last executing test programs: 4.437587622s ago: executing program 1 (id=631): pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) mmap$auto(0x0, 0x2020009, 0xfffffffffffffff8, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4, 0xe2, 0x9b72, 0x7, 0x28000) mmap$auto(0xfffffffffffffff7, 0x1fffffff, 0x40000, 0x401000000eb4, 0xffffffffffffffff, 0x800000000009) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0xc1}, 0x4000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x10) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) (fail_nth: 7) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) 3.947261099s ago: executing program 2 (id=632): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x3, 0x3a) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x567) 3.65131632s ago: executing program 2 (id=634): request_key$auto_KEY_SPEC_THREAD_KEYRING(&(0x7f0000000100)='nlctrl\x00', &(0x7f0000000140)='nlctrl\x00', &(0x7f0000000180)='nlctrl\xff', 0xffffffffffffffff) 3.551979548s ago: executing program 3 (id=635): openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/uprobe_events\x00', 0x400000, 0x0) request_key$auto_KEY_SPEC_THREAD_KEYRING(&(0x7f0000000100)='nlctrl\x00', &(0x7f0000000140)='nlctrl\x00', &(0x7f0000000180)='nlctrl\x00', 0xffffffffffffffff) 3.548481488s ago: executing program 2 (id=636): socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x4, 0xa, 0x48}) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0xffd8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) read$auto(0x3, 0x0, 0x80) clone$auto(0x0, 0x4, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c05, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) 3.50855892s ago: executing program 0 (id=637): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd6300fbdbdf250208000300000000000800010005000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) r0 = socket(0x29, 0x5, 0x0) sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x2, &(0x7f0000000100)={&(0x7f00000000c0), 0x34000}, 0x1, &(0x7f00000000c0), 0x3, 0xab}, 0x80670}, 0x3f800000, 0xd9) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/kcm\x00', 0x480, 0x0) read$auto(r1, &(0x7f0000000300)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xec4\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb0\x18\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk#_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1w\x1eP\xd0\xea\xab\x8f\xc7\a\xe6\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xdd\xbb\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3#\x00\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda', 0x805644) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) read$auto_lru_gen_rw_fops_vmscan(r2, &(0x7f00000000c0)=""/4096, 0x1000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70001cdcdf250200000008000308"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) socket(0x11, 0x80003, 0x300) r3 = openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) pread64$auto(r3, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008082}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000001140)="ea86afc6885656eb57d4bad910901446a7297f93936c92c9ede85f59ab5d1c74e002a571599d138b8e4eeab960cdeee534c9b7176e9193d675002ec4356b4eaa4f2f5a70ba57cbb8b60d67f2789e9ab488d8cf272e7c0b49f335aa5bf32837dcc13c6f7da640", 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) 3.422588052s ago: executing program 3 (id=638): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyb3\x00', 0x102, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fstatfs$auto(0x3, 0x0) ioctl$auto(0x3, 0x4020ae46, 0x38) socketpair$auto(0x9, 0x7, 0x8, &(0x7f0000000040)=0x8) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x40}, 0x2404c084) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x2, 0x3a) recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0) io_uring_setup$auto(0x52, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) 3.191224663s ago: executing program 3 (id=639): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x200, 0x0) r0 = socket(0x28, 0x80000, 0x400084) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x480, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x6a) connect$auto(0x3, 0x0, 0x54) socket(0xa, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(r1, 0xab09, r1) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) semctl$auto(0x8, 0x806, 0x13, 0x46) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x7, 0x3, 0x62, 0x8000001f, 0x40007, 0x6d3e, 0x9, 0x1, 0x8]}, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0xf7f, 0x6, 0x0, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0x1, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000540)={0x11cc, r4, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0xa7, 0x7, 0x0, 0x1, [@generic="10f96d8a10335a5d689b73f26a596134368fac77f5beec1d33e70e716fa5cff41b030c61142d2b7cba40dcc1758b18db23d7a4d8e3f2681cca79aa93dcff41c80f37b62fcfdd2b4865d84a7591e838080313561a8fbdbafe70bb6795dc741047e688531151b176fee5af752bc7bde6f29003bb9ec557651709ce7b9669e18f43c565d5350311148954ee8bc2636c32e9f667c1da9373c4cde5e37c", @typed={0x8, 0x23, 0x0, 0x0, @uid}]}, @NBD_ATTR_DEVICE_LIST={0x110d, 0x9, 0x0, 0x1, [@generic="27c3532d3db3fb011be00c2b3099f5dc9663369d971d5a24884c7cc0fc46ae16405713ff47a737841f9e7be5cc000b66c43a7e9aa23163b933d69df5331c4ce527608a2501ad31479fb3e6a508444273c8aec9915ca5192886bc9df7e10363ed9f74bb1500168cf0770c3cac2f7dd4dd755781def93a1dc908f2d02f36c16df23b75c2544718d5960d17048332cca1525b5eeff995f3adff3d04d3ffca21d311d86bafb08c15e30915aec6f43e8fa2e56e5689b38948355bfa8d1dbdb2dcfc7ba5c98f17c7f2540d9203e3d7e31d71a0fac4ad457f9c7ef24511829b2a98186cbbe25317ff23e18308c79825d9748bc605f012e2d59ad585de084557d8727f783f64d245cc82310220e1dd9da93baec3e0d33c0e158a3612b9f01f29ec6713bb489ff6ed66d3f9054072c1538d1e416d62dcc60feda6a5097e7b98b57f8a05fc9dfffedae5929e8b6266bcd998a2908035ca40f90d282ae71803b175caae73732a69538bb2184428d4d7f10b3be5ea650f574e586a7f5800c5c4bbd3abe1ad3c44830e7964557f532edcc38517f265c2b8874f94f28923ed7ff3349428387db174596c932a01537835e0d7237cb379f711fe06bfaafaa0f43c700c2e8fb2820c3fd08bc04235bf2b1ae6aa50a4c04e6c2175beab1ad354683bbe7f9e17c0dfe72b13a0d11c237461e4ad2d4d15d42bf56cfcaa624eb552b160340ffdfd24e91caf3df916f62bb564439807b61240085ced50abb9cd1f9482b496dfc24d1e677580c6c5cd12d029fc691f0828f868fd7c9cd7e3bc523c08fc1755fc164218e0a5d994c6bc76af81397c43487e98fbdc568657b0de9ffef8c15dc3b362ec6688b84488f77ead092945c7242ee10fbf8a09d76006eaa90d3ccc755097ee51eafc2abc23579500a203779f40aa87d3b7477277c21db1aac80eb32acbd1f6a263d88d2243ad504124d1c2a066983cd96bac46603deac9384329d934d3d7b927e0a0196ccd1307d636ea1700791c3cac6490f764c0af84fb60ffc71dea16e11112b28ae2e4c905c3f06961803f41b26ab8123a451a0d35c4ca22b265b8adf76fe8e604601bad377731bf685f27284e8d9f09587338f1825e2b87aff16056b9920fbbad257c6873ab222c2786976ec3e0bebe623a2e0c446990c36e0eecba32c110d4b95fefeee2df34bf11c3af7bd68bcedee595ec769c574c356041c29a21f117741cba589d7c60d10118a33a615c9d9b29688b81970d08e41be336e74e1a48227bd3a8ce4e6dbea2127d3f37a4250d93575e078332453ca6ab82f238f62912d9b3e571759d024449547119e7a56a9832e40e57633dbb796b0beac551db62eb4cdfd7afb3c99de27d6cfdb126de139f1146af70ba267e862e37b0dcbb4cc71d5aa0d47b723a14da7ab42ea4e0702dd477d46b123178bc8fe6dde955b4d36aeae86a8693b2ae3836184258933ddc2aabe9e0f70266db57311725fcd86c56b8010fac4929fef934b81e56a2969cb1fa79e17cdd23e4278346ff8b68e505368583bfa5ea76dbff2968def1a81c3b39cf07ec0640b609523c9832e52046d3ad78fa75ea8d238e026dc80cb078f94878ad61f974616d66126b9cf454b6af82fdae7b0511aa2f514ea9de31e185023e104682469f17aa8c8aa1a9c79f2ad33c4de73eed3831f3cd3fa9f4bedf28c53bb68e25ef2f3a3d22533d013c0bb135cc4991d020eb28974fe1eac4a2b1d30ef433eb227655b737b69e73aa1f4ae24e49152ffd9c3c02d2c85026218aa6d7f18643207f65cc18979824e4dce82ddef975d71291ad05f7aebf82bae061a97d4fedf1add6962fcac47e7be77c60f2772c6af7040a4b024cc4166eb28d1c2f2676f5a8021c9107100ad882f494b7e6748cac7ec30c2c6b5ec1ede9eb73b0610ca727b8a13e95faeb048310c4f38b915761c933a9b8edf1665c6341c96e579a45486f213a1804cd5ec6141061984fbca2d84f020bbc1da79aded6d9bd8dc91cda4e1d46dd6d39674bd83c96b839a1a0ef71bc71d1575700fe07986e6ad669d863da4e13d8b51cd3cd1e696a96f6291e21ea605da7a69a0bea93da9fb40e0355aeec9629e72dfa8977a92e5ceacfe086e8ba5d0f7c0d9e49fe8586245c16bd9c8919f26e22c255fa4386050d8dcccc0d990fe7b055f9324b3e8d349b682e305a47c59fe06f4575bb5c5aeb7bfb25ec4b6ecf2b50dcf9b56ede7e8d1c5e64e85ea49e0b7d971650fb7307eb95f4e1c5cc0be2c2bdc65cbd65828344ec5c6e48e58a55fcda523be0977d9039a979d2509ab7c17b92a28aa91c8e9eb2bb47dd36e424953df3de9299e5f4cd37ba72e1945373b29e272349c54ef75cc049c87feff1533f8a497bec39fbca7e055920bd193101e084a3c99d1324de26d865ff962a4abc2bab8c79be5d98b60859d5069cbc8a1f3687c70d4da0aaf75b21d732a3a7a1176a630dbea01afb7951a5453ba962b90531e945a4ec3ea4b9c8f8d73b1cb1658826caa391c3adb5f38a0f27cd24b5e870c666daac0ffa87ee11c5af014bacf5d2d4c575d545296d8860e1729da539e28f130f31b090309e53ac3cd6409ed7bf5a63031672524e6ca6951d00c77daecbacedb33b7b335253ce3c5711b67f879cbd9225e33c2c29d5fd1ba729c9459b27df002c0f6c0040d8453c13f38ada7bceeaa4b3286839b973e00d1a9938a8d0ae118f8c42fd2a95e5aa0a3bea488f10baca685aa044b451d658cfdfb4de8065637effbd4d55a75798bcb768f1cdd11f26d8299825e15f98fe2961379d598b2881ab855f544567afc3f4194923435e3601d28e58c2e0121bfe710c6c826f825f497a666c6fcadc47b4da4f2a63d304c53c072377c7b2de548a7df55fb011dcbca0d745989bfbe9c3acbd8cf979fe37fc18c3bfd93e8fc9e3c8a5577b5ca52b6acddf32326d1c6f50130062009580a0fae7ce263df65eaa1aa848810926a52024bf7ab7727f24109b4cf12cb97a16841a37e49f5cd5fed02e96d9d349e5de828c20aba4427bdd6f77676332b71057fa9fe3ed7ee09c54e2bb9d3231b80f197726ea9e15f48f221ea797f26e2978fe2007744c1c0c24584e2509ec959f30cb0e5b1c9c8d2521fd021ad45a9cbc3b222766f0b97bda1088363ed529f661e1c31d6bd6e754bc3baf8a7c279cdb1d7f7b90704d16e9783de7de4ca4912cd4bc04d7b2a9b470b67b0ca660125b315535025f74b28904afe75c03d71233e0a94b20ed35c71c8cc64164c60232b0555b5e473b2678cc82d1125a59817ab417610016bac11b4f4a87e68c3074da23c72faeff4ccc81374340f00d376bca65a5a83c3ee35aff18b76be1e39c4fd371405944425786ace6445b0443d1c68fd70154869ecc6d8afd4a7909e5f9571ca89f834b318a775ff5711a18c006dcffc844a455b591dc2ef7fcaf912c85800f496e07f8aef136804da12c67e2718b4d2d0f6ef0f5acebb36100578757aaa2f34544a755af52aa19aec170614d27d817ef02c58681be4e46f0e58a4610c80e84123ceaecbc3fec557b9a7d247469fe5c34b77555284b3e81dca32b76687cc3f7aecc161d4b14917c120e10fa305d7cb8e23ae633b568c3f2b24651058eb49c94c99bd1761c40130ef0b5b1a8a0fdc52b94e8f3b5ea70bdd2fd2bd717790a1c7593fe3aa45e4dbc93aaa70d67f9a82fe6e6904a9f305e9646e8a3b30acd55eb451a8f097b40031f6223907e1ebf3826ccc9d0f16a20fef75df17fe056ed067d841bd07b52bd9ae4304ad68909d3c9c1fd7424fb29769b58579227de3688111add62c9d924f6af78aa5534f30e3b462dc8905295ad18d3b0b038bf2150787ebd7c7ae68985750fe3d053bed5555886417bc78e2985d83c7356bef13d4dd1c48f3b49a7121d8020a23cc4d181df28cc6541b6ca4c0463e22a8a6b702aa0431c00f1ca5d2f73762fbf8b9de9c783c58d86b08c4efce12ba7312e09372f0efd4a31d6559e76085a1c597c6d8d57da3ccd89c58b2b7c95948817fa63acf061321c246207b1686e455abdd4bb7669bff5c6aeaea168ba3e7c11f770036023190d5aba8a173bc54dfea411204b988b0f0ea5671e25c3db296976ca3ceee9d1e3e5c16bd722242f38a64776c4e0c3913aaf6f80329b7cd0910c7fb6347bd1bd163a47a3e5c4a3d2fa76431d909bd218ec6df3db7f830b05180750af9162c115d7aa8b1a9e09e996d8049f8097f593c464223f0d957ece6d2751e39ae11accc8bb4eb0a2e91b4ada5b10509b68c7d809fd54adc45880eefcc7ae5c4f99387462ae65a9dbafb0bec2faf59962772c98d80c11ce6a2d01394e242062e3218bf5701f2e6781cbf533a4ac34d6c0dff07a997c35d56221d81a24f7c7a8624962f8d467a24b529b02751738d480dd9295e1d165ca317958197d0790ba84db9978e7edd13cb9bd5c7ab78505530e8d097f145a53768a129cc4fd6f7bb5c197c4669c9e19c3aa3a31baf739f86a7c85bbf2a09172e0aaecffc015d919a9641a74efb7db0a44cce41430d5212fdec91260dc8839b7be692e8a750f4202590d8a05344edde6415939f50f8c87461b27b2d322e0e0d40fd157e36ffa54b7d6fcfc7216d5eab16ba0c32965f9212bc23613e5b8a4d69b840fad170e167450f668a82e90a60f920f6e8b26215913f2772707a5cd2c839ef492726b01456cdbcda64a9a374de9508bcf4be5148abec434033236e0614ac9a56fe348591eb97de8a72c7fd12dc76b41c411acc8eb38a4186ae4271ae3d7fc33088d08654e7a7a1aff0b4902bf811482cb2244b648f07ec079107982406ab25ec26a4aab7699b1ad843c9741af23589ea861683b3b06c9970e3d0551bd77dae74c70c55c368ccd808177e968e201c48f050cf3b128841f736638d6ea5977d0d1f27a867dea139e40d63915c1ffa1471179f445c53a5c40a76b2dd59dbf5eec8ba8785fb9eab6f0bde664a1bcf3c4c5957aa979089e33faff4dc0dd35a7109a20ebd25fa5368b2eaa796a8fb676ba10e327f572bae011ea9413f84401a8927d86eaee0e3126721a4227b96966e2032e290f317b55981d717a4d3d3f2efbb10b909864c9b481b210a7cfe54d03a81c99794859fe933379c9ce8410f457db2b1b19051c919ac5b2e60168031d9c7c923ca60fb83dc628496f147d7637e1dacc92e2ecf9237d046d10e0a39b9b6ef35f9919e08d5f7e5023cd876e642c11db2c582d00c939826032ce72f9589ffd2525192639e8723b736f614e5e140ccb3947ccf5085d2571b9b93ea44e00b1bdd82ab38a8e4ff53e02f067accedfb82a1c5318d12415b94335b512023e2f93723bd92197c5d93256f2e3206c43a256414e66a56f8279698fe2b7dc5e19c2b09511b2546705000234c7656af7bcda4617f02d787a11b26a81fde36bf71e192c92de8ed3d7bfe0fd9ab86d8e42f5fadb4a46b613ff80f2a176aa4ff46d77bf541519ad1cab54c1cac3d5ac7546bbb49ef1d943a1a9265f67150784703276b2a09a676d3a8aa42c3eeaadb72a0d080dd04a1f1b86cf187bb982320417165f18ae84ca2b57612ed10dae3cc9a11413d97bfdb9bd0509fd28e67e37cd0b75b4ed355ad9466d1d3eac9225ba054a3857207283d4225822b3414ec0b5ee8a6059a716cb4c4ec997184c146d613779b8b4c883f1288a8975f5d9fb6cd8b49debe96621674d74f2c0328c51f44afe4d2040438051e916c06e078b3669e3c063a2e32c0a384213f5aa7b762b9213012b4397efad0a0ce18347e28b7ded4865a54030d29b46b9373ef26e5778a4", @typed={0x8, 0xa1, 0x0, 0x0, @ipv4=@multicast2}, @generic="a82a74a696b7cf0e0b4c8da9fafa3fa9a54f422e54f5fc25b3cd087db367004f0357efb14a6b14ace926c89e991a4826f118842bbab4492ce4f32578b25d655dc8fa51c67173b34e4d44950194d151a0a3", @nested={0x10, 0x81, 0x0, 0x1, [@nested={0x4, 0x13f}, @typed={0x8, 0xc6, 0x0, 0x0, @uid}]}, @generic="1c91c9b77151c967ec6416c8cf26f03ba53a7c9862a56769cdbb44924aa6214a1d0f491bc50a5942c73ad50fbe3561eb9244a2347b9bfbda41514a2c8c913bef591be5aca711810e870a50088681696b8ceb594c2e14f89b21361a182a5ef64632a59dde22ca9b58b1e9f6e832c2fd5f866e30950bfa2be6663e1a938117d28ff3adf956b7680e2a54443e5ef17d0bd29f5e9ebffd5fb1870372cac5b6eef6bf"]}]}, 0x11cc}, 0x1, 0x0, 0x0, 0x4000004}, 0x8880) getsockopt$auto(r0, 0x84, 0x6d, 0x0, &(0x7f00000002c0)=0x8) 2.734691272s ago: executing program 2 (id=640): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = socket(0x11, 0x80003, 0xb6c0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = prctl$auto(0x26e2, 0x1, 0x0, 0x1, 0x3) mmap$auto(0x5, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0xfffffffffffffffc, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0x8000000000000001, 0x9b72, r0, 0x9) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x3) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, r1, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x2c0, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x7, 0xffff8dc7) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 2.73087859s ago: executing program 0 (id=641): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) timer_settime$auto(0x0, 0x801, &(0x7f0000000000)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x7fff}, 0xa, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r2 = socket(0x1e, 0x6, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3b, 0x1, 0x0, 0x1, 0xffffffffffffffff) write$auto(r3, &(0x7f0000000280)='/EevN\xc9\xbd\vio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xad1\xa1\xbb\nd\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x05\x00\x00\x00\x00\x00\x00\x00K\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\xa3\xcf\xc55\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBlI\xe2\x17\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00\x00\x00\x00\bU\xca\\\xc1\xb7\xf1\n\xb9\xc49a6\x80\xc9\xbfk\x1e\xdb\xed\x81{8&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x19e\x95$\x9d\x804W\xfa\x86?\x15\xdaQ\fM?\xc2\x99!\xbb\x87=\x1d)\xbc\x15\xde\xd9\xbf\xd7\xef2\xbe\x12B(\xd9\x87\x1d_[\x7f\x92(\x7fm\x80\xba=\x86t\x1d\x87\xc8JF\xbf\r\xee\xd1\x85\xdb1\x9c\xffiUXL\xb3Ba\x9dy\xe4\xf0\n\x95\xb2\xa40\\Cqi\xba<\x17\x18\xe2\r\xf9Sn\xa6\x83a \x00\x00\x00\x00\x00\x00\x00\x00\xb8\xae\x1d\xff\vq\x15\xa8\x98\xbaa\xae\xad\x1d$\xd4\x81\xbd\xd3\xe4\x96\x89l\xfb\xe1\x16\xe6\xa2&4w\x19[\x84\xc4\x19\x1c0+y\xdd\xef\x995\x87U\x0f\x98l\f\xe0\x96\xc1\xc0\xaab\x16\x96\xe0\x12[\xaa\xef\x9e\xafh\x15\xba\xea\xfaAIGl\xab\xca\x0f\tc\x94\xf2(H\xa2\x11', 0xfffffffffbffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(r2, 0x0, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r4 = socket(0x10, 0x1, 0x101) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r4, &(0x7f0000000000)='-\x00', 0x2fb) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x24, 0x0, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0xa02}]}, 0x24}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) sendmsg$auto_NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000426bd7000fedbdf4c25320000000500920006000076eb6c097a0ea5f42b52c7bbac608fa78c31bdd8205c4e8a7de22b994fec9c73702114d866198e5b02c4ce74ace77e3e365b38eb31d3d20787aa45adf7dd1ca86b7cb277a33fa10039be01a0c71affdf473761a6815c5a2bbe39437e5a1c241ab90f2ecc8be5f4564ac634eafc9e140c582f8fa75efb1d62770cdbea33ded8a6b924ac5cd300fbce12cf42b75100e4269d72c283d4bc"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20080000) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) 2.55496694s ago: executing program 1 (id=642): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000fbdbdf250200006714000180100001"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040004) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, 0x0, 0x80) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r4 = epoll_create$auto(0x5a5d) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) ioctl$auto_BINDER_FREEZE(r5, 0x400c620e, 0x0) poll$auto(&(0x7f0000000040)={r4, 0x0, 0xa}, 0x5, 0x108) fcntl$auto_F_SETPIPE_SZ(r6, 0x407, 0x1fffc000000) epoll_ctl$auto(r4, 0x1, r3, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0x10, 0x2, 0xf) close_range$auto(0x0, 0xffffeffe, 0x2) socket(0xa, 0x3, 0xff) pipe$auto(0x0) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r7, 0xffffffff}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x40000, 0x4, 0x5, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_btf_obj_fd=r0, 0x7e, 0x4, 0x2000000000001, 0x5, 0x1000003, r2}, 0x5) 1.990956999s ago: executing program 1 (id=643): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = socket(0x3, 0x3, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0xfffffffffffffa55, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000009, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x28800, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sg0\x00', 0x40201, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x400, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/dvb_usb_gl861/parameters/adapter_nr\x00', 0x101800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000002c0)=""/168, 0x60) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) mmap$auto(0xfffffffffffffff9, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC0\x00', 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) close_range$auto(0x2, 0xa, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), r0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/module/nvme/parameters/write_queues\x00', 0x8502, 0x0) write$auto(r4, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/vhci_hcd.12/usb34/34-0:1.0/usb34-port8/power/autosuspend_delay_ms\x00', 0x34dd00, 0x0) sendfile$auto(r5, r3, 0x0, 0x1000202) close_range$auto(0x2, 0x8, 0x0) 1.952613115s ago: executing program 3 (id=644): io_uring_setup$auto(0x59, &(0x7f0000000080)={0xe47, 0xd, 0x10400, 0x6, 0x4, 0x80000002, 0xffffffffffffffff, [], {0x7, 0x6, 0x8c48, 0x2a3, 0x100, 0x7ffffffb, 0x100101, 0x6, 0x3}, {0xf8, 0x1, 0x1, 0x1, 0x3, 0x40, 0x76c5, 0x8, 0x100000000}}) (async) io_uring_setup$auto(0x59, &(0x7f0000000080)={0xe47, 0xd, 0x10400, 0x6, 0x4, 0x80000002, 0xffffffffffffffff, [], {0x7, 0x6, 0x8c48, 0x2a3, 0x100, 0x7ffffffb, 0x100101, 0x6, 0x3}, {0xf8, 0x1, 0x1, 0x1, 0x3, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x4, 0x3, 0xb, 0x0) io_uring_enter$auto(0x3, 0x4, 0xffffffff, 0x6, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x7) (async) renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x7) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x2, r1) (async) ioctl$auto(0x3, 0x2, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x4b564d03, 0x400, 0x9}]}) mlock$auto(0x3, 0x1) 1.662731774s ago: executing program 0 (id=645): r0 = getpid() pidfd_open$auto(r0, 0x0) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000240)={{0xa, 0xffffffffffffffff, 0xee00, 0x2, 0x8, 0x8}, 0x9, 0x4, 0x9, 0x4, @inferred=0xffffffffffffffff, @inferred=r0, 0x3, 0x0, 0x0, 0x0}) r2 = openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy6/hwsim/rx_rssi\x00', 0x200, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a00040011000800", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xff}, 0x7}, 0x3, 0x0) wait4$auto(r1, &(0x7f0000000100)=0xaa, 0x3, &(0x7f0000000400)={{0xfffffffffffffff9, 0x7463}, {0x114d, 0x6}, 0x9, 0x400, 0x2, 0x0, 0x77, 0x5, 0x3, 0x6, 0x1, 0x3, 0x2, 0x96e, 0xc0, 0xf3}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0) ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x0) ioctl$auto_VHOST_SET_VRING_CALL(r5, 0x4008af21, &(0x7f0000002600)) bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@iter_create={r2, 0xd06d}, 0x4) 1.361952639s ago: executing program 3 (id=646): socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x4, 0xa, 0x48}) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0xffd8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) read$auto(0x3, 0x0, 0x80) clone$auto(0x0, 0x4, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c05, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) 1.360024836s ago: executing program 0 (id=647): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyb3\x00', 0x102, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fstatfs$auto(0x3, 0x0) ioctl$auto(0x3, 0x4020ae46, 0x38) socketpair$auto(0x9, 0x7, 0x8, &(0x7f0000000040)=0x8) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x40}, 0x2404c084) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x2, 0x3a) recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0) io_uring_setup$auto(0x52, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) 1.230352361s ago: executing program 2 (id=648): socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x2, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pipe2$auto(0x0, 0x80) ioctl$auto(0x1, 0x5760, 0x100000101) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x5, 0x20009, 0x2000004000df, 0xeb1, 0x401, 0x7) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1) shutdown$auto(0x200000003, 0x2) read$auto(0x3, 0x0, 0x80) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) getsockopt$auto(0x100000006, 0x0, 0x50, 0x0, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, 0x0, 0x4044820) 1.134755239s ago: executing program 0 (id=649): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd6300fbdbdf250208000300000000000800010005000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) r0 = socket(0x29, 0x5, 0x0) sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x2, &(0x7f0000000100)={&(0x7f00000000c0), 0x34000}, 0x1, &(0x7f00000000c0), 0x3, 0xab}, 0x80670}, 0x3f800000, 0xd9) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/kcm\x00', 0x480, 0x0) read$auto(r1, &(0x7f0000000300)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xec4\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb0\x18\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk#_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1w\x1eP\xd0\xea\xab\x8f\xc7\a\xe6\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xdd\xbb\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3#\x00\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda', 0x805644) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) read$auto_lru_gen_rw_fops_vmscan(r2, &(0x7f00000000c0)=""/4096, 0x1000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70001cdcdf250200000008000308"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) socket(0x11, 0x80003, 0x300) r3 = openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) pread64$auto(r3, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008082}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000001140)="ea86afc6885656eb57d4bad910901446a7297f93936c92c9ede85f59ab5d1c74e002a571599d138b8e4eeab960cdeee534c9b7176e9193d675002ec4356b4eaa4f2f5a70ba57cbb8b60d67f2789e9ab488d8cf272e7c0b49f335aa5bf32837dcc13c6f7da640", 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) 753.430132ms ago: executing program 3 (id=650): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r0) r2 = openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/bdi/1:11/stats\x00', 0x800, 0x0) preadv$auto(r2, &(0x7f00000002c0)={&(0x7f0000000240)="eb4748a3f6c772da2d2cba54ad70cff84e271fb2dda8096a98d88f74da890502d93e026a02d81460461f153576f05dc5f2466d6cc1ff90c00535011dee2b159e9accd31758fea95db57285f3fec1c1cd0222da18", 0x7cb6}, 0x5, 0x7, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'dummy0\x00', 0x0}) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/syscall\x00', 0x80002, 0x0) read$auto_proc_single_file_operations_base(r4, &(0x7f0000000040)=""/228, 0xe4) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24004840}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x7, 0x3, 0x100001003, 0x0, 0x6, 0x461) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz9\x00', 0x800, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) open(0x0, 0x14d443, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r6, 0xc10c5541, r5) close_range$auto(0x2, 0x8, 0x0) 737.19013ms ago: executing program 1 (id=651): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000fbdbdf250200006714000180100001"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040004) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, 0x0, 0x80) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r4 = epoll_create$auto(0x5a5d) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) ioctl$auto_BINDER_FREEZE(r5, 0x400c620e, 0x0) poll$auto(&(0x7f0000000040)={r4, 0x0, 0xa}, 0x5, 0x108) fcntl$auto_F_SETPIPE_SZ(r6, 0x407, 0x1fffc000000) epoll_ctl$auto(r4, 0x1, r3, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0x10, 0x2, 0xf) close_range$auto(0x0, 0xffffeffe, 0x2) socket(0xa, 0x3, 0xff) pipe$auto(0x0) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r7, 0xffffffff}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x40000, 0x4, 0x5, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_btf_obj_fd=r0, 0x7e, 0x4, 0x2000000000001, 0x5, 0x1000003, r2}, 0x5) 460.875638ms ago: executing program 2 (id=652): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0xfffffffffffffffc, 0x4020009, 0x3, 0x8000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, r2, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendfile$auto(r1, r1, &(0x7f0000000340)=0x7, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r8, 0x0, 0x594c, 0x9fffffffd) sendmsg$auto_OVS_FLOW_CMD_GET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010029bd700002dcdf25030000000400087918000180140010800c"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendmmsg$auto(r7, &(0x7f00000000c0)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x3, 0xa505}, 0x7ff}, 0x7, 0x4008) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) ioctl$auto_SG_GET_TRANSFORM(r5, 0x2205, &(0x7f0000000240)="bd20ef940bae403060348abecb701bcc7c5c8d4a41f39e3d24b85ed4f75b9b9ad120963a581258cb5b8fb0b26939f3881260b2468f81b428f949") openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r5, 0x80045010, &(0x7f0000000280)="7acca5c32b31b18d8888f8bb3c5ff5a718ebe172e690dbcbd1f9149c6bc53030efcf2a9c93c7a88c7dd1c5b612180b3dcada0bd2b16f9315ac254b541b2b6f893067de452f20e9d5437b5708022a4bd6b1ccf77916e13b338dd6ab6e46bb86d9307259341c28c37e0c18b7b72cd2de3ea88446f52cb59ba0d2e476614e0f762d84c6c09d64624d") syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001a80)={'wg2\x00'}) 442.998648ms ago: executing program 1 (id=653): r0 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) r1 = timerfd_create$auto_CLOCK_TAI(0xb, 0xab1) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="954d57237fbecacc3e235411c29ca273d7a6", @ANYRES16=r0, @ANYBLOB="200027bd7000fedbdf2501000000050012007e00000006000200393c000005001400430000000c001e8008001900", @ANYRES32=r1, @ANYBLOB="050014000500000008000900020000000600010001010000"], 0x50}, 0x1, 0x0, 0x0, 0x20040845}, 0x24004090) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) (async) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r3, 0x65, 0x3, 0xffffffffffffffff, 0x0) (async) getsockopt$auto(r3, 0x65, 0x3, 0xffffffffffffffff, 0x0) 174.970291ms ago: executing program 1 (id=654): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x0, 0x2, 0x1000, 0x300) 0s ago: executing program 0 (id=655): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) io_uring_setup$auto(0x0, &(0x7f0000000140)={0x4, 0x2, 0x6, 0x6, 0x5, 0xef, 0xffffffffffffffff, [0x3, 0x10000, 0x101], {0x7ff, 0x3, 0xc, 0x6, 0x0, 0x0, 0xfc2, 0x6}, {0x7, 0x5, 0x6, 0x8b83, 0xc, 0x8000, 0x9, 0xc4e, 0x7}}) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r1, 0x1269, 0x0) (fail_nth: 9) syz_clone(0x20000200, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): a63616329 : "" [ 91.895536][ T5979] mtd: partition "" is out of reach -- disabled [ 91.936476][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 91.939061][ T5861] Bluetooth: hci1: command tx timeout [ 91.950613][ T5858] Bluetooth: hci3: command tx timeout [ 91.956198][ T51] Bluetooth: hci2: command tx timeout [ 92.254164][ T5979] ftl_cs: FTL header not found. [ 92.563815][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.118746][ T5986] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 95.287809][ T30] audit: type=1804 audit(1843104522.520:2): pid=6020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.16" name="/newroot/4/file0" dev="tmpfs" ino=41 res=1 errno=0 [ 95.303733][ T30] audit: type=1804 audit(1843104522.550:3): pid=6020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.16" name="/newroot/4/file0" dev="tmpfs" ino=41 res=1 errno=0 [ 96.009626][ T6027] FAULT_INJECTION: forcing a failure. [ 96.009626][ T6027] name failslab, interval 1, probability 0, space 0, times 0 [ 96.118958][ T6027] CPU: 0 UID: 0 PID: 6027 Comm: syz.3.18 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 96.119011][ T6027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 96.119027][ T6027] Call Trace: [ 96.119036][ T6027] [ 96.119050][ T6027] dump_stack_lvl+0x16c/0x1f0 [ 96.119103][ T6027] should_fail_ex+0x512/0x640 [ 96.119140][ T6027] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 96.119182][ T6027] should_failslab+0xc2/0x120 [ 96.119213][ T6027] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 96.119253][ T6027] ? ptlock_alloc+0x1f/0x70 [ 96.119293][ T6027] ptlock_alloc+0x1f/0x70 [ 96.119328][ T6027] pte_alloc_one+0x82/0x3a0 [ 96.119363][ T6027] __pte_alloc+0x6d/0x3c0 [ 96.119396][ T6027] ? __pfx___pte_alloc+0x10/0x10 [ 96.119421][ T6027] ? __pfx___might_resched+0x10/0x10 [ 96.119451][ T6027] ? copy_page_range+0x13f0/0x5740 [ 96.119491][ T6027] copy_page_range+0x1aed/0x5740 [ 96.119545][ T6027] ? __lock_acquire+0x622/0x1c90 [ 96.119610][ T6027] ? __pfx_copy_page_range+0x10/0x10 [ 96.119653][ T6027] ? __pfx___might_resched+0x10/0x10 [ 96.119681][ T6027] ? __vma_enter_locked+0x163/0x3f0 [ 96.119726][ T6027] ? dup_mmap+0xe38/0x21d0 [ 96.119755][ T6027] ? down_write+0x14d/0x200 [ 96.119789][ T6027] ? up_write+0x1b2/0x520 [ 96.119830][ T6027] dup_mmap+0xe88/0x21d0 [ 96.119876][ T6027] ? __pfx_dup_mmap+0x10/0x10 [ 96.119933][ T6027] copy_process+0x4081/0x7650 [ 96.119965][ T6027] ? preempt_schedule_thunk+0x16/0x30 [ 96.120018][ T6027] ? __pfx_copy_process+0x10/0x10 [ 96.120049][ T6027] ? find_held_lock+0x2b/0x80 [ 96.120087][ T6027] ? wake_up_q+0xb0/0x160 [ 96.120110][ T6027] ? do_raw_spin_unlock+0x172/0x230 [ 96.120141][ T6027] kernel_clone+0xfc/0x960 [ 96.120174][ T6027] ? __pfx_futex_wake+0x10/0x10 [ 96.120211][ T6027] ? __pfx_kernel_clone+0x10/0x10 [ 96.120266][ T6027] ? 0xffffffff81000000 [ 96.120292][ T6027] __do_sys_clone+0xce/0x120 [ 96.120325][ T6027] ? __pfx___do_sys_clone+0x10/0x10 [ 96.120357][ T6027] ? __pfx_aa_get_newest_label+0x10/0x10 [ 96.120387][ T6027] ? 0xffffffff81000000 [ 96.120420][ T6027] ? xfd_validate_state+0x61/0x180 [ 96.120453][ T6027] ? bpf_lsm_capable+0x9/0x10 [ 96.120497][ T6027] do_syscall_64+0xcd/0x490 [ 96.120538][ T6027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.120564][ T6027] RIP: 0033:0x7fef56d8e929 [ 96.120585][ T6027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.120608][ T6027] RSP: 002b:00007fef57b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 96.120633][ T6027] RAX: ffffffffffffffda RBX: 00007fef56fb6160 RCX: 00007fef56d8e929 [ 96.120651][ T6027] RDX: 9999999999999999 RSI: 0000000000000004 RDI: 0000000000000000 [ 96.120667][ T6027] RBP: 00007fef56e10ca1 R08: 0000000000000009 R09: 0000000000000000 [ 96.120683][ T6027] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.120699][ T6027] R13: 0000000000000000 R14: 00007fef56fb6160 R15: 00007ffdfc971b38 [ 96.120723][ T6027] ? 0xffffffff81000000 [ 96.120765][ T6027] [ 96.455131][ C0] vkms_vblank_simulate: vblank timer overrun [ 100.162734][ T6085] FAULT_INJECTION: forcing a failure. [ 100.162734][ T6085] name failslab, interval 1, probability 0, space 0, times 0 [ 100.211154][ T6085] CPU: 1 UID: 0 PID: 6085 Comm: syz.0.31 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 100.211192][ T6085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 100.211208][ T6085] Call Trace: [ 100.211217][ T6085] [ 100.211228][ T6085] dump_stack_lvl+0x16c/0x1f0 [ 100.211272][ T6085] should_fail_ex+0x512/0x640 [ 100.211308][ T6085] ? __kmalloc_noprof+0xbf/0x510 [ 100.211348][ T6085] ? acpi_ns_get_normalized_pathname+0x75/0xd0 [ 100.211376][ T6085] should_failslab+0xc2/0x120 [ 100.211402][ T6085] __kmalloc_noprof+0xd2/0x510 [ 100.211448][ T6085] acpi_ns_get_normalized_pathname+0x75/0xd0 [ 100.211479][ T6085] acpi_ns_evaluate+0x1e1/0xca0 [ 100.211503][ T6085] ? kasan_save_track+0x14/0x30 [ 100.211543][ T6085] acpi_evaluate_object+0x1fa/0xa90 [ 100.211583][ T6085] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.211611][ T6085] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 100.211651][ T6085] ? __mutex_trylock_common+0xe9/0x250 [ 100.211702][ T6085] acpi_evaluate_integer+0xdd/0x200 [ 100.211736][ T6085] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 100.211787][ T6085] ? __pfx_status_show+0x10/0x10 [ 100.211824][ T6085] status_show+0xa0/0x120 [ 100.211860][ T6085] ? __pfx_status_show+0x10/0x10 [ 100.211907][ T6085] dev_attr_show+0x56/0xe0 [ 100.211936][ T6085] ? __pfx_dev_attr_show+0x10/0x10 [ 100.211959][ T6085] sysfs_kf_seq_show+0x213/0x3e0 [ 100.212000][ T6085] seq_read_iter+0x506/0x12c0 [ 100.212048][ T6085] kernfs_fop_read_iter+0x40f/0x5a0 [ 100.212076][ T6085] ? rw_verify_area+0xcf/0x680 [ 100.212113][ T6085] vfs_read+0x8bf/0xc60 [ 100.212152][ T6085] ? __pfx___mutex_lock+0x10/0x10 [ 100.212193][ T6085] ? __pfx_vfs_read+0x10/0x10 [ 100.212252][ T6085] ksys_read+0x12a/0x250 [ 100.212283][ T6085] ? __pfx_ksys_read+0x10/0x10 [ 100.212329][ T6085] do_syscall_64+0xcd/0x490 [ 100.212369][ T6085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.212395][ T6085] RIP: 0033:0x7f053458e929 [ 100.212416][ T6085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.212439][ T6085] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 100.212463][ T6085] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 100.212481][ T6085] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 100.212497][ T6085] RBP: 00007f0534610ca1 R08: 0000000000000000 R09: 0000000000000000 [ 100.212513][ T6085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 100.212528][ T6085] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 100.212565][ T6085] [ 100.223187][ T6085] ACPI Error: Could not allocate 15 bytes (20250404/nsnames-308) [ 101.197162][ T6097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.34'. [ 101.274653][ T6100] binder: 6095:6100 ioctl 400c620e 0 returned -22 [ 104.711065][ T6154] netlink: 4 bytes leftover after parsing attributes in process `syz.2.52'. [ 104.753856][ T6154] binder: 6153:6154 ioctl 400c620e 0 returned -22 [ 105.229284][ T6160] vivid-003: ================= START STATUS ================= [ 105.250530][ T6160] vivid-003: Radio HW Seek Mode: Bounded [ 105.271551][ T6160] vivid-003: Radio Programmable HW Seek: false [ 105.288646][ T6160] vivid-003: RDS Rx I/O Mode: Block I/O [ 105.294621][ T6160] vivid-003: Generate RBDS Instead of RDS: false [ 105.305704][ T6160] vivid-003: RDS Reception: true [ 105.311893][ T6160] vivid-003: RDS Program Type: 0 inactive [ 105.318088][ T6160] vivid-003: RDS PS Name: inactive [ 105.324057][ T6160] vivid-003: RDS Radio Text: inactive [ 105.330322][ T6160] vivid-003: RDS Traffic Announcement: false inactive [ 105.341911][ T6160] vivid-003: RDS Traffic Program: false inactive [ 105.350952][ T6160] vivid-003: RDS Music: false inactive [ 105.391541][ T6160] vivid-003: ================== END STATUS ================== [ 108.950411][ T6213] netlink: 12 bytes leftover after parsing attributes in process `syz.3.62'. [ 110.449581][ T6225] ima: policy update failed [ 110.458326][ T30] audit: type=1802 audit(1843104531.660:4): pid=6225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.64" res=0 errno=0 [ 110.794002][ T5861] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 110.794030][ T5861] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 110.811177][ T5861] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 110.811258][ T5861] Bluetooth: hci0: Malformed LE Event: 0x0d [ 110.875841][ T6251] syz.1.68 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 111.338108][ T6246] mmap: syz.3.67 (6246) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 112.733217][ T6286] netlink: 4 bytes leftover after parsing attributes in process `syz.0.74'. [ 112.781690][ T6286] binder: 6285:6286 ioctl 400c620e 0 returned -22 [ 113.492915][ T6303] FAULT_INJECTION: forcing a failure. [ 113.492915][ T6303] name failslab, interval 1, probability 0, space 0, times 0 [ 113.492964][ T6303] CPU: 0 UID: 0 PID: 6303 Comm: syz.3.79 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 113.492994][ T6303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.493007][ T6303] Call Trace: [ 113.493015][ T6303] [ 113.493025][ T6303] dump_stack_lvl+0x16c/0x1f0 [ 113.493065][ T6303] should_fail_ex+0x512/0x640 [ 113.493098][ T6303] ? fs_reclaim_acquire+0xae/0x150 [ 113.493129][ T6303] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 113.493161][ T6303] should_failslab+0xc2/0x120 [ 113.493186][ T6303] __kmalloc_noprof+0xd2/0x510 [ 113.493230][ T6303] tomoyo_realpath_from_path+0xc2/0x6e0 [ 113.493273][ T6303] tomoyo_check_open_permission+0x2ab/0x3c0 [ 113.493303][ T6303] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 113.493383][ T6303] ? do_raw_spin_lock+0x12c/0x2b0 [ 113.493422][ T6303] tomoyo_file_open+0x6b/0x90 [ 113.493453][ T6303] security_file_open+0x84/0x1e0 [ 113.493481][ T6303] do_dentry_open+0x596/0x1c10 [ 113.493520][ T6303] vfs_open+0x82/0x3f0 [ 113.493546][ T6303] path_openat+0x1de4/0x2cb0 [ 113.493585][ T6303] ? __pfx_path_openat+0x10/0x10 [ 113.493617][ T6303] ? __lock_acquire+0xb8a/0x1c90 [ 113.493652][ T6303] do_filp_open+0x20b/0x470 [ 113.493686][ T6303] ? __pfx_do_filp_open+0x10/0x10 [ 113.493747][ T6303] ? alloc_fd+0x471/0x7d0 [ 113.493790][ T6303] do_sys_openat2+0x11b/0x1d0 [ 113.493816][ T6303] ? __pfx_do_sys_openat2+0x10/0x10 [ 113.493847][ T6303] ? __fget_files+0x20e/0x3c0 [ 113.493886][ T6303] __x64_sys_openat+0x174/0x210 [ 113.493913][ T6303] ? __pfx___x64_sys_openat+0x10/0x10 [ 113.493939][ T6303] ? ksys_write+0x1ac/0x250 [ 113.493985][ T6303] do_syscall_64+0xcd/0x490 [ 113.494024][ T6303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.494060][ T6303] RIP: 0033:0x7fef56d8e929 [ 113.494080][ T6303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.494102][ T6303] RSP: 002b:00007fef57b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 113.494125][ T6303] RAX: ffffffffffffffda RBX: 00007fef56fb6160 RCX: 00007fef56d8e929 [ 113.494141][ T6303] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 113.494156][ T6303] RBP: 00007fef57b44090 R08: 0000000000000000 R09: 0000000000000000 [ 113.494170][ T6303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.494184][ T6303] R13: 0000000000000001 R14: 00007fef56fb6160 R15: 00007ffdfc971b38 [ 113.494218][ T6303] [ 113.494652][ T6303] ERROR: Out of memory at tomoyo_realpath_from_path. [ 115.201239][ T6324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.84'. [ 115.279187][ T6324] .SR: entered promiscuous mode [ 115.404729][ T6329] FAULT_INJECTION: forcing a failure. [ 115.404729][ T6329] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 115.426728][ T6329] CPU: 0 UID: 0 PID: 6329 Comm: syz.2.86 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 115.426762][ T6329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.426776][ T6329] Call Trace: [ 115.426784][ T6329] [ 115.426793][ T6329] dump_stack_lvl+0x16c/0x1f0 [ 115.426829][ T6329] should_fail_ex+0x512/0x640 [ 115.426868][ T6329] _copy_from_user+0x2e/0xd0 [ 115.426905][ T6329] copy_msghdr_from_user+0x98/0x160 [ 115.426940][ T6329] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 115.426992][ T6329] ___sys_sendmsg+0xfe/0x1d0 [ 115.427028][ T6329] ? __pfx____sys_sendmsg+0x10/0x10 [ 115.427058][ T6329] ? __lock_acquire+0x622/0x1c90 [ 115.427134][ T6329] __sys_sendmsg+0x16d/0x220 [ 115.427168][ T6329] ? __pfx___sys_sendmsg+0x10/0x10 [ 115.427225][ T6329] do_syscall_64+0xcd/0x490 [ 115.427262][ T6329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.427287][ T6329] RIP: 0033:0x7fd64078e929 [ 115.427306][ T6329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.427328][ T6329] RSP: 002b:00007fd64153f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 115.427351][ T6329] RAX: ffffffffffffffda RBX: 00007fd6409b5fa0 RCX: 00007fd64078e929 [ 115.427372][ T6329] RDX: 0000000024040004 RSI: 0000200000003a80 RDI: 0000000000000004 [ 115.427387][ T6329] RBP: 00007fd64153f090 R08: 0000000000000000 R09: 0000000000000000 [ 115.427401][ T6329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 115.427414][ T6329] R13: 0000000000000000 R14: 00007fd6409b5fa0 R15: 00007ffce100da38 [ 115.427447][ T6329] [ 115.676883][ T6335] capability: warning: `syz.2.89' uses 32-bit capabilities (legacy support in use) [ 118.442087][ T6382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.492287][ T6382] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.555109][ T6395] vhci_hcd: invalid port number 16 [ 118.590132][ T6395] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 119.087631][ T6407] FAULT_INJECTION: forcing a failure. [ 119.087631][ T6407] name failslab, interval 1, probability 0, space 0, times 0 [ 119.112302][ T6407] CPU: 0 UID: 0 PID: 6407 Comm: syz.3.102 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 119.112341][ T6407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.112356][ T6407] Call Trace: [ 119.112365][ T6407] [ 119.112375][ T6407] dump_stack_lvl+0x16c/0x1f0 [ 119.112416][ T6407] should_fail_ex+0x512/0x640 [ 119.112453][ T6407] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 119.112494][ T6407] should_failslab+0xc2/0x120 [ 119.112520][ T6407] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 119.112558][ T6407] ? security_file_alloc+0x34/0x2b0 [ 119.112597][ T6407] security_file_alloc+0x34/0x2b0 [ 119.112631][ T6407] init_file+0x93/0x4c0 [ 119.112658][ T6407] alloc_empty_file+0x73/0x1e0 [ 119.112686][ T6407] path_openat+0xda/0x2cb0 [ 119.112719][ T6407] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.112759][ T6407] ? __pfx_path_openat+0x10/0x10 [ 119.112797][ T6407] ? __lock_acquire+0xb8a/0x1c90 [ 119.112836][ T6407] do_filp_open+0x20b/0x470 [ 119.112880][ T6407] ? __pfx_do_filp_open+0x10/0x10 [ 119.112944][ T6407] ? alloc_fd+0x471/0x7d0 [ 119.112994][ T6407] do_sys_openat2+0x11b/0x1d0 [ 119.113022][ T6407] ? __pfx_do_sys_openat2+0x10/0x10 [ 119.113065][ T6407] __x64_sys_openat+0x174/0x210 [ 119.113094][ T6407] ? __pfx___x64_sys_openat+0x10/0x10 [ 119.113138][ T6407] do_syscall_64+0xcd/0x490 [ 119.113179][ T6407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.113204][ T6407] RIP: 0033:0x7fef56d8e929 [ 119.113224][ T6407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.113253][ T6407] RSP: 002b:00007fef57b65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 119.113278][ T6407] RAX: ffffffffffffffda RBX: 00007fef56fb6080 RCX: 00007fef56d8e929 [ 119.113295][ T6407] RDX: 0000000000000100 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 119.113312][ T6407] RBP: 00007fef56e10ca1 R08: 0000000000000000 R09: 0000000000000000 [ 119.113328][ T6407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.113343][ T6407] R13: 0000000000000000 R14: 00007fef56fb6080 R15: 00007ffdfc971b38 [ 119.113376][ T6407] [ 119.859528][ T6399] Invalid ELF header magic: != ELF [ 124.705498][ T6486] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 125.384842][ T6484] FAULT_INJECTION: forcing a failure. [ 125.384842][ T6484] name failslab, interval 1, probability 0, space 0, times 0 [ 125.398309][ T6484] CPU: 1 UID: 0 PID: 6484 Comm: syz.1.119 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 125.398354][ T6484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 125.398371][ T6484] Call Trace: [ 125.398380][ T6484] [ 125.398390][ T6484] dump_stack_lvl+0x16c/0x1f0 [ 125.398434][ T6484] should_fail_ex+0x512/0x640 [ 125.398470][ T6484] ? __kmalloc_noprof+0xbf/0x510 [ 125.398512][ T6484] ? lsm_blob_alloc+0x68/0x90 [ 125.398548][ T6484] should_failslab+0xc2/0x120 [ 125.398573][ T6484] __kmalloc_noprof+0xd2/0x510 [ 125.398617][ T6484] lsm_blob_alloc+0x68/0x90 [ 125.398655][ T6484] security_sk_alloc+0x30/0x270 [ 125.398684][ T6484] sk_prot_alloc+0xfb/0x2a0 [ 125.398714][ T6484] sk_alloc+0x36/0xc20 [ 125.398750][ T6484] inet6_create+0x381/0x1300 [ 125.398792][ T6484] ? inet6_create+0x7f/0x1300 [ 125.398835][ T6484] __sock_create+0x338/0x8d0 [ 125.398870][ T6484] __sys_socket+0x14d/0x260 [ 125.398897][ T6484] ? fput+0x70/0xf0 [ 125.398921][ T6484] ? __pfx___sys_socket+0x10/0x10 [ 125.398950][ T6484] ? xfd_validate_state+0x61/0x180 [ 125.398982][ T6484] ? __pfx_ksys_write+0x10/0x10 [ 125.399024][ T6484] __x64_sys_socket+0x72/0xb0 [ 125.399052][ T6484] ? lockdep_hardirqs_on+0x7c/0x110 [ 125.399086][ T6484] do_syscall_64+0xcd/0x490 [ 125.399144][ T6484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.399171][ T6484] RIP: 0033:0x7f886b18e929 [ 125.399192][ T6484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.399216][ T6484] RSP: 002b:00007f886c033038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 125.399240][ T6484] RAX: ffffffffffffffda RBX: 00007f886b3b6080 RCX: 00007f886b18e929 [ 125.399257][ T6484] RDX: 000000000000003a RSI: 0000000000000002 RDI: 000000000000000a [ 125.399272][ T6484] RBP: 00007f886b210ca1 R08: 0000000000000000 R09: 0000000000000000 [ 125.399287][ T6484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.399302][ T6484] R13: 0000000000000000 R14: 00007f886b3b6080 R15: 00007fff7aa02928 [ 125.399342][ T6484] [ 126.177045][ T6511] netlink: 28 bytes leftover after parsing attributes in process `syz.3.125'. [ 126.978727][ T6524] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 128.362994][ T6556] ubi0: attaching mtd0 [ 128.392679][ T6556] ubi0: scanning is finished [ 128.410992][ T6556] ubi0: empty MTD device detected [ 128.607313][ T6556] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 128.618479][ T6556] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 128.626004][ T6556] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 128.635901][ T6556] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 128.646519][ T6556] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 128.655516][ T6556] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 128.666880][ T6556] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1564086702 [ 128.680836][ T6556] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 128.713563][ T6559] ubi0: background thread "ubi_bgt0d" started, PID 6559 [ 128.734164][ T6558] ubi0: detaching mtd0 [ 128.779060][ T6558] ubi0: mtd0 is detached [ 129.242933][ T6550] svc: failed to register nfsdv3 RPC service (errno 111). [ 129.277911][ T6550] svc: failed to register nfsaclv3 RPC service (errno 111). [ 129.425072][ T6564] serio: Serial port pty238 [ 129.586149][ T6577] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 130.205135][ T6584] program syz.0.143 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.229798][ T6584] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 130.638239][ T6583] FAULT_INJECTION: forcing a failure. [ 130.638239][ T6583] name failslab, interval 1, probability 0, space 0, times 0 [ 130.692257][ T6583] CPU: 0 UID: 0 PID: 6583 Comm: syz.2.144 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 130.692296][ T6583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.692312][ T6583] Call Trace: [ 130.692321][ T6583] [ 130.692332][ T6583] dump_stack_lvl+0x16c/0x1f0 [ 130.692376][ T6583] should_fail_ex+0x512/0x640 [ 130.692411][ T6583] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 130.692454][ T6583] should_failslab+0xc2/0x120 [ 130.692480][ T6583] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 130.692517][ T6583] ? d_instantiate+0x77/0x90 [ 130.692539][ T6583] ? alloc_empty_file+0x55/0x1e0 [ 130.692572][ T6583] alloc_empty_file+0x55/0x1e0 [ 130.692601][ T6583] alloc_file_pseudo+0x13a/0x230 [ 130.692631][ T6583] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 130.692662][ T6583] ? do_raw_spin_unlock+0x172/0x230 [ 130.692691][ T6583] __anon_inode_getfile+0xe8/0x280 [ 130.692731][ T6583] anon_inode_getfile_fmode+0x37/0xa0 [ 130.692768][ T6583] __do_sys_fanotify_init+0x96d/0xc00 [ 130.692801][ T6583] do_syscall_64+0xcd/0x490 [ 130.692849][ T6583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.692877][ T6583] RIP: 0033:0x7fd64078e929 [ 130.692898][ T6583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.692922][ T6583] RSP: 002b:00007fd64153f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 130.692946][ T6583] RAX: ffffffffffffffda RBX: 00007fd6409b5fa0 RCX: 00007fd64078e929 [ 130.692964][ T6583] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000200 [ 130.692980][ T6583] RBP: 00007fd640810ca1 R08: 0000000000000000 R09: 0000000000000000 [ 130.692995][ T6583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.693010][ T6583] R13: 0000000000000000 R14: 00007fd6409b5fa0 R15: 00007ffce100da38 [ 130.693044][ T6583] [ 131.787768][ T6607] 0x000200000001-0xa29656a63616329 : "" [ 131.816576][ T6607] mtd: partition "" is out of reach -- disabled [ 131.851553][ T6607] ftl_cs: FTL header not found. [ 132.594289][ T6615] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 132.717107][ T6617] FAULT_INJECTION: forcing a failure. [ 132.717107][ T6617] name failslab, interval 1, probability 0, space 0, times 0 [ 132.733963][ T6617] CPU: 1 UID: 0 PID: 6617 Comm: syz.0.151 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 132.733998][ T6617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 132.734014][ T6617] Call Trace: [ 132.734022][ T6617] [ 132.734032][ T6617] dump_stack_lvl+0x16c/0x1f0 [ 132.734074][ T6617] should_fail_ex+0x512/0x640 [ 132.734104][ T6617] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 132.734139][ T6617] should_failslab+0xc2/0x120 [ 132.734169][ T6617] __kmalloc_cache_noprof+0x6a/0x3e0 [ 132.734204][ T6617] ? kobject_uevent_env+0x265/0x1870 [ 132.734238][ T6617] kobject_uevent_env+0x265/0x1870 [ 132.734264][ T6617] ? __pfx_dev_uevent_name+0x10/0x10 [ 132.734302][ T6617] ? bus_to_subsys+0x131/0x160 [ 132.734334][ T6617] device_add+0x10dd/0x1a70 [ 132.734363][ T6617] ? __pfx_device_add+0x10/0x10 [ 132.734393][ T6617] ? lockdep_init_map_type+0x5c/0x280 [ 132.734434][ T6617] input_register_device+0x7e8/0x1130 [ 132.734465][ T6617] ? input_ff_create+0x256/0x350 [ 132.734493][ T6617] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 132.734522][ T6617] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 132.734557][ T6617] ? find_held_lock+0x2b/0x80 [ 132.734598][ T6617] ? __pfx_uinput_ioctl+0x10/0x10 [ 132.734624][ T6617] __x64_sys_ioctl+0x18b/0x210 [ 132.734657][ T6617] do_syscall_64+0xcd/0x490 [ 132.734702][ T6617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.734727][ T6617] RIP: 0033:0x7f053458e929 [ 132.734748][ T6617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.734771][ T6617] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.734793][ T6617] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 132.734809][ T6617] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 132.734824][ T6617] RBP: 00007f0534610ca1 R08: 0000000000000000 R09: 0000000000000000 [ 132.734838][ T6617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 132.734852][ T6617] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 132.734885][ T6617] [ 132.734947][ T6617] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 132.782089][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.966753][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.693331][ T6630] binder: 6629:6630 ioctl 400c620e 0 returned -22 [ 134.360401][ T6637] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 134.401772][ T6635] serio: Serial port pty238 [ 135.138918][ T6653] ubi0: attaching mtd0 [ 135.144398][ T6653] ubi0: scanning is finished [ 135.216226][ T6640] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 135.491642][ T6653] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 135.501287][ T6653] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 135.544170][ T6653] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 135.585823][ T6653] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 135.605381][ T6653] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 135.618824][ T6653] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 135.627511][ T6653] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1564086702 [ 135.637833][ T6653] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 135.658364][ T6659] ubi0: background thread "ubi_bgt0d" started, PID 6659 [ 137.351464][ T6694] 0x000200000001-0xa29656a63616329 : "" [ 137.358850][ T6694] mtd: partition "" is out of reach -- disabled [ 137.378275][ T6694] ftl_cs: FTL header not found. [ 138.318259][ T6704] ======================================================= [ 138.318259][ T6704] WARNING: The mand mount option has been deprecated and [ 138.318259][ T6704] and is ignored by this kernel. Remove the mand [ 138.318259][ T6704] option from the mount to silence this warning. [ 138.318259][ T6704] ======================================================= [ 138.353140][ C0] vkms_vblank_simulate: vblank timer overrun [ 139.534389][ T6723] FAULT_INJECTION: forcing a failure. [ 139.534389][ T6723] name failslab, interval 1, probability 0, space 0, times 0 [ 139.547314][ T6723] CPU: 1 UID: 0 PID: 6723 Comm: syz.1.175 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 139.547336][ T6723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 139.547345][ T6723] Call Trace: [ 139.547351][ T6723] [ 139.547357][ T6723] dump_stack_lvl+0x16c/0x1f0 [ 139.547383][ T6723] should_fail_ex+0x512/0x640 [ 139.547404][ T6723] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 139.547426][ T6723] should_failslab+0xc2/0x120 [ 139.547440][ T6723] __kmalloc_cache_noprof+0x6a/0x3e0 [ 139.547458][ T6723] ? pty_common_install+0x10e/0xb30 [ 139.547480][ T6723] pty_common_install+0x10e/0xb30 [ 139.547497][ T6723] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 139.547520][ T6723] ? __pfx_pty_unix98_install+0x10/0x10 [ 139.547540][ T6723] tty_init_dev.part.0+0x99/0x500 [ 139.547557][ T6723] tty_init_dev+0x60/0x80 [ 139.547570][ T6723] ? __pfx_ptmx_open+0x10/0x10 [ 139.547586][ T6723] ptmx_open+0x10d/0x360 [ 139.547603][ T6723] ? __pfx_ptmx_open+0x10/0x10 [ 139.547620][ T6723] chrdev_open+0x231/0x6a0 [ 139.547641][ T6723] ? __pfx_apparmor_file_open+0x10/0x10 [ 139.547659][ T6723] ? __pfx_chrdev_open+0x10/0x10 [ 139.547681][ T6723] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 139.547703][ T6723] do_dentry_open+0x744/0x1c10 [ 139.547723][ T6723] ? __pfx_chrdev_open+0x10/0x10 [ 139.547748][ T6723] vfs_open+0x82/0x3f0 [ 139.547765][ T6723] path_openat+0x1de4/0x2cb0 [ 139.547791][ T6723] ? __pfx_path_openat+0x10/0x10 [ 139.547812][ T6723] ? __lock_acquire+0xb8a/0x1c90 [ 139.547833][ T6723] do_filp_open+0x20b/0x470 [ 139.547853][ T6723] ? __pfx_do_filp_open+0x10/0x10 [ 139.547886][ T6723] ? alloc_fd+0x471/0x7d0 [ 139.547910][ T6723] do_sys_openat2+0x11b/0x1d0 [ 139.547925][ T6723] ? __pfx_do_sys_openat2+0x10/0x10 [ 139.547948][ T6723] __x64_sys_openat+0x174/0x210 [ 139.547964][ T6723] ? __pfx___x64_sys_openat+0x10/0x10 [ 139.547987][ T6723] do_syscall_64+0xcd/0x490 [ 139.548009][ T6723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.548033][ T6723] RIP: 0033:0x7f886b18e929 [ 139.548047][ T6723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.548061][ T6723] RSP: 002b:00007f886c033038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 139.548075][ T6723] RAX: ffffffffffffffda RBX: 00007f886b3b6080 RCX: 00007f886b18e929 [ 139.548084][ T6723] RDX: 0000000000020540 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 139.548093][ T6723] RBP: 00007f886b210ca1 R08: 0000000000000000 R09: 0000000000000000 [ 139.548101][ T6723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.548110][ T6723] R13: 0000000000000000 R14: 00007f886b3b6080 R15: 00007fff7aa02928 [ 139.548129][ T6723] [ 141.233778][ T6742] FAULT_INJECTION: forcing a failure. [ 141.233778][ T6742] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.247288][ T6742] CPU: 0 UID: 0 PID: 6742 Comm: syz.0.180 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 141.247321][ T6742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 141.247334][ T6742] Call Trace: [ 141.247343][ T6742] [ 141.247352][ T6742] dump_stack_lvl+0x16c/0x1f0 [ 141.247392][ T6742] should_fail_ex+0x512/0x640 [ 141.247431][ T6742] _copy_to_iter+0x463/0x16f0 [ 141.247477][ T6742] ? __pfx__copy_to_iter+0x10/0x10 [ 141.247520][ T6742] ? proc_oom_score+0xe6/0x120 [ 141.247551][ T6742] seq_read_iter+0xcf8/0x12c0 [ 141.247598][ T6742] seq_read+0x39e/0x4e0 [ 141.247627][ T6742] ? __pfx_seq_read+0x10/0x10 [ 141.247656][ T6742] ? get_pid_task+0xfc/0x250 [ 141.247691][ T6742] ? __mutex_trylock_common+0xe9/0x250 [ 141.247737][ T6742] ? rw_verify_area+0xcf/0x680 [ 141.247777][ T6742] ? __pfx_seq_read+0x10/0x10 [ 141.247806][ T6742] vfs_read+0x1e4/0xc60 [ 141.247843][ T6742] ? __pfx___mutex_lock+0x10/0x10 [ 141.247886][ T6742] ? __pfx_vfs_read+0x10/0x10 [ 141.247929][ T6742] ? __fget_files+0x20e/0x3c0 [ 141.247971][ T6742] ksys_read+0x12a/0x250 [ 141.248003][ T6742] ? __pfx_ksys_read+0x10/0x10 [ 141.248046][ T6742] do_syscall_64+0xcd/0x490 [ 141.248081][ T6742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.248105][ T6742] RIP: 0033:0x7f053458e929 [ 141.248125][ T6742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.248146][ T6742] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 141.248168][ T6742] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 141.248184][ T6742] RDX: 000000000000002c RSI: 0000200000000140 RDI: 0000000000000004 [ 141.248198][ T6742] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 141.248213][ T6742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.248227][ T6742] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 141.248260][ T6742] [ 141.250614][ T6742] 0x000200000001-0xa29656a63616329 : "" [ 141.572572][ T6742] mtd: partition "" is out of reach -- disabled [ 141.589914][ T6742] ftl_cs: FTL header not found. [ 141.648561][ T6743] netlink: 342 bytes leftover after parsing attributes in process `syz.2.178'. [ 142.304941][ T6754] netlink: 186 bytes leftover after parsing attributes in process `syz.0.181'. [ 142.401047][ T6766] binder: 6764:6766 ioctl 400c620e 0 returned -22 [ 142.437512][ T6760] process 'syz.2.182' launched './file0' with NULL argv: empty string added [ 142.988171][ T6775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.184'. [ 143.145065][ T6772] zswap: compressor not available [ 144.532635][ T6794] syz.2.187 (6794) used greatest stack depth: 19096 bytes left [ 146.644340][ T6847] FAULT_INJECTION: forcing a failure. [ 146.644340][ T6847] name failslab, interval 1, probability 0, space 0, times 0 [ 146.658176][ T6847] CPU: 1 UID: 0 PID: 6847 Comm: syz.1.200 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 146.658212][ T6847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.658227][ T6847] Call Trace: [ 146.658235][ T6847] [ 146.658246][ T6847] dump_stack_lvl+0x16c/0x1f0 [ 146.658289][ T6847] should_fail_ex+0x512/0x640 [ 146.658324][ T6847] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 146.658360][ T6847] should_failslab+0xc2/0x120 [ 146.658384][ T6847] __kmalloc_cache_noprof+0x6a/0x3e0 [ 146.658413][ T6847] ? ipv4_mib_init_net+0x263/0x5f0 [ 146.658446][ T6847] ipv4_mib_init_net+0x263/0x5f0 [ 146.658474][ T6847] ? __pfx_igmp_net_init+0x10/0x10 [ 146.658508][ T6847] ? __pfx_ipv4_mib_init_net+0x10/0x10 [ 146.658541][ T6847] ops_init+0x1e2/0x5f0 [ 146.658583][ T6847] setup_net+0x1ff/0x510 [ 146.658619][ T6847] ? lockdep_init_map_type+0x5c/0x280 [ 146.658655][ T6847] ? __pfx_setup_net+0x10/0x10 [ 146.658696][ T6847] ? debug_mutex_init+0x37/0x70 [ 146.658733][ T6847] copy_net_ns+0x2a6/0x5f0 [ 146.658761][ T6847] create_new_namespaces+0x3ea/0xa90 [ 146.658798][ T6847] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 146.658830][ T6847] ksys_unshare+0x45b/0xa40 [ 146.658864][ T6847] ? __pfx_ksys_unshare+0x10/0x10 [ 146.658899][ T6847] ? xfd_validate_state+0x61/0x180 [ 146.658942][ T6847] __x64_sys_unshare+0x31/0x40 [ 146.658975][ T6847] do_syscall_64+0xcd/0x490 [ 146.659014][ T6847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.659040][ T6847] RIP: 0033:0x7f886b18e929 [ 146.659061][ T6847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.659085][ T6847] RSP: 002b:00007f886c054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 146.659113][ T6847] RAX: ffffffffffffffda RBX: 00007f886b3b5fa0 RCX: 00007f886b18e929 [ 146.659130][ T6847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 146.659142][ T6847] RBP: 00007f886b210ca1 R08: 0000000000000000 R09: 0000000000000000 [ 146.659155][ T6847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.659165][ T6847] R13: 0000000000000000 R14: 00007f886b3b5fa0 R15: 00007fff7aa02928 [ 146.659192][ T6847] [ 146.880431][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.866602][ T6864] zswap: compressor not available [ 148.292655][ T6875] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 149.566485][ T6960] binder: 6959:6960 ioctl 400c620e 0 returned -22 [ 150.697377][ T7032] netlink: 330 bytes leftover after parsing attributes in process `syz.1.217'. [ 151.572132][ T7050] binder: 7049:7050 ioctl 400c620e 0 returned -22 [ 151.614418][ T7053] random: crng reseeded on system resumption [ 151.629277][ T7053] FAULT_INJECTION: forcing a failure. [ 151.629277][ T7053] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 151.629350][ T7053] CPU: 0 UID: 0 PID: 7053 Comm: syz.3.222 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 151.629380][ T7053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 151.629394][ T7053] Call Trace: [ 151.629402][ T7053] [ 151.629411][ T7053] dump_stack_lvl+0x16c/0x1f0 [ 151.629450][ T7053] should_fail_ex+0x512/0x640 [ 151.629490][ T7053] should_fail_alloc_page+0xe7/0x130 [ 151.629516][ T7053] prepare_alloc_pages+0x3c2/0x610 [ 151.629547][ T7053] ? rcu_is_watching+0x12/0xc0 [ 151.629584][ T7053] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 151.629620][ T7053] ? find_held_lock+0x2b/0x80 [ 151.629648][ T7053] ? mark_held_locks+0x49/0x80 [ 151.629679][ T7053] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 151.629710][ T7053] ? lockdep_hardirqs_on+0x7c/0x110 [ 151.629743][ T7053] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 151.629775][ T7053] ? stack_depot_save_flags+0x3e0/0xa40 [ 151.629811][ T7053] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 151.629852][ T7053] ? kasan_save_stack+0x42/0x60 [ 151.629889][ T7053] ? kasan_save_stack+0x33/0x60 [ 151.629927][ T7053] ? do_dentry_open+0x744/0x1c10 [ 151.629960][ T7053] ? vfs_open+0x82/0x3f0 [ 151.629987][ T7053] ? path_openat+0x1de4/0x2cb0 [ 151.630018][ T7053] ? do_filp_open+0x20b/0x470 [ 151.630047][ T7053] ? do_sys_openat2+0x11b/0x1d0 [ 151.630071][ T7053] ? __x64_sys_openat+0x174/0x210 [ 151.630095][ T7053] ? do_syscall_64+0xcd/0x490 [ 151.630128][ T7053] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.630154][ T7053] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 151.630189][ T7053] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 151.630226][ T7053] ? policy_nodemask+0xea/0x4e0 [ 151.630253][ T7053] alloc_pages_mpol+0x1fb/0x550 [ 151.630278][ T7053] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 151.630313][ T7053] alloc_pages_noprof+0x131/0x390 [ 151.630338][ T7053] get_zeroed_page_noprof+0x18/0xb0 [ 151.630365][ T7053] get_image_page+0x18/0x190 [ 151.630390][ T7053] alloc_rtree_node+0x3c/0xb0 [ 151.630417][ T7053] memory_bm_create+0x519/0x810 [ 151.630458][ T7053] create_basic_memory_bitmaps+0xbd/0x320 [ 151.630492][ T7053] snapshot_open+0x235/0x2b0 [ 151.630520][ T7053] ? __pfx_snapshot_open+0x10/0x10 [ 151.630549][ T7053] misc_open+0x35d/0x420 [ 151.630579][ T7053] ? __pfx_misc_open+0x10/0x10 [ 151.630608][ T7053] chrdev_open+0x231/0x6a0 [ 151.630645][ T7053] ? __pfx_chrdev_open+0x10/0x10 [ 151.630683][ T7053] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 151.630721][ T7053] do_dentry_open+0x744/0x1c10 [ 151.630756][ T7053] ? __pfx_chrdev_open+0x10/0x10 [ 151.630799][ T7053] vfs_open+0x82/0x3f0 [ 151.630830][ T7053] path_openat+0x1de4/0x2cb0 [ 151.630876][ T7053] ? __pfx_path_openat+0x10/0x10 [ 151.630912][ T7053] ? __lock_acquire+0xb8a/0x1c90 [ 151.630953][ T7053] do_filp_open+0x20b/0x470 [ 151.630988][ T7053] ? __pfx_do_filp_open+0x10/0x10 [ 151.631050][ T7053] ? alloc_fd+0x471/0x7d0 [ 151.631093][ T7053] do_sys_openat2+0x11b/0x1d0 [ 151.631119][ T7053] ? __pfx_do_sys_openat2+0x10/0x10 [ 151.631150][ T7053] ? __fget_files+0x20e/0x3c0 [ 151.631189][ T7053] __x64_sys_openat+0x174/0x210 [ 151.631217][ T7053] ? __pfx___x64_sys_openat+0x10/0x10 [ 151.631243][ T7053] ? ksys_write+0x1ac/0x250 [ 151.631289][ T7053] do_syscall_64+0xcd/0x490 [ 151.631326][ T7053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.631350][ T7053] RIP: 0033:0x7fef56d8e929 [ 151.631370][ T7053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.631391][ T7053] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 151.631413][ T7053] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 151.631428][ T7053] RDX: 0000000000180b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 151.631443][ T7053] RBP: 00007fef57b86090 R08: 0000000000000000 R09: 0000000000000000 [ 151.631457][ T7053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 151.631471][ T7053] R13: 0000000000000001 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 151.631505][ T7053] [ 155.119294][ T7137] FAULT_INJECTION: forcing a failure. [ 155.119294][ T7137] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 155.142403][ T7137] CPU: 0 UID: 0 PID: 7137 Comm: syz.2.230 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 155.142428][ T7137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 155.142437][ T7137] Call Trace: [ 155.142442][ T7137] [ 155.142449][ T7137] dump_stack_lvl+0x16c/0x1f0 [ 155.142475][ T7137] should_fail_ex+0x512/0x640 [ 155.142499][ T7137] _copy_from_user+0x2e/0xd0 [ 155.142521][ T7137] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 155.142546][ T7137] snd_rawmidi_write+0x26e/0xc10 [ 155.142567][ T7137] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 155.142584][ T7137] ? __pfx_default_wake_function+0x10/0x10 [ 155.142601][ T7137] ? bpf_lsm_file_permission+0x9/0x10 [ 155.142616][ T7137] ? security_file_permission+0x71/0x210 [ 155.142635][ T7137] ? rw_verify_area+0xcf/0x680 [ 155.142653][ T7137] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 155.142668][ T7137] vfs_write+0x29d/0x1150 [ 155.142694][ T7137] ? __pfx_vfs_write+0x10/0x10 [ 155.142711][ T7137] ? find_held_lock+0x2b/0x80 [ 155.142726][ T7137] ? __fget_files+0x204/0x3c0 [ 155.142747][ T7137] ? __fget_files+0x20e/0x3c0 [ 155.142770][ T7137] ksys_write+0x1f8/0x250 [ 155.142789][ T7137] ? __pfx_ksys_write+0x10/0x10 [ 155.142814][ T7137] do_syscall_64+0xcd/0x490 [ 155.142835][ T7137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.142849][ T7137] RIP: 0033:0x7fd64078e929 [ 155.142861][ T7137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.142875][ T7137] RSP: 002b:00007fd63e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 155.142888][ T7137] RAX: ffffffffffffffda RBX: 00007fd6409b6160 RCX: 00007fd64078e929 [ 155.142897][ T7137] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000009 [ 155.142905][ T7137] RBP: 00007fd640810ca1 R08: 0000000000000000 R09: 0000000000000000 [ 155.142913][ T7137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.142921][ T7137] R13: 0000000000000000 R14: 00007fd6409b6160 R15: 00007ffce100da38 [ 155.142946][ T7137] [ 157.160898][ T7189] binder: 7188:7189 ioctl 400c620e 0 returned -22 [ 157.578768][ T7205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.236'. [ 157.611954][ T7207] ubi: mtd0 is already attached to ubi0 [ 157.634710][ T7208] netlink: 28 bytes leftover after parsing attributes in process `syz.3.231'. [ 157.657041][ T7207] ubi0: detaching mtd0 [ 157.691406][ T7207] ubi0: mtd0 is detached [ 160.486614][ T7291] syz.0.242 uses obsolete (PF_INET,SOCK_PACKET) [ 160.502127][ T7261] warning: `syz.1.240' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 161.542327][ T7343] vhci_hcd: invalid port number 16 [ 161.566499][ T7343] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 162.520304][ T7387] binder: 7385:7387 ioctl 400c620e 0 returned -22 [ 163.590056][ T7431] FAULT_INJECTION: forcing a failure. [ 163.590056][ T7431] name failslab, interval 1, probability 0, space 0, times 0 [ 163.603984][ T7431] CPU: 1 UID: 0 PID: 7431 Comm: syz.3.256 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 163.604018][ T7431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 163.604031][ T7431] Call Trace: [ 163.604039][ T7431] [ 163.604048][ T7431] dump_stack_lvl+0x16c/0x1f0 [ 163.604100][ T7431] should_fail_ex+0x512/0x640 [ 163.604138][ T7431] should_failslab+0xc2/0x120 [ 163.604162][ T7431] __kmalloc_cache_noprof+0x6a/0x3e0 [ 163.604196][ T7431] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 163.604239][ T7431] ? tipc_group_create+0xbc/0x660 [ 163.604281][ T7431] tipc_group_create+0xbc/0x660 [ 163.604322][ T7431] tipc_setsockopt+0x7f0/0xdb0 [ 163.604348][ T7431] ? __pfx_tipc_setsockopt+0x10/0x10 [ 163.604379][ T7431] ? errseq_sample+0x53/0x70 [ 163.604419][ T7431] ? __pfx_tipc_setsockopt+0x10/0x10 [ 163.604444][ T7431] do_sock_setsockopt+0x221/0x470 [ 163.604470][ T7431] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 163.604520][ T7431] __sys_setsockopt+0x120/0x1a0 [ 163.604561][ T7431] __x64_sys_setsockopt+0xbd/0x160 [ 163.604591][ T7431] ? do_syscall_64+0x91/0x490 [ 163.604627][ T7431] ? lockdep_hardirqs_on+0x7c/0x110 [ 163.604661][ T7431] do_syscall_64+0xcd/0x490 [ 163.604694][ T7431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.604717][ T7431] RIP: 0033:0x7fef56d8e929 [ 163.604737][ T7431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.604759][ T7431] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 163.604783][ T7431] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 163.604801][ T7431] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000006 [ 163.604816][ T7431] RBP: 00007fef56e10ca1 R08: 0000000000000014 R09: 0000000000000000 [ 163.604831][ T7431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.604846][ T7431] R13: 0000000000000000 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 163.604879][ T7431] [ 163.853249][ T7475] netlink: 'syz.0.257': attribute type 45 has an invalid length. [ 169.685242][ T7896] 0x000200000001-0xa29656a63616329 : "" [ 169.702568][ T7896] mtd: partition "" is out of reach -- disabled [ 169.726180][ T7896] ftl_cs: FTL header not found. [ 170.412044][ T7945] netlink: 28 bytes leftover after parsing attributes in process `syz.0.278'. [ 171.679393][ T8007] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 172.233243][ T7972] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 173.100419][ T8016] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 173.112964][ T8032] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.167623][ T8032] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.356637][ T8032] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.469705][ T8032] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 173.479972][ T8032] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 173.650012][ T8032] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 173.830581][ T8032] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.837268][ T8032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.886192][ T8032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 173.955353][ T8032] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 173.993729][ T8032] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 174.310386][ T8032] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 174.453841][ T5861] Bluetooth: hci0: command 0x0c1a tx timeout [ 174.567936][ T8109] FAULT_INJECTION: forcing a failure. [ 174.567936][ T8109] name failslab, interval 1, probability 0, space 0, times 0 [ 174.580983][ T8109] CPU: 0 UID: 0 PID: 8109 Comm: syz.1.291 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 174.581014][ T8109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.581028][ T8109] Call Trace: [ 174.581036][ T8109] [ 174.581045][ T8109] dump_stack_lvl+0x16c/0x1f0 [ 174.581084][ T8109] should_fail_ex+0x512/0x640 [ 174.581126][ T8109] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 174.581160][ T8109] should_failslab+0xc2/0x120 [ 174.581183][ T8109] __kmalloc_cache_noprof+0x6a/0x3e0 [ 174.581215][ T8109] ? alloc_pipe_info+0x10e/0x590 [ 174.581255][ T8109] alloc_pipe_info+0x10e/0x590 [ 174.581293][ T8109] splice_direct_to_actor+0x77d/0xa30 [ 174.581326][ T8109] ? __pfx_direct_splice_actor+0x10/0x10 [ 174.581359][ T8109] ? __pfx_aa_file_perm+0x10/0x10 [ 174.581393][ T8109] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 174.581422][ T8109] ? get_pid_task+0xfc/0x250 [ 174.581463][ T8109] do_splice_direct+0x174/0x240 [ 174.581495][ T8109] ? __pfx_do_splice_direct+0x10/0x10 [ 174.581526][ T8109] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 174.581562][ T8109] ? rw_verify_area+0xcf/0x680 [ 174.581596][ T8109] do_sendfile+0xb06/0xe50 [ 174.581634][ T8109] ? __pfx_do_sendfile+0x10/0x10 [ 174.581667][ T8109] ? __fget_files+0x20e/0x3c0 [ 174.581709][ T8109] __x64_sys_sendfile64+0x1d8/0x220 [ 174.581731][ T8109] ? ksys_write+0x1ac/0x250 [ 174.581761][ T8109] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 174.581796][ T8109] do_syscall_64+0xcd/0x490 [ 174.581833][ T8109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.581857][ T8109] RIP: 0033:0x7f886b18e929 [ 174.581876][ T8109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.581898][ T8109] RSP: 002b:00007f886c054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 174.581920][ T8109] RAX: ffffffffffffffda RBX: 00007f886b3b5fa0 RCX: 00007f886b18e929 [ 174.581936][ T8109] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007 [ 174.581950][ T8109] RBP: 00007f886c054090 R08: 0000000000000000 R09: 0000000000000000 [ 174.581964][ T8109] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001 [ 174.581978][ T8109] R13: 0000000000000000 R14: 00007f886b3b5fa0 R15: 00007fff7aa02928 [ 174.582009][ T8109] [ 175.056380][ T8129] binder: 8127:8129 ioctl 400c620e 0 returned -22 [ 175.462089][ T8159] ubi0: attaching mtd0 [ 175.463182][ T8159] ubi0: scanning is finished [ 175.463317][ T8159] ubi0 warning: ubi_read_volume_table: volume table copy #2 is corrupted [ 175.464572][ T8159] ubi0: volume table was restored [ 175.505608][ T5861] Bluetooth: hci1: command 0x0c1a tx timeout [ 175.898620][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 175.923621][ T8159] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 175.923646][ T8159] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 175.923657][ T8159] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 175.923668][ T8159] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 175.923680][ T8159] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 175.923690][ T8159] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 175.923701][ T8159] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1564086702 [ 175.923714][ T8159] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 175.923776][ T8151] ubi0: detaching mtd0 [ 175.943113][ T8151] ubi0: mtd0 is detached [ 175.980441][ T5861] Bluetooth: hci3: command 0x0c1a tx timeout [ 176.445537][ T8207] netlink: 16 bytes leftover after parsing attributes in process `syz.3.299'. [ 176.544465][ T5861] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.576454][ T5861] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.973629][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.064613][ T5861] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.614185][ T5861] Bluetooth: hci0: command 0x0c1a tx timeout [ 179.531433][ T8354] netlink: 16 bytes leftover after parsing attributes in process `syz.3.310'. [ 179.656894][ T5861] Bluetooth: hci1: command 0x0c1a tx timeout [ 180.054287][ T5861] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.133669][ T5861] Bluetooth: hci3: command 0x0c1a tx timeout [ 180.199423][ T8403] FAULT_INJECTION: forcing a failure. [ 180.199423][ T8403] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 180.214954][ T8403] CPU: 0 UID: 0 PID: 8403 Comm: syz.2.312 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 180.214988][ T8403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.215001][ T8403] Call Trace: [ 180.215009][ T8403] [ 180.215019][ T8403] dump_stack_lvl+0x16c/0x1f0 [ 180.215059][ T8403] should_fail_ex+0x512/0x640 [ 180.215098][ T8403] _copy_from_iter+0x29f/0x16f0 [ 180.215144][ T8403] ? __pfx__copy_from_iter+0x10/0x10 [ 180.215178][ T8403] ? rcu_is_watching+0x12/0xc0 [ 180.215206][ T8403] ? rcu_is_watching+0x12/0xc0 [ 180.215230][ T8403] ? kfree+0x24f/0x4d0 [ 180.215254][ T8403] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 180.215300][ T8403] file_tty_write.constprop.0+0x488/0x9b0 [ 180.215348][ T8403] redirected_tty_write+0xd4/0x150 [ 180.215385][ T8403] vfs_write+0x6c7/0x1150 [ 180.215419][ T8403] ? __pfx_redirected_tty_write+0x10/0x10 [ 180.215460][ T8403] ? __pfx_vfs_write+0x10/0x10 [ 180.215490][ T8403] ? find_held_lock+0x2b/0x80 [ 180.215539][ T8403] ksys_write+0x12a/0x250 [ 180.215572][ T8403] ? __pfx_ksys_write+0x10/0x10 [ 180.215616][ T8403] do_syscall_64+0xcd/0x490 [ 180.215654][ T8403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.215679][ T8403] RIP: 0033:0x7fd64078e929 [ 180.215699][ T8403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.215720][ T8403] RSP: 002b:00007fd64153f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 180.215743][ T8403] RAX: ffffffffffffffda RBX: 00007fd6409b5fa0 RCX: 00007fd64078e929 [ 180.215759][ T8403] RDX: 0000000000000013 RSI: 0000200000000000 RDI: 0000000000000003 [ 180.215780][ T8403] RBP: 00007fd64153f090 R08: 0000000000000000 R09: 0000000000000000 [ 180.215794][ T8403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.215808][ T8403] R13: 0000000000000000 R14: 00007fd6409b5fa0 R15: 00007ffce100da38 [ 180.215842][ T8403] [ 180.349255][ T8407] FAULT_INJECTION: forcing a failure. [ 180.349255][ T8407] name failslab, interval 1, probability 0, space 0, times 0 [ 180.349321][ T8407] CPU: 0 UID: 0 PID: 8407 Comm: syz.3.313 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 180.349354][ T8407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.349369][ T8407] Call Trace: [ 180.349378][ T8407] [ 180.349388][ T8407] dump_stack_lvl+0x16c/0x1f0 [ 180.349429][ T8407] should_fail_ex+0x512/0x640 [ 180.349465][ T8407] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 180.349510][ T8407] should_failslab+0xc2/0x120 [ 180.349536][ T8407] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 180.349576][ T8407] ? net_generic+0xea/0x2a0 [ 180.349602][ T8407] ? mptcp_net_init+0x29c/0x620 [ 180.349636][ T8407] kmemdup_noprof+0x29/0x60 [ 180.349674][ T8407] mptcp_net_init+0x29c/0x620 [ 180.349711][ T8407] ? __pfx_mptcp_net_init+0x10/0x10 [ 180.349740][ T8407] ops_init+0x1e2/0x5f0 [ 180.349789][ T8407] setup_net+0x1ff/0x510 [ 180.349826][ T8407] ? lockdep_init_map_type+0x5c/0x280 [ 180.349861][ T8407] ? __pfx_setup_net+0x10/0x10 [ 180.349901][ T8407] ? debug_mutex_init+0x37/0x70 [ 180.349932][ T8407] copy_net_ns+0x2a6/0x5f0 [ 180.349961][ T8407] create_new_namespaces+0x3ea/0xa90 [ 180.349999][ T8407] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 180.350032][ T8407] ksys_unshare+0x45b/0xa40 [ 180.350067][ T8407] ? __pfx_ksys_unshare+0x10/0x10 [ 180.350115][ T8407] __x64_sys_unshare+0x31/0x40 [ 180.350148][ T8407] do_syscall_64+0xcd/0x490 [ 180.350188][ T8407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.350213][ T8407] RIP: 0033:0x7fef56d8e929 [ 180.350235][ T8407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.350258][ T8407] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 180.350283][ T8407] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 180.350300][ T8407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 180.350316][ T8407] RBP: 00007fef56e10ca1 R08: 0000000000000000 R09: 0000000000000000 [ 180.350332][ T8407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.350347][ T8407] R13: 0000000000000000 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 180.350382][ T8407] [ 182.316520][ T8472] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 182.518174][ T8484] 0x000200000001-0xa29656a63616329 : "" [ 182.539872][ T8484] mtd: partition "" is out of reach -- disabled [ 182.663603][ T8484] ftl_cs: FTL header not found. [ 184.705536][ T8578] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 185.211356][ T8605] binder: 8604:8605 ioctl 400c620e 0 returned -22 [ 185.827251][ T8659] netlink: 28 bytes leftover after parsing attributes in process `syz.1.332'. [ 185.845220][ T8658] netlink: 4 bytes leftover after parsing attributes in process `syz.0.331'. [ 185.859212][ T8658] binder: 8649:8658 ioctl 400c620e 0 returned -22 [ 186.086928][ T8672] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 186.539705][ T8721] openvswitch: netlink: IPv4 tunnel dst address is zero [ 186.980798][ T8713] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 187.586845][ T8720] kexec: Could not allocate control_code_buffer [ 190.118229][ T8934] random: crng reseeded on system resumption [ 192.419336][ T9027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.357'. [ 192.478151][ T9027] binder: 9025:9027 ioctl 400c620e 0 returned -22 [ 192.934559][ T9052] Process accounting resumed [ 192.951591][ T9049] 0x000200000001-0xa29656a63616329 : "" [ 192.957619][ T9049] mtd: partition "" is out of reach -- disabled [ 192.967487][ T9049] ftl_cs: FTL header not found. [ 193.807709][ T9094] FAULT_INJECTION: forcing a failure. [ 193.807709][ T9094] name failslab, interval 1, probability 0, space 0, times 0 [ 193.853828][ T9094] CPU: 1 UID: 0 PID: 9094 Comm: syz.3.363 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 193.853849][ T9094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 193.853857][ T9094] Call Trace: [ 193.853862][ T9094] [ 193.853868][ T9094] dump_stack_lvl+0x16c/0x1f0 [ 193.853893][ T9094] should_fail_ex+0x512/0x640 [ 193.853912][ T9094] ? fs_reclaim_acquire+0xae/0x150 [ 193.853930][ T9094] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 193.853948][ T9094] should_failslab+0xc2/0x120 [ 193.853961][ T9094] __kmalloc_noprof+0xd2/0x510 [ 193.853986][ T9094] tomoyo_realpath_from_path+0xc2/0x6e0 [ 193.854006][ T9094] ? tomoyo_profile+0x47/0x60 [ 193.854028][ T9094] tomoyo_path_number_perm+0x245/0x580 [ 193.854043][ T9094] ? tomoyo_path_number_perm+0x237/0x580 [ 193.854060][ T9094] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 193.854094][ T9094] ? _raw_spin_unlock+0x28/0x50 [ 193.854111][ T9094] ? d_add+0x47a/0x780 [ 193.854123][ T9094] ? current_check_access_path+0x33c/0x460 [ 193.854141][ T9094] ? __pfx_current_check_access_path+0x10/0x10 [ 193.854156][ T9094] ? simple_lookup+0x12c/0x180 [ 193.854174][ T9094] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 193.854188][ T9094] ? lookup_dcache+0x66/0x170 [ 193.854205][ T9094] tomoyo_path_mknod+0x10c/0x190 [ 193.854226][ T9094] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 193.854248][ T9094] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 193.854271][ T9094] security_path_mknod+0x161/0x310 [ 193.854289][ T9094] do_mknodat+0x239/0x5d0 [ 193.854309][ T9094] ? __pfx_do_mknodat+0x10/0x10 [ 193.854327][ T9094] ? getname_flags.part.0+0x1c5/0x550 [ 193.854346][ T9094] __x64_sys_mknod+0x87/0xb0 [ 193.854365][ T9094] do_syscall_64+0xcd/0x490 [ 193.854394][ T9094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.854408][ T9094] RIP: 0033:0x7fef56d8e929 [ 193.854419][ T9094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.854431][ T9094] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 193.854445][ T9094] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 193.854454][ T9094] RDX: 00000000fffffffa RSI: 00000000000000cb RDI: 0000200000000080 [ 193.854462][ T9094] RBP: 00007fef57b86090 R08: 0000000000000000 R09: 0000000000000000 [ 193.854470][ T9094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 193.854478][ T9094] R13: 0000000000000000 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 193.854496][ T9094] [ 193.854502][ T9094] ERROR: Out of memory at tomoyo_realpath_from_path. [ 194.219743][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.257394][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.304370][ T9216] netlink: 252 bytes leftover after parsing attributes in process `syz.2.372'. [ 196.344992][ T9216] unsupported nla_type 65535 [ 196.490119][ T9243] netlink: 4 bytes leftover after parsing attributes in process `syz.0.374'. [ 196.606632][ T9252] binder: 9242:9252 ioctl 400c620e 0 returned -22 [ 199.131196][ T9388] FAULT_INJECTION: forcing a failure. [ 199.131196][ T9388] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 199.131269][ T9388] CPU: 0 UID: 0 PID: 9388 Comm: syz.1.382 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 199.131300][ T9388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.131314][ T9388] Call Trace: [ 199.131322][ T9388] [ 199.131331][ T9388] dump_stack_lvl+0x16c/0x1f0 [ 199.131371][ T9388] should_fail_ex+0x512/0x640 [ 199.131409][ T9388] _copy_to_user+0x32/0xd0 [ 199.131448][ T9388] simple_read_from_buffer+0xcb/0x170 [ 199.131482][ T9388] proc_fail_nth_read+0x197/0x270 [ 199.131513][ T9388] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 199.131543][ T9388] ? rw_verify_area+0xcf/0x680 [ 199.131572][ T9388] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 199.131598][ T9388] vfs_read+0x1e4/0xc60 [ 199.131632][ T9388] ? __pfx___mutex_lock+0x10/0x10 [ 199.131666][ T9388] ? __pfx_vfs_read+0x10/0x10 [ 199.131709][ T9388] ? __fget_files+0x20e/0x3c0 [ 199.131751][ T9388] ksys_read+0x12a/0x250 [ 199.131783][ T9388] ? __pfx_ksys_read+0x10/0x10 [ 199.131828][ T9388] do_syscall_64+0xcd/0x490 [ 199.131865][ T9388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.131889][ T9388] RIP: 0033:0x7f886b18d33c [ 199.131908][ T9388] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 199.131929][ T9388] RSP: 002b:00007f886c012030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 199.131952][ T9388] RAX: ffffffffffffffda RBX: 00007f886b3b6160 RCX: 00007f886b18d33c [ 199.131969][ T9388] RDX: 000000000000000f RSI: 00007f886c0120a0 RDI: 0000000000000006 [ 199.131983][ T9388] RBP: 00007f886c012090 R08: 0000000000000000 R09: 0000000000000000 [ 199.131998][ T9388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.132012][ T9388] R13: 0000000000000001 R14: 00007f886b3b6160 R15: 00007fff7aa02928 [ 199.132045][ T9388] [ 199.811498][ T9373] tty tty1: ldisc open failed (-12), clearing slot 0 [ 199.887520][ T9417] tty tty1: ldisc open failed (-12), clearing slot 0 [ 201.297126][ T9545] FAULT_INJECTION: forcing a failure. [ 201.297126][ T9545] name failslab, interval 1, probability 0, space 0, times 0 [ 201.368652][ T9545] CPU: 1 UID: 0 PID: 9545 Comm: syz.0.392 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 201.368687][ T9545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 201.368706][ T9545] Call Trace: [ 201.368713][ T9545] [ 201.368721][ T9545] dump_stack_lvl+0x16c/0x1f0 [ 201.368761][ T9545] should_fail_ex+0x512/0x640 [ 201.368793][ T9545] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 201.368831][ T9545] should_failslab+0xc2/0x120 [ 201.368853][ T9545] __kmalloc_cache_node_noprof+0x6d/0x420 [ 201.368886][ T9545] ? lockdep_init_map_type+0x5c/0x280 [ 201.368917][ T9545] ? __alloc_workqueue+0x506/0x1810 [ 201.368951][ T9545] __alloc_workqueue+0x506/0x1810 [ 201.368987][ T9545] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 201.369023][ T9545] alloc_workqueue+0xd2/0x200 [ 201.369052][ T9545] ? __pfx_alloc_workqueue+0x10/0x10 [ 201.369092][ T9545] ? __pfx___debug_object_init+0x10/0x10 [ 201.369126][ T9545] nci_register_device+0x394/0xb80 [ 201.369159][ T9545] ? __pfx_nci_register_device+0x10/0x10 [ 201.369195][ T9545] ? lockdep_init_map_type+0x5c/0x280 [ 201.369235][ T9545] virtual_ncidev_open+0x141/0x220 [ 201.369265][ T9545] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 201.369293][ T9545] misc_open+0x35d/0x420 [ 201.369325][ T9545] ? __pfx_misc_open+0x10/0x10 [ 201.369351][ T9545] chrdev_open+0x231/0x6a0 [ 201.369384][ T9545] ? __pfx_apparmor_file_open+0x10/0x10 [ 201.369414][ T9545] ? __pfx_chrdev_open+0x10/0x10 [ 201.369452][ T9545] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 201.369490][ T9545] do_dentry_open+0x744/0x1c10 [ 201.369524][ T9545] ? __pfx_chrdev_open+0x10/0x10 [ 201.369566][ T9545] vfs_open+0x82/0x3f0 [ 201.369595][ T9545] path_openat+0x1de4/0x2cb0 [ 201.369641][ T9545] ? __pfx_path_openat+0x10/0x10 [ 201.369675][ T9545] ? __lock_acquire+0xb8a/0x1c90 [ 201.369718][ T9545] do_filp_open+0x20b/0x470 [ 201.369753][ T9545] ? __pfx_do_filp_open+0x10/0x10 [ 201.369813][ T9545] ? alloc_fd+0x471/0x7d0 [ 201.369851][ T9545] do_sys_openat2+0x11b/0x1d0 [ 201.369877][ T9545] ? __pfx_do_sys_openat2+0x10/0x10 [ 201.369907][ T9545] ? __fget_files+0x20e/0x3c0 [ 201.369945][ T9545] __x64_sys_openat+0x174/0x210 [ 201.369971][ T9545] ? __pfx___x64_sys_openat+0x10/0x10 [ 201.369997][ T9545] ? ksys_write+0x1ac/0x250 [ 201.370040][ T9545] do_syscall_64+0xcd/0x490 [ 201.370074][ T9545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.370097][ T9545] RIP: 0033:0x7f053458e929 [ 201.370118][ T9545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.370139][ T9545] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 201.370161][ T9545] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 201.370177][ T9545] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 201.370192][ T9545] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 201.370206][ T9545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 201.370219][ T9545] R13: 0000000000000001 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 201.370253][ T9545] [ 201.774366][ T9529] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 202.275496][ T9591] netlink: 8 bytes leftover after parsing attributes in process `syz.2.396'. [ 203.174321][ T9601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78800 [ 203.201746][ T9601] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 203.215805][ T9601] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 203.248164][ T9601] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 203.257670][ T9601] page dumped because: unmovable page [ 203.263151][ T9601] page_owner tracks the page as allocated [ 203.283465][ T9601] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5834, tgid 5834 (syz-executor), ts 81300427746, free_ts 79627002657 [ 203.385657][ T9601] post_alloc_hook+0x1c0/0x230 [ 203.399090][ T9601] get_page_from_freelist+0x1321/0x3890 [ 203.415590][ T9601] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 203.430634][ T9601] alloc_pages_mpol+0x1fb/0x550 [ 203.445322][ T9601] alloc_pages_noprof+0x131/0x390 [ 203.455451][ T9601] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 203.461446][ T9601] __vmalloc_node_noprof+0xad/0xf0 [ 203.466917][ T9601] __do_sys_swapon+0x1720/0x3ab0 [ 203.471921][ T9601] do_syscall_64+0xcd/0x490 [ 203.476817][ T9601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.483015][ T9601] page last free pid 5835 tgid 5835 stack trace: [ 203.489845][ T9601] __free_frozen_pages+0x7fe/0x1180 [ 203.495759][ T9601] tlb_finish_mmu+0x237/0x7c0 [ 203.500495][ T9601] exit_mmap+0x403/0xb90 [ 203.505128][ T9601] __mmput+0x12a/0x410 [ 203.509444][ T9601] mmput+0x62/0x70 [ 203.513220][ T9601] do_exit+0x7c4/0x2bd0 [ 203.517807][ T9601] do_group_exit+0xd3/0x2a0 [ 203.522488][ T9601] get_signal+0x2673/0x26d0 [ 203.528433][ T9601] arch_do_signal_or_restart+0x8f/0x790 [ 203.536699][ T9601] exit_to_user_mode_loop+0x84/0x110 [ 203.543086][ T9601] do_syscall_64+0x3f6/0x490 [ 203.548226][ T9601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.272024][ T9766] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 204.696753][ T9776] FAULT_INJECTION: forcing a failure. [ 204.696753][ T9776] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 204.842548][ T9776] CPU: 0 UID: 0 PID: 9776 Comm: syz.0.405 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 204.842569][ T9776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 204.842577][ T9776] Call Trace: [ 204.842582][ T9776] [ 204.842588][ T9776] dump_stack_lvl+0x16c/0x1f0 [ 204.842612][ T9776] should_fail_ex+0x512/0x640 [ 204.842635][ T9776] should_fail_alloc_page+0xe7/0x130 [ 204.842650][ T9776] prepare_alloc_pages+0x3c2/0x610 [ 204.842677][ T9776] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 204.842699][ T9776] ? __lock_acquire+0xb8a/0x1c90 [ 204.842725][ T9776] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 204.842745][ T9776] ? do_raw_spin_lock+0x12c/0x2b0 [ 204.842765][ T9776] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 204.842786][ T9776] ? find_held_lock+0x2b/0x80 [ 204.842805][ T9776] ? __lock_acquire+0xb8a/0x1c90 [ 204.842823][ T9776] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 204.842844][ T9776] ? policy_nodemask+0xea/0x4e0 [ 204.842859][ T9776] alloc_pages_mpol+0x1fb/0x550 [ 204.842873][ T9776] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 204.842891][ T9776] folio_alloc_mpol_noprof+0x36/0x2f0 [ 204.842908][ T9776] shmem_alloc_folio+0x135/0x160 [ 204.842925][ T9776] shmem_alloc_and_add_folio+0x499/0xc20 [ 204.842948][ T9776] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 204.842969][ T9776] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 204.842991][ T9776] shmem_get_folio_gfp+0x67f/0x1600 [ 204.843014][ T9776] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 204.843035][ T9776] ? __lock_acquire+0x622/0x1c90 [ 204.843055][ T9776] shmem_fault+0x1fe/0xa30 [ 204.843074][ T9776] ? __pfx_shmem_fault+0x10/0x10 [ 204.843103][ T9776] __do_fault+0x10a/0x490 [ 204.843123][ T9776] ? __pfx_filemap_map_pages+0x10/0x10 [ 204.843144][ T9776] __handle_mm_fault+0x374c/0x5490 [ 204.843167][ T9776] ? __pfx___handle_mm_fault+0x10/0x10 [ 204.843183][ T9776] ? __pfx_mt_find+0x10/0x10 [ 204.843206][ T9776] ? find_vma+0xbf/0x140 [ 204.843219][ T9776] ? __pfx_find_vma+0x10/0x10 [ 204.843234][ T9776] handle_mm_fault+0x589/0xd10 [ 204.843252][ T9776] ? __pkru_allows_pkey+0x51/0xb0 [ 204.843272][ T9776] do_user_addr_fault+0x7a6/0x1370 [ 204.843293][ T9776] ? rcu_is_watching+0x12/0xc0 [ 204.843310][ T9776] exc_page_fault+0x5c/0xb0 [ 204.843329][ T9776] asm_exc_page_fault+0x26/0x30 [ 204.843342][ T9776] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 204.843358][ T9776] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 204.843377][ T9776] RSP: 0018:ffffc900035b7e80 EFLAGS: 00050206 [ 204.843395][ T9776] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 204.843408][ T9776] RDX: 0000000000000000 RSI: ffff888029057000 RDI: 0000000000002000 [ 204.843421][ T9776] RBP: 0000000000002000 R08: 0000000000000000 R09: ffffed100520afff [ 204.843434][ T9776] R10: ffff888029057fff R11: 0000000000000000 R12: ffff888029057000 [ 204.843447][ T9776] R13: 0000000000003000 R14: 00007ffffffff000 R15: 0000000000000000 [ 204.843478][ T9776] _copy_to_user+0xbb/0xd0 [ 204.843514][ T9776] __do_sys_mincore+0x28e/0x620 [ 204.843543][ T9776] do_syscall_64+0xcd/0x490 [ 204.843564][ T9776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.843577][ T9776] RIP: 0033:0x7f053458e929 [ 204.843588][ T9776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.843600][ T9776] RSP: 002b:00007f0535317038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 204.843612][ T9776] RAX: ffffffffffffffda RBX: 00007f05347b6080 RCX: 00007f053458e929 [ 204.843621][ T9776] RDX: 0000000000000000 RSI: 0000000004000000 RDI: 0000000000001000 [ 204.843629][ T9776] RBP: 00007f0535317090 R08: 0000000000000000 R09: 0000000000000000 [ 204.843636][ T9776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.843644][ T9776] R13: 0000000000000000 R14: 00007f05347b6080 R15: 00007ffd48868fb8 [ 204.843662][ T9776] [ 205.230404][ C0] vkms_vblank_simulate: vblank timer overrun [ 205.585155][ T9815] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 205.728969][ T9815] FAULT_INJECTION: forcing a failure. [ 205.728969][ T9815] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 205.777382][ T9815] CPU: 0 UID: 0 PID: 9815 Comm: syz.2.407 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 205.777404][ T9815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 205.777412][ T9815] Call Trace: [ 205.777417][ T9815] [ 205.777423][ T9815] dump_stack_lvl+0x16c/0x1f0 [ 205.777448][ T9815] should_fail_ex+0x512/0x640 [ 205.777470][ T9815] should_fail_alloc_page+0xe7/0x130 [ 205.777486][ T9815] prepare_alloc_pages+0x3c2/0x610 [ 205.777505][ T9815] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 205.777525][ T9815] ? register_lock_class+0x41/0x4c0 [ 205.777546][ T9815] ? ima_match_policy+0x7f9/0x22e0 [ 205.777564][ T9815] ? __lock_acquire+0xb8a/0x1c90 [ 205.777584][ T9815] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 205.777611][ T9815] ? __pfx___might_resched+0x10/0x10 [ 205.777628][ T9815] ? find_held_lock+0x2b/0x80 [ 205.777642][ T9815] ? process_measurement+0x4a6/0x23e0 [ 205.777660][ T9815] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 205.777681][ T9815] ? policy_nodemask+0xea/0x4e0 [ 205.777696][ T9815] alloc_pages_mpol+0x1fb/0x550 [ 205.777710][ T9815] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 205.777729][ T9815] alloc_pages_noprof+0x131/0x390 [ 205.777742][ T9815] __pmd_alloc+0x3b/0x930 [ 205.777756][ T9815] ? find_held_lock+0x2b/0x80 [ 205.777771][ T9815] __handle_mm_fault+0xaac/0x5490 [ 205.777795][ T9815] ? __pfx___handle_mm_fault+0x10/0x10 [ 205.777811][ T9815] ? __pfx_mt_find+0x10/0x10 [ 205.777835][ T9815] ? find_vma+0xbf/0x140 [ 205.777848][ T9815] ? __pfx_find_vma+0x10/0x10 [ 205.777863][ T9815] handle_mm_fault+0x589/0xd10 [ 205.777881][ T9815] ? __pkru_allows_pkey+0x51/0xb0 [ 205.777901][ T9815] do_user_addr_fault+0x7a6/0x1370 [ 205.777922][ T9815] ? rcu_is_watching+0x12/0xc0 [ 205.777940][ T9815] exc_page_fault+0x5c/0xb0 [ 205.777958][ T9815] asm_exc_page_fault+0x26/0x30 [ 205.777972][ T9815] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 205.777988][ T9815] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 205.778000][ T9815] RSP: 0018:ffffc90003697ba8 EFLAGS: 00050206 [ 205.778012][ T9815] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 205.778020][ T9815] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88807bf74000 [ 205.778028][ T9815] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100f7ee9ff [ 205.778036][ T9815] R10: ffff88807bf74fff R11: 0000000000000000 R12: ffffc90003697da0 [ 205.778044][ T9815] R13: 0000000000001000 R14: ffff88807bf74000 R15: 00007ffffffff000 [ 205.778063][ T9815] _copy_from_iter+0x383/0x16f0 [ 205.778089][ T9815] ? __pfx__copy_from_iter+0x10/0x10 [ 205.778110][ T9815] ? rcu_is_watching+0x12/0xc0 [ 205.778123][ T9815] ? trace_kmalloc+0x2b/0xd0 [ 205.778136][ T9815] ? __kmalloc_noprof+0x242/0x510 [ 205.778164][ T9815] kernfs_fop_write_iter+0x19a/0x510 [ 205.778182][ T9815] vfs_write+0x6c7/0x1150 [ 205.778202][ T9815] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 205.778217][ T9815] ? __pfx___mutex_lock+0x10/0x10 [ 205.778237][ T9815] ? __pfx_vfs_write+0x10/0x10 [ 205.778268][ T9815] ksys_write+0x12a/0x250 [ 205.778287][ T9815] ? __pfx_ksys_write+0x10/0x10 [ 205.778311][ T9815] do_syscall_64+0xcd/0x490 [ 205.778331][ T9815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.778350][ T9815] RIP: 0033:0x7fd64078e929 [ 205.778361][ T9815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.778373][ T9815] RSP: 002b:00007fd64153f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 205.778385][ T9815] RAX: ffffffffffffffda RBX: 00007fd6409b5fa0 RCX: 00007fd64078e929 [ 205.778393][ T9815] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 205.778401][ T9815] RBP: 00007fd64153f090 R08: 0000000000000000 R09: 0000000000000000 [ 205.778409][ T9815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 205.778416][ T9815] R13: 0000000000000000 R14: 00007fd6409b5fa0 R15: 00007ffce100da38 [ 205.778435][ T9815] [ 206.176863][ C0] vkms_vblank_simulate: vblank timer overrun [ 206.352658][ T9831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.411'. [ 206.364544][ T9831] binder: 9828:9831 ioctl 400c620e 0 returned -22 [ 208.652713][ T9981] netlink: 334 bytes leftover after parsing attributes in process `syz.3.422'. [ 208.998092][ T9986] deleting an unspecified loop device is not supported. [ 209.371037][ T9993] could not allocate digest TFM handle [ 209.443771][T10004] FAULT_INJECTION: forcing a failure. [ 209.443771][T10004] name failslab, interval 1, probability 0, space 0, times 0 [ 209.487333][T10004] CPU: 0 UID: 0 PID: 10004 Comm: syz.1.427 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 209.487370][T10004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 209.487384][T10004] Call Trace: [ 209.487392][T10004] [ 209.487401][T10004] dump_stack_lvl+0x16c/0x1f0 [ 209.487441][T10004] should_fail_ex+0x512/0x640 [ 209.487474][T10004] ? fs_reclaim_acquire+0xae/0x150 [ 209.487505][T10004] ? tomoyo_encode2+0x100/0x3e0 [ 209.487534][T10004] should_failslab+0xc2/0x120 [ 209.487559][T10004] __kmalloc_noprof+0xd2/0x510 [ 209.487592][T10004] ? d_absolute_path+0x136/0x1a0 [ 209.487623][T10004] tomoyo_encode2+0x100/0x3e0 [ 209.487660][T10004] tomoyo_encode+0x29/0x50 [ 209.487689][T10004] tomoyo_realpath_from_path+0x18f/0x6e0 [ 209.487732][T10004] tomoyo_path_number_perm+0x245/0x580 [ 209.487760][T10004] ? tomoyo_path_number_perm+0x237/0x580 [ 209.487790][T10004] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 209.487821][T10004] ? find_held_lock+0x2b/0x80 [ 209.487878][T10004] ? find_held_lock+0x2b/0x80 [ 209.487903][T10004] ? hook_file_ioctl_common+0x145/0x410 [ 209.487937][T10004] ? __fget_files+0x20e/0x3c0 [ 209.487981][T10004] security_file_ioctl+0x9b/0x240 [ 209.488020][T10004] __x64_sys_ioctl+0xb7/0x210 [ 209.488051][T10004] do_syscall_64+0xcd/0x490 [ 209.488089][T10004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.488114][T10004] RIP: 0033:0x7f886b18e929 [ 209.488134][T10004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.488155][T10004] RSP: 002b:00007f886c054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 209.488178][T10004] RAX: ffffffffffffffda RBX: 00007f886b3b5fa0 RCX: 00007f886b18e929 [ 209.488194][T10004] RDX: 00002000000001c0 RSI: fffffff7effffd05 RDI: 0000000000000003 [ 209.488209][T10004] RBP: 00007f886c054090 R08: 0000000000000000 R09: 0000000000000000 [ 209.488224][T10004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 209.488238][T10004] R13: 0000000000000000 R14: 00007f886b3b5fa0 R15: 00007fff7aa02928 [ 209.488270][T10004] [ 209.488295][T10004] ERROR: Out of memory at tomoyo_realpath_from_path. [ 209.732477][T10004] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 210.128159][T10044] netlink: 8 bytes leftover after parsing attributes in process `syz.1.428'. [ 213.971935][T10178] netlink: 8 bytes leftover after parsing attributes in process `syz.2.441'. [ 214.007311][T10180] FAULT_INJECTION: forcing a failure. [ 214.007311][T10180] name failslab, interval 1, probability 0, space 0, times 0 [ 214.079476][T10180] CPU: 1 UID: 0 PID: 10180 Comm: syz.0.442 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 214.079513][T10180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 214.079526][T10180] Call Trace: [ 214.079534][T10180] [ 214.079544][T10180] dump_stack_lvl+0x16c/0x1f0 [ 214.079583][T10180] should_fail_ex+0x512/0x640 [ 214.079616][T10180] ? __kmalloc_noprof+0xbf/0x510 [ 214.079652][T10180] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 214.079682][T10180] should_failslab+0xc2/0x120 [ 214.079702][T10180] __kmalloc_noprof+0xd2/0x510 [ 214.079733][T10180] ? __pfx___mutex_trylock_common+0x10/0x10 [ 214.079775][T10180] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 214.079814][T10180] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 214.079845][T10180] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 214.079873][T10180] ? genl_get_cmd+0x194/0x580 [ 214.079911][T10180] ? __radix_tree_lookup+0x21f/0x2c0 [ 214.079955][T10180] genl_rcv_msg+0x55c/0x800 [ 214.079988][T10180] ? __pfx_genl_rcv_msg+0x10/0x10 [ 214.080017][T10180] ? __pfx_tipc_nl_bearer_enable+0x10/0x10 [ 214.080056][T10180] ? __lock_acquire+0x622/0x1c90 [ 214.080093][T10180] netlink_rcv_skb+0x155/0x420 [ 214.080118][T10180] ? __pfx_genl_rcv_msg+0x10/0x10 [ 214.080148][T10180] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 214.080188][T10180] ? netlink_deliver_tap+0x1ae/0xd30 [ 214.080224][T10180] ? is_vmalloc_addr+0x86/0xa0 [ 214.080262][T10180] genl_rcv+0x28/0x40 [ 214.080286][T10180] netlink_unicast+0x58d/0x850 [ 214.080316][T10180] ? __pfx_netlink_unicast+0x10/0x10 [ 214.080338][T10180] ? __build_skb_around+0x278/0x3b0 [ 214.080369][T10180] ? is_vmalloc_addr+0x86/0xa0 [ 214.080406][T10180] netlink_sendmsg+0x8d1/0xdd0 [ 214.080438][T10180] ? __pfx_netlink_sendmsg+0x10/0x10 [ 214.080477][T10180] ____sys_sendmsg+0xa95/0xc70 [ 214.080508][T10180] ? copy_msghdr_from_user+0x10a/0x160 [ 214.080542][T10180] ? __pfx_____sys_sendmsg+0x10/0x10 [ 214.080586][T10180] ___sys_sendmsg+0x134/0x1d0 [ 214.080622][T10180] ? __pfx____sys_sendmsg+0x10/0x10 [ 214.080652][T10180] ? __lock_acquire+0x622/0x1c90 [ 214.080729][T10180] __sys_sendmsg+0x16d/0x220 [ 214.080764][T10180] ? __pfx___sys_sendmsg+0x10/0x10 [ 214.080824][T10180] do_syscall_64+0xcd/0x490 [ 214.080862][T10180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.080886][T10180] RIP: 0033:0x7f053458e929 [ 214.080905][T10180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.080927][T10180] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 214.080955][T10180] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 214.080971][T10180] RDX: 0000000024040004 RSI: 0000200000003a80 RDI: 0000000000000004 [ 214.080986][T10180] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 214.081000][T10180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 214.081014][T10180] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 214.081048][T10180] [ 216.138220][T10239] ubi0: attaching mtd0 [ 216.160907][T10239] ubi0: scanning is finished [ 216.541038][T10239] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 216.564353][T10239] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 216.573767][T10239] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 216.600621][T10239] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 216.617470][T10239] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 216.643350][T10239] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 216.775362][T10239] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1564086702 [ 216.797650][T10239] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 216.928232][T10275] ubi0: detaching mtd0 [ 216.928432][T10283] ubi0: background thread "ubi_bgt0d" started, PID 10283 [ 216.984055][T10275] ubi0: mtd0 is detached [ 217.184169][T10300] netlink: 338 bytes leftover after parsing attributes in process `syz.1.450'. [ 217.243624][T10300] netlink: 338 bytes leftover after parsing attributes in process `syz.1.450'. [ 217.354822][T10303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.450'. [ 217.467518][T10303] sock: sock_timestamping_bind_phc: sock not bind to device [ 217.866072][T10312] vhci_hcd: invalid port number 16 [ 217.931363][T10312] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 218.734998][T10335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.457'. [ 219.381634][T10364] bridge0: port 3(vlan1) entered blocking state [ 219.454057][T10364] bridge0: port 3(vlan1) entered disabled state [ 219.493944][T10364] vlan1: entered allmulticast mode [ 219.505478][T10364] veth0_vlan: entered allmulticast mode [ 219.524644][T10364] vlan1: entered promiscuous mode [ 219.525328][T10364] bridge0: port 3(vlan1) entered blocking state [ 219.525409][T10364] bridge0: port 3(vlan1) entered forwarding state [ 220.871493][T10394] FAULT_INJECTION: forcing a failure. [ 220.871493][T10394] name failslab, interval 1, probability 0, space 0, times 0 [ 220.925920][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.2.462 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 220.925955][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 220.925969][T10394] Call Trace: [ 220.925977][T10394] [ 220.925987][T10394] dump_stack_lvl+0x16c/0x1f0 [ 220.926028][T10394] should_fail_ex+0x512/0x640 [ 220.926061][T10394] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 220.926095][T10394] should_failslab+0xc2/0x120 [ 220.926119][T10394] __kmalloc_cache_node_noprof+0x6d/0x420 [ 220.926153][T10394] ? lockdep_init_map_type+0x5c/0x280 [ 220.926185][T10394] ? __alloc_workqueue+0x694/0x1810 [ 220.926221][T10394] __alloc_workqueue+0x694/0x1810 [ 220.926263][T10394] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 220.926299][T10394] alloc_workqueue+0xd2/0x200 [ 220.926328][T10394] ? __pfx_alloc_workqueue+0x10/0x10 [ 220.926368][T10394] ? __pfx___debug_object_init+0x10/0x10 [ 220.926404][T10394] nci_register_device+0x394/0xb80 [ 220.926438][T10394] ? __pfx_nci_register_device+0x10/0x10 [ 220.926474][T10394] ? lockdep_init_map_type+0x5c/0x280 [ 220.926512][T10394] virtual_ncidev_open+0x141/0x220 [ 220.926543][T10394] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 220.926572][T10394] misc_open+0x35d/0x420 [ 220.926599][T10394] ? __pfx_misc_open+0x10/0x10 [ 220.926628][T10394] chrdev_open+0x231/0x6a0 [ 220.926662][T10394] ? __pfx_apparmor_file_open+0x10/0x10 [ 220.926693][T10394] ? __pfx_chrdev_open+0x10/0x10 [ 220.926731][T10394] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 220.926767][T10394] do_dentry_open+0x744/0x1c10 [ 220.926799][T10394] ? __pfx_chrdev_open+0x10/0x10 [ 220.926836][T10394] vfs_open+0x82/0x3f0 [ 220.926866][T10394] path_openat+0x1de4/0x2cb0 [ 220.926908][T10394] ? __pfx_path_openat+0x10/0x10 [ 220.926944][T10394] ? __lock_acquire+0xb8a/0x1c90 [ 220.926980][T10394] do_filp_open+0x20b/0x470 [ 220.927013][T10394] ? __pfx_do_filp_open+0x10/0x10 [ 220.927072][T10394] ? alloc_fd+0x471/0x7d0 [ 220.927115][T10394] do_sys_openat2+0x11b/0x1d0 [ 220.927141][T10394] ? __pfx_do_sys_openat2+0x10/0x10 [ 220.927171][T10394] ? __fget_files+0x20e/0x3c0 [ 220.927210][T10394] __x64_sys_openat+0x174/0x210 [ 220.927238][T10394] ? __pfx___x64_sys_openat+0x10/0x10 [ 220.927270][T10394] ? ksys_write+0x1ac/0x250 [ 220.927315][T10394] do_syscall_64+0xcd/0x490 [ 220.927353][T10394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.927377][T10394] RIP: 0033:0x7fd64078e929 [ 220.927397][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.927418][T10394] RSP: 002b:00007fd64153f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 220.927440][T10394] RAX: ffffffffffffffda RBX: 00007fd6409b5fa0 RCX: 00007fd64078e929 [ 220.927456][T10394] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 220.927471][T10394] RBP: 00007fd64153f090 R08: 0000000000000000 R09: 0000000000000000 [ 220.927485][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 220.927498][T10394] R13: 0000000000000001 R14: 00007fd6409b5fa0 R15: 00007ffce100da38 [ 220.927531][T10394] [ 221.237921][ C0] vkms_vblank_simulate: vblank timer overrun [ 221.284897][T10388] could not allocate digest TFM handle [ 222.144567][T10444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.466'. [ 223.734619][T10500] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 223.857445][T10483] Process accounting paused [ 224.050523][T10518] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 224.106450][T10521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.470'. [ 226.403709][T10635] netlink: 28 bytes leftover after parsing attributes in process `syz.3.476'. [ 227.066406][T10658] FAULT_INJECTION: forcing a failure. [ 227.066406][T10658] name failslab, interval 1, probability 0, space 0, times 0 [ 227.116749][T10658] CPU: 1 UID: 0 PID: 10658 Comm: syz.3.481 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 227.116785][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 227.116799][T10658] Call Trace: [ 227.116807][T10658] [ 227.116816][T10658] dump_stack_lvl+0x16c/0x1f0 [ 227.116857][T10658] should_fail_ex+0x512/0x640 [ 227.116890][T10658] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 227.116926][T10658] should_failslab+0xc2/0x120 [ 227.116949][T10658] __kmalloc_cache_noprof+0x6a/0x3e0 [ 227.116981][T10658] ? copy_net_ns+0x135/0x5f0 [ 227.117011][T10658] copy_net_ns+0x135/0x5f0 [ 227.117033][T10658] ? copy_cgroup_ns+0x71/0x700 [ 227.117062][T10658] create_new_namespaces+0x3ea/0xa90 [ 227.117098][T10658] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 227.117129][T10658] ksys_unshare+0x45b/0xa40 [ 227.117163][T10658] ? __pfx_ksys_unshare+0x10/0x10 [ 227.117195][T10658] ? ksys_write+0x1ac/0x250 [ 227.117241][T10658] __x64_sys_unshare+0x31/0x40 [ 227.117272][T10658] do_syscall_64+0xcd/0x490 [ 227.117309][T10658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.117333][T10658] RIP: 0033:0x7fef56d8e929 [ 227.117352][T10658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.117373][T10658] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 227.117396][T10658] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 227.117412][T10658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 227.117426][T10658] RBP: 00007fef57b86090 R08: 0000000000000000 R09: 0000000000000000 [ 227.117440][T10658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.117453][T10658] R13: 0000000000000000 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 227.117485][T10658] [ 227.941488][T10694] FAULT_INJECTION: forcing a failure. [ 227.941488][T10694] name failslab, interval 1, probability 0, space 0, times 0 [ 227.983808][T10694] CPU: 0 UID: 0 PID: 10694 Comm: syz.2.484 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 227.983841][T10694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 227.983853][T10694] Call Trace: [ 227.983861][T10694] [ 227.983870][T10694] dump_stack_lvl+0x16c/0x1f0 [ 227.983908][T10694] should_fail_ex+0x512/0x640 [ 227.983946][T10694] should_failslab+0xc2/0x120 [ 227.983969][T10694] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 227.984005][T10694] ? zswap_store+0x839/0x25a0 [ 227.984039][T10694] zswap_store+0x839/0x25a0 [ 227.984082][T10694] ? __pfx_zswap_store+0x10/0x10 [ 227.984109][T10694] ? do_raw_spin_lock+0x12c/0x2b0 [ 227.984144][T10694] ? find_held_lock+0x2b/0x80 [ 227.984170][T10694] ? folio_free_swap+0x171/0x580 [ 227.984194][T10694] ? do_raw_spin_unlock+0x172/0x230 [ 227.984214][T10694] ? swp_swap_info+0xce/0x130 [ 227.984238][T10694] ? __pfx_swp_swap_info+0x10/0x10 [ 227.984270][T10694] swap_writeout+0x38e/0xfe0 [ 227.984298][T10694] ? folio_clear_dirty_for_io+0x112/0x810 [ 227.984328][T10694] ? __pfx_swap_writeout+0x10/0x10 [ 227.984357][T10694] pageout+0x38c/0xa50 [ 227.984386][T10694] ? __pfx_pageout+0x10/0x10 [ 227.984466][T10694] ? __pfx_try_to_unmap_one+0x10/0x10 [ 227.984495][T10694] ? __pfx_folio_not_mapped+0x10/0x10 [ 227.984522][T10694] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 227.984560][T10694] ? noop_dirty_folio+0x96/0xb0 [ 227.984588][T10694] shrink_folio_list+0x2f4d/0x3fc0 [ 227.984633][T10694] ? __pfx_shrink_folio_list+0x10/0x10 [ 227.984663][T10694] ? __lock_acquire+0xb00/0x1c90 [ 227.984699][T10694] ? _raw_spin_unlock_irq+0x23/0x50 [ 227.984737][T10694] ? lock_acquire+0x179/0x350 [ 227.984770][T10694] ? find_held_lock+0x2b/0x80 [ 227.984826][T10694] ? __lock_acquire+0x622/0x1c90 [ 227.984866][T10694] ? __lock_acquire+0x622/0x1c90 [ 227.984901][T10694] reclaim_folio_list+0xda/0x5d0 [ 227.984933][T10694] ? css_rstat_updated+0x9d/0xd30 [ 227.984959][T10694] ? __pfx_reclaim_folio_list+0x10/0x10 [ 227.985006][T10694] ? lru_gen_update_size+0x543/0xe10 [ 227.985045][T10694] ? lru_gen_del_folio+0x32b/0x540 [ 227.985077][T10694] reclaim_pages+0x47b/0x650 [ 227.985113][T10694] ? __pfx_reclaim_pages+0x10/0x10 [ 227.985143][T10694] ? find_held_lock+0x2b/0x80 [ 227.985168][T10694] ? madvise_cold_or_pageout_pte_range+0x5fb/0x2180 [ 227.985202][T10694] madvise_cold_or_pageout_pte_range+0x1437/0x2180 [ 227.985246][T10694] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 227.985276][T10694] ? __lock_acquire+0x622/0x1c90 [ 227.985317][T10694] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 227.985346][T10694] walk_pgd_range+0xc56/0x1f60 [ 227.985414][T10694] ? __pfx_walk_pgd_range+0x10/0x10 [ 227.985454][T10694] ? folios_put_refs+0x5ce/0x740 [ 227.985494][T10694] __walk_page_range+0x163/0x820 [ 227.985532][T10694] ? find_vma+0xbf/0x140 [ 227.985556][T10694] ? __pfx_find_vma+0x10/0x10 [ 227.985583][T10694] ? walk_page_test+0x9b/0x180 [ 227.985620][T10694] walk_page_range_mm+0x54d/0x8a0 [ 227.985660][T10694] ? __pfx_walk_page_range_mm+0x10/0x10 [ 227.985702][T10694] ? find_held_lock+0x2b/0x80 [ 227.985727][T10694] ? mlock_drain_local+0x22d/0x4f0 [ 227.985766][T10694] walk_page_range+0x63/0x90 [ 227.985804][T10694] madvise_pageout+0x254/0x540 [ 227.985832][T10694] ? __pfx_madvise_pageout+0x10/0x10 [ 227.985875][T10694] ? find_held_lock+0x2b/0x80 [ 227.985897][T10694] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 227.985938][T10694] madvise_vma_behavior+0x460/0x2420 [ 227.985965][T10694] ? mt_find+0x3ef/0xa30 [ 227.985987][T10694] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 227.986013][T10694] ? __pfx_mt_find+0x10/0x10 [ 227.986043][T10694] ? find_vma_prev+0xda/0x160 [ 227.986079][T10694] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 227.986103][T10694] ? find_vma+0xbf/0x140 [ 227.986126][T10694] ? __pfx_find_vma+0x10/0x10 [ 227.986159][T10694] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 227.986184][T10694] madvise_walk_vmas+0x1ce/0x2c0 [ 227.986211][T10694] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 227.986246][T10694] madvise_do_behavior+0x15d/0x3f0 [ 227.986277][T10694] ? __pfx_madvise_do_behavior+0x10/0x10 [ 227.986325][T10694] do_madvise+0x161/0x230 [ 227.986351][T10694] ? __pfx_do_madvise+0x10/0x10 [ 227.986393][T10694] ? ksys_write+0x1ac/0x250 [ 227.986430][T10694] ? __pfx_ksys_write+0x10/0x10 [ 227.986469][T10694] __x64_sys_madvise+0xa9/0x110 [ 227.986494][T10694] ? lockdep_hardirqs_on+0x7c/0x110 [ 227.986527][T10694] do_syscall_64+0xcd/0x490 [ 227.986564][T10694] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.986589][T10694] RIP: 0033:0x7fd64078e929 [ 227.986608][T10694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.986630][T10694] RSP: 002b:00007fd64153f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 227.986653][T10694] RAX: ffffffffffffffda RBX: 00007fd6409b5fa0 RCX: 00007fd64078e929 [ 227.986668][T10694] RDX: 0000000000000015 RSI: ffffffffffff0001 RDI: 0000000000000000 [ 227.986683][T10694] RBP: 00007fd64153f090 R08: 0000000000000000 R09: 0000000000000000 [ 227.986696][T10694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.986710][T10694] R13: 0000000000000000 R14: 00007fd6409b5fa0 R15: 00007ffce100da38 [ 227.986744][T10694] [ 231.913841][T10826] FAULT_INJECTION: forcing a failure. [ 231.913841][T10826] name failslab, interval 1, probability 0, space 0, times 0 [ 231.945955][T10826] CPU: 1 UID: 0 PID: 10826 Comm: syz.0.496 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 231.945990][T10826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 231.946004][T10826] Call Trace: [ 231.946011][T10826] [ 231.946021][T10826] dump_stack_lvl+0x16c/0x1f0 [ 231.946061][T10826] should_fail_ex+0x512/0x640 [ 231.946101][T10826] ? __kmalloc_noprof+0xbf/0x510 [ 231.946138][T10826] ? lsm_blob_alloc+0x68/0x90 [ 231.946171][T10826] should_failslab+0xc2/0x120 [ 231.946194][T10826] __kmalloc_noprof+0xd2/0x510 [ 231.946236][T10826] lsm_blob_alloc+0x68/0x90 [ 231.946271][T10826] security_sk_alloc+0x30/0x270 [ 231.946299][T10826] sk_prot_alloc+0x1c7/0x2a0 [ 231.946327][T10826] sk_alloc+0x36/0xc20 [ 231.946359][T10826] __netlink_create+0x5e/0x2c0 [ 231.946390][T10826] ? __wake_up+0x3f/0x60 [ 231.946419][T10826] netlink_create+0x39e/0x620 [ 231.946452][T10826] ? __pfx_genl_bind+0x10/0x10 [ 231.946475][T10826] ? __pfx_genl_unbind+0x10/0x10 [ 231.946498][T10826] ? __pfx_genl_release+0x10/0x10 [ 231.946528][T10826] __sock_create+0x338/0x8d0 [ 231.946562][T10826] __sys_socket+0x14d/0x260 [ 231.946589][T10826] ? __pfx___sys_socket+0x10/0x10 [ 231.946618][T10826] ? do_user_addr_fault+0x843/0x1370 [ 231.946657][T10826] __x64_sys_socket+0x72/0xb0 [ 231.946682][T10826] ? lockdep_hardirqs_on+0x7c/0x110 [ 231.946715][T10826] do_syscall_64+0xcd/0x490 [ 231.946750][T10826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.946774][T10826] RIP: 0033:0x7f0534590847 [ 231.946793][T10826] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.946815][T10826] RSP: 002b:00007f0535315fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 231.946837][T10826] RAX: ffffffffffffffda RBX: 00007f05347b6080 RCX: 00007f0534590847 [ 231.946853][T10826] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 231.946867][T10826] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 231.946881][T10826] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000001 [ 231.946894][T10826] R13: 0000000000000000 R14: 00007f05347b6080 R15: 00007ffd48868fb8 [ 231.946927][T10826] [ 232.170976][ C1] vkms_vblank_simulate: vblank timer overrun [ 232.912708][T10868] FAULT_INJECTION: forcing a failure. [ 232.912708][T10868] name failslab, interval 1, probability 0, space 0, times 0 [ 232.989456][T10868] CPU: 0 UID: 0 PID: 10868 Comm: syz.0.499 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 232.989489][T10868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 232.989499][T10868] Call Trace: [ 232.989507][T10868] [ 232.989514][T10868] dump_stack_lvl+0x16c/0x1f0 [ 232.989547][T10868] should_fail_ex+0x512/0x640 [ 232.989572][T10868] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 232.989603][T10868] should_failslab+0xc2/0x120 [ 232.989621][T10868] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 232.989649][T10868] ? shmem_alloc_inode+0x25/0x50 [ 232.989672][T10868] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 232.989689][T10868] shmem_alloc_inode+0x25/0x50 [ 232.989706][T10868] alloc_inode+0x64/0x240 [ 232.989726][T10868] new_inode+0x22/0x1c0 [ 232.989747][T10868] shmem_get_inode+0x19a/0xfb0 [ 232.989774][T10868] shmem_mknod+0x1a8/0x450 [ 232.989799][T10868] vfs_create+0x4e0/0x7a0 [ 232.989825][T10868] do_mknodat+0x3d3/0x5d0 [ 232.989872][T10868] ? __pfx_do_mknodat+0x10/0x10 [ 232.989895][T10868] ? getname_flags.part.0+0x1c5/0x550 [ 232.989922][T10868] __x64_sys_mknod+0x87/0xb0 [ 232.989948][T10868] do_syscall_64+0xcd/0x490 [ 232.989977][T10868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.989996][T10868] RIP: 0033:0x7f053458e929 [ 232.990012][T10868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.990028][T10868] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 232.990047][T10868] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 232.990059][T10868] RDX: 00000000fffffffa RSI: 00000000000000cb RDI: 0000200000000080 [ 232.990071][T10868] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 232.990082][T10868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.990093][T10868] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 232.990118][T10868] [ 234.843700][T10927] netlink: 8 bytes leftover after parsing attributes in process `syz.3.504'. [ 235.348372][T10940] openvswitch: netlink: IPv4 tunnel dst address is zero [ 235.769156][T10939] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 236.677821][T10987] FAULT_INJECTION: forcing a failure. [ 236.677821][T10987] name failslab, interval 1, probability 0, space 0, times 0 [ 236.710632][T10987] CPU: 1 UID: 0 PID: 10987 Comm: syz.3.509 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 236.710679][T10987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 236.710693][T10987] Call Trace: [ 236.710701][T10987] [ 236.710711][T10987] dump_stack_lvl+0x16c/0x1f0 [ 236.710751][T10987] should_fail_ex+0x512/0x640 [ 236.710788][T10987] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 236.710829][T10987] should_failslab+0xc2/0x120 [ 236.710853][T10987] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 236.710888][T10987] ? ksys_unshare+0x45b/0xa40 [ 236.710917][T10987] ? __x64_sys_unshare+0x31/0x40 [ 236.710948][T10987] ? sock_alloc_inode+0x25/0x1c0 [ 236.710983][T10987] ? __pfx_sock_alloc_inode+0x10/0x10 [ 236.711006][T10987] sock_alloc_inode+0x25/0x1c0 [ 236.711029][T10987] alloc_inode+0x64/0x240 [ 236.711056][T10987] sock_alloc+0x40/0x280 [ 236.711079][T10987] sock_create_lite+0x82/0x120 [ 236.711106][T10987] __netlink_kernel_create+0xbd/0x750 [ 236.711135][T10987] ? __pfx___netlink_kernel_create+0x10/0x10 [ 236.711158][T10987] ? find_held_lock+0x2b/0x80 [ 236.711185][T10987] ? audit_net_init+0x190/0x440 [ 236.711219][T10987] audit_net_init+0x1ae/0x440 [ 236.711247][T10987] ? __pfx_audit_net_init+0x10/0x10 [ 236.711278][T10987] ? __pfx_audit_receive+0x10/0x10 [ 236.711309][T10987] ? __pfx_audit_multicast_bind+0x10/0x10 [ 236.711340][T10987] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 236.711372][T10987] ? __kmalloc_noprof+0x242/0x510 [ 236.711414][T10987] ? __pfx_audit_net_init+0x10/0x10 [ 236.711441][T10987] ops_init+0x1e2/0x5f0 [ 236.711482][T10987] setup_net+0x1ff/0x510 [ 236.711516][T10987] ? lockdep_init_map_type+0x5c/0x280 [ 236.711550][T10987] ? __pfx_setup_net+0x10/0x10 [ 236.711590][T10987] ? debug_mutex_init+0x37/0x70 [ 236.711619][T10987] copy_net_ns+0x2a6/0x5f0 [ 236.711648][T10987] create_new_namespaces+0x3ea/0xa90 [ 236.711691][T10987] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 236.711723][T10987] ksys_unshare+0x45b/0xa40 [ 236.711755][T10987] ? __pfx_ksys_unshare+0x10/0x10 [ 236.711788][T10987] ? ksys_write+0x1ac/0x250 [ 236.711834][T10987] __x64_sys_unshare+0x31/0x40 [ 236.711866][T10987] do_syscall_64+0xcd/0x490 [ 236.711910][T10987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.711935][T10987] RIP: 0033:0x7fef56d8e929 [ 236.711954][T10987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.711973][T10987] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 236.711995][T10987] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 236.712011][T10987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 236.712026][T10987] RBP: 00007fef57b86090 R08: 0000000000000000 R09: 0000000000000000 [ 236.712038][T10987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 236.712050][T10987] R13: 0000000000000000 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 236.712082][T10987] [ 237.005647][ C1] vkms_vblank_simulate: vblank timer overrun [ 237.073470][T10987] audit: cannot initialize netlink socket in namespace [ 238.115117][T10991] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.071545][T11160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'. [ 241.788208][T11218] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input20 [ 243.301312][T11277] 0x000200000001-0xa29656a63616329 : "" [ 243.309533][T11277] mtd: partition "" is out of reach -- disabled [ 243.350415][T11277] ftl_cs: FTL header not found. [ 243.416607][T11289] openvswitch: netlink: Geneve opt len 2 is not a multiple of 4. [ 244.246262][T11366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.531'. [ 245.439157][T11490] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 245.754729][T11503] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 247.148305][T11574] program syz.0.540 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 247.771527][T11597] relay: one or more items not logged [item size (56) > sub-buffer size (4)] [ 248.217540][T11640] openvswitch: netlink: IPv4 tunnel dst address is zero [ 248.392322][T11640] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 248.523006][T11657] openvswitch: netlink: IPv4 tunnel dst address is zero [ 248.627297][T11660] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 249.383862][T11669] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 249.791160][T11672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 250.292339][T11759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.553'. [ 250.662055][T11788] binder: 11787:11788 ioctl 400c620e 0 returned -22 [ 251.679048][T11819] netlink: 326 bytes leftover after parsing attributes in process `syz.2.560'. [ 254.422280][T12066] can: request_module (can-proto-0) failed. [ 254.772388][T12038] Process accounting resumed [ 254.995260][T12097] netlink: 28 bytes leftover after parsing attributes in process `syz.1.581'. [ 255.572881][T12110] ovs_: entered promiscuous mode [ 255.657940][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.667889][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.789047][T12150] FAULT_INJECTION: forcing a failure. [ 256.789047][T12150] name failslab, interval 1, probability 0, space 0, times 0 [ 256.822971][T12150] CPU: 1 UID: 0 PID: 12150 Comm: syz.0.588 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 256.823008][T12150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 256.823027][T12150] Call Trace: [ 256.823035][T12150] [ 256.823048][T12150] dump_stack_lvl+0x16c/0x1f0 [ 256.823088][T12150] should_fail_ex+0x512/0x640 [ 256.823121][T12150] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 256.823157][T12150] should_failslab+0xc2/0x120 [ 256.823180][T12150] __kmalloc_cache_noprof+0x6a/0x3e0 [ 256.823213][T12150] ? apply_wqattrs_prepare+0x130/0xbd0 [ 256.823245][T12150] apply_wqattrs_prepare+0x130/0xbd0 [ 256.823287][T12150] apply_workqueue_attrs_locked+0x64/0xe0 [ 256.823315][T12150] __alloc_workqueue+0xf41/0x1810 [ 256.823352][T12150] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 256.823390][T12150] alloc_workqueue+0xd2/0x200 [ 256.823418][T12150] ? __pfx_alloc_workqueue+0x10/0x10 [ 256.823456][T12150] ? __pfx___debug_object_init+0x10/0x10 [ 256.823492][T12150] nci_register_device+0x394/0xb80 [ 256.823524][T12150] ? __pfx_nci_register_device+0x10/0x10 [ 256.823559][T12150] ? lockdep_init_map_type+0x5c/0x280 [ 256.823600][T12150] virtual_ncidev_open+0x141/0x220 [ 256.823631][T12150] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 256.823660][T12150] misc_open+0x35d/0x420 [ 256.823688][T12150] ? __pfx_misc_open+0x10/0x10 [ 256.823716][T12150] chrdev_open+0x231/0x6a0 [ 256.823750][T12150] ? __pfx_apparmor_file_open+0x10/0x10 [ 256.823780][T12150] ? __pfx_chrdev_open+0x10/0x10 [ 256.823819][T12150] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 256.823855][T12150] do_dentry_open+0x744/0x1c10 [ 256.823891][T12150] ? __pfx_chrdev_open+0x10/0x10 [ 256.823932][T12150] vfs_open+0x82/0x3f0 [ 256.823963][T12150] path_openat+0x1de4/0x2cb0 [ 256.824030][T12150] ? __pfx_path_openat+0x10/0x10 [ 256.824063][T12150] ? __lock_acquire+0xb8a/0x1c90 [ 256.824098][T12150] do_filp_open+0x20b/0x470 [ 256.824131][T12150] ? __pfx_do_filp_open+0x10/0x10 [ 256.824188][T12150] ? alloc_fd+0x471/0x7d0 [ 256.824230][T12150] do_sys_openat2+0x11b/0x1d0 [ 256.824257][T12150] ? __pfx_do_sys_openat2+0x10/0x10 [ 256.824288][T12150] ? __fget_files+0x20e/0x3c0 [ 256.824326][T12150] __x64_sys_openat+0x174/0x210 [ 256.824353][T12150] ? __pfx___x64_sys_openat+0x10/0x10 [ 256.824380][T12150] ? ksys_write+0x1ac/0x250 [ 256.824427][T12150] do_syscall_64+0xcd/0x490 [ 256.824465][T12150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.824490][T12150] RIP: 0033:0x7f053458e929 [ 256.824511][T12150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.824534][T12150] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 256.824557][T12150] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 256.824574][T12150] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 256.824589][T12150] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 256.824604][T12150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 256.824618][T12150] R13: 0000000000000001 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 256.824653][T12150] [ 257.369714][T12161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.587'. [ 257.597317][T12171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.592'. [ 257.631234][T12171] 0x000200000001-0xa29656a63616329 : "" [ 257.680431][T12171] mtd: partition "" is out of reach -- disabled [ 257.708206][T12171] ftl_cs: FTL header not found. [ 259.844222][T12302] openvswitch: netlink: nsh attribute has 14 unknown bytes. [ 259.854595][T12302] FAULT_INJECTION: forcing a failure. [ 259.854595][T12302] name failslab, interval 1, probability 0, space 0, times 0 [ 259.867468][T12302] CPU: 1 UID: 0 PID: 12302 Comm: syz.0.602 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 259.867498][T12302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 259.867529][T12302] Call Trace: [ 259.867538][T12302] [ 259.867546][T12302] dump_stack_lvl+0x16c/0x1f0 [ 259.867585][T12302] should_fail_ex+0x512/0x640 [ 259.867618][T12302] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 259.867667][T12302] should_failslab+0xc2/0x120 [ 259.867691][T12302] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 259.867726][T12302] ? __thp_vma_allowable_orders+0x1c5/0xb10 [ 259.867753][T12302] ? ptlock_alloc+0x1f/0x70 [ 259.867790][T12302] ptlock_alloc+0x1f/0x70 [ 259.867820][T12302] pte_alloc_one+0x82/0x3a0 [ 259.867844][T12302] __handle_mm_fault+0x3a68/0x5490 [ 259.867886][T12302] ? __pfx___handle_mm_fault+0x10/0x10 [ 259.867914][T12302] ? __pfx_mt_find+0x10/0x10 [ 259.867960][T12302] ? find_vma+0xbf/0x140 [ 259.867984][T12302] ? __pfx_find_vma+0x10/0x10 [ 259.868013][T12302] handle_mm_fault+0x589/0xd10 [ 259.868046][T12302] ? __pkru_allows_pkey+0x51/0xb0 [ 259.868081][T12302] do_user_addr_fault+0x7a6/0x1370 [ 259.868119][T12302] ? rcu_is_watching+0x12/0xc0 [ 259.868150][T12302] exc_page_fault+0x5c/0xb0 [ 259.868184][T12302] asm_exc_page_fault+0x26/0x30 [ 259.868208][T12302] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 259.868236][T12302] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 259.868259][T12302] RSP: 0018:ffffc9001939fba8 EFLAGS: 00050206 [ 259.868279][T12302] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 259.868294][T12302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888078c04000 [ 259.868309][T12302] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100f1809ff [ 259.868324][T12302] R10: ffff888078c04fff R11: 0000000000000000 R12: ffffc9001939fda0 [ 259.868339][T12302] R13: 0000000000001000 R14: ffff888078c04000 R15: 00007ffffffff000 [ 259.868376][T12302] _copy_from_iter+0x383/0x16f0 [ 259.868422][T12302] ? __pfx__copy_from_iter+0x10/0x10 [ 259.868460][T12302] ? rcu_is_watching+0x12/0xc0 [ 259.868485][T12302] ? trace_kmalloc+0x2b/0xd0 [ 259.868508][T12302] ? __kmalloc_noprof+0x242/0x510 [ 259.868552][T12302] kernfs_fop_write_iter+0x19a/0x510 [ 259.868585][T12302] vfs_write+0x6c7/0x1150 [ 259.868620][T12302] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 259.868655][T12302] ? __pfx___mutex_lock+0x10/0x10 [ 259.868690][T12302] ? __pfx_vfs_write+0x10/0x10 [ 259.868749][T12302] ksys_write+0x12a/0x250 [ 259.868780][T12302] ? __pfx_ksys_write+0x10/0x10 [ 259.868822][T12302] do_syscall_64+0xcd/0x490 [ 259.868860][T12302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.868884][T12302] RIP: 0033:0x7f053458e929 [ 259.868902][T12302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.868925][T12302] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 259.868946][T12302] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 259.868962][T12302] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 259.868977][T12302] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 259.868992][T12302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.869006][T12302] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 259.869042][T12302] [ 260.302804][T12307] FAULT_INJECTION: forcing a failure. [ 260.302804][T12307] name failslab, interval 1, probability 0, space 0, times 0 [ 260.355328][T12307] CPU: 0 UID: 0 PID: 12307 Comm: syz.3.604 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 260.355366][T12307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 260.355382][T12307] Call Trace: [ 260.355391][T12307] [ 260.355400][T12307] dump_stack_lvl+0x16c/0x1f0 [ 260.355442][T12307] should_fail_ex+0x512/0x640 [ 260.355482][T12307] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 260.355524][T12307] should_failslab+0xc2/0x120 [ 260.355551][T12307] __kmalloc_cache_noprof+0x6a/0x3e0 [ 260.355584][T12307] ? __do_sys_memfd_create+0x17b/0x8a0 [ 260.355623][T12307] __do_sys_memfd_create+0x17b/0x8a0 [ 260.355656][T12307] do_syscall_64+0xcd/0x490 [ 260.355695][T12307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.355722][T12307] RIP: 0033:0x7fef56d8e929 [ 260.355742][T12307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.355765][T12307] RSP: 002b:00007fef57b86038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 260.355789][T12307] RAX: ffffffffffffffda RBX: 00007fef56fb5fa0 RCX: 00007fef56d8e929 [ 260.355806][T12307] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 260.355821][T12307] RBP: 00007fef56e10ca1 R08: 0000000000000000 R09: 0000000000000000 [ 260.355836][T12307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.355858][T12307] R13: 0000000000000000 R14: 00007fef56fb5fa0 R15: 00007ffdfc971b38 [ 260.355892][T12307] [ 260.512939][ C0] vkms_vblank_simulate: vblank timer overrun [ 260.868039][T12319] netlink: 222 bytes leftover after parsing attributes in process `syz.0.606'. [ 264.544424][T12566] vhci_hcd: invalid port number 16 [ 264.576415][T12566] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 267.258138][T12651] FAULT_INJECTION: forcing a failure. [ 267.258138][T12651] name failslab, interval 1, probability 0, space 0, times 0 [ 267.299550][T12651] CPU: 1 UID: 0 PID: 12651 Comm: syz.1.631 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 267.299585][T12651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 267.299600][T12651] Call Trace: [ 267.299608][T12651] [ 267.299617][T12651] dump_stack_lvl+0x16c/0x1f0 [ 267.299655][T12651] should_fail_ex+0x512/0x640 [ 267.299685][T12651] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 267.299727][T12651] should_failslab+0xc2/0x120 [ 267.299751][T12651] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 267.299784][T12651] ? d_instantiate+0x77/0x90 [ 267.299805][T12651] ? alloc_empty_file+0x55/0x1e0 [ 267.299834][T12651] alloc_empty_file+0x55/0x1e0 [ 267.299858][T12651] alloc_file_pseudo+0x13a/0x230 [ 267.299885][T12651] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 267.299912][T12651] ? alloc_fd+0x471/0x7d0 [ 267.299947][T12651] sock_alloc_file+0x50/0x210 [ 267.299985][T12651] __sys_socket+0x1c0/0x260 [ 267.300012][T12651] ? __pfx___sys_socket+0x10/0x10 [ 267.300039][T12651] ? do_user_addr_fault+0x843/0x1370 [ 267.300076][T12651] __x64_sys_socket+0x72/0xb0 [ 267.300102][T12651] ? lockdep_hardirqs_on+0x7c/0x110 [ 267.300135][T12651] do_syscall_64+0xcd/0x490 [ 267.300171][T12651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.300196][T12651] RIP: 0033:0x7f886b190847 [ 267.300216][T12651] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.300239][T12651] RSP: 002b:00007f886c031fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 267.300261][T12651] RAX: ffffffffffffffda RBX: 00007f886b3b6080 RCX: 00007f886b190847 [ 267.300284][T12651] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 267.300298][T12651] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 267.300313][T12651] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000001 [ 267.300327][T12651] R13: 0000000000000000 R14: 00007f886b3b6080 R15: 00007fff7aa02928 [ 267.300360][T12651] [ 267.333582][T12650] [U] [ 267.503890][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.710002][T12725] nbd: must specify a size in bytes for the device [ 268.755657][T12737] binder: 12735:12737 ioctl 400c620e 0 returned -22 [ 269.589738][T12777] netlink: 504 bytes leftover after parsing attributes in process `syz.0.645'. [ 269.632110][T12777] netlink: 350 bytes leftover after parsing attributes in process `syz.0.645'. [ 270.463800][T12834] binder: 12833:12834 ioctl 400c620e 0 returned -22 [ 271.025902][T12862] openvswitch: netlink: IPv4 tunnel dst address is zero [ 271.217010][T12878] 0x000200000001-0xa29656a63616329 : "" [ 271.226905][T12878] mtd: partition "" is out of reach -- disabled [ 271.233222][T12878] FAULT_INJECTION: forcing a failure. [ 271.233222][T12878] name failslab, interval 1, probability 0, space 0, times 0 [ 271.293458][T12878] CPU: 1 UID: 0 PID: 12878 Comm: syz.0.655 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 271.293491][T12878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 271.293505][T12878] Call Trace: [ 271.293514][T12878] [ 271.293522][T12878] dump_stack_lvl+0x16c/0x1f0 [ 271.293561][T12878] should_fail_ex+0x512/0x640 [ 271.293593][T12878] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 271.293633][T12878] should_failslab+0xc2/0x120 [ 271.293652][T12878] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 271.293682][T12878] ? kstrdup_const+0x63/0x80 [ 271.293715][T12878] kstrdup+0x53/0x100 [ 271.293742][T12878] kstrdup_const+0x63/0x80 [ 271.293768][T12878] __kernfs_new_node+0x9b/0x8e0 [ 271.293794][T12878] ? nfs_volume_list_start+0x31/0x110 [ 271.293819][T12878] ? __pfx___kernfs_new_node+0x10/0x10 [ 271.293852][T12878] ? find_held_lock+0x2b/0x80 [ 271.293873][T12878] ? kernfs_root+0xee/0x2a0 [ 271.293904][T12878] kernfs_new_node+0x13c/0x1e0 [ 271.293943][T12878] kernfs_create_dir_ns+0x4c/0x1a0 [ 271.293964][T12878] sysfs_create_dir_ns+0x13a/0x2b0 [ 271.293989][T12878] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 271.294013][T12878] ? find_held_lock+0x2b/0x80 [ 271.294036][T12878] ? class_dir_child_ns_type+0xd/0x60 [ 271.294058][T12878] kobject_add_internal+0x2c4/0x9b0 [ 271.294082][T12878] kobject_add+0x16e/0x240 [ 271.294100][T12878] ? __pfx_kobject_add+0x10/0x10 [ 271.294119][T12878] ? get_device_parent+0x1c5/0x4e0 [ 271.294149][T12878] ? kobject_put+0xab/0x5a0 [ 271.294179][T12878] ? device_add+0xbff/0x1a70 [ 271.294202][T12878] device_add+0x288/0x1a70 [ 271.294222][T12878] ? lockdep_init_map_type+0x5c/0x280 [ 271.294248][T12878] ? __pfx_device_add+0x10/0x10 [ 271.294267][T12878] ? lockdep_init_map_type+0x5c/0x280 [ 271.294293][T12878] ? __init_waitqueue_head+0xca/0x150 [ 271.294325][T12878] add_mtd_device+0x999/0x1720 [ 271.294361][T12878] ? __pfx_add_mtd_device+0x10/0x10 [ 271.294397][T12878] mtd_add_partition+0x30c/0x670 [ 271.294418][T12878] ? __pfx_mtd_add_partition+0x10/0x10 [ 271.294437][T12878] ? __might_fault+0xe3/0x190 [ 271.294463][T12878] ? __might_fault+0xe3/0x190 [ 271.294500][T12878] mtdchar_blkpg_ioctl+0x20b/0x250 [ 271.294521][T12878] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 271.294567][T12878] mtdchar_ioctl+0xbc4/0x2090 [ 271.294593][T12878] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 271.294618][T12878] ? __mutex_trylock_common+0xe9/0x250 [ 271.294645][T12878] ? __pfx___mutex_trylock_common+0x10/0x10 [ 271.294673][T12878] ? __pfx___might_resched+0x10/0x10 [ 271.294698][T12878] ? trace_contention_end+0xdd/0x130 [ 271.294725][T12878] ? __mutex_lock+0x1ca/0xb90 [ 271.294755][T12878] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 271.294778][T12878] ? __pfx___mutex_lock+0x10/0x10 [ 271.294806][T12878] ? fd_install+0x244/0x750 [ 271.294846][T12878] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 271.294867][T12878] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 271.294891][T12878] __x64_sys_ioctl+0x18b/0x210 [ 271.294922][T12878] do_syscall_64+0xcd/0x490 [ 271.294951][T12878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.294974][T12878] RIP: 0033:0x7f053458e929 [ 271.294990][T12878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.295008][T12878] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 271.295026][T12878] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 271.295039][T12878] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003 [ 271.295050][T12878] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 271.295061][T12878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 271.295072][T12878] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 271.295099][T12878] [ 271.295114][T12878] kobject: kobject_add_internal failed for mtd10 (error: -12 parent: mtd) [ 271.706474][T12866] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 271.823934][T12878] ------------[ cut here ]------------ [ 271.829442][T12878] WARNING: CPU: 1 PID: 12878 at drivers/mtd/mtdpart.c:37 release_mtd_partition+0x71/0x90 [ 271.839289][T12878] Modules linked in: [ 271.843581][T12878] CPU: 1 UID: 0 PID: 12878 Comm: syz.0.655 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 271.855947][T12878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 271.866120][T12878] RIP: 0010:release_mtd_partition+0x71/0x90 [ 271.872044][T12878] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f 2f ac fb 48 89 df 5b 5d e9 95 2f ac fb e8 90 52 51 fb 90 <0f> 0b 90 eb c2 e8 f5 33 b7 fb eb db 48 89 ef e8 eb 33 b7 fb eb a5 [ 271.891898][T12878] RSP: 0018:ffffc9000c037840 EFLAGS: 00010293 [ 271.898143][T12878] RAX: 0000000000000000 RBX: ffff888058ec6000 RCX: ffffffff8b7faa1d [ 271.906245][T12878] RDX: ffff8880360f0000 RSI: ffffffff866a0c50 RDI: ffff888058ec6000 [ 271.914366][T12878] RBP: ffff888058ec6648 R08: 0000000000000001 R09: 0000000000000001 [ 271.922362][T12878] R10: 000000000000000a R11: ffffffff82210a64 R12: 0000000000000000 [ 271.930382][T12878] R13: dffffc0000000000 R14: ffff888078d766c0 R15: 0000000000000000 [ 271.938376][T12878] FS: 00007f05353386c0(0000) GS:ffff888124820000(0000) knlGS:0000000000000000 [ 271.947338][T12878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 271.953951][T12878] CR2: 000020000007c000 CR3: 000000002ad48000 CR4: 00000000003526f0 [ 271.962125][T12878] Call Trace: [ 271.965477][T12878] [ 271.968418][T12878] mtd_release+0xa0/0xd0 [ 271.972667][T12878] ? __pfx_mtd_release+0x10/0x10 [ 271.977676][T12878] device_release+0xa4/0x240 [ 271.982298][T12878] kobject_put+0x1e7/0x5a0 [ 271.986806][T12878] put_device+0x1f/0x30 [ 271.990981][T12878] add_mtd_device+0xbc7/0x1720 [ 271.995813][T12878] ? __pfx_add_mtd_device+0x10/0x10 [ 272.001043][T12878] mtd_add_partition+0x30c/0x670 [ 272.006061][T12878] ? __pfx_mtd_add_partition+0x10/0x10 [ 272.011546][T12878] ? __might_fault+0xe3/0x190 [ 272.016308][T12878] ? __might_fault+0xe3/0x190 [ 272.021036][T12878] mtdchar_blkpg_ioctl+0x20b/0x250 [ 272.026227][T12878] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 272.031878][T12878] mtdchar_ioctl+0xbc4/0x2090 [ 272.036612][T12878] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 272.041730][T12878] ? __mutex_trylock_common+0xe9/0x250 [ 272.047230][T12878] ? __pfx___mutex_trylock_common+0x10/0x10 [ 272.053134][T12878] ? __pfx___might_resched+0x10/0x10 [ 272.058784][T12878] ? trace_contention_end+0xdd/0x130 [ 272.064168][T12878] ? __mutex_lock+0x1ca/0xb90 [ 272.068871][T12878] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 272.074287][T12878] ? __pfx___mutex_lock+0x10/0x10 [ 272.079312][T12878] ? fd_install+0x244/0x750 [ 272.083846][T12878] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 272.089041][T12878] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 272.094947][T12878] __x64_sys_ioctl+0x18b/0x210 [ 272.099707][T12878] do_syscall_64+0xcd/0x490 [ 272.104252][T12878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.110136][T12878] RIP: 0033:0x7f053458e929 [ 272.114580][T12878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.134518][T12878] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.142951][T12878] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 272.150956][T12878] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003 [ 272.158957][T12878] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 272.167135][T12878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.175166][T12878] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 272.183143][T12878] [ 272.186190][T12878] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 272.193472][T12878] CPU: 1 UID: 0 PID: 12878 Comm: syz.0.655 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 272.205441][T12878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 272.215488][T12878] Call Trace: [ 272.218759][T12878] [ 272.221686][T12878] dump_stack_lvl+0x3d/0x1f0 [ 272.226307][T12878] panic+0x71c/0x800 [ 272.230198][T12878] ? __pfx_panic+0x10/0x10 [ 272.234641][T12878] ? show_trace_log_lvl+0x29b/0x3e0 [ 272.239841][T12878] ? check_panic_on_warn+0x1f/0xb0 [ 272.244965][T12878] ? release_mtd_partition+0x71/0x90 [ 272.250260][T12878] check_panic_on_warn+0xab/0xb0 [ 272.255201][T12878] __warn+0xf6/0x3c0 [ 272.259096][T12878] ? release_mtd_partition+0x71/0x90 [ 272.264374][T12878] report_bug+0x3c3/0x580 [ 272.268702][T12878] ? release_mtd_partition+0x71/0x90 [ 272.273992][T12878] handle_bug+0x184/0x210 [ 272.278342][T12878] exc_invalid_op+0x17/0x50 [ 272.282875][T12878] asm_exc_invalid_op+0x1a/0x20 [ 272.287748][T12878] RIP: 0010:release_mtd_partition+0x71/0x90 [ 272.293665][T12878] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f 2f ac fb 48 89 df 5b 5d e9 95 2f ac fb e8 90 52 51 fb 90 <0f> 0b 90 eb c2 e8 f5 33 b7 fb eb db 48 89 ef e8 eb 33 b7 fb eb a5 [ 272.313467][T12878] RSP: 0018:ffffc9000c037840 EFLAGS: 00010293 [ 272.319543][T12878] RAX: 0000000000000000 RBX: ffff888058ec6000 RCX: ffffffff8b7faa1d [ 272.327512][T12878] RDX: ffff8880360f0000 RSI: ffffffff866a0c50 RDI: ffff888058ec6000 [ 272.335486][T12878] RBP: ffff888058ec6648 R08: 0000000000000001 R09: 0000000000000001 [ 272.343455][T12878] R10: 000000000000000a R11: ffffffff82210a64 R12: 0000000000000000 [ 272.351435][T12878] R13: dffffc0000000000 R14: ffff888078d766c0 R15: 0000000000000000 [ 272.359424][T12878] ? kasan_save_track+0x14/0x30 [ 272.364293][T12878] ? delete_node+0x40d/0x8d0 [ 272.368886][T12878] ? release_mtd_partition+0x70/0x90 [ 272.374186][T12878] mtd_release+0xa0/0xd0 [ 272.378434][T12878] ? __pfx_mtd_release+0x10/0x10 [ 272.383383][T12878] device_release+0xa4/0x240 [ 272.387993][T12878] kobject_put+0x1e7/0x5a0 [ 272.392424][T12878] put_device+0x1f/0x30 [ 272.396587][T12878] add_mtd_device+0xbc7/0x1720 [ 272.401369][T12878] ? __pfx_add_mtd_device+0x10/0x10 [ 272.406599][T12878] mtd_add_partition+0x30c/0x670 [ 272.411545][T12878] ? __pfx_mtd_add_partition+0x10/0x10 [ 272.417004][T12878] ? __might_fault+0xe3/0x190 [ 272.421691][T12878] ? __might_fault+0xe3/0x190 [ 272.426396][T12878] mtdchar_blkpg_ioctl+0x20b/0x250 [ 272.431520][T12878] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 272.437187][T12878] mtdchar_ioctl+0xbc4/0x2090 [ 272.441872][T12878] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 272.446990][T12878] ? __mutex_trylock_common+0xe9/0x250 [ 272.452455][T12878] ? __pfx___mutex_trylock_common+0x10/0x10 [ 272.458368][T12878] ? __pfx___might_resched+0x10/0x10 [ 272.463657][T12878] ? trace_contention_end+0xdd/0x130 [ 272.468949][T12878] ? __mutex_lock+0x1ca/0xb90 [ 272.473638][T12878] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 272.479011][T12878] ? __pfx___mutex_lock+0x10/0x10 [ 272.484044][T12878] ? fd_install+0x244/0x750 [ 272.488564][T12878] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 272.493764][T12878] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 272.499662][T12878] __x64_sys_ioctl+0x18b/0x210 [ 272.504430][T12878] do_syscall_64+0xcd/0x490 [ 272.508944][T12878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.514837][T12878] RIP: 0033:0x7f053458e929 [ 272.519250][T12878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.538855][T12878] RSP: 002b:00007f0535338038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.547271][T12878] RAX: ffffffffffffffda RBX: 00007f05347b5fa0 RCX: 00007f053458e929 [ 272.555237][T12878] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003 [ 272.563203][T12878] RBP: 00007f0535338090 R08: 0000000000000000 R09: 0000000000000000 [ 272.571168][T12878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.579136][T12878] R13: 0000000000000000 R14: 00007f05347b5fa0 R15: 00007ffd48868fb8 [ 272.587118][T12878] [ 272.590363][T12878] Kernel Offset: disabled [ 272.594682][T12878] Rebooting in 86400 seconds..