last executing test programs: 11.258575477s ago: executing program 3 (id=1909): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r0, 0x80184132, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) ioctl$auto_BLKRRPART(r2, 0x125f, 0x700000000000000) open(0x0, 0x161342, 0x100) open(0x0, 0xeee00, 0x31) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cec23\x00', 0x4700, 0x0) socket(0x21, 0x2, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xffffffffffffc318, 0x948b, 0x3, 0x15f4da06, 0x3, 0x40000003, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) socket(0x1, 0x1, 0x6) socket(0xa, 0x800, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) 9.904159854s ago: executing program 3 (id=1913): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0) sendfile$auto(r3, r2, 0x0, 0x48) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r4, 0x0, 0xfff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r5 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r5, 0x43403d05, 0x0) madvise$auto(0x0, 0x53, 0x9) 8.320330256s ago: executing program 2 (id=1917): socket(0x2, 0x800, 0x0) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) socket(0xf, 0x3, 0x2) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vidtv.0/i2c-0/0-0060/modalias\x00', 0x80000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)=""/53, 0x35) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x3ff, 0x1, 0x0, 0x1e) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) mmap$auto(0x2000000004, 0x400008, 0xdf, 0x20c2417c, 0xffffffffffffffff, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) select$auto(0x0, &(0x7f0000000140)={[0x8, 0x5, 0xfffffffffffff801, 0x80000000, 0xf47, 0x8, 0x1, 0x1, 0x3, 0x100000001, 0x5b, 0x3ff, 0x2, 0x100000001, 0x9, 0x2]}, &(0x7f0000000240)={[0x3, 0x5, 0xf1d6, 0xfff, 0x8e, 0x2, 0x1, 0x100, 0x7, 0x1, 0x8, 0x6, 0x3ff, 0x6, 0x9, 0x4]}, 0x0, &(0x7f00000000c0)={0x6, 0x8000}) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) 8.319749881s ago: executing program 0 (id=1925): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x1000000, 0x40009, 0x8e0, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0x1000df, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) madvise$auto(0x110c230000, 0x1, 0x9) ioctl$auto(0x3, 0x9, 0xfffffffffffff4e0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)={0x98, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x83, 0xbd, "532eba8356128d9cd9f7e9a0c117c9254eda0973ce1c5fe78468806d570000000000400020d8984960921db3cf81dffdafa5731e381ccdfa42c3ffbbb88d1f640797e3e7bcb9cd48e864ac6e6ef6a8a08678b4e99763177e3b7b8eca0c7aef8fa304bad88881a9092752bd91695e1387bdc8f61a450f3a90ec8d8113a13c19"}]}, 0x98}, 0x1, 0x0, 0x0, 0x804}, 0x4080) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) socket(0x2, 0x5, 0x0) 8.122889274s ago: executing program 3 (id=1919): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r0 = epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) r1 = openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) close_range$auto(r0, r1, 0x1) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 6.652473977s ago: executing program 1 (id=1920): set_mempolicy$auto(0x6, 0x0, 0x4) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) getrandom$auto(0x0, 0xe06, 0x3) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(r1, 0x3, 0x0, 0xc03) setreuid$auto(0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) writev$auto(0x1, 0x0, 0x1) listen$auto(0xffffffffffffffff, 0x5ed) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r3, 0x0, 0x1) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/version\x00', 0x48041, 0x0) write$auto(r4, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0xa0000001) pwrite64$auto(0xffffffffffffffff, 0x0, 0x2, 0x0) 6.485668183s ago: executing program 2 (id=1921): set_mempolicy$auto(0x6, 0x0, 0x4) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) getrandom$auto(0x0, 0xe06, 0x3) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(r1, 0x3, 0x0, 0xc03) setreuid$auto(0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) writev$auto(0x1, 0x0, 0x1) listen$auto(0xffffffffffffffff, 0x5ed) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r3, 0x0, 0x1) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/version\x00', 0x48041, 0x0) write$auto(r4, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0xa0000001) pwrite64$auto(0xffffffffffffffff, 0x0, 0x2, 0x0) 6.271650799s ago: executing program 1 (id=1922): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x8, 0x2, 0xfffffffd) r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r2, 0x0, 0x67) r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, 0x0, 0x8000) socket(0xa, 0x5, 0x8) unshare$auto(0x40000080) listmount$auto(&(0x7f0000000040)={0xffffffff, @inferred=r1, 0x0, 0x7f, 0x6}, &(0x7f00000000c0)=0xffffffff, 0x10001, 0x9d) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x2, 0x1, 0x0) 5.427613254s ago: executing program 3 (id=1923): socket(0x11, 0x80003, 0x300) rt_sigqueueinfo$auto(0x0, 0xc74, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x3, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) syz_clone3(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) 5.425798054s ago: executing program 2 (id=1924): mmap$auto(0x5, 0xfffffffffffffffc, 0x5, 0x13, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) ioctl$auto_UI_SET_LEDBIT(r0, 0x40045569, &(0x7f00000003c0)=0x698d) socket(0x28, 0x801, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) socket(0x1e, 0x1, 0x0) socket(0x6, 0x2, 0x2) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xffff, 0x0, 0x0, &(0x7f0000000100)={[0x8, 0x6, 0x1, 0xfffff7fffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8001, 0x26, 0x1, 0x20000000007fff, 0x2, 0x6]}, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x110c230000, 0x8031ca, 0x9) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0) r2 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x800) getpriority$auto_PRIO_USER(0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x8, 0x10, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x1, 0x104, 0x6, 0x3}, {0x100, 0x101, 0x52, 0x6, 0x2, 0x1a7b870a, 0x76c3, 0x9, 0xfffffffd}}) 4.555624337s ago: executing program 0 (id=1926): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/idVendor\x00', 0x80000, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd11/queue/iostats_passthrough\x00', 0x2a001, 0x0) write$auto(r2, &(0x7f0000000040)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0) 4.110476528s ago: executing program 1 (id=1927): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000180)=""/68, 0x44) syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r1) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r1, 0x0, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0603d06, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) ioctl$auto(r1, 0x57, r0) getgid() mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = getpid() openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) fsopen$auto(0x0, 0x1) 3.879052699s ago: executing program 2 (id=1928): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) inotify_init1$auto(0x3000000000000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/arch_status\x00', 0x100382, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x141a41, 0x0) socket(0x10, 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20000, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) r0 = io_uring_setup$auto(0x4, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r1) 3.457951797s ago: executing program 2 (id=1929): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) socket(0x1a, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r2, 0x0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000600)='/dev/audio1\x00', 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) ioctl$auto_UI_SET_LEDBIT(r3, 0x40045569, &(0x7f00000003c0)=0x698d) 3.246656069s ago: executing program 0 (id=1930): set_mempolicy$auto(0x6, 0x0, 0x4) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) getrandom$auto(0x0, 0xe06, 0x3) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(r1, 0x3, 0x0, 0xc03) setreuid$auto(0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) writev$auto(0x1, 0x0, 0x1) listen$auto(0xffffffffffffffff, 0x5ed) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r3, 0x0, 0x1) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/version\x00', 0x48041, 0x0) write$auto(r4, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0xa0000001) pwrite64$auto(0xffffffffffffffff, 0x0, 0x2, 0x0) 2.893553477s ago: executing program 1 (id=1931): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) capset$auto(&(0x7f0000000340)={0x19980330}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r2, 0x1260, 0x5) 1.844056375s ago: executing program 1 (id=1932): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r0, 0x80184132, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) ioctl$auto_BLKRRPART(r2, 0x125f, 0x700000000000000) open(0x0, 0x161342, 0x100) open(0x0, 0xeee00, 0x31) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cec23\x00', 0x4700, 0x0) socket(0x21, 0x2, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xffffffffffffc318, 0x948b, 0x3, 0x15f4da06, 0x3, 0x40000003, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) socket(0x1, 0x1, 0x6) socket(0xa, 0x800, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) 1.843472597s ago: executing program 2 (id=1933): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pivot_root$auto(0x0, 0x0) open(0x0, 0x7ffd, 0x12) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x7f, 0x82020009, 0x3, 0xeb1, 0xffffffffffffffff, 0xfff) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) pwrite64$auto(r1, 0x0, 0x1, 0x27) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) socket(0x0, 0xc, 0x5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/uvcvideo/parameters/clock\x00', 0x80, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x22a080, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.843319218s ago: executing program 3 (id=1934): prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfff, 0x1, 0x5, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000340)={0x8000000000000001, 0xfffffffffffffffe, 0xfffffffffffffffb, 0xfffffffffffffff8, 0x8, 0xe, 0x3, 0x9, 0x0, 0x200, 0xe223, 0x80000000, 0x2000009, 0x7, 0xfffffffffffffff7}) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x110c230000, 0x8031ca, 0x9) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x8, 0x10, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x6, 0x2, 0x1a7b870a, 0x76c5, 0x9, 0xfffffffd}}) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto_SO_MAX_PACING_RATE(0xffffffffffffffff, 0x2, 0x2f, &(0x7f0000000180)='/proc/self/maps\x00', 0x7) openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0) 1.837670654s ago: executing program 0 (id=1940): set_mempolicy$auto(0x6, 0x0, 0x4) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) getrandom$auto(0x0, 0xe06, 0x3) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(r1, 0x3, 0x0, 0xc03) setreuid$auto(0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) writev$auto(0x1, 0x0, 0x1) listen$auto(0xffffffffffffffff, 0x5ed) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r3, 0x0, 0x1) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/version\x00', 0x48041, 0x0) write$auto(r4, 0x0, 0x6) futex$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0xa0000001) r5 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0) pwrite64$auto(r5, 0x0, 0x2, 0x0) 1.300725689s ago: executing program 0 (id=1935): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x8, 0x2, 0xfffffffd) r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r2, 0x0, 0x67) r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, 0x0, 0x8000) socket(0xa, 0x5, 0x8) unshare$auto(0x40000080) listmount$auto(&(0x7f0000000040)={0xffffffff, @inferred=r1, 0x0, 0x7f, 0x6}, &(0x7f00000000c0)=0xffffffff, 0x10001, 0x9d) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x2, 0x1, 0x0) 774.767379ms ago: executing program 3 (id=1936): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0x6, 0x80000, 0x800) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x800, &(0x7f0000000500)={[0x7, 0x80000001, 0x8, 0x7, 0x2, 0x4, 0x155, 0x8, 0x6, 0x5, 0x7, 0x5, 0x9ad, 0x3, 0x8, 0x6]}, &(0x7f0000000580)={[0x3, 0x3ff, 0x101, 0x5, 0x8, 0x40, 0xb7, 0x6e6, 0x9, 0x3ff, 0x1ff, 0x4, 0x4, 0x7, 0x3, 0x7]}, &(0x7f0000000600)={[0x6, 0x0, 0x0, 0x4, 0x282, 0xb1, 0x8, 0x8, 0xfffffffffffffff9, 0x9, 0xfffffffffffffffc, 0x3, 0x3, 0x9f5, 0x0, 0x111]}, &(0x7f0000000340)={0x10000, 0x4}) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1d, 0x2, 0x7) sendto$auto(r4, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, 0x0, 0x3f}, 0x36) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="d47b1cab1fd31e0d040047f1", @ANYRES16=r1, @ANYBLOB="000426bd7000fddbdf25060000000c001100657468746f6f6c000800060002000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x440440d4) r5 = socket(0x10, 0x3, 0x6) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r6, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 36.913144ms ago: executing program 1 (id=1937): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET2(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x102, 0x70bd26, 0x25dfdbfc, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000080}, 0x20040000) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto_FIOQSIZE(0xffffffffffffffff, 0x5460, 0x2) socket(0x1e, 0x1, 0x388b) getpid() r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_LINK(r1, 0x40044160, 0x0) mlockall$auto(0x5) rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, 0x0, 0x8) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto_TIOCSWINSZ2(r2, 0x5414, &(0x7f0000000040)) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket(0x11, 0xa, 0x300) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000280)=""/4096, 0x1000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) 0s ago: executing program 0 (id=1938): openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x68a80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x100000000, 0x2020007, 0x2000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0x4fffffdf2) unshare$auto(0x40000080) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff49, 0x5, 0x1823, 0x800000000004, 0x1, 0x5, 0x19, 0x10, 0x5, 0x2dde, 0x8, 0xfffffffffffffffa, 0xab, 0x0, 0x1]}, &(0x7f0000000040)={0x0, 0x7}) fcntl$auto(0xffffffffffffffff, 0x400, 0x1) unshare$auto(0x40000080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/can/rcvlist_err\x00', 0x4000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) writev$auto(0xffffffffffffffff, 0x0, 0x9) fcntl$auto(0xffffffffffffffff, 0x400, 0x1) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xa02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r1, 0x0, 0x400018) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0603d0f, 0x0) kernel console output (not intermixed with test programs): 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.851218][ T6916] RSP: 002b:00007f248101d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 170.851238][ T6916] RAX: ffffffffffffffda RBX: 00007f24803b5fa0 RCX: 00007f248018e929 [ 170.851253][ T6916] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 170.851267][ T6916] RBP: 00007f2480210b39 R08: 0000000000000000 R09: 0000000000000000 [ 170.851280][ T6916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.851293][ T6916] R13: 0000000000000000 R14: 00007f24803b5fa0 R15: 00007ffce62fe658 [ 170.851320][ T6916] [ 170.875578][ T6910] CPU: 1 UID: 0 PID: 6910 Comm: syz.0.198 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 170.875628][ T6910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 170.875649][ T6910] Call Trace: [ 170.875660][ T6910] [ 170.875674][ T6910] dump_stack_lvl+0x16c/0x1f0 [ 170.875743][ T6910] should_fail_ex+0x512/0x640 [ 170.875795][ T6910] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 170.875849][ T6910] should_failslab+0xc2/0x120 [ 170.875882][ T6910] __kmalloc_cache_noprof+0x6a/0x3e0 [ 170.875930][ T6910] ? __io_uring_add_tctx_node+0x132/0x500 [ 170.875971][ T6910] __io_uring_add_tctx_node+0x132/0x500 [ 170.876007][ T6910] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 170.876043][ T6910] ? __anon_inode_getfile+0x18b/0x3a0 [ 170.876102][ T6910] io_uring_setup+0x1579/0x2080 [ 170.876153][ T6910] ? __pfx_io_uring_setup+0x10/0x10 [ 170.876230][ T6910] ? xfd_validate_state+0x61/0x180 [ 170.876306][ T6910] __x64_sys_io_uring_setup+0xc2/0x170 [ 170.876357][ T6910] do_syscall_64+0xcd/0x490 [ 170.876423][ T6910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.876460][ T6910] RIP: 0033:0x7f1355d8e929 [ 170.876488][ T6910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.876523][ T6910] RSP: 002b:00007f1356b66038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 170.876558][ T6910] RAX: ffffffffffffffda RBX: 00007f1355fb6080 RCX: 00007f1355d8e929 [ 170.876581][ T6910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 170.876603][ T6910] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 170.876625][ T6910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.876646][ T6910] R13: 0000000000000000 R14: 00007f1355fb6080 R15: 00007ffd193a1978 [ 170.876687][ T6910] [ 173.527255][ T6912] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 173.536330][ T6912] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.678264][ T6912] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.821352][ T6912] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 174.728312][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.392136][ T6974] Invalid ELF header magic: != ELF [ 175.587313][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 175.758212][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.826492][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 178.891768][ T7037] Invalid ELF header magic: != ELF [ 178.966177][ T7042] FAULT_INJECTION: forcing a failure. [ 178.966177][ T7042] name failslab, interval 1, probability 0, space 0, times 0 [ 178.979162][ T7042] CPU: 1 UID: 0 PID: 7042 Comm: syz.1.228 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 178.979203][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.979222][ T7042] Call Trace: [ 178.979232][ T7042] [ 178.979243][ T7042] dump_stack_lvl+0x16c/0x1f0 [ 178.979301][ T7042] should_fail_ex+0x512/0x640 [ 178.979347][ T7042] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 178.979402][ T7042] should_failslab+0xc2/0x120 [ 178.979434][ T7042] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 178.979493][ T7042] ? security_file_alloc+0x34/0x2b0 [ 178.979543][ T7042] security_file_alloc+0x34/0x2b0 [ 178.979586][ T7042] init_file+0x93/0x4c0 [ 178.979619][ T7042] alloc_empty_file+0x73/0x1e0 [ 178.979656][ T7042] alloc_file_pseudo+0x13a/0x230 [ 178.979694][ T7042] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 178.979742][ T7042] __anon_inode_getfile+0xf7/0x3a0 [ 178.979797][ T7042] io_uring_setup+0x154d/0x2080 [ 178.979845][ T7042] ? __pfx_io_uring_setup+0x10/0x10 [ 178.979919][ T7042] ? xfd_validate_state+0x61/0x180 [ 178.979972][ T7042] __x64_sys_io_uring_setup+0xc2/0x170 [ 178.980017][ T7042] do_syscall_64+0xcd/0x490 [ 178.980073][ T7042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.980106][ T7042] RIP: 0033:0x7f6caef8e929 [ 178.980132][ T7042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.980163][ T7042] RSP: 002b:00007f6cafdc3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 178.980193][ T7042] RAX: ffffffffffffffda RBX: 00007f6caf1b6080 RCX: 00007f6caef8e929 [ 178.980215][ T7042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 178.980234][ T7042] RBP: 00007f6caf010b39 R08: 0000000000000000 R09: 0000000000000000 [ 178.980253][ T7042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.980272][ T7042] R13: 0000000000000000 R14: 00007f6caf1b6080 R15: 00007fff6414c6b8 [ 178.980314][ T7042] [ 179.313124][ T7030] kafs: addr_prefs: Invalid Command [ 182.119592][ T7081] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 182.119592][ T7081] M' is too long [ 182.150052][ T7081] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 182.150052][ T7081] W ' is too long [ 183.949365][ T7078] kexec: Could not allocate control_code_buffer [ 184.738448][ T7103] random: crng reseeded on system resumption [ 187.024741][ T7134] Invalid ELF header magic: != ELF [ 189.514453][ T7177] bridge0: port 3(batadv0) entered blocking state [ 189.521183][ T7177] bridge0: port 3(batadv0) entered disabled state [ 189.527890][ T7177] batadv0: entered allmulticast mode [ 189.534973][ T7177] batadv0: entered promiscuous mode [ 189.551670][ T7177] bridge0: port 3(batadv0) entered blocking state [ 189.558636][ T7177] bridge0: port 3(batadv0) entered forwarding state [ 189.699654][ T7182] FAULT_INJECTION: forcing a failure. [ 189.699654][ T7182] name failslab, interval 1, probability 0, space 0, times 0 [ 189.725994][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: syz.1.254 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 189.726038][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 189.726061][ T7182] Call Trace: [ 189.726072][ T7182] [ 189.726088][ T7182] dump_stack_lvl+0x16c/0x1f0 [ 189.726145][ T7182] should_fail_ex+0x512/0x640 [ 189.726191][ T7182] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 189.726246][ T7182] should_failslab+0xc2/0x120 [ 189.726278][ T7182] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 189.726328][ T7182] ? lockdep_init_map_type+0x5c/0x280 [ 189.726376][ T7182] ? seq_open+0x55/0x170 [ 189.726415][ T7182] seq_open+0x55/0x170 [ 189.726449][ T7182] kernfs_fop_open+0x59f/0xda0 [ 189.726485][ T7182] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 189.726545][ T7182] do_dentry_open+0x741/0x1c10 [ 189.726607][ T7182] ? __pfx_kernfs_fop_open+0x10/0x10 [ 189.726649][ T7182] vfs_open+0x82/0x3f0 [ 189.726689][ T7182] path_openat+0x1de4/0x2cb0 [ 189.726749][ T7182] ? __pfx_path_openat+0x10/0x10 [ 189.726817][ T7182] ? __lock_acquire+0xb8a/0x1c90 [ 189.726865][ T7182] do_filp_open+0x20b/0x470 [ 189.726925][ T7182] ? __pfx_do_filp_open+0x10/0x10 [ 189.726998][ T7182] ? alloc_fd+0x471/0x7d0 [ 189.727052][ T7182] do_sys_openat2+0x11b/0x1d0 [ 189.727088][ T7182] ? __pfx_do_sys_openat2+0x10/0x10 [ 189.727158][ T7182] __x64_sys_openat+0x174/0x210 [ 189.727196][ T7182] ? __pfx___x64_sys_openat+0x10/0x10 [ 189.727251][ T7182] do_syscall_64+0xcd/0x490 [ 189.727307][ T7182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.727340][ T7182] RIP: 0033:0x7f6caef8e929 [ 189.727368][ T7182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.727399][ T7182] RSP: 002b:00007f6cafde4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 189.727430][ T7182] RAX: ffffffffffffffda RBX: 00007f6caf1b5fa0 RCX: 00007f6caef8e929 [ 189.727451][ T7182] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 189.727472][ T7182] RBP: 00007f6caf010b39 R08: 0000000000000000 R09: 0000000000000000 [ 189.727491][ T7182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.727510][ T7182] R13: 0000000000000000 R14: 00007f6caf1b5fa0 R15: 00007fff6414c6b8 [ 189.727564][ T7182] [ 189.737117][ T4583] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 189.964521][ T4583] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 192.587569][ T7209] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 192.587569][ T7209] M' is too long [ 192.618674][ T7209] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 192.618674][ T7209] W ' is too long [ 194.175282][ T7237] Invalid ELF header magic: != ELF [ 196.884907][ T7248] kexec: Could not allocate control_code_buffer [ 198.290310][ T7279] random: crng reseeded on system resumption [ 199.073455][ T7295] Invalid ELF header magic: != ELF [ 199.123101][ T7297] bridge0: port 3(batadv0) entered blocking state [ 199.131313][ T7297] bridge0: port 3(batadv0) entered disabled state [ 199.138253][ T7297] batadv0: entered allmulticast mode [ 199.145318][ T7297] batadv0: entered promiscuous mode [ 199.167224][ T7297] bridge0: port 3(batadv0) entered blocking state [ 199.173895][ T7297] bridge0: port 3(batadv0) entered forwarding state [ 199.192726][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.202850][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.301335][ T152] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 199.310756][ T152] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 199.652948][ T7311] Invalid ELF header magic: != ELF [ 200.891890][ T7316] kexec: Could not allocate control_code_buffer [ 201.554686][ T7342] random: crng reseeded on system resumption [ 205.167215][ T7382] Invalid ELF header magic: != ELF [ 205.208793][ T7385] bridge0: port 3(batadv0) entered blocking state [ 205.226900][ T7385] bridge0: port 3(batadv0) entered disabled state [ 205.233661][ T7385] batadv0: entered allmulticast mode [ 205.248361][ T7385] batadv0: entered promiscuous mode [ 205.267366][ T7385] bridge0: port 3(batadv0) entered blocking state [ 205.274865][ T7385] bridge0: port 3(batadv0) entered forwarding state [ 205.559451][ T2911] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 205.568836][ T2911] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 208.918626][ T7431] Invalid ELF header magic: != ELF [ 209.361330][ T7427] random: crng reseeded on system resumption [ 213.025547][ T7475] random: crng reseeded on system resumption [ 216.727405][ T7509] Invalid ELF header magic: != ELF [ 217.870517][ T7520] netlink: 48 bytes leftover after parsing attributes in process `syz.0.322'. [ 218.134281][ T7525] ======================================================= [ 218.134281][ T7525] WARNING: The mand mount option has been deprecated and [ 218.134281][ T7525] and is ignored by this kernel. Remove the mand [ 218.134281][ T7525] option from the mount to silence this warning. [ 218.134281][ T7525] ======================================================= [ 223.135167][ T7597] netlink: 48 bytes leftover after parsing attributes in process `syz.1.337'. [ 224.206517][ T7588] random: crng reseeded on system resumption [ 231.674171][ T7701] Invalid ELF header magic: != ELF [ 232.828526][ T7713] Invalid ELF header magic: != ELF [ 233.992278][ T7731] netlink: 48 bytes leftover after parsing attributes in process `syz.2.364'. [ 239.330837][ T7799] netlink: 48 bytes leftover after parsing attributes in process `syz.2.378'. [ 240.751752][ T7805] netlink: 28 bytes leftover after parsing attributes in process `syz.3.380'. [ 240.765715][ T7805] veth1_macvtap: left promiscuous mode [ 243.051751][ T30] audit: type=1804 audit(1750701910.670:4): pid=7843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.388" name="/newroot/92/file0" dev="tmpfs" ino=497 res=1 errno=0 [ 243.116486][ T30] audit: type=1800 audit(1750701910.670:5): pid=7843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.388" name="file0" dev="tmpfs" ino=497 res=0 errno=0 [ 245.208230][ T7857] netlink: 28 bytes leftover after parsing attributes in process `syz.0.394'. [ 245.402828][ T7857] veth1_macvtap: left promiscuous mode [ 246.023022][ T7874] hub 8-0:1.0: USB hub found [ 246.032051][ T7874] hub 8-0:1.0: 1 port detected [ 248.336691][ T30] audit: type=1804 audit(1750701915.940:6): pid=7909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.403" name="/newroot/102/file0" dev="tmpfs" ino=551 res=1 errno=0 [ 248.398109][ T30] audit: type=1800 audit(1750701915.940:7): pid=7909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.403" name="file0" dev="tmpfs" ino=551 res=0 errno=0 [ 252.418383][ T7961] Invalid ELF header magic: != ELF [ 253.730492][ T7975] Console: switching to colour VGA+ 80x25 [ 254.059436][ T7972] Console: switching to colour frame buffer device 128x48 [ 257.382117][ T8022] [ 258.214095][ T8037] random: crng reseeded on system resumption [ 259.794540][ T8037] Restarting kernel threads ... [ 259.812773][ T8037] Done restarting kernel threads. [ 260.630764][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.637275][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.794595][ T8077] FAULT_INJECTION: forcing a failure. [ 262.794595][ T8077] name failslab, interval 1, probability 0, space 0, times 0 [ 262.827754][ T8077] CPU: 0 UID: 0 PID: 8077 Comm: syz.2.433 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 262.827811][ T8077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 262.827830][ T8077] Call Trace: [ 262.827842][ T8077] [ 262.827853][ T8077] dump_stack_lvl+0x16c/0x1f0 [ 262.827908][ T8077] should_fail_ex+0x512/0x640 [ 262.827954][ T8077] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 262.828012][ T8077] should_failslab+0xc2/0x120 [ 262.828042][ T8077] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 262.828092][ T8077] ? seq_open+0x55/0x170 [ 262.828130][ T8077] ? __pfx_snd_info_seq_show+0x10/0x10 [ 262.828160][ T8077] seq_open+0x55/0x170 [ 262.828191][ T8077] ? __pfx_snd_info_seq_show+0x10/0x10 [ 262.828221][ T8077] single_open+0xfc/0x1f0 [ 262.828255][ T8077] snd_info_text_entry_open+0x175/0x2a0 [ 262.828291][ T8077] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 262.828324][ T8077] ? trace_kmem_cache_alloc+0x28/0xc0 [ 262.828356][ T8077] ? __pfx_apparmor_file_open+0x10/0x10 [ 262.828396][ T8077] ? proc_reg_open+0x21d/0x610 [ 262.828441][ T8077] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 262.828475][ T8077] proc_reg_open+0x289/0x610 [ 262.828524][ T8077] do_dentry_open+0x741/0x1c10 [ 262.828571][ T8077] ? __pfx_proc_reg_open+0x10/0x10 [ 262.828624][ T8077] vfs_open+0x82/0x3f0 [ 262.828662][ T8077] path_openat+0x1de4/0x2cb0 [ 262.828724][ T8077] ? __pfx_path_openat+0x10/0x10 [ 262.828772][ T8077] ? __lock_acquire+0xb8a/0x1c90 [ 262.828826][ T8077] do_filp_open+0x20b/0x470 [ 262.828872][ T8077] ? __pfx_do_filp_open+0x10/0x10 [ 262.828948][ T8077] ? alloc_fd+0x471/0x7d0 [ 262.829001][ T8077] do_sys_openat2+0x11b/0x1d0 [ 262.829034][ T8077] ? __pfx_do_sys_openat2+0x10/0x10 [ 262.829085][ T8077] __x64_sys_openat+0x174/0x210 [ 262.829122][ T8077] ? __pfx___x64_sys_openat+0x10/0x10 [ 262.829175][ T8077] do_syscall_64+0xcd/0x490 [ 262.829229][ T8077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.829261][ T8077] RIP: 0033:0x7f248018e929 [ 262.829288][ T8077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 262.829317][ T8077] RSP: 002b:00007f2480ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 262.829345][ T8077] RAX: ffffffffffffffda RBX: 00007f24803b6080 RCX: 00007f248018e929 [ 262.829364][ T8077] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 262.829382][ T8077] RBP: 00007f2480210b39 R08: 0000000000000000 R09: 0000000000000000 [ 262.829400][ T8077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 262.829418][ T8077] R13: 0000000000000000 R14: 00007f24803b6080 R15: 00007ffce62fe658 [ 262.829457][ T8077] [ 265.568823][ T8123] netlink: 94 bytes leftover after parsing attributes in process `syz.0.439'. [ 268.326443][ T8132] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[8132] [ 268.388512][ T5839] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 269.783767][ T8164] random: crng reseeded on system resumption [ 272.765617][ T8186] syz.3.450 (8186) used greatest stack depth: 19800 bytes left [ 273.786245][ T8205] FAULT_INJECTION: forcing a failure. [ 273.786245][ T8205] name failslab, interval 1, probability 0, space 0, times 0 [ 273.828924][ T8205] CPU: 0 UID: 0 PID: 8205 Comm: syz.3.454 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 273.828968][ T8205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 273.828987][ T8205] Call Trace: [ 273.828997][ T8205] [ 273.829009][ T8205] dump_stack_lvl+0x16c/0x1f0 [ 273.829066][ T8205] should_fail_ex+0x512/0x640 [ 273.829113][ T8205] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 273.829166][ T8205] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 273.829199][ T8205] should_failslab+0xc2/0x120 [ 273.829231][ T8205] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 273.829281][ T8205] ? mempool_init_node+0x320/0x760 [ 273.829321][ T8205] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 273.829356][ T8205] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 273.829399][ T8205] mempool_init_node+0x320/0x760 [ 273.829447][ T8205] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 273.829480][ T8205] ? __pfx_mempool_free_slab+0x10/0x10 [ 273.829529][ T8205] mempool_init_noprof+0x3a/0x50 [ 273.829570][ T8205] bioset_init+0x37a/0x880 [ 273.829604][ T8205] ? __pfx_bioset_init+0x10/0x10 [ 273.829651][ T8205] __alloc_disk_node+0x83/0x630 [ 273.829704][ T8205] __blk_mq_alloc_disk+0x89/0x120 [ 273.829751][ T8205] nbd_dev_add+0x4a0/0xbc0 [ 273.829799][ T8205] ? __pfx_nbd_dev_add+0x10/0x10 [ 273.829870][ T8205] ? bpf_lsm_capable+0x9/0x10 [ 273.829910][ T8205] ? __radix_tree_lookup+0x21f/0x2c0 [ 273.829963][ T8205] nbd_genl_connect+0x8b0/0x1c20 [ 273.830019][ T8205] ? __pfx_nbd_genl_connect+0x10/0x10 [ 273.830070][ T8205] ? __nla_parse+0x40/0x60 [ 273.830106][ T8205] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 273.830150][ T8205] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 273.830202][ T8205] genl_family_rcv_msg_doit+0x206/0x2f0 [ 273.830245][ T8205] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 273.830286][ T8205] ? genl_get_cmd+0x194/0x580 [ 273.830335][ T8205] ? __radix_tree_lookup+0x21f/0x2c0 [ 273.830393][ T8205] genl_rcv_msg+0x55c/0x800 [ 273.830438][ T8205] ? __pfx_genl_rcv_msg+0x10/0x10 [ 273.830479][ T8205] ? __pfx_nbd_genl_connect+0x10/0x10 [ 273.830543][ T8205] netlink_rcv_skb+0x155/0x420 [ 273.830578][ T8205] ? __pfx_genl_rcv_msg+0x10/0x10 [ 273.830620][ T8205] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 273.830673][ T8205] ? netlink_deliver_tap+0x1ae/0xd30 [ 273.830711][ T8205] genl_rcv+0x28/0x40 [ 273.830745][ T8205] netlink_unicast+0x53a/0x7f0 [ 273.830784][ T8205] ? __pfx_netlink_unicast+0x10/0x10 [ 273.830830][ T8205] netlink_sendmsg+0x8d1/0xdd0 [ 273.830871][ T8205] ? __pfx_netlink_sendmsg+0x10/0x10 [ 273.830922][ T8205] ____sys_sendmsg+0xa95/0xc70 [ 273.830960][ T8205] ? copy_msghdr_from_user+0x10a/0x160 [ 273.831006][ T8205] ? __pfx_____sys_sendmsg+0x10/0x10 [ 273.831054][ T8205] ? __pfx_futex_wake_mark+0x10/0x10 [ 273.831106][ T8205] ___sys_sendmsg+0x134/0x1d0 [ 273.831157][ T8205] ? __pfx____sys_sendmsg+0x10/0x10 [ 273.831201][ T8205] ? __lock_acquire+0x622/0x1c90 [ 273.831294][ T8205] __sys_sendmsg+0x16d/0x220 [ 273.831344][ T8205] ? __pfx___sys_sendmsg+0x10/0x10 [ 273.831397][ T8205] ? __x64_sys_futex+0x1e0/0x4c0 [ 273.831461][ T8205] do_syscall_64+0xcd/0x490 [ 273.831514][ T8205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.831546][ T8205] RIP: 0033:0x7f10f038e929 [ 273.831572][ T8205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.831603][ T8205] RSP: 002b:00007f10f125e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 273.831633][ T8205] RAX: ffffffffffffffda RBX: 00007f10f05b6080 RCX: 00007f10f038e929 [ 273.831653][ T8205] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000005 [ 273.831671][ T8205] RBP: 00007f10f0410b39 R08: 0000000000000000 R09: 0000000000000000 [ 273.831690][ T8205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.831707][ T8205] R13: 0000000000000000 R14: 00007f10f05b6080 R15: 00007ffcecdaf758 [ 273.831746][ T8205] [ 274.512735][ T8205] nbd: failed to add new device [ 280.884669][ T8281] netlink: 24 bytes leftover after parsing attributes in process `syz.2.465'. [ 283.286753][ T8309] FAULT_INJECTION: forcing a failure. [ 283.286753][ T8309] name failslab, interval 1, probability 0, space 0, times 0 [ 283.433424][ T8309] CPU: 0 UID: 0 PID: 8309 Comm: syz.1.474 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 283.433459][ T8309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 283.433473][ T8309] Call Trace: [ 283.433481][ T8309] [ 283.433490][ T8309] dump_stack_lvl+0x16c/0x1f0 [ 283.433532][ T8309] should_fail_ex+0x512/0x640 [ 283.433565][ T8309] ? __kmalloc_noprof+0xbf/0x510 [ 283.433601][ T8309] ? copy_splice_read+0x1a8/0xba0 [ 283.433627][ T8309] should_failslab+0xc2/0x120 [ 283.433648][ T8309] __kmalloc_noprof+0xd2/0x510 [ 283.433699][ T8309] copy_splice_read+0x1a8/0xba0 [ 283.433728][ T8309] ? __pfx_pipe_to_null+0x10/0x10 [ 283.433768][ T8309] ? __pfx_copy_splice_read+0x10/0x10 [ 283.433794][ T8309] ? pipe_unlock+0x4a/0x70 [ 283.433827][ T8309] ? __pfx_splice_from_pipe+0x10/0x10 [ 283.433864][ T8309] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 283.433897][ T8309] ? __pfx_copy_splice_read+0x10/0x10 [ 283.433925][ T8309] do_splice_read+0x285/0x370 [ 283.433956][ T8309] splice_direct_to_actor+0x2a1/0xa30 [ 283.433986][ T8309] ? __pfx_direct_splice_actor+0x10/0x10 [ 283.434021][ T8309] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 283.434058][ T8309] do_splice_direct+0x174/0x240 [ 283.434088][ T8309] ? __pfx_do_splice_direct+0x10/0x10 [ 283.434117][ T8309] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 283.434147][ T8309] ? bpf_lsm_file_permission+0x9/0x10 [ 283.434170][ T8309] ? security_file_permission+0x71/0x210 [ 283.434201][ T8309] ? rw_verify_area+0xcf/0x680 [ 283.434232][ T8309] do_sendfile+0xb06/0xe50 [ 283.434267][ T8309] ? __pfx_do_sendfile+0x10/0x10 [ 283.434301][ T8309] ? __x64_sys_futex+0x1e0/0x4c0 [ 283.434328][ T8309] ? __x64_sys_futex+0x1e9/0x4c0 [ 283.434358][ T8309] __x64_sys_sendfile64+0x1d8/0x220 [ 283.434380][ T8309] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 283.434411][ T8309] do_syscall_64+0xcd/0x490 [ 283.434448][ T8309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.434471][ T8309] RIP: 0033:0x7f6caef8e929 [ 283.434489][ T8309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.434511][ T8309] RSP: 002b:00007f6cafde4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 283.434532][ T8309] RAX: ffffffffffffffda RBX: 00007f6caf1b5fa0 RCX: 00007f6caef8e929 [ 283.434546][ T8309] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007 [ 283.434560][ T8309] RBP: 00007f6caf010b39 R08: 0000000000000000 R09: 0000000000000000 [ 283.434573][ T8309] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 283.434587][ T8309] R13: 0000000000000000 R14: 00007f6caf1b5fa0 R15: 00007fff6414c6b8 [ 283.434615][ T8309] [ 284.597065][ T8327] netlink: 28 bytes leftover after parsing attributes in process `syz.2.477'. [ 284.639394][ T8336] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 284.693923][ T8327] veth1_macvtap: left promiscuous mode [ 289.022130][ T8383] Console: switching to colour VGA+ 80x25 [ 289.317367][ T8381] Console: switching to colour frame buffer device 128x48 [ 289.894799][ T8399] netlink: 28 bytes leftover after parsing attributes in process `syz.1.490'. [ 289.959823][ T8399] veth1_macvtap: left promiscuous mode [ 291.521725][ T8417] hub 8-0:1.0: USB hub found [ 291.527163][ T8417] hub 8-0:1.0: 1 port detected [ 292.993060][ T8438] FAULT_INJECTION: forcing a failure. [ 292.993060][ T8438] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 293.041982][ T8438] CPU: 0 UID: 0 PID: 8438 Comm: syz.0.500 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 293.042032][ T8438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 293.042051][ T8438] Call Trace: [ 293.042062][ T8438] [ 293.042088][ T8438] dump_stack_lvl+0x16c/0x1f0 [ 293.042148][ T8438] should_fail_ex+0x512/0x640 [ 293.042201][ T8438] should_fail_alloc_page+0xe7/0x130 [ 293.042236][ T8438] prepare_alloc_pages+0x3c2/0x610 [ 293.042283][ T8438] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 293.042337][ T8438] ? copy_splice_read+0x1a8/0xba0 [ 293.042376][ T8438] ? stack_trace_save+0x8e/0xc0 [ 293.042411][ T8438] ? __pfx_stack_trace_save+0x10/0x10 [ 293.042446][ T8438] ? stack_depot_save_flags+0x28/0xa40 [ 293.042505][ T8438] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 293.042555][ T8438] ? kasan_save_stack+0x33/0x60 [ 293.042600][ T8438] ? __kasan_kmalloc+0xaa/0xb0 [ 293.042644][ T8438] ? copy_splice_read+0x1a8/0xba0 [ 293.042681][ T8438] ? do_splice_read+0x285/0x370 [ 293.042717][ T8438] ? splice_direct_to_actor+0x2a1/0xa30 [ 293.042754][ T8438] ? do_splice_direct+0x174/0x240 [ 293.042792][ T8438] ? do_sendfile+0xb06/0xe50 [ 293.042832][ T8438] ? __x64_sys_sendfile64+0x1d8/0x220 [ 293.042861][ T8438] ? do_syscall_64+0xcd/0x490 [ 293.042940][ T8438] alloc_pages_bulk_noprof+0x71c/0x1410 [ 293.043005][ T8438] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 293.043065][ T8438] ? trace_kmalloc+0x2b/0xd0 [ 293.043109][ T8438] ? __kmalloc_noprof+0x242/0x510 [ 293.043167][ T8438] copy_splice_read+0x1e1/0xba0 [ 293.043210][ T8438] ? __pfx_pipe_to_null+0x10/0x10 [ 293.043269][ T8438] ? __pfx_copy_splice_read+0x10/0x10 [ 293.043307][ T8438] ? pipe_unlock+0x4a/0x70 [ 293.043355][ T8438] ? __pfx_splice_from_pipe+0x10/0x10 [ 293.043409][ T8438] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 293.043457][ T8438] ? __pfx_copy_splice_read+0x10/0x10 [ 293.043498][ T8438] do_splice_read+0x285/0x370 [ 293.043543][ T8438] splice_direct_to_actor+0x2a1/0xa30 [ 293.043587][ T8438] ? __pfx_direct_splice_actor+0x10/0x10 [ 293.043638][ T8438] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 293.043692][ T8438] do_splice_direct+0x174/0x240 [ 293.043736][ T8438] ? __pfx_do_splice_direct+0x10/0x10 [ 293.043780][ T8438] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 293.043823][ T8438] ? bpf_lsm_file_permission+0x9/0x10 [ 293.043856][ T8438] ? security_file_permission+0x71/0x210 [ 293.043900][ T8438] ? rw_verify_area+0xcf/0x680 [ 293.043945][ T8438] do_sendfile+0xb06/0xe50 [ 293.043996][ T8438] ? __pfx_do_sendfile+0x10/0x10 [ 293.044047][ T8438] ? __x64_sys_futex+0x1e0/0x4c0 [ 293.044094][ T8438] ? __x64_sys_futex+0x1e9/0x4c0 [ 293.044142][ T8438] __x64_sys_sendfile64+0x1d8/0x220 [ 293.044174][ T8438] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 293.044219][ T8438] do_syscall_64+0xcd/0x490 [ 293.044274][ T8438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.044307][ T8438] RIP: 0033:0x7f1355d8e929 [ 293.044334][ T8438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.044366][ T8438] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 293.044398][ T8438] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 293.044419][ T8438] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007 [ 293.044438][ T8438] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 293.044457][ T8438] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 293.044476][ T8438] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 293.044517][ T8438] [ 296.604647][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.515'. [ 302.870128][ T8543] netlink: 28 bytes leftover after parsing attributes in process `syz.2.518'. [ 305.302617][ T8576] Console: switching to colour VGA+ 80x25 [ 305.561736][ T8580] Console: switching to colour frame buffer device 128x48 [ 318.589490][ T8746] Console: switching to colour VGA+ 80x25 [ 318.708024][ T8752] hub 8-0:1.0: USB hub found [ 318.732799][ T8752] hub 8-0:1.0: 1 port detected [ 318.877514][ T8755] Console: switching to colour frame buffer device 128x48 [ 322.076876][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.083299][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.984923][ T8830] Console: switching to colour VGA+ 80x25 [ 324.211108][ T8830] Console: switching to colour frame buffer device 128x48 [ 324.605506][ T8848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.577'. [ 325.402241][ T5838] udevd[5838]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 325.479310][ T8846] ubi: mtd0 is already attached to ubi0 [ 332.272269][ T8929] ubi: mtd0 is already attached to ubi0 [ 333.665630][ T8949] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'. [ 334.465337][ T5838] udevd[5838]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 334.856744][ T8975] Console: switching to colour VGA+ 80x25 [ 335.204886][ T8975] Console: switching to colour frame buffer device 128x48 [ 337.293854][ T8995] ptrace attach of "./syz-executor exec"[5826] was attempted by "./syz-executor exec"[8995] [ 341.691186][ T9052] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 342.251791][ T9055] Console: switching to colour VGA+ 80x25 [ 342.765962][ T9051] Console: switching to colour frame buffer device 128x48 [ 347.751237][ T9111] Console: switching to colour VGA+ 80x25 [ 348.031046][ T9115] Console: switching to colour frame buffer device 128x48 [ 352.359021][ T9165] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/gy3:0 is already present [ 357.258743][ T9207] ubi: mtd0 is already attached to ubi0 [ 357.545709][ T9221] netlink: 296 bytes leftover after parsing attributes in process `syz.2.641'. [ 360.711423][ T9264] Console: switching to colour VGA+ 80x25 [ 361.255924][ T9264] Console: switching to colour frame buffer device 128x48 [ 362.091784][ T9278] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 364.636599][ T9307] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 365.331958][ T9308] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/gy3:0 is already present [ 367.744450][ T9347] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[9347] [ 374.147576][ T9425] random: crng reseeded on system resumption [ 378.887056][ T9458] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[9458] [ 380.768603][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.684'. [ 381.988915][ T5831] udevd[5831]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 382.038071][ T5838] udevd[5838]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 383.516996][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.523396][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.823638][ T9553] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 386.190427][ T9565] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[9565] [ 397.853746][ T9706] can: request_module (can-proto-0) failed. [ 398.019066][ T9712] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 406.784535][ T9809] random: crng reseeded on system resumption [ 414.318715][ T9913] Invalid ELF header magic: != ELF [ 415.810309][ T9936] input: f as /devices/virtual/input/input8 [ 418.096584][ T9963] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 418.137213][ T9953] can: request_module (can-proto-0) failed. [ 422.524142][T10020] FAULT_INJECTION: forcing a failure. [ 422.524142][T10020] name failslab, interval 1, probability 0, space 0, times 0 [ 422.603035][T10020] CPU: 0 UID: 0 PID: 10020 Comm: syz.3.770 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 422.603078][T10020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 422.603097][T10020] Call Trace: [ 422.603108][T10020] [ 422.603121][T10020] dump_stack_lvl+0x16c/0x1f0 [ 422.603177][T10020] should_fail_ex+0x512/0x640 [ 422.603223][T10020] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 422.603275][T10020] should_failslab+0xc2/0x120 [ 422.603305][T10020] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 422.603354][T10020] ? seq_open+0x55/0x170 [ 422.603390][T10020] ? __pfx_snd_info_seq_show+0x10/0x10 [ 422.603420][T10020] seq_open+0x55/0x170 [ 422.603450][T10020] ? __pfx_snd_info_seq_show+0x10/0x10 [ 422.603491][T10020] single_open+0xfc/0x1f0 [ 422.603527][T10020] snd_info_text_entry_open+0x175/0x2a0 [ 422.603564][T10020] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 422.603597][T10020] ? trace_kmem_cache_alloc+0x28/0xc0 [ 422.603631][T10020] ? __pfx_apparmor_file_open+0x10/0x10 [ 422.603670][T10020] ? proc_reg_open+0x21d/0x610 [ 422.603717][T10020] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 422.603751][T10020] proc_reg_open+0x289/0x610 [ 422.603800][T10020] do_dentry_open+0x741/0x1c10 [ 422.603849][T10020] ? __pfx_proc_reg_open+0x10/0x10 [ 422.603902][T10020] vfs_open+0x82/0x3f0 [ 422.603942][T10020] path_openat+0x1de4/0x2cb0 [ 422.604002][T10020] ? __pfx_path_openat+0x10/0x10 [ 422.604050][T10020] ? __lock_acquire+0xb8a/0x1c90 [ 422.604098][T10020] do_filp_open+0x20b/0x470 [ 422.604146][T10020] ? __pfx_do_filp_open+0x10/0x10 [ 422.604223][T10020] ? alloc_fd+0x471/0x7d0 [ 422.604277][T10020] do_sys_openat2+0x11b/0x1d0 [ 422.604311][T10020] ? __pfx_do_sys_openat2+0x10/0x10 [ 422.604363][T10020] __x64_sys_openat+0x174/0x210 [ 422.604399][T10020] ? __pfx___x64_sys_openat+0x10/0x10 [ 422.604453][T10020] do_syscall_64+0xcd/0x490 [ 422.604518][T10020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.604550][T10020] RIP: 0033:0x7f10f038e929 [ 422.604577][T10020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.604607][T10020] RSP: 002b:00007f10f125e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 422.604637][T10020] RAX: ffffffffffffffda RBX: 00007f10f05b6080 RCX: 00007f10f038e929 [ 422.604657][T10020] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 422.604676][T10020] RBP: 00007f10f0410b39 R08: 0000000000000000 R09: 0000000000000000 [ 422.604694][T10020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.604711][T10020] R13: 0000000000000000 R14: 00007f10f05b6080 R15: 00007ffcecdaf758 [ 422.604753][T10020] [ 423.016478][T10023] can: request_module (can-proto-0) failed. [ 423.268200][T10023] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 426.617995][T10089] random: crng reseeded on system resumption [ 427.469968][T10099] Invalid ELF header magic: != ELF [ 428.316979][T10089] Restarting kernel threads ... [ 428.346957][T10089] Done restarting kernel threads. [ 428.593891][T10120] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 431.400965][T10152] Invalid ELF header magic: != ELF [ 436.434550][T10218] Invalid ELF header magic: != ELF [ 437.176210][T10230] .SR: entered promiscuous mode [ 437.511097][T10230] Invalid ELF header magic: != ELF [ 438.679804][T10230] could not allocate digest TFM handle [ 438.683995][T10233] could not allocate digest TFM handle [ 438.982253][T10247] can: request_module (can-proto-0) failed. [ 439.137852][T10264] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 440.910298][T10277] Invalid ELF header magic: != ELF [ 440.928278][T10283] Invalid ELF header magic: != ELF [ 443.495451][T10322] netlink: 12 bytes leftover after parsing attributes in process `syz.1.820'. [ 444.693012][T10342] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 444.955380][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.962210][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.587941][T10349] netlink: 186 bytes leftover after parsing attributes in process `syz.0.831'. [ 446.033673][T10345] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 447.019638][T10362] Invalid ELF header magic: != ELF [ 454.775717][T10474] Invalid ELF header magic: != ELF [ 459.581329][T10542] Invalid ELF header magic: != ELF [ 460.882629][T10564] .SR: entered promiscuous mode [ 461.194818][T10565] Invalid ELF header magic: != ELF [ 462.308467][T10565] could not allocate digest TFM handle [ 462.314141][T10564] could not allocate digest TFM handle [ 465.427423][T10621] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78003 [ 465.439069][T10621] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 465.453624][T10621] page_type: f2(table) [ 465.468901][T10621] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 465.524439][T10621] raw: 0000000000000000 ffff8880787e0000 00000001f2000000 0000000000000000 [ 465.663902][T10620] can: request_module (can-proto-0) failed. [ 465.807774][T10621] page dumped because: unmovable page [ 465.813258][T10621] page_owner tracks the page as allocated [ 465.924463][T10620] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input16 [ 465.943759][T10621] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 5815, tgid 5815 (sshd-session), ts 78028917192, free_ts 77599755280 [ 466.106701][T10621] post_alloc_hook+0x1c0/0x230 [ 466.111584][T10621] get_page_from_freelist+0x1321/0x3890 [ 466.117367][T10621] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 466.136699][T10621] alloc_pages_mpol+0x1fb/0x550 [ 466.142437][T10621] alloc_pages_noprof+0x131/0x390 [ 466.168471][T10621] pte_alloc_one+0x1c/0x3a0 [ 466.200635][T10621] __handle_mm_fault+0x3a68/0x5490 [ 466.206402][T10621] handle_mm_fault+0x589/0xd10 [ 466.279767][T10621] do_user_addr_fault+0x60c/0x1370 [ 466.365290][T10621] exc_page_fault+0x5c/0xb0 [ 466.370091][T10621] asm_exc_page_fault+0x26/0x30 [ 466.375006][T10621] page last free pid 0 tgid 0 stack trace: [ 466.498691][T10621] __free_frozen_pages+0x7fe/0x1180 [ 466.503959][T10621] tlb_remove_table_rcu+0x116/0x1a0 [ 466.676397][T10621] rcu_core+0x799/0x14e0 [ 466.686512][T10621] handle_softirqs+0x216/0x8e0 [ 466.736722][T10621] __irq_exit_rcu+0x109/0x170 [ 466.741462][T10621] irq_exit_rcu+0x9/0x30 [ 466.745726][T10621] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 466.828244][T10621] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 467.072282][T10644] capability: warning: `syz.0.872' uses 32-bit capabilities (legacy support in use) [ 474.556845][T10725] random: crng reseeded on system resumption [ 476.033831][T10727] Restarting kernel threads ... [ 476.156762][T10727] Done restarting kernel threads. [ 476.885065][T10743] .SR: entered promiscuous mode [ 477.357374][T10743] Invalid ELF header magic: != ELF [ 477.873121][T10743] could not allocate digest TFM handle [ 477.886641][T10744] could not allocate digest TFM handle [ 484.299167][T10778] kexec: Could not allocate control_code_buffer [ 487.912292][T10837] .SR: entered promiscuous mode [ 488.049682][T10837] Invalid ELF header magic: != ELF [ 488.247615][T10834] Invalid ELF header magic: != ELF [ 489.806563][T10839] sctp: failed to load transform for md5: -2 [ 489.820878][T10841] could not allocate digest TFM handle [ 490.226132][T10855] could not allocate digest TFM handle [ 490.983934][T10876] Invalid ELF header magic: != ELF [ 491.557095][T10880] can: request_module (can-proto-0) failed. [ 491.734807][T10880] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 493.200329][T10895] Invalid ELF header magic: != ELF [ 494.174752][T10909] Invalid ELF header magic: != ELF [ 496.416955][T10944] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 496.523628][T10941] can: request_module (can-proto-0) failed. [ 497.727479][T10962] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input22 [ 504.492120][T11043] can: request_module (can-proto-0) failed. [ 505.352105][T11052] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input23 [ 505.827981][T11065] Invalid ELF header magic: != ELF [ 506.393007][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.402630][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.700135][T11076] Invalid ELF header magic: != ELF [ 510.073003][T11143] Invalid ELF header magic: != ELF [ 510.714415][T11152] can: request_module (can-proto-0) failed. [ 510.815976][T11152] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input27 [ 510.949535][T11150] can: request_module (can-proto-0) failed. [ 511.001516][T11167] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input28 [ 511.897294][T11174] ima: policy update failed [ 511.925521][ T30] audit: type=1802 audit(4294967433.167:8): pid=11174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.977" res=0 errno=0 [ 511.951018][T11174] netlink: 25 bytes leftover after parsing attributes in process `syz.0.977'. [ 513.535195][T11196] Invalid ELF header magic: != ELF [ 515.055601][T11217] can: request_module (can-proto-0) failed. [ 515.100594][T11226] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input30 [ 515.153192][T11217] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input31 [ 515.234270][T11224] can: request_module (can-proto-0) failed. [ 515.401077][T11230] can: request_module (can-proto-0) failed. [ 515.486628][T11230] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input32 [ 517.958313][T11255] openvswitch: .SR: Dropping previously announced user features [ 518.142607][T11255] Invalid ELF header magic: != ELF [ 519.604236][T11256] could not allocate digest TFM handle [ 519.604847][T11255] could not allocate digest TFM handle [ 520.244029][T11282] can: request_module (can-proto-0) failed. [ 520.284345][T11282] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input34 [ 523.222275][T11326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1004'. [ 523.573242][T11328] tipc: Started in network mode [ 523.580754][T11328] tipc: Node identity ee00, cluster identity 4711 [ 523.594737][T11328] tipc: Node number set to 60928 [ 524.013183][T11332] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1006'. [ 524.318895][T11327] Process accounting resumed [ 525.264502][T11359] can: request_module (can-proto-0) failed. [ 525.424182][T11361] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input35 [ 525.938611][T11371] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 525.972332][T11368] can: request_module (can-proto-0) failed. [ 527.086007][T11388] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input37 [ 527.115691][T11385] can: request_module (can-proto-0) failed. [ 527.127786][T11379] can: request_module (can-proto-0) failed. [ 527.194375][T11385] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input38 [ 528.909130][T11398] can: request_module (can-proto-0) failed. [ 528.992702][T11410] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input39 [ 529.177154][T11417] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input40 [ 529.229224][T11402] can: request_module (can-proto-0) failed. [ 532.562635][T11452] sctp: failed to load transform for md5: -2 [ 533.004369][T11464] random: crng reseeded on system resumption [ 534.759419][T11476] can: request_module (can-proto-0) failed. [ 534.903407][T11479] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input42 [ 535.563175][T11487] Invalid ELF header magic: != ELF [ 536.753554][T11509] can: request_module (can-proto-0) failed. [ 536.848337][T11501] syz.2.1034 (11501): attempted to duplicate a private mapping with mremap. This is not supported. [ 536.905132][T11513] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input43 [ 537.004330][T11505] sp0: Synchronizing with TNC [ 537.854347][T11530] can: request_module (can-proto-0) failed. [ 538.049044][T11536] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input44 [ 538.734753][T11544] program syz.3.1042 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 538.745087][T11544] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 538.796592][T11542] can: request_module (can-proto-0) failed. [ 539.013810][T11550] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input45 [ 539.515930][T11552] can: request_module (can-proto-0) failed. [ 539.609750][T11552] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input46 [ 541.852066][T11590] tipc: Started in network mode [ 541.857176][T11590] tipc: Node identity ee00, cluster identity 4711 [ 541.869835][T11590] tipc: Node number set to 60928 [ 542.011194][T11587] Process accounting resumed [ 542.168256][T11598] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 542.335994][T11596] can: request_module (can-proto-0) failed. [ 542.446556][T11596] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input48 [ 542.691035][T11601] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 542.999721][T11604] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1052'. [ 543.073448][T11611] Invalid ELF header magic: != ELF [ 544.491786][T11637] can: request_module (can-proto-0) failed. [ 544.538745][T11637] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input50 [ 545.360860][T11650] Invalid ELF header magic: != ELF [ 546.253541][T11663] can: request_module (can-proto-0) failed. [ 546.476651][T11668] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input51 [ 546.642623][T11667] Invalid ELF header magic: != ELF [ 548.748392][T11687] sp0: Synchronizing with TNC [ 548.965347][T11699] can: request_module (can-proto-0) failed. [ 549.023193][T11699] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input52 [ 550.048125][T11715] Invalid ELF header magic: != ELF [ 553.046393][T11754] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input53 [ 553.136683][T11747] can: request_module (can-proto-0) failed. [ 553.940385][T11763] random: crng reseeded on system resumption [ 555.323317][T11758] Process accounting paused [ 556.033658][ T30] audit: type=1800 audit(4294967477.257:9): pid=11768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1082" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 556.403831][T11797] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1086'. [ 556.775369][T11797] hsr_slave_0 (unregistering): left promiscuous mode [ 556.846876][T11784] kexec: Could not allocate control_code_buffer [ 556.981773][T11798] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1085'. [ 557.472377][T11801] can: request_module (can-proto-0) failed. [ 557.909549][T11815] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input55 [ 558.144990][T11810] can: request_module (can-proto-0) failed. [ 559.152886][T11825] Invalid ELF header magic: != ELF [ 560.718448][T11847] can: request_module (can-proto-0) failed. [ 560.848648][T11854] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input56 [ 561.202296][T11860] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input57 [ 561.427311][T11858] can: request_module (can-proto-0) failed. [ 561.748235][T11865] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1099'. [ 562.000225][T11870] hub 8-0:1.0: USB hub found [ 562.013475][T11870] hub 8-0:1.0: 1 port detected [ 562.168329][T11870] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1099'. [ 564.077754][T11896] Invalid ELF header magic: != ELF [ 565.311600][T11909] can: request_module (can-proto-0) failed. [ 565.398364][T11909] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input58 [ 567.840659][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.847180][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.564458][T11968] can: request_module (can-proto-0) failed. [ 569.651643][T11986] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60 [ 570.158722][T11989] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 syzkaller syzkaller login: [ 571.627200][T12000] misc userio: No port type given on /dev/userio [ 571.761099][T12007] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 572.567947][T12015] Invalid ELF header magic: != ELF [ 573.185374][T12023] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1125'. [ 573.711445][T12015] Process accounting paused [ 574.277070][T12038] FAULT_INJECTION: forcing a failure. [ 574.277070][T12038] name failslab, interval 1, probability 0, space 0, times 0 [ 574.289912][T12038] CPU: 0 UID: 0 PID: 12038 Comm: syz.3.1130 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 574.289952][T12038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 574.289971][T12038] Call Trace: [ 574.289981][T12038] [ 574.289992][T12038] dump_stack_lvl+0x16c/0x1f0 [ 574.290044][T12038] should_fail_ex+0x512/0x640 [ 574.290084][T12038] ? __kmalloc_noprof+0xbf/0x510 [ 574.290128][T12038] ? create_ruleset+0x21/0x140 [ 574.290170][T12038] should_failslab+0xc2/0x120 [ 574.290195][T12038] __kmalloc_noprof+0xd2/0x510 [ 574.290243][T12038] create_ruleset+0x21/0x140 [ 574.290287][T12038] landlock_merge_ruleset+0xbb/0x870 [ 574.290314][T12038] ? prepare_creds+0x583/0x7d0 [ 574.290356][T12038] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 574.290405][T12038] do_syscall_64+0xcd/0x490 [ 574.290451][T12038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.290480][T12038] RIP: 0033:0x7f10f038e929 [ 574.290502][T12038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.290528][T12038] RSP: 002b:00007f10f127f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 574.290554][T12038] RAX: ffffffffffffffda RBX: 00007f10f05b5fa0 RCX: 00007f10f038e929 [ 574.290573][T12038] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 574.290589][T12038] RBP: 00007f10f0410b39 R08: 0000000000000000 R09: 0000000000000000 [ 574.290606][T12038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 574.290623][T12038] R13: 0000000000000000 R14: 00007f10f05b5fa0 R15: 00007ffcecdaf758 [ 574.290658][T12038] [ 574.864437][T12048] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input62 [ 574.980938][T12040] can: request_module (can-proto-0) failed. [ 575.507040][T12051] rnbd_client L202: map_device: Unknown parameter or missing value '(' [ 575.533987][T12055] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 577.081667][ T152] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.471471][ T152] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.664936][ T152] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 577.903097][ T152] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 578.754545][ T152] batadv0: left allmulticast mode [ 578.776485][ T152] batadv0: left promiscuous mode [ 578.801228][ T152] bridge0: port 3(batadv0) entered disabled state [ 578.884887][ T152] bridge_slave_1: left allmulticast mode [ 578.912279][ T152] bridge_slave_1: left promiscuous mode [ 578.925407][ T152] bridge0: port 2(bridge_slave_1) entered disabled state [ 578.999906][ T152] bridge_slave_0: left allmulticast mode [ 579.005643][ T152] bridge_slave_0: left promiscuous mode [ 579.013712][T12092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 579.022819][ T152] bridge0: port 1(bridge_slave_0) entered disabled state [ 579.045378][T12092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 579.059048][T12092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 579.152392][T12092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 579.168710][T12092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 579.850457][ T152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 579.896966][ T152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 579.957024][ T152] bond0 (unregistering): Released all slaves [ 580.226180][ T152] .SR: left promiscuous mode [ 580.552719][T12100] can: request_module (can-proto-0) failed. [ 580.741581][ T152] tipc: Left network mode [ 581.278084][ T5839] Bluetooth: hci0: command tx timeout [ 581.746055][T12128] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64 [ 582.740728][T12091] chnl_net:caif_netlink_parms(): no params data found [ 582.879822][ T152] hsr_slave_1: left promiscuous mode [ 582.886183][ T152] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 582.923816][ T152] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 582.949664][ T152] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 582.989448][ T152] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 583.085282][ T152] veth0_macvtap: left promiscuous mode [ 583.097089][ T152] veth1_vlan: left promiscuous mode [ 583.102784][ T152] veth0_vlan: left promiscuous mode [ 583.347565][ T5839] Bluetooth: hci0: command tx timeout [ 584.399350][T12156] can: request_module (can-proto-0) failed. [ 584.477925][ T152] team0 (unregistering): Port device team_slave_1 removed [ 584.554911][ T152] team0 (unregistering): Port device team_slave_0 removed [ 585.426373][ T5839] Bluetooth: hci0: command tx timeout [ 585.426526][T12091] bridge0: port 1(bridge_slave_0) entered blocking state [ 585.443040][T12091] bridge0: port 1(bridge_slave_0) entered disabled state [ 585.451324][T12091] bridge_slave_0: entered allmulticast mode [ 585.461734][T12091] bridge_slave_0: entered promiscuous mode [ 585.485868][T12091] bridge0: port 2(bridge_slave_1) entered blocking state [ 585.502040][T12091] bridge0: port 2(bridge_slave_1) entered disabled state [ 585.511376][T12091] bridge_slave_1: entered allmulticast mode [ 585.520064][T12091] bridge_slave_1: entered promiscuous mode [ 585.599005][T12091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 585.615526][T12091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 585.709333][T12091] team0: Port device team_slave_0 added [ 585.725834][T12091] team0: Port device team_slave_1 added [ 585.808245][T12091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 585.815359][T12091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 585.865297][T12091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 585.915621][T12091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 585.928980][T12091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 586.010276][T12091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 586.243104][T12091] hsr_slave_0: entered promiscuous mode [ 586.301026][T12091] hsr_slave_1: entered promiscuous mode [ 586.350313][T12091] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 586.406439][T12091] Cannot create hsr debugfs directory [ 587.506452][ T5839] Bluetooth: hci0: command tx timeout [ 588.052904][T12194] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1151'. [ 588.412662][T12194] hsr_slave_0 (unregistering): left promiscuous mode [ 588.825486][T12208] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 589.595174][T12226] can: request_module (can-proto-0) failed. [ 589.698153][T12091] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 589.999714][T12091] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 590.030243][T12091] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 590.151039][T12091] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 590.549488][T12091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 590.616812][T12091] 8021q: adding VLAN 0 to HW filter on device team0 [ 590.649499][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.656727][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 590.739346][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 590.744356][T12241] hub 8-0:1.0: USB hub found [ 590.746574][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 590.758780][T12241] hub 8-0:1.0: 1 port detected [ 592.225969][T12091] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 592.610513][T12091] veth0_vlan: entered promiscuous mode [ 592.864781][T12091] veth1_vlan: entered promiscuous mode [ 592.952060][T12091] veth0_macvtap: entered promiscuous mode [ 592.966047][T12091] veth1_macvtap: entered promiscuous mode [ 593.115002][T12091] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 593.172562][T12091] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 593.192449][T12091] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 593.204483][T12091] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 593.214734][T12091] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 593.225659][T12091] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 593.808936][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 593.886011][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 594.185792][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 594.221768][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 594.494279][T12319] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1164'. [ 594.749170][T12319] hsr_slave_0 (unregistering): left promiscuous mode [ 595.965536][T12348] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input67 [ 596.182615][T12345] can: request_module (can-proto-0) failed. [ 596.506255][T12359] can: request_module (can-proto-0) failed. [ 596.519721][T12359] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input68 [ 598.068619][T12387] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 598.917569][T12398] misc userio: No port type given on /dev/userio [ 599.126605][T12388] FAULT_INJECTION: forcing a failure. [ 599.126605][T12388] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 599.188124][T12388] CPU: 1 UID: 0 PID: 12388 Comm: syz.3.1170 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 599.188162][T12388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 599.188178][T12388] Call Trace: [ 599.188188][T12388] [ 599.188198][T12388] dump_stack_lvl+0x16c/0x1f0 [ 599.188260][T12388] should_fail_ex+0x512/0x640 [ 599.188310][T12388] should_fail_alloc_page+0xe7/0x130 [ 599.188342][T12388] prepare_alloc_pages+0x3c2/0x610 [ 599.188377][T12388] ? kasan_save_stack+0x42/0x60 [ 599.188421][T12388] ? kasan_save_stack+0x33/0x60 [ 599.188469][T12388] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 599.188515][T12388] ? swapin_readahead+0x13a/0xd60 [ 599.188573][T12388] ? __handle_mm_fault+0x162f/0x5490 [ 599.188611][T12388] ? handle_mm_fault+0x589/0xd10 [ 599.188647][T12388] ? do_user_addr_fault+0x7a6/0x1370 [ 599.188687][T12388] ? exc_page_fault+0x5c/0xb0 [ 599.188729][T12388] ? asm_exc_page_fault+0x26/0x30 [ 599.188759][T12388] ? __get_user_8+0x14/0x30 [ 599.188796][T12388] ? exit_robust_list+0x62/0x280 [ 599.188836][T12388] ? __lock_acquire+0x622/0x1c90 [ 599.188882][T12388] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 599.188951][T12388] ? filemap_get_entry+0x1a7/0x3b0 [ 599.188985][T12388] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 599.189037][T12388] ? policy_nodemask+0xea/0x4e0 [ 599.189072][T12388] alloc_pages_mpol+0x1fb/0x550 [ 599.189103][T12388] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 599.189133][T12388] ? _raw_spin_unlock+0x28/0x50 [ 599.189174][T12388] ? swap_entry_swapped+0x122/0x190 [ 599.189226][T12388] ? __pfx_swap_entry_swapped+0x10/0x10 [ 599.189292][T12388] folio_alloc_mpol_noprof+0x36/0x2f0 [ 599.189331][T12388] __read_swap_cache_async+0x3b6/0x5a0 [ 599.189383][T12388] ? __pfx___read_swap_cache_async+0x10/0x10 [ 599.189428][T12388] ? swp_swap_info+0x30/0x130 [ 599.189459][T12388] ? __pfx_swp_swap_info+0x10/0x10 [ 599.189499][T12388] swap_cluster_readahead+0x3eb/0x710 [ 599.189551][T12388] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 599.189622][T12388] ? get_vma_policy+0x242/0x3c0 [ 599.189659][T12388] swapin_readahead+0x13a/0xd60 [ 599.189715][T12388] ? __pfx_swapin_readahead+0x10/0x10 [ 599.189754][T12388] ? __filemap_get_folio+0x32b/0xc30 [ 599.189807][T12388] ? swap_cache_get_folio+0x1df/0x450 [ 599.189851][T12388] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 599.189893][T12388] ? __pfx_get_swap_device+0x10/0x10 [ 599.189942][T12388] ? do_swap_page+0x125/0x65c0 [ 599.189982][T12388] do_swap_page+0x635/0x65c0 [ 599.190019][T12388] ? __lock_acquire+0x622/0x1c90 [ 599.190062][T12388] ? find_held_lock+0x2b/0x80 [ 599.190093][T12388] ? is_bpf_text_address+0x8a/0x1a0 [ 599.190139][T12388] ? __pfx_do_swap_page+0x10/0x10 [ 599.190177][T12388] ? __pfx_default_wake_function+0x10/0x10 [ 599.190218][T12388] ? rcu_is_watching+0x12/0xc0 [ 599.190255][T12388] ? ___pte_offset_map+0x1d5/0x570 [ 599.190294][T12388] __handle_mm_fault+0x162f/0x5490 [ 599.190346][T12388] ? __pfx___handle_mm_fault+0x10/0x10 [ 599.190383][T12388] ? __pfx_mt_find+0x10/0x10 [ 599.190436][T12388] ? find_vma+0xbf/0x140 [ 599.190466][T12388] ? __pfx_find_vma+0x10/0x10 [ 599.190501][T12388] handle_mm_fault+0x589/0xd10 [ 599.190544][T12388] ? __pkru_allows_pkey+0x41/0xb0 [ 599.190587][T12388] do_user_addr_fault+0x7a6/0x1370 [ 599.190634][T12388] ? rcu_is_watching+0x12/0xc0 [ 599.190669][T12388] exc_page_fault+0x5c/0xb0 [ 599.190715][T12388] asm_exc_page_fault+0x26/0x30 [ 599.190745][T12388] RIP: 0010:__get_user_8+0x14/0x30 [ 599.190785][T12388] Code: ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <48> 8b 10 31 c0 0f 01 ca e9 3f 09 04 00 66 66 2e 0f 1f 84 00 00 00 [ 599.190815][T12388] RSP: 0018:ffffc9000c61fb38 EFLAGS: 00050287 [ 599.190841][T12388] RAX: 00007f10f123d9a0 RBX: ffff8880798b0000 RCX: ffffc9000c61fadc [ 599.190861][T12388] RDX: 00007ffffffff000 RSI: ffffffff81ae319a RDI: ffffffff8c156420 [ 599.190881][T12388] RBP: ffff8880798b1428 R08: aee4b4e42c87e4e4 R09: 0000000000000000 [ 599.190901][T12388] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880798b1370 [ 599.190919][T12388] R13: ffff8880798b1398 R14: ffff888029fb9280 R15: 00007f10f123d9a0 [ 599.190953][T12388] ? exit_robust_list+0x5a/0x280 [ 599.190992][T12388] exit_robust_list+0x62/0x280 [ 599.191026][T12388] ? mark_held_locks+0x49/0x80 [ 599.191064][T12388] ? _raw_spin_unlock_irq+0x23/0x50 [ 599.191110][T12388] futex_exit_release+0x187/0x220 [ 599.191149][T12388] exit_mm_release+0x19/0x30 [ 599.191185][T12388] do_exit+0x68b/0x2bd0 [ 599.191234][T12388] ? __pfx_do_exit+0x10/0x10 [ 599.191281][T12388] ? do_raw_spin_lock+0x12c/0x2b0 [ 599.191326][T12388] ? find_held_lock+0x2b/0x80 [ 599.191362][T12388] do_group_exit+0xd3/0x2a0 [ 599.191407][T12388] get_signal+0x2673/0x26d0 [ 599.191456][T12388] ? __pfx_get_signal+0x10/0x10 [ 599.191490][T12388] ? do_futex+0x122/0x350 [ 599.191528][T12388] ? __pfx_do_futex+0x10/0x10 [ 599.191569][T12388] arch_do_signal_or_restart+0x8f/0x790 [ 599.191606][T12388] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 599.191651][T12388] ? __x64_sys_poll+0x123/0x450 [ 599.191693][T12388] ? __pfx___x64_sys_poll+0x10/0x10 [ 599.191762][T12388] exit_to_user_mode_loop+0x84/0x110 [ 599.191813][T12388] do_syscall_64+0x3f6/0x490 [ 599.191866][T12388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.191898][T12388] RIP: 0033:0x7f10f038e929 [ 599.191923][T12388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.191954][T12388] RSP: 002b:00007f10f123d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 599.191982][T12388] RAX: fffffffffffffe00 RBX: 00007f10f05b6168 RCX: 00007f10f038e929 [ 599.192003][T12388] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f10f05b6168 [ 599.192022][T12388] RBP: 00007f10f05b6160 R08: 0000000000000000 R09: 0000000000000000 [ 599.192041][T12388] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f10f05b616c [ 599.192060][T12388] R13: 0000000000000000 R14: 00007ffcecdaf670 R15: 00007ffcecdaf758 [ 599.192101][T12388] [ 602.746012][T12436] random: crng reseeded on system resumption [ 603.350361][T12439] can: request_module (can-proto-0) failed. [ 604.069827][T12442] Process accounting resumed [ 606.003868][T12473] can: request_module (can-proto-0) failed. [ 606.063996][T12482] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input71 [ 606.078060][T12485] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input72 [ 606.456083][T12478] can: request_module (can-proto-0) failed. [ 606.753448][T12489] can: request_module (can-proto-0) failed. [ 606.825064][T12492] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input73 [ 609.305356][T12523] can: request_module (can-proto-0) failed. [ 609.509203][T12519] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input74 [ 609.599325][T12521] misc userio: No port type given on /dev/userio [ 611.043408][T12545] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1201'. [ 611.328345][T12545] hsr_slave_0 (unregistering): left promiscuous mode [ 614.809540][T12590] can: request_module (can-proto-0) failed. [ 615.167776][T12595] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input75 [ 616.188159][T12606] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input76 [ 616.329388][T12603] can: request_module (can-proto-0) failed. [ 616.528195][T12610] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input77 [ 617.412578][T12611] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input78 [ 617.993725][T12616] FAULT_INJECTION: forcing a failure. [ 617.993725][T12616] name fail_futex, interval 1, probability 0, space 0, times 1 [ 618.016954][T12616] CPU: 1 UID: 0 PID: 12616 Comm: syz.0.1214 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 618.016996][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 618.017016][T12616] Call Trace: [ 618.017024][T12616] [ 618.017032][T12616] dump_stack_lvl+0x16c/0x1f0 [ 618.017073][T12616] should_fail_ex+0x512/0x640 [ 618.017111][T12616] get_futex_key+0xf36/0x1540 [ 618.017142][T12616] ? __pfx_get_futex_key+0x10/0x10 [ 618.017169][T12616] ? do_user_addr_fault+0x829/0x1370 [ 618.017214][T12616] futex_wake+0xea/0x530 [ 618.017250][T12616] ? __pfx_futex_wake+0x10/0x10 [ 618.017280][T12616] ? __lock_acquire+0xb8a/0x1c90 [ 618.017323][T12616] do_futex+0x1e3/0x350 [ 618.017351][T12616] ? __pfx_do_futex+0x10/0x10 [ 618.017377][T12616] ? __might_fault+0xe3/0x190 [ 618.017418][T12616] mm_release+0x24e/0x300 [ 618.017444][T12616] do_exit+0x68b/0x2bd0 [ 618.017480][T12616] ? __pfx_do_exit+0x10/0x10 [ 618.017510][T12616] ? do_raw_spin_lock+0x12c/0x2b0 [ 618.017544][T12616] ? find_held_lock+0x2b/0x80 [ 618.017571][T12616] do_group_exit+0xd3/0x2a0 [ 618.017604][T12616] get_signal+0x2673/0x26d0 [ 618.017640][T12616] ? __pfx_get_signal+0x10/0x10 [ 618.017665][T12616] ? do_futex+0x122/0x350 [ 618.017692][T12616] ? __pfx_do_futex+0x10/0x10 [ 618.017722][T12616] arch_do_signal_or_restart+0x8f/0x790 [ 618.017750][T12616] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 618.017785][T12616] ? __x64_sys_poll+0x123/0x450 [ 618.017817][T12616] ? __pfx___x64_sys_poll+0x10/0x10 [ 618.017854][T12616] exit_to_user_mode_loop+0x84/0x110 [ 618.017892][T12616] do_syscall_64+0x3f6/0x490 [ 618.017930][T12616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.017954][T12616] RIP: 0033:0x7f1355d8e929 [ 618.017973][T12616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 618.017995][T12616] RSP: 002b:00007f1356b240e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 618.018023][T12616] RAX: fffffffffffffe00 RBX: 00007f1355fb6248 RCX: 00007f1355d8e929 [ 618.018038][T12616] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1355fb6248 [ 618.018053][T12616] RBP: 00007f1355fb6240 R08: 0000000000000000 R09: 0000000000000000 [ 618.018067][T12616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1355fb624c [ 618.018081][T12616] R13: 0000000000000000 R14: 00007ffd193a1890 R15: 00007ffd193a1978 [ 618.018110][T12616] [ 619.043143][T12640] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input79 [ 619.066571][T12631] can: request_module (can-proto-0) failed. [ 619.136757][T12643] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 620.461641][T12659] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input80 [ 620.499997][T12650] can: request_module (can-proto-0) failed. syzkaller syzkaller login: [ 625.252310][T12713] can: request_module (can-proto-0) failed. [ 625.290525][T12713] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input81 [ 626.452106][T12730] can: request_module (can-proto-0) failed. [ 626.522498][T12730] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input82 [ 628.306879][T12753] can: request_module (can-proto-0) failed. [ 628.376872][T12753] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input83 [ 629.277572][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.288341][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.700214][T12794] can: request_module (can-proto-0) failed. [ 630.808831][T12804] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input84 [ 632.779073][T12815] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1247'. [ 634.555811][T12811] Process accounting paused [ 635.999420][ T5839] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 637.016459][T12867] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input85 [ 637.065161][T12864] can: request_module (can-proto-0) failed. [ 639.494695][T12901] random: crng reseeded on system resumption syzkaller syzkaller login: [ 643.200625][T12951] Invalid ELF header magic: != ELF [ 644.518152][T12959] can: request_module (can-proto-0) failed. [ 644.614276][T12959] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input86 [ 647.085847][T13003] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input87 [ 647.161100][T12998] can: request_module (can-proto-0) failed. [ 647.721896][T13009] can: request_module (can-proto-0) failed. [ 647.956706][T13011] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input88 [ 648.189776][T13008] ip_vti0: entered allmulticast mode [ 648.794462][T13029] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89 [ 649.046617][T13037] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input90 [ 649.183467][T13030] can: request_module (can-proto-0) failed. [ 649.894390][T13032] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91 [ 650.355128][T13034] FAULT_INJECTION: forcing a failure. [ 650.355128][T13034] name fail_futex, interval 1, probability 0, space 0, times 0 [ 650.377518][T13034] CPU: 1 UID: 0 PID: 13034 Comm: syz.1.1281 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 650.377558][T13034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.377576][T13034] Call Trace: [ 650.377585][T13034] [ 650.377596][T13034] dump_stack_lvl+0x16c/0x1f0 [ 650.377650][T13034] should_fail_ex+0x512/0x640 [ 650.377700][T13034] get_futex_key+0xf36/0x1540 [ 650.377740][T13034] ? __pfx_get_futex_key+0x10/0x10 [ 650.377775][T13034] ? do_user_addr_fault+0x829/0x1370 [ 650.377825][T13034] futex_wake+0xea/0x530 [ 650.377870][T13034] ? __pfx_futex_wake+0x10/0x10 [ 650.377910][T13034] ? __lock_acquire+0xb8a/0x1c90 [ 650.377976][T13034] do_futex+0x1e3/0x350 [ 650.378014][T13034] ? __pfx_do_futex+0x10/0x10 [ 650.378048][T13034] ? __might_fault+0xe3/0x190 [ 650.378104][T13034] mm_release+0x24e/0x300 [ 650.378139][T13034] do_exit+0x68b/0x2bd0 [ 650.378186][T13034] ? __pfx_do_exit+0x10/0x10 [ 650.378225][T13034] ? do_raw_spin_lock+0x12c/0x2b0 [ 650.378268][T13034] ? find_held_lock+0x2b/0x80 [ 650.378301][T13034] do_group_exit+0xd3/0x2a0 [ 650.378346][T13034] get_signal+0x2673/0x26d0 [ 650.378393][T13034] ? __pfx_get_signal+0x10/0x10 [ 650.378425][T13034] ? do_futex+0x122/0x350 [ 650.378460][T13034] ? __pfx_do_futex+0x10/0x10 [ 650.378504][T13034] arch_do_signal_or_restart+0x8f/0x790 [ 650.378539][T13034] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 650.378584][T13034] ? __x64_sys_poll+0x123/0x450 [ 650.378627][T13034] ? __pfx___x64_sys_poll+0x10/0x10 [ 650.378676][T13034] exit_to_user_mode_loop+0x84/0x110 [ 650.378725][T13034] do_syscall_64+0x3f6/0x490 [ 650.378776][T13034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.378807][T13034] RIP: 0033:0x7fbf4018e929 [ 650.378832][T13034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.378863][T13034] RSP: 002b:00007fbf3dbd30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 650.378911][T13034] RAX: fffffffffffffe00 RBX: 00007fbf403b6248 RCX: 00007fbf4018e929 [ 650.378932][T13034] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbf403b6248 [ 650.378963][T13034] RBP: 00007fbf403b6240 R08: 0000000000000000 R09: 0000000000000000 [ 650.378982][T13034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbf403b624c [ 650.379002][T13034] R13: 0000000000000000 R14: 00007fffb3ebf350 R15: 00007fffb3ebf438 [ 650.379042][T13034] [ 650.720122][T13045] can: request_module (can-proto-0) failed. [ 650.923505][T13052] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input92 [ 651.216432][T13063] syz.0.1286 uses obsolete (PF_INET,SOCK_PACKET) [ 651.336519][T13063] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1286'. [ 652.936429][T13081] can: request_module (can-proto-0) failed. [ 653.046149][T13081] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input93 [ 653.191802][T13089] HfR: entered promiscuous mode [ 653.242264][T13090] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1290'. [ 653.300546][T13090] HfR: left promiscuous mode [ 653.447790][T13089] HfR: entered promiscuous mode [ 657.217054][T13135] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input94 [ 657.362960][T13126] can: request_module (can-proto-0) failed. [ 658.590038][T13154] can: request_module (can-proto-0) failed. [ 658.610678][T13154] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input95 [ 659.400961][T13167] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input96 [ 659.432955][T13163] can: request_module (can-proto-0) failed. [ 659.541655][T13147] Invalid ELF header magic: != ELF [ 661.662292][T13192] HfR: entered promiscuous mode [ 661.677228][T13192] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1308'. [ 661.709634][T13192] HfR: left promiscuous mode [ 661.793225][T13196] HfR: entered promiscuous mode [ 662.429667][T13200] can: request_module (can-proto-0) failed. [ 662.642139][T13212] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input97 [ 664.288625][T13236] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1315'. [ 664.814640][T13236] team0: Port device team_slave_0 removed [ 665.104991][T13231] Process accounting resumed [ 667.592408][T13275] can: request_module (can-proto-0) failed. [ 667.661091][T13279] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input98 [ 668.457243][T13287] can: request_module (can-proto-0) failed. [ 668.658742][T13291] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input99 syzkaller syzkaller login: [ 670.138692][T13317] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input100 [ 670.165263][T13314] can: request_module (can-proto-0) failed. [ 671.677127][T13334] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input101 [ 671.769475][T13337] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 674.337005][T13368] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1335'. [ 674.635519][T13368] team0: Port device team_slave_0 removed [ 675.637897][T13380] can: request_module (can-proto-0) failed. [ 675.839303][T13385] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input102 [ 676.458233][T13389] can: request_module (can-proto-0) failed. [ 676.523653][T13395] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input103 [ 676.636412][T13400] Invalid ELF header magic: != ELF [ 680.682613][T13452] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input104 [ 680.857146][T13445] can: request_module (can-proto-0) failed. [ 681.689005][T13470] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input105 [ 681.838487][T13467] can: request_module (can-proto-0) failed. [ 683.264102][T13483] Invalid ELF header magic: != ELF [ 683.989262][ T5839] Bluetooth: hci4: Opcode 0x0c03 failed: -110 syzkaller syzkaller login: [ 684.980374][T13495] FAULT_INJECTION: forcing a failure. [ 684.980374][T13495] name failslab, interval 1, probability 0, space 0, times 0 [ 684.995704][T13495] CPU: 1 UID: 0 PID: 13495 Comm: syz.1.1354 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 684.995735][T13495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 684.995749][T13495] Call Trace: [ 684.995757][T13495] [ 684.995770][T13495] dump_stack_lvl+0x16c/0x1f0 [ 684.995811][T13495] should_fail_ex+0x512/0x640 [ 684.995843][T13495] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 684.995882][T13495] should_failslab+0xc2/0x120 [ 684.995904][T13495] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 684.995939][T13495] ? __pfx___might_resched+0x10/0x10 [ 684.995962][T13495] ? alloc_vmap_area+0x645/0x29c0 [ 684.995991][T13495] alloc_vmap_area+0x645/0x29c0 [ 684.996027][T13495] ? __pfx_alloc_vmap_area+0x10/0x10 [ 684.996060][T13495] __get_vm_area_node+0x1ca/0x330 [ 684.996090][T13495] ? relay_open_buf.part.0+0x445/0xc80 [ 684.996121][T13495] get_vm_area_caller+0x71/0xa0 [ 684.996148][T13495] ? relay_open_buf.part.0+0x445/0xc80 [ 684.996193][T13495] vmap+0x135/0x320 [ 684.996229][T13495] ? __pfx_vmap+0x10/0x10 [ 684.996260][T13495] ? trace_kmalloc+0x2b/0xd0 [ 684.996291][T13495] ? relay_open_buf.part.0+0x194/0xc80 [ 684.996331][T13495] relay_open_buf.part.0+0x445/0xc80 [ 684.996371][T13495] relay_open+0x653/0xad0 [ 684.996399][T13495] ? debugfs_create_file_full+0x41/0x60 [ 684.996432][T13495] do_blk_trace_setup+0x503/0xb50 [ 684.996460][T13495] blk_trace_setup+0xed/0x1b0 [ 684.996486][T13495] ? __pfx_blk_trace_setup+0x10/0x10 [ 684.996510][T13495] ? __pfx_snprintf+0x10/0x10 [ 684.996557][T13495] blk_trace_ioctl+0x146/0x280 [ 684.996583][T13495] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 684.996614][T13495] ? find_held_lock+0x2b/0x80 [ 684.996636][T13495] ? hook_file_ioctl_common+0x145/0x410 [ 684.996664][T13495] blkdev_ioctl+0x108/0x6d0 [ 684.996690][T13495] ? __pfx_blkdev_ioctl+0x10/0x10 [ 684.996719][T13495] ? __pfx_blkdev_ioctl+0x10/0x10 [ 684.996746][T13495] __x64_sys_ioctl+0x18e/0x210 [ 684.996784][T13495] do_syscall_64+0xcd/0x490 [ 684.996822][T13495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 684.996845][T13495] RIP: 0033:0x7fbf4018e929 [ 684.996864][T13495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.996887][T13495] RSP: 002b:00007fbf40f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 684.996910][T13495] RAX: ffffffffffffffda RBX: 00007fbf403b5fa0 RCX: 00007fbf4018e929 [ 684.996926][T13495] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000006 [ 684.996941][T13495] RBP: 00007fbf40210b39 R08: 0000000000000000 R09: 0000000000000000 [ 684.996956][T13495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 684.996970][T13495] R13: 0000000000000000 R14: 00007fbf403b5fa0 R15: 00007fffb3ebf438 [ 684.996999][T13495] [ 689.190666][T13561] Invalid ELF header magic: != ELF [ 689.416261][T13567] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input106 [ 689.502713][T13558] can: request_module (can-proto-0) failed. [ 690.102778][T13573] can: request_module (can-proto-0) failed. [ 690.449283][T13577] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input107 [ 690.714371][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.720982][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 695.745597][T13630] can: request_module (can-proto-0) failed. [ 695.813550][T13588] Process accounting paused [ 695.859694][T13630] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input108 [ 696.395400][T13639] can: request_module (can-proto-0) failed. [ 696.431851][T13642] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input109 [ 697.009851][T13646] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1381'. [ 699.830774][T13663] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[13663] [ 701.413055][T13697] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input110 [ 701.530663][T13694] can: request_module (can-proto-0) failed. [ 702.228831][T13708] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input111 [ 702.328190][T13705] can: request_module (can-proto-0) failed. [ 703.026377][T12092] Bluetooth: hci0: command 0x0406 tx timeout [ 709.003556][T13786] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1404'. [ 709.022195][T13786] veth0_vlan: entered allmulticast mode [ 709.169232][T13776] sd 0:0:1:0: PR command failed: 1026 [ 709.246391][T13776] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 709.267980][T13776] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 711.989104][T13812] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1415'. [ 712.878084][T13833] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input112 [ 712.967638][T13829] can: request_module (can-proto-0) failed. [ 715.885157][T13848] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 715.903882][T13848] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 715.919538][T13848] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 715.926943][T13848] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 715.934979][T13848] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 716.496085][T13883] ptrace attach of "./syz-executor exec"[12091] was attempted by "./syz-executor exec"[13883] [ 716.556508][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 716.904462][T13896] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input113 [ 716.936275][T13889] can: request_module (can-proto-0) failed. [ 717.689502][T13903] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1423'. [ 717.916469][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 717.986317][ T5839] Bluetooth: hci0: command 0x0406 tx timeout [ 717.992422][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 718.233124][T13912] can: request_module (can-proto-0) failed. [ 718.385142][T13910] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input114 [ 720.066303][ T5839] Bluetooth: hci0: command 0x0406 tx timeout [ 721.175740][T13930] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[13930] [ 724.048133][T13980] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input115 [ 724.214941][T13976] can: request_module (can-proto-0) failed. [ 724.964682][T13993] Invalid ELF header magic: != ELF [ 727.865377][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 727.871913][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 727.885704][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 727.892149][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 727.903198][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 727.909809][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 727.920019][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 727.927029][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 728.143404][T14009] Process accounting resumed [ 728.561186][T14050] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input116 [ 728.611684][T14041] can: request_module (can-proto-0) failed. [ 729.956054][T14078] FAULT_INJECTION: forcing a failure. [ 729.956054][T14078] name failslab, interval 1, probability 0, space 0, times 0 [ 730.021580][T14078] CPU: 0 UID: 0 PID: 14078 Comm: syz.0.1454 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 730.021623][T14078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 730.021641][T14078] Call Trace: [ 730.021651][T14078] [ 730.021665][T14078] dump_stack_lvl+0x16c/0x1f0 [ 730.021720][T14078] should_fail_ex+0x512/0x640 [ 730.021766][T14078] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 730.021827][T14078] should_failslab+0xc2/0x120 [ 730.021857][T14078] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 730.021907][T14078] ? alloc_inode+0x61/0x240 [ 730.021942][T14078] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 730.021980][T14078] alloc_inode+0x61/0x240 [ 730.022012][T14078] new_inode+0x22/0x1c0 [ 730.022048][T14078] __debugfs_create_file+0x11c/0x6b0 [ 730.022096][T14078] debugfs_create_file_full+0x41/0x60 [ 730.022135][T14078] ? __pfx_blk_create_buf_file_callback+0x10/0x10 [ 730.022190][T14078] relay_open_buf.part.0+0x7f8/0xc80 [ 730.022247][T14078] relay_open+0x653/0xad0 [ 730.022289][T14078] ? debugfs_create_file_full+0x41/0x60 [ 730.022335][T14078] do_blk_trace_setup+0x503/0xb50 [ 730.022371][T14078] blk_trace_setup+0xed/0x1b0 [ 730.022407][T14078] ? __pfx_blk_trace_setup+0x10/0x10 [ 730.022440][T14078] ? __pfx_snprintf+0x10/0x10 [ 730.022507][T14078] blk_trace_ioctl+0x146/0x280 [ 730.022542][T14078] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 730.022580][T14078] ? find_held_lock+0x2b/0x80 [ 730.022606][T14078] ? hook_file_ioctl_common+0x145/0x410 [ 730.022640][T14078] blkdev_ioctl+0x108/0x6d0 [ 730.022672][T14078] ? __pfx_blkdev_ioctl+0x10/0x10 [ 730.022709][T14078] ? __pfx_blkdev_ioctl+0x10/0x10 [ 730.022749][T14078] __x64_sys_ioctl+0x18e/0x210 [ 730.022810][T14078] do_syscall_64+0xcd/0x490 [ 730.022859][T14078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 730.022890][T14078] RIP: 0033:0x7f1355d8e929 [ 730.022913][T14078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 730.022942][T14078] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 730.022970][T14078] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 730.022989][T14078] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000006 [ 730.023008][T14078] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 730.023025][T14078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 730.023042][T14078] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 730.023079][T14078] [ 730.023091][T14078] debugfs: out of free dentries, can not create file 'trace1' [ 733.885874][T14115] can: request_module (can-proto-0) failed. [ 734.051697][T14115] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input117 [ 734.712207][T14127] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input118 [ 734.935248][T14123] can: request_module (can-proto-0) failed. [ 735.678875][T14141] Invalid ELF header magic: != ELF [ 737.416042][T14155] can: request_module (can-proto-0) failed. [ 737.429902][T14155] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input119 [ 738.022090][T14165] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input120 [ 738.058295][T14161] can: request_module (can-proto-0) failed. [ 739.339458][T14179] can: request_module (can-proto-0) failed. [ 739.526846][T14183] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input121 [ 741.138111][T14192] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 741.281914][T14192] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 741.345988][T14192] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 741.386447][T14192] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 742.309819][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 743.166567][T14226] can: request_module (can-proto-0) failed. [ 743.195871][T14226] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input122 [ 743.364543][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 743.426534][ T5839] Bluetooth: hci0: command 0x0406 tx timeout [ 743.432687][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout [ 744.730217][T14254] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input123 [ 747.645939][T14286] sd 0:0:1:0: PR command failed: 1026 [ 747.674196][T14286] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 747.754171][T14286] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 750.740506][T14327] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input124 [ 751.835554][T14339] can: request_module (can-proto-0) failed. [ 751.970073][T14339] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input125 [ 752.154399][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.160844][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.133928][T14367] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input126 [ 754.210355][T14357] can: request_module (can-proto-0) failed. [ 755.393332][T14383] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input127 [ 758.002141][T14420] can: request_module (can-proto-0) failed. [ 758.063049][T14420] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input128 [ 758.149800][T14419] can: request_module (can-proto-0) failed. [ 758.179955][T14419] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input129 [ 759.294420][T14417] Process accounting paused [ 759.929248][T14450] can: request_module (can-proto-0) failed. [ 759.975343][T14450] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input130 [ 762.847650][T14488] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input131 [ 763.986076][T14496] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input132 [ 764.248845][T14491] can: request_module (can-proto-0) failed. [ 765.660841][T14511] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input133 [ 769.413045][T14583] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input134 [ 769.512038][T14567] can: request_module (can-proto-0) failed. [ 774.806783][T14655] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input135 [ 774.821533][T14649] can: request_module (can-proto-0) failed. [ 783.077090][T14761] syz.3.1560 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 783.144303][T14761] FAULT_INJECTION: forcing a failure. [ 783.144303][T14761] name failslab, interval 1, probability 0, space 0, times 0 [ 783.247141][T14761] CPU: 1 UID: 0 PID: 14761 Comm: syz.3.1560 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 783.247199][T14761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 783.247218][T14761] Call Trace: [ 783.247228][T14761] [ 783.247239][T14761] dump_stack_lvl+0x16c/0x1f0 [ 783.247290][T14761] should_fail_ex+0x512/0x640 [ 783.247331][T14761] ? __kmalloc_noprof+0xbf/0x510 [ 783.247377][T14761] ? lsm_blob_alloc+0x68/0x90 [ 783.247418][T14761] should_failslab+0xc2/0x120 [ 783.247445][T14761] __kmalloc_noprof+0xd2/0x510 [ 783.247492][T14761] lsm_blob_alloc+0x68/0x90 [ 783.247535][T14761] security_prepare_creds+0x30/0x270 [ 783.247577][T14761] prepare_creds+0x56f/0x7d0 [ 783.247619][T14761] copy_creds+0xa7/0xa50 [ 783.247664][T14761] copy_process+0xff6/0x76a0 [ 783.247695][T14761] ? preempt_schedule_thunk+0x16/0x30 [ 783.247744][T14761] ? __pfx_copy_process+0x10/0x10 [ 783.247776][T14761] ? plist_check_head+0xa3/0x150 [ 783.247817][T14761] ? futex_private_hash_put+0xc7/0x240 [ 783.247856][T14761] kernel_clone+0xfc/0x960 [ 783.247890][T14761] ? __pfx_futex_wake+0x10/0x10 [ 783.247929][T14761] ? __pfx_kernel_clone+0x10/0x10 [ 783.247960][T14761] ? rcu_is_watching+0x12/0xc0 [ 783.248006][T14761] __do_sys_clone+0xce/0x120 [ 783.248040][T14761] ? __pfx___do_sys_clone+0x10/0x10 [ 783.248074][T14761] ? __pfx___might_resched+0x10/0x10 [ 783.248122][T14761] ? xfd_validate_state+0x61/0x180 [ 783.248162][T14761] ? __pfx_do_writev+0x10/0x10 [ 783.248210][T14761] do_syscall_64+0xcd/0x490 [ 783.248256][T14761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.248284][T14761] RIP: 0033:0x7f10f038e929 [ 783.248325][T14761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.248355][T14761] RSP: 002b:00007f10f127efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 783.248383][T14761] RAX: ffffffffffffffda RBX: 00007f10f05b5fa0 RCX: 00007f10f038e929 [ 783.248402][T14761] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000040011 [ 783.248420][T14761] RBP: 00007f10f0410b39 R08: 0000000000000000 R09: 0000000000000000 [ 783.248437][T14761] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 783.248454][T14761] R13: 0000000000000000 R14: 00007f10f05b5fa0 R15: 00007ffcecdaf758 [ 783.248490][T14761] [ 783.946897][T14770] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967293.4294967295.4294967293), cmd(2) [ 785.010964][T14784] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input136 [ 785.282830][T14786] can: request_module (can-proto-0) failed. [ 785.512946][T14786] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input137 [ 787.290454][T14816] FAULT_INJECTION: forcing a failure. [ 787.290454][T14816] name failslab, interval 1, probability 0, space 0, times 0 [ 787.337859][T14816] CPU: 0 UID: 0 PID: 14816 Comm: syz.2.1570 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 787.337903][T14816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 787.337921][T14816] Call Trace: [ 787.337931][T14816] [ 787.337943][T14816] dump_stack_lvl+0x16c/0x1f0 [ 787.337995][T14816] should_fail_ex+0x512/0x640 [ 787.338038][T14816] ? fs_reclaim_acquire+0xae/0x150 [ 787.338077][T14816] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 787.338117][T14816] should_failslab+0xc2/0x120 [ 787.338153][T14816] __kmalloc_noprof+0xd2/0x510 [ 787.338205][T14816] tomoyo_realpath_from_path+0xc2/0x6e0 [ 787.338257][T14816] tomoyo_check_open_permission+0x2ab/0x3c0 [ 787.338308][T14816] ? init_file+0x93/0x4c0 [ 787.338337][T14816] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 787.338372][T14816] ? pidfd_prepare+0x10c/0x1b0 [ 787.338409][T14816] ? __do_sys_clone+0xce/0x120 [ 787.338445][T14816] ? do_syscall_64+0xcd/0x490 [ 787.338533][T14816] ? find_held_lock+0x2b/0x80 [ 787.338576][T14816] tomoyo_file_open+0x6b/0x90 [ 787.338628][T14816] security_file_open+0x84/0x1e0 [ 787.338671][T14816] do_dentry_open+0x596/0x1c10 [ 787.338731][T14816] vfs_open+0x82/0x3f0 [ 787.338770][T14816] dentry_open+0x71/0xd0 [ 787.338804][T14816] pidfs_alloc_file+0x1ca/0x330 [ 787.338843][T14816] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 787.338895][T14816] pidfd_prepare+0x10c/0x1b0 [ 787.338936][T14816] copy_process+0x46ea/0x76a0 [ 787.338993][T14816] ? __pfx_copy_process+0x10/0x10 [ 787.339029][T14816] ? plist_check_head+0xa3/0x150 [ 787.339077][T14816] ? futex_private_hash_put+0xc7/0x240 [ 787.339121][T14816] kernel_clone+0xfc/0x960 [ 787.339167][T14816] ? __pfx_futex_wake+0x10/0x10 [ 787.339211][T14816] ? __pfx_kernel_clone+0x10/0x10 [ 787.339248][T14816] ? rcu_is_watching+0x12/0xc0 [ 787.339305][T14816] __do_sys_clone+0xce/0x120 [ 787.339343][T14816] ? __pfx___do_sys_clone+0x10/0x10 [ 787.339383][T14816] ? __pfx___might_resched+0x10/0x10 [ 787.339433][T14816] ? xfd_validate_state+0x61/0x180 [ 787.339497][T14816] do_syscall_64+0xcd/0x490 [ 787.339566][T14816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 787.339597][T14816] RIP: 0033:0x7f248018e929 [ 787.339622][T14816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 787.339653][T14816] RSP: 002b:00007f248101d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 787.339684][T14816] RAX: ffffffffffffffda RBX: 00007f24803b5fa0 RCX: 00007f248018e929 [ 787.339704][T14816] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 787.339723][T14816] RBP: 00007f2480210b39 R08: 0000000000000002 R09: 0000000000000000 [ 787.339742][T14816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 787.339760][T14816] R13: 0000000000000000 R14: 00007f24803b5fa0 R15: 00007ffce62fe658 [ 787.339799][T14816] [ 787.625878][ C0] vkms_vblank_simulate: vblank timer overrun [ 787.640130][T14816] ERROR: Out of memory at tomoyo_realpath_from_path. [ 789.086386][T14834] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1573'. [ 789.874349][T14820] Process accounting resumed [ 789.957039][T14845] ecryptfs_parse_packet_length: Error parsing packet length [ 789.964549][T14845] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 790.212118][T14851] can: request_module (can-proto-0) failed. [ 790.322617][T14853] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input138 [ 790.940511][T14858] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input139 [ 795.487818][T14920] can: request_module (can-proto-0) failed. [ 795.592041][T14928] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input141 [ 795.620059][T14922] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input142 [ 795.704596][T14919] can: request_module (can-proto-0) failed. [ 796.783628][T14951] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input143 [ 796.807091][T14938] can: request_module (can-proto-0) failed. [ 798.044184][T14967] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1592'. [ 798.819729][T14972] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1591'. [ 800.930378][T14999] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1596'. [ 802.701869][T15038] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1608'. [ 803.581740][T15061] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input145 [ 803.615351][T15056] can: request_module (can-proto-0) failed. [ 804.351483][T15070] can: request_module (can-proto-0) failed. [ 804.481054][T15080] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input146 [ 805.365246][T15092] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1610'. [ 806.049927][T15108] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input147 [ 806.279263][T15105] can: request_module (can-proto-0) failed. [ 806.693599][T15116] random: crng reseeded on system resumption [ 808.607058][T15150] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input148 [ 809.001052][T15141] can: request_module (can-proto-0) failed. [ 811.862618][T15204] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1625'. [ 812.579735][T15216] can: request_module (can-proto-0) failed. [ 812.581193][T15228] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input149 [ 812.780030][T15236] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input150 [ 812.793810][T15218] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1627'. [ 812.952189][T15225] can: request_module (can-proto-0) failed. [ 813.604461][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.630313][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 813.773497][T15241] ptrace attach of "./syz-executor exec"[15242] was attempted by "./syz-executor exec"[15241] [ 815.381260][T15268] can: request_module (can-proto-0) failed. [ 815.591012][T15275] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input151 [ 816.917957][T15293] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1639'. [ 820.244132][T15359] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1648'. [ 820.884778][T15338] Process accounting paused [ 820.995356][T15369] can: request_module (can-proto-0) failed. [ 823.267366][T15422] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input152 [ 823.297383][T15413] can: request_module (can-proto-0) failed. [ 824.074279][T15420] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1658'. [ 824.841981][T15441] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1659'. [ 825.120625][T15454] can: request_module (can-proto-0) failed. [ 825.279278][T15457] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input153 [ 826.015605][T15475] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input154 [ 826.124672][T15467] can: request_module (can-proto-0) failed. [ 827.027383][ T30] audit: type=1804 audit(4294967748.277:10): pid=15483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1666" name="/newroot/432/file0" dev="tmpfs" ino=2268 res=1 errno=0 [ 827.103829][ T30] audit: type=1800 audit(4294967748.277:11): pid=15483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1666" name="file0" dev="tmpfs" ino=2268 res=0 errno=0 [ 828.106913][T15495] can: request_module (can-proto-0) failed. [ 829.872233][T15522] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1672'. [ 832.673217][T15566] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1678'. [ 834.114482][T15592] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input155 [ 834.221142][T15587] can: request_module (can-proto-0) failed. [ 834.867422][T15600] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1683'. [ 835.964192][T15627] can: request_module (can-proto-0) failed. [ 835.995937][T15624] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input156 [ 837.328786][T15650] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1691'. [ 838.453245][T15674] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1693'. [ 840.427163][T15703] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1697'. [ 840.960424][T15719] can: request_module (can-proto-0) failed. [ 841.045673][T15721] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input158 [ 842.841885][T15737] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1703'. [ 843.565881][T15756] can: request_module (can-proto-0) failed. [ 843.642013][T15756] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input159 [ 845.083001][T15780] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1710'. [ 846.664875][T15804] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input160 [ 846.695837][T15798] can: request_module (can-proto-0) failed. [ 847.049520][T15810] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input161 [ 847.133525][T15807] can: request_module (can-proto-0) failed. [ 848.084557][T15822] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1715'. [ 848.601824][T15832] can: request_module (can-proto-0) failed. [ 848.716290][T15836] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input162 [ 850.555489][T15868] can: request_module (can-proto-0) failed. [ 850.847438][T15881] can: request_module (can-proto-0) failed. [ 850.931964][T15884] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input163 [ 851.063981][T15876] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1724'. [ 851.812379][T15864] Process accounting resumed [ 853.269141][T15915] can: request_module (can-proto-0) failed. [ 853.326314][T15915] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input164 [ 856.338909][T15955] can: request_module (can-proto-0) failed. [ 857.214623][T15973] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1738'. [ 858.282527][T15992] can: request_module (can-proto-0) failed. [ 858.582927][T16004] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1743'. [ 859.815586][T16015] can: request_module (can-proto-0) failed. [ 860.384363][T16031] can: request_module (can-proto-0) failed. [ 861.230926][T16043] can: request_module (can-proto-0) failed. [ 861.397840][T16051] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input165 [ 861.444227][T16047] can: request_module (can-proto-0) failed. [ 862.578580][T16066] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1752'. [ 862.753735][T16065] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1751'. [ 866.537552][T16138] can: request_module (can-proto-0) failed. [ 866.689562][T16151] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input166 [ 870.807689][T16204] can: request_module (can-proto-0) failed. [ 870.922445][T16211] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input167 [ 871.038082][T16212] can: request_module (can-proto-0) failed. [ 871.045415][T16218] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input168 [ 872.105884][T16235] can: request_module (can-proto-0) failed. [ 872.278758][T16242] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input169 [ 872.764442][T16255] can: request_module (can-proto-0) failed. [ 872.940358][T16255] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input170 [ 873.681489][T16265] can: request_module (can-proto-0) failed. [ 873.737758][T16267] can: request_module (can-proto-0) failed. [ 873.801085][T16265] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input171 [ 874.833869][T16290] can: request_module (can-proto-0) failed. [ 875.032210][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.039761][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.243284][T16297] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input172 [ 875.291291][T16294] can: request_module (can-proto-0) failed. [ 877.116431][T16328] can: request_module (can-proto-0) failed. [ 877.250680][T16335] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input173 [ 878.495437][T16357] can: request_module (can-proto-0) failed. [ 878.553811][T16357] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input175 [ 881.249281][T16397] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1797'. [ 882.614209][T16418] can: request_module (can-proto-0) failed. [ 882.930293][T16427] ima: policy update failed [ 883.097765][ T30] audit: type=1802 audit(4294967804.237:12): pid=16427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1803" res=0 errno=0 [ 883.149647][T16427] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1803'. [ 883.375969][T16424] Process accounting paused [ 885.345310][T16478] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input176 [ 885.430105][T16470] can: request_module (can-proto-0) failed. [ 889.006302][T16519] can: request_module (can-proto-0) failed. [ 889.123918][T16524] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input177 [ 889.801049][T16529] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1814'. [ 890.200709][T16541] can: request_module (can-proto-0) failed. [ 890.263492][T16540] can: request_module (can-proto-0) failed. [ 890.313903][T16544] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input178 [ 890.420761][T16540] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input179 [ 893.124599][T16589] can: request_module (can-proto-0) failed. [ 893.187790][T16596] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input180 [ 894.746718][T16615] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1828'. [ 895.843669][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 895.857591][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 895.878117][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 895.889248][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 895.905986][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 895.927375][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 895.939636][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 895.966679][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 897.612989][T16664] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1835'. [ 899.506603][T16696] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1840'. [ 901.971262][T16746] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input181 [ 902.135797][T16740] can: request_module (can-proto-0) failed. [ 903.725472][T16774] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1851'. [ 905.097937][T16797] can: request_module (can-proto-0) failed. [ 905.318035][T16797] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input182 [ 906.017828][T16810] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input183 [ 906.086426][T16808] can: request_module (can-proto-0) failed. [ 906.714908][T16814] FAULT_INJECTION: forcing a failure. [ 906.714908][T16814] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 906.736287][T16814] CPU: 1 UID: 0 PID: 16814 Comm: syz.0.1857 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 906.736327][T16814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 906.736346][T16814] Call Trace: [ 906.736356][T16814] [ 906.736367][T16814] dump_stack_lvl+0x16c/0x1f0 [ 906.736442][T16814] should_fail_ex+0x512/0x640 [ 906.736493][T16814] should_fail_alloc_page+0xe7/0x130 [ 906.736528][T16814] prepare_alloc_pages+0x3c2/0x610 [ 906.736567][T16814] ? rcu_is_watching+0x12/0xc0 [ 906.736604][T16814] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 906.736656][T16814] ? __lock_acquire+0xb8a/0x1c90 [ 906.736714][T16814] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 906.736766][T16814] ? do_raw_spin_lock+0x12c/0x2b0 [ 906.736816][T16814] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 906.736866][T16814] ? find_held_lock+0x2b/0x80 [ 906.736912][T16814] ? __lock_acquire+0xb8a/0x1c90 [ 906.736952][T16814] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 906.737013][T16814] ? policy_nodemask+0xea/0x4e0 [ 906.737048][T16814] alloc_pages_mpol+0x1fb/0x550 [ 906.737081][T16814] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 906.737144][T16814] folio_alloc_mpol_noprof+0x36/0x2f0 [ 906.737184][T16814] shmem_alloc_folio+0x135/0x160 [ 906.737226][T16814] shmem_alloc_and_add_folio+0x499/0xc20 [ 906.737282][T16814] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 906.737335][T16814] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 906.737390][T16814] shmem_get_folio_gfp+0x67f/0x1600 [ 906.737451][T16814] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 906.737503][T16814] ? __lock_acquire+0x622/0x1c90 [ 906.737550][T16814] shmem_fault+0x1fe/0xa30 [ 906.737599][T16814] ? __pfx_shmem_fault+0x10/0x10 [ 906.737670][T16814] __do_fault+0x10a/0x490 [ 906.737718][T16814] ? __pfx_filemap_map_pages+0x10/0x10 [ 906.737768][T16814] __handle_mm_fault+0x374c/0x5490 [ 906.737823][T16814] ? __pfx___handle_mm_fault+0x10/0x10 [ 906.737863][T16814] ? __pfx_mt_find+0x10/0x10 [ 906.737919][T16814] ? find_vma+0xbf/0x140 [ 906.737951][T16814] ? __pfx_find_vma+0x10/0x10 [ 906.737988][T16814] handle_mm_fault+0x589/0xd10 [ 906.738033][T16814] ? __pkru_allows_pkey+0x41/0xb0 [ 906.738094][T16814] do_user_addr_fault+0x7a6/0x1370 [ 906.738156][T16814] ? rcu_is_watching+0x12/0xc0 [ 906.738193][T16814] exc_page_fault+0x5c/0xb0 [ 906.738245][T16814] asm_exc_page_fault+0x26/0x30 [ 906.738277][T16814] RIP: 0010:__put_user_8+0xd/0x20 [ 906.738327][T16814] Code: 89 01 31 c9 0f 01 ca e9 81 5a 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca e9 56 5a 03 00 66 0f 1f 44 00 00 90 90 90 [ 906.738422][T16814] RSP: 0018:ffffc90005237bf8 EFLAGS: 00050206 [ 906.738452][T16814] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000027000 [ 906.738472][T16814] RDX: 0000000000080000 RSI: ffffffff825f2f97 RDI: ffffffff8c156420 [ 906.738493][T16814] RBP: 0000000000059010 R08: b58b10642bf2e2af R09: 0000000000000000 [ 906.738527][T16814] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000027000 [ 906.738546][T16814] R13: 0000000000004ffe R14: 0000000000000001 R15: 0000000000000000 [ 906.738581][T16814] ? kpage_read.constprop.0+0x137/0x5e0 [ 906.738629][T16814] kpage_read.constprop.0+0x142/0x5e0 [ 906.738669][T16814] ? __pfx_kpagecount_read+0x10/0x10 [ 906.738709][T16814] proc_reg_read+0x11d/0x330 [ 906.738755][T16814] ? __pfx_proc_reg_read+0x10/0x10 [ 906.738800][T16814] vfs_readv+0x5be/0x8b0 [ 906.738852][T16814] ? __pfx_vfs_readv+0x10/0x10 [ 906.738898][T16814] ? __mutex_lock+0x1ca/0xb90 [ 906.738957][T16814] ? __pfx___mutex_lock+0x10/0x10 [ 906.739022][T16814] ? __fget_files+0x20e/0x3c0 [ 906.739075][T16814] ? do_readv+0x132/0x340 [ 906.739112][T16814] do_readv+0x132/0x340 [ 906.739154][T16814] ? __pfx_do_readv+0x10/0x10 [ 906.739207][T16814] do_syscall_64+0xcd/0x490 [ 906.739258][T16814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.739289][T16814] RIP: 0033:0x7f1355d8e929 [ 906.739314][T16814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 906.739356][T16814] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 906.739383][T16814] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 906.739403][T16814] RDX: 0000000100000007 RSI: 00002000000001c0 RDI: 0000000000000003 [ 906.739421][T16814] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 906.739438][T16814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 906.739455][T16814] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 906.739504][T16814] [ 907.245050][T16819] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input184 [ 907.544849][T16816] can: request_module (can-proto-0) failed. [ 907.722318][T16824] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1859'. [ 908.162618][T16832] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input185 [ 908.312551][T16842] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1862'. [ 908.552178][T16846] can: request_module (can-proto-0) failed. [ 908.694218][T16846] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input186 [ 909.613901][T16865] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input187 [ 909.709619][T16860] can: request_module (can-proto-0) failed. [ 910.698516][T16882] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input188 [ 910.741600][T16880] can: request_module (can-proto-0) failed. [ 911.366281][T16894] can: request_module (can-proto-0) failed. [ 911.424109][T16894] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input189 [ 912.439922][T16911] FAULT_INJECTION: forcing a failure. [ 912.439922][T16911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 912.439971][T16911] CPU: 0 UID: 0 PID: 16911 Comm: syz.0.1876 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 912.439998][T16911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 912.440021][T16911] Call Trace: [ 912.440028][T16911] [ 912.440036][T16911] dump_stack_lvl+0x16c/0x1f0 [ 912.440077][T16911] should_fail_ex+0x512/0x640 [ 912.440115][T16911] should_fail_alloc_page+0xe7/0x130 [ 912.440139][T16911] prepare_alloc_pages+0x3c2/0x610 [ 912.440172][T16911] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 912.440212][T16911] ? stack_trace_save+0x8e/0xc0 [ 912.440258][T16911] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 912.440295][T16911] ? fb_var_to_videomode+0x4c9/0x690 [ 912.440336][T16911] ? __pfx_fb_match_mode+0x10/0x10 [ 912.440361][T16911] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 912.440394][T16911] ? vc_allocate+0x489/0x880 [ 912.440424][T16911] __alloc_pages_noprof+0xb/0x1b0 [ 912.440455][T16911] ___kmalloc_large_node+0x84/0x1e0 [ 912.440484][T16911] ? vc_allocate+0x489/0x880 [ 912.440513][T16911] __kmalloc_large_node_noprof+0x1c/0x70 [ 912.440551][T16911] __kmalloc_noprof.cold+0xc/0x61 [ 912.440606][T16911] vc_allocate+0x489/0x880 [ 912.440651][T16911] ? __pfx_vc_allocate+0x10/0x10 [ 912.440707][T16911] con_install+0xa1/0x600 [ 912.440755][T16911] ? __pfx_con_install+0x10/0x10 [ 912.440808][T16911] ? __pfx_con_install+0x10/0x10 [ 912.440854][T16911] tty_init_dev.part.0+0x99/0x500 [ 912.440887][T16911] tty_open+0xa50/0xf90 [ 912.440922][T16911] ? __pfx_tty_open+0x10/0x10 [ 912.440950][T16911] ? chrdev_open+0x58c/0x6a0 [ 912.441002][T16911] ? __pfx_tty_open+0x10/0x10 [ 912.441036][T16911] chrdev_open+0x234/0x6a0 [ 912.441085][T16911] ? __pfx_chrdev_open+0x10/0x10 [ 912.441132][T16911] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 912.441197][T16911] do_dentry_open+0x741/0x1c10 [ 912.441246][T16911] ? __pfx_chrdev_open+0x10/0x10 [ 912.441317][T16911] vfs_open+0x82/0x3f0 [ 912.441353][T16911] path_openat+0x1de4/0x2cb0 [ 912.441410][T16911] ? __pfx_path_openat+0x10/0x10 [ 912.441456][T16911] ? __lock_acquire+0xb8a/0x1c90 [ 912.441502][T16911] do_filp_open+0x20b/0x470 [ 912.441545][T16911] ? __pfx_do_filp_open+0x10/0x10 [ 912.441619][T16911] ? alloc_fd+0x471/0x7d0 [ 912.441675][T16911] do_sys_openat2+0x11b/0x1d0 [ 912.441709][T16911] ? __pfx_do_sys_openat2+0x10/0x10 [ 912.441756][T16911] __x64_sys_openat+0x174/0x210 [ 912.441790][T16911] ? __pfx___x64_sys_openat+0x10/0x10 [ 912.441841][T16911] do_syscall_64+0xcd/0x490 [ 912.441890][T16911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.441918][T16911] RIP: 0033:0x7f1355d8e929 [ 912.441941][T16911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 912.441972][T16911] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 912.441999][T16911] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 912.442029][T16911] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 912.442049][T16911] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 912.442067][T16911] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 912.442085][T16911] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 912.442124][T16911] [ 912.472014][T16913] can: request_module (can-proto-0) failed. [ 912.577076][T16913] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input190 [ 912.802080][T16923] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input191 [ 912.958186][T16919] can: request_module (can-proto-0) failed. [ 913.899253][T16912] Process accounting resumed [ 914.176195][T16941] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input192 [ 914.203000][T16942] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input193 [ 914.223641][T16936] can: request_module (can-proto-0) failed. [ 914.263139][T16932] can: request_module (can-proto-0) failed. [ 914.393504][T16943] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1883'. [ 916.977865][T16971] can: request_module (can-proto-0) failed. [ 917.014108][T16971] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input194 [ 921.133931][T17012] can: request_module (can-proto-0) failed. [ 921.236366][T17012] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input195 [ 921.470876][T17019] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1893'. [ 922.291207][T17030] ecryptfs_parse_packet_length: Error parsing packet length [ 922.302603][T17030] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 924.929499][T17068] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967293.4294967295.4294967293), cmd(2) [ 926.196248][T17091] FAULT_INJECTION: forcing a failure. [ 926.196248][T17091] name failslab, interval 1, probability 0, space 0, times 0 [ 926.226810][T17091] CPU: 0 UID: 0 PID: 17091 Comm: syz.0.1905 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 926.226842][T17091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 926.226856][T17091] Call Trace: [ 926.226863][T17091] [ 926.226871][T17091] dump_stack_lvl+0x16c/0x1f0 [ 926.226910][T17091] should_fail_ex+0x512/0x640 [ 926.226942][T17091] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 926.226979][T17091] should_failslab+0xc2/0x120 [ 926.227000][T17091] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 926.227033][T17091] ? trace_cap_capable+0x18d/0x200 [ 926.227052][T17091] ? create_new_namespaces+0x30/0xa90 [ 926.227089][T17091] create_new_namespaces+0x30/0xa90 [ 926.227113][T17091] ? bpf_lsm_capable+0x9/0x10 [ 926.227141][T17091] ? security_capable+0x7e/0x260 [ 926.227181][T17091] copy_namespaces+0x468/0x560 [ 926.227207][T17091] copy_process+0x2822/0x76a0 [ 926.227235][T17091] ? __pfx___futex_wait+0x10/0x10 [ 926.227278][T17091] ? __pfx_copy_process+0x10/0x10 [ 926.227322][T17091] kernel_clone+0xfc/0x960 [ 926.227351][T17091] ? __pfx_kernel_clone+0x10/0x10 [ 926.227394][T17091] __do_sys_clone+0xce/0x120 [ 926.227421][T17091] ? __pfx___do_sys_clone+0x10/0x10 [ 926.227448][T17091] ? __pfx___might_resched+0x10/0x10 [ 926.227482][T17091] ? xfd_validate_state+0x61/0x180 [ 926.227521][T17091] do_syscall_64+0xcd/0x490 [ 926.227558][T17091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 926.227582][T17091] RIP: 0033:0x7f1355d8e929 [ 926.227600][T17091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 926.227623][T17091] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 926.227644][T17091] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 926.227660][T17091] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 926.227673][T17091] RBP: 00007f1355e10b39 R08: 0000000000000002 R09: 0000000000000000 [ 926.227687][T17091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 926.227701][T17091] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 926.227730][T17091] [ 926.317102][T17089] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input196 [ 926.421491][T17092] can: request_module (can-proto-0) failed. [ 927.502010][T17104] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1908'. [ 928.003494][T17115] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1918'. [ 928.848767][T17140] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input197 [ 929.015939][T17136] can: request_module (can-proto-0) failed. [ 935.031182][T17222] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 936.488780][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.495698][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 938.306294][T17274] random: crng reseeded on system resumption [ 938.781265][T17282] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1936'. [ 938.966349][T17296] ================================================================== [ 938.966365][T17296] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 938.966399][T17296] Write of size 8 at addr ffffc900038092a0 by task syz.0.1938/17296 [ 938.966418][T17296] [ 938.966429][T17296] CPU: 1 UID: 0 PID: 17296 Comm: syz.0.1938 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 938.966456][T17296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 938.966470][T17296] Call Trace: [ 938.966477][T17296] [ 938.966485][T17296] dump_stack_lvl+0x116/0x1f0 [ 938.966522][T17296] print_report+0xcd/0x680 [ 938.966542][T17296] ? __virt_addr_valid+0x81/0x610 [ 938.966568][T17296] ? sys_imageblit+0x1a6f/0x1e60 [ 938.966593][T17296] kasan_report+0xe0/0x110 [ 938.966614][T17296] ? sys_imageblit+0x1a6f/0x1e60 [ 938.966643][T17296] sys_imageblit+0x1a6f/0x1e60 [ 938.966672][T17296] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 938.966697][T17296] ? __pfx_sys_imageblit+0x10/0x10 [ 938.966735][T17296] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 938.966766][T17296] soft_cursor+0x524/0xa10 [ 938.966790][T17296] bit_cursor+0xe8c/0x17e0 [ 938.966829][T17296] ? __pfx_bit_cursor+0x10/0x10 [ 938.966869][T17296] ? fb_get_color_depth+0x120/0x250 [ 938.966901][T17296] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 938.966937][T17296] ? get_color+0x1ce/0x440 [ 938.966966][T17296] ? __pfx_bit_cursor+0x10/0x10 [ 938.967001][T17296] fbcon_cursor+0x40c/0x5f0 [ 938.967035][T17296] hide_cursor+0x84/0x220 [ 938.967072][T17296] do_con_write+0x23f7/0x8280 [ 938.967109][T17296] ? __pfx___might_resched+0x10/0x10 [ 938.967135][T17296] ? rcu_is_watching+0x12/0xc0 [ 938.967158][T17296] ? trace_contention_end+0xdd/0x130 [ 938.967190][T17296] ? __mutex_lock+0x1ca/0xb90 [ 938.967230][T17296] ? __pfx_do_con_write+0x10/0x10 [ 938.967266][T17296] ? lockdep_hardirqs_on+0x7c/0x110 [ 938.967309][T17296] con_write+0x23/0xb0 [ 938.967343][T17296] n_tty_write+0x40f/0x1160 [ 938.967372][T17296] ? __pfx_n_tty_write+0x10/0x10 [ 938.967396][T17296] ? rcu_is_watching+0x12/0xc0 [ 938.967417][T17296] ? __pfx_woken_wake_function+0x10/0x10 [ 938.967453][T17296] ? kfree+0x24f/0x4d0 [ 938.967478][T17296] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 938.967514][T17296] ? __pfx_n_tty_write+0x10/0x10 [ 938.967539][T17296] file_tty_write.constprop.0+0x504/0x9b0 [ 938.967579][T17296] redirected_tty_write+0xd4/0x150 [ 938.967613][T17296] vfs_write+0x6c7/0x1150 [ 938.967644][T17296] ? __pfx_redirected_tty_write+0x10/0x10 [ 938.967681][T17296] ? __pfx_vfs_write+0x10/0x10 [ 938.967710][T17296] ? find_held_lock+0x2b/0x80 [ 938.967739][T17296] ksys_write+0x12a/0x250 [ 938.967769][T17296] ? __pfx_ksys_write+0x10/0x10 [ 938.967804][T17296] do_syscall_64+0xcd/0x490 [ 938.967839][T17296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 938.967862][T17296] RIP: 0033:0x7f1355d8e929 [ 938.967879][T17296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 938.967901][T17296] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 938.967922][T17296] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 938.967937][T17296] RDX: 00000004fffffdf2 RSI: 0000000000000000 RDI: 0000000000000003 [ 938.967951][T17296] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 938.967965][T17296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 938.967978][T17296] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 938.968000][T17296] [ 938.968008][T17296] [ 938.968017][T17296] The buggy address belongs to the virtual mapping at [ 938.968017][T17296] [ffffc90003509000, ffffc9000380a000) created by: [ 938.968017][T17296] drm_gem_shmem_vmap_locked+0x4bc/0x720 [ 938.968073][T17296] [ 938.968079][T17296] Memory state around the buggy address: [ 938.968090][T17296] ffffc90003809180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 938.968106][T17296] ffffc90003809200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 938.968121][T17296] >ffffc90003809280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 938.968132][T17296] ^ [ 938.968144][T17296] ffffc90003809300: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 938.968159][T17296] ffffc90003809380: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 938.968171][T17296] ================================================================== [ 938.968183][T17296] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 938.968198][T17296] CPU: 1 UID: 0 PID: 17296 Comm: syz.0.1938 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 938.968242][T17296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 938.968256][T17296] Call Trace: [ 938.968263][T17296] [ 938.968271][T17296] dump_stack_lvl+0x3d/0x1f0 [ 938.968306][T17296] panic+0x71c/0x800 [ 938.968338][T17296] ? __pfx_panic+0x10/0x10 [ 938.968371][T17296] ? __pfx__printk+0x10/0x10 [ 938.968419][T17296] ? rcu_is_watching+0x12/0xc0 [ 938.968446][T17296] ? sys_imageblit+0x1a6f/0x1e60 [ 938.968473][T17296] check_panic_on_warn+0xab/0xb0 [ 938.968507][T17296] end_report+0x107/0x170 [ 938.968555][T17296] kasan_report+0xee/0x110 [ 938.968576][T17296] ? sys_imageblit+0x1a6f/0x1e60 [ 938.968606][T17296] sys_imageblit+0x1a6f/0x1e60 [ 938.968634][T17296] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 938.968659][T17296] ? __pfx_sys_imageblit+0x10/0x10 [ 938.968697][T17296] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 938.968727][T17296] soft_cursor+0x524/0xa10 [ 938.968751][T17296] bit_cursor+0xe8c/0x17e0 [ 938.968791][T17296] ? __pfx_bit_cursor+0x10/0x10 [ 938.968831][T17296] ? fb_get_color_depth+0x120/0x250 [ 938.968863][T17296] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 938.968899][T17296] ? get_color+0x1ce/0x440 [ 938.968929][T17296] ? __pfx_bit_cursor+0x10/0x10 [ 938.968964][T17296] fbcon_cursor+0x40c/0x5f0 [ 938.969017][T17296] hide_cursor+0x84/0x220 [ 938.969053][T17296] do_con_write+0x23f7/0x8280 [ 938.969091][T17296] ? __pfx___might_resched+0x10/0x10 [ 938.969116][T17296] ? rcu_is_watching+0x12/0xc0 [ 938.969139][T17296] ? trace_contention_end+0xdd/0x130 [ 938.969172][T17296] ? __mutex_lock+0x1ca/0xb90 [ 938.969229][T17296] ? __pfx_do_con_write+0x10/0x10 [ 938.969266][T17296] ? lockdep_hardirqs_on+0x7c/0x110 [ 938.969307][T17296] con_write+0x23/0xb0 [ 938.969344][T17296] n_tty_write+0x40f/0x1160 [ 938.969376][T17296] ? __pfx_n_tty_write+0x10/0x10 [ 938.969401][T17296] ? rcu_is_watching+0x12/0xc0 [ 938.969425][T17296] ? __pfx_woken_wake_function+0x10/0x10 [ 938.969463][T17296] ? kfree+0x24f/0x4d0 [ 938.969491][T17296] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 938.969530][T17296] ? __pfx_n_tty_write+0x10/0x10 [ 938.969557][T17296] file_tty_write.constprop.0+0x504/0x9b0 [ 938.969599][T17296] redirected_tty_write+0xd4/0x150 [ 938.969637][T17296] vfs_write+0x6c7/0x1150 [ 938.969670][T17296] ? __pfx_redirected_tty_write+0x10/0x10 [ 938.969708][T17296] ? __pfx_vfs_write+0x10/0x10 [ 938.969739][T17296] ? find_held_lock+0x2b/0x80 [ 938.969769][T17296] ksys_write+0x12a/0x250 [ 938.969814][T17296] ? __pfx_ksys_write+0x10/0x10 [ 938.969850][T17296] do_syscall_64+0xcd/0x490 [ 938.969886][T17296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 938.969909][T17296] RIP: 0033:0x7f1355d8e929 [ 938.969925][T17296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 938.969948][T17296] RSP: 002b:00007f1356b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 938.969969][T17296] RAX: ffffffffffffffda RBX: 00007f1355fb5fa0 RCX: 00007f1355d8e929 [ 938.969985][T17296] RDX: 00000004fffffdf2 RSI: 0000000000000000 RDI: 0000000000000003 [ 938.969999][T17296] RBP: 00007f1355e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 938.970014][T17296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 938.970028][T17296] R13: 0000000000000000 R14: 00007f1355fb5fa0 R15: 00007ffd193a1978 [ 938.970055][T17296] [ 938.970444][T17296] Kernel Offset: disabled