.511285][T14962] [U] [ 595.514263][T14962] [U] [ 595.546007][T14962] [U] [ 595.549041][T14962] [U] [ 595.552027][T14962] [U] [ 595.555005][T14962] [U] [ 595.625287][T14962] [U] [ 595.628314][T14962] [U] [ 595.631292][T14962] [U] [ 595.634305][T14962] [U] [ 595.702124][T14962] [U] [ 595.705160][T14962] [U] [ 595.708236][T14962] [U] [ 595.711211][T14962] [U] [ 595.745257][T14970] FAULT_INJECTION: forcing a failure. [ 595.745257][T14970] name failslab, interval 1, probability 0, space 0, times 0 [ 595.769081][T14962] [U] [ 595.772113][T14962] [U] [ 595.775095][T14962] [U] [ 595.778086][T14962] [U] [ 595.793629][T14970] CPU: 1 UID: 0 PID: 14970 Comm: syz.3.3536 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 595.793669][T14970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 595.793685][T14970] Call Trace: [ 595.793692][T14970] [ 595.793701][T14970] dump_stack_lvl+0x16c/0x1f0 [ 595.793742][T14970] should_fail_ex+0x512/0x640 [ 595.793777][T14970] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 595.793813][T14970] should_failslab+0xc2/0x120 [ 595.793836][T14970] __kmalloc_cache_noprof+0x6a/0x3e0 [ 595.793868][T14970] ? snd_seq_oss_open+0x55/0xa20 [ 595.793896][T14970] snd_seq_oss_open+0x55/0xa20 [ 595.793923][T14970] odev_open+0x6f/0x90 [ 595.793958][T14970] ? __pfx_odev_open+0x10/0x10 [ 595.793994][T14970] soundcore_open+0x409/0x580 [ 595.794032][T14970] ? __pfx_soundcore_open+0x10/0x10 [ 595.794068][T14970] chrdev_open+0x234/0x6a0 [ 595.794105][T14970] ? __pfx_apparmor_file_open+0x10/0x10 [ 595.794136][T14970] ? __pfx_chrdev_open+0x10/0x10 [ 595.794176][T14970] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 595.794214][T14970] do_dentry_open+0x741/0x1c10 [ 595.794251][T14970] ? __pfx_chrdev_open+0x10/0x10 [ 595.794294][T14970] vfs_open+0x82/0x3f0 [ 595.794322][T14970] path_openat+0x1de4/0x2cb0 [ 595.794367][T14970] ? __pfx_path_openat+0x10/0x10 [ 595.794403][T14970] ? __lock_acquire+0xb8a/0x1c90 [ 595.794440][T14970] do_filp_open+0x20b/0x470 [ 595.794475][T14970] ? __pfx_do_filp_open+0x10/0x10 [ 595.794531][T14970] ? alloc_fd+0x471/0x7d0 [ 595.794576][T14970] do_sys_openat2+0x11b/0x1d0 [ 595.794603][T14970] ? __pfx_do_sys_openat2+0x10/0x10 [ 595.794641][T14970] __x64_sys_openat+0x174/0x210 [ 595.794674][T14970] ? __pfx___x64_sys_openat+0x10/0x10 [ 595.794714][T14970] do_syscall_64+0xcd/0x490 [ 595.794753][T14970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.794777][T14970] RIP: 0033:0x7fd14958e929 [ 595.794796][T14970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.794820][T14970] RSP: 002b:00007fd14a43f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 595.794842][T14970] RAX: ffffffffffffffda RBX: 00007fd1497b5fa0 RCX: 00007fd14958e929 [ 595.794858][T14970] RDX: 0000000000008002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 595.794872][T14970] RBP: 00007fd149610b39 R08: 0000000000000000 R09: 0000000000000000 [ 595.794887][T14970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.794901][T14970] R13: 0000000000000000 R14: 00007fd1497b5fa0 R15: 00007ffd13d1e048 [ 595.794931][T14970] [ 596.086561][T14962] [U] [ 597.717074][T14976] ptrace attach of "./syz-executor exec"[6086] was attempted by "./syz-executor exec"[14976] [ 598.127108][T14992] netlink: zone id is out of range [ 598.152653][T14992] netlink: zone id is out of range [ 598.182028][T14992] netlink: zone id is out of range [ 598.206760][T14988] netlink: 74 bytes leftover after parsing attributes in process `syz.2.3543'. [ 598.224366][T14992] netlink: zone id is out of range [ 598.244628][T14992] netlink: zone id is out of range [ 598.270113][T14992] netlink: zone id is out of range [ 598.307530][T14992] netlink: zone id is out of range [ 598.326890][T14992] netlink: zone id is out of range [ 598.362454][T14992] netlink: zone id is out of range [ 598.391868][T14992] netlink: zone id is out of range [ 599.164254][T14998] Process accounting paused [ 599.339630][T15013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 599.611401][ T5854] Bluetooth: hci2: unexpected event 0x04 length: 62 > 10 [ 599.611705][ T5854] Bluetooth: hci2: connection err: -111 [ 600.260051][T15025] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3556'. [ 600.313824][T15025] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3556'. [ 606.399967][T15117] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3592'. [ 606.746689][T15119] sg_write: data in/out 476/16086 bytes for SCSI command 0x0-- guessing data in; [ 606.746689][T15119] program syz.2.3593 not setting count and/or reply_len properly [ 608.584943][T15156] netlink: 'syz.2.3607': attribute type 4 has an invalid length. [ 608.945035][T15161] FAULT_INJECTION: forcing a failure. [ 608.945035][T15161] name failslab, interval 1, probability 0, space 0, times 0 [ 609.022908][T15161] CPU: 1 UID: 0 PID: 15161 Comm: syz.2.3617 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 609.022944][T15161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 609.022959][T15161] Call Trace: [ 609.022967][T15161] [ 609.022976][T15161] dump_stack_lvl+0x16c/0x1f0 [ 609.023017][T15161] should_fail_ex+0x512/0x640 [ 609.023052][T15161] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 609.023097][T15161] should_failslab+0xc2/0x120 [ 609.023119][T15161] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 609.023160][T15161] ? kstrdup_const+0x63/0x80 [ 609.023200][T15161] kstrdup+0x53/0x100 [ 609.023237][T15161] kstrdup_const+0x63/0x80 [ 609.023272][T15161] __kernfs_new_node+0x9b/0x8e0 [ 609.023309][T15161] ? __pfx___kernfs_new_node+0x10/0x10 [ 609.023350][T15161] ? find_held_lock+0x2b/0x80 [ 609.023377][T15161] ? kernfs_root+0xee/0x2a0 [ 609.023415][T15161] kernfs_new_node+0x13c/0x1e0 [ 609.023458][T15161] kernfs_create_link+0xcc/0x240 [ 609.023488][T15161] sysfs_do_create_link_sd+0x90/0x140 [ 609.023522][T15161] sysfs_create_link+0x61/0xc0 [ 609.023554][T15161] device_add+0xb14/0x1a70 [ 609.023590][T15161] ? __pfx_device_add+0x10/0x10 [ 609.023629][T15161] __add_disk+0x457/0xf00 [ 609.023668][T15161] ? find_held_lock+0x2b/0x80 [ 609.023696][T15161] add_disk_fwnode+0x3f8/0x5d0 [ 609.023737][T15161] zram_add+0x4c8/0x700 [ 609.023765][T15161] ? __pfx_zram_add+0x10/0x10 [ 609.023812][T15161] ? find_held_lock+0x2b/0x80 [ 609.023841][T15161] ? __pfx_hot_add_show+0x10/0x10 [ 609.023873][T15161] ? __pfx_class_attr_show+0x10/0x10 [ 609.023898][T15161] hot_add_show+0x21/0x80 [ 609.023925][T15161] class_attr_show+0x72/0xa0 [ 609.023950][T15161] sysfs_kf_seq_show+0x213/0x3e0 [ 609.023984][T15161] seq_read_iter+0x509/0x12c0 [ 609.024028][T15161] kernfs_fop_read_iter+0x40f/0x5a0 [ 609.024053][T15161] ? rw_verify_area+0xcf/0x680 [ 609.024086][T15161] vfs_read+0x8bc/0xc60 [ 609.024123][T15161] ? __pfx___mutex_lock+0x10/0x10 [ 609.024159][T15161] ? __pfx_vfs_read+0x10/0x10 [ 609.024213][T15161] ksys_read+0x12a/0x250 [ 609.024246][T15161] ? __pfx_ksys_read+0x10/0x10 [ 609.024288][T15161] do_syscall_64+0xcd/0x490 [ 609.024327][T15161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 609.024351][T15161] RIP: 0033:0x7f1ad5d8e929 [ 609.024370][T15161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 609.024393][T15161] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 609.024416][T15161] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 609.024432][T15161] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005 [ 609.024447][T15161] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 609.024461][T15161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 609.024475][T15161] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 609.024505][T15161] [ 612.767302][ T5854] Bluetooth: hci2: SCO packet too small [ 613.285985][T15212] zswap: compressor not available [ 613.665032][T15237] netlink: 'syz.0.3639': attribute type 16 has an invalid length. [ 613.710665][T15237] netlink: 306 bytes leftover after parsing attributes in process `syz.0.3639'. [ 614.289538][T15245] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3641'. [ 614.449872][T15248] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3642'. [ 614.507706][T15248] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3642'. [ 615.371780][T15265] mkiss: ax0: crc mode is auto. [ 616.043818][T15277] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3651'. [ 616.580791][T15285] netlink: 74 bytes leftover after parsing attributes in process `syz.1.3661'. [ 616.599106][ T5854] Bluetooth: hci0: SCO packet too small [ 617.100324][T15284] zswap: compressor not available [ 617.391033][T15302] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3659'. [ 618.019558][T15313] Loading of unsigned module is rejected [ 618.215033][T15316] netlink: 'syz.3.3664': attribute type 4 has an invalid length. [ 618.287470][T15316] netlink: 314 bytes leftover after parsing attributes in process `syz.3.3664'. [ 618.778094][T15325] netlink: 74 bytes leftover after parsing attributes in process `syz.0.3667'. [ 619.835356][T15338] kvm_intel: kvm [15335]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2 [ 622.240763][T15387] netlink: 'syz.3.3690': attribute type 29 has an invalid length. [ 622.283613][T15387] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3690'. [ 622.523218][T15393] sock: sock_timestamping_bind_phc: sock not bind to device [ 622.913810][T15398] Loading of unsigned module is rejected [ 623.775258][T15416] netlink: 74 bytes leftover after parsing attributes in process `syz.2.3700'. [ 624.349333][T15423] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3703'. [ 624.393515][T15423] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3703'. [ 624.779247][T15429] kAFS: No cell specified [ 625.460410][T15443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3713'. [ 625.650064][T15448] netlink: 74 bytes leftover after parsing attributes in process `syz.3.3712'. [ 629.424374][T15498] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3733'. [ 629.635921][T15494] Process accounting resumed [ 630.302657][T15518] netlink: 'syz.0.3740': attribute type 16 has an invalid length. [ 630.350986][T15518] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3740'. [ 631.123928][T15535] netlink: 'syz.2.3746': attribute type 19 has an invalid length. [ 631.161467][T15535] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3746'. [ 631.644905][T15543] Loading of unsigned module is rejected [ 632.338516][T15559] netlink: 'syz.2.3758': attribute type 1 has an invalid length. [ 632.372941][T15559] netlink: 318 bytes leftover after parsing attributes in process `syz.2.3758'. [ 632.840141][T15569] RDS: rds_bind could not find a transport for ::ffff:172.20.20.55, load rds_tcp or rds_rdma? [ 632.970880][T15571] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3763'. [ 634.100442][ T30] audit: type=1804 audit(4294967497.100:12): pid=15592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3770" name="/newroot/925/file0" dev="tmpfs" ino=4718 res=1 errno=0 [ 634.908023][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.914996][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.091900][T15611] udevd[15611]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Exec format error [ 635.444976][T15619] netlink: 346 bytes leftover after parsing attributes in process `syz.3.3779'. [ 635.989801][T15623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3781'. [ 636.648679][T15639] kvm: user requested TSC rate below hardware speed [ 637.559862][T15660] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3795'. [ 637.887570][T15665] FAULT_INJECTION: forcing a failure. [ 637.887570][T15665] name failslab, interval 1, probability 0, space 0, times 0 [ 637.949180][T15665] CPU: 1 UID: 0 PID: 15665 Comm: syz.1.3797 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 637.949216][T15665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 637.949232][T15665] Call Trace: [ 637.949239][T15665] [ 637.949248][T15665] dump_stack_lvl+0x16c/0x1f0 [ 637.949295][T15665] should_fail_ex+0x512/0x640 [ 637.949329][T15665] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 637.949366][T15665] should_failslab+0xc2/0x120 [ 637.949389][T15665] __kmalloc_cache_noprof+0x6a/0x3e0 [ 637.949425][T15665] ? snd_seq_create_port+0xf7/0xad0 [ 637.949466][T15665] snd_seq_create_port+0xf7/0xad0 [ 637.949512][T15665] snd_seq_ioctl_create_port+0x253/0x950 [ 637.949549][T15665] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 637.949588][T15665] ? kasan_save_stack+0x42/0x60 [ 637.949622][T15665] ? kasan_save_stack+0x33/0x60 [ 637.949655][T15665] ? kasan_save_track+0x14/0x30 [ 637.949693][T15665] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 637.949720][T15665] create_port+0x197/0x260 [ 637.949741][T15665] ? __pfx_create_port+0x10/0x10 [ 637.949767][T15665] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 637.949792][T15665] ? __pfx_free_devinfo+0x10/0x10 [ 637.949835][T15665] ? mark_held_locks+0x49/0x80 [ 637.949867][T15665] ? _raw_spin_unlock_irq+0x23/0x50 [ 637.949902][T15665] snd_seq_oss_open+0x36c/0xa20 [ 637.949930][T15665] odev_open+0x6f/0x90 [ 637.949964][T15665] ? __pfx_odev_open+0x10/0x10 [ 637.950005][T15665] soundcore_open+0x409/0x580 [ 637.950044][T15665] ? __pfx_soundcore_open+0x10/0x10 [ 637.950080][T15665] chrdev_open+0x234/0x6a0 [ 637.950117][T15665] ? __pfx_apparmor_file_open+0x10/0x10 [ 637.950148][T15665] ? __pfx_chrdev_open+0x10/0x10 [ 637.950188][T15665] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 637.950226][T15665] do_dentry_open+0x741/0x1c10 [ 637.950263][T15665] ? __pfx_chrdev_open+0x10/0x10 [ 637.950305][T15665] vfs_open+0x82/0x3f0 [ 637.950334][T15665] path_openat+0x1de4/0x2cb0 [ 637.950379][T15665] ? __pfx_path_openat+0x10/0x10 [ 637.950415][T15665] ? __lock_acquire+0xb8a/0x1c90 [ 637.950451][T15665] do_filp_open+0x20b/0x470 [ 637.950486][T15665] ? __pfx_do_filp_open+0x10/0x10 [ 637.950542][T15665] ? alloc_fd+0x471/0x7d0 [ 637.950582][T15665] do_sys_openat2+0x11b/0x1d0 [ 637.950608][T15665] ? __pfx_do_sys_openat2+0x10/0x10 [ 637.950646][T15665] __x64_sys_openat+0x174/0x210 [ 637.950674][T15665] ? __pfx___x64_sys_openat+0x10/0x10 [ 637.950713][T15665] do_syscall_64+0xcd/0x490 [ 637.950752][T15665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.950776][T15665] RIP: 0033:0x7f3f0938e929 [ 637.950795][T15665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.950819][T15665] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 637.950841][T15665] RAX: ffffffffffffffda RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 637.950857][T15665] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 637.950873][T15665] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 637.950888][T15665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 637.950903][T15665] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 637.950932][T15665] [ 638.310745][T15665] ALSA: seq_oss: can't create port [ 638.562954][T15675] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3801'. [ 638.772519][T15679] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3802'. [ 639.470767][T15688] kvm: user requested TSC rate below hardware speed [ 639.557032][T15686] FAULT_INJECTION: forcing a failure. [ 639.557032][T15686] name failslab, interval 1, probability 0, space 0, times 0 [ 639.606648][T15686] CPU: 1 UID: 0 PID: 15686 Comm: syz.2.3805 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 639.606685][T15686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 639.606700][T15686] Call Trace: [ 639.606707][T15686] [ 639.606717][T15686] dump_stack_lvl+0x16c/0x1f0 [ 639.606757][T15686] should_fail_ex+0x512/0x640 [ 639.606792][T15686] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 639.606827][T15686] should_failslab+0xc2/0x120 [ 639.606850][T15686] __kmalloc_cache_noprof+0x6a/0x3e0 [ 639.606887][T15686] ? __asan_memset+0x23/0x50 [ 639.606917][T15686] ? alloc_netdev_mqs+0xece/0x1570 [ 639.606958][T15686] alloc_netdev_mqs+0xece/0x1570 [ 639.607003][T15686] ppp_ioctl+0x1761/0x2660 [ 639.607034][T15686] ? find_held_lock+0x2b/0x80 [ 639.607059][T15686] ? __pfx_ppp_ioctl+0x10/0x10 [ 639.607093][T15686] ? __fget_files+0x20e/0x3c0 [ 639.607130][T15686] ? __pfx_ppp_ioctl+0x10/0x10 [ 639.607160][T15686] __x64_sys_ioctl+0x18e/0x210 [ 639.607190][T15686] do_syscall_64+0xcd/0x490 [ 639.607229][T15686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.607252][T15686] RIP: 0033:0x7f1ad5d8e929 [ 639.607271][T15686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.607294][T15686] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 639.607321][T15686] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 639.607337][T15686] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000003 [ 639.607351][T15686] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 639.607365][T15686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.607379][T15686] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 639.607408][T15686] [ 640.403322][T15702] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3810'. [ 641.025593][T15712] FAULT_INJECTION: forcing a failure. [ 641.025593][T15712] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 641.076432][T15712] CPU: 1 UID: 0 PID: 15712 Comm: syz.0.3815 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 641.076468][T15712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 641.076483][T15712] Call Trace: [ 641.076490][T15712] [ 641.076500][T15712] dump_stack_lvl+0x16c/0x1f0 [ 641.076540][T15712] should_fail_ex+0x512/0x640 [ 641.076586][T15712] should_fail_alloc_page+0xe7/0x130 [ 641.076613][T15712] prepare_alloc_pages+0x3c2/0x610 [ 641.076646][T15712] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 641.076684][T15712] ? stack_trace_save+0x8e/0xc0 [ 641.076712][T15712] ? __pfx_stack_trace_save+0x10/0x10 [ 641.076739][T15712] ? stack_depot_save_flags+0x28/0xa40 [ 641.076788][T15712] ? kasan_save_stack+0x42/0x60 [ 641.076823][T15712] ? kasan_save_stack+0x33/0x60 [ 641.076856][T15712] ? kasan_save_track+0x14/0x30 [ 641.076892][T15712] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 641.076929][T15712] ? move_page_tables+0x28c8/0x4070 [ 641.076964][T15712] ? move_vma+0x548/0x1740 [ 641.076997][T15712] ? do_syscall_64+0xcd/0x490 [ 641.077032][T15712] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.077071][T15712] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 641.077110][T15712] ? policy_nodemask+0xea/0x4e0 [ 641.077135][T15712] alloc_pages_mpol+0x1fb/0x550 [ 641.077159][T15712] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 641.077180][T15712] ? css_rstat_updated+0x9d/0xd30 [ 641.077213][T15712] alloc_pages_noprof+0x131/0x390 [ 641.077237][T15712] pte_alloc_one+0x1c/0x3a0 [ 641.077259][T15712] __pte_alloc+0x6d/0x3c0 [ 641.077282][T15712] ? __pfx___pte_alloc+0x10/0x10 [ 641.077306][T15712] ? _raw_spin_unlock+0x28/0x50 [ 641.077336][T15712] ? __pmd_alloc+0x3fb/0x930 [ 641.077365][T15712] move_page_tables+0x23af/0x4070 [ 641.077407][T15712] ? __pfx_copy_vma+0x10/0x10 [ 641.077441][T15712] ? lockdep_hardirqs_on+0x7c/0x110 [ 641.077480][T15712] ? __pfx_move_page_tables+0x10/0x10 [ 641.077517][T15712] ? __schedule+0x1181/0x5de0 [ 641.077559][T15712] ? __lock_acquire+0x622/0x1c90 [ 641.077598][T15712] copy_vma_and_data+0x216/0x750 [ 641.077638][T15712] ? __pfx_copy_vma_and_data+0x10/0x10 [ 641.077681][T15712] ? __vma_enter_locked+0x163/0x3f0 [ 641.077716][T15712] ? find_held_lock+0x2b/0x80 [ 641.077741][T15712] ? move_vma+0x536/0x1740 [ 641.077781][T15712] ? __vm_enough_memory+0x184/0x3f0 [ 641.077812][T15712] move_vma+0x548/0x1740 [ 641.077853][T15712] ? __pfx_move_vma+0x10/0x10 [ 641.077893][T15712] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 641.077921][T15712] ? cap_mmap_addr+0x4b/0x120 [ 641.077943][T15712] ? bpf_lsm_mmap_addr+0x9/0x10 [ 641.077968][T15712] ? security_mmap_addr+0x6c/0x1e0 [ 641.077999][T15712] ? __get_unmapped_area+0x267/0x440 [ 641.078029][T15712] ? vrm_set_new_addr+0x208/0x290 [ 641.078067][T15712] __do_sys_mremap+0xe07/0x1590 [ 641.078111][T15712] ? __pfx___do_sys_mremap+0x10/0x10 [ 641.078155][T15712] ? __fget_files+0x204/0x3c0 [ 641.078194][T15712] ? __x64_sys_futex+0x1e0/0x4c0 [ 641.078241][T15712] do_syscall_64+0xcd/0x490 [ 641.078279][T15712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.078304][T15712] RIP: 0033:0x7f022a78e929 [ 641.078323][T15712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 641.078347][T15712] RSP: 002b:00007f022b634038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 641.078369][T15712] RAX: ffffffffffffffda RBX: 00007f022a9b5fa0 RCX: 00007f022a78e929 [ 641.078385][T15712] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 641.078399][T15712] RBP: 00007f022a810b39 R08: 0000000100000000 R09: 0000000000000000 [ 641.078414][T15712] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 641.078428][T15712] R13: 0000000000000000 R14: 00007f022a9b5fa0 R15: 00007ffe876cef38 [ 641.078457][T15712] [ 642.376797][T15726] FAULT_INJECTION: forcing a failure. [ 642.376797][T15726] name failslab, interval 1, probability 0, space 0, times 0 [ 642.415402][T15726] CPU: 1 UID: 0 PID: 15726 Comm: syz.2.3821 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 642.415440][T15726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 642.415455][T15726] Call Trace: [ 642.415463][T15726] [ 642.415472][T15726] dump_stack_lvl+0x16c/0x1f0 [ 642.415513][T15726] should_fail_ex+0x512/0x640 [ 642.415549][T15726] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 642.415585][T15726] should_failslab+0xc2/0x120 [ 642.415608][T15726] __kmalloc_cache_noprof+0x6a/0x3e0 [ 642.415640][T15726] ? drm_atomic_helper_check+0x10f/0x190 [ 642.415678][T15726] ? drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 642.415729][T15726] drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 642.415781][T15726] drm_atomic_helper_commit+0xa9/0x380 [ 642.415822][T15726] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 642.415864][T15726] drm_atomic_commit+0x231/0x300 [ 642.415892][T15726] ? __pfx_drm_atomic_commit+0x10/0x10 [ 642.415917][T15726] ? __pfx___drm_printfn_info+0x10/0x10 [ 642.415954][T15726] ? drm_client_rotation+0x4da/0x6a0 [ 642.415984][T15726] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 642.416021][T15726] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 642.416079][T15726] drm_client_modeset_commit_locked+0x14d/0x580 [ 642.416111][T15726] drm_client_modeset_commit+0x4f/0x80 [ 642.416139][T15726] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 642.416182][T15726] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 642.416217][T15726] drm_fbdev_client_restore+0x2c/0x40 [ 642.416250][T15726] drm_client_dev_restore+0x1f3/0x2a0 [ 642.416281][T15726] drm_release+0x2c4/0x360 [ 642.416307][T15726] ? __pfx_drm_release+0x10/0x10 [ 642.416328][T15726] __fput+0x402/0xb70 [ 642.416360][T15726] task_work_run+0x150/0x240 [ 642.416404][T15726] ? __pfx_task_work_run+0x10/0x10 [ 642.416444][T15726] ? __pfx___do_sys_close_range+0x10/0x10 [ 642.416487][T15726] exit_to_user_mode_loop+0xeb/0x110 [ 642.416528][T15726] do_syscall_64+0x3f6/0x490 [ 642.416568][T15726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.416592][T15726] RIP: 0033:0x7f1ad5d8e929 [ 642.416612][T15726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 642.416635][T15726] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 642.416657][T15726] RAX: 0000000000000000 RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 642.416673][T15726] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 642.416687][T15726] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 642.416708][T15726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 642.416722][T15726] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 642.416753][T15726] [ 643.107781][T15735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3826'. [ 643.144904][T15735] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3826'. [ 643.418444][T15741] FAULT_INJECTION: forcing a failure. [ 643.418444][T15741] name failslab, interval 1, probability 0, space 0, times 0 [ 643.471762][T15741] CPU: 1 UID: 0 PID: 15741 Comm: syz.3.3827 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 643.471798][T15741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 643.471813][T15741] Call Trace: [ 643.471820][T15741] [ 643.471829][T15741] dump_stack_lvl+0x16c/0x1f0 [ 643.471871][T15741] should_fail_ex+0x512/0x640 [ 643.471912][T15741] should_failslab+0xc2/0x120 [ 643.471935][T15741] __kmalloc_cache_noprof+0x6a/0x3e0 [ 643.471968][T15741] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 643.472000][T15741] nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 643.472028][T15741] notifier_call_chain+0xbc/0x410 [ 643.472061][T15741] ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10 [ 643.472094][T15741] blocking_notifier_call_chain+0x69/0xa0 [ 643.472128][T15741] netlink_release+0x186b/0x2020 [ 643.472158][T15741] ? netlink_release+0x1de/0x2020 [ 643.472184][T15741] ? __pfx_netlink_release+0x10/0x10 [ 643.472211][T15741] ? __pfx_locks_remove_file+0x10/0x10 [ 643.472242][T15741] __sock_release+0xb3/0x270 [ 643.472282][T15741] ? __pfx_sock_close+0x10/0x10 [ 643.472317][T15741] sock_close+0x1c/0x30 [ 643.472352][T15741] __fput+0x402/0xb70 [ 643.472391][T15741] task_work_run+0x150/0x240 [ 643.472430][T15741] ? __pfx_task_work_run+0x10/0x10 [ 643.472469][T15741] ? __pfx___do_sys_close_range+0x10/0x10 [ 643.472511][T15741] exit_to_user_mode_loop+0xeb/0x110 [ 643.472552][T15741] do_syscall_64+0x3f6/0x490 [ 643.472590][T15741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.472622][T15741] RIP: 0033:0x7fd14958e929 [ 643.472641][T15741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 643.472665][T15741] RSP: 002b:00007fd14a43f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 643.472687][T15741] RAX: 0000000000000000 RBX: 00007fd1497b5fa0 RCX: 00007fd14958e929 [ 643.472703][T15741] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 643.472718][T15741] RBP: 00007fd149610b39 R08: 0000000000000000 R09: 0000000000000000 [ 643.472732][T15741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 643.472751][T15741] R13: 0000000000000000 R14: 00007fd1497b5fa0 R15: 00007ffd13d1e048 [ 643.472781][T15741] [ 644.993775][T15767] netlink: 122 bytes leftover after parsing attributes in process `syz.3.3836'. [ 645.522004][T15780] ima: policy update failed [ 645.546879][ T30] audit: type=1802 audit(4294967508.540:13): pid=15780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3841" res=0 errno=0 [ 647.400080][T15821] netlink: 'syz.0.3856': attribute type 4 has an invalid length. [ 649.491511][T15870] netlink: 'syz.2.3876': attribute type 27 has an invalid length. [ 649.521331][T15870] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3876'. [ 649.766287][T15874] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3877'. [ 651.264784][T15891] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3883'. [ 651.373465][T15893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3884'. [ 651.449532][T15893] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3884'. [ 651.701257][T15898] FAULT_INJECTION: forcing a failure. [ 651.701257][T15898] name failslab, interval 1, probability 0, space 0, times 0 [ 651.807566][T15898] CPU: 1 UID: 0 PID: 15898 Comm: syz.1.3886 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 651.807603][T15898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 651.807618][T15898] Call Trace: [ 651.807626][T15898] [ 651.807635][T15898] dump_stack_lvl+0x16c/0x1f0 [ 651.807676][T15898] should_fail_ex+0x512/0x640 [ 651.807716][T15898] should_failslab+0xc2/0x120 [ 651.807740][T15898] __kmalloc_cache_noprof+0x6a/0x3e0 [ 651.807774][T15898] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 651.807806][T15898] nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 651.807834][T15898] notifier_call_chain+0xbc/0x410 [ 651.807863][T15898] ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10 [ 651.807897][T15898] blocking_notifier_call_chain+0x69/0xa0 [ 651.807931][T15898] netlink_release+0x186b/0x2020 [ 651.807960][T15898] ? netlink_release+0x1de/0x2020 [ 651.807987][T15898] ? __pfx_netlink_release+0x10/0x10 [ 651.808014][T15898] ? __pfx_locks_remove_file+0x10/0x10 [ 651.808045][T15898] __sock_release+0xb3/0x270 [ 651.808085][T15898] ? __pfx_sock_close+0x10/0x10 [ 651.808130][T15898] sock_close+0x1c/0x30 [ 651.808167][T15898] __fput+0x402/0xb70 [ 651.808198][T15898] task_work_run+0x150/0x240 [ 651.808238][T15898] ? __pfx_task_work_run+0x10/0x10 [ 651.808277][T15898] ? __pfx___do_sys_close_range+0x10/0x10 [ 651.808320][T15898] exit_to_user_mode_loop+0xeb/0x110 [ 651.808361][T15898] do_syscall_64+0x3f6/0x490 [ 651.808401][T15898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.808426][T15898] RIP: 0033:0x7f3f0938e929 [ 651.808444][T15898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.808468][T15898] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 651.808490][T15898] RAX: 0000000000000000 RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 651.808505][T15898] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 651.808520][T15898] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 651.808534][T15898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.808548][T15898] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 651.808578][T15898] [ 652.190544][T15900] kvm: kvm [15899]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0xffffffffffffffff [ 652.648834][T15908] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3890'. [ 652.687768][T15908] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3890'. [ 653.968997][T15935] FAULT_INJECTION: forcing a failure. [ 653.968997][T15935] name failslab, interval 1, probability 0, space 0, times 0 [ 654.054615][T15935] CPU: 1 UID: 0 PID: 15935 Comm: syz.1.3899 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 654.054651][T15935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 654.054666][T15935] Call Trace: [ 654.054674][T15935] [ 654.054684][T15935] dump_stack_lvl+0x16c/0x1f0 [ 654.054725][T15935] should_fail_ex+0x512/0x640 [ 654.054760][T15935] ? __kmalloc_noprof+0xbf/0x510 [ 654.054799][T15935] ? vkms_crtc_atomic_check+0x3c5/0x880 [ 654.054829][T15935] should_failslab+0xc2/0x120 [ 654.054851][T15935] __kmalloc_noprof+0xd2/0x510 [ 654.054886][T15935] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 654.054921][T15935] vkms_crtc_atomic_check+0x3c5/0x880 [ 654.054958][T15935] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 654.054987][T15935] drm_atomic_helper_check_planes+0x4dd/0x900 [ 654.055039][T15935] drm_atomic_helper_check+0xae/0x190 [ 654.055079][T15935] vkms_atomic_check+0x1d9/0x250 [ 654.055103][T15935] ? __pfx_vkms_atomic_check+0x10/0x10 [ 654.055130][T15935] drm_atomic_check_only+0x19ca/0x3130 [ 654.055172][T15935] drm_atomic_commit+0x136/0x300 [ 654.055198][T15935] ? __pfx_drm_atomic_commit+0x10/0x10 [ 654.055224][T15935] ? __pfx___drm_printfn_info+0x10/0x10 [ 654.055260][T15935] ? drm_client_rotation+0x4da/0x6a0 [ 654.055290][T15935] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 654.055327][T15935] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 654.055385][T15935] drm_client_modeset_commit_locked+0x14d/0x580 [ 654.055417][T15935] drm_client_modeset_commit+0x4f/0x80 [ 654.055444][T15935] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 654.055487][T15935] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 654.055521][T15935] drm_fbdev_client_restore+0x2c/0x40 [ 654.055554][T15935] drm_client_dev_restore+0x1f3/0x2a0 [ 654.055585][T15935] drm_release+0x2c4/0x360 [ 654.055610][T15935] ? __pfx_drm_release+0x10/0x10 [ 654.055631][T15935] __fput+0x402/0xb70 [ 654.055662][T15935] task_work_run+0x150/0x240 [ 654.055701][T15935] ? __pfx_task_work_run+0x10/0x10 [ 654.055739][T15935] ? __pfx___do_sys_close_range+0x10/0x10 [ 654.055784][T15935] exit_to_user_mode_loop+0xeb/0x110 [ 654.055826][T15935] do_syscall_64+0x3f6/0x490 [ 654.055865][T15935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.055889][T15935] RIP: 0033:0x7f3f0938e929 [ 654.055908][T15935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.055933][T15935] RSP: 002b:00007f3f0a14c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 654.055955][T15935] RAX: 0000000000000000 RBX: 00007f3f095b5fa0 RCX: 00007f3f0938e929 [ 654.055970][T15935] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 654.055985][T15935] RBP: 00007f3f09410b39 R08: 0000000000000000 R09: 0000000000000000 [ 654.055999][T15935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 654.056019][T15935] R13: 0000000000000000 R14: 00007f3f095b5fa0 R15: 00007ffcbeefe9a8 [ 654.056049][T15935] [ 654.960308][T15941] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3902'. [ 655.428907][T15949] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3906'. [ 655.467699][T15949] IPv6: NLM_F_CREATE should be specified when creating new route [ 655.997973][T15958] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3910'. [ 657.287011][T15979] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3917'. [ 658.196467][T15997] netlink: 'syz.2.3925': attribute type 4 has an invalid length. [ 658.444087][T16000] udevd[16000]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Exec format error [ 658.578073][T16004] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3926'. [ 660.184219][T16019] Process accounting paused [ 660.405812][T16031] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 660.405812][T16031] program syz.2.3937 not setting count and/or reply_len properly [ 660.455649][T16028] kvm: kvm [16027]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0xffffffffffffffff [ 660.502852][T16031] ================================================================== [ 660.502869][T16031] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0 [ 660.502905][T16031] Write of size 8 at addr ffffc900039e9000 by task syz.2.3937/16031 [ 660.502926][T16031] [ 660.502937][T16031] CPU: 1 UID: 0 PID: 16031 Comm: syz.2.3937 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 660.502967][T16031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 660.502982][T16031] Call Trace: [ 660.502990][T16031] [ 660.502999][T16031] dump_stack_lvl+0x116/0x1f0 [ 660.503037][T16031] print_report+0xcd/0x680 [ 660.503060][T16031] ? __virt_addr_valid+0x81/0x610 [ 660.503090][T16031] ? sys_fillrect+0x15d4/0x17b0 [ 660.503117][T16031] kasan_report+0xe0/0x110 [ 660.503139][T16031] ? sys_fillrect+0x15d4/0x17b0 [ 660.503170][T16031] sys_fillrect+0x15d4/0x17b0 [ 660.503201][T16031] ? __pfx_sys_fillrect+0x10/0x10 [ 660.503231][T16031] ? __pfx_bit_putcs+0x10/0x10 [ 660.503251][T16031] ? bit_cursor+0xeca/0x17e0 [ 660.503274][T16031] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 660.503307][T16031] bit_clear+0x17d/0x220 [ 660.503328][T16031] ? __pfx_bit_clear+0x10/0x10 [ 660.503349][T16031] ? __pfx___might_resched+0x10/0x10 [ 660.503375][T16031] ? fb_get_color_depth+0x120/0x250 [ 660.503410][T16031] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 660.503449][T16031] ? __pfx_bit_clear+0x10/0x10 [ 660.503469][T16031] __fbcon_clear+0x603/0x780 [ 660.503507][T16031] fbcon_scroll+0x48b/0x690 [ 660.503544][T16031] con_scroll+0x45f/0x690 [ 660.503588][T16031] do_con_write+0x5560/0x8280 [ 660.503619][T16031] ? __pfx_do_con_write+0x10/0x10 [ 660.503648][T16031] con_write+0x23/0xb0 [ 660.503668][T16031] n_tty_write+0x40f/0x1160 [ 660.503701][T16031] ? __pfx_n_tty_write+0x10/0x10 [ 660.503727][T16031] ? rcu_is_watching+0x12/0xc0 [ 660.503753][T16031] ? __pfx_woken_wake_function+0x10/0x10 [ 660.503777][T16031] ? kfree+0x24f/0x4d0 [ 660.503805][T16031] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 660.503845][T16031] ? __pfx_n_tty_write+0x10/0x10 [ 660.503871][T16031] file_tty_write.constprop.0+0x501/0x9b0 [ 660.503914][T16031] redirected_tty_write+0xd4/0x150 [ 660.503952][T16031] vfs_write+0x6c4/0x1150 [ 660.503985][T16031] ? __pfx_redirected_tty_write+0x10/0x10 [ 660.504025][T16031] ? __pfx_vfs_write+0x10/0x10 [ 660.504057][T16031] ? find_held_lock+0x2b/0x80 [ 660.504090][T16031] ksys_write+0x12a/0x250 [ 660.504123][T16031] ? __pfx_ksys_write+0x10/0x10 [ 660.504156][T16031] ? syscall_user_dispatch+0x78/0x140 [ 660.504199][T16031] do_syscall_64+0xcd/0x490 [ 660.504236][T16031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.504260][T16031] RIP: 0033:0x7f1ad5d8e929 [ 660.504280][T16031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.504304][T16031] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 660.504326][T16031] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 660.504342][T16031] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000004 [ 660.504357][T16031] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 660.504372][T16031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.504387][T16031] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 660.504410][T16031] [ 660.504417][T16031] [ 660.504429][T16031] The buggy address ffffc900039e9000 belongs to a vmalloc virtual mapping [ 660.504441][T16031] Memory state around the buggy address: [ 660.504454][T16031] ffffc900039e8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 660.504476][T16031] ffffc900039e8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 660.504494][T16031] >ffffc900039e9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 660.504507][T16031] ^ [ 660.504519][T16031] ffffc900039e9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 660.504536][T16031] ffffc900039e9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 660.504550][T16031] ================================================================== [ 660.504563][T16031] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 660.504578][T16031] CPU: 1 UID: 0 PID: 16031 Comm: syz.2.3937 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) [ 660.504616][T16031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 660.504631][T16031] Call Trace: [ 660.504638][T16031] [ 660.504647][T16031] dump_stack_lvl+0x3d/0x1f0 [ 660.504682][T16031] panic+0x71c/0x800 [ 660.504716][T16031] ? __pfx_panic+0x10/0x10 [ 660.504753][T16031] ? __pfx__printk+0x10/0x10 [ 660.504785][T16031] ? rcu_is_watching+0x12/0xc0 [ 660.504815][T16031] ? sys_fillrect+0x15d4/0x17b0 [ 660.504843][T16031] check_panic_on_warn+0xab/0xb0 [ 660.504879][T16031] end_report+0x107/0x170 [ 660.504900][T16031] kasan_report+0xee/0x110 [ 660.504922][T16031] ? sys_fillrect+0x15d4/0x17b0 [ 660.504953][T16031] sys_fillrect+0x15d4/0x17b0 [ 660.504985][T16031] ? __pfx_sys_fillrect+0x10/0x10 [ 660.505018][T16031] ? __pfx_bit_putcs+0x10/0x10 [ 660.505038][T16031] ? bit_cursor+0xeca/0x17e0 [ 660.505062][T16031] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 660.505095][T16031] bit_clear+0x17d/0x220 [ 660.505116][T16031] ? __pfx_bit_clear+0x10/0x10 [ 660.505137][T16031] ? __pfx___might_resched+0x10/0x10 [ 660.505163][T16031] ? fb_get_color_depth+0x120/0x250 [ 660.505199][T16031] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 660.505238][T16031] ? __pfx_bit_clear+0x10/0x10 [ 660.505258][T16031] __fbcon_clear+0x603/0x780 [ 660.505297][T16031] fbcon_scroll+0x48b/0x690 [ 660.505334][T16031] con_scroll+0x45f/0x690 [ 660.505372][T16031] do_con_write+0x5560/0x8280 [ 660.505403][T16031] ? __pfx_do_con_write+0x10/0x10 [ 660.505431][T16031] con_write+0x23/0xb0 [ 660.505452][T16031] n_tty_write+0x40f/0x1160 [ 660.505484][T16031] ? __pfx_n_tty_write+0x10/0x10 [ 660.505511][T16031] ? rcu_is_watching+0x12/0xc0 [ 660.505535][T16031] ? __pfx_woken_wake_function+0x10/0x10 [ 660.505560][T16031] ? kfree+0x24f/0x4d0 [ 660.505595][T16031] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 660.505635][T16031] ? __pfx_n_tty_write+0x10/0x10 [ 660.505663][T16031] file_tty_write.constprop.0+0x501/0x9b0 [ 660.505706][T16031] redirected_tty_write+0xd4/0x150 [ 660.505745][T16031] vfs_write+0x6c4/0x1150 [ 660.505778][T16031] ? __pfx_redirected_tty_write+0x10/0x10 [ 660.505818][T16031] ? __pfx_vfs_write+0x10/0x10 [ 660.505851][T16031] ? find_held_lock+0x2b/0x80 [ 660.505884][T16031] ksys_write+0x12a/0x250 [ 660.505917][T16031] ? __pfx_ksys_write+0x10/0x10 [ 660.505950][T16031] ? syscall_user_dispatch+0x78/0x140 [ 660.505993][T16031] do_syscall_64+0xcd/0x490 [ 660.506030][T16031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.506054][T16031] RIP: 0033:0x7f1ad5d8e929 [ 660.506071][T16031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.506095][T16031] RSP: 002b:00007f1ad6b42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 660.506118][T16031] RAX: ffffffffffffffda RBX: 00007f1ad5fb5fa0 RCX: 00007f1ad5d8e929 [ 660.506134][T16031] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000004 [ 660.506150][T16031] RBP: 00007f1ad5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 660.506165][T16031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.506180][T16031] R13: 0000000000000000 R14: 00007f1ad5fb5fa0 R15: 00007ffeaf460af8 [ 660.506203][T16031] [ 660.506271][T16031] Kernel Offset: disabled