last executing test programs: 11.662266679s ago: executing program 1 (id=3565): open(&(0x7f0000000000)='./file0\x00', 0xa09c2, 0xa4) r0 = socket(0x2, 0x801, 0x100) pipe$auto(&(0x7f0000001100)=r0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x60201, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/irq/2/hwirq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) inotify_add_watch$auto(r1, &(0x7f0000000100)='./file0\x00', 0x1) socket(0x10, 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f0000000180)=@generic={0x28, "606f30396a0000f00000000200"}, 0x54) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$auto(r0, &(0x7f0000000140)=@tipc=@name={0x1e, 0x2, 0x1, {{0x40, 0x2}, 0x3}}, 0xfffffffb) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r4, 0x0, 0x200400d0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r5, 0x8000) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon26\x00', 0x0, 0x0) 10.473435306s ago: executing program 1 (id=3567): openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/block/nbd13/sched/read2_fifo_list\x00', 0xe0000, 0x0) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) socket(0x23, 0x4, 0xffffffbd) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D1\x00', 0x4400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x48a562, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x6, 0x3}, 0x57177fc5}, 0x9, 0xe) r3 = socket(0xa, 0x2, 0x88) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r3, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x402000d, 0x80000df, 0x13, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb3, 0x401, 0x4) madvise$auto(0x0, 0xffffffffffff8005, 0x0) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xffffeffe) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4003, 0x6, 0xf, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x162, 0x76c5, 0x5, 0x100000000}}) mmap$auto(0x0, 0x400008, 0x8, 0x9b73, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) 9.318820905s ago: executing program 1 (id=3569): unshare$auto(0x40000080) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x142, 0x0) writev$auto(r0, &(0x7f0000000c00)={0x0, 0x7}, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) preadv2$auto(r1, &(0x7f0000000240)={0x0, 0x6}, 0x6, 0x7fff, 0xd01f, 0xc2) r2 = socket(0x1a, 0x5, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0404000000080017000800000004000e1709261c2f9020000000"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x92000, 0x0) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_GET(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x64004090}, 0x24004854) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r2) r5 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x103700, 0x0) read$auto(r5, 0x0, 0x4000000081) 8.445749151s ago: executing program 1 (id=3574): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0x1, 0x201, 0x2, 0x5, 0x3, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x80001, 0x4, 0x11ffffffffffd, 0xb5, 0x2, 0x9, 0x10, 0x80, 0xfffffffffffffffd, 0x4, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x5, 0x0, 0x0, 0x0, 0x0, [0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x8, 0x0, 0x7fffffff, 0xffffffffffffffff, 0x0, 0x9, 0xa, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20000000000000, 0x0, 0x200, 0x0, 0x10000, 0x0, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x2000000c) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) ioctl$auto(0xc8, 0x800454d2, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1a1a, 0x2, 0x3, 0x95f4da0a, 0x7f, 0x20000003, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) r2 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r2, 0x0, 0x1, 0x0, 0x1e) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f00000000c0), 0x109002, 0x0) pread64$auto(r3, &(0x7f0000000240)='/dev/ubi_ctrl\x00', 0x9, 0x8) r4 = socket(0xa, 0x802, 0x3a) setsockopt$auto(r4, 0x29, 0x21, &(0x7f0000000880)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\x94>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xaa\xce\fh-M\xdb-\x15VX\xfe\xca+\xb5\x95\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i3\x83\xd7\x06\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2Bf\x99!Z\x13\xff\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,\xb0\x9fA3\xc2\xa2\x1cM\x825\x94U\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84', 0x18000113) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) mmap$auto(0x8000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) 7.815173097s ago: executing program 3 (id=3575): socket(0x10, 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0xfffffffffffffffc, 0x78, 0x19) select$auto(0xe, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x7}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/nilfs2/features/README\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/6, 0x6) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/path_max\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) mprotect$auto(0x8000, 0x8, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x8, 0x5, 0x0, 0x9, 0xfffffffffffffffc, 0x83, 0x6, 0x2, 0x9, 0xffff, 0x4000000000000002, 0xd, 0x3, 0xfffffffffffffffe, 0x7, 0x1000000006]}, 0x0, 0x0) syslog$auto(0x2, &(0x7f0000000000)='-#:\x00[\xda\xe2\xc3L\xd30{Q\xecvP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\xf2\xbe\xef\v\xf1d\xdd\x0e\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x033\x8f\xb9(\n/\xcdo\xc2', 0xcf) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x1002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) 7.286182895s ago: executing program 2 (id=3578): mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0x1e, 0x5, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) sysfs$auto(0x2, 0x100000000000027, 0x0) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x0, 0x8, 0xd, 0x3, 0x81, 0xffffffff, 0x2000000000000002, 0x0, 0x9, 0x1, 0x4, 0x5, 0xb0, 0x9, 0x20000800001, 0xffffffff, 0x5, 0x7, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}, 0x9, 0x81) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0xffffffff, 0x0) write$auto(0x3, 0x0, 0xfffffdef) getsockopt$auto_SO_ZEROCOPY(r0, 0x4, 0x3c, &(0x7f0000000040)='$\x00', &(0x7f00000000c0)=0xa4) sysfs$auto(0x2, 0x1e, 0x355) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) close_range$auto(0x2, 0xa, 0x0) 6.174882213s ago: executing program 0 (id=3579): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip_vti0\x00'}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r0, 0x8000, 0x2, 0xffffffffffffffff, @relative_id=0x13, 0x6}, 0x13) mmap$auto(0x4, 0x20009, 0x4000000000db, 0x100000000000012, r0, 0x80000001) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x5876236c3bea3773, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='{\x00', 0xfff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70fd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x8, 0x7, 0x0, 0x1, [@typed={0x4, 0x2}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) 6.147559483s ago: executing program 2 (id=3580): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setrlimit$auto(0x1000000007, 0x0) memfd_secret$auto(0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) r1 = io_uring_setup$auto(0x4, 0x0) keyctl$auto_KEYCTL_PKEY_DECRYPT(0x1a, 0x0, 0x0, 0x0, 0x4) r2 = bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f0000000240)=@enable_stats={0x6}, 0x80000000) r3 = waitid$auto_P_PIDFD(0x3, r1, &(0x7f0000000300)={@siginfo_0_0={0x0, 0x4, 0x9, @_sigchld={0xffffffffffffffff, 0xffffffffffffffff, 0xdf, 0x9, 0x4}}}, 0x6, &(0x7f0000000380)={{0x0, 0x1}, {0x3284, 0x1}, 0xd61, 0x3, 0xe, 0x7fffffffffffffff, 0x8, 0x4e43c2ed, 0x2, 0x0, 0x3, 0xd964, 0x8a8, 0x4, 0x7, 0x7}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000440)={{@raw=0x8d, 0x100, 0x80000001, 0x8, "c5f926bf542d6ee333a7587172005aea7bb529d028c8d7afeede2b67238ba584446bf82a944f6769712e5a2a", @inferred=r3}, 0x0, @iec958={"9921c29b1b55c440d6f3361d2150b6b58a4b0f498dbb66c9", "49b20d917a444eafd20883ac5c4372dd9f46c13258659cd93c52d20fe6b53daa172404fc9b6a0ba2d8ac21e0d77ec2368bdec0e07868bb36080586187b91d530c59502ed56c77e2b48c8e6ecdadde3acc2be3f82604e0b4d804c9f483524bb0890ee40ec2fe862a39bb968e019f955a4c40dc41ee7d11ce051350297f3001bc234fd37380849308f3b5d767a57f2a1c2840299", 0x0, "a80624a1"}, "6edb8f2ae5f25332442ee56b3f83f02f885ba9c86e704a9675d089fc0f7cc9338153efa218b0eec64b0fc18bfe7d5ea1089f75f60573fbf302c71aa2a8c99044a52157a9e8c66a5cc640bb732837e469678be21f9280d73ffe1f7bceffb50501f079d5d6d65592c7928ee702168f4494a9511770cdc60ec38414ca0ae109fc21"}) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x28, 0x5, 0x0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) eventfd$auto(0xabf) r4 = signalfd$auto(0x4, 0x0, 0x8) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) prctl$auto(0x401, 0xe, r3, 0x69, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_FIONCLEX(r4, 0x5450, 0x6) r6 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x0, 0x0) pread64$auto(r6, 0x0, 0x100000009, 0xa4000000000002) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0xffffffff, &(0x7f0000000180)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\x01\x00\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0) sendfile$auto(r8, r7, 0x0, 0x48) 6.020347783s ago: executing program 1 (id=3581): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000040)='{\x00', 0xfff) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r2, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/video30/dev_debug\x00', 0x129102, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_BLKTRACESETUP32(r4, 0xc0401273, &(0x7f00000000c0)={"d98a534340a3bf2ba7ecb329acc05d97e1f6ca932c28b502cf31b374c553a249", 0xffff, 0x101, 0x2, 0x100000001, 0x55, 0x0}) prctl$auto(0x8, 0x67, r5, 0x9, 0xfcf9) mmap$auto(0x5, 0x40009, 0xe0, 0x9b72, 0xffffffffffffffff, 0xa) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop2\x00', 0x200000, 0x0) open(0x0, 0x161342, 0x0) msync$auto(0x110c230000, 0x1800000ff010000, 0x400000004) 4.938647028s ago: executing program 0 (id=3582): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x4, 0x6, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) socket(0xa, 0x3, 0x73) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, 0x0, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @remote}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa, 0x1, @multicast}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xf}, @HSR_A_IF2_AGE={0x8, 0x4, 0x88000001}, @HSR_A_NODE_ADDR={0xa, 0x1, @local}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) getpid() ioctl$auto(0x3, 0x800005411, 0x38) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) r0 = socket(0x10, 0x2, 0x6) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0x1c, 0x1e, 0x0, 0x1, [@nested={0x18, 0x122, 0x0, 0x1, [@nested={0x8, 0x46, 0x0, 0x1, [@nested={0x4, 0xf7}]}, @nested={0xa, 0x10, 0x0, 0x1, [@generic='\x00\x00\x00*O{']}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) 4.506757233s ago: executing program 0 (id=3583): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/timestamp_mode\x00', 0x200, 0x0) read$auto_trace_time_stamp_mode_fops_trace(r0, &(0x7f00000000c0)=""/45, 0x2d) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x1001, 0x0) ioctl$auto_SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = io_uring_setup$auto(0x6, &(0x7f0000000240)={0x9, 0x7, 0x10, 0x14b0e90d, 0x8001, 0x80, r2, [0x7, 0x9, 0x9], {0x98a6686, 0x0, 0x8, 0x6, 0x1, 0x2, 0x6, 0x101, 0x2}, {0x7, 0xa, 0x676, 0x9, 0x5, 0x1000, 0x1, 0x3, 0x2}}) r6 = syz_genetlink_get_family_id$auto_nl80211(0x0, r4) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x302, 0x0) mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0x401, 0x300000000000) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = waitid$auto(0x42, 0xffffffffffffffff, &(0x7f0000000240)={@siginfo_0_0={0x7, 0x7d2, 0xd5ae, @_sigfault={&(0x7f00000000c0), @_addr_lsb=0x8}}}, 0x2, &(0x7f00000002c0)={{0x0, 0xffffffffffffffff}, {0x4e, 0x7}, 0x7f, 0x9, 0x6, 0x3fffffff80000000, 0x800, 0x7, 0x7, 0x7, 0x9, 0x3, 0x10001, 0x9577, 0x9, 0x9}) r9 = geteuid() shmctl$auto_SHM_INFO(0x7, 0xe, 0x0) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r5, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000640)={0xd4, r6, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x2}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x7}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_FRAME_MATCH={0xa6, 0x5b, "1c2b6929d24a270e46bbb474644f69400d01d493b43270747447e28db2dd48626d3f7f5efda826e1b86aafc2d6c6fa092e99d3f1b338164d7c767db17327d43885120ec2d8b8bf0672283d5d02016da0457fe5dcdd409dd786eda609cb629a0a62681f7f88ba85c46059d31e8207bcbcd15ad08dfe355ee2b4e5953e7d60b332d02a818d29ed55667eafc887efc13a08419750f000baa0395389b124d2ec79ab68e9"}]}, 0xd4}, 0x1, 0x0, 0x0, 0x810}, 0x4044800) pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x2, &(0x7f0000000380)={@siginfo_0_0={0x4, 0xfffffffa, 0x0, @_kill={r8, r9}}}, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x2120, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="010042bd7000fcdbdf257e5d9a00"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 4.311757523s ago: executing program 3 (id=3584): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) socket(0x23, 0x4, 0xffffffbd) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D1\x00', 0x4400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x48a562, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x6, 0x3}, 0x57177fc5}, 0x9, 0xe) r3 = socket(0xa, 0x2, 0x88) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r3, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x402000d, 0x80000df, 0x13, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb3, 0x401, 0x4) madvise$auto(0x0, 0xffffffffffff8005, 0x0) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xffffeffe) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4003, 0x6, 0xf, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x162, 0x76c5, 0x5, 0x100000000}}) mmap$auto(0x0, 0x400008, 0x8, 0x9b73, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) 4.078989966s ago: executing program 2 (id=3585): open(&(0x7f0000000000)='./file0\x00', 0xa09c2, 0xa4) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) madvise$auto(0x0, 0x1de0, 0x10000) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram8/dev\x00', 0x6a8800, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x40, 0x0, 0x1f4, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000001100)='/proc/self/attr/exec\x00', 0x200000, 0x0) write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0) write$auto(r1, &(0x7f0000000100)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~15\x9dv\xb2H', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rxrpc/peers\x00', 0x101000, 0x0) pread64$auto(r2, 0x0, 0x80, 0xffff) socket(0x2, 0x801, 0x100) pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x73, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) sendfile$auto(0x6, 0x3, 0x0, 0xfffffdef) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000) 4.05503212s ago: executing program 1 (id=3586): socket(0x2, 0x1, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r2, 0x80285442, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/uevent_seqnum\x00', 0x0, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0xa, 0xffffffffffff0001, 0x15) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffffffff, 0x15) r4 = socket(0x23, 0x2, 0x1000003d) mmap$auto(0x80000, 0x20004, 0x1fd, 0xeb1, r1, 0x1000) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) writev$auto(r5, 0x0, 0x400) io_uring_setup$auto(0x52, 0x0) madvise$auto(0x0, 0x2000040080000007, 0xe) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x1e702, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x48910}, 0x24000080) r7 = getpid() process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) recvmmsg$auto(r6, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) 3.445026291s ago: executing program 0 (id=3587): open(&(0x7f0000000000)='./file0\x00', 0xa09c2, 0xa4) r0 = socket(0x2, 0x801, 0x100) pipe$auto(&(0x7f0000001100)=r0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x60201, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/irq/2/hwirq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) inotify_add_watch$auto(r1, &(0x7f0000000100)='./file0\x00', 0x1) socket(0x10, 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f0000000180)=@generic={0x28, "606f30396a0000f00000000200"}, 0x54) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$auto(r0, &(0x7f0000000140)=@tipc=@name={0x1e, 0x2, 0x1, {{0x40, 0x2}, 0x3}}, 0xfffffffb) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r4, 0x0, 0x200400d0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r5, 0x8000) r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRESOCT=r4, @ANYRES16=r6, @ANYBLOB="010025bd700002dcdf2503000000040008000400080180100010800c000b00080001000000"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon26\x00', 0x0, 0x0) 3.300753666s ago: executing program 3 (id=3588): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_TP_METER(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x30, r1, 0x77bed28568c43d3b, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffffff}]}, 0x30}, 0x1, 0x100000001000000, 0x60, 0x2019}, 0x8080) stat$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.981559508s ago: executing program 3 (id=3589): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "f34cae3a", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_CREATE_VM(r3, 0x4018aee1, 0x0) rename$auto(0x0, 0x0) ioctl$auto_XFS_IOC_FSBULKSTAT(r2, 0xc0205865, &(0x7f00000002c0)={&(0x7f0000000040)=0x1, 0x10001, 0x0, &(0x7f0000000280)=0x2}) io_uring_setup$auto(0x2, 0x0) syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 2.618007323s ago: executing program 2 (id=3590): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x62, 0x80000000, 0x9, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0x5) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xfffffff8, 0x8, 0xae85, 0xffffffffffffffff, 0x4, 0x7ff}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000000)={0xe123, 0xffffffffffffffff}) getsockopt$auto_SO_RXQ_OVFL(r2, 0x42, 0x28, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=0x8) r3 = socket(0x15, 0x5, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r4, 0xaf02, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000080), r5) r7 = gettid() r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_DAEMON(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)={0x14, r9, 0x701, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x40000) sendmsg$auto_IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)={0x41c, r9, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x2ed, 0x2, 0x0, 0x1, [@generic="7afeeb1d94177babd8ff85c5d5a22acea2fb870cfb522f8c6798bdfd3da8a1f33ae26dd7503103c21939a51e39a86ffbb755af27b60abaf791eff3659a11a48870deac2a9ba66438e6e8ba7cc918bbd75ab6433f6e0097f458e9c09494176faf4f3ca44310d6f31d7adea18535b18cc25ce46ecbe19839e858c6fa541a3d7a0903389e6adce9c110599fd32ce2c294ea9d6447da1d6e2d04c806cdbbe47ff6c4664e5836513dd0cb91827008a5f06c49b03e6fdce12f5a8fa00ffc27a7fdcd6e785794c9d3a06ef07d83491eba38f63fa314c18824c3", @typed={0x4, 0xc9}, @typed={0x8, 0x41, 0x0, 0x0, @u32=0x7}, @typed={0x6, 0x24, 0x0, 0x0, @str='{\x00'}, @generic="341f490cd2ff8233489d2ae8910d9ceea328de67976c9dc913944dd9faebde978f7e0ee2fc09c8a0b7b9f33909fe3aa8b522840f88c8049fd9b9496a48df7b4b714cd45b6d076f0f2a7c42286c42be4e044b11ea0dc111f17912f3bd9e22fdf15a5fb110baac42d56532", @generic="550d765e4f667e991d527fe2be5bb41e6a84d19a8e895e031292263792f705c4be837aaa996077b7fd96cb545f4c57137269c65ac56f3a237523f2eabed09ad4e51ce3a9963da75cc4d92d8ba046cb76ba387b7197d62ded8869d25005ba4c91b47e3fb6faf4dd3712e28a48a109680567465ec3f96e666a8d6c2831bb924a56ea74403b398556f5ac7cf82e7a697d1b7ad3167f2a0ebce7589018b6289f2c55622494b537f1da7f99c36847113bc666580a2e9376f05cecdcec117a060fb1be5f642096b7b6f074534ca6922ee58d01d9558aa3fe96e02fdd4ea978306d4fed406d61d9af4fa5c443816dfb47", @typed={0x8, 0x100, 0x0, 0x0, @fd=r1}, @nested={0x20, 0xe4, 0x0, 0x1, [@typed={0x10, 0xc6, 0x0, 0x0, @binary="b06e461b7d890eee94d5a82e"}, @nested={0x4, 0xa2}, @typed={0x8, 0x5c, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @nested={0x7e, 0xd3, 0x0, 0x1, [@typed={0x8, 0x1b, 0x0, 0x0, @ipv4=@loopback}, @nested={0x4, 0x11e}, @nested={0x4, 0x6}, @typed={0x8, 0x5f, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x8, 0x9d, 0x0, 0x0, @u32=0x1}, @nested={0x4, 0xc9}, @generic="d0e8ad7ffc3f9a46dfa7ded4f12ad0bf3cd82acf35ff5da8b7febca0f86d777aff778baf36b74dcc9060f034a1bd89249c733ae18e792e77f3f0a1e5be49f9d348a9af831ee57c2daaa18022bb21a44777c90b2530a3"]}]}, @IPVS_CMD_ATTR_DEST={0xfd, 0x2, 0x0, 0x1, [@generic="77a2c6600931cbc21814bc3998637b4e9fdd36778c7847582369a08c12d7f233ae617874bd45eb616dbf995b96a2739baded15899ae1274ba9b746106f3a4580d25f02526b6febfa25b237ff1533eca82b92de36bcfc9b68be4aeaad640c869e037cf70ba04a8831ad8dfe23b6253a1dc33467bfa662921cb8b6735b94b508ed04a61e7ad3eaffcf8b139bb901638021de795101e1b53605258cedeb3a3a9c6ce75baed6d3", @generic="8c7ae9d4bf93f32820ee67cc8df3198696a1d3b1283db34a857a33373a67a4067bf82b06", @generic="331ef98da2c20ccb99758b9669061ccaeda45fa9f4028e731ab0a2a6a189ecfed24eaf7448a1c260d872fd3bba68afbf"]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1ff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}]}, 0x41c}, 0x1, 0x0, 0x0, 0x11}, 0x80c4) sendmsg$auto_TASKSTATS_CMD_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010a2bbd7000fbdbdf250100000008000200", @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x2400c8c1}, 0x20048090) write$auto_bm_status_operations_binfmt_misc(r2, &(0x7f0000000100)="6a496d3399a41142d3af5bf75b48661e3c1727fc4ed01e4c764655ce2c81a455866a20903865eabaa56851232b65852ed6303a8f0b5092dcfe54130c3f3bb0b8bab0db14bd6a7dd02dd4ea5dc4ce189a92ea955c1f7cc2b69db5830361", 0x5d) setsockopt$auto(r3, 0x114, 0x8, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) 2.301692138s ago: executing program 0 (id=3591): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1d, 0x2, 0x7) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0) write$auto(r1, 0x0, 0xff) read$auto(0x3, 0x0, 0xf34) r2 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0) write$auto_uprobe_events_ops_trace_uprobe(r2, &(0x7f0000000000)="706f3a82d9e5cc7c2ceda8d50bfc94be9fe6c22ffaf8493a38", 0x19) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/memory.kmem.slabinfo\x00', 0xb02, 0x0) sendfile$auto(r3, r3, 0x0, 0x1) r4 = getsid$auto(0xffffffffffffffff) r5 = getpgid$auto(0x0) getpriority$auto_PRIO_PGRP(0x1, r5) r6 = clone3$auto(&(0x7f00000002c0)={0x4, 0x5, 0x1, 0x59, 0x2008000, 0xffffffffffffffff, 0x7, 0x7, 0x7fffffff, 0xc, 0x20000000000200}, 0x7) ptrace$auto_PTRACE_GETSIGMASK(0x420a, r6, 0x6e3, 0x1) r7 = getpid() process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) syz_clone3(&(0x7f00000002c0)={0xa6175af35705c891, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140), {0x18}, &(0x7f0000000180)=""/17, 0x11, &(0x7f0000000200)=""/104, &(0x7f0000000280)=[r4, r5, r6, r7], 0x4, {r0}}, 0x58) socket(0x10, 0x100807, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd29, 0x53, 0x0) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/dfscache\x00', 0x101a41, 0x0) write$auto(r8, 0x0, 0x6) 1.356582712s ago: executing program 3 (id=3592): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x62, 0x80000000, 0x9, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0x5) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xfffffff8, 0x8, 0xae85, 0xffffffffffffffff, 0x4, 0x7ff}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000000)={0xe123, 0xffffffffffffffff}) getsockopt$auto_SO_RXQ_OVFL(r2, 0x42, 0x28, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=0x8) r3 = socket(0x15, 0x5, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r4, 0xaf02, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000080), r5) r7 = gettid() r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_DAEMON(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)={0x14, r9, 0x701, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x40000) sendmsg$auto_IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)={0x41c, r9, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x2ed, 0x2, 0x0, 0x1, [@generic="7afeeb1d94177babd8ff85c5d5a22acea2fb870cfb522f8c6798bdfd3da8a1f33ae26dd7503103c21939a51e39a86ffbb755af27b60abaf791eff3659a11a48870deac2a9ba66438e6e8ba7cc918bbd75ab6433f6e0097f458e9c09494176faf4f3ca44310d6f31d7adea18535b18cc25ce46ecbe19839e858c6fa541a3d7a0903389e6adce9c110599fd32ce2c294ea9d6447da1d6e2d04c806cdbbe47ff6c4664e5836513dd0cb91827008a5f06c49b03e6fdce12f5a8fa00ffc27a7fdcd6e785794c9d3a06ef07d83491eba38f63fa314c18824c3", @typed={0x4, 0xc9}, @typed={0x8, 0x41, 0x0, 0x0, @u32=0x7}, @typed={0x6, 0x24, 0x0, 0x0, @str='{\x00'}, @generic="341f490cd2ff8233489d2ae8910d9ceea328de67976c9dc913944dd9faebde978f7e0ee2fc09c8a0b7b9f33909fe3aa8b522840f88c8049fd9b9496a48df7b4b714cd45b6d076f0f2a7c42286c42be4e044b11ea0dc111f17912f3bd9e22fdf15a5fb110baac42d56532", @generic="550d765e4f667e991d527fe2be5bb41e6a84d19a8e895e031292263792f705c4be837aaa996077b7fd96cb545f4c57137269c65ac56f3a237523f2eabed09ad4e51ce3a9963da75cc4d92d8ba046cb76ba387b7197d62ded8869d25005ba4c91b47e3fb6faf4dd3712e28a48a109680567465ec3f96e666a8d6c2831bb924a56ea74403b398556f5ac7cf82e7a697d1b7ad3167f2a0ebce7589018b6289f2c55622494b537f1da7f99c36847113bc666580a2e9376f05cecdcec117a060fb1be5f642096b7b6f074534ca6922ee58d01d9558aa3fe96e02fdd4ea978306d4fed406d61d9af4fa5c443816dfb47", @typed={0x8, 0x100, 0x0, 0x0, @fd=r1}, @nested={0x20, 0xe4, 0x0, 0x1, [@typed={0x10, 0xc6, 0x0, 0x0, @binary="b06e461b7d890eee94d5a82e"}, @nested={0x4, 0xa2}, @typed={0x8, 0x5c, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @nested={0x7e, 0xd3, 0x0, 0x1, [@typed={0x8, 0x1b, 0x0, 0x0, @ipv4=@loopback}, @nested={0x4, 0x11e}, @nested={0x4, 0x6}, @typed={0x8, 0x5f, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x8, 0x9d, 0x0, 0x0, @u32=0x1}, @nested={0x4, 0xc9}, @generic="d0e8ad7ffc3f9a46dfa7ded4f12ad0bf3cd82acf35ff5da8b7febca0f86d777aff778baf36b74dcc9060f034a1bd89249c733ae18e792e77f3f0a1e5be49f9d348a9af831ee57c2daaa18022bb21a44777c90b2530a3"]}]}, @IPVS_CMD_ATTR_DEST={0xfe, 0x2, 0x0, 0x1, [@generic="77a2c6600931cbc21814bc3998637b4e9fdd36778c7847582369a08c12d7f233ae617874bd45eb616dbf995b96a2739baded15899ae1274ba9b746106f3a4580d25f02526b6febfa25b237ff1533eca82b92de36bcfc9b68be4aeaad640c869e037cf70ba04a8831ad8dfe23b6253a1dc33467bfa662921cb8b6735b94b508ed04a61e7ad3eaffcf8b139bb901638021de795101e1b53605258cedeb3a3a9c6ce75baed6d3", @generic="8c7ae9d4bf93f32820ee67cc8df3198696a1d3b1283db34a857a33373a67a4067bf82b0663", @generic="331ef98da2c20ccb99758b9669061ccaeda45fa9f4028e731ab0a2a6a189ecfed24eaf7448a1c260d872fd3bba68afbf"]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1ff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}]}, 0x41c}, 0x1, 0x0, 0x0, 0x11}, 0x80c4) sendmsg$auto_TASKSTATS_CMD_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010a2bbd7000fbdbdf250100000008000200", @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x2400c8c1}, 0x20048090) write$auto_bm_status_operations_binfmt_misc(r2, &(0x7f0000000100)="6a496d3399a41142d3af5bf75b48661e3c1727fc4ed01e4c764655ce2c81a455866a20903865eabaa56851232b65852ed6303a8f0b5092dcfe54130c3f3bb0b8bab0db14bd6a7dd02dd4ea5dc4ce189a92ea955c1f7cc2b69db5830361", 0x5d) setsockopt$auto(r3, 0x114, 0x8, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) 1.293480517s ago: executing program 2 (id=3593): open(&(0x7f0000000000)='./file0\x00', 0xa09c2, 0xa4) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) madvise$auto(0x0, 0x1de0, 0x10000) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram8/dev\x00', 0x6a8800, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x40, &(0x7f0000000300)={0x7, 0xffff, 0x70}, 0x1f4, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, 0x0, 0x200000, 0x0) write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0) write$auto(r1, &(0x7f0000000100)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~15\x9dv\xb2H', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rxrpc/peers\x00', 0x101000, 0x0) pread64$auto(r2, 0x0, 0x80, 0xffff) socket(0x2, 0x801, 0x100) pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x73, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) sendfile$auto(0x6, 0x3, 0x0, 0xfffffdef) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000) 31.377899ms ago: executing program 0 (id=3594): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip_vti0\x00'}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r0, 0x8000, 0x2, 0xffffffffffffffff, @relative_id=0x13, 0x6}, 0x13) mmap$auto(0x4, 0x20009, 0x4000000000db, 0x100000000000012, r0, 0x80000001) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x5876236c3bea3773, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='{\x00', 0xfff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70fd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x8, 0x7, 0x0, 0x1, [@typed={0x4, 0x2}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) 29.733151ms ago: executing program 2 (id=3595): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x2580, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044811}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x80302, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x1, 0xd, 0x250, 0x100000001, 0x3, 0x2017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000001]}, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) mmap$auto(0x80000000000, 0x800001, 0xdf, 0x9b72, 0x2, 0x0) sysfs$auto(0x2, 0x44, 0x0) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x7, 0xa505}, 0x800}, 0x7, 0x3) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2c, 0x1, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) 0s ago: executing program 3 (id=3596): r0 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000080), 0x84000, 0x0) r1 = fcntl$auto_F_GETOWN(0xffffffffffffffff, 0x9, 0x9) fcntl$auto_F_SETOWN(r0, 0x8, r1) socket(0x10, 0x2, 0x0) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x100030, 0x7f}, 0x287) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x103002, 0x0) write$auto_sg_fops_sg(r2, &(0x7f0000000140)="01000000000d0000624c492f4aa7a158ad329acb69abe1d4bbe91b3ddc84d02747403bbca33c95be8fb08baf91e29260d0", 0x31) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, r2, 0x9) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b4d", 0x3a) kernel console output (not intermixed with test programs): ctl+0x523/0x1a60 [ 1203.014641][T19981] ? __pfx_loop_add+0x10/0x10 [ 1203.014660][T19981] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1203.014696][T19981] ? find_held_lock+0x2b/0x80 [ 1203.014719][T19981] loop_control_ioctl+0x13e/0x630 [ 1203.014743][T19981] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1203.014768][T19981] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1203.014792][T19981] __x64_sys_ioctl+0x18e/0x210 [ 1203.014816][T19981] do_syscall_64+0xcd/0x490 [ 1203.014846][T19981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1203.014866][T19981] RIP: 0033:0x7fa22078e929 [ 1203.014882][T19981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1203.014901][T19981] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1203.014919][T19981] RAX: ffffffffffffffda RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1203.014931][T19981] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 1203.014942][T19981] RBP: 00007fa21e5f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1203.014953][T19981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1203.014964][T19981] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1203.014986][T19981] [ 1203.727608][T19988] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1203.930339][T19989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1203.940286][T19989] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1204.751530][T19995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1204.763573][T19995] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1205.128341][T20000] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2949'. [ 1205.398430][T20005] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 1206.518215][T20023] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2956'. [ 1206.582857][T20021] FAULT_INJECTION: forcing a failure. [ 1206.582857][T20021] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1206.654093][T20021] CPU: 0 UID: 0 PID: 20021 Comm: syz.2.2954 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1206.654148][T20021] Tainted: [U]=USER [ 1206.654160][T20021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1206.654178][T20021] Call Trace: [ 1206.654190][T20021] [ 1206.654202][T20021] dump_stack_lvl+0x16c/0x1f0 [ 1206.654254][T20021] should_fail_ex+0x512/0x640 [ 1206.654305][T20021] _copy_to_iter+0x463/0x16f0 [ 1206.654358][T20021] ? lru_gen_seq_stop+0xa3/0x100 [ 1206.654407][T20021] ? __pfx__copy_to_iter+0x10/0x10 [ 1206.654458][T20021] ? lru_gen_seq_stop+0xa3/0x100 [ 1206.654494][T20021] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 1206.654551][T20021] seq_read_iter+0x719/0x12c0 [ 1206.654595][T20021] ? aa_file_perm+0x4d6/0xfb0 [ 1206.654651][T20021] seq_read+0x39e/0x4e0 [ 1206.654691][T20021] ? __pfx_seq_read+0x10/0x10 [ 1206.654762][T20021] full_proxy_read+0x13f/0x200 [ 1206.654793][T20021] ? __pfx_full_proxy_read+0x10/0x10 [ 1206.654825][T20021] vfs_read+0x1e1/0xc60 [ 1206.654876][T20021] ? __pfx_vfs_read+0x10/0x10 [ 1206.654916][T20021] ? find_held_lock+0x2b/0x80 [ 1206.654952][T20021] ? __fget_files+0x204/0x3c0 [ 1206.655001][T20021] ? __fget_files+0x20e/0x3c0 [ 1206.655055][T20021] __x64_sys_pread64+0x1eb/0x250 [ 1206.655109][T20021] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1206.655166][T20021] do_syscall_64+0xcd/0x490 [ 1206.655216][T20021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1206.655248][T20021] RIP: 0033:0x7f115f98e929 [ 1206.655273][T20021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1206.655304][T20021] RSP: 002b:00007f1160723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1206.655334][T20021] RAX: ffffffffffffffda RBX: 00007f115fbb5fa0 RCX: 00007f115f98e929 [ 1206.655354][T20021] RDX: 00000000000007ff RSI: 0000000000000000 RDI: 0000000000000003 [ 1206.655381][T20021] RBP: 00007f115fa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1206.655400][T20021] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000 [ 1206.655418][T20021] R13: 0000000000000000 R14: 00007f115fbb5fa0 R15: 00007ffe987baa18 [ 1206.655460][T20021] [ 1207.034172][T20019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1207.044298][T20019] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1207.114075][T20029] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1207.385984][T20034] : renamed from gre0 (while UP) [ 1210.746526][T20082] netlink: 'syz.1.2967': attribute type 1 has an invalid length. [ 1211.697008][T20094] random: crng reseeded on system resumption [ 1211.972914][T20094] FAULT_INJECTION: forcing a failure. [ 1211.972914][T20094] name failslab, interval 1, probability 0, space 0, times 0 [ 1212.024505][T20094] CPU: 0 UID: 0 PID: 20094 Comm: syz.0.2973 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1212.024548][T20094] Tainted: [U]=USER [ 1212.024555][T20094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1212.024567][T20094] Call Trace: [ 1212.024574][T20094] [ 1212.024583][T20094] dump_stack_lvl+0x16c/0x1f0 [ 1212.024615][T20094] should_fail_ex+0x512/0x640 [ 1212.024642][T20094] ? __kmalloc_noprof+0xbf/0x510 [ 1212.024689][T20094] ? mpi_alloc_limb_space+0x31/0x60 [ 1212.024723][T20094] should_failslab+0xc2/0x120 [ 1212.024750][T20094] __kmalloc_noprof+0xd2/0x510 [ 1212.024783][T20094] mpi_alloc_limb_space+0x31/0x60 [ 1212.024805][T20094] mpi_powm+0xff7/0x1bf0 [ 1212.024838][T20094] ? __pfx_mpi_powm+0x10/0x10 [ 1212.024860][T20094] ? kfree+0x2b4/0x4d0 [ 1212.024882][T20094] ? __phys_addr+0xe8/0x180 [ 1212.024907][T20094] ? mpi_free+0xe1/0x160 [ 1212.024931][T20094] rsa_enc+0x1fe/0x3b0 [ 1212.024961][T20094] ? __pfx_rsa_enc+0x10/0x10 [ 1212.024988][T20094] ? __virt_addr_valid+0x81/0x610 [ 1212.025008][T20094] ? __phys_addr+0xe8/0x180 [ 1212.025028][T20094] ? sg_init_one+0xf5/0x1b0 [ 1212.025053][T20094] rsassa_pkcs1_verify+0x4ff/0xb60 [ 1212.025081][T20094] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1212.025113][T20094] ? rsa_max_size+0xd/0x70 [ 1212.025140][T20094] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1212.025172][T20094] public_key_verify_signature+0x672/0x970 [ 1212.025199][T20094] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1212.025224][T20094] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1212.025261][T20094] pkcs7_verify+0x32f/0x1b20 [ 1212.025298][T20094] verify_pkcs7_message_sig+0xdd/0x250 [ 1212.025321][T20094] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1212.025341][T20094] ? kfree+0x2b4/0x4d0 [ 1212.025362][T20094] ? public_key_signature_free+0xda/0x110 [ 1212.025384][T20094] ? pkcs7_parse_message+0x531/0x720 [ 1212.025415][T20094] ? pkcs7_parse_message+0x536/0x720 [ 1212.025443][T20094] verify_pkcs7_signature+0x6d/0xa0 [ 1212.025466][T20094] valid_regdb+0x215/0x590 [ 1212.025487][T20094] ? __pfx___mutex_lock+0x10/0x10 [ 1212.025516][T20094] ? __pfx_valid_regdb+0x10/0x10 [ 1212.025540][T20094] reg_reload_regdb+0x11e/0x460 [ 1212.025562][T20094] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1212.025585][T20094] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1212.025611][T20094] ? nl80211_pre_doit+0x1b0/0xb10 [ 1212.025641][T20094] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1212.025667][T20094] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1212.025688][T20094] ? rcu_is_watching+0x12/0xc0 [ 1212.025716][T20094] ? bpf_lsm_capable+0x9/0x10 [ 1212.025739][T20094] ? security_capable+0x7e/0x260 [ 1212.025762][T20094] genl_rcv_msg+0x55c/0x800 [ 1212.025787][T20094] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1212.025809][T20094] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1212.025835][T20094] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1212.025854][T20094] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1212.025889][T20094] netlink_rcv_skb+0x158/0x420 [ 1212.025908][T20094] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1212.025932][T20094] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1212.025961][T20094] ? netlink_deliver_tap+0x1ae/0xd30 [ 1212.025994][T20094] genl_rcv+0x28/0x40 [ 1212.026013][T20094] netlink_unicast+0x53a/0x7f0 [ 1212.026035][T20094] ? __pfx_netlink_unicast+0x10/0x10 [ 1212.026061][T20094] netlink_sendmsg+0x8d1/0xdd0 [ 1212.026084][T20094] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1212.026111][T20094] ____sys_sendmsg+0xa98/0xc70 [ 1212.026133][T20094] ? copy_msghdr_from_user+0x10a/0x160 [ 1212.026167][T20094] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1212.026193][T20094] ? __pfx_futex_wake_mark+0x10/0x10 [ 1212.026223][T20094] ___sys_sendmsg+0x134/0x1d0 [ 1212.026252][T20094] ? __pfx____sys_sendmsg+0x10/0x10 [ 1212.026277][T20094] ? __lock_acquire+0x622/0x1c90 [ 1212.026332][T20094] __sys_sendmsg+0x16d/0x220 [ 1212.026361][T20094] ? __pfx___sys_sendmsg+0x10/0x10 [ 1212.026388][T20094] ? __x64_sys_futex+0x1e0/0x4c0 [ 1212.026424][T20094] do_syscall_64+0xcd/0x490 [ 1212.026454][T20094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1212.026473][T20094] RIP: 0033:0x7fa22078e929 [ 1212.026489][T20094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1212.026508][T20094] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1212.026526][T20094] RAX: ffffffffffffffda RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1212.026539][T20094] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1212.026550][T20094] RBP: 00007fa220810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1212.026561][T20094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1212.026572][T20094] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1212.026595][T20094] [ 1213.846965][T20127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1213.941807][T20127] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1214.170330][T20137] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1214.931126][T20147] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 1215.134797][T20145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1215.195001][T20145] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1215.432977][T20150] FAULT_INJECTION: forcing a failure. [ 1215.432977][T20150] name failslab, interval 1, probability 0, space 0, times 0 [ 1215.486878][T20150] CPU: 1 UID: 0 PID: 20150 Comm: syz.3.2984 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1215.486934][T20150] Tainted: [U]=USER [ 1215.486945][T20150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1215.486969][T20150] Call Trace: [ 1215.486980][T20150] [ 1215.486993][T20150] dump_stack_lvl+0x16c/0x1f0 [ 1215.487044][T20150] should_fail_ex+0x512/0x640 [ 1215.487088][T20150] ? __kmalloc_noprof+0xbf/0x510 [ 1215.487136][T20150] ? mpi_alloc_limb_space+0x31/0x60 [ 1215.487170][T20150] should_failslab+0xc2/0x120 [ 1215.487201][T20150] __kmalloc_noprof+0xd2/0x510 [ 1215.487256][T20150] mpi_alloc_limb_space+0x31/0x60 [ 1215.487294][T20150] mpi_powm+0xbe2/0x1bf0 [ 1215.487350][T20150] ? __pfx_mpi_powm+0x10/0x10 [ 1215.487388][T20150] ? kfree+0x2b4/0x4d0 [ 1215.487433][T20150] ? __phys_addr+0xe8/0x180 [ 1215.487475][T20150] ? mpi_free+0xe1/0x160 [ 1215.487516][T20150] rsa_enc+0x1fe/0x3b0 [ 1215.487564][T20150] ? __pfx_rsa_enc+0x10/0x10 [ 1215.487610][T20150] ? __virt_addr_valid+0x81/0x610 [ 1215.487642][T20150] ? __phys_addr+0xe8/0x180 [ 1215.487675][T20150] ? sg_init_one+0xf5/0x1b0 [ 1215.487719][T20150] rsassa_pkcs1_verify+0x4ff/0xb60 [ 1215.487768][T20150] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1215.487825][T20150] ? rsa_max_size+0xd/0x70 [ 1215.487869][T20150] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1215.487908][T20150] public_key_verify_signature+0x672/0x970 [ 1215.487954][T20150] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1215.487997][T20150] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1215.488062][T20150] pkcs7_verify+0x32f/0x1b20 [ 1215.488123][T20150] verify_pkcs7_message_sig+0xdd/0x250 [ 1215.488158][T20150] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1215.488191][T20150] ? kfree+0x2b4/0x4d0 [ 1215.488226][T20150] ? public_key_signature_free+0xda/0x110 [ 1215.488263][T20150] ? pkcs7_parse_message+0x531/0x720 [ 1215.488315][T20150] ? pkcs7_parse_message+0x536/0x720 [ 1215.488364][T20150] verify_pkcs7_signature+0x6d/0xa0 [ 1215.488411][T20150] valid_regdb+0x215/0x590 [ 1215.488444][T20150] ? __pfx___mutex_lock+0x10/0x10 [ 1215.488492][T20150] ? __pfx_valid_regdb+0x10/0x10 [ 1215.488534][T20150] reg_reload_regdb+0x11e/0x460 [ 1215.488570][T20150] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1215.488608][T20150] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1215.488651][T20150] ? nl80211_pre_doit+0x1b0/0xb10 [ 1215.488703][T20150] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1215.488746][T20150] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1215.488783][T20150] ? rcu_is_watching+0x12/0xc0 [ 1215.488831][T20150] ? bpf_lsm_capable+0x9/0x10 [ 1215.488867][T20150] ? security_capable+0x7e/0x260 [ 1215.488907][T20150] genl_rcv_msg+0x55c/0x800 [ 1215.488950][T20150] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1215.488987][T20150] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1215.489030][T20150] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1215.489063][T20150] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1215.489124][T20150] netlink_rcv_skb+0x158/0x420 [ 1215.489155][T20150] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1215.489190][T20150] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1215.489233][T20150] ? netlink_deliver_tap+0x1ae/0xd30 [ 1215.489286][T20150] genl_rcv+0x28/0x40 [ 1215.489316][T20150] netlink_unicast+0x53a/0x7f0 [ 1215.489351][T20150] ? __pfx_netlink_unicast+0x10/0x10 [ 1215.489394][T20150] netlink_sendmsg+0x8d1/0xdd0 [ 1215.489441][T20150] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1215.489487][T20150] ____sys_sendmsg+0xa98/0xc70 [ 1215.489512][T20150] ? copy_msghdr_from_user+0x10a/0x160 [ 1215.489540][T20150] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1215.489566][T20150] ? try_to_wake_up+0xa2f/0x1680 [ 1215.489590][T20150] ___sys_sendmsg+0x134/0x1d0 [ 1215.489619][T20150] ? __pfx____sys_sendmsg+0x10/0x10 [ 1215.489645][T20150] ? __lock_acquire+0x622/0x1c90 [ 1215.489699][T20150] __sys_sendmsg+0x16d/0x220 [ 1215.489726][T20150] ? __pfx___sys_sendmsg+0x10/0x10 [ 1215.489753][T20150] ? __x64_sys_futex+0x1e0/0x4c0 [ 1215.489791][T20150] do_syscall_64+0xcd/0x490 [ 1215.489821][T20150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1215.489840][T20150] RIP: 0033:0x7f6e7d58e929 [ 1215.489856][T20150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1215.489875][T20150] RSP: 002b:00007f6e7e423038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1215.489894][T20150] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1215.489906][T20150] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007 [ 1215.489918][T20150] RBP: 00007f6e7d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1215.489929][T20150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1215.489940][T20150] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1215.489963][T20150] [ 1217.497572][T20167] random: crng reseeded on system resumption [ 1217.545185][T20167] FAULT_INJECTION: forcing a failure. [ 1217.545185][T20167] name failslab, interval 1, probability 0, space 0, times 0 [ 1217.573717][T20167] CPU: 0 UID: 0 PID: 20167 Comm: syz.1.2988 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1217.573752][T20167] Tainted: [U]=USER [ 1217.573759][T20167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1217.573770][T20167] Call Trace: [ 1217.573777][T20167] [ 1217.573785][T20167] dump_stack_lvl+0x16c/0x1f0 [ 1217.573817][T20167] should_fail_ex+0x512/0x640 [ 1217.573844][T20167] ? __kmalloc_noprof+0xbf/0x510 [ 1217.573880][T20167] ? find_asymmetric_key+0x82/0x5a0 [ 1217.573900][T20167] should_failslab+0xc2/0x120 [ 1217.573919][T20167] __kmalloc_noprof+0xd2/0x510 [ 1217.573951][T20167] find_asymmetric_key+0x82/0x5a0 [ 1217.573975][T20167] pkcs7_validate_trust+0x1f1/0x7e0 [ 1217.574007][T20167] verify_pkcs7_message_sig+0x12c/0x250 [ 1217.574029][T20167] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1217.574049][T20167] ? kfree+0x2b4/0x4d0 [ 1217.574070][T20167] ? public_key_signature_free+0xda/0x110 [ 1217.574093][T20167] ? pkcs7_parse_message+0x531/0x720 [ 1217.574123][T20167] ? pkcs7_parse_message+0x536/0x720 [ 1217.574158][T20167] verify_pkcs7_signature+0x6d/0xa0 [ 1217.574181][T20167] valid_regdb+0x215/0x590 [ 1217.574201][T20167] ? __pfx___mutex_lock+0x10/0x10 [ 1217.574229][T20167] ? __pfx_valid_regdb+0x10/0x10 [ 1217.574253][T20167] reg_reload_regdb+0x11e/0x460 [ 1217.574275][T20167] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1217.574297][T20167] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1217.574324][T20167] ? nl80211_pre_doit+0x1b0/0xb10 [ 1217.574353][T20167] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1217.574379][T20167] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1217.574403][T20167] ? rcu_is_watching+0x12/0xc0 [ 1217.574431][T20167] ? bpf_lsm_capable+0x9/0x10 [ 1217.574454][T20167] ? security_capable+0x7e/0x260 [ 1217.574477][T20167] genl_rcv_msg+0x55c/0x800 [ 1217.574502][T20167] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1217.574533][T20167] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1217.574559][T20167] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1217.574578][T20167] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1217.574614][T20167] netlink_rcv_skb+0x158/0x420 [ 1217.574635][T20167] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1217.574659][T20167] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1217.574687][T20167] ? netlink_deliver_tap+0x1ae/0xd30 [ 1217.574720][T20167] genl_rcv+0x28/0x40 [ 1217.574740][T20167] netlink_unicast+0x53a/0x7f0 [ 1217.574762][T20167] ? __pfx_netlink_unicast+0x10/0x10 [ 1217.574788][T20167] netlink_sendmsg+0x8d1/0xdd0 [ 1217.574812][T20167] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1217.574839][T20167] ____sys_sendmsg+0xa98/0xc70 [ 1217.574862][T20167] ? copy_msghdr_from_user+0x10a/0x160 [ 1217.574889][T20167] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1217.574914][T20167] ? __pfx_futex_wake_mark+0x10/0x10 [ 1217.574945][T20167] ___sys_sendmsg+0x134/0x1d0 [ 1217.574973][T20167] ? __pfx____sys_sendmsg+0x10/0x10 [ 1217.574998][T20167] ? __lock_acquire+0x622/0x1c90 [ 1217.575050][T20167] __sys_sendmsg+0x16d/0x220 [ 1217.575077][T20167] ? __pfx___sys_sendmsg+0x10/0x10 [ 1217.575104][T20167] ? __x64_sys_futex+0x1e0/0x4c0 [ 1217.575139][T20167] do_syscall_64+0xcd/0x490 [ 1217.575177][T20167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1217.575196][T20167] RIP: 0033:0x7f325618e929 [ 1217.575212][T20167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1217.575230][T20167] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1217.575249][T20167] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1217.575262][T20167] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1217.575273][T20167] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1217.575284][T20167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1217.575295][T20167] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1217.575317][T20167] [ 1218.235847][T20176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1218.246113][T20176] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1219.605554][T20187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1219.642999][T20187] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1219.729765][T20198] random: crng reseeded on system resumption [ 1220.617447][T20208] aoe: skb alloc failure [ 1220.635448][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1220.653212][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1223.211883][T20226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1223.221964][T20226] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1223.737112][T20241] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3005'. [ 1223.776662][T20243] FAULT_INJECTION: forcing a failure. [ 1223.776662][T20243] name failslab, interval 1, probability 0, space 0, times 0 [ 1223.793820][T20243] CPU: 1 UID: 0 PID: 20243 Comm: syz.3.3007 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1223.793881][T20243] Tainted: [U]=USER [ 1223.793892][T20243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1223.793910][T20243] Call Trace: [ 1223.793921][T20243] [ 1223.793934][T20243] dump_stack_lvl+0x16c/0x1f0 [ 1223.793985][T20243] should_fail_ex+0x512/0x640 [ 1223.794029][T20243] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1223.794076][T20243] should_failslab+0xc2/0x120 [ 1223.794106][T20243] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1223.794148][T20243] ? acct_on+0x57/0x870 [ 1223.794208][T20243] acct_on+0x57/0x870 [ 1223.794252][T20243] __x64_sys_acct+0xaf/0x230 [ 1223.794293][T20243] ? lockdep_hardirqs_on+0x7c/0x110 [ 1223.794337][T20243] do_syscall_64+0xcd/0x490 [ 1223.794387][T20243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1223.794417][T20243] RIP: 0033:0x7f6e7d58e929 [ 1223.794442][T20243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1223.794473][T20243] RSP: 002b:00007f6e7e423038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 1223.794504][T20243] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1223.794525][T20243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080 [ 1223.794544][T20243] RBP: 00007f6e7d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1223.794563][T20243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1223.794582][T20243] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1223.794624][T20243] [ 1224.903125][ T30] audit: type=1804 audit(4294970642.209:19): pid=20261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3011" name="/newroot/392/file0" dev="tmpfs" ino=2075 res=1 errno=0 [ 1224.940376][ T30] audit: type=1800 audit(4294970642.229:20): pid=20261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3011" name="file0" dev="tmpfs" ino=2075 res=0 errno=0 [ 1225.290170][T20254] can: request_module (can-proto-0) failed. [ 1226.904812][T20295] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3018'. [ 1228.690317][T20315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3022'. [ 1229.611635][T20326] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1230.156100][T20334] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3026'. [ 1230.256639][T20327] CIFS: VFS: Invalid SecurityFlags: 0 [ 1230.256639][T20327] [ 1231.591929][T20349] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3030'. [ 1232.956366][T20368] random: crng reseeded on system resumption [ 1233.160718][T20368] FAULT_INJECTION: forcing a failure. [ 1233.160718][T20368] name failslab, interval 1, probability 0, space 0, times 0 [ 1233.230969][T20368] CPU: 0 UID: 0 PID: 20368 Comm: syz.1.3035 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1233.231024][T20368] Tainted: [U]=USER [ 1233.231035][T20368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1233.231055][T20368] Call Trace: [ 1233.231065][T20368] [ 1233.231077][T20368] dump_stack_lvl+0x16c/0x1f0 [ 1233.231126][T20368] should_fail_ex+0x512/0x640 [ 1233.231179][T20368] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1233.231225][T20368] should_failslab+0xc2/0x120 [ 1233.231255][T20368] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1233.231294][T20368] ? netlink_sendmsg+0x8d1/0xdd0 [ 1233.231323][T20368] ? ____sys_sendmsg+0xa98/0xc70 [ 1233.231384][T20368] ? ___sys_sendmsg+0x134/0x1d0 [ 1233.231425][T20368] ? mpi_alloc+0x46/0x230 [ 1233.231467][T20368] mpi_alloc+0x46/0x230 [ 1233.231500][T20368] ? mpi_free+0x14/0x160 [ 1233.231533][T20368] mpi_read_raw_data+0x133/0x4a0 [ 1233.231565][T20368] ? rsa_free_mpi_key+0x15a/0x3a0 [ 1233.231617][T20368] rsa_set_pub_key+0x110/0x270 [ 1233.231663][T20368] ? __pfx_rsa_set_pub_key+0x10/0x10 [ 1233.231726][T20368] ? __asan_memcpy+0x3c/0x60 [ 1233.231771][T20368] rsassa_pkcs1_set_pub_key+0xce/0x1f0 [ 1233.231807][T20368] public_key_verify_signature+0x779/0x970 [ 1233.231851][T20368] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1233.231890][T20368] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1233.231950][T20368] pkcs7_verify+0x32f/0x1b20 [ 1233.232008][T20368] verify_pkcs7_message_sig+0xdd/0x250 [ 1233.232041][T20368] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1233.232073][T20368] ? kfree+0x2b4/0x4d0 [ 1233.232104][T20368] ? public_key_signature_free+0xda/0x110 [ 1233.232138][T20368] ? pkcs7_parse_message+0x531/0x720 [ 1233.232187][T20368] ? pkcs7_parse_message+0x536/0x720 [ 1233.232233][T20368] verify_pkcs7_signature+0x6d/0xa0 [ 1233.232276][T20368] valid_regdb+0x215/0x590 [ 1233.232308][T20368] ? __pfx___mutex_lock+0x10/0x10 [ 1233.232364][T20368] ? __pfx_valid_regdb+0x10/0x10 [ 1233.232403][T20368] reg_reload_regdb+0x11e/0x460 [ 1233.232439][T20368] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1233.232477][T20368] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1233.232518][T20368] ? nl80211_pre_doit+0x1b0/0xb10 [ 1233.232567][T20368] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1233.232607][T20368] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1233.232640][T20368] ? rcu_is_watching+0x12/0xc0 [ 1233.232686][T20368] ? bpf_lsm_capable+0x9/0x10 [ 1233.232721][T20368] ? security_capable+0x7e/0x260 [ 1233.232756][T20368] genl_rcv_msg+0x55c/0x800 [ 1233.232796][T20368] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1233.232832][T20368] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1233.232872][T20368] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1233.232903][T20368] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1233.232961][T20368] netlink_rcv_skb+0x158/0x420 [ 1233.232991][T20368] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1233.233028][T20368] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1233.233076][T20368] ? netlink_deliver_tap+0x1ae/0xd30 [ 1233.233134][T20368] genl_rcv+0x28/0x40 [ 1233.233165][T20368] netlink_unicast+0x53a/0x7f0 [ 1233.233201][T20368] ? __pfx_netlink_unicast+0x10/0x10 [ 1233.233244][T20368] netlink_sendmsg+0x8d1/0xdd0 [ 1233.233281][T20368] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1233.233329][T20368] ____sys_sendmsg+0xa98/0xc70 [ 1233.233370][T20368] ? copy_msghdr_from_user+0x10a/0x160 [ 1233.233413][T20368] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1233.233455][T20368] ? try_to_wake_up+0xa2f/0x1680 [ 1233.233493][T20368] ___sys_sendmsg+0x134/0x1d0 [ 1233.233540][T20368] ? __pfx____sys_sendmsg+0x10/0x10 [ 1233.233581][T20368] ? __lock_acquire+0x622/0x1c90 [ 1233.233671][T20368] __sys_sendmsg+0x16d/0x220 [ 1233.233715][T20368] ? __pfx___sys_sendmsg+0x10/0x10 [ 1233.233757][T20368] ? __x64_sys_futex+0x1e0/0x4c0 [ 1233.233858][T20368] do_syscall_64+0xcd/0x490 [ 1233.233907][T20368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1233.233939][T20368] RIP: 0033:0x7f325618e929 [ 1233.233964][T20368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1233.233992][T20368] RSP: 002b:00007f325708d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1233.234021][T20368] RAX: ffffffffffffffda RBX: 00007f32563b6080 RCX: 00007f325618e929 [ 1233.234042][T20368] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1233.234060][T20368] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1233.234079][T20368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1233.234095][T20368] R13: 0000000000000000 R14: 00007f32563b6080 R15: 00007ffcaceaf9a8 [ 1233.234129][T20368] [ 1233.236531][T20371] FAULT_INJECTION: forcing a failure. [ 1233.236531][T20371] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1233.761843][T20371] CPU: 1 UID: 0 PID: 20371 Comm: syz.0.3036 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1233.761899][T20371] Tainted: [U]=USER [ 1233.761911][T20371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1233.761930][T20371] Call Trace: [ 1233.761940][T20371] [ 1233.761953][T20371] dump_stack_lvl+0x16c/0x1f0 [ 1233.762003][T20371] should_fail_ex+0x512/0x640 [ 1233.762066][T20371] strncpy_from_user+0x3b/0x2e0 [ 1233.762105][T20371] getname_flags.part.0+0x8f/0x550 [ 1233.762140][T20371] getname_flags+0x93/0xf0 [ 1233.762174][T20371] do_sys_openat2+0xb8/0x1d0 [ 1233.762203][T20371] ? __pfx_do_sys_openat2+0x10/0x10 [ 1233.762258][T20371] __x64_sys_openat+0x174/0x210 [ 1233.762288][T20371] ? __pfx___x64_sys_openat+0x10/0x10 [ 1233.762330][T20371] do_syscall_64+0xcd/0x490 [ 1233.762370][T20371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1233.762404][T20371] RIP: 0033:0x7fa22078e929 [ 1233.762425][T20371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1233.762451][T20371] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1233.762476][T20371] RAX: ffffffffffffffda RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1233.762493][T20371] RDX: 0000000000000040 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1233.762510][T20371] RBP: 00007fa220810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1233.762537][T20371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1233.762559][T20371] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1233.762593][T20371] [ 1234.079910][T20375] phram: not enough arguments [ 1234.364930][T20367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1234.375178][T20367] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1235.764592][T20398] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1235.774152][T20398] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1236.659688][T20408] random: crng reseeded on system resumption [ 1236.958507][T20406] FAULT_INJECTION: forcing a failure. [ 1236.958507][T20406] name failslab, interval 1, probability 0, space 0, times 0 [ 1237.016443][T20406] CPU: 0 UID: 0 PID: 20406 Comm: syz.3.3046 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1237.016510][T20406] Tainted: [U]=USER [ 1237.016521][T20406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1237.016540][T20406] Call Trace: [ 1237.016552][T20406] [ 1237.016565][T20406] dump_stack_lvl+0x16c/0x1f0 [ 1237.016617][T20406] should_fail_ex+0x512/0x640 [ 1237.016662][T20406] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1237.016709][T20406] should_failslab+0xc2/0x120 [ 1237.016736][T20406] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1237.016779][T20406] ? mpi_alloc+0x46/0x230 [ 1237.016820][T20406] mpi_alloc+0x46/0x230 [ 1237.016857][T20406] rsa_enc+0x88/0x3b0 [ 1237.016907][T20406] ? __pfx_rsa_enc+0x10/0x10 [ 1237.016958][T20406] ? __virt_addr_valid+0x81/0x610 [ 1237.016991][T20406] ? __phys_addr+0xe8/0x180 [ 1237.017025][T20406] ? sg_init_one+0xf5/0x1b0 [ 1237.017080][T20406] rsassa_pkcs1_verify+0x4ff/0xb60 [ 1237.017131][T20406] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1237.017193][T20406] ? rsa_max_size+0xd/0x70 [ 1237.017237][T20406] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1237.017277][T20406] public_key_verify_signature+0x672/0x970 [ 1237.017323][T20406] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1237.017365][T20406] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1237.017435][T20406] pkcs7_verify+0x32f/0x1b20 [ 1237.017499][T20406] verify_pkcs7_message_sig+0xdd/0x250 [ 1237.017536][T20406] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1237.017569][T20406] ? kfree+0x2b4/0x4d0 [ 1237.017603][T20406] ? public_key_signature_free+0xda/0x110 [ 1237.017640][T20406] ? pkcs7_parse_message+0x531/0x720 [ 1237.017690][T20406] ? pkcs7_parse_message+0x536/0x720 [ 1237.017740][T20406] verify_pkcs7_signature+0x6d/0xa0 [ 1237.017780][T20406] valid_regdb+0x215/0x590 [ 1237.017814][T20406] ? __pfx___mutex_lock+0x10/0x10 [ 1237.017862][T20406] ? __pfx_valid_regdb+0x10/0x10 [ 1237.017906][T20406] reg_reload_regdb+0x11e/0x460 [ 1237.017944][T20406] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1237.017982][T20406] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1237.018024][T20406] ? nl80211_pre_doit+0x1b0/0xb10 [ 1237.018122][T20406] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1237.018166][T20406] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1237.018203][T20406] ? rcu_is_watching+0x12/0xc0 [ 1237.018249][T20406] ? bpf_lsm_capable+0x9/0x10 [ 1237.018285][T20406] ? security_capable+0x7e/0x260 [ 1237.018325][T20406] genl_rcv_msg+0x55c/0x800 [ 1237.018367][T20406] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1237.018405][T20406] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1237.018448][T20406] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1237.018481][T20406] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1237.018551][T20406] netlink_rcv_skb+0x158/0x420 [ 1237.018585][T20406] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1237.018625][T20406] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1237.018677][T20406] ? netlink_deliver_tap+0x1ae/0xd30 [ 1237.018735][T20406] genl_rcv+0x28/0x40 [ 1237.018768][T20406] netlink_unicast+0x53a/0x7f0 [ 1237.018806][T20406] ? __pfx_netlink_unicast+0x10/0x10 [ 1237.018849][T20406] netlink_sendmsg+0x8d1/0xdd0 [ 1237.018887][T20406] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1237.018932][T20406] ____sys_sendmsg+0xa98/0xc70 [ 1237.018967][T20406] ? copy_msghdr_from_user+0x10a/0x160 [ 1237.019011][T20406] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1237.019064][T20406] ? try_to_wake_up+0xa2f/0x1680 [ 1237.019105][T20406] ___sys_sendmsg+0x134/0x1d0 [ 1237.019152][T20406] ? __pfx____sys_sendmsg+0x10/0x10 [ 1237.019194][T20406] ? __lock_acquire+0x622/0x1c90 [ 1237.019285][T20406] __sys_sendmsg+0x16d/0x220 [ 1237.019327][T20406] ? __pfx___sys_sendmsg+0x10/0x10 [ 1237.019368][T20406] ? __x64_sys_futex+0x1e0/0x4c0 [ 1237.019429][T20406] do_syscall_64+0xcd/0x490 [ 1237.019478][T20406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1237.019510][T20406] RIP: 0033:0x7f6e7d58e929 [ 1237.019536][T20406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1237.019565][T20406] RSP: 002b:00007f6e7e423038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1237.019595][T20406] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1237.019615][T20406] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1237.019635][T20406] RBP: 00007f6e7d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1237.019654][T20406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1237.019672][T20406] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1237.019712][T20406] [ 1237.464903][ C0] vkms_vblank_simulate: vblank timer overrun [ 1237.614120][T20413] FAULT_INJECTION: forcing a failure. [ 1237.614120][T20413] name failslab, interval 1, probability 0, space 0, times 0 [ 1237.634208][T20413] CPU: 1 UID: 0 PID: 20413 Comm: syz.3.3049 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1237.634260][T20413] Tainted: [U]=USER [ 1237.634271][T20413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1237.634288][T20413] Call Trace: [ 1237.634299][T20413] [ 1237.634311][T20413] dump_stack_lvl+0x16c/0x1f0 [ 1237.634358][T20413] should_fail_ex+0x512/0x640 [ 1237.634414][T20413] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1237.634466][T20413] should_failslab+0xc2/0x120 [ 1237.634498][T20413] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1237.634542][T20413] ? mark_held_locks+0x49/0x80 [ 1237.634584][T20413] ? key_alloc+0x3e0/0x1330 [ 1237.634628][T20413] key_alloc+0x3e0/0x1330 [ 1237.634684][T20413] ? __pfx_key_alloc+0x10/0x10 [ 1237.634722][T20413] ? __pfx_key_default_cmp+0x10/0x10 [ 1237.634768][T20413] ? __pfx_keyring_search_iterator+0x10/0x10 [ 1237.634818][T20413] keyring_alloc+0x44/0xc0 [ 1237.634867][T20413] look_up_user_keyrings+0x510/0x760 [ 1237.634909][T20413] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1237.634948][T20413] ? __pfx_futex_wake+0x10/0x10 [ 1237.634988][T20413] ? __lock_acquire+0x622/0x1c90 [ 1237.635039][T20413] lookup_user_key+0x1a3/0x1300 [ 1237.635082][T20413] ? __pfx_lookup_user_key+0x10/0x10 [ 1237.635115][T20413] ? do_futex+0x122/0x350 [ 1237.635162][T20413] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1237.635219][T20413] keyctl_keyring_clear+0x24/0x1a0 [ 1237.635254][T20413] __do_sys_keyctl+0x355/0x590 [ 1237.635290][T20413] do_syscall_64+0xcd/0x490 [ 1237.635340][T20413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1237.635372][T20413] RIP: 0033:0x7f6e7d58e929 [ 1237.635406][T20413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1237.635438][T20413] RSP: 002b:00007f6e7e423038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1237.635469][T20413] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1237.635490][T20413] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 1237.635510][T20413] RBP: 00007f6e7d610b39 R08: 0000000000000008 R09: 0000000000000000 [ 1237.635530][T20413] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1237.635550][T20413] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1237.635593][T20413] [ 1238.197019][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.203731][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1238.275588][T20422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1238.287860][T20422] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1239.433573][T20437] vivid-007: ================= START STATUS ================= [ 1239.462292][T20437] vivid-007: Generate PTS: true [ 1239.485394][T20437] vivid-007: Generate SCR: true [ 1239.490522][T20437] tpg source WxH: 320x240 (Y'CbCr) [ 1239.605976][T20437] tpg field: 1 [ 1239.609430][T20437] tpg crop: (0,0)/320x240 [ 1239.637225][T20435] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1239.650372][T20435] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1239.679719][T20437] tpg compose: (0,0)/320x240 [ 1239.828152][T20437] tpg colorspace: 8 [ 1239.832331][T20437] tpg transfer function: 0/0 [ 1239.852086][T20437] tpg Y'CbCr encoding: 0/0 [ 1239.856562][T20437] tpg quantization: 0/0 [ 1239.883587][T20437] tpg RGB range: 0/2 [ 1239.887730][T20437] vivid-007: ================== END STATUS ================== [ 1240.921699][T20453] random: crng reseeded on system resumption [ 1241.151883][T20450] FAULT_INJECTION: forcing a failure. [ 1241.151883][T20450] name failslab, interval 1, probability 0, space 0, times 0 [ 1241.194254][T20450] CPU: 0 UID: 0 PID: 20450 Comm: syz.1.3057 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1241.194290][T20450] Tainted: [U]=USER [ 1241.194297][T20450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1241.194308][T20450] Call Trace: [ 1241.194323][T20450] [ 1241.194331][T20450] dump_stack_lvl+0x16c/0x1f0 [ 1241.194364][T20450] should_fail_ex+0x512/0x640 [ 1241.194392][T20450] ? __kmalloc_noprof+0xbf/0x510 [ 1241.194422][T20450] ? mpi_alloc_limb_space+0x31/0x60 [ 1241.194443][T20450] should_failslab+0xc2/0x120 [ 1241.194462][T20450] __kmalloc_noprof+0xd2/0x510 [ 1241.194493][T20450] mpi_alloc_limb_space+0x31/0x60 [ 1241.194516][T20450] mpi_powm+0xbe2/0x1bf0 [ 1241.194544][T20450] ? kasan_quarantine_put+0x10a/0x240 [ 1241.194573][T20450] ? __pfx_mpi_powm+0x10/0x10 [ 1241.194594][T20450] ? kfree+0x2b4/0x4d0 [ 1241.194616][T20450] ? mpi_free+0xe1/0x160 [ 1241.194641][T20450] ? mpi_free+0xe1/0x160 [ 1241.194664][T20450] rsa_enc+0x1fe/0x3b0 [ 1241.194694][T20450] ? __pfx_rsa_enc+0x10/0x10 [ 1241.194721][T20450] ? __virt_addr_valid+0x81/0x610 [ 1241.194741][T20450] ? __phys_addr+0xe8/0x180 [ 1241.194761][T20450] ? sg_init_one+0xf5/0x1b0 [ 1241.194786][T20450] rsassa_pkcs1_verify+0x4ff/0xb60 [ 1241.194813][T20450] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1241.194844][T20450] ? rsa_max_size+0xd/0x70 [ 1241.194871][T20450] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1241.194894][T20450] public_key_verify_signature+0x672/0x970 [ 1241.194921][T20450] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1241.194961][T20450] x509_check_for_self_signed+0x31a/0x500 [ 1241.194990][T20450] x509_cert_parse+0x5f8/0x900 [ 1241.195012][T20450] ? kasan_save_stack+0x42/0x60 [ 1241.195037][T20450] ? kasan_save_stack+0x33/0x60 [ 1241.195073][T20450] ? kasan_save_track+0x14/0x30 [ 1241.195102][T20450] pkcs7_extract_cert+0xa4/0x320 [ 1241.195132][T20450] asn1_ber_decoder+0xc5f/0x1df0 [ 1241.195172][T20450] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 1241.195223][T20450] pkcs7_parse_message+0x288/0x720 [ 1241.195254][T20450] verify_pkcs7_signature+0x30/0xa0 [ 1241.195277][T20450] valid_regdb+0x215/0x590 [ 1241.195297][T20450] ? __pfx___mutex_lock+0x10/0x10 [ 1241.195332][T20450] ? __pfx_valid_regdb+0x10/0x10 [ 1241.195356][T20450] reg_reload_regdb+0x11e/0x460 [ 1241.195378][T20450] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1241.195401][T20450] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1241.195427][T20450] ? nl80211_pre_doit+0x1b0/0xb10 [ 1241.195456][T20450] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1241.195482][T20450] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1241.195503][T20450] ? rcu_is_watching+0x12/0xc0 [ 1241.195531][T20450] ? bpf_lsm_capable+0x9/0x10 [ 1241.195553][T20450] ? security_capable+0x7e/0x260 [ 1241.195577][T20450] genl_rcv_msg+0x55c/0x800 [ 1241.195602][T20450] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1241.195624][T20450] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1241.195649][T20450] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1241.195669][T20450] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1241.195703][T20450] netlink_rcv_skb+0x158/0x420 [ 1241.195723][T20450] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1241.195746][T20450] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1241.195775][T20450] ? netlink_deliver_tap+0x1ae/0xd30 [ 1241.195808][T20450] genl_rcv+0x28/0x40 [ 1241.195827][T20450] netlink_unicast+0x53a/0x7f0 [ 1241.195849][T20450] ? __pfx_netlink_unicast+0x10/0x10 [ 1241.195875][T20450] netlink_sendmsg+0x8d1/0xdd0 [ 1241.195897][T20450] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1241.195926][T20450] ____sys_sendmsg+0xa98/0xc70 [ 1241.195947][T20450] ? copy_msghdr_from_user+0x10a/0x160 [ 1241.195974][T20450] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1241.196000][T20450] ? __pfx_futex_wake_mark+0x10/0x10 [ 1241.196030][T20450] ___sys_sendmsg+0x134/0x1d0 [ 1241.196059][T20450] ? __pfx____sys_sendmsg+0x10/0x10 [ 1241.196086][T20450] ? __lock_acquire+0x622/0x1c90 [ 1241.196139][T20450] __sys_sendmsg+0x16d/0x220 [ 1241.196167][T20450] ? __pfx___sys_sendmsg+0x10/0x10 [ 1241.196194][T20450] ? __x64_sys_futex+0x1e0/0x4c0 [ 1241.196231][T20450] do_syscall_64+0xcd/0x490 [ 1241.196260][T20450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1241.196279][T20450] RIP: 0033:0x7f325618e929 [ 1241.196296][T20450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1241.196321][T20450] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1241.196339][T20450] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1241.196354][T20450] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1241.196365][T20450] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1241.196377][T20450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1241.196388][T20450] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1241.196411][T20450] [ 1242.492060][T20474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3064'. [ 1243.451893][T20489] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3066'. [ 1245.120916][T20513] random: crng reseeded on system resumption [ 1247.220254][T20562] program syz.1.3076 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1251.893419][T20633] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3093'. [ 1252.640930][T20635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1252.650383][T20635] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1252.864400][ T51] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 1254.912962][T20657] random: crng reseeded on system resumption [ 1257.198699][T20690] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3107'. [ 1257.276804][T20692] random: crng reseeded on system resumption [ 1258.982228][T20713] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1259.100621][T20706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1259.121354][T20706] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1259.584302][T20722] ubi0: detaching mtd0 [ 1259.597997][T20722] ubi0: mtd0 is detached [ 1259.613073][T20722] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 1259.859707][T20727] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1260.913393][T20744] random: crng reseeded on system resumption [ 1261.008375][T20732] ptrace attach of "./syz-executor exec"[12670] was attempted by "./syz-executor exec"[20732] [ 1262.195558][T20767] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1262.477559][T20772] random: crng reseeded on system resumption [ 1264.529507][T20807] random: crng reseeded on system resumption [ 1264.843770][T20812] [U]  [ 1264.846653][T20812] [U] [ 1264.849403][T20812] [U] [ 1264.852129][T20812] [U] [ 1264.877846][T20812] [U] [ 1264.880830][T20812] [U] [ 1264.883661][T20812] [U] [ 1264.886391][T20812] [U] [ 1265.005759][T20817] [U] [ 1265.430048][T20821] dyndbg: expected <4096 bytes into control [ 1266.605506][T20850] random: crng reseeded on system resumption [ 1267.426223][T20862] FAULT_INJECTION: forcing a failure. [ 1267.426223][T20862] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1267.440861][T20862] CPU: 0 UID: 0 PID: 20862 Comm: syz.2.3149 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1267.440912][T20862] Tainted: [U]=USER [ 1267.440922][T20862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1267.440941][T20862] Call Trace: [ 1267.440951][T20862] [ 1267.440963][T20862] dump_stack_lvl+0x16c/0x1f0 [ 1267.441018][T20862] should_fail_ex+0x512/0x640 [ 1267.441067][T20862] should_fail_alloc_page+0xe7/0x130 [ 1267.441102][T20862] prepare_alloc_pages+0x3c2/0x610 [ 1267.441140][T20862] ? rcu_is_watching+0x12/0xc0 [ 1267.441177][T20862] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1267.441220][T20862] ? __lock_acquire+0x622/0x1c90 [ 1267.441251][T20862] ? xas_create+0x1d7/0x1460 [ 1267.441272][T20862] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1267.441303][T20862] ? lock_acquire+0x179/0x350 [ 1267.441328][T20862] ? rcu_is_watching+0x12/0xc0 [ 1267.441357][T20862] ? __lock_acquire+0x622/0x1c90 [ 1267.441390][T20862] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1267.441421][T20862] ? policy_nodemask+0xea/0x4e0 [ 1267.441442][T20862] alloc_pages_mpol+0x1fb/0x550 [ 1267.441462][T20862] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1267.441481][T20862] ? filemap_get_entry+0x1a7/0x3b0 [ 1267.441503][T20862] folio_alloc_noprof+0x20/0x2d0 [ 1267.441525][T20862] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1267.441552][T20862] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1267.441583][T20862] __filemap_get_folio+0x5e1/0xc30 [ 1267.441606][T20862] ioctx_alloc+0x761/0x2120 [ 1267.441641][T20862] ? __pfx_ioctx_alloc+0x10/0x10 [ 1267.441663][T20862] ? __might_fault+0x13b/0x190 [ 1267.441696][T20862] __x64_sys_io_setup+0xc9/0x210 [ 1267.441722][T20862] do_syscall_64+0xcd/0x490 [ 1267.441751][T20862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1267.441770][T20862] RIP: 0033:0x7f115f98e929 [ 1267.441787][T20862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1267.441805][T20862] RSP: 002b:00007f1160723038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1267.441824][T20862] RAX: ffffffffffffffda RBX: 00007f115fbb5fa0 RCX: 00007f115f98e929 [ 1267.441836][T20862] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000007ffe [ 1267.441847][T20862] RBP: 00007f115fa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1267.441858][T20862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1267.441869][T20862] R13: 0000000000000000 R14: 00007f115fbb5fa0 R15: 00007ffe987baa18 [ 1267.441892][T20862] [ 1267.881003][ C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163ec69 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 1267.896395][ C0] Call Trace: [ 1267.899708][ C0] [ 1267.902579][ C0] ? __pfx_mce_cpu_restart+0x10/0x10 [ 1267.908076][ C0] mce_cpu_restart+0x98/0xb0 [ 1267.912703][ C0] __flush_smp_call_function_queue+0x27a/0x8c0 [ 1267.919096][ C0] __sysvec_call_function_single+0x87/0x400 [ 1267.925107][ C0] sysvec_call_function_single+0x9f/0xc0 [ 1267.930767][ C0] [ 1267.933710][ C0] [ 1267.936685][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 1267.942720][ C0] RIP: 0010:stack_trace_consume_entry+0xd7/0x170 [ 1267.949099][ C0] Code: 02 00 0f 85 9a 00 00 00 8d 45 01 89 43 10 48 8b 03 48 8d 2c e8 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 <75> 64 48 89 75 00 8b 43 08 39 43 10 0f 92 c0 48 83 c4 08 5b 5d c3 [ 1267.968828][ C0] RSP: 0018:ffffc9000dd1f668 EFLAGS: 00000246 [ 1267.975184][ C0] RAX: dffffc0000000000 RBX: ffffc9000dd1f748 RCX: ffffc9000dd1f5dc [ 1267.983184][ C0] RDX: 1ffff92001ba3efd RSI: ffffffff848c4946 RDI: ffffc9000dd1f754 [ 1267.991291][ C0] RBP: ffffc9000dd1f7e8 R08: 0000000000000001 R09: 0000000000000000 [ 1267.999286][ C0] R10: 0000000000000000 R11: 0000000000038fdc R12: ffffffff81a71b00 [ 1268.007371][ C0] R13: ffffc9000dd1f748 R14: 0000000000000000 R15: ffff888036328000 [ 1268.015547][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1268.021768][ C0] ? security_inode_getattr+0x116/0x290 [ 1268.027347][ C0] ? unwind_get_return_address+0x59/0xa0 [ 1268.033018][ C0] arch_stack_walk+0x85/0x100 [ 1268.037729][ C0] ? security_inode_getattr+0x116/0x290 [ 1268.043435][ C0] stack_trace_save+0x8e/0xc0 [ 1268.048279][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1268.053687][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 1268.058746][ C0] kasan_save_stack+0x33/0x60 [ 1268.063456][ C0] ? kasan_save_stack+0x33/0x60 [ 1268.068340][ C0] ? kasan_save_track+0x14/0x30 [ 1268.073232][ C0] ? kasan_save_free_info+0x3b/0x60 [ 1268.078475][ C0] ? __kasan_slab_free+0x51/0x70 [ 1268.083533][ C0] ? kfree+0x2b4/0x4d0 [ 1268.087626][ C0] ? tomoyo_path_perm+0x29a/0x460 [ 1268.092719][ C0] kasan_save_track+0x14/0x30 [ 1268.097427][ C0] kasan_save_free_info+0x3b/0x60 [ 1268.102753][ C0] __kasan_slab_free+0x51/0x70 [ 1268.107553][ C0] kfree+0x2b4/0x4d0 [ 1268.111472][ C0] ? tomoyo_path_perm+0x29a/0x460 [ 1268.116530][ C0] tomoyo_path_perm+0x29a/0x460 [ 1268.121425][ C0] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1268.126943][ C0] ? find_held_lock+0x2b/0x80 [ 1268.131738][ C0] ? __might_fault+0xe3/0x190 [ 1268.136454][ C0] ? __might_fault+0xe3/0x190 [ 1268.141184][ C0] ? __might_fault+0x13b/0x190 [ 1268.145995][ C0] security_inode_getattr+0x116/0x290 [ 1268.151482][ C0] vfs_statx+0x121/0x3e0 [ 1268.155753][ C0] ? __pfx_vfs_statx+0x10/0x10 [ 1268.160550][ C0] ? getname_flags.part.0+0x1c5/0x550 [ 1268.165954][ C0] vfs_fstatat+0x7b/0xf0 [ 1268.170240][ C0] __do_sys_newfstatat+0x97/0x120 [ 1268.175296][ C0] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 1268.180993][ C0] ? __x64_sys_umount+0x124/0x1a0 [ 1268.186072][ C0] ? __pfx___x64_sys_umount+0x10/0x10 [ 1268.191575][ C0] ? getname_flags.part.0+0x1c5/0x550 [ 1268.196984][ C0] do_syscall_64+0xcd/0x490 [ 1268.201612][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1268.207623][ C0] RIP: 0033:0x7f6e7d58d13a [ 1268.212068][ C0] Code: 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 0b 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 90 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 [ 1268.231707][ C0] RSP: 002b:00007ffc911c6128 EFLAGS: 00000286 ORIG_RAX: 0000000000000106 [ 1268.240243][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6e7d58d13a [ 1268.248683][ C0] RDX: 00007ffc911c6150 RSI: 00007ffc911c61e0 RDI: 00000000ffffff9c [ 1268.256679][ C0] RBP: 00007ffc911c61e0 R08: 0000000000000000 R09: 0000000000000000 [ 1268.264699][ C0] R10: 0000000000000100 R11: 0000000000000286 R12: 00007ffc911c7270 [ 1268.272704][ C0] R13: 00007f6e7d610925 R14: 0000000000136e91 R15: 00007ffc911c72b0 [ 1268.280891][ C0] [ 1268.406568][T20865] program syz.1.3150 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1268.942213][T20865] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1268.959377][T20865] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1268.966051][T20865] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1268.977089][T20865] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1269.682602][T20893] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1270.819231][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 1270.899575][T20905] ubi0: attaching mtd0 [ 1270.908870][T20905] ubi0: scanning is finished [ 1270.978269][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 1270.984397][T18988] Bluetooth: hci0: command 0x0c1a tx timeout [ 1270.987927][T14235] Bluetooth: hci2: command 0x0406 tx timeout [ 1271.401330][T20905] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1271.415956][T20905] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1271.477717][T20905] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1271.485314][T20905] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1271.569526][T20905] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1271.594312][T20905] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1271.639754][T20927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3164'. [ 1271.644726][T20905] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1228849428 [ 1271.726618][T20905] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1271.760533][T20927] bridge0: port 2(bridge_slave_1) entered disabled state [ 1271.869284][T20919] ubi0: background thread "ubi_bgt0d" started, PID 20919 [ 1271.914640][T20924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3162'. [ 1271.931400][T20930] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3162'. [ 1271.979615][T20927] bridge_slave_1 (unregistering): left allmulticast mode [ 1272.012865][T20927] bridge_slave_1 (unregistering): left promiscuous mode [ 1272.021659][T20927] bridge0: port 2(bridge_slave_1) entered disabled state [ 1272.090824][T20924] ipvlan1: entered allmulticast mode [ 1272.096480][T20924] veth0_vlan: entered allmulticast mode [ 1272.509858][T20940] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1274.318910][T20965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1274.328975][T20965] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1275.136917][T20978] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3177'. [ 1275.960694][T20981] net_ratelimit: 162 callbacks suppressed [ 1275.960711][T20981] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 1276.037251][T20981] netlink: zone id is out of range [ 1277.636263][T21023] random: crng reseeded on system resumption [ 1278.813020][T21045] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1281.875066][T21077] random: crng reseeded on system resumption [ 1282.230624][T21088] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3205'. [ 1285.167779][T21129] zram: Added device: zram0 [ 1285.221654][T21135] ICMPv6: process `syz.3.3214' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 1287.103149][T21164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1287.176203][T21168] FAULT_INJECTION: forcing a failure. [ 1287.176203][T21168] name failslab, interval 1, probability 0, space 0, times 0 [ 1287.433857][T21164] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1287.499052][T21168] CPU: 0 UID: 0 PID: 21168 Comm: syz.3.3221 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1287.499103][T21168] Tainted: [U]=USER [ 1287.499114][T21168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1287.499131][T21168] Call Trace: [ 1287.499142][T21168] [ 1287.499154][T21168] dump_stack_lvl+0x16c/0x1f0 [ 1287.499213][T21168] should_fail_ex+0x512/0x640 [ 1287.499254][T21168] ? __kvmalloc_node_noprof+0x124/0x620 [ 1287.499300][T21168] should_failslab+0xc2/0x120 [ 1287.499329][T21168] __kvmalloc_node_noprof+0x137/0x620 [ 1287.499370][T21168] ? __pfx___mutex_lock+0x10/0x10 [ 1287.499413][T21168] ? traverse.part.0.constprop.0+0x392/0x640 [ 1287.499461][T21168] ? traverse.part.0.constprop.0+0x392/0x640 [ 1287.499499][T21168] traverse.part.0.constprop.0+0x392/0x640 [ 1287.499551][T21168] seq_read_iter+0x932/0x12c0 [ 1287.499607][T21168] proc_reg_read_iter+0x220/0x310 [ 1287.499654][T21168] vfs_read+0x8bc/0xc60 [ 1287.499705][T21168] ? __pfx_vfs_read+0x10/0x10 [ 1287.499742][T21168] ? find_held_lock+0x2b/0x80 [ 1287.499803][T21168] __x64_sys_pread64+0x1eb/0x250 [ 1287.499847][T21168] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1287.499903][T21168] do_syscall_64+0xcd/0x490 [ 1287.499949][T21168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1287.499977][T21168] RIP: 0033:0x7f6e7d58e929 [ 1287.500002][T21168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1287.500031][T21168] RSP: 002b:00007f6e7e3c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1287.500060][T21168] RAX: ffffffffffffffda RBX: 00007f6e7d7b6240 RCX: 00007f6e7d58e929 [ 1287.500080][T21168] RDX: 0000008100000041 RSI: 0000000000000000 RDI: 0000000000000008 [ 1287.500099][T21168] RBP: 00007f6e7e3c0090 R08: 0000000000000000 R09: 0000000000000000 [ 1287.500116][T21168] R10: 000000000000413e R11: 0000000000000246 R12: 0000000000000001 [ 1287.500135][T21168] R13: 0000000000000000 R14: 00007f6e7d7b6240 R15: 00007ffc911c6e98 [ 1287.500184][T21168] [ 1288.099463][T21175] zswap: compressor not available [ 1288.450553][T21184] FAULT_INJECTION: forcing a failure. [ 1288.450553][T21184] name failslab, interval 1, probability 0, space 0, times 0 [ 1288.501280][T21184] CPU: 0 UID: 0 PID: 21184 Comm: syz.3.3226 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1288.501329][T21184] Tainted: [U]=USER [ 1288.501336][T21184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1288.501347][T21184] Call Trace: [ 1288.501354][T21184] [ 1288.501362][T21184] dump_stack_lvl+0x16c/0x1f0 [ 1288.501397][T21184] should_fail_ex+0x512/0x640 [ 1288.501424][T21184] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1288.501456][T21184] should_failslab+0xc2/0x120 [ 1288.501475][T21184] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1288.501505][T21184] ? anon_vma_fork+0xe6/0x620 [ 1288.501536][T21184] anon_vma_fork+0xe6/0x620 [ 1288.501561][T21184] ? vm_area_dup+0x5a1/0x8d0 [ 1288.501590][T21184] dup_mmap+0x152e/0x21d0 [ 1288.501622][T21184] ? __pfx_dup_mmap+0x10/0x10 [ 1288.501661][T21184] copy_process+0x4081/0x7650 [ 1288.501687][T21184] ? __pfx___futex_wait+0x10/0x10 [ 1288.501724][T21184] ? __pfx_copy_process+0x10/0x10 [ 1288.501749][T21184] ? kfree+0x24f/0x4d0 [ 1288.501776][T21184] ? __futex_hash.constprop.0+0x1e9/0x440 [ 1288.501804][T21184] kernel_clone+0xfc/0x960 [ 1288.501830][T21184] ? __pfx_kernel_clone+0x10/0x10 [ 1288.501869][T21184] __do_sys_clone+0xce/0x120 [ 1288.501912][T21184] ? __pfx___do_sys_clone+0x10/0x10 [ 1288.501948][T21184] ? xfd_validate_state+0x61/0x180 [ 1288.501976][T21184] ? __pfx_do_writev+0x10/0x10 [ 1288.502010][T21184] do_syscall_64+0xcd/0x490 [ 1288.502041][T21184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1288.502060][T21184] RIP: 0033:0x7f6e7d58e929 [ 1288.502077][T21184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1288.502096][T21184] RSP: 002b:00007f6e7e422fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1288.502115][T21184] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1288.502128][T21184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1288.502139][T21184] RBP: 00007f6e7d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1288.502150][T21184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1288.502162][T21184] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1288.502186][T21184] [ 1290.250564][T21220] FAULT_INJECTION: forcing a failure. [ 1290.250564][T21220] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.294049][T21220] CPU: 1 UID: 0 PID: 21220 Comm: syz.1.3236 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1290.294086][T21220] Tainted: [U]=USER [ 1290.294093][T21220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1290.294105][T21220] Call Trace: [ 1290.294112][T21220] [ 1290.294120][T21220] dump_stack_lvl+0x16c/0x1f0 [ 1290.294154][T21220] should_fail_ex+0x512/0x640 [ 1290.294189][T21220] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1290.294224][T21220] should_failslab+0xc2/0x120 [ 1290.294243][T21220] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1290.294272][T21220] ? lockdep_hardirqs_on+0x7c/0x110 [ 1290.294298][T21220] ? xfrm4_net_init+0x9e/0x1c0 [ 1290.294322][T21220] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 1290.294349][T21220] ? __pfx_xfrm4_net_init+0x10/0x10 [ 1290.294373][T21220] kmemdup_noprof+0x29/0x60 [ 1290.294402][T21220] xfrm4_net_init+0x9e/0x1c0 [ 1290.294426][T21220] ? __pfx_xfrm4_net_init+0x10/0x10 [ 1290.294448][T21220] ops_init+0x1df/0x5f0 [ 1290.294480][T21220] setup_net+0x1ff/0x510 [ 1290.294507][T21220] ? lockdep_init_map_type+0x5c/0x280 [ 1290.294537][T21220] ? __pfx_setup_net+0x10/0x10 [ 1290.294567][T21220] ? debug_mutex_init+0x37/0x70 [ 1290.294595][T21220] copy_net_ns+0x2a6/0x5f0 [ 1290.294616][T21220] create_new_namespaces+0x3ea/0xa90 [ 1290.294643][T21220] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1290.294667][T21220] ksys_unshare+0x45b/0xa40 [ 1290.294693][T21220] ? __pfx_ksys_unshare+0x10/0x10 [ 1290.294719][T21220] ? xfd_validate_state+0x61/0x180 [ 1290.294752][T21220] __x64_sys_unshare+0x31/0x40 [ 1290.294777][T21220] do_syscall_64+0xcd/0x490 [ 1290.294806][T21220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1290.294824][T21220] RIP: 0033:0x7f325618e929 [ 1290.294841][T21220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1290.294859][T21220] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1290.294877][T21220] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1290.294890][T21220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1290.294901][T21220] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1290.294915][T21220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1290.294926][T21220] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1290.294949][T21220] [ 1293.327685][T21263] random: crng reseeded on system resumption [ 1293.726927][T21260] FAULT_INJECTION: forcing a failure. [ 1293.726927][T21260] name failslab, interval 1, probability 0, space 0, times 0 [ 1293.757312][T21260] CPU: 0 UID: 0 PID: 21260 Comm: syz.1.3247 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1293.757364][T21260] Tainted: [U]=USER [ 1293.757375][T21260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1293.757394][T21260] Call Trace: [ 1293.757404][T21260] [ 1293.757417][T21260] dump_stack_lvl+0x16c/0x1f0 [ 1293.757467][T21260] should_fail_ex+0x512/0x640 [ 1293.757508][T21260] ? __kmalloc_node_noprof+0xc5/0x500 [ 1293.757555][T21260] should_failslab+0xc2/0x120 [ 1293.757584][T21260] __kmalloc_node_noprof+0xd8/0x500 [ 1293.757629][T21260] ? crypto_alg_lookup+0x113/0x1e0 [ 1293.757666][T21260] ? crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 1293.757704][T21260] ? __pfx_crypto_alg_extsize+0x10/0x10 [ 1293.757750][T21260] crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 1293.757789][T21260] crypto_create_tfm_node+0x85/0x350 [ 1293.757832][T21260] crypto_alloc_tfm_node+0x102/0x260 [ 1293.757874][T21260] public_key_verify_signature+0x1ca/0x970 [ 1293.757912][T21260] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1293.757949][T21260] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1293.757992][T21260] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1293.758063][T21260] pkcs7_verify+0x32f/0x1b20 [ 1293.758123][T21260] verify_pkcs7_message_sig+0xdd/0x250 [ 1293.758167][T21260] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1293.758198][T21260] ? kfree+0x2b4/0x4d0 [ 1293.758233][T21260] ? public_key_signature_free+0xda/0x110 [ 1293.758268][T21260] ? pkcs7_parse_message+0x531/0x720 [ 1293.758317][T21260] ? pkcs7_parse_message+0x536/0x720 [ 1293.758363][T21260] verify_pkcs7_signature+0x6d/0xa0 [ 1293.758400][T21260] valid_regdb+0x215/0x590 [ 1293.758433][T21260] ? __pfx___mutex_lock+0x10/0x10 [ 1293.758479][T21260] ? __pfx_valid_regdb+0x10/0x10 [ 1293.758521][T21260] reg_reload_regdb+0x11e/0x460 [ 1293.758559][T21260] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1293.758598][T21260] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1293.758638][T21260] ? nl80211_pre_doit+0x1b0/0xb10 [ 1293.758683][T21260] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1293.758721][T21260] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1293.758755][T21260] ? rcu_is_watching+0x12/0xc0 [ 1293.758799][T21260] ? bpf_lsm_capable+0x9/0x10 [ 1293.758832][T21260] ? security_capable+0x7e/0x260 [ 1293.758869][T21260] genl_rcv_msg+0x55c/0x800 [ 1293.758910][T21260] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1293.758948][T21260] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1293.758988][T21260] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1293.759016][T21260] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1293.759074][T21260] netlink_rcv_skb+0x158/0x420 [ 1293.759106][T21260] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1293.759142][T21260] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1293.759198][T21260] ? netlink_deliver_tap+0x1ae/0xd30 [ 1293.759249][T21260] genl_rcv+0x28/0x40 [ 1293.759279][T21260] netlink_unicast+0x53a/0x7f0 [ 1293.759314][T21260] ? __pfx_netlink_unicast+0x10/0x10 [ 1293.759356][T21260] netlink_sendmsg+0x8d1/0xdd0 [ 1293.759393][T21260] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1293.759443][T21260] ____sys_sendmsg+0xa98/0xc70 [ 1293.759478][T21260] ? copy_msghdr_from_user+0x10a/0x160 [ 1293.759519][T21260] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1293.759561][T21260] ? try_to_wake_up+0xa2f/0x1680 [ 1293.759604][T21260] ___sys_sendmsg+0x134/0x1d0 [ 1293.759646][T21260] ? __pfx____sys_sendmsg+0x10/0x10 [ 1293.759688][T21260] ? __lock_acquire+0x622/0x1c90 [ 1293.759779][T21260] __sys_sendmsg+0x16d/0x220 [ 1293.759827][T21260] ? __pfx___sys_sendmsg+0x10/0x10 [ 1293.759871][T21260] ? __x64_sys_futex+0x1e0/0x4c0 [ 1293.759934][T21260] do_syscall_64+0xcd/0x490 [ 1293.759996][T21260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1293.760028][T21260] RIP: 0033:0x7f325618e929 [ 1293.760055][T21260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1293.760087][T21260] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1293.760118][T21260] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1293.760140][T21260] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007 [ 1293.760167][T21260] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1293.760186][T21260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1293.760205][T21260] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1293.760246][T21260] [ 1293.795151][T21272] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3250'. [ 1295.178741][T21277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1295.284299][T21277] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1296.547785][T21303] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1296.790216][T21303] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1297.300620][T21313] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3260'. [ 1297.772537][T21317] nvme_fabrics: missing parameter 'transport=%s' [ 1297.848545][T21317] nvme_fabrics: missing parameter 'nqn=%s' [ 1297.980755][T21327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3263'. [ 1298.833641][T21338] random: crng reseeded on system resumption [ 1298.898429][T21338] FAULT_INJECTION: forcing a failure. [ 1298.898429][T21338] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.945666][T21338] CPU: 1 UID: 0 PID: 21338 Comm: syz.2.3265 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1298.945725][T21338] Tainted: [U]=USER [ 1298.945736][T21338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1298.945756][T21338] Call Trace: [ 1298.945767][T21338] [ 1298.945780][T21338] dump_stack_lvl+0x16c/0x1f0 [ 1298.945832][T21338] should_fail_ex+0x512/0x640 [ 1298.945886][T21338] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1298.945933][T21338] should_failslab+0xc2/0x120 [ 1298.945964][T21338] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1298.946008][T21338] ? mpi_alloc+0x46/0x230 [ 1298.946051][T21338] mpi_alloc+0x46/0x230 [ 1298.946085][T21338] ? mpi_free+0x14/0x160 [ 1298.946118][T21338] mpi_read_raw_data+0x133/0x4a0 [ 1298.946158][T21338] rsa_set_pub_key+0x149/0x270 [ 1298.946206][T21338] ? __pfx_rsa_set_pub_key+0x10/0x10 [ 1298.946271][T21338] ? __asan_memcpy+0x3c/0x60 [ 1298.946318][T21338] rsassa_pkcs1_set_pub_key+0xce/0x1f0 [ 1298.946357][T21338] public_key_verify_signature+0x779/0x970 [ 1298.946401][T21338] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1298.946442][T21338] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1298.946503][T21338] pkcs7_verify+0x32f/0x1b20 [ 1298.946563][T21338] verify_pkcs7_message_sig+0xdd/0x250 [ 1298.946598][T21338] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1298.946630][T21338] ? kfree+0x2b4/0x4d0 [ 1298.946664][T21338] ? public_key_signature_free+0xda/0x110 [ 1298.946705][T21338] ? pkcs7_parse_message+0x531/0x720 [ 1298.946754][T21338] ? pkcs7_parse_message+0x536/0x720 [ 1298.946801][T21338] verify_pkcs7_signature+0x6d/0xa0 [ 1298.946838][T21338] valid_regdb+0x215/0x590 [ 1298.946879][T21338] ? __pfx___mutex_lock+0x10/0x10 [ 1298.946925][T21338] ? __pfx_valid_regdb+0x10/0x10 [ 1298.946968][T21338] reg_reload_regdb+0x11e/0x460 [ 1298.947003][T21338] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1298.947041][T21338] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1298.947082][T21338] ? nl80211_pre_doit+0x1b0/0xb10 [ 1298.947131][T21338] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1298.947173][T21338] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1298.947207][T21338] ? rcu_is_watching+0x12/0xc0 [ 1298.947257][T21338] ? bpf_lsm_capable+0x9/0x10 [ 1298.947292][T21338] ? security_capable+0x7e/0x260 [ 1298.947333][T21338] genl_rcv_msg+0x55c/0x800 [ 1298.947375][T21338] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1298.947412][T21338] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1298.947452][T21338] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1298.947483][T21338] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1298.947544][T21338] netlink_rcv_skb+0x158/0x420 [ 1298.947575][T21338] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1298.947614][T21338] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1298.947667][T21338] ? netlink_deliver_tap+0x1ae/0xd30 [ 1298.947724][T21338] genl_rcv+0x28/0x40 [ 1298.947755][T21338] netlink_unicast+0x53a/0x7f0 [ 1298.947792][T21338] ? __pfx_netlink_unicast+0x10/0x10 [ 1298.947838][T21338] netlink_sendmsg+0x8d1/0xdd0 [ 1298.947885][T21338] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1298.947936][T21338] ____sys_sendmsg+0xa98/0xc70 [ 1298.947971][T21338] ? copy_msghdr_from_user+0x10a/0x160 [ 1298.948014][T21338] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1298.948058][T21338] ? try_to_wake_up+0xa2f/0x1680 [ 1298.948098][T21338] ___sys_sendmsg+0x134/0x1d0 [ 1298.948145][T21338] ? __pfx____sys_sendmsg+0x10/0x10 [ 1298.948185][T21338] ? __lock_acquire+0x622/0x1c90 [ 1298.948288][T21338] __sys_sendmsg+0x16d/0x220 [ 1298.948333][T21338] ? __pfx___sys_sendmsg+0x10/0x10 [ 1298.948378][T21338] ? __x64_sys_futex+0x1e0/0x4c0 [ 1298.948446][T21338] do_syscall_64+0xcd/0x490 [ 1298.948495][T21338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1298.948526][T21338] RIP: 0033:0x7f115f98e929 [ 1298.948551][T21338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1298.948580][T21338] RSP: 002b:00007f1160723038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1298.948610][T21338] RAX: ffffffffffffffda RBX: 00007f115fbb5fa0 RCX: 00007f115f98e929 [ 1298.948629][T21338] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1298.948648][T21338] RBP: 00007f115fa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1298.948667][T21338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1298.948685][T21338] R13: 0000000000000000 R14: 00007f115fbb5fa0 R15: 00007ffe987baa18 [ 1298.948725][T21338] [ 1299.360026][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1299.389034][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.056682][T21370] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3275'. [ 1301.126756][T21367] random: crng reseeded on system resumption [ 1301.322448][T21367] FAULT_INJECTION: forcing a failure. [ 1301.322448][T21367] name failslab, interval 1, probability 0, space 0, times 0 [ 1301.360358][T21367] CPU: 0 UID: 0 PID: 21367 Comm: syz.1.3273 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1301.360414][T21367] Tainted: [U]=USER [ 1301.360425][T21367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1301.360444][T21367] Call Trace: [ 1301.360455][T21367] [ 1301.360468][T21367] dump_stack_lvl+0x16c/0x1f0 [ 1301.360535][T21367] should_fail_ex+0x512/0x640 [ 1301.360580][T21367] ? __kmalloc_noprof+0xbf/0x510 [ 1301.360626][T21367] ? pkcs7_digest+0x253/0x840 [ 1301.360668][T21367] should_failslab+0xc2/0x120 [ 1301.360697][T21367] __kmalloc_noprof+0xd2/0x510 [ 1301.360741][T21367] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1301.360779][T21367] pkcs7_digest+0x253/0x840 [ 1301.360827][T21367] ? __pfx_pkcs7_digest+0x10/0x10 [ 1301.360881][T21367] pkcs7_verify+0x14e/0x1b20 [ 1301.360939][T21367] verify_pkcs7_message_sig+0xdd/0x250 [ 1301.360974][T21367] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1301.361006][T21367] ? kfree+0x2b4/0x4d0 [ 1301.361038][T21367] ? public_key_signature_free+0xda/0x110 [ 1301.361073][T21367] ? pkcs7_parse_message+0x531/0x720 [ 1301.361121][T21367] ? pkcs7_parse_message+0x536/0x720 [ 1301.361179][T21367] verify_pkcs7_signature+0x6d/0xa0 [ 1301.361215][T21367] valid_regdb+0x215/0x590 [ 1301.361247][T21367] ? __pfx___mutex_lock+0x10/0x10 [ 1301.361294][T21367] ? __pfx_valid_regdb+0x10/0x10 [ 1301.361333][T21367] reg_reload_regdb+0x11e/0x460 [ 1301.361366][T21367] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1301.361400][T21367] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1301.361437][T21367] ? nl80211_pre_doit+0x1b0/0xb10 [ 1301.361485][T21367] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1301.361526][T21367] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1301.361558][T21367] ? rcu_is_watching+0x12/0xc0 [ 1301.361603][T21367] ? bpf_lsm_capable+0x9/0x10 [ 1301.361638][T21367] ? security_capable+0x7e/0x260 [ 1301.361675][T21367] genl_rcv_msg+0x55c/0x800 [ 1301.361713][T21367] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1301.361747][T21367] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1301.361784][T21367] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1301.361814][T21367] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1301.361888][T21367] netlink_rcv_skb+0x158/0x420 [ 1301.361921][T21367] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1301.361962][T21367] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1301.362012][T21367] ? netlink_deliver_tap+0x1ae/0xd30 [ 1301.362065][T21367] genl_rcv+0x28/0x40 [ 1301.362097][T21367] netlink_unicast+0x53a/0x7f0 [ 1301.362145][T21367] ? __pfx_netlink_unicast+0x10/0x10 [ 1301.362187][T21367] netlink_sendmsg+0x8d1/0xdd0 [ 1301.362224][T21367] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1301.362270][T21367] ____sys_sendmsg+0xa98/0xc70 [ 1301.362295][T21367] ? copy_msghdr_from_user+0x10a/0x160 [ 1301.362323][T21367] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1301.362348][T21367] ? try_to_wake_up+0xa2f/0x1680 [ 1301.362371][T21367] ___sys_sendmsg+0x134/0x1d0 [ 1301.362400][T21367] ? __pfx____sys_sendmsg+0x10/0x10 [ 1301.362425][T21367] ? __lock_acquire+0x622/0x1c90 [ 1301.362479][T21367] __sys_sendmsg+0x16d/0x220 [ 1301.362507][T21367] ? __pfx___sys_sendmsg+0x10/0x10 [ 1301.362534][T21367] ? __x64_sys_futex+0x1e0/0x4c0 [ 1301.362571][T21367] do_syscall_64+0xcd/0x490 [ 1301.362602][T21367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1301.362621][T21367] RIP: 0033:0x7f325618e929 [ 1301.362638][T21367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1301.362656][T21367] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1301.362676][T21367] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1301.362688][T21367] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007 [ 1301.362699][T21367] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1301.362710][T21367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1301.362721][T21367] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1301.362744][T21367] [ 1302.489411][T21390] FAULT_INJECTION: forcing a failure. [ 1302.489411][T21390] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1302.513954][T21390] CPU: 0 UID: 0 PID: 21390 Comm: syz.0.3280 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1302.514010][T21390] Tainted: [U]=USER [ 1302.514021][T21390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1302.514040][T21390] Call Trace: [ 1302.514051][T21390] [ 1302.514069][T21390] dump_stack_lvl+0x16c/0x1f0 [ 1302.514118][T21390] should_fail_ex+0x512/0x640 [ 1302.514165][T21390] get_futex_key+0x1d0/0x1540 [ 1302.514207][T21390] ? __pfx_get_futex_key+0x10/0x10 [ 1302.514254][T21390] ? __pfx___schedule+0x10/0x10 [ 1302.514304][T21390] futex_wait_setup+0x84/0x510 [ 1302.514361][T21390] __futex_wait+0x194/0x2f0 [ 1302.514408][T21390] ? __pfx___futex_wait+0x10/0x10 [ 1302.514461][T21390] ? __pfx_futex_wake_mark+0x10/0x10 [ 1302.514510][T21390] ? plist_check_head+0xa3/0x150 [ 1302.514545][T21390] ? find_held_lock+0x2b/0x80 [ 1302.514592][T21390] futex_wait+0xe8/0x380 [ 1302.514637][T21390] ? __pfx_futex_wait+0x10/0x10 [ 1302.514692][T21390] ? kmem_cache_free+0x2d1/0x4d0 [ 1302.514736][T21390] ? find_held_lock+0x2b/0x80 [ 1302.514765][T21390] ? putname+0x154/0x1a0 [ 1302.514796][T21390] ? do_sys_openat2+0x1b0/0x1d0 [ 1302.514835][T21390] do_futex+0x229/0x350 [ 1302.514875][T21390] ? __pfx_do_futex+0x10/0x10 [ 1302.514925][T21390] __x64_sys_futex+0x1e0/0x4c0 [ 1302.514967][T21390] ? __x64_sys_openat+0x174/0x210 [ 1302.515002][T21390] ? __pfx___x64_sys_futex+0x10/0x10 [ 1302.515041][T21390] ? xfd_validate_state+0x61/0x180 [ 1302.515098][T21390] do_syscall_64+0xcd/0x490 [ 1302.515150][T21390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1302.515182][T21390] RIP: 0033:0x7fa22078e929 [ 1302.515209][T21390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1302.515251][T21390] RSP: 002b:00007fa21e5f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1302.515282][T21390] RAX: ffffffffffffffda RBX: 00007fa2209b5fa8 RCX: 00007fa22078e929 [ 1302.515304][T21390] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa2209b5fa8 [ 1302.515324][T21390] RBP: 00007fa2209b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1302.515344][T21390] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa2209b5fac [ 1302.515364][T21390] R13: 0000000000000000 R14: 00007ffedc868710 R15: 00007ffedc8687f8 [ 1302.515406][T21390] [ 1303.677215][T21409] netlink: 'syz.2.3285': attribute type 2 has an invalid length. [ 1304.149731][T21414] random: crng reseeded on system resumption [ 1304.543273][T21419] FAULT_INJECTION: forcing a failure. [ 1304.543273][T21419] name failslab, interval 1, probability 0, space 0, times 0 [ 1304.602109][T21419] CPU: 1 UID: 0 PID: 21419 Comm: syz.0.3287 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1304.602148][T21419] Tainted: [U]=USER [ 1304.602156][T21419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1304.602168][T21419] Call Trace: [ 1304.602175][T21419] [ 1304.602183][T21419] dump_stack_lvl+0x16c/0x1f0 [ 1304.602216][T21419] should_fail_ex+0x512/0x640 [ 1304.602244][T21419] ? __kmalloc_noprof+0xbf/0x510 [ 1304.602274][T21419] ? constrain_params_by_rules+0x175/0xca0 [ 1304.602295][T21419] should_failslab+0xc2/0x120 [ 1304.602312][T21419] __kmalloc_noprof+0xd2/0x510 [ 1304.602339][T21419] ? unwind_get_return_address+0x59/0xa0 [ 1304.602374][T21419] constrain_params_by_rules+0x175/0xca0 [ 1304.602399][T21419] ? stack_trace_save+0x8e/0xc0 [ 1304.602422][T21419] ? stack_depot_save_flags+0x28/0xa40 [ 1304.602450][T21419] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1304.602476][T21419] ? __kasan_kmalloc+0xaa/0xb0 [ 1304.602502][T21419] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 1304.602523][T21419] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1304.602542][T21419] ? snd_pcm_oss_sync+0x32e/0x840 [ 1304.602567][T21419] ? rcu_is_watching+0x12/0xc0 [ 1304.602588][T21419] ? snd_interval_refine+0x2fa/0x580 [ 1304.602616][T21419] snd_pcm_hw_refine+0x7de/0xad0 [ 1304.602641][T21419] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1304.602669][T21419] ? __asan_memset+0x23/0x50 [ 1304.602694][T21419] ? _snd_pcm_hw_param_min+0x259/0x630 [ 1304.602716][T21419] snd_pcm_oss_change_params_locked+0x65e/0x3a30 [ 1304.602738][T21419] ? __mutex_init+0x40/0x120 [ 1304.602767][T21419] ? rcu_is_watching+0x12/0xc0 [ 1304.602796][T21419] ? trace_contention_end+0xdd/0x130 [ 1304.602825][T21419] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1304.602854][T21419] ? snd_pcm_oss_sync+0x30c/0x840 [ 1304.602889][T21419] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1304.602913][T21419] snd_pcm_oss_sync+0x32e/0x840 [ 1304.602935][T21419] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1304.602964][T21419] snd_pcm_oss_release+0x28b/0x310 [ 1304.602997][T21419] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1304.603028][T21419] __fput+0x402/0xb70 [ 1304.603064][T21419] task_work_run+0x150/0x240 [ 1304.603108][T21419] ? __pfx_task_work_run+0x10/0x10 [ 1304.603138][T21419] ? __pfx___do_sys_close_range+0x10/0x10 [ 1304.603172][T21419] exit_to_user_mode_loop+0xeb/0x110 [ 1304.603209][T21419] do_syscall_64+0x3f6/0x490 [ 1304.603262][T21419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1304.603295][T21419] RIP: 0033:0x7fa22078e929 [ 1304.603323][T21419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1304.603353][T21419] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1304.603373][T21419] RAX: 0000000000000000 RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1304.603387][T21419] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1304.603398][T21419] RBP: 00007fa220810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1304.603410][T21419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1304.603422][T21419] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1304.603447][T21419] [ 1304.918828][ C1] vkms_vblank_simulate: vblank timer overrun [ 1305.411965][T21425] FAULT_INJECTION: forcing a failure. [ 1305.411965][T21425] name failslab, interval 1, probability 0, space 0, times 0 [ 1305.436019][T21425] CPU: 1 UID: 0 PID: 21425 Comm: syz.2.3288 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1305.436075][T21425] Tainted: [U]=USER [ 1305.436085][T21425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1305.436103][T21425] Call Trace: [ 1305.436113][T21425] [ 1305.436124][T21425] dump_stack_lvl+0x16c/0x1f0 [ 1305.436175][T21425] should_fail_ex+0x512/0x640 [ 1305.436226][T21425] ? fs_reclaim_acquire+0xae/0x150 [ 1305.436267][T21425] should_failslab+0xc2/0x120 [ 1305.436297][T21425] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1305.436339][T21425] ? tomoyo_init_log+0x197/0x2140 [ 1305.436384][T21425] tomoyo_init_log+0x197/0x2140 [ 1305.436429][T21425] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1305.436491][T21425] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1305.436531][T21425] ? tomoyo_profile+0x47/0x60 [ 1305.436576][T21425] ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0 [ 1305.436619][T21425] tomoyo_supervisor+0x302/0x13b0 [ 1305.436672][T21425] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1305.436749][T21425] ? tomoyo_check_path_acl+0xad/0x210 [ 1305.436788][T21425] ? tomoyo_check_acl+0x1f7/0x410 [ 1305.436826][T21425] tomoyo_path_permission+0x270/0x3b0 [ 1305.436876][T21425] tomoyo_check_open_permission+0x349/0x3c0 [ 1305.436916][T21425] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1305.436996][T21425] ? find_held_lock+0x2b/0x80 [ 1305.437042][T21425] tomoyo_file_open+0x6b/0x90 [ 1305.437089][T21425] security_file_open+0x84/0x1e0 [ 1305.437129][T21425] do_dentry_open+0x596/0x1c10 [ 1305.437184][T21425] vfs_open+0x82/0x3f0 [ 1305.437223][T21425] path_openat+0x1de4/0x2cb0 [ 1305.437281][T21425] ? __pfx_path_openat+0x10/0x10 [ 1305.437327][T21425] ? __lock_acquire+0xb8a/0x1c90 [ 1305.437371][T21425] do_filp_open+0x20b/0x470 [ 1305.437416][T21425] ? __pfx_do_filp_open+0x10/0x10 [ 1305.437489][T21425] ? alloc_fd+0x471/0x7d0 [ 1305.437540][T21425] do_sys_openat2+0x11b/0x1d0 [ 1305.437575][T21425] ? __pfx_do_sys_openat2+0x10/0x10 [ 1305.437625][T21425] __x64_sys_openat+0x174/0x210 [ 1305.437661][T21425] ? __pfx___x64_sys_openat+0x10/0x10 [ 1305.437711][T21425] do_syscall_64+0xcd/0x490 [ 1305.437761][T21425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1305.437789][T21425] RIP: 0033:0x7f115f98e929 [ 1305.437816][T21425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1305.437845][T21425] RSP: 002b:00007f115d7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1305.437887][T21425] RAX: ffffffffffffffda RBX: 00007f115fbb6080 RCX: 00007f115f98e929 [ 1305.437909][T21425] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1305.437927][T21425] RBP: 00007f115fa10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1305.437945][T21425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1305.437963][T21425] R13: 0000000000000000 R14: 00007f115fbb6080 R15: 00007ffe987baa18 [ 1305.438006][T21425] [ 1306.608311][T21441] zram: Added device: zram1 [ 1306.776541][T21443] netlink: 354 bytes leftover after parsing attributes in process `syz.3.3296'. [ 1309.215586][T21482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3304'. [ 1309.311291][T21485] random: crng reseeded on system resumption [ 1309.528329][T21485] FAULT_INJECTION: forcing a failure. [ 1309.528329][T21485] name failslab, interval 1, probability 0, space 0, times 0 [ 1309.560583][T21485] CPU: 1 UID: 0 PID: 21485 Comm: syz.1.3305 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1309.560619][T21485] Tainted: [U]=USER [ 1309.560626][T21485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1309.560638][T21485] Call Trace: [ 1309.560645][T21485] [ 1309.560653][T21485] dump_stack_lvl+0x16c/0x1f0 [ 1309.560685][T21485] should_fail_ex+0x512/0x640 [ 1309.560711][T21485] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1309.560739][T21485] should_failslab+0xc2/0x120 [ 1309.560758][T21485] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1309.560783][T21485] ? mpi_alloc+0x46/0x230 [ 1309.560808][T21485] mpi_alloc+0x46/0x230 [ 1309.560828][T21485] ? mpi_free+0x14/0x160 [ 1309.560848][T21485] mpi_read_raw_data+0x133/0x4a0 [ 1309.560872][T21485] rsa_set_pub_key+0x149/0x270 [ 1309.560903][T21485] ? __pfx_rsa_set_pub_key+0x10/0x10 [ 1309.560943][T21485] ? __asan_memcpy+0x3c/0x60 [ 1309.560971][T21485] rsassa_pkcs1_set_pub_key+0xce/0x1f0 [ 1309.560994][T21485] public_key_verify_signature+0x779/0x970 [ 1309.561035][T21485] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1309.561075][T21485] ? __pfx_public_key_verify_signature_2+0x10/0x10 [ 1309.561100][T21485] verify_signature+0xdf/0x130 [ 1309.561123][T21485] pkcs7_validate_trust+0x220/0x7e0 [ 1309.561161][T21485] verify_pkcs7_message_sig+0x12c/0x250 [ 1309.561184][T21485] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1309.561204][T21485] ? kfree+0x2b4/0x4d0 [ 1309.561225][T21485] ? public_key_signature_free+0xda/0x110 [ 1309.561247][T21485] ? pkcs7_parse_message+0x531/0x720 [ 1309.561277][T21485] ? pkcs7_parse_message+0x536/0x720 [ 1309.561305][T21485] verify_pkcs7_signature+0x6d/0xa0 [ 1309.561327][T21485] valid_regdb+0x215/0x590 [ 1309.561348][T21485] ? __pfx___mutex_lock+0x10/0x10 [ 1309.561376][T21485] ? __pfx_valid_regdb+0x10/0x10 [ 1309.561399][T21485] reg_reload_regdb+0x11e/0x460 [ 1309.561421][T21485] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1309.561443][T21485] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1309.561469][T21485] ? nl80211_pre_doit+0x1b0/0xb10 [ 1309.561498][T21485] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1309.561524][T21485] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1309.561546][T21485] ? rcu_is_watching+0x12/0xc0 [ 1309.561580][T21485] ? bpf_lsm_capable+0x9/0x10 [ 1309.561603][T21485] ? security_capable+0x7e/0x260 [ 1309.561625][T21485] genl_rcv_msg+0x55c/0x800 [ 1309.561650][T21485] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1309.561673][T21485] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1309.561698][T21485] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1309.561718][T21485] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1309.561753][T21485] netlink_rcv_skb+0x158/0x420 [ 1309.561773][T21485] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1309.561796][T21485] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1309.561825][T21485] ? netlink_deliver_tap+0x1ae/0xd30 [ 1309.561878][T21485] genl_rcv+0x28/0x40 [ 1309.561898][T21485] netlink_unicast+0x53a/0x7f0 [ 1309.561920][T21485] ? __pfx_netlink_unicast+0x10/0x10 [ 1309.561947][T21485] netlink_sendmsg+0x8d1/0xdd0 [ 1309.561970][T21485] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1309.561998][T21485] ____sys_sendmsg+0xa98/0xc70 [ 1309.562020][T21485] ? copy_msghdr_from_user+0x10a/0x160 [ 1309.562047][T21485] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1309.562073][T21485] ? try_to_wake_up+0xa2f/0x1680 [ 1309.562097][T21485] ___sys_sendmsg+0x134/0x1d0 [ 1309.562125][T21485] ? __pfx____sys_sendmsg+0x10/0x10 [ 1309.562150][T21485] ? __lock_acquire+0x622/0x1c90 [ 1309.562210][T21485] __sys_sendmsg+0x16d/0x220 [ 1309.562237][T21485] ? __pfx___sys_sendmsg+0x10/0x10 [ 1309.562264][T21485] ? __x64_sys_futex+0x1e0/0x4c0 [ 1309.562301][T21485] do_syscall_64+0xcd/0x490 [ 1309.562330][T21485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.562349][T21485] RIP: 0033:0x7f325618e929 [ 1309.562365][T21485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1309.562384][T21485] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1309.562403][T21485] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1309.562415][T21485] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1309.562426][T21485] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1309.562437][T21485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1309.562448][T21485] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1309.562472][T21485] [ 1309.998364][ C1] vkms_vblank_simulate: vblank timer overrun [ 1313.616206][T21526] FAULT_INJECTION: forcing a failure. [ 1313.616206][T21526] name failslab, interval 1, probability 0, space 0, times 0 [ 1313.650205][T21526] CPU: 0 UID: 0 PID: 21526 Comm: syz.1.3313 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1313.650263][T21526] Tainted: [U]=USER [ 1313.650275][T21526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1313.650294][T21526] Call Trace: [ 1313.650304][T21526] [ 1313.650318][T21526] dump_stack_lvl+0x16c/0x1f0 [ 1313.650371][T21526] should_fail_ex+0x512/0x640 [ 1313.650415][T21526] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1313.650463][T21526] should_failslab+0xc2/0x120 [ 1313.650493][T21526] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1313.650533][T21526] ? do_raw_spin_lock+0x12c/0x2b0 [ 1313.650581][T21526] ? find_held_lock+0x2b/0x80 [ 1313.650610][T21526] ? alloc_fdtable+0xa0/0x2b0 [ 1313.650656][T21526] alloc_fdtable+0xa0/0x2b0 [ 1313.650699][T21526] dup_fd+0x83b/0xb90 [ 1313.650741][T21526] ? __sys_connect+0xe0/0x160 [ 1313.650790][T21526] __do_sys_close_range+0x4ca/0x730 [ 1313.650841][T21526] ? __pfx___do_sys_close_range+0x10/0x10 [ 1313.650908][T21526] do_syscall_64+0xcd/0x490 [ 1313.650957][T21526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1313.650990][T21526] RIP: 0033:0x7f325618e929 [ 1313.651015][T21526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1313.651046][T21526] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1313.651077][T21526] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1313.651098][T21526] RDX: 0000000000000002 RSI: 000000000000000a RDI: 0000000000000002 [ 1313.651117][T21526] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1313.651134][T21526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1313.651153][T21526] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1313.651193][T21526] [ 1314.123214][T21535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3315'. [ 1314.290348][T21532] ima: policy update failed [ 1314.317824][ T30] audit: type=1802 audit(3151.562:21): pid=21532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3315" res=0 errno=0 [ 1315.348385][T21556] netlink: 504 bytes leftover after parsing attributes in process `syz.2.3319'. [ 1315.455264][T21558] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3320'. [ 1315.459282][T21555] netlink: 504 bytes leftover after parsing attributes in process `syz.2.3319'. [ 1315.487834][T21558] ipvlan1: entered allmulticast mode [ 1315.493384][T21558] veth0_vlan: entered allmulticast mode [ 1315.690265][T21558] nvme_fcloop: unknown parameter or missing value '^/]' [ 1315.753886][T21558] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3320'. [ 1316.035684][T21565] random: crng reseeded on system resumption [ 1316.121402][T21562] FAULT_INJECTION: forcing a failure. [ 1316.121402][T21562] name failslab, interval 1, probability 0, space 0, times 0 [ 1316.144893][T21562] CPU: 0 UID: 0 PID: 21562 Comm: syz.0.3321 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1316.144947][T21562] Tainted: [U]=USER [ 1316.144958][T21562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1316.144976][T21562] Call Trace: [ 1316.144988][T21562] [ 1316.145000][T21562] dump_stack_lvl+0x16c/0x1f0 [ 1316.145054][T21562] should_fail_ex+0x512/0x640 [ 1316.145098][T21562] ? __kmalloc_noprof+0xbf/0x510 [ 1316.145146][T21562] ? public_key_verify_signature+0x25b/0x970 [ 1316.145191][T21562] should_failslab+0xc2/0x120 [ 1316.145221][T21562] __kmalloc_noprof+0xd2/0x510 [ 1316.145275][T21562] public_key_verify_signature+0x25b/0x970 [ 1316.145314][T21562] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1316.145348][T21562] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1316.145388][T21562] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1316.145451][T21562] pkcs7_verify+0x32f/0x1b20 [ 1316.145513][T21562] verify_pkcs7_message_sig+0xdd/0x250 [ 1316.145547][T21562] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1316.145581][T21562] ? kfree+0x2b4/0x4d0 [ 1316.145615][T21562] ? public_key_signature_free+0xda/0x110 [ 1316.145650][T21562] ? pkcs7_parse_message+0x531/0x720 [ 1316.145699][T21562] ? pkcs7_parse_message+0x536/0x720 [ 1316.145747][T21562] verify_pkcs7_signature+0x6d/0xa0 [ 1316.145784][T21562] valid_regdb+0x215/0x590 [ 1316.145818][T21562] ? __pfx___mutex_lock+0x10/0x10 [ 1316.145865][T21562] ? __pfx_valid_regdb+0x10/0x10 [ 1316.145906][T21562] reg_reload_regdb+0x11e/0x460 [ 1316.145941][T21562] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1316.145978][T21562] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1316.146020][T21562] ? nl80211_pre_doit+0x1b0/0xb10 [ 1316.146069][T21562] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1316.146112][T21562] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1316.146146][T21562] ? rcu_is_watching+0x12/0xc0 [ 1316.146202][T21562] ? bpf_lsm_capable+0x9/0x10 [ 1316.146239][T21562] ? security_capable+0x7e/0x260 [ 1316.146281][T21562] genl_rcv_msg+0x55c/0x800 [ 1316.146323][T21562] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1316.146360][T21562] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1316.146401][T21562] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1316.146433][T21562] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1316.146492][T21562] netlink_rcv_skb+0x158/0x420 [ 1316.146524][T21562] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1316.146563][T21562] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1316.146612][T21562] ? netlink_deliver_tap+0x1ae/0xd30 [ 1316.146670][T21562] genl_rcv+0x28/0x40 [ 1316.146702][T21562] netlink_unicast+0x53a/0x7f0 [ 1316.146740][T21562] ? __pfx_netlink_unicast+0x10/0x10 [ 1316.146785][T21562] netlink_sendmsg+0x8d1/0xdd0 [ 1316.146825][T21562] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1316.146875][T21562] ____sys_sendmsg+0xa98/0xc70 [ 1316.146911][T21562] ? copy_msghdr_from_user+0x10a/0x160 [ 1316.146954][T21562] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1316.146997][T21562] ? try_to_wake_up+0xa2f/0x1680 [ 1316.147036][T21562] ___sys_sendmsg+0x134/0x1d0 [ 1316.147083][T21562] ? __pfx____sys_sendmsg+0x10/0x10 [ 1316.147125][T21562] ? __lock_acquire+0x622/0x1c90 [ 1316.147237][T21562] __sys_sendmsg+0x16d/0x220 [ 1316.147283][T21562] ? __pfx___sys_sendmsg+0x10/0x10 [ 1316.147327][T21562] ? __x64_sys_futex+0x1e0/0x4c0 [ 1316.147392][T21562] do_syscall_64+0xcd/0x490 [ 1316.147441][T21562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1316.147472][T21562] RIP: 0033:0x7fa22078e929 [ 1316.147497][T21562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1316.147527][T21562] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1316.147558][T21562] RAX: ffffffffffffffda RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1316.147578][T21562] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007 [ 1316.147597][T21562] RBP: 00007fa220810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1316.147617][T21562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1316.147635][T21562] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1316.147677][T21562] [ 1316.715127][T21575] kAFS: No cell specified [ 1318.458924][T21599] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'. [ 1322.122919][T21650] random: crng reseeded on system resumption [ 1322.612785][T21646] FAULT_INJECTION: forcing a failure. [ 1322.612785][T21646] name failslab, interval 1, probability 0, space 0, times 0 [ 1322.627092][T21646] CPU: 1 UID: 0 PID: 21646 Comm: syz.0.3345 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1322.627130][T21646] Tainted: [U]=USER [ 1322.627137][T21646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1322.627148][T21646] Call Trace: [ 1322.627156][T21646] [ 1322.627164][T21646] dump_stack_lvl+0x16c/0x1f0 [ 1322.627196][T21646] should_fail_ex+0x512/0x640 [ 1322.627223][T21646] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1322.627251][T21646] should_failslab+0xc2/0x120 [ 1322.627269][T21646] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1322.627296][T21646] ? pkcs7_note_signed_info+0x2e2/0x5e0 [ 1322.627325][T21646] ? kasan_save_track+0x14/0x30 [ 1322.627355][T21646] pkcs7_note_signed_info+0x2e2/0x5e0 [ 1322.627384][T21646] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1322.627415][T21646] asn1_ber_decoder+0xaee/0x1df0 [ 1322.627453][T21646] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 1322.627497][T21646] pkcs7_parse_message+0x288/0x720 [ 1322.627527][T21646] verify_pkcs7_signature+0x30/0xa0 [ 1322.627549][T21646] valid_regdb+0x215/0x590 [ 1322.627569][T21646] ? __pfx___mutex_lock+0x10/0x10 [ 1322.627597][T21646] ? __pfx_valid_regdb+0x10/0x10 [ 1322.627621][T21646] reg_reload_regdb+0x11e/0x460 [ 1322.627644][T21646] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1322.627666][T21646] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1322.627692][T21646] ? nl80211_pre_doit+0x1b0/0xb10 [ 1322.627722][T21646] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1322.627747][T21646] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1322.627769][T21646] ? rcu_is_watching+0x12/0xc0 [ 1322.627797][T21646] ? bpf_lsm_capable+0x9/0x10 [ 1322.627820][T21646] ? security_capable+0x7e/0x260 [ 1322.627842][T21646] genl_rcv_msg+0x55c/0x800 [ 1322.627867][T21646] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1322.627889][T21646] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1322.627915][T21646] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1322.627934][T21646] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1322.627968][T21646] netlink_rcv_skb+0x158/0x420 [ 1322.627987][T21646] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1322.628010][T21646] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1322.628038][T21646] ? netlink_deliver_tap+0x1ae/0xd30 [ 1322.628071][T21646] genl_rcv+0x28/0x40 [ 1322.628090][T21646] netlink_unicast+0x53a/0x7f0 [ 1322.628118][T21646] ? __pfx_netlink_unicast+0x10/0x10 [ 1322.628144][T21646] netlink_sendmsg+0x8d1/0xdd0 [ 1322.628166][T21646] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1322.628193][T21646] ____sys_sendmsg+0xa98/0xc70 [ 1322.628215][T21646] ? copy_msghdr_from_user+0x10a/0x160 [ 1322.628242][T21646] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1322.628268][T21646] ? __pfx_futex_wake_mark+0x10/0x10 [ 1322.628298][T21646] ___sys_sendmsg+0x134/0x1d0 [ 1322.628327][T21646] ? __pfx____sys_sendmsg+0x10/0x10 [ 1322.628353][T21646] ? __lock_acquire+0x622/0x1c90 [ 1322.628404][T21646] __sys_sendmsg+0x16d/0x220 [ 1322.628432][T21646] ? __pfx___sys_sendmsg+0x10/0x10 [ 1322.628459][T21646] ? __x64_sys_futex+0x1e0/0x4c0 [ 1322.628494][T21646] do_syscall_64+0xcd/0x490 [ 1322.628524][T21646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1322.628543][T21646] RIP: 0033:0x7fa22078e929 [ 1322.628559][T21646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1322.628578][T21646] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1322.628597][T21646] RAX: ffffffffffffffda RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1322.628609][T21646] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000008 [ 1322.628620][T21646] RBP: 00007fa220810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1322.628631][T21646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1322.628642][T21646] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1322.628664][T21646] [ 1322.999176][ C1] vkms_vblank_simulate: vblank timer overrun [ 1323.775116][T21661] random: crng reseeded on system resumption [ 1324.165425][T21671] sctp: [Deprecated]: syz.0.3351 (pid 21671) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1324.165425][T21671] Use struct sctp_sack_info instead [ 1324.283849][T21669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1324.302397][T21669] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1326.312385][T21705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3360'. [ 1327.348773][T21730] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1327.609874][T21735] random: crng reseeded on system resumption [ 1328.660337][T21748] sg_write: data in/out 825231589/2147479506 bytes for SCSI command 0x35-- guessing data in; [ 1328.660337][T21748] program syz.3.3367 not setting count and/or reply_len properly [ 1328.948478][T21760] zswap: compressor 000 not available [ 1329.047149][T21766] zswap: compressor |\ys,3vCmQ/,4"td~Myvvo6KZ菗`߹ۧbnu` [ 1329.047149][T21766] OzVe}reyuR<11U:0I߆&c1,cd97[Ʒ>cʵdRV?,4LNH4p?t05cur ϗ not available [ 1329.899262][T21772] zswap: compressor not available [ 1330.318636][T21772] zswap: compressor [ 1330.318636][T21772] use_profile 0 [ 1330.318636][T21772] [ 1330.318636][T21772] file mkdir/chmod /dev/ 0755 [ 1330.318636][T21772] file chown/chgrp /dev/ 0 [ 1330.318636][T21772] file mkchar /dev/console 0600 5 1 [ 1330.318636][T21772] file chown/chgrp /dev/console 0 [ 1330.318636][T21772] file chmod /dev/console 0600 [ 1330.318636][T21772] file mkdir/chmod /root/ 0700 [ 1330.318636][T21772] file chown/chgrp /root/ 0 [ 1330.318636][T21772] file read/write /dev/console [ 1330.318636][T21772] file mkblock /dev/ram 0600 1 0 [ 1330.318636][T21772] file read/write/unlink /dev/ram [ 1330.318636][T21772] file mkblock /dev/root 0600 8 1 [ 1330.318636][T21772] file mount /dev/root /root/ ext3 0x8001 [ 1330.318636][T21772] file mount /dev/root /root/ ext2 0x8001 [ 1330.318636][T21772] file mount /dev/root /root/ ext4 0x8001 [ 1330.318636][T21772] file mount devtmpfs /root/dev/ devtmpfs 0x8000 [ 1330.318636][T21772] file mount /root/ / --move 0x0 [ 1330.318636][T21772] file chroot / [ 1330.318636][T21772] file write proc:/sys/kernel/hung_task_all_cpu_backtrace [ 1330.318636][T21772] file write proc:/sys/vm/nr_hugepages [ 1330.318636][T21772] file write proc:/sys/vm/nr_overcommit_hugepages [ 1330.318636][T21772] file write proc:/sys/net/core/netdev_unregister_timeout_secs [ 1330.318636][T21772] file execute /sbin/init exec.realpath="/sbin/init" exec.argv[0]="/sbin/init" [ 1330.318636][T21772] file execute /sbin/modprobe exec.realpath="/sbin/modprobe" exec.argv[0]="/sbin/modprobe" [ 1330.318636][T21772] file read /lib/firmware/regulatory.db [ 1330.318636][T21772] file read /lib/firmware/regulatory [ 1330.392359][T21791] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1331.051608][T21803] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 1333.370086][T21839] FAULT_INJECTION: forcing a failure. [ 1333.370086][T21839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1333.386413][T21839] CPU: 1 UID: 0 PID: 21839 Comm: syz.0.3390 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1333.386466][T21839] Tainted: [U]=USER [ 1333.386477][T21839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1333.386496][T21839] Call Trace: [ 1333.386507][T21839] [ 1333.386519][T21839] dump_stack_lvl+0x16c/0x1f0 [ 1333.386569][T21839] should_fail_ex+0x512/0x640 [ 1333.386621][T21839] _copy_to_iter+0x463/0x16f0 [ 1333.386676][T21839] ? lru_gen_seq_stop+0xa3/0x100 [ 1333.386714][T21839] ? __pfx__copy_to_iter+0x10/0x10 [ 1333.386764][T21839] ? lru_gen_seq_stop+0xa3/0x100 [ 1333.386797][T21839] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 1333.386853][T21839] seq_read_iter+0x719/0x12c0 [ 1333.386894][T21839] ? aa_file_perm+0x4d6/0xfb0 [ 1333.386947][T21839] seq_read+0x39e/0x4e0 [ 1333.386983][T21839] ? __pfx_seq_read+0x10/0x10 [ 1333.387031][T21839] ? get_pid_task+0xfc/0x250 [ 1333.387103][T21839] full_proxy_read+0x13f/0x200 [ 1333.387133][T21839] ? __pfx_full_proxy_read+0x10/0x10 [ 1333.387165][T21839] vfs_read+0x1e1/0xc60 [ 1333.387218][T21839] ? __pfx_vfs_read+0x10/0x10 [ 1333.387258][T21839] ? find_held_lock+0x2b/0x80 [ 1333.387293][T21839] ? __fget_files+0x204/0x3c0 [ 1333.387342][T21839] ? __fget_files+0x20e/0x3c0 [ 1333.387395][T21839] __x64_sys_pread64+0x1eb/0x250 [ 1333.387442][T21839] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1333.387502][T21839] do_syscall_64+0xcd/0x490 [ 1333.387552][T21839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1333.387583][T21839] RIP: 0033:0x7fa22078e929 [ 1333.387608][T21839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1333.387639][T21839] RSP: 002b:00007fa21e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1333.387669][T21839] RAX: ffffffffffffffda RBX: 00007fa2209b5fa0 RCX: 00007fa22078e929 [ 1333.387690][T21839] RDX: 00000000000007ff RSI: 0000000000000000 RDI: 0000000000000003 [ 1333.387709][T21839] RBP: 00007fa220810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1333.387729][T21839] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000 [ 1333.387748][T21839] R13: 0000000000000000 R14: 00007fa2209b5fa0 R15: 00007ffedc8687f8 [ 1333.387790][T21839] [ 1334.242195][T21845] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3391'. [ 1335.255671][T21875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3399'. [ 1335.581954][T21882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3402'. [ 1339.664912][T21937] Invalid ELF header magic: != ELF [ 1342.130636][T21977] FAULT_INJECTION: forcing a failure. [ 1342.130636][T21977] name failslab, interval 1, probability 0, space 0, times 0 [ 1342.145520][T21977] CPU: 1 UID: 0 PID: 21977 Comm: syz.1.3425 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1342.145575][T21977] Tainted: [U]=USER [ 1342.145586][T21977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1342.145605][T21977] Call Trace: [ 1342.145616][T21977] [ 1342.145630][T21977] dump_stack_lvl+0x16c/0x1f0 [ 1342.145681][T21977] should_fail_ex+0x512/0x640 [ 1342.145724][T21977] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1342.145778][T21977] should_failslab+0xc2/0x120 [ 1342.145808][T21977] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1342.145853][T21977] ? security_file_alloc+0x34/0x2b0 [ 1342.145899][T21977] security_file_alloc+0x34/0x2b0 [ 1342.145938][T21977] init_file+0x93/0x4c0 [ 1342.145969][T21977] alloc_empty_file+0x73/0x1e0 [ 1342.146004][T21977] path_openat+0xda/0x2cb0 [ 1342.146055][T21977] ? rcu_is_watching+0x12/0xc0 [ 1342.146098][T21977] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1342.146131][T21977] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1342.146176][T21977] ? __pfx_path_openat+0x10/0x10 [ 1342.146225][T21977] ? __asan_memcpy+0x3c/0x60 [ 1342.146271][T21977] do_file_open_root+0x322/0x610 [ 1342.146314][T21977] ? stack_trace_save+0x8e/0xc0 [ 1342.146353][T21977] ? __pfx_do_file_open_root+0x10/0x10 [ 1342.146441][T21977] ? vsnprintf+0x318/0x1160 [ 1342.146488][T21977] file_open_root+0x2a7/0x450 [ 1342.146537][T21977] ? __pfx_file_open_root+0x10/0x10 [ 1342.146580][T21977] ? find_held_lock+0x2b/0x80 [ 1342.146615][T21977] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 1342.146660][T21977] kernel_read_file_from_path_initns+0x189/0x260 [ 1342.146700][T21977] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 1342.146733][T21977] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1342.146770][T21977] ? _request_firmware+0x503/0x1470 [ 1342.146818][T21977] _request_firmware+0x744/0x1470 [ 1342.146865][T21977] ? __pfx__request_firmware+0x10/0x10 [ 1342.146921][T21977] request_firmware+0x35/0x50 [ 1342.146962][T21977] valid_regdb+0x188/0x590 [ 1342.146994][T21977] ? __pfx___mutex_lock+0x10/0x10 [ 1342.147039][T21977] ? __pfx_valid_regdb+0x10/0x10 [ 1342.147082][T21977] reg_reload_regdb+0x11e/0x460 [ 1342.147127][T21977] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1342.147167][T21977] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1342.147210][T21977] ? nl80211_pre_doit+0x1b0/0xb10 [ 1342.147261][T21977] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1342.147304][T21977] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1342.147340][T21977] ? rcu_is_watching+0x12/0xc0 [ 1342.147388][T21977] ? bpf_lsm_capable+0x9/0x10 [ 1342.147425][T21977] ? security_capable+0x7e/0x260 [ 1342.147464][T21977] genl_rcv_msg+0x55c/0x800 [ 1342.147507][T21977] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1342.147545][T21977] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1342.147587][T21977] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1342.147619][T21977] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1342.147681][T21977] netlink_rcv_skb+0x158/0x420 [ 1342.147712][T21977] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1342.147751][T21977] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1342.147801][T21977] ? netlink_deliver_tap+0x1ae/0xd30 [ 1342.147856][T21977] genl_rcv+0x28/0x40 [ 1342.147886][T21977] netlink_unicast+0x53a/0x7f0 [ 1342.147923][T21977] ? __pfx_netlink_unicast+0x10/0x10 [ 1342.147965][T21977] netlink_sendmsg+0x8d1/0xdd0 [ 1342.148004][T21977] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1342.148052][T21977] ____sys_sendmsg+0xa98/0xc70 [ 1342.148099][T21977] ? copy_msghdr_from_user+0x10a/0x160 [ 1342.148144][T21977] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1342.148189][T21977] ? try_to_wake_up+0xa2f/0x1680 [ 1342.148228][T21977] ___sys_sendmsg+0x134/0x1d0 [ 1342.148278][T21977] ? __pfx____sys_sendmsg+0x10/0x10 [ 1342.148319][T21977] ? __lock_acquire+0x622/0x1c90 [ 1342.148415][T21977] __sys_sendmsg+0x16d/0x220 [ 1342.148462][T21977] ? __pfx___sys_sendmsg+0x10/0x10 [ 1342.148506][T21977] ? __x64_sys_futex+0x1e0/0x4c0 [ 1342.148574][T21977] do_syscall_64+0xcd/0x490 [ 1342.148624][T21977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1342.148656][T21977] RIP: 0033:0x7f325618e929 [ 1342.148682][T21977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1342.148714][T21977] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1342.148744][T21977] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1342.148765][T21977] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007 [ 1342.148783][T21977] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1342.148802][T21977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1342.148820][T21977] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1342.148856][T21977] [ 1342.148984][T21977] platform regulatory.0: loading /lib/firmware/6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88/regulatory.db.p7s failed with error -12 [ 1342.994756][T21992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3428'. [ 1343.177366][T22004] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3431'. [ 1343.374111][T21997] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3429'. [ 1343.710905][T22024] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3433'. [ 1345.019376][T22051] random: crng reseeded on system resumption [ 1345.165607][T22062] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3438'. [ 1345.627556][T22082] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3442'. [ 1345.686397][T22082] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3442'. [ 1346.235095][T22079] ima: policy update failed [ 1346.260568][ T30] audit: type=1802 audit(3183.669:22): pid=22079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3441" res=0 errno=0 [ 1347.075749][T22212] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3448'. [ 1349.760298][T22297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3457'. [ 1350.264092][T22306] netlink: 'syz.1.3459': attribute type 2 has an invalid length. [ 1351.598586][T22358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3464'. [ 1351.856925][T22352] zswap: compressor not available [ 1354.198433][T22500] Unable to find swap-space signature [ 1355.098676][T22513] random: crng reseeded on system resumption [ 1355.240715][T22516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3477'. [ 1355.551591][T22521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3479'. [ 1357.059240][T22559] random: crng reseeded on system resumption [ 1357.124611][T22560] netlink: 206 bytes leftover after parsing attributes in process `syz.3.3484'. [ 1357.269427][T22563] 0x000200000001-0xa29656a63616329 : "" [ 1357.304131][T22563] mtd: partition "" is out of reach -- disabled [ 1357.528208][T22563] ftl_cs: FTL header not found. [ 1360.006066][T22638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3497'. [ 1360.321079][T22643] netlink: 'syz.2.3499': attribute type 17 has an invalid length. [ 1360.337883][T22643] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3499'. [ 1360.516867][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1360.523481][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1360.903769][T22656] zram: Removed device: zram0 [ 1361.224701][T22665] random: crng reseeded on system resumption [ 1361.419303][T22669] netlink: 'syz.3.3506': attribute type 2 has an invalid length. [ 1361.876467][T22696] tipc: Started in network mode [ 1361.881748][T22696] tipc: Node identity 30303030, cluster identity 4711 [ 1361.894321][T22696] tipc: Node number set to 808464432 [ 1365.609178][T22764] random: crng reseeded on system resumption [ 1367.053620][T22762] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1367.695440][T22799] FAULT_INJECTION: forcing a failure. [ 1367.695440][T22799] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1367.769589][T22799] CPU: 1 UID: 0 PID: 22799 Comm: syz.2.3526 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1367.769640][T22799] Tainted: [U]=USER [ 1367.769651][T22799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1367.769669][T22799] Call Trace: [ 1367.769679][T22799] [ 1367.769692][T22799] dump_stack_lvl+0x16c/0x1f0 [ 1367.769742][T22799] should_fail_ex+0x512/0x640 [ 1367.769800][T22799] _copy_to_user+0x32/0xd0 [ 1367.769849][T22799] simple_read_from_buffer+0xcb/0x170 [ 1367.769891][T22799] proc_fail_nth_read+0x197/0x270 [ 1367.769929][T22799] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1367.769968][T22799] ? rw_verify_area+0xcf/0x680 [ 1367.770004][T22799] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1367.770038][T22799] vfs_read+0x1e1/0xc60 [ 1367.770086][T22799] ? __pfx___mutex_lock+0x10/0x10 [ 1367.770131][T22799] ? __pfx_vfs_read+0x10/0x10 [ 1367.770184][T22799] ? __fget_files+0x20e/0x3c0 [ 1367.770238][T22799] ksys_read+0x12a/0x250 [ 1367.770280][T22799] ? __pfx_ksys_read+0x10/0x10 [ 1367.770334][T22799] do_syscall_64+0xcd/0x490 [ 1367.770383][T22799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1367.770415][T22799] RIP: 0033:0x7f115f98d33c [ 1367.770441][T22799] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1367.770471][T22799] RSP: 002b:00007f115d7f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1367.770501][T22799] RAX: ffffffffffffffda RBX: 00007f115fbb6080 RCX: 00007f115f98d33c [ 1367.770522][T22799] RDX: 000000000000000f RSI: 00007f115d7f60a0 RDI: 0000000000000004 [ 1367.770540][T22799] RBP: 00007f115d7f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1367.770559][T22799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1367.770577][T22799] R13: 0000000000000000 R14: 00007f115fbb6080 R15: 00007ffe987baa18 [ 1367.770617][T22799] [ 1367.962985][ C1] vkms_vblank_simulate: vblank timer overrun [ 1368.909734][T22819] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3531'. [ 1370.858744][T22836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1370.868991][T22836] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1373.691235][T22919] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1374.701262][T23001] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3545'. [ 1374.978916][T22974] zswap: compressor not available [ 1375.087956][T23011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3547'. [ 1375.927659][T23031] netlink: 'syz.2.3549': attribute type 2 has an invalid length. [ 1381.284822][T23141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3561'. [ 1381.393113][T23144] random: crng reseeded on system resumption [ 1383.199387][T23175] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 1383.199387][T23175] M' is too long [ 1383.247730][T23175] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 1383.247730][T23175] W ' is too long [ 1384.766519][T23281] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3570'. [ 1386.077781][T23309] ubi: mtd0 is already attached to ubi0 [ 1386.669913][T23331] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 1387.320255][T23346] zswap: compressor not available [ 1387.687485][T23413] netlink: 'syz.0.3579': attribute type 2 has an invalid length. [ 1388.812627][T23485] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3582'. [ 1389.451073][T23518] random: crng reseeded on system resumption [ 1389.766751][T23521] FAULT_INJECTION: forcing a failure. [ 1389.766751][T23521] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1389.857936][T23521] CPU: 0 UID: 0 PID: 23521 Comm: syz.1.3586 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1389.857971][T23521] Tainted: [U]=USER [ 1389.857983][T23521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1389.857995][T23521] Call Trace: [ 1389.858009][T23521] [ 1389.858017][T23521] dump_stack_lvl+0x16c/0x1f0 [ 1389.858050][T23521] should_fail_ex+0x512/0x640 [ 1389.858077][T23521] ? page_copy_sane+0xcd/0x2d0 [ 1389.858106][T23521] copy_folio_from_iter_atomic+0x375/0x1aa0 [ 1389.858143][T23521] ? fault_in_readable+0x132/0x1d0 [ 1389.858162][T23521] ? fault_in_readable+0x135/0x1d0 [ 1389.858181][T23521] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 1389.858214][T23521] ? fault_in_readable+0x179/0x1d0 [ 1389.858233][T23521] ? __pfx_fault_in_readable+0x10/0x10 [ 1389.858250][T23521] ? rcu_is_watching+0x12/0xc0 [ 1389.858270][T23521] ? I_BDEV+0xd/0x20 [ 1389.858288][T23521] ? inode_to_bdi+0x9e/0x160 [ 1389.858322][T23521] iomap_file_buffered_write+0x546/0xaf0 [ 1389.858351][T23521] ? __pfx_iomap_file_buffered_write+0x10/0x10 [ 1389.858393][T23521] ? __pfx_down_read+0x10/0x10 [ 1389.858411][T23521] ? preempt_count_add+0x76/0x150 [ 1389.858440][T23521] ? mnt_put_write_access_file+0xc1/0xf0 [ 1389.858469][T23521] blkdev_write_iter+0x56f/0xdf0 [ 1389.858501][T23521] vfs_write+0x6c4/0x1150 [ 1389.858528][T23521] ? __pfx_blkdev_write_iter+0x10/0x10 [ 1389.858557][T23521] ? __pfx_vfs_write+0x10/0x10 [ 1389.858581][T23521] ? find_held_lock+0x2b/0x80 [ 1389.858615][T23521] ksys_write+0x12a/0x250 [ 1389.858642][T23521] ? __pfx_ksys_write+0x10/0x10 [ 1389.858687][T23521] do_syscall_64+0xcd/0x490 [ 1389.858724][T23521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1389.858744][T23521] RIP: 0033:0x7f325618e929 [ 1389.858761][T23521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1389.858780][T23521] RSP: 002b:00007f32570ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1389.858799][T23521] RAX: ffffffffffffffda RBX: 00007f32563b5fa0 RCX: 00007f325618e929 [ 1389.858811][T23521] RDX: 0000000080000000 RSI: 0000200000000040 RDI: 0000000000000008 [ 1389.858823][T23521] RBP: 00007f3256210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1389.858834][T23521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1389.858845][T23521] R13: 0000000000000000 R14: 00007f32563b5fa0 R15: 00007ffcaceaf9a8 [ 1389.858867][T23521] [ 1393.642512][T23634] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 1393.642512][T23634] program syz.3.3596 not setting count and/or reply_len properly [ 1393.715798][T23634] ================================================================== [ 1393.715820][T23634] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0 [ 1393.715868][T23634] Write of size 8 at addr ffffc90003958000 by task syz.3.3596/23634 [ 1393.715903][T23634] [ 1393.715921][T23634] CPU: 1 UID: 0 PID: 23634 Comm: syz.3.3596 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1393.715969][T23634] Tainted: [U]=USER [ 1393.715981][T23634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1393.716001][T23634] Call Trace: [ 1393.716011][T23634] [ 1393.716024][T23634] dump_stack_lvl+0x116/0x1f0 [ 1393.716071][T23634] print_report+0xcd/0x680 [ 1393.716099][T23634] ? __virt_addr_valid+0x81/0x610 [ 1393.716136][T23634] ? sys_fillrect+0x15d4/0x17b0 [ 1393.716171][T23634] kasan_report+0xe0/0x110 [ 1393.716200][T23634] ? sys_fillrect+0x15d4/0x17b0 [ 1393.716240][T23634] sys_fillrect+0x15d4/0x17b0 [ 1393.716279][T23634] ? __pfx_sys_fillrect+0x10/0x10 [ 1393.716318][T23634] ? __pfx_bit_putcs+0x10/0x10 [ 1393.716345][T23634] ? bit_cursor+0xeca/0x17e0 [ 1393.716375][T23634] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 1393.716417][T23634] bit_clear+0x17d/0x220 [ 1393.716445][T23634] ? __pfx_bit_clear+0x10/0x10 [ 1393.716472][T23634] ? __pfx___might_resched+0x10/0x10 [ 1393.716506][T23634] ? fb_get_color_depth+0x120/0x250 [ 1393.716550][T23634] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1393.716600][T23634] ? __pfx_bit_clear+0x10/0x10 [ 1393.716626][T23634] __fbcon_clear+0x603/0x780 [ 1393.716675][T23634] fbcon_scroll+0x48b/0x690 [ 1393.716721][T23634] con_scroll+0x45f/0x690 [ 1393.716769][T23634] do_con_write+0x5560/0x8280 [ 1393.716808][T23634] ? __pfx_do_con_write+0x10/0x10 [ 1393.716844][T23634] con_write+0x23/0xb0 [ 1393.716871][T23634] n_tty_write+0x40f/0x1160 [ 1393.716925][T23634] ? __pfx_n_tty_write+0x10/0x10 [ 1393.716959][T23634] ? rcu_is_watching+0x12/0xc0 [ 1393.716993][T23634] ? __pfx_woken_wake_function+0x10/0x10 [ 1393.717026][T23634] ? kfree+0x24f/0x4d0 [ 1393.717062][T23634] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 1393.717114][T23634] ? __pfx_n_tty_write+0x10/0x10 [ 1393.717151][T23634] file_tty_write.constprop.0+0x501/0x9b0 [ 1393.717207][T23634] redirected_tty_write+0xd4/0x150 [ 1393.717256][T23634] vfs_write+0x6c4/0x1150 [ 1393.717299][T23634] ? __pfx_redirected_tty_write+0x10/0x10 [ 1393.717351][T23634] ? __pfx_vfs_write+0x10/0x10 [ 1393.717391][T23634] ? find_held_lock+0x2b/0x80 [ 1393.717441][T23634] ksys_write+0x12a/0x250 [ 1393.717483][T23634] ? __pfx_ksys_write+0x10/0x10 [ 1393.717525][T23634] ? syscall_user_dispatch+0x78/0x140 [ 1393.717582][T23634] do_syscall_64+0xcd/0x490 [ 1393.717630][T23634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.717659][T23634] RIP: 0033:0x7f6e7d58e929 [ 1393.717684][T23634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.717714][T23634] RSP: 002b:00007f6e7e423038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1393.717744][T23634] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1393.717766][T23634] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000005 [ 1393.717786][T23634] RBP: 00007f6e7d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1393.717806][T23634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1393.717824][T23634] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1393.717853][T23634] [ 1393.717864][T23634] [ 1393.717876][T23634] The buggy address belongs to the virtual mapping at [ 1393.717876][T23634] [ffffc90003950000, ffffc90003959000) created by: [ 1393.717876][T23634] kernel_clone+0xfc/0x960 [ 1393.717933][T23634] [ 1393.717942][T23634] Memory state around the buggy address: [ 1393.717959][T23634] ffffc90003957f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1393.717982][T23634] ffffc90003957f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1393.718004][T23634] >ffffc90003958000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1393.718021][T23634] ^ [ 1393.718036][T23634] ffffc90003958080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1393.718057][T23634] ffffc90003958100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1393.718073][T23634] ================================================================== [ 1393.718127][T23634] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1393.718152][T23634] CPU: 1 UID: 0 PID: 23634 Comm: syz.3.3596 Tainted: G U 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full) [ 1393.718200][T23634] Tainted: [U]=USER [ 1393.718212][T23634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1393.718229][T23634] Call Trace: [ 1393.718239][T23634] [ 1393.718252][T23634] dump_stack_lvl+0x3d/0x1f0 [ 1393.718294][T23634] panic+0x71c/0x800 [ 1393.718335][T23634] ? __pfx_panic+0x10/0x10 [ 1393.718380][T23634] ? preempt_schedule_thunk+0x16/0x30 [ 1393.718421][T23634] ? sys_fillrect+0x15d4/0x17b0 [ 1393.718456][T23634] ? preempt_schedule_common+0x44/0xc0 [ 1393.718501][T23634] ? sys_fillrect+0x15d4/0x17b0 [ 1393.718537][T23634] check_panic_on_warn+0xab/0xb0 [ 1393.718585][T23634] end_report+0x107/0x170 [ 1393.718613][T23634] kasan_report+0xee/0x110 [ 1393.718643][T23634] ? sys_fillrect+0x15d4/0x17b0 [ 1393.718682][T23634] sys_fillrect+0x15d4/0x17b0 [ 1393.718720][T23634] ? __pfx_sys_fillrect+0x10/0x10 [ 1393.718755][T23634] ? __pfx_bit_putcs+0x10/0x10 [ 1393.718782][T23634] ? bit_cursor+0xeca/0x17e0 [ 1393.718813][T23634] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 1393.718856][T23634] bit_clear+0x17d/0x220 [ 1393.718882][T23634] ? __pfx_bit_clear+0x10/0x10 [ 1393.718920][T23634] ? __pfx___might_resched+0x10/0x10 [ 1393.718955][T23634] ? fb_get_color_depth+0x120/0x250 [ 1393.718999][T23634] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1393.719050][T23634] ? __pfx_bit_clear+0x10/0x10 [ 1393.719077][T23634] __fbcon_clear+0x603/0x780 [ 1393.719129][T23634] fbcon_scroll+0x48b/0x690 [ 1393.719176][T23634] con_scroll+0x45f/0x690 [ 1393.719224][T23634] do_con_write+0x5560/0x8280 [ 1393.719264][T23634] ? __pfx_do_con_write+0x10/0x10 [ 1393.719302][T23634] con_write+0x23/0xb0 [ 1393.719329][T23634] n_tty_write+0x40f/0x1160 [ 1393.719372][T23634] ? __pfx_n_tty_write+0x10/0x10 [ 1393.719405][T23634] ? rcu_is_watching+0x12/0xc0 [ 1393.719439][T23634] ? __pfx_woken_wake_function+0x10/0x10 [ 1393.719472][T23634] ? kfree+0x24f/0x4d0 [ 1393.719508][T23634] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 1393.719560][T23634] ? __pfx_n_tty_write+0x10/0x10 [ 1393.719595][T23634] file_tty_write.constprop.0+0x501/0x9b0 [ 1393.719644][T23634] redirected_tty_write+0xd4/0x150 [ 1393.719689][T23634] vfs_write+0x6c4/0x1150 [ 1393.719730][T23634] ? __pfx_redirected_tty_write+0x10/0x10 [ 1393.719778][T23634] ? __pfx_vfs_write+0x10/0x10 [ 1393.719818][T23634] ? find_held_lock+0x2b/0x80 [ 1393.719858][T23634] ksys_write+0x12a/0x250 [ 1393.719907][T23634] ? __pfx_ksys_write+0x10/0x10 [ 1393.719947][T23634] ? syscall_user_dispatch+0x78/0x140 [ 1393.719999][T23634] do_syscall_64+0xcd/0x490 [ 1393.720045][T23634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.720078][T23634] RIP: 0033:0x7f6e7d58e929 [ 1393.720102][T23634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.720133][T23634] RSP: 002b:00007f6e7e423038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1393.720165][T23634] RAX: ffffffffffffffda RBX: 00007f6e7d7b5fa0 RCX: 00007f6e7d58e929 [ 1393.720187][T23634] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000005 [ 1393.720206][T23634] RBP: 00007f6e7d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1393.720226][T23634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1393.720246][T23634] R13: 0000000000000000 R14: 00007f6e7d7b5fa0 R15: 00007ffc911c6e98 [ 1393.720275][T23634] [ 1393.720541][T23634] Kernel Offset: disabled