last executing test programs: 7.24952505s ago: executing program 3 (id=2290): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd6/hctx0/tags_bitmap\x00', 0x60000, 0x0) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) r2 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r2, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0xfffffffffffffffd, 0x80000001, 0xdc, 0x9b74, 0x2, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r3, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x4000000000000009) 7.015071005s ago: executing program 1 (id=2292): open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1b}, 0x403) r0 = socket(0x11, 0x3, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x6, 0x1000}, 0x5}, 0x2, 0x100) (fail_nth: 2) 6.328055444s ago: executing program 1 (id=2294): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x981082, 0x0) socket(0x6, 0x2, 0x80000000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040c04}, 0xc0804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r1 = socket(0x11, 0x80003, 0x304) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) setsockopt$auto(r1, 0x307, 0x5, 0x0, 0x24) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r2 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv$auto(r2, 0x0, 0x8, 0x6, 0x5) fstatfs$auto(0x3, 0xfffffffffffffffd) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000b00), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="27d07f82208475e3"], 0x14}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) 5.067681767s ago: executing program 1 (id=2297): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0xfffffff9, 0x10001) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4040885}, 0x40090) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4045}, 0x50) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="72011f00bb415df9212127f574df53a8f2f3a483461ca64f6c902bd819b2330e56d5b64a0a57a74f2356f535fa6789061b699a2e7fe578cc9c03d6d145215b23311b505999a4d7ec5708d2c67a543366f59e8c65e04b1cbc54b210c893ffcd7d8a0c56c4808455c9", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012cbd7000feba0f07994dd3c3a9f197000700000300000000a20900000000000000003ac52e12d0d864032b4fc8b75d3b185d584ee4bda8b182716926bff65d5d4843d079"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4008805) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="00211459a600fbdbf4250200080008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='l\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 4.87529304s ago: executing program 3 (id=2299): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000480), 0x42000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x420009, 0x8, 0x19, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x5) r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x40, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x161342, 0x100) socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f0000000200)='\\*)A\x00', 0x83, 0x9, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x10b080, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r1, 0x0, 0xc3) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000001540), 0x400040, 0x0) ioctl$auto_SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000001580)) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="040026bd7000fedbdf256b00000005008a007f00000023028000ab2477053bde779a7c58d35133fc9841bee02254230a0ad2d3bcb78c576c5f42f43bcc6b3a3ce7ff7858faff65f97cdb3851f4f020d4fb13ba9c337ded4b44ee7e4a64416b4dc0700eed8fa5c81cc8e1238737b249717e4d9dcc9ba26c00761aaf0bd5fe07a6961cc39a7d281b751d05342fd110af62a1ab79e795c301c457417cf45d57e762a769a4aa1d08a54322244e119505e216866dc4b572680932d0287fd79c056d1c0f30cc712654eaafd19b989761b80f2efd0a8de50d8e3a50eff15bec89505ac47df9d910f74a6a0e72722ab3d3b80671c1402f2355adeecffa38c6d5ef53f6e50d4dc3797252fd022e8dfbec47d2e102b0ea78c547b598a06af22654efe7caf8f2cf4f6044ee83f9af731269786eb029bfa0f33057f7549f4eca744cc030ec1924ebefbbbfe1c816c4a3aca6fb8498de7364dcdbbf2fd0d8bc5522d3c9c3dfb8a0c4d85b33b2ca548e2ca0084c847a7a80b76629c3f9ba8f39f0d1a94228ce540b9fc38c5a5417507eca5916cd3443d941813f2018b6d5542fa572344cfd444e2f202a984f0b97e40ed828dfeab1bca389be656839c8dffc9789af4edf26268e4bfcd849084a8ff56968fd48da2b304b65528e6cbe7e5cbe30c728643eebb5c4a1994def77dbb886eeea67d0c691ef0594b9d7c708aecfe5e1bdab652d1d04a9f4edd5877bc97cbaeebcaeecc30cf71b596dfb2f01edef4183325e88407ab70a51af953cc89777d5a1ed8c70a44f8a4ebd0e3243f5584947c700"], 0x240}, 0x1, 0x0, 0x0, 0x20008040}, 0x41001) 4.739327588s ago: executing program 3 (id=2300): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0xfffffff9, 0x10001) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4040885}, 0x40090) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4045}, 0x50) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="72011f00bb415df9212127f574df53a8f2f3a483461ca64f6c902bd819b2330e56d5b64a0a57a74f2356f535fa6789061b699a2e7fe578cc9c03d6d145215b23311b505999a4d7ec5708d2c67a543366f59e8c65e04b1cbc54b210c893ffcd7d8a0c56c4808455c9", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012cbd7000feba0f07994dd3c3a9f197000700000300000000a20900000000000000003ac52e12d0d864032b4fc8b75d3b185d584ee4bda8b182716926bff65d5d4843d079"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4008805) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="00211459a600fbdbf4250200080008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='l\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 3.799091426s ago: executing program 1 (id=2303): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(0x0, r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setfsuid$auto(0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00'}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) shmctl$auto_IPC_SET(0x80, 0x1, &(0x7f00000003c0)={{0x3ff, 0x0, 0xee00, 0x5, 0x4, 0x5, 0x6}, 0x6, 0x401, 0x0, 0x602, @raw=0x8, @inferred, 0x0, 0x0, &(0x7f0000000300)="d2d51683be49c7ac82e7afe28399a4956f844e75d677575c3baa0f6b0562dde39a18775dd531bd34912cfccfd2863e1ac6e64449d2991b6e", &(0x7f0000000340)="fc58442c6b53dbb0000935202f13ed992786ce70c8f9ce29a12ea24d5455d0d2787750e46b7f36f4985c0e9628271afa1e769fa13bd918c8a4c04e78d0ad85b27ea2e4364a83cd8b671f0586dc8650a983f183d7680a0ac3e882166631d4c1c0be2a69c7"}) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r2, &(0x7f0000001780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001740)={&(0x7f0000000440)={0x74, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_WOL_MODES={0x3f, 0x2, 0x0, 0x1, [@typed={0x8, 0x89, 0x0, 0x0, @uid=r9}, @generic="bfafe2abf7b7a73b6b1bdb160b2da3eaeca0aa556d9cdf65529ebc7abb17bfa17ea60299bde06261093dc06f311c20dd3f8af5"]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4004000}, 0x20000000) sendmsg$auto_WG_CMD_SET_DEVICE(r3, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000005fc0)={0x7f4, r1, 0x4, 0x70bd26, 0x25dfdbfa, {}, [@WGDEVICE_A_PEERS={0x7cc, 0x8, 0x0, 0x1, [@generic="a92efbfcea492d470426ced26de3d2693bac9c29e3b4b89b216b6bbae87f300496c39a513d73611c366e3b97355cf94340c7062dc38ce4819f552386ca77a14e7a9b5b4864262c2ed7ee63f473cfc86cee86490cbcbf68b81cb3b4a0fdec886097d08d405cb87fb23b90cf9a8f961f51582c493c56cecd221296ab118695c11f92a8ad4cc81b868c946c8a6d357feb1aaa33f9bb7aa268dbdf7a9cde878da98d7ea3997dd56b8ec16b653f7d66f74d56cc2a4852b9e70aa8c539a4832853b718b7bf7e1fc0d61a322358fbe5067a8a2a869ec9d5c2f285943c42fea8da1cfa746593667b5d315a2e0d287d58758a6ae2335234a5a58c6ce19faf7934ad73e3838ff61677cd555ce3ba75a22e1208caeee147700a655d0501a53cced512032f8db325b1da100a2899f116cd70f0a366e5ef2c42972738aba494c130ab3ba606673de32f54f48ada6ebb6a3a72bdfbad7c8c8638251abd7e97030a6b18d50f1757f1a36f9b639cc53a7e67ef85de9cdb01e671fdecf5c5d7b75939f29a09cc70f01e8a663da428ab005bc7a1c3b14daae38fc599ca90730c5182844d6f19c6c267fdad02982797c8212b023b2518f4bbf57da4aa9352916b864c1d33f3f495a1e126985021ada6630c4db48fe18838b185b4d33a651b7de285a5952634abd584b34b941d3465bf785b3890aa8556db2d0026bb60ddf9c38d02612cf66628a787b4220a6a79c14ddf77f0cd978192962d9e2950bb9df4621013481503f2a3f4f5e7ad19cdc6bf5c2bb62698ffa8679057e2db33e0bd96d9c6a038111c934a446bf858c7cab483ea421a297e23053f1695a7d533dc5daa3ce307b3fa44ebe7dcf457aa8782226f480583bed1ddd8fca87853048ecc534f1c38e7a6ea22d8040fa072c580c23b6056e10e2594d128f7020fb0b824b82aca88aa4a557f4d6b3b539b247feb0dfef1bca1e43fe679c03ee233b1ee46babe579050e5d5dfa23911a05453c50be5064bd243a7161bb8c38a14e7fa0d70d5a7f07ac975a3f8c515764958432d62200281a10977f230035cb397f02ee6455098d7cd9b57d5d56e3113ff68aca3bf3935498784f968a1a95d5d75fd54de6b5d2361cbf6a4b19550c0d54aafe55ea86f7c730f95336c43fa0a6d2e1e7c8577ee8fb844f067f92440dac46104bd7542ae3eeef108d4c8b569921db4279e4b8d6d6f41f0cbe1c9a2b3d1792299249eecaba9b306209e7d552956f4b2cad59e1b92e8807449aabf8ca7efdb2c352c78b568dd5e77b529fe735a127b6bf48f9f0718ea740cfb76d056400ccefd6a4d94e779adb5a5f666b590f20a66e9cf27abb71028bb6f54a5efabff4fd0563a25545de11d5b1dcbcf4cc46481d5eda13bc4c3f8dacc238a9ce009b6c190fb05058574ae79d09b7b253d44bc7762202de809c62db0758ef38cfc3f9f1c2276feeddbe9dd78309fefc65a11fa8626cef4e6504d538cc7b40ed1169b949ef2ff5724ec2f8d0acac4d843584076d8f886cf64b8980e8bf956943ac89278a6dff1e16a11a3ab534f319f29f8a3a996b5f2612a78d620a8017cf46a00be1b923aa56849a8b5062ebd2068bcaf61244568a7c1c3745a89a00cc31a69b38147cc4aea9977ee6be15145ab2b6f43bf350e7f330e115f5973ffb62418ed3b1b06a457e6634d5769bc9cd5b62624f4f35b7f2363a53f81704423ea98acaa61fa7bd9e75b417aaf2eda7f70c0f31277cd83fbf749a93eb321b1313a940571b96f9c6990766067bc87fe5831ad31af31b231adc4a0acbd2a3d9e78027ae6d0a48bb0f8cafe45add317c51e6d167233727600ddfe5627ec3495a735088084c4a6fc4a0c277b21baf135549f5f0b5b25ecce5f1fb3d9f96494c2d67d85943a7b3c1e56ec2251cafcc7d89a8f2d03cd876acbef2c3dd01fc8af623b8221ea8975ff66d5bc961e9e05eab20b692f86765c0baa1c790838f947b405d967fab3c51951ff21f98f188c1f6be4d6fdafa1f686adae8bb5fa69661feeddfb9a95361324938399fa7084f084530e9762f0bff9e0a3a5ad23597e84aedbc4d9fd8ca198f0c7a7c5d4a2bc88432b2c1af72a0a3629ff8a50708cb131df9541175af4b96bb39f1ebc5f282c7521f41cfe0fa9efbe03e4148118d48505006fd47272652c24010671bf00ab2eed40a4a3ea531df9e19c61969617e29a26f064e33f808ec1bc62de71c5d134387b7c4a15b30353d44fd1890a7e1ffac9b6e67de91020c2e9a83c2ea390ef1ab8de7fd8423ba71800b977c0f996b90d5039d3c3f4890f1d218fc9c609e812a23cbdfab18dda6b2210b0e386faedfc8b8b04ef533e3ed31d3d578cf8a0490e785f5ce6764110a32bd2", @generic="7cf6e6", @generic="efaebc4586cf67e57fb0e6e5f583a03769e0baf90dbaf0e17ebb7d52abbbf169fa8c757128bb25d1ad882f5c2def6ff90bc0d28ae61fcb495d2ec216c5a95c5e784b02d9d0ba47cb4656dde2ac96223187714c0a1888583bcb1f5df43b1e8cfa517fbe9aa52a0429129a7c6262d3106afff701a3d53eb706ef8dbb6f298cb7de239df1beed4ff2399b1870640aae29986c47bd775ff60dc36fa6cc00d467ef72d76d43beeaeebbefb4d9ee2d75de9347eab64cc880aabe2bc0fb3e8bead752b46f256ae5cae4be0e96f8527a12584f01bda07944ae2adb476bd3e58e747ad5eff6b78404afbac5428dbf5ad30e1ba409f440", @generic="aba873f2d5074321d5ab27646509b1dd879f23478407431265d29a5dd3f9d92046e73f7727ba5767f4d63022d2b7d3e16bd2c1afcc187291a5f3bd15c2bc978458565bf08fcada071f6addb390"]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x7f4}, 0x1, 0x0, 0x0, 0x20000040}, 0x80) 3.570644307s ago: executing program 1 (id=2305): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd6/hctx0/tags_bitmap\x00', 0x60000, 0x0) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) r3 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r3, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0xfffffffffffffffd, 0x80000001, 0xdc, 0x9b74, 0x2, 0x8000) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r4, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x4000000000000009) 3.390625537s ago: executing program 0 (id=2306): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x24, r0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) r3 = socket(0x2, 0xa, 0xa) sendmmsg$auto(r3, &(0x7f0000000300)={{&(0x7f0000000140), 0x14, &(0x7f0000000280)={0x0, 0x4e}, 0x7, 0x0, 0x0, 0x1}, 0x7}, 0x8, 0x8000) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000240), 0x400, 0x0) r5 = ioctl$auto_TUNSETGROUP(r4, 0x400454ce, &(0x7f0000000040)) r6 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f00000000c0), r1) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="04082a180007000300"/25], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0xb) socketpair$auto(0x1, 0x2, 0xd, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0) open(0x0, 0x22240, 0x55) r7 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(r7, 0x40106f52, r8) 3.235688559s ago: executing program 2 (id=2307): r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x8040, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, r0, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) unshare$auto(0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x2) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x6) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r2, 0x0, 0x81) fcntl$auto_F_GETFD(0xffffffffffffffff, 0x1, 0x7) ioctl$auto(0xffffffffffffffff, 0x4004556e, 0x1f) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) getsockopt$auto_SO_LOCK_FILTER(r2, 0x9, 0x2c, &(0x7f0000000080)='\x02\x00\x00\x00\x00', &(0x7f0000000040)=0xc) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) 3.144086472s ago: executing program 3 (id=2308): socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80800, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) socket(0x1d, 0x2, 0x7) socket(0xa, 0x1, 0x84) socket(0xa, 0x801, 0x84) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptys0\x00', 0x101e81, 0x0) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/cmdline\x00', 0x40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyc7\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00') syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000380)='ns/time\x00') openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_options\x00', 0x2, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) 3.136089272s ago: executing program 0 (id=2309): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/msr/perf_event_mux_interval_ms\x00', 0x982, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x0, 0x0, 0xfffffffffffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = prctl$auto(0x35, 0x8, 0x10, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKSTATE_GET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x20000000) mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x3, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r2, 0x0, 0x20) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, 0x0, 0x14) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r3, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010326bd7000fcdbdf242d000000180001801400020069705f76746910000000000000000000"], 0x2c}, 0x1, 0x1000000, 0x0, 0x24048012}, 0x80) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) write$auto(0x3, 0x0, 0xfdef) 3.040808316s ago: executing program 2 (id=2310): msgget$auto(0x0, 0x5) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x80001, 0x0) socket(0xa, 0x3, 0xff) ioctl$auto(0x3, 0x89e0, 0x91) socket(0x2, 0x801, 0x100) socket(0x2, 0x801, 0x106) socket(0x10, 0x3, 0x6) socket(0x15, 0x5, 0x0) bpf$auto(0x0, 0x0, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) 2.948921892s ago: executing program 2 (id=2311): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0xfffffff9, 0x10001) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4040885}, 0x40090) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4045}, 0x50) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="72011f00bb415df9212127f574df53a8f2f3a483461ca64f6c902bd819b2330e56d5b64a0a57a74f2356f535fa6789061b699a2e7fe578cc9c03d6d145215b23311b505999a4d7ec5708d2c67a543366f59e8c65e04b1cbc54b210c893ffcd7d8a0c56c4808455c9", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012cbd7000feba0f07994dd3c3a9f197000700000300000000a20900000000000000003ac52e12d0d864032b4fc8b75d3b185d584ee4bda8b182716926bff65d5d4843d079"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4008805) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="00211459a600fbdbf4250200080008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='l\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 2.3808264s ago: executing program 0 (id=2312): unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) r0 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000140), 0xffffffffffffffff) getsid$auto(0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_GOV(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)={0x1200, r0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@THERMAL_GENL_ATTR_CDEV_ID={0x8, 0xf, 0xfffffff7}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x11, 0x83}, @THERMAL_GENL_ATTR_TZ={0x11dc, 0x1, 0x0, 0x1, [@typed={0x34, 0x58, 0x0, 0x0, @binary="0e322ca32513830583d80d14a62521da04fbd40195ae258a58e20e3fdfc57659b1ebb9f6344a0d839304b4abcb54a85c"}, @nested={0x8, 0x67, 0x0, 0x1, [@nested={0x4, 0x150}, @generic]}, @nested={0x8, 0x12b, 0x0, 0x1, [@nested={0x4, 0x147}]}, @typed={0x6, 0x11a, 0x0, 0x0, @str='}\x00'}, @generic="701795652f0beceb21d9adf43199bf16ef08221d7bb0e140b9c765cc8f2fe52261a5e56e74503c2210e1f91629e71b2f30132e5667e3d896c008317d0fee356e11ffdf2d9da524924ce43bb431198c5e4b7f43b5808261a51ab3bedf5722f6574ad5479ade8095c1db0c2e7e576155a10cbbb137d800d49f00e035b5d6c965349e3dacbbdc9be1ed07ad0a49b55383479701d2ab6e9a7c503510f704d9df3d8f4b02b85c9d114af475c64832b8694fe46a82c1376ac3ac659dfa3a344cfce61dcdb2f0afc34f4bec7b3d037b49b392242b823f0eee8024cdbef2806f0a0ea981686b5cae97ce1d1365956758cde836dce019afa0d9298360b5734f7091f9c06d808f59b235ed1b3ab25cf10f8fcd32dfde601e20105e90330c62532af65640bf7538e8614e8ae20ee4dfdae9d21208f23607cb0649794b1024a6901ea082ca2a6e0fd9a5b018cf928cf5523e00a2f2ea19dc53878a2b3f09f6d8021232177bd3660de428a6845b8f1e1092b092068efa77286f393b6c05b686425d3b5b5183d00b7a439f7f7d187f39a75f6bc4eeff28688ce461bf72deb08e5939b1a5f48fd2ae42dc02ecb8cecc42b08c875b599d43c6c426de2a02f9f3c3af85766d06ef3a653c9df22c497e81e59a7f4ae3b1f0c1d6db905ec00bb242d60bc3ddd1a70a05960a80299c978bc5802c48823ec4c37619d8c0577f8aec6704f69b737a079f763950386849e455f0de8e691820e666a41487ca87252753bb52ce1eb87ed46440eb476bc16ff488f33b9554b78b1f9abdd0ce36d227dc3f9538a73ff352024a2ce31b3ba0fa55e4bf6ebd4f6796b353df0ad411435111a5665e0250a0737ec36301af428292771760e3a3cc34abf12d6bdc882a60d988c5155684dd21e07728efa05d96e489778f16987f5887237781b4e33ad0ab825713d8876b246f59f95d112747ba8107e3042b95c90d6aca3152da51f1f75d854e5ee87f0090e3a952b0e7180d5f055ebfc4d500f22dddd7c2a8fcf6177376f200e87e611a50561448e68fff82976dfaa2f8b9efe155793055eea10769b5efc418e8c0d5783121627b530f79d2355d69c97e612d4d2853dcc9ec09f8fa87a22cf64af3ea18c2b5140704335605378dd67113cff8564a676c11f98fc32a565a4194c247e6bc045ec535a103292c7dcda144efa42aa0000cdb88de2b4592bc15c97eb69932bd2de1615621d46e638747306d4c58c24f12e06da55ea2c320d052e122aa23c336cec38aecb0a3a3c4ea79eabc96aaf4306daf34e96a5ff66b64df5dd588b3bc289ef909eea2efc3bcdf80c351e9a0cddaa925124be376ee7bce44ad46ecfa0398dc40824605b8e7361a9ee1e0dd7cf911b122e9374c270f87479a7164754a175d2e892f5b92b3763ab6f3f30a802226c185144514714e1be3e456e0d95286122892fa6dc0289de4e36ca2a892e42a7162ff8d7bffbe1ad39fb05f6062bd4111b3c39559cc04524595ecb4ebaa772f8e6a63a66705c9da0fe764f79988b3eadabc331c0f76168f9a4354f3f2cd5942732f3e432388abbbdbe984fc588dacf49bc5137a147aff187b7dfb06f91f6e95279cd64ec8c7fb365b39ebac6f84289f26e10891b5d2e649ea2ee140476a16e6b918ed5ae325aa8171d99712552951cf523324c0b27e154e7a320c5e354194f6710c8f34ac5dcdacc4d5ff319269b847a31e7b1da4d5aee52630fe61bcc5a7cf9ed0cc8731afb1e1411296f326a7f53300d63392991226ed85a66bd112017a0eca70e45100b00f76ee47e5394a07e3088d4a30de0da2259995d665eb39e504e85020935d2cbf9a7a8edc41f1f0067b632b0145a8df2ce7d72833a40f1e2437bd343e919b5701c8fb6ab90cdfb5d329d949dec078ef4e95c85da6545e999142a2cb2f356471fd181df85032180cda8d2fbaa551a0bf7798258d1047edc5d6efda42c318f0440084f713031f27fc441258adea52eb55ccfa513b92c6c11d825321f5704974a2ae61a974408923d409b1fda2bd76b38f8428d3aeeea7385744ce7b6f5240004991a95ae13748d5dcebdbc7b49fedf18bce313c104b1c309edfc17b97b5ffe9c202787205f682df8366e96b066d935773e25355a52b8b81b0bc51ea646d86677b04711d59e985c9a69bb53636696aee3fa2a0d233cdc8a98b34a7b1e2376f432af1191314641b123226df08802c6115a3317882b0a87a23d2ce827475dc232fdf2c53f65e6fce1673946f4f1b62c7c0f6eab53e3621ac00ea35f64f9bcff2058c619cb1ab41fd3538ec1855cb5e29a2249a9afc0164f2dbabf104fe91b932cca07e916cc43e6fa7508218008e055872bc4952c98d00b70bd27473a0c31091b9f11ea709389f8a5f4ad06d2edd298c58ebb93dfcedc8347bf02e4b252ce0019a3c3b3f04bd32ebffc50339694183cc547b48a925d7dc3d42f54a8002638bedb6b886048d75fbf88bb5c77ee85c9f47b4bba94b62a0e637ca499a4da283f4c8777d1e63c52f3d3de1ab018ca31e892e38e69052ec506547ba0a3a922643c69d164b0d4f65a733ff5a13447c4ad05e541418d9d73f4313c5d7d7daf67ed84db492c55513b995479ca1cac802834ba86fbd410619d99dca40e018eea239c0ffb4c8700561a3851b5af707ce3e839accae00a8b1fa3187102c361a3cd469765fbb5662bf1429d94255e3e126552f00d76112f88755b99f694d8ecc88404c3f1fa1b0748444bd8299e06ddffb4dbc7f8489800786e604b08dfe23f18c73385d138efe5603d7354c20e140557e5d06ca7d81c011d460cd140420b0d6b5de7b2d5a731155ff3fbd28f7043a8607a32eedb5764383b2d7401f3cbd150e09e87458a613ea621d52c0a3290a0bd3fb97ef60faa757fba6f111b4d67594257a7dfbf55e8977c990eb3323983b24a6e50147c531b729e57d495fb0c4649e3ad4bf1300cf471616914bdc36c6f2493ec145fcec6ca5287519aab9e421c94c5d1bb266f1d110eac1b32472c22293e67ccd24d9a22aeef46a11d794714dc5e62bae7f21ba0a0fd8f2c1c40f96a2235f5dfa455595d7755f87da42c5d1546528b1649aca0c2306413e4c7eb3286d80c1223bd85baf07df979b2ac37ade2f99caa3d54be88b718a15e2a4379245adc2361009e23f9687b5b298f100d99a3ffb8c32597cefbffd4a213ea240250b84ac7133eeb56c8185cc305aa8c8ccbde002d7aef9a8673f7e6f67622bbc10dfaa9b08e67c37c59de5fffea49f194088d7a4fa391f20c4d06194e4933baaae449fd63b985fe3be7ec2b304bf73b5c31061da306e27e865d2b3e770afe90abe5ba9501965b8bc1cb2478303c062f3ebc36d903be38b63c9f1b4e32246d8ded9f62202744de9bfd1f01f0af77b149f74d709dd9d210ef367a040413a01b9767fc771a8d82aa8f84f7f0f1e28b1c90008225b79fa3953781da24a693bb49b93d80d6df530f0b3e7e6737be1484858251b7d694e98afc575985b64cf509cfccd49963826a098e159e5b4397232c6dcd6bfa272e4dc73e472589f52dd1872ac1ad91cf022dcb387897dc6210f42a8935ce08f591278f9743bf58b223641b59f654b669d4ee1d2fcb627ebc8ff77ee482f6d9edece8d955ab494d82be455027bd565606a18fa789725eb415121a5b8f309beb3654fadf076da1018f2d40803fe30deba159b60381255d61a49f66b22872a2afa18be5f224d2c15c2c632e52013229615cd7964367b7ac3c3990cdec837ea92b06cb728efcae5b4307996d4886648c30c132d84832256b998576926b74b1926442b0fe2ade9bbf91ec72534b9fca537ce15a5b7bb7f5064894772de545f5478f9d6b9534ba21ad9b78466a3fb6ccbe83e104fcb66d49e18c24a58396174903f965c1f524f180214efc41264f38bec6c61c5d141d6b83a082f14b165f2b572ec2d8118d4414e5295a0cd634e8f2647854e0f1a35b3d1cfeafc6ab9d16b781a437b0068f1b61ee4419975dde11b26db751a6114de97779a4b1c8ede7c47025470a45cf64b53f587e5e98c735f48f91915435fd6839ba6e25c96e5222fb0cccbeebfbcec4a59e17994558ab05896df9809d49620a5db5913cafbc1c5d6853953ab6ebac8b384573f4b24587d9f1a72e62f3187a74f87d3896477e37d56483d295824e7439cab6c88286d80c71910c10a74d09445749a6a056e40a2cae696ace869a55f5188421f4841196c6ab9b732384b9afc4b073d0b740af8c27ce2b79be1a3f11cae70da593b3e5803845af3d7f358b03f3549fa476781230decc42ef4940fc8dbc00b944fd6dc5399506600868d7f5922b208882934c5118116aca6b541c4ee9da8c9fa286a2b4fcbbb56cd39c1b17ca1a000d21003997b0ba7a4bef1e57ee7ff3e88c30acf399df9a7512962db7060c738aad2dc724e07f8ce1bf3a4d9a86e55d8d0f7d79b6e7fcd26d7ce1518328c0d9dbf460f08645d54019fa1c64d36e8a224b5ff90eeecf6df17c7525b9fb31587b4414ba943819c46fe369323319a95813497c662e4a1564bec8154781ce46ebf477baf0143a27163eceaa13aeb048c8ef367c2c77fc8347388eaf9b943fe361fc38804bde20cdb254b32f1a2c5e9b751243ad222bfa4848f960449005eeeb61fa032933013d496c22a3ba60cfe3783bf21e333b64086484942a5c0d32c62246d937c8ae5b45f24c678a4c555ff87551375feaba202ec4a78251219729d80d53e680e9d99402c75a7051cca5e79580e9bf4ef18d524f35d8e709b2fab5d4743b9401540fd13ff4e4f5e99079b4e09f2799c7af82572131b6a475e423a2927b8898a8ca2c7c197d9399e9250e9589332f4ff54dd2b51a2da3a361cc57d3b6797fc81bb2c99dc0a7bd55c5fc9a7cb44100cd20836d28f2c0d0fa5472fac3874fa6c05d03da8bf7a86787b9c4e2067dca05a09a15c2896982d22bc82ca3944c09bad34cfc1d6927b8afa4a0d244c64b2b8ffd247df4308076458c466a5d8d2f7715ea1ac0d5b86378801e5de41735882d5f9bc4c9f1b5980555edc3afdb080ceccc834bc4d39248128122fd951a93cd1c275f6d69bd227cdcc8e7f30d7fea19a83a01ab3091fadfbaec65adcadfa158f9c84af4268d9d79930f902f8f4bdb6299743e4ef378056470049529e8fc4ba252304c5d56416da66989eb55f20951ba82ca58124a32ceb84953217ee1384ff18c4605285b50cf31063948f6ccc129bd435d2f5d164e1c4cdae82def50dabfb2367d58545c5fcd37a04222686c2a5172c0c49b6a5e5a9209624dc2b99eb0954a7cad23cfda7d9173e48ad5049b26652f3ea3e1950b0658df3ed2ec25e48176f2c63bf63335fafc3885aa1c19c69c400793a6d401df122c4a54d638e5789d6726778a6f6670ef1fddd8374833a575e57c7421c756b4de2becbe441497d75e9b40d5dc030f784cd0159f4b0fd289295a873f186fefa937edf02f318c071d29de759eca8dbedd5c9c4318a44caa3dc0ce8cbaf3cb742727bae6e5c5a35a805f2f53ae9b82718a678069f9143ef1372bb27df93b6814fba1976fe2c11437ab5201c70bca2a32dc7a51835fcba453060b004d5562d6ff01ef63968b869b159ca456aa9702ac20ea689d4225b1e1d0ea06bf23fdda7eac542d8fb22c962bc2d2211ae0aa5a8c3aeca57bd3c016c3a6dd315310c30545edfc56970f077e640a1330bf984e7e993f77b0207672d244a87db837f0729e57b8fcd3cba3e5db7018b43350810860c7577ef814ed1b5f3aabe04c24b6cd37e763310cd6c8456fe11d15bbe3af8", @typed={0xa4, 0xf7, 0x0, 0x0, @binary="c413b6baa950bb918ff1cd16488b533ebe2175f7476072c3cedd3d9c85435ab87e6649a49459b78d54e9485c004c3370230c16358ebdc56b88565ecbfc03cc3895335886c0c1031e757451cbfa2fb2c01c41bcaf8de955898c1d22e1e7438cac411b7957baa011d755ac4c74a0c6fc5697f22a7540a05a056fd8c9f58f6962bb62a517816e02ed5519fa8efdd0d46caebdadd35b911543a27d4fdc1c3f94c07f"}, @typed={0x14, 0x5a, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @generic="8506530cb3cee02e57dcbbf8d83fd0b5e90c195832d6a7e6dcaf2a408ca1b6be61843dc3305b6115593cb25a21101773ade18c96c7586a153e107b1e0d270cb431a648c338aeb224363b9c6e3821d6681ab0ff0c2b26e60d101ec5efa1909ea32d15db28e6757181ceb2e1bf000242d3a7e910083cbb0c0dffaef562db453984c0b7aa7a6b6dfcd1da3ad7d6391d96e04515b50a1c0d941e813315f9425325efe0b0e8aed664237e6f5383209b01e4da5b4d1d13b960b0a648edc42a7510a62b0bc7f974ff1340efdd1148e1537864ecc4986367"]}]}, 0x1200}, 0x1, 0x0, 0x0, 0x4044044}, 0x4000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x16bb02, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) close_range$auto(0x2, r2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x3, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x80400, 0x0) socket(0x2, 0x801, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) ioctl$auto(r3, 0x4b4e, r3) 2.38000712s ago: executing program 3 (id=2313): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0xfffffff9, 0x10001) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4040885}, 0x40090) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4045}, 0x50) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="72011f00bb415df9212127f574df53a8f2f3a483461ca64f6c902bd819b2330e56d5b64a0a57a74f2356f535fa6789061b699a2e7fe578cc9c03d6d145215b23311b505999a4d7ec5708d2c67a543366f59e8c65e04b1cbc54b210c893ffcd7d8a0c56c4808455c9", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012cbd7000feba0f07994dd3c3a9f197000700000300000000a20900000000000000003ac52e12d0d864032b4fc8b75d3b185d584ee4bda8b182716926bff65d5d4843d079"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4008805) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="00211459a600fbdbf4250200080008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='l\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) 2.159293472s ago: executing program 1 (id=2314): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x6, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r2, 0x0, 0xfff) msync$auto(0x7f, 0x6, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000000)={0x1c, r3, 0x301, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) 1.64454377s ago: executing program 2 (id=2315): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) mmap$auto(0x0, 0x4040000c, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0xc2481, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) semctl$auto(0x204, 0xfffffffe, 0x3, 0x4) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 1.366245904s ago: executing program 2 (id=2316): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x147602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x20042, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0) write$auto(0x3, 0x0, 0xfdef) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x22a4c0, 0x20) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) socket(0x6, 0x3, 0x100) socketpair$auto(0x8, 0x7, 0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_TCFLSH2(r2, 0x8926, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) mq_unlink$auto(&(0x7f0000000000)='/dev/nullb0\x00') openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)={0x20, r5, 0xb01, 0x70bd24, 0x25dfdbfc, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, 0x7}]}, 0x20}, 0x1, 0x0, 0x0, 0x8041}, 0x4000080) sendmsg$auto_NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x580, r5, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0xff}, @NL80211_ATTR_PUNCT_BITMAP={0x8, 0x142, 0xbe}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0xc2}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x81, 0xac, "c9f3fc214e62c5c28d163e25886e5c345667c49377db0d12436e9b9ee88703267fb9acca62f942919e6e3dc84a03d199ece415d714bf3621d93e44fed356203550154221b4565308ccd1e375a23bfa34768f694fa1a7e2006c5f723d1311e6ac8f30cb93a6b3d8534a03b4be01711f656776b1b50f01012b9e3bc21291"}, @NL80211_ATTR_SAE_PASSWORD={0x81, 0x115, "420be04a58db524cdd5ad6e57f4040171ce1ba7cd32482e2d306b5d0369f14fcf9209e30a05a4bb964e8c6f53b2c8ea8cba4f653281dcda848c0a1d6769b7438bd222f3b53c6ee429c0d453a404dcc06ecca07a612b968b40f88c1a8c1d1b013723796330935b024531cbf9582d47b9c0554b006c785f02fad98a867d5"}, @NL80211_ATTR_MBSSID_ELEMS={0x449, 0x133, 0x0, 0x1, [@generic="5e27c98d9b109fd704d6f6304be59ed97da0695e5b4d11013462b54c83b69aed6a7f1537eecef014d516368a66e9748d195875a9ae20197446daf6b93814ef425241c511eee0e3485631b232e05f081ab08112b574fd8f0b6d708490c3baae43cfcf354b219076ade5db596eb71fc023ce9bb1d5b5bb957a9dceaacc96f33604d4d136534a2abc1e9810e4aeb719e9435310b03f61183b315afe49c4782fc1b9b7dd3fa7ecfe39a693dd8911f48abe092af2c8dfb279323769a350e99c90422392443d51b6eaa4da49ae276737a73203a0f2892ba6bb678f1db5026e2bbdef40c75e36d508", @generic="27eee602637c66014f202601650694b152c9981ff094893c63ca6c779fe7a517e3af07fbed8b411bab5652cfde8e14de6069ed662be2f791bc9367f7d9eddd0ba87cbfd95b172e1c0bd7c7f61b4d79c929e0790f3f8d91481a5a58d10d5194dd57f7414b4c4e3b19d14dd77e476caad744778015f8a3ed1e59d50a8011", @typed={0x8, 0xca, 0x0, 0x0, @ipv4=@broadcast}, @nested={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0xc1}]}, @generic="6a03b8cd7549d2a48c747f7bd261b9c43b01bfe6bb26c9b3eb39968fca9aa99ff1a7789b212cf5f0518e988e6a7226843de947d4c2bde9f339fe17e0a8e91fb351ebc72e7ee6a5d638d45094630214f1334782000e56edd0e4018b3aa7d034d2e429a79013c2a9313c8bd8c88a9124e807a0931dc14c09840fc75b42c03ffa943c1544bca7090c132c18765d418c1c6d2a2b28de070aedf2601518cf61ab6656b76dd1f4b1fa70a2efb881aeafbbbbeef6708e2064cc2f2be3b5b0cf4e44c5e6cdc0455417384907f079752755ac48150932873499409adb728ee643afad3ba8ccfa97", @typed={0xc, 0xcd, 0x0, 0x0, @u64=0xff}, @typed={0x25, 0x61, 0x0, 0x0, @str='/sys/kernel/config/target/dbroot\x00'}, @generic="4094d4c0c2ed54862d1b7ff2fb1fb60ee4936d57c8d10313eca59a0ada963c387e27e9c9a1fc3a1e3a62ab56bc6af0614111e204457345cc953b5caa6ba35d6fbfa8f594917d7694ec494521cc034f1cf82062916e2d73e7c2a84d31c5531e062c32fc3cbd95a619f94a13ea6148f002511d3bc57f5b671b35dc915f9d48b315e83688f992ac6490e431cd58674fec465ec917bd50a6f0b484a4d25d2c7efa9319981c7ca8ec17aed481755c11bb0f3046aa82a3ffd69da2be5273d68f7084f33191ea49622117dde4d6624a82b7e1a5c1a7d81e8d0a", @nested={0x18, 0x140, 0x0, 0x1, [@typed={0xc, 0x25, 0x0, 0x0, @u64=0x8}, @nested={0x4, 0x11f}, @nested={0x4, 0xe2}]}, @generic="6df031e0a84de5699d1ae596d27a6aba0ccc6c8d8d2bff182e0c498328e5488728336c46b98fd13cc071fd227ed838a9739bd8a71e9059f2359f23821f45841ad9cc39432366f69c0e21f259feef02129716d5f4a86da0dd64cfe63823c46833eceb1cd2f266c88b07573e460aa1c3af0c8d3de154e0b6c92ff182ec581f2466225b32a74fe74e69a27ccb17e1cff9fcd64ef4c27e331aac2053bbe1e7cc27d26b826bcb771b2457237821e992fe29066fd465406dd1834a2e90fb85a95fe69198dc7a0902f9ec2c0aa21cac19f9"]}]}, 0x580}, 0x1, 0x0, 0x0, 0x40000}, 0x40) 1.274238343s ago: executing program 0 (id=2317): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x24, r0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) r3 = socket(0x2, 0xa, 0xa) sendmmsg$auto(r3, &(0x7f0000000300)={{&(0x7f0000000140), 0x14, &(0x7f0000000280)={0x0, 0x4e}, 0x7, 0x0, 0x0, 0x1}, 0x7}, 0x8, 0x8000) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000240), 0x400, 0x0) r5 = ioctl$auto_TUNSETGROUP(r4, 0x400454ce, &(0x7f0000000040)) r6 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f00000000c0), r1) sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="04082a180007000300"/25], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0xb) socketpair$auto(0x1, 0x2, 0xd, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0) open(0x0, 0x22240, 0x55) r7 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(r7, 0x40106f52, r8) 853.280228ms ago: executing program 0 (id=2318): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/user_reserve_kbytes\x00', 0x103142, 0x0) socket(0x10, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r2], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20342, 0x0) 847.310308ms ago: executing program 3 (id=2319): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x22, 0x0, 0x8) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000a, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000100)='/dev/audio1\x00', 0x100000a3d9) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r2, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/pcmC1D1p\x00', 0x20a02, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/video30/dev_debug\x00', 0x129102, 0x0) write$auto(r3, &(0x7f0000000000)='y\x8c', 0x2) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYRES8=r4, @ANYBLOB="140e034d8ad74f84258b1bdc2c7859fe3d6146b0ff38359e7414a0b7705728cb7031cb70bc0778910b47c61c89992ae65167e09988acd93d4b51c8c0cc07b9d2b4c9bd590963eebf14c124665dcdd2697953e4ddc9b0596d9bce8067308040d2d1d82fc392c95f4b2c04a9d193c64eef36be9eb1a043256795a53230dd664d79a733c2f6cf95ec9326f6185c5da56d6e2ff6c31f99dd4fd0743ee121e70997686bae872dd9312193fb4ffdc7599d14399d68d20fa43923fa82773a53a01ad6f455e64f4419e3d93ece1ffe5564007b129425b7c096c4af29aa21ec975df35f5d35579e9e0afb75db5b34b751b1232b0b", @ANYRES8=r4], 0x2c}, 0x1, 0x0, 0x0, 0x20008085}, 0x5e17c1cf55fb2282) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r6) ioctl$auto_KVM_GET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x400000ff, 0x400, 0x9}]}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop2\x00', 0x200000, 0x0) open(0x0, 0x161342, 0x0) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) 216.84353ms ago: executing program 2 (id=2321): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/msr/perf_event_mux_interval_ms\x00', 0x982, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x0, 0x0, 0xfffffffffffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = prctl$auto(0x35, 0x8, 0x10, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKSTATE_GET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x20000000) mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x3, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r2, 0x0, 0x20) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x14) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r3, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010326bd7000fcdbdf242d000000180001801400020069705f76746910000000000000000000"], 0x2c}, 0x1, 0x1000000, 0x0, 0x24048012}, 0x80) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) write$auto(0x3, 0x0, 0xfdef) 0s ago: executing program 0 (id=2322): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd6/hctx0/tags_bitmap\x00', 0x60000, 0x0) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) r3 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r3, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0xfffffffffffffffd, 0x80000001, 0xdc, 0x9b74, 0x2, 0x8000) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r4, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x4000000000000009) kernel console output (not intermixed with test programs): 00000000 [ 498.695882][T13121] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 498.695917][T13121] [ 500.405660][T13156] random: crng reseeded on system resumption [ 500.785123][T13165] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1739'. [ 500.818665][T13163] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 501.511171][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.517712][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.857483][ T30] audit: type=1800 audit(6046983836.540:10): pid=13180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1743" name="lu_gp_id" dev="configfs" ino=39671 res=0 errno=0 [ 502.345912][T13180] ALUA LU Group already has a valid ID, ignoring request [ 503.985119][T13222] FAULT_INJECTION: forcing a failure. [ 503.985119][T13222] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 504.002961][T13222] CPU: 1 UID: 0 PID: 13222 Comm: syz.2.1753 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 504.003000][T13222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 504.003014][T13222] Call Trace: [ 504.003022][T13222] [ 504.003032][T13222] dump_stack_lvl+0x16c/0x1f0 [ 504.003083][T13222] should_fail_ex+0x512/0x640 [ 504.003122][T13222] _copy_to_user+0x32/0xd0 [ 504.003162][T13222] __sys_bpf+0x284f/0x4d80 [ 504.003191][T13222] ? __pfx___sys_bpf+0x10/0x10 [ 504.003213][T13222] ? vfs_write+0x15d/0x1150 [ 504.003255][T13222] ? __pfx_vfs_write+0x10/0x10 [ 504.003286][T13222] ? do_sys_openat2+0x157/0x1d0 [ 504.003327][T13222] ? ksys_write+0x1ac/0x250 [ 504.003359][T13222] ? __pfx_ksys_write+0x10/0x10 [ 504.003398][T13222] __x64_sys_bpf+0x78/0xc0 [ 504.003421][T13222] ? lockdep_hardirqs_on+0x7c/0x110 [ 504.003454][T13222] do_syscall_64+0xcd/0x490 [ 504.003492][T13222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.003516][T13222] RIP: 0033:0x7f5e0418e929 [ 504.003537][T13222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 504.003560][T13222] RSP: 002b:00007f5e04f64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 504.003585][T13222] RAX: ffffffffffffffda RBX: 00007f5e043b5fa0 RCX: 00007f5e0418e929 [ 504.003602][T13222] RDX: 0000000000000007 RSI: 0000200000000040 RDI: 0000000000000004 [ 504.003618][T13222] RBP: 00007f5e04f64090 R08: 0000000000000000 R09: 0000000000000000 [ 504.003633][T13222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 504.003647][T13222] R13: 0000000000000000 R14: 00007f5e043b5fa0 R15: 00007ffffaff7998 [ 504.003682][T13222] [ 505.878821][T13251] FAULT_INJECTION: forcing a failure. [ 505.878821][T13251] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 505.932830][T13251] CPU: 0 UID: 0 PID: 13251 Comm: syz.0.1763 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 505.932868][T13251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 505.932882][T13251] Call Trace: [ 505.932890][T13251] [ 505.932900][T13251] dump_stack_lvl+0x16c/0x1f0 [ 505.932949][T13251] should_fail_ex+0x512/0x640 [ 505.932989][T13251] should_fail_alloc_page+0xe7/0x130 [ 505.933017][T13251] prepare_alloc_pages+0x3c2/0x610 [ 505.933047][T13251] ? rcu_is_watching+0x12/0xc0 [ 505.933075][T13251] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 505.933114][T13251] ? __lock_acquire+0xb8a/0x1c90 [ 505.933162][T13251] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 505.933199][T13251] ? do_raw_spin_lock+0x12c/0x2b0 [ 505.933236][T13251] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 505.933273][T13251] ? find_held_lock+0x2b/0x80 [ 505.933311][T13251] ? __lock_acquire+0xb8a/0x1c90 [ 505.933343][T13251] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 505.933382][T13251] ? policy_nodemask+0xea/0x4e0 [ 505.933410][T13251] alloc_pages_mpol+0x1fb/0x550 [ 505.933437][T13251] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 505.933474][T13251] folio_alloc_mpol_noprof+0x36/0x2f0 [ 505.933505][T13251] shmem_alloc_folio+0x135/0x160 [ 505.933538][T13251] shmem_alloc_and_add_folio+0x499/0xc20 [ 505.933582][T13251] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 505.933621][T13251] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 505.933663][T13251] shmem_get_folio_gfp+0x67f/0x1600 [ 505.933722][T13251] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 505.933761][T13251] ? filemap_map_pages+0xf6f/0x1680 [ 505.933801][T13251] shmem_fault+0x1fe/0xa30 [ 505.933837][T13251] ? __pfx_shmem_fault+0x10/0x10 [ 505.933879][T13251] ? __pfx_filemap_map_pages+0x10/0x10 [ 505.933926][T13251] __do_fault+0x10a/0x490 [ 505.933969][T13251] __handle_mm_fault+0x3c2a/0x5490 [ 505.934006][T13251] ? __pfx___handle_mm_fault+0x10/0x10 [ 505.934030][T13251] ? __pfx_mt_find+0x10/0x10 [ 505.934068][T13251] ? find_vma+0xbf/0x140 [ 505.934091][T13251] ? __pfx_find_vma+0x10/0x10 [ 505.934117][T13251] handle_mm_fault+0x589/0xd10 [ 505.934146][T13251] ? __pkru_allows_pkey+0x51/0xb0 [ 505.934177][T13251] do_user_addr_fault+0x7a6/0x1370 [ 505.934210][T13251] ? rcu_is_watching+0x12/0xc0 [ 505.934240][T13251] exc_page_fault+0x5c/0xb0 [ 505.934274][T13251] asm_exc_page_fault+0x26/0x30 [ 505.934298][T13251] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 505.934327][T13251] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 0f 11 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 505.934350][T13251] RSP: 0018:ffffc90003397b20 EFLAGS: 00050206 [ 505.934371][T13251] RAX: 0000000000000001 RBX: 000000000000fdef RCX: 0000000000008def [ 505.934387][T13251] RDX: ffffed100c70ffbe RSI: 0000000000007000 RDI: ffff888063877000 [ 505.934404][T13251] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100c70ffbd [ 505.934419][T13251] R10: ffff88806387fdee R11: 0000000000000000 R12: ffffc90003397da0 [ 505.934435][T13251] R13: 000000000000fdef R14: ffff888063870000 R15: 00007ffffffff000 [ 505.934470][T13251] _copy_from_iter+0x383/0x16f0 [ 505.934513][T13251] ? rcu_is_watching+0x12/0xc0 [ 505.934539][T13251] ? __pfx__copy_from_iter+0x10/0x10 [ 505.934573][T13251] ? rcu_is_watching+0x12/0xc0 [ 505.934598][T13251] ? trace_kmalloc+0x2b/0xd0 [ 505.934622][T13251] ? __kvmalloc_node_noprof.cold+0x60/0x65 [ 505.934656][T13251] ? __pfx_net_ctl_permissions+0x10/0x10 [ 505.934679][T13251] ? proc_sys_call_handler+0x2a6/0x5c0 [ 505.934721][T13251] proc_sys_call_handler+0x317/0x5c0 [ 505.934759][T13251] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 505.934810][T13251] vfs_write+0x6c7/0x1150 [ 505.934845][T13251] ? __pfx_proc_sys_write+0x10/0x10 [ 505.934880][T13251] ? __pfx___mutex_lock+0x10/0x10 [ 505.934915][T13251] ? __pfx_vfs_write+0x10/0x10 [ 505.934995][T13251] ksys_write+0x12a/0x250 [ 505.935027][T13251] ? __pfx_ksys_write+0x10/0x10 [ 505.935070][T13251] do_syscall_64+0xcd/0x490 [ 505.935107][T13251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.935131][T13251] RIP: 0033:0x7fb05278e929 [ 505.935148][T13251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 505.935170][T13251] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 505.935190][T13251] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 505.935206][T13251] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 505.935218][T13251] RBP: 00007fb0535b1090 R08: 0000000000000000 R09: 0000000000000000 [ 505.935231][T13251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 505.935245][T13251] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 505.935277][T13251] [ 506.614540][T13258] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58 [ 507.321180][T13255] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59 [ 508.673577][T13297] FAULT_INJECTION: forcing a failure. [ 508.673577][T13297] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 508.696957][T13297] CPU: 1 UID: 0 PID: 13297 Comm: syz.1.1772 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 508.696995][T13297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 508.697008][T13297] Call Trace: [ 508.697015][T13297] [ 508.697023][T13297] dump_stack_lvl+0x16c/0x1f0 [ 508.697059][T13297] should_fail_ex+0x512/0x640 [ 508.697095][T13297] _copy_to_user+0x32/0xd0 [ 508.697131][T13297] simple_read_from_buffer+0xcb/0x170 [ 508.697162][T13297] proc_fail_nth_read+0x197/0x270 [ 508.697189][T13297] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 508.697217][T13297] ? rw_verify_area+0xcf/0x680 [ 508.697245][T13297] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 508.697271][T13297] vfs_read+0x1e4/0xc60 [ 508.697305][T13297] ? __pfx___mutex_lock+0x10/0x10 [ 508.697337][T13297] ? __pfx_vfs_read+0x10/0x10 [ 508.697374][T13297] ? __fget_files+0x20e/0x3c0 [ 508.697412][T13297] ksys_read+0x12a/0x250 [ 508.697441][T13297] ? __pfx_ksys_read+0x10/0x10 [ 508.697479][T13297] do_syscall_64+0xcd/0x490 [ 508.697512][T13297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.697544][T13297] RIP: 0033:0x7f5ceb58d33c [ 508.697563][T13297] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 508.697584][T13297] RSP: 002b:00007f5ce93f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 508.697606][T13297] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb58d33c [ 508.697621][T13297] RDX: 000000000000000f RSI: 00007f5ce93f60a0 RDI: 0000000000000004 [ 508.697635][T13297] RBP: 00007f5ce93f6090 R08: 0000000000000000 R09: 0000000000000000 [ 508.697649][T13297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 508.697663][T13297] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 508.697694][T13297] [ 508.978830][T13301] FAULT_INJECTION: forcing a failure. [ 508.978830][T13301] name failslab, interval 1, probability 0, space 0, times 0 [ 509.074720][T13301] CPU: 0 UID: 0 PID: 13301 Comm: syz.2.1776 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 509.074759][T13301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 509.074774][T13301] Call Trace: [ 509.074782][T13301] [ 509.074791][T13301] dump_stack_lvl+0x16c/0x1f0 [ 509.074832][T13301] should_fail_ex+0x512/0x640 [ 509.074866][T13301] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 509.074907][T13301] should_failslab+0xc2/0x120 [ 509.074932][T13301] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 509.074968][T13301] ? __alloc_skb+0x2b2/0x380 [ 509.075007][T13301] __alloc_skb+0x2b2/0x380 [ 509.075040][T13301] ? __pfx___alloc_skb+0x10/0x10 [ 509.075077][T13301] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 509.075110][T13301] netlink_alloc_large_skb+0x69/0x130 [ 509.075142][T13301] netlink_sendmsg+0x6a1/0xdd0 [ 509.075175][T13301] ? __pfx_netlink_sendmsg+0x10/0x10 [ 509.075209][T13301] ____sys_sendmsg+0xa98/0xc70 [ 509.075237][T13301] ? copy_msghdr_from_user+0x10a/0x160 [ 509.075273][T13301] ? __pfx_____sys_sendmsg+0x10/0x10 [ 509.075317][T13301] ___sys_sendmsg+0x134/0x1d0 [ 509.075353][T13301] ? __pfx____sys_sendmsg+0x10/0x10 [ 509.075385][T13301] ? __lock_acquire+0x622/0x1c90 [ 509.075461][T13301] __sys_sendmsg+0x16d/0x220 [ 509.075502][T13301] ? __pfx___sys_sendmsg+0x10/0x10 [ 509.075560][T13301] do_syscall_64+0xcd/0x490 [ 509.075598][T13301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.075623][T13301] RIP: 0033:0x7f5e0418e929 [ 509.075643][T13301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.075668][T13301] RSP: 002b:00007f5e04f64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 509.075692][T13301] RAX: ffffffffffffffda RBX: 00007f5e043b5fa0 RCX: 00007f5e0418e929 [ 509.075710][T13301] RDX: 0000000020008010 RSI: 0000200000001440 RDI: 0000000000000003 [ 509.075725][T13301] RBP: 00007f5e04f64090 R08: 0000000000000000 R09: 0000000000000000 [ 509.075740][T13301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 509.075755][T13301] R13: 0000000000000000 R14: 00007f5e043b5fa0 R15: 00007ffffaff7998 [ 509.075789][T13301] [ 509.291129][ C0] vkms_vblank_simulate: vblank timer overrun [ 509.368907][T13307] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1777'. [ 509.403318][T13307] geneve1: entered promiscuous mode [ 509.418865][T13307] geneve1: entered allmulticast mode [ 509.455503][T13307] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1777'. [ 513.272174][T13354] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 513.366145][T13350] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1791'. [ 513.504858][T13350] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 513.973581][T13370] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60 [ 514.599754][T13373] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 515.874173][T13409] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62 [ 516.652753][T13410] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input63 [ 516.773026][T13422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1805'. [ 517.617806][T13433] netlink: 'syz.0.1808': attribute type 1 has an invalid length. [ 517.680049][T13433] netlink: 54 bytes leftover after parsing attributes in process `syz.0.1808'. [ 517.698022][T13432] ima: policy update failed [ 517.705417][ T30] audit: type=1802 audit(6046983852.400:11): pid=13432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1808" res=0 errno=0 [ 518.135722][T13442] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1811'. [ 518.188987][T13442] FAULT_INJECTION: forcing a failure. [ 518.188987][T13442] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 518.268689][T13442] CPU: 1 UID: 0 PID: 13442 Comm: syz.0.1811 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 518.268726][T13442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 518.268741][T13442] Call Trace: [ 518.268749][T13442] [ 518.268759][T13442] dump_stack_lvl+0x16c/0x1f0 [ 518.268797][T13442] should_fail_ex+0x512/0x640 [ 518.268836][T13442] _copy_from_iter+0x29f/0x16f0 [ 518.268877][T13442] ? __alloc_skb+0x200/0x380 [ 518.268912][T13442] ? __pfx__copy_from_iter+0x10/0x10 [ 518.268952][T13442] ? __lock_acquire+0xb8a/0x1c90 [ 518.268996][T13442] netlink_sendmsg+0x829/0xdd0 [ 518.269028][T13442] ? __pfx_netlink_sendmsg+0x10/0x10 [ 518.269068][T13442] ____sys_sendmsg+0xa98/0xc70 [ 518.269096][T13442] ? copy_msghdr_from_user+0x10a/0x160 [ 518.269131][T13442] ? __pfx_____sys_sendmsg+0x10/0x10 [ 518.269164][T13442] ? kfree+0x24f/0x4d0 [ 518.269192][T13442] ? __pfx__kstrtoull+0x10/0x10 [ 518.269228][T13442] ___sys_sendmsg+0x134/0x1d0 [ 518.269266][T13442] ? __pfx____sys_sendmsg+0x10/0x10 [ 518.269334][T13442] ? __pfx___might_resched+0x10/0x10 [ 518.269367][T13442] __sys_sendmmsg+0x200/0x420 [ 518.269407][T13442] ? __pfx___sys_sendmmsg+0x10/0x10 [ 518.269454][T13442] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 518.269505][T13442] ? fput+0x70/0xf0 [ 518.269529][T13442] ? ksys_write+0x1ac/0x250 [ 518.269562][T13442] ? __pfx_ksys_write+0x10/0x10 [ 518.269608][T13442] __x64_sys_sendmmsg+0x9c/0x100 [ 518.269642][T13442] ? lockdep_hardirqs_on+0x7c/0x110 [ 518.269676][T13442] do_syscall_64+0xcd/0x490 [ 518.269716][T13442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.269742][T13442] RIP: 0033:0x7fb05278e929 [ 518.269762][T13442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 518.269787][T13442] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 518.269811][T13442] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 518.269829][T13442] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 518.269845][T13442] RBP: 00007fb0535b1090 R08: 0000000000000000 R09: 0000000000000000 [ 518.269860][T13442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 518.269872][T13442] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 518.269905][T13442] [ 518.506681][ C1] vkms_vblank_simulate: vblank timer overrun [ 518.791583][T13452] FAULT_INJECTION: forcing a failure. [ 518.791583][T13452] name failslab, interval 1, probability 0, space 0, times 0 [ 518.840561][T13452] CPU: 0 UID: 0 PID: 13452 Comm: syz.3.1814 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 518.840607][T13452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 518.840623][T13452] Call Trace: [ 518.840631][T13452] [ 518.840641][T13452] dump_stack_lvl+0x16c/0x1f0 [ 518.840682][T13452] should_fail_ex+0x512/0x640 [ 518.840717][T13452] ? __kmalloc_noprof+0xbf/0x510 [ 518.840755][T13452] ? copy_splice_read+0x1a8/0xba0 [ 518.840784][T13452] should_failslab+0xc2/0x120 [ 518.840809][T13452] __kmalloc_noprof+0xd2/0x510 [ 518.840852][T13452] copy_splice_read+0x1a8/0xba0 [ 518.840885][T13452] ? __pfx_iter_file_splice_write+0x10/0x10 [ 518.840926][T13452] ? __pfx_copy_splice_read+0x10/0x10 [ 518.840967][T13452] ? look_up_lock_class+0x6b/0x150 [ 518.841012][T13452] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 518.841050][T13452] ? __pfx_copy_splice_read+0x10/0x10 [ 518.841080][T13452] do_splice_read+0x285/0x370 [ 518.841116][T13452] splice_direct_to_actor+0x2a1/0xa30 [ 518.841150][T13452] ? __pfx_direct_splice_actor+0x10/0x10 [ 518.841189][T13452] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 518.841220][T13452] ? get_pid_task+0xfc/0x250 [ 518.841264][T13452] do_splice_direct+0x174/0x240 [ 518.841296][T13452] ? __pfx_do_splice_direct+0x10/0x10 [ 518.841329][T13452] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 518.841362][T13452] ? bpf_lsm_file_permission+0x9/0x10 [ 518.841390][T13452] ? security_file_permission+0x71/0x210 [ 518.841423][T13452] ? rw_verify_area+0xcf/0x680 [ 518.841459][T13452] do_sendfile+0xb06/0xe50 [ 518.841498][T13452] ? __pfx_do_sendfile+0x10/0x10 [ 518.841532][T13452] ? __fget_files+0x20e/0x3c0 [ 518.841574][T13452] __x64_sys_sendfile64+0x1d8/0x220 [ 518.841615][T13452] ? ksys_write+0x1ac/0x250 [ 518.841648][T13452] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 518.841685][T13452] do_syscall_64+0xcd/0x490 [ 518.841723][T13452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.841750][T13452] RIP: 0033:0x7f0e91b8e929 [ 518.841771][T13452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 518.841796][T13452] RSP: 002b:00007f0e929e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 518.841821][T13452] RAX: ffffffffffffffda RBX: 00007f0e91db5fa0 RCX: 00007f0e91b8e929 [ 518.841838][T13452] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 518.841854][T13452] RBP: 00007f0e929e8090 R08: 0000000000000000 R09: 0000000000000000 [ 518.841869][T13452] R10: 0004000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 518.841885][T13452] R13: 0000000000000000 R14: 00007f0e91db5fa0 R15: 00007ffcfed012d8 [ 518.841920][T13452] [ 519.261565][T13458] FAULT_INJECTION: forcing a failure. [ 519.261565][T13458] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 519.275886][T13458] CPU: 0 UID: 0 PID: 13458 Comm: syz.0.1815 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 519.275922][T13458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 519.275936][T13458] Call Trace: [ 519.275945][T13458] [ 519.275954][T13458] dump_stack_lvl+0x16c/0x1f0 [ 519.275993][T13458] should_fail_ex+0x512/0x640 [ 519.276032][T13458] should_fail_alloc_page+0xe7/0x130 [ 519.276059][T13458] prepare_alloc_pages+0x3c2/0x610 [ 519.276094][T13458] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 519.276131][T13458] ? __lock_acquire+0x622/0x1c90 [ 519.276172][T13458] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 519.276228][T13458] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 519.276264][T13458] ? policy_nodemask+0xea/0x4e0 [ 519.276289][T13458] alloc_pages_mpol+0x1fb/0x550 [ 519.276320][T13458] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 519.276354][T13458] alloc_pages_noprof+0x131/0x390 [ 519.276378][T13458] __pmd_alloc+0x3b/0x930 [ 519.276401][T13458] ? find_held_lock+0x2b/0x80 [ 519.276427][T13458] __handle_mm_fault+0xaac/0x5490 [ 519.276467][T13458] ? __pfx___handle_mm_fault+0x10/0x10 [ 519.276493][T13458] ? __pfx_mt_find+0x10/0x10 [ 519.276535][T13458] ? find_vma+0xbf/0x140 [ 519.276559][T13458] ? __pfx_find_vma+0x10/0x10 [ 519.276585][T13458] handle_mm_fault+0x589/0xd10 [ 519.276617][T13458] ? __pkru_allows_pkey+0x51/0xb0 [ 519.276652][T13458] do_user_addr_fault+0x7a6/0x1370 [ 519.276688][T13458] ? rcu_is_watching+0x12/0xc0 [ 519.276718][T13458] exc_page_fault+0x5c/0xb0 [ 519.276753][T13458] asm_exc_page_fault+0x26/0x30 [ 519.276777][T13458] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 519.276804][T13458] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 0f 11 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 519.276827][T13458] RSP: 0018:ffffc900048177d0 EFLAGS: 00050206 [ 519.276848][T13458] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 519.276864][T13458] RDX: ffffed100b906f69 RSI: 0000000000000000 RDI: ffff88805c837a80 [ 519.276880][T13458] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100b906f68 [ 519.276896][T13458] R10: ffff88805c837b43 R11: 0000000000000000 R12: ffffc90004817d60 [ 519.276913][T13458] R13: 00000000000000c4 R14: ffff88805c837a80 R15: 00007ffffffff000 [ 519.276947][T13458] _copy_from_iter+0x383/0x16f0 [ 519.276987][T13458] ? __alloc_skb+0x200/0x380 [ 519.277019][T13458] ? __pfx__copy_from_iter+0x10/0x10 [ 519.277057][T13458] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 519.277090][T13458] netlink_sendmsg+0x829/0xdd0 [ 519.277122][T13458] ? __pfx_netlink_sendmsg+0x10/0x10 [ 519.277161][T13458] ____sys_sendmsg+0xa98/0xc70 [ 519.277189][T13458] ? copy_msghdr_from_user+0x10a/0x160 [ 519.277224][T13458] ? __pfx_____sys_sendmsg+0x10/0x10 [ 519.277258][T13458] ? __pfx__kstrtoull+0x10/0x10 [ 519.277293][T13458] ___sys_sendmsg+0x134/0x1d0 [ 519.277336][T13458] ? __pfx____sys_sendmsg+0x10/0x10 [ 519.277390][T13458] ? find_held_lock+0x2b/0x80 [ 519.277437][T13458] __sys_sendmmsg+0x200/0x420 [ 519.277478][T13458] ? __pfx___sys_sendmmsg+0x10/0x10 [ 519.277525][T13458] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 519.277576][T13458] ? fput+0x70/0xf0 [ 519.277605][T13458] ? ksys_write+0x1ac/0x250 [ 519.277637][T13458] ? __pfx_ksys_write+0x10/0x10 [ 519.277677][T13458] __x64_sys_sendmmsg+0x9c/0x100 [ 519.277711][T13458] ? lockdep_hardirqs_on+0x7c/0x110 [ 519.277743][T13458] do_syscall_64+0xcd/0x490 [ 519.277778][T13458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.277800][T13458] RIP: 0033:0x7fb05278e929 [ 519.277820][T13458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 519.277842][T13458] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 519.277865][T13458] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 519.277882][T13458] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 519.277897][T13458] RBP: 00007fb0535b1090 R08: 0000000000000000 R09: 0000000000000000 [ 519.277912][T13458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 519.277924][T13458] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 519.277958][T13458] [ 520.846367][T13478] random: crng reseeded on system resumption [ 520.951074][T13483] FAULT_INJECTION: forcing a failure. [ 520.951074][T13483] name fail_futex, interval 1, probability 0, space 0, times 0 [ 520.977218][T13483] CPU: 1 UID: 0 PID: 13483 Comm: syz.3.1824 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 520.977259][T13483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 520.977275][T13483] Call Trace: [ 520.977284][T13483] [ 520.977296][T13483] dump_stack_lvl+0x16c/0x1f0 [ 520.977341][T13483] should_fail_ex+0x512/0x640 [ 520.977384][T13483] get_futex_key+0x1d0/0x1540 [ 520.977421][T13483] ? __pfx_get_futex_key+0x10/0x10 [ 520.977450][T13483] ? find_held_lock+0x2b/0x80 [ 520.977480][T13483] ? get_pid_task+0xfc/0x250 [ 520.977518][T13483] ? __futex_hash.constprop.0+0x1e9/0x440 [ 520.977553][T13483] futex_wake+0xe7/0x4e0 [ 520.977591][T13483] ? __pfx_futex_wake+0x10/0x10 [ 520.977633][T13483] ? __lock_acquire+0x622/0x1c90 [ 520.977675][T13483] do_futex+0x1e3/0x350 [ 520.977708][T13483] ? __pfx_do_futex+0x10/0x10 [ 520.977743][T13483] ? find_held_lock+0x2b/0x80 [ 520.977774][T13483] __x64_sys_futex+0x1e0/0x4c0 [ 520.977809][T13483] ? __fget_files+0x20e/0x3c0 [ 520.977843][T13483] ? __pfx___x64_sys_futex+0x10/0x10 [ 520.977881][T13483] ? fdget+0x187/0x210 [ 520.977921][T13483] do_syscall_64+0xcd/0x490 [ 520.977960][T13483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.977988][T13483] RIP: 0033:0x7f0e91b8e929 [ 520.978010][T13483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 520.978036][T13483] RSP: 002b:00007f0e929e80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 520.978061][T13483] RAX: ffffffffffffffda RBX: 00007f0e91db5fa8 RCX: 00007f0e91b8e929 [ 520.978079][T13483] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0e91db5fac [ 520.978104][T13483] RBP: 00007f0e91db5fa0 R08: 00007f0e929e9000 R09: 0000000000000000 [ 520.978121][T13483] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f0e91db5fac [ 520.978140][T13483] R13: 0000000000000000 R14: 00007ffcfed011f0 R15: 00007ffcfed012d8 [ 520.978177][T13483] [ 521.179311][ C1] vkms_vblank_simulate: vblank timer overrun [ 521.254839][T13486] FAULT_INJECTION: forcing a failure. [ 521.254839][T13486] name failslab, interval 1, probability 0, space 0, times 0 [ 521.384241][T13486] CPU: 0 UID: 0 PID: 13486 Comm: syz.1.1825 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 521.384280][T13486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 521.384294][T13486] Call Trace: [ 521.384311][T13486] [ 521.384320][T13486] dump_stack_lvl+0x16c/0x1f0 [ 521.384362][T13486] should_fail_ex+0x512/0x640 [ 521.384395][T13486] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 521.384432][T13486] should_failslab+0xc2/0x120 [ 521.384457][T13486] __kmalloc_cache_noprof+0x6a/0x3e0 [ 521.384490][T13486] ? alloc_pipe_info+0x10e/0x590 [ 521.384532][T13486] alloc_pipe_info+0x10e/0x590 [ 521.384571][T13486] splice_direct_to_actor+0x77d/0xa30 [ 521.384606][T13486] ? __pfx_direct_splice_actor+0x10/0x10 [ 521.384642][T13486] ? __pfx_aa_file_perm+0x10/0x10 [ 521.384676][T13486] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 521.384705][T13486] ? get_pid_task+0xfc/0x250 [ 521.384748][T13486] do_splice_direct+0x174/0x240 [ 521.384780][T13486] ? __pfx_do_splice_direct+0x10/0x10 [ 521.384813][T13486] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 521.384851][T13486] ? rw_verify_area+0xcf/0x680 [ 521.384885][T13486] do_sendfile+0xb06/0xe50 [ 521.384924][T13486] ? __pfx_do_sendfile+0x10/0x10 [ 521.384957][T13486] ? __fget_files+0x20e/0x3c0 [ 521.385000][T13486] __x64_sys_sendfile64+0x1d8/0x220 [ 521.385024][T13486] ? ksys_write+0x1ac/0x250 [ 521.385056][T13486] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 521.385092][T13486] do_syscall_64+0xcd/0x490 [ 521.385132][T13486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.385155][T13486] RIP: 0033:0x7f5ceb58e929 [ 521.385174][T13486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 521.385198][T13486] RSP: 002b:00007f5ce93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 521.385222][T13486] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb58e929 [ 521.385239][T13486] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 521.385253][T13486] RBP: 00007f5ce93f6090 R08: 0000000000000000 R09: 0000000000000000 [ 521.385269][T13486] R10: 0000004000000a1f R11: 0000000000000246 R12: 0000000000000001 [ 521.385284][T13486] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 521.385324][T13486] [ 522.433128][T13520] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64 [ 522.813222][T13521] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input65 [ 523.076368][T13527] FAULT_INJECTION: forcing a failure. [ 523.076368][T13527] name fail_futex, interval 1, probability 0, space 0, times 0 [ 523.089752][T13527] CPU: 1 UID: 0 PID: 13527 Comm: syz.2.1836 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 523.089787][T13527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 523.089812][T13527] Call Trace: [ 523.089821][T13527] [ 523.089830][T13527] dump_stack_lvl+0x16c/0x1f0 [ 523.089873][T13527] should_fail_ex+0x512/0x640 [ 523.089913][T13527] get_futex_key+0x1d0/0x1540 [ 523.089948][T13527] ? __pfx_get_futex_key+0x10/0x10 [ 523.089974][T13527] ? find_held_lock+0x2b/0x80 [ 523.089998][T13527] ? get_pid_task+0xfc/0x250 [ 523.090034][T13527] ? __futex_hash.constprop.0+0x1e9/0x440 [ 523.090066][T13527] futex_wake+0xe7/0x4e0 [ 523.090104][T13527] ? __pfx_futex_wake+0x10/0x10 [ 523.090145][T13527] ? __lock_acquire+0x622/0x1c90 [ 523.090186][T13527] do_futex+0x1e3/0x350 [ 523.090218][T13527] ? __pfx_do_futex+0x10/0x10 [ 523.090251][T13527] ? find_held_lock+0x2b/0x80 [ 523.090282][T13527] __x64_sys_futex+0x1e0/0x4c0 [ 523.090316][T13527] ? __fget_files+0x20e/0x3c0 [ 523.090350][T13527] ? __pfx___x64_sys_futex+0x10/0x10 [ 523.090386][T13527] ? fdget+0x187/0x210 [ 523.090425][T13527] do_syscall_64+0xcd/0x490 [ 523.090465][T13527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.090491][T13527] RIP: 0033:0x7f5e0418e929 [ 523.090513][T13527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 523.090538][T13527] RSP: 002b:00007f5e04f640e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 523.090563][T13527] RAX: ffffffffffffffda RBX: 00007f5e043b5fa8 RCX: 00007f5e0418e929 [ 523.090581][T13527] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5e043b5fac [ 523.090598][T13527] RBP: 00007f5e043b5fa0 R08: 00007f5e04f65000 R09: 0000000000000000 [ 523.090615][T13527] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f5e043b5fac [ 523.090632][T13527] R13: 0000000000000000 R14: 00007ffffaff78b0 R15: 00007ffffaff7998 [ 523.090666][T13527] [ 523.289320][ C1] vkms_vblank_simulate: vblank timer overrun [ 523.741270][T13536] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input66 [ 524.013457][T13540] page: refcount:6 mapcount:5 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 524.045047][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.067684][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.077561][T13540] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 524.088741][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.104883][T13540] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 524.105475][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.126413][T13549] FAULT_INJECTION: forcing a failure. [ 524.126413][T13549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 524.139619][T13540] raw: 0000000000000000 0000000000000000 0000000600000004 0000000000000000 [ 524.154595][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.166014][T13549] CPU: 0 UID: 0 PID: 13549 Comm: syz.0.1842 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 524.166050][T13549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 524.166064][T13549] Call Trace: [ 524.166073][T13549] [ 524.166081][T13549] dump_stack_lvl+0x16c/0x1f0 [ 524.166119][T13549] should_fail_ex+0x512/0x640 [ 524.166158][T13549] _copy_from_user+0x2e/0xd0 [ 524.166196][T13549] copy_msghdr_from_user+0x98/0x160 [ 524.166232][T13549] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 524.166274][T13549] ? __pfx__kstrtoull+0x10/0x10 [ 524.166310][T13549] ___sys_sendmsg+0xfe/0x1d0 [ 524.166345][T13549] ? __pfx____sys_sendmsg+0x10/0x10 [ 524.166397][T13549] ? find_held_lock+0x2b/0x80 [ 524.166446][T13549] __sys_sendmmsg+0x200/0x420 [ 524.166486][T13549] ? __pfx___sys_sendmmsg+0x10/0x10 [ 524.166533][T13549] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 524.166584][T13549] ? fput+0x70/0xf0 [ 524.166609][T13549] ? ksys_write+0x1ac/0x250 [ 524.166642][T13549] ? __pfx_ksys_write+0x10/0x10 [ 524.166682][T13549] __x64_sys_sendmmsg+0x9c/0x100 [ 524.166716][T13549] ? lockdep_hardirqs_on+0x7c/0x110 [ 524.166749][T13549] do_syscall_64+0xcd/0x490 [ 524.166787][T13549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.166813][T13549] RIP: 0033:0x7fb05278e929 [ 524.166834][T13549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 524.166859][T13549] RSP: 002b:00007fb053590038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 524.166882][T13549] RAX: ffffffffffffffda RBX: 00007fb0529b6080 RCX: 00007fb05278e929 [ 524.166898][T13549] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 524.166912][T13549] RBP: 00007fb053590090 R08: 0000000000000000 R09: 0000000000000000 [ 524.166927][T13549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 524.166940][T13549] R13: 0000000000000000 R14: 00007fb0529b6080 R15: 00007ffffe206758 [ 524.166979][T13549] [ 524.167345][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.376363][T13540] page dumped because: unmovable page [ 524.381760][T13540] page_owner tracks the page as allocated [ 524.390142][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.400582][T13540] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5844, tgid 5844 (syz-executor), ts 84880326471, free_ts 81165879296 [ 524.400791][T13548] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1842'. [ 524.435575][T13540] post_alloc_hook+0x1c0/0x230 [ 524.445497][T13540] get_page_from_freelist+0x1321/0x3890 [ 524.454727][T13540] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 524.463603][T13540] alloc_pages_mpol+0x1fb/0x550 [ 524.502249][T13540] alloc_pages_noprof+0x131/0x390 [ 524.509597][T13540] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 524.526989][T13540] vmalloc_user_noprof+0x9e/0xe0 [ 524.532188][T13540] kcov_ioctl+0x4c/0x730 [ 524.536596][T13540] __x64_sys_ioctl+0x18b/0x210 [ 524.541373][T13540] do_syscall_64+0xcd/0x490 [ 524.546174][T13540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.552174][T13540] page last free pid 5838 tgid 5838 stack trace: [ 524.558715][T13540] __free_frozen_pages+0x7fe/0x1180 [ 524.564115][T13540] vfree+0x1fd/0xb50 [ 524.568111][T13540] kcov_close+0x34/0x60 [ 524.572497][T13540] __fput+0x3ff/0xb70 [ 524.576575][T13540] fput_close_sync+0x118/0x260 [ 524.581364][T13540] __x64_sys_close+0x8b/0x120 [ 524.586206][T13540] do_syscall_64+0xcd/0x490 [ 524.590800][T13540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.833892][T13560] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1846'. [ 524.850269][T13560] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1846'. [ 525.229024][T13567] FAULT_INJECTION: forcing a failure. [ 525.229024][T13567] name fail_futex, interval 1, probability 0, space 0, times 0 [ 525.326361][T13567] CPU: 0 UID: 0 PID: 13567 Comm: syz.1.1848 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 525.326400][T13567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 525.326417][T13567] Call Trace: [ 525.326426][T13567] [ 525.326435][T13567] dump_stack_lvl+0x16c/0x1f0 [ 525.326478][T13567] should_fail_ex+0x512/0x640 [ 525.326520][T13567] get_futex_key+0x1d0/0x1540 [ 525.326564][T13567] ? __pfx_get_futex_key+0x10/0x10 [ 525.326592][T13567] ? find_held_lock+0x2b/0x80 [ 525.326619][T13567] ? get_pid_task+0xfc/0x250 [ 525.326652][T13567] ? __futex_hash.constprop.0+0x1e9/0x440 [ 525.326683][T13567] futex_wake+0xe7/0x4e0 [ 525.326717][T13567] ? __pfx_futex_wake+0x10/0x10 [ 525.326752][T13567] ? __lock_acquire+0x622/0x1c90 [ 525.326791][T13567] do_futex+0x1e3/0x350 [ 525.326823][T13567] ? __pfx_do_futex+0x10/0x10 [ 525.326854][T13567] ? find_held_lock+0x2b/0x80 [ 525.326870][T13567] __x64_sys_futex+0x1e0/0x4c0 [ 525.326888][T13567] ? __fget_files+0x20e/0x3c0 [ 525.326906][T13567] ? __pfx___x64_sys_futex+0x10/0x10 [ 525.326925][T13567] ? fdget+0x187/0x210 [ 525.326944][T13567] do_syscall_64+0xcd/0x490 [ 525.326965][T13567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.326980][T13567] RIP: 0033:0x7f5ceb58e929 [ 525.326992][T13567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 525.327006][T13567] RSP: 002b:00007f5ce93f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 525.327021][T13567] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa8 RCX: 00007f5ceb58e929 [ 525.327030][T13567] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5ceb7b5fac [ 525.327038][T13567] RBP: 00007f5ceb7b5fa0 R08: 00007f5cec303000 R09: 0000000000000000 [ 525.327047][T13567] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f5ceb7b5fac [ 525.327055][T13567] R13: 0000000000000000 R14: 00007ffc91366f20 R15: 00007ffc91367008 [ 525.327072][T13567] [ 526.981998][T13603] FAULT_INJECTION: forcing a failure. [ 526.981998][T13603] name failslab, interval 1, probability 0, space 0, times 0 [ 527.026167][T13603] CPU: 1 UID: 0 PID: 13603 Comm: syz.2.1860 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 527.026206][T13603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 527.026221][T13603] Call Trace: [ 527.026229][T13603] [ 527.026239][T13603] dump_stack_lvl+0x16c/0x1f0 [ 527.026280][T13603] should_fail_ex+0x512/0x640 [ 527.026313][T13603] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 527.026360][T13603] should_failslab+0xc2/0x120 [ 527.026385][T13603] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 527.026421][T13603] ? skb_clone+0x190/0x3f0 [ 527.026461][T13603] skb_clone+0x190/0x3f0 [ 527.026497][T13603] nfnetlink_rcv_batch+0x1cf/0x2330 [ 527.026524][T13603] ? kmem_cache_free+0x2d1/0x4d0 [ 527.026566][T13603] ? consume_skb+0xcc/0x100 [ 527.026591][T13603] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 527.026623][T13603] ? __local_bh_enable_ip+0xa4/0x120 [ 527.026652][T13603] ? lockdep_hardirqs_on+0x7c/0x110 [ 527.026684][T13603] ? __dev_queue_xmit+0x896/0x43e0 [ 527.026713][T13603] ? __local_bh_enable_ip+0xa4/0x120 [ 527.026739][T13603] ? __dev_queue_xmit+0x896/0x43e0 [ 527.026767][T13603] ? __dev_queue_xmit+0x8b7/0x43e0 [ 527.026810][T13603] ? __pfx___dev_queue_xmit+0x10/0x10 [ 527.026843][T13603] ? __asan_memset+0x23/0x50 [ 527.026874][T13603] ? __nla_validate_parse+0x600/0x2880 [ 527.026904][T13603] ? __pfx_aa_get_newest_label+0x10/0x10 [ 527.026932][T13603] ? rcu_is_watching+0x12/0xc0 [ 527.026959][T13603] ? __pfx___nla_validate_parse+0x10/0x10 [ 527.026990][T13603] ? apparmor_capable+0x114/0x1d0 [ 527.027023][T13603] ? __nla_parse+0x40/0x60 [ 527.027054][T13603] nfnetlink_rcv+0x3c1/0x430 [ 527.027084][T13603] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 527.027123][T13603] netlink_unicast+0x53a/0x7f0 [ 527.027154][T13603] ? __pfx_netlink_unicast+0x10/0x10 [ 527.027191][T13603] netlink_sendmsg+0x8d1/0xdd0 [ 527.027222][T13603] ? __pfx_netlink_sendmsg+0x10/0x10 [ 527.027262][T13603] ____sys_sendmsg+0xa98/0xc70 [ 527.027291][T13603] ? copy_msghdr_from_user+0x10a/0x160 [ 527.027326][T13603] ? __pfx_____sys_sendmsg+0x10/0x10 [ 527.027377][T13603] ___sys_sendmsg+0x134/0x1d0 [ 527.027414][T13603] ? __pfx____sys_sendmsg+0x10/0x10 [ 527.027445][T13603] ? __lock_acquire+0x622/0x1c90 [ 527.027521][T13603] __sys_sendmsg+0x16d/0x220 [ 527.027557][T13603] ? __pfx___sys_sendmsg+0x10/0x10 [ 527.027612][T13603] do_syscall_64+0xcd/0x490 [ 527.027648][T13603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.027673][T13603] RIP: 0033:0x7f5e0418e929 [ 527.027693][T13603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.027718][T13603] RSP: 002b:00007f5e04f64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 527.027741][T13603] RAX: ffffffffffffffda RBX: 00007f5e043b5fa0 RCX: 00007f5e0418e929 [ 527.027757][T13603] RDX: 0000000010004010 RSI: 0000200000000100 RDI: 0000000000000003 [ 527.027772][T13603] RBP: 00007f5e04f64090 R08: 0000000000000000 R09: 0000000000000000 [ 527.027786][T13603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 527.027800][T13603] R13: 0000000000000000 R14: 00007f5e043b5fa0 R15: 00007ffffaff7998 [ 527.027830][T13603] [ 527.344364][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.925459][T13643] FAULT_INJECTION: forcing a failure. [ 528.925459][T13643] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 528.964824][T13643] CPU: 1 UID: 0 PID: 13643 Comm: syz.2.1870 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 528.964848][T13643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 528.964856][T13643] Call Trace: [ 528.964861][T13643] [ 528.964867][T13643] dump_stack_lvl+0x16c/0x1f0 [ 528.964892][T13643] should_fail_ex+0x512/0x640 [ 528.964914][T13643] _copy_from_user+0x2e/0xd0 [ 528.964935][T13643] move_addr_to_kernel+0x65/0x170 [ 528.964954][T13643] __copy_msghdr+0x386/0x470 [ 528.964973][T13643] copy_msghdr_from_user+0xc1/0x160 [ 528.964991][T13643] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 528.965013][T13643] ? kfree+0x24f/0x4d0 [ 528.965029][T13643] ? __pfx__kstrtoull+0x10/0x10 [ 528.965047][T13643] ___sys_sendmsg+0xfe/0x1d0 [ 528.965067][T13643] ? __pfx____sys_sendmsg+0x10/0x10 [ 528.965102][T13643] ? __pfx___might_resched+0x10/0x10 [ 528.965130][T13643] __sys_sendmmsg+0x200/0x420 [ 528.965163][T13643] ? __pfx___sys_sendmmsg+0x10/0x10 [ 528.965209][T13643] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 528.965255][T13643] ? fput+0x70/0xf0 [ 528.965277][T13643] ? ksys_write+0x1ac/0x250 [ 528.965296][T13643] ? __pfx_ksys_write+0x10/0x10 [ 528.965318][T13643] __x64_sys_sendmmsg+0x9c/0x100 [ 528.965337][T13643] ? lockdep_hardirqs_on+0x7c/0x110 [ 528.965355][T13643] do_syscall_64+0xcd/0x490 [ 528.965377][T13643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.965391][T13643] RIP: 0033:0x7f5e0418e929 [ 528.965403][T13643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.965417][T13643] RSP: 002b:00007f5e04f64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 528.965431][T13643] RAX: ffffffffffffffda RBX: 00007f5e043b5fa0 RCX: 00007f5e0418e929 [ 528.965440][T13643] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000007 [ 528.965448][T13643] RBP: 00007f5e04f64090 R08: 0000000000000000 R09: 0000000000000000 [ 528.965456][T13643] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 528.965464][T13643] R13: 0000000000000000 R14: 00007f5e043b5fa0 R15: 00007ffffaff7998 [ 528.965481][T13643] [ 529.177063][ C1] vkms_vblank_simulate: vblank timer overrun [ 529.597454][T13649] usb usb28: usbfs: process 13649 (syz.2.1873) did not claim interface 0 before use [ 529.873005][T13651] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 530.511288][T13668] __nla_validate_parse: 8 callbacks suppressed [ 530.511302][T13668] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1877'. [ 530.756814][T13661] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68 [ 532.114061][T13687] random: crng reseeded on system resumption [ 533.327001][T13714] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 533.646915][T13716] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 533.670645][T13715] FAULT_INJECTION: forcing a failure. [ 533.670645][T13715] name failslab, interval 1, probability 0, space 0, times 0 [ 533.685182][T13715] CPU: 1 UID: 0 PID: 13715 Comm: syz.3.1890 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 533.685218][T13715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 533.685232][T13715] Call Trace: [ 533.685241][T13715] [ 533.685251][T13715] dump_stack_lvl+0x16c/0x1f0 [ 533.685293][T13715] should_fail_ex+0x512/0x640 [ 533.685326][T13715] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 533.685368][T13715] should_failslab+0xc2/0x120 [ 533.685392][T13715] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 533.685426][T13715] ? lockdep_init_map_type+0x5c/0x280 [ 533.685459][T13715] ? __d_alloc+0x31/0xaa0 [ 533.685501][T13715] __d_alloc+0x31/0xaa0 [ 533.685539][T13715] d_alloc_pseudo+0x1c/0xc0 [ 533.685565][T13715] alloc_file_pseudo+0xcf/0x230 [ 533.685596][T13715] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 533.685634][T13715] ? alloc_fd+0x471/0x7d0 [ 533.685674][T13715] sock_alloc_file+0x50/0x210 [ 533.685718][T13715] __sys_socket+0x1c0/0x260 [ 533.685745][T13715] ? fput+0x70/0xf0 [ 533.685774][T13715] ? __pfx___sys_socket+0x10/0x10 [ 533.685805][T13715] ? xfd_validate_state+0x61/0x180 [ 533.685841][T13715] ? __pfx_ksys_write+0x10/0x10 [ 533.685884][T13715] __x64_sys_socket+0x72/0xb0 [ 533.685911][T13715] ? lockdep_hardirqs_on+0x7c/0x110 [ 533.685947][T13715] do_syscall_64+0xcd/0x490 [ 533.685987][T13715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.686014][T13715] RIP: 0033:0x7f0e91b8e929 [ 533.686036][T13715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 533.686062][T13715] RSP: 002b:00007f0e929c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 533.686087][T13715] RAX: ffffffffffffffda RBX: 00007f0e91db6080 RCX: 00007f0e91b8e929 [ 533.686104][T13715] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 533.686120][T13715] RBP: 00007f0e91c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 533.686136][T13715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.686151][T13715] R13: 0000000000000000 R14: 00007f0e91db6080 R15: 00007ffcfed012d8 [ 533.686186][T13715] [ 533.906211][ C1] vkms_vblank_simulate: vblank timer overrun [ 534.241342][T13726] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1892'. [ 534.498718][T13732] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1895'. [ 534.939632][T13742] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71 [ 535.375185][T13744] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 536.289149][T13761] page: refcount:6 mapcount:5 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 536.318272][T13761] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 536.356058][T13761] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 536.405262][T13761] raw: 0000000000000000 0000000000000000 0000000600000004 0000000000000000 [ 536.425325][T13761] page dumped because: unmovable page [ 536.445777][T13761] page_owner tracks the page as allocated [ 536.451553][T13761] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5844, tgid 5844 (syz-executor), ts 84880326471, free_ts 81165879296 [ 536.560405][T13763] could not allocate digest TFM handle binfmt_misc [ 536.577724][T13761] post_alloc_hook+0x1c0/0x230 [ 536.582580][T13761] get_page_from_freelist+0x1321/0x3890 [ 536.659621][T13763] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 536.669380][T13761] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 536.680037][T13761] alloc_pages_mpol+0x1fb/0x550 [ 536.684956][T13761] alloc_pages_noprof+0x131/0x390 [ 536.720787][T13761] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 536.733683][T13761] vmalloc_user_noprof+0x9e/0xe0 [ 536.763797][T13761] kcov_ioctl+0x4c/0x730 [ 536.789763][T13761] __x64_sys_ioctl+0x18b/0x210 [ 536.875411][T13761] do_syscall_64+0xcd/0x490 [ 536.879954][T13761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.958686][T13761] page last free pid 5838 tgid 5838 stack trace: [ 536.958764][T13761] __free_frozen_pages+0x7fe/0x1180 [ 536.958804][T13761] vfree+0x1fd/0xb50 [ 536.958832][T13761] kcov_close+0x34/0x60 [ 536.958867][T13761] __fput+0x3ff/0xb70 [ 536.958892][T13761] fput_close_sync+0x118/0x260 [ 536.958919][T13761] __x64_sys_close+0x8b/0x120 [ 536.958949][T13761] do_syscall_64+0xcd/0x490 [ 536.958987][T13761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.607547][T13783] FAULT_INJECTION: forcing a failure. [ 537.607547][T13783] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 537.645625][T13783] CPU: 0 UID: 0 PID: 13783 Comm: syz.1.1906 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 537.645666][T13783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 537.645683][T13783] Call Trace: [ 537.645693][T13783] [ 537.645704][T13783] dump_stack_lvl+0x16c/0x1f0 [ 537.645750][T13783] should_fail_ex+0x512/0x640 [ 537.645797][T13783] _copy_to_user+0x32/0xd0 [ 537.645840][T13783] sctp_getsockopt_local_addrs+0x4ce/0xde0 [ 537.645887][T13783] ? __pfx_sctp_getsockopt_local_addrs+0x10/0x10 [ 537.645923][T13783] ? do_raw_spin_lock+0x12c/0x2b0 [ 537.645964][T13783] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 537.646017][T13783] ? sctp_getsockopt+0x12a1/0x6b10 [ 537.646048][T13783] sctp_getsockopt+0x12a1/0x6b10 [ 537.646080][T13783] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 537.646116][T13783] ? __pfx_sctp_getsockopt+0x10/0x10 [ 537.646147][T13783] ? __pfx___futex_wait+0x10/0x10 [ 537.646183][T13783] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 537.646232][T13783] ? __lock_acquire+0xb8a/0x1c90 [ 537.646271][T13783] ? __pfx___might_resched+0x10/0x10 [ 537.646319][T13783] ? find_held_lock+0x2b/0x80 [ 537.646345][T13783] ? __might_fault+0xe3/0x190 [ 537.646382][T13783] ? __might_fault+0xe3/0x190 [ 537.646414][T13783] ? __might_fault+0x13b/0x190 [ 537.646458][T13783] ? sock_common_getsockopt+0x21/0xb0 [ 537.646485][T13783] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 537.646515][T13783] do_sock_getsockopt+0x3ff/0x800 [ 537.646548][T13783] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 537.646575][T13783] ? __fget_files+0x204/0x3c0 [ 537.646627][T13783] __sys_getsockopt+0x123/0x1b0 [ 537.646672][T13783] __x64_sys_getsockopt+0xbd/0x160 [ 537.646707][T13783] ? do_syscall_64+0x91/0x490 [ 537.646742][T13783] ? lockdep_hardirqs_on+0x7c/0x110 [ 537.646777][T13783] do_syscall_64+0xcd/0x490 [ 537.646816][T13783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.646843][T13783] RIP: 0033:0x7f5ceb58e929 [ 537.646866][T13783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 537.646892][T13783] RSP: 002b:00007f5ce93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 537.646918][T13783] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb58e929 [ 537.646937][T13783] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 537.646954][T13783] RBP: 00007f5ceb610b39 R08: 0000200000000280 R09: 0000000000000000 [ 537.646971][T13783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 537.646987][T13783] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 537.647025][T13783] [ 539.748636][T13822] page: refcount:8 mapcount:7 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 539.793481][T13822] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 539.884345][T13822] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 539.913479][T13822] raw: 0000000000000000 0000000000000000 0000000800000006 0000000000000000 [ 539.970547][T13830] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 540.026031][T13822] page dumped because: unmovable page [ 540.057357][T13824] could not allocate digest TFM handle binfmt_misc [ 540.094957][T13822] page_owner tracks the page as allocated [ 540.141665][T13822] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5844, tgid 5844 (syz-executor), ts 84880326471, free_ts 81165879296 [ 540.333588][T13822] post_alloc_hook+0x1c0/0x230 [ 540.387650][T13822] get_page_from_freelist+0x1321/0x3890 [ 540.536391][T13822] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 540.542377][T13822] alloc_pages_mpol+0x1fb/0x550 [ 540.595739][T13822] alloc_pages_noprof+0x131/0x390 [ 540.600848][T13822] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 540.616184][T13822] vmalloc_user_noprof+0x9e/0xe0 [ 540.623535][T13822] kcov_ioctl+0x4c/0x730 [ 540.635065][T13822] __x64_sys_ioctl+0x18b/0x210 [ 540.640033][T13822] do_syscall_64+0xcd/0x490 [ 540.644585][T13822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.674091][T13822] page last free pid 5838 tgid 5838 stack trace: [ 540.735247][T13822] __free_frozen_pages+0x7fe/0x1180 [ 540.740538][T13822] vfree+0x1fd/0xb50 [ 540.744479][T13822] kcov_close+0x34/0x60 [ 540.793532][T13822] __fput+0x3ff/0xb70 [ 540.812200][T13822] fput_close_sync+0x118/0x260 [ 540.885344][T13822] __x64_sys_close+0x8b/0x120 [ 540.890108][T13822] do_syscall_64+0xcd/0x490 [ 540.919220][T13822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.743142][T13893] page: refcount:8 mapcount:7 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 542.806729][T13893] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 542.893977][T13893] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 542.975950][T13893] raw: 0000000000000000 0000000000000000 0000000800000006 0000000000000000 [ 542.984807][T13893] page dumped because: unmovable page [ 542.993051][T13893] page_owner tracks the page as allocated [ 543.000113][T13893] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5844, tgid 5844 (syz-executor), ts 84880326471, free_ts 81165879296 [ 543.020333][T13893] post_alloc_hook+0x1c0/0x230 [ 543.025629][T13893] get_page_from_freelist+0x1321/0x3890 [ 543.032088][T13893] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 543.038622][T13893] alloc_pages_mpol+0x1fb/0x550 [ 543.043673][T13893] alloc_pages_noprof+0x131/0x390 [ 543.066187][T13893] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 543.110236][T13899] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 543.157121][T13893] vmalloc_user_noprof+0x9e/0xe0 [ 543.241262][T13893] kcov_ioctl+0x4c/0x730 [ 543.281689][T13893] __x64_sys_ioctl+0x18b/0x210 [ 543.343487][T13896] could not allocate digest TFM handle binfmt_misc [ 543.350369][T13893] do_syscall_64+0xcd/0x490 [ 543.354997][T13893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.415437][T13893] page last free pid 5838 tgid 5838 stack trace: [ 543.576348][T13893] __free_frozen_pages+0x7fe/0x1180 [ 543.607575][T13893] vfree+0x1fd/0xb50 [ 543.623721][T13893] kcov_close+0x34/0x60 [ 543.641002][T13893] __fput+0x3ff/0xb70 [ 543.661960][T13893] fput_close_sync+0x118/0x260 [ 543.699309][T13893] __x64_sys_close+0x8b/0x120 [ 543.704078][T13893] do_syscall_64+0xcd/0x490 [ 543.746999][T13893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.797139][T13908] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 544.497222][T13909] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input74 [ 546.172012][T13943] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input75 [ 547.257738][T13945] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input76 [ 549.558692][T13984] FAULT_INJECTION: forcing a failure. [ 549.558692][T13984] name failslab, interval 1, probability 0, space 0, times 0 [ 549.582493][T13984] CPU: 1 UID: 0 PID: 13984 Comm: syz.0.1952 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 549.582534][T13984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 549.582550][T13984] Call Trace: [ 549.582559][T13984] [ 549.582568][T13984] dump_stack_lvl+0x16c/0x1f0 [ 549.582611][T13984] should_fail_ex+0x512/0x640 [ 549.582653][T13984] ? fs_reclaim_acquire+0xae/0x150 [ 549.582690][T13984] should_failslab+0xc2/0x120 [ 549.582716][T13984] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 549.582756][T13984] ? security_inode_alloc+0x3b/0x2b0 [ 549.582790][T13984] security_inode_alloc+0x3b/0x2b0 [ 549.582818][T13984] inode_init_always_gfp+0xce4/0x1030 [ 549.582857][T13984] alloc_inode+0x86/0x240 [ 549.582884][T13984] new_inode+0x22/0x1c0 [ 549.582910][T13984] proc_sys_make_inode+0x47/0x5c0 [ 549.582949][T13984] proc_sys_lookup+0x282/0x410 [ 549.582975][T13984] ? __pfx_proc_sys_lookup+0x10/0x10 [ 549.582995][T13984] ? do_raw_spin_unlock+0x172/0x230 [ 549.583009][T13984] ? _raw_spin_unlock+0x28/0x50 [ 549.583026][T13984] ? proc_sys_permission+0x149/0x1a0 [ 549.583045][T13984] ? inode_permission+0x156/0x630 [ 549.583062][T13984] ? __pfx_proc_sys_lookup+0x10/0x10 [ 549.583080][T13984] lookup_open.isra.0+0x4d7/0x1580 [ 549.583102][T13984] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 549.583128][T13984] ? __pfx_down_write+0x10/0x10 [ 549.583140][T13984] ? mnt_get_write_access+0x20c/0x300 [ 549.583158][T13984] path_openat+0x893/0x2cb0 [ 549.583183][T13984] ? __pfx_path_openat+0x10/0x10 [ 549.583203][T13984] ? __lock_acquire+0xb8a/0x1c90 [ 549.583223][T13984] do_filp_open+0x20b/0x470 [ 549.583242][T13984] ? __pfx_do_filp_open+0x10/0x10 [ 549.583274][T13984] ? alloc_fd+0x471/0x7d0 [ 549.583297][T13984] do_sys_openat2+0x11b/0x1d0 [ 549.583312][T13984] ? __pfx_do_sys_openat2+0x10/0x10 [ 549.583335][T13984] __x64_sys_openat+0x174/0x210 [ 549.583350][T13984] ? __pfx___x64_sys_openat+0x10/0x10 [ 549.583377][T13984] do_syscall_64+0xcd/0x490 [ 549.583398][T13984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.583412][T13984] RIP: 0033:0x7fb05278e929 [ 549.583425][T13984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 549.583438][T13984] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 549.583452][T13984] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 549.583462][T13984] RDX: 0000000000103142 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 549.583470][T13984] RBP: 00007fb052810b39 R08: 0000000000000000 R09: 0000000000000000 [ 549.583478][T13984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 549.583486][T13984] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 549.583504][T13984] [ 549.857311][ C1] vkms_vblank_simulate: vblank timer overrun [ 551.624493][T14005] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input77 [ 552.088900][T14012] FAULT_INJECTION: forcing a failure. [ 552.088900][T14012] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 552.131384][T14012] CPU: 1 UID: 0 PID: 14012 Comm: syz.3.1960 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 552.131425][T14012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 552.131441][T14012] Call Trace: [ 552.131450][T14012] [ 552.131460][T14012] dump_stack_lvl+0x16c/0x1f0 [ 552.131503][T14012] should_fail_ex+0x512/0x640 [ 552.131545][T14012] _copy_to_user+0x32/0xd0 [ 552.131586][T14012] sctp_getsockopt_local_addrs+0x4ce/0xde0 [ 552.131632][T14012] ? __pfx_sctp_getsockopt_local_addrs+0x10/0x10 [ 552.131668][T14012] ? do_raw_spin_lock+0x12c/0x2b0 [ 552.131707][T14012] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 552.131755][T14012] ? sctp_getsockopt+0x12a1/0x6b10 [ 552.131782][T14012] sctp_getsockopt+0x12a1/0x6b10 [ 552.131814][T14012] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 552.131849][T14012] ? __pfx_sctp_getsockopt+0x10/0x10 [ 552.131877][T14012] ? __pfx___futex_wait+0x10/0x10 [ 552.131912][T14012] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 552.131961][T14012] ? __lock_acquire+0xb8a/0x1c90 [ 552.131998][T14012] ? __pfx___might_resched+0x10/0x10 [ 552.132040][T14012] ? find_held_lock+0x2b/0x80 [ 552.132066][T14012] ? __might_fault+0xe3/0x190 [ 552.132101][T14012] ? __might_fault+0xe3/0x190 [ 552.132134][T14012] ? __might_fault+0x13b/0x190 [ 552.132175][T14012] ? sock_common_getsockopt+0x21/0xb0 [ 552.132201][T14012] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 552.132230][T14012] do_sock_getsockopt+0x3ff/0x800 [ 552.132261][T14012] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 552.132287][T14012] ? __fget_files+0x204/0x3c0 [ 552.132348][T14012] __sys_getsockopt+0x123/0x1b0 [ 552.132393][T14012] __x64_sys_getsockopt+0xbd/0x160 [ 552.132429][T14012] ? do_syscall_64+0x91/0x490 [ 552.132468][T14012] ? lockdep_hardirqs_on+0x7c/0x110 [ 552.132503][T14012] do_syscall_64+0xcd/0x490 [ 552.132540][T14012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.132565][T14012] RIP: 0033:0x7f0e91b8e929 [ 552.132586][T14012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 552.132613][T14012] RSP: 002b:00007f0e929e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 552.132637][T14012] RAX: ffffffffffffffda RBX: 00007f0e91db5fa0 RCX: 00007f0e91b8e929 [ 552.132653][T14012] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 552.132669][T14012] RBP: 00007f0e91c10b39 R08: 0000200000000280 R09: 0000000000000000 [ 552.132686][T14012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.132700][T14012] R13: 0000000000000000 R14: 00007f0e91db5fa0 R15: 00007ffcfed012d8 [ 552.132734][T14012] [ 552.806438][T14016] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input78 [ 552.822267][T14022] FAULT_INJECTION: forcing a failure. [ 552.822267][T14022] name failslab, interval 1, probability 0, space 0, times 0 [ 552.876805][T14022] CPU: 1 UID: 0 PID: 14022 Comm: syz.0.1963 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 552.876844][T14022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 552.876860][T14022] Call Trace: [ 552.876868][T14022] [ 552.876879][T14022] dump_stack_lvl+0x16c/0x1f0 [ 552.876922][T14022] should_fail_ex+0x512/0x640 [ 552.876957][T14022] ? fs_reclaim_acquire+0xae/0x150 [ 552.876992][T14022] should_failslab+0xc2/0x120 [ 552.877019][T14022] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 552.877066][T14022] ? security_inode_alloc+0x3b/0x2b0 [ 552.877102][T14022] security_inode_alloc+0x3b/0x2b0 [ 552.877134][T14022] inode_init_always_gfp+0xce4/0x1030 [ 552.877179][T14022] alloc_inode+0x86/0x240 [ 552.877207][T14022] new_inode+0x22/0x1c0 [ 552.877238][T14022] proc_sys_make_inode+0x47/0x5c0 [ 552.877279][T14022] proc_sys_lookup+0x282/0x410 [ 552.877326][T14022] ? __pfx_proc_sys_lookup+0x10/0x10 [ 552.877366][T14022] ? do_raw_spin_unlock+0x172/0x230 [ 552.877394][T14022] ? _raw_spin_unlock+0x28/0x50 [ 552.877428][T14022] ? proc_sys_permission+0x149/0x1a0 [ 552.877466][T14022] ? inode_permission+0x156/0x630 [ 552.877498][T14022] ? __pfx_proc_sys_lookup+0x10/0x10 [ 552.877534][T14022] lookup_open.isra.0+0x4d7/0x1580 [ 552.877575][T14022] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 552.877629][T14022] ? __pfx_down_write+0x10/0x10 [ 552.877651][T14022] ? mnt_get_write_access+0x20c/0x300 [ 552.877688][T14022] path_openat+0x893/0x2cb0 [ 552.877737][T14022] ? __pfx_path_openat+0x10/0x10 [ 552.877776][T14022] ? __lock_acquire+0xb8a/0x1c90 [ 552.877815][T14022] do_filp_open+0x20b/0x470 [ 552.877852][T14022] ? __pfx_do_filp_open+0x10/0x10 [ 552.877917][T14022] ? alloc_fd+0x471/0x7d0 [ 552.877962][T14022] do_sys_openat2+0x11b/0x1d0 [ 552.877991][T14022] ? __pfx_do_sys_openat2+0x10/0x10 [ 552.878036][T14022] __x64_sys_openat+0x174/0x210 [ 552.878066][T14022] ? __pfx___x64_sys_openat+0x10/0x10 [ 552.878112][T14022] do_syscall_64+0xcd/0x490 [ 552.878152][T14022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.878179][T14022] RIP: 0033:0x7fb05278e929 [ 552.878201][T14022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 552.878229][T14022] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 552.878255][T14022] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 552.878274][T14022] RDX: 0000000000103142 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 552.878291][T14022] RBP: 00007fb052810b39 R08: 0000000000000000 R09: 0000000000000000 [ 552.878323][T14022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.878340][T14022] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 552.878376][T14022] [ 554.241333][T14037] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79 [ 555.575401][T14038] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input80 [ 557.564874][T14082] can: request_module (can-proto-0) failed. [ 557.659987][T14088] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81 [ 558.269250][T10223] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 558.269274][T10223] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 558.284067][T10223] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 558.384870][T14092] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83 [ 560.316951][T14136] netlink: 'syz.1.1994': attribute type 1 has an invalid length. [ 560.359153][T14136] netlink: 54 bytes leftover after parsing attributes in process `syz.1.1994'. [ 560.379067][T14135] ima: policy update failed [ 560.398417][ T30] audit: type=1802 audit(6046983895.080:12): pid=14135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1994" res=0 errno=0 [ 560.729160][T14158] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 561.038631][T14162] FAULT_INJECTION: forcing a failure. [ 561.038631][T14162] name fail_futex, interval 1, probability 0, space 0, times 0 [ 561.075559][T14162] CPU: 0 UID: 0 PID: 14162 Comm: syz.2.2001 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 561.075598][T14162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 561.075608][T14162] Call Trace: [ 561.075613][T14162] [ 561.075619][T14162] dump_stack_lvl+0x16c/0x1f0 [ 561.075644][T14162] should_fail_ex+0x512/0x640 [ 561.075668][T14162] get_futex_key+0x1d0/0x1540 [ 561.075687][T14162] ? __pfx_get_futex_key+0x10/0x10 [ 561.075710][T14162] futex_wake+0xe7/0x4e0 [ 561.075728][T14162] ? rcu_is_watching+0x12/0xc0 [ 561.075745][T14162] ? __pfx_futex_wake+0x10/0x10 [ 561.075769][T14162] ? sctp_getsockopt+0x19d/0x6b10 [ 561.075789][T14162] do_futex+0x1e3/0x350 [ 561.075806][T14162] ? __pfx_do_futex+0x10/0x10 [ 561.075821][T14162] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 561.075842][T14162] __x64_sys_futex+0x1e0/0x4c0 [ 561.075861][T14162] ? __pfx___x64_sys_futex+0x10/0x10 [ 561.075878][T14162] ? xfd_validate_state+0x61/0x180 [ 561.075902][T14162] do_syscall_64+0xcd/0x490 [ 561.075924][T14162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.075939][T14162] RIP: 0033:0x7f5e0418e929 [ 561.075952][T14162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 561.075965][T14162] RSP: 002b:00007f5e04f640e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 561.075979][T14162] RAX: ffffffffffffffda RBX: 00007f5e043b5fa8 RCX: 00007f5e0418e929 [ 561.075989][T14162] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5e043b5fac [ 561.075998][T14162] RBP: 00007f5e043b5fa0 R08: 00007f5e04f65000 R09: 0000000000000000 [ 561.076007][T14162] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f5e043b5fac [ 561.076016][T14162] R13: 0000000000000000 R14: 00007ffffaff78b0 R15: 00007ffffaff7998 [ 561.076033][T14162] [ 561.266180][ C0] vkms_vblank_simulate: vblank timer overrun [ 561.458046][T14159] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85 [ 562.948897][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.963807][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.088326][T14190] netlink: 'syz.2.2008': attribute type 1 has an invalid length. [ 563.097392][T14190] netlink: 54 bytes leftover after parsing attributes in process `syz.2.2008'. [ 563.109664][T14189] ima: policy update failed [ 563.115271][ T30] audit: type=1802 audit(6046983897.810:13): pid=14189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2008" res=0 errno=0 [ 563.802196][T14213] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86 [ 564.143464][T14215] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input87 [ 566.294878][T14258] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input88 [ 566.381735][T14245] kexec: Could not allocate control_code_buffer [ 566.703362][T14269] FAULT_INJECTION: forcing a failure. [ 566.703362][T14269] name fail_futex, interval 1, probability 0, space 0, times 0 [ 566.729723][T14269] CPU: 1 UID: 0 PID: 14269 Comm: syz.3.2029 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 566.729763][T14269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 566.729779][T14269] Call Trace: [ 566.729797][T14269] [ 566.729808][T14269] dump_stack_lvl+0x16c/0x1f0 [ 566.729851][T14269] should_fail_ex+0x512/0x640 [ 566.729893][T14269] get_futex_key+0x1d0/0x1540 [ 566.729932][T14269] ? __pfx_get_futex_key+0x10/0x10 [ 566.729960][T14269] ? __lock_acquire+0xb8a/0x1c90 [ 566.729998][T14269] ? __pfx___might_resched+0x10/0x10 [ 566.730028][T14269] ? __futex_hash.constprop.0+0x1e9/0x440 [ 566.730063][T14269] futex_wake+0xe7/0x4e0 [ 566.730101][T14269] ? __pfx_futex_wake+0x10/0x10 [ 566.730147][T14269] ? sock_common_getsockopt+0x21/0xb0 [ 566.730179][T14269] do_futex+0x1e3/0x350 [ 566.730212][T14269] ? __pfx_do_futex+0x10/0x10 [ 566.730242][T14269] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 566.730281][T14269] __x64_sys_futex+0x1e0/0x4c0 [ 566.730319][T14269] ? __pfx___x64_sys_futex+0x10/0x10 [ 566.730352][T14269] ? xfd_validate_state+0x61/0x180 [ 566.730399][T14269] do_syscall_64+0xcd/0x490 [ 566.730440][T14269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.730467][T14269] RIP: 0033:0x7f0e91b8e929 [ 566.730490][T14269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 566.730517][T14269] RSP: 002b:00007f0e929e80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 566.730542][T14269] RAX: ffffffffffffffda RBX: 00007f0e91db5fa8 RCX: 00007f0e91b8e929 [ 566.730561][T14269] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0e91db5fac [ 566.730579][T14269] RBP: 00007f0e91db5fa0 R08: 00007f0e929e9000 R09: 0000000000000000 [ 566.730597][T14269] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f0e91db5fac [ 566.730615][T14269] R13: 0000000000000000 R14: 00007ffcfed011f0 R15: 00007ffcfed012d8 [ 566.730651][T14269] [ 567.150471][T14259] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89 [ 567.572471][T14279] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input90 [ 567.955858][T14280] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91 [ 568.614570][T14288] FAULT_INJECTION: forcing a failure. [ 568.614570][T14288] name failslab, interval 1, probability 0, space 0, times 0 [ 568.651041][T14288] CPU: 0 UID: 0 PID: 14288 Comm: syz.1.2036 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 568.651084][T14288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 568.651102][T14288] Call Trace: [ 568.651112][T14288] [ 568.651125][T14288] dump_stack_lvl+0x16c/0x1f0 [ 568.651173][T14288] should_fail_ex+0x512/0x640 [ 568.651209][T14288] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 568.651252][T14288] should_failslab+0xc2/0x120 [ 568.651279][T14288] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 568.651318][T14288] ? vma_merge_new_range+0x37f/0xa00 [ 568.651354][T14288] ? vm_area_alloc+0x1f/0x160 [ 568.651392][T14288] vm_area_alloc+0x1f/0x160 [ 568.651427][T14288] __mmap_region+0xf0a/0x25e0 [ 568.651472][T14288] ? __pfx___mmap_region+0x10/0x10 [ 568.651510][T14288] ? rcu_is_watching+0x12/0xc0 [ 568.651547][T14288] ? rcu_is_watching+0x12/0xc0 [ 568.651575][T14288] ? trace_sched_exit_tp+0xde/0x130 [ 568.651609][T14288] ? __schedule+0x1181/0x5de0 [ 568.651648][T14288] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 568.651687][T14288] ? __lock_acquire+0xb71/0x1c90 [ 568.651738][T14288] ? __pfx___schedule+0x10/0x10 [ 568.651819][T14288] ? trace_cap_capable+0x18d/0x200 [ 568.651859][T14288] mmap_region+0x1ab/0x3f0 [ 568.651898][T14288] ? __get_unmapped_area+0x267/0x440 [ 568.651933][T14288] do_mmap+0xa3e/0x1210 [ 568.651971][T14288] ? __pfx_do_mmap+0x10/0x10 [ 568.652002][T14288] ? __pfx_down_write_killable+0x10/0x10 [ 568.652028][T14288] ? kmem_cache_free+0x2d1/0x4d0 [ 568.652070][T14288] vm_mmap_pgoff+0x281/0x450 [ 568.652107][T14288] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 568.652144][T14288] ? __x64_sys_futex+0x1e0/0x4c0 [ 568.652176][T14288] ? __x64_sys_futex+0x1e9/0x4c0 [ 568.652214][T14288] ksys_mmap_pgoff+0x7d/0x5c0 [ 568.652242][T14288] ? xfd_validate_state+0x61/0x180 [ 568.652283][T14288] __x64_sys_mmap+0x125/0x190 [ 568.652325][T14288] do_syscall_64+0xcd/0x490 [ 568.652366][T14288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.652393][T14288] RIP: 0033:0x7f5ceb58e929 [ 568.652417][T14288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.652442][T14288] RSP: 002b:00007f5ce93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 568.652467][T14288] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb58e929 [ 568.652485][T14288] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 568.652501][T14288] RBP: 00007f5ceb610b39 R08: 0000000000000002 R09: 0000000000008000 [ 568.652519][T14288] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 568.652536][T14288] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 568.652573][T14288] [ 568.921500][ C0] vkms_vblank_simulate: vblank timer overrun [ 569.697743][T14296] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2039'. [ 569.859156][T14296] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 570.785437][T14335] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92 [ 570.873879][T14336] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input93 [ 571.649178][T14339] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input94 [ 572.343942][T14340] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input95 [ 573.437874][T14372] FAULT_INJECTION: forcing a failure. [ 573.437874][T14372] name failslab, interval 1, probability 0, space 0, times 0 [ 573.451531][T14372] CPU: 0 UID: 0 PID: 14372 Comm: syz.3.2057 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 573.451553][T14372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 573.451562][T14372] Call Trace: [ 573.451568][T14372] [ 573.451574][T14372] dump_stack_lvl+0x16c/0x1f0 [ 573.451601][T14372] should_fail_ex+0x512/0x640 [ 573.451622][T14372] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 573.451643][T14372] should_failslab+0xc2/0x120 [ 573.451658][T14372] __kmalloc_cache_noprof+0x6a/0x3e0 [ 573.451676][T14372] ? get_device_parent+0x274/0x4e0 [ 573.451697][T14372] ? get_device_parent+0x2b1/0x4e0 [ 573.451720][T14372] get_device_parent+0x2b1/0x4e0 [ 573.451744][T14372] device_add+0xbed/0x1a70 [ 573.451758][T14372] ? __pfx_dev_set_name+0x10/0x10 [ 573.451774][T14372] ? __pfx_device_add+0x10/0x10 [ 573.451793][T14372] ? lockdep_init_map_type+0x5c/0x280 [ 573.451828][T14372] ? __init_waitqueue_head+0xca/0x150 [ 573.451870][T14372] wakeup_source_device_create+0x214/0x2a0 [ 573.451903][T14372] wakeup_source_sysfs_add+0x1c/0x90 [ 573.451930][T14372] wakeup_source_register+0x154/0x3e0 [ 573.451965][T14372] ep_create_wakeup_source+0x1dd/0x2e0 [ 573.451983][T14372] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 573.452004][T14372] ? do_epoll_ctl+0x1470/0x2ff0 [ 573.452025][T14372] do_epoll_ctl+0x1ba2/0x2ff0 [ 573.452049][T14372] ? __pfx_do_epoll_ctl+0x10/0x10 [ 573.452064][T14372] ? find_held_lock+0x2b/0x80 [ 573.452078][T14372] ? __might_fault+0xe3/0x190 [ 573.452100][T14372] ? __might_fault+0xe3/0x190 [ 573.452127][T14372] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 573.452142][T14372] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 573.452160][T14372] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 573.452183][T14372] do_syscall_64+0xcd/0x490 [ 573.452205][T14372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.452220][T14372] RIP: 0033:0x7f0e91b8e929 [ 573.452233][T14372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.452247][T14372] RSP: 002b:00007f0e929e8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 573.452261][T14372] RAX: ffffffffffffffda RBX: 00007f0e91db5fa0 RCX: 00007f0e91b8e929 [ 573.452270][T14372] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000005 [ 573.452279][T14372] RBP: 00007f0e91c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 573.452287][T14372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.452295][T14372] R13: 0000000000000000 R14: 00007f0e91db5fa0 R15: 00007ffcfed012d8 [ 573.452314][T14372] [ 573.616646][T14371] random: crng reseeded on system resumption [ 574.127929][T14386] binder: 14380:14386 ioctl c00c620f 200000006600 returned -22 [ 574.332324][T10223] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 574.332364][T10223] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 574.347465][T10223] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 574.347498][T10223] Bluetooth: hci0: adv larger than maximum supported [ 574.354586][T10223] Bluetooth: hci0: adv larger than maximum supported [ 574.362836][T10223] Bluetooth: hci0: Malformed LE Event: 0x0d [ 574.507305][T14397] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input96 [ 575.076685][T14399] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input97 [ 575.219336][T14406] FAULT_INJECTION: forcing a failure. [ 575.219336][T14406] name failslab, interval 1, probability 0, space 0, times 0 [ 575.303812][T14408] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2066'. [ 575.315331][T14406] CPU: 0 UID: 0 PID: 14406 Comm: syz.0.2065 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 575.315355][T14406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 575.315364][T14406] Call Trace: [ 575.315369][T14406] [ 575.315375][T14406] dump_stack_lvl+0x16c/0x1f0 [ 575.315401][T14406] should_fail_ex+0x512/0x640 [ 575.315422][T14406] ? fs_reclaim_acquire+0xae/0x150 [ 575.315440][T14406] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 575.315460][T14406] should_failslab+0xc2/0x120 [ 575.315473][T14406] __kmalloc_noprof+0xd2/0x510 [ 575.315497][T14406] tomoyo_realpath_from_path+0xc2/0x6e0 [ 575.315529][T14406] tomoyo_check_open_permission+0x2ab/0x3c0 [ 575.315548][T14406] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 575.315565][T14406] ? proc_sys_lookup+0x2ee/0x410 [ 575.315604][T14406] ? find_held_lock+0x2b/0x80 [ 575.315625][T14406] tomoyo_file_open+0x6b/0x90 [ 575.315646][T14406] security_file_open+0x84/0x1e0 [ 575.315664][T14406] do_dentry_open+0x596/0x1c10 [ 575.315690][T14406] vfs_open+0x82/0x3f0 [ 575.315707][T14406] path_openat+0x1de4/0x2cb0 [ 575.315733][T14406] ? __pfx_path_openat+0x10/0x10 [ 575.315753][T14406] ? __lock_acquire+0xb8a/0x1c90 [ 575.315779][T14406] do_filp_open+0x20b/0x470 [ 575.315801][T14406] ? __pfx_do_filp_open+0x10/0x10 [ 575.315834][T14406] ? alloc_fd+0x471/0x7d0 [ 575.315857][T14406] do_sys_openat2+0x11b/0x1d0 [ 575.315872][T14406] ? __pfx_do_sys_openat2+0x10/0x10 [ 575.315895][T14406] __x64_sys_openat+0x174/0x210 [ 575.315911][T14406] ? __pfx___x64_sys_openat+0x10/0x10 [ 575.315934][T14406] do_syscall_64+0xcd/0x490 [ 575.315956][T14406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.315971][T14406] RIP: 0033:0x7fb05278e929 [ 575.315984][T14406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.315997][T14406] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 575.316011][T14406] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 575.316021][T14406] RDX: 0000000000103142 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 575.316030][T14406] RBP: 00007fb052810b39 R08: 0000000000000000 R09: 0000000000000000 [ 575.316039][T14406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.316048][T14406] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 575.316067][T14406] [ 575.316074][T14406] ERROR: Out of memory at tomoyo_realpath_from_path. [ 576.103228][T14423] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input98 [ 576.665764][T14434] nbd: socks must be embedded in a SOCK_ITEM attr [ 576.684501][T14434] block nbd0: shutting down sockets [ 577.294964][T14441] netlink: 13832 bytes leftover after parsing attributes in process `syz.0.2074'. [ 579.132976][T14464] FAULT_INJECTION: forcing a failure. [ 579.132976][T14464] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 579.201143][T14464] CPU: 1 UID: 0 PID: 14464 Comm: syz.3.2080 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 579.201186][T14464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 579.201203][T14464] Call Trace: [ 579.201213][T14464] [ 579.201225][T14464] dump_stack_lvl+0x16c/0x1f0 [ 579.201272][T14464] should_fail_ex+0x512/0x640 [ 579.201327][T14464] should_fail_alloc_page+0xe7/0x130 [ 579.201357][T14464] prepare_alloc_pages+0x3c2/0x610 [ 579.201396][T14464] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 579.201441][T14464] ? mas_next_slot+0x12d3/0x21b0 [ 579.201485][T14464] ? __up_read+0x1f8/0x750 [ 579.201534][T14464] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 579.201575][T14464] ? validate_mm+0x40a/0x570 [ 579.201613][T14464] ? __pfx_validate_mm+0x10/0x10 [ 579.201645][T14464] ? lockdep_hardirqs_on+0x7c/0x110 [ 579.201686][T14464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 579.201725][T14464] ? policy_nodemask+0xea/0x4e0 [ 579.201757][T14464] alloc_pages_mpol+0x1fb/0x550 [ 579.201787][T14464] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 579.201826][T14464] alloc_pages_noprof+0x131/0x390 [ 579.201855][T14464] __pmd_alloc+0x3b/0x930 [ 579.201892][T14464] __handle_mm_fault+0xaac/0x5490 [ 579.201938][T14464] ? __pfx___handle_mm_fault+0x10/0x10 [ 579.202006][T14464] handle_mm_fault+0x589/0xd10 [ 579.202048][T14464] __get_user_pages+0x589/0x3b80 [ 579.202097][T14464] ? __pfx_mt_find+0x10/0x10 [ 579.202124][T14464] ? __pfx___get_user_pages+0x10/0x10 [ 579.202172][T14464] populate_vma_page_range+0x278/0x3a0 [ 579.202209][T14464] ? __pfx_populate_vma_page_range+0x10/0x10 [ 579.202242][T14464] ? __pfx_find_vma_intersection+0x10/0x10 [ 579.202276][T14464] ? do_mmap+0x69c/0x1210 [ 579.202321][T14464] __mm_populate+0x1d8/0x380 [ 579.202356][T14464] ? __pfx___mm_populate+0x10/0x10 [ 579.202392][T14464] ? up_write+0x1b2/0x520 [ 579.202437][T14464] vm_mmap_pgoff+0x362/0x450 [ 579.202471][T14464] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 579.202509][T14464] ? __x64_sys_futex+0x1e0/0x4c0 [ 579.202543][T14464] ? __x64_sys_futex+0x1e9/0x4c0 [ 579.202584][T14464] ksys_mmap_pgoff+0x7d/0x5c0 [ 579.202614][T14464] ? xfd_validate_state+0x61/0x180 [ 579.202658][T14464] __x64_sys_mmap+0x125/0x190 [ 579.202701][T14464] do_syscall_64+0xcd/0x490 [ 579.202746][T14464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.202775][T14464] RIP: 0033:0x7f0e91b8e929 [ 579.202799][T14464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 579.202828][T14464] RSP: 002b:00007f0e929e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 579.202856][T14464] RAX: ffffffffffffffda RBX: 00007f0e91db5fa0 RCX: 00007f0e91b8e929 [ 579.202878][T14464] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 579.202897][T14464] RBP: 00007f0e91c10b39 R08: 0000000000000002 R09: 0000000000008000 [ 579.202915][T14464] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 579.202934][T14464] R13: 0000000000000000 R14: 00007f0e91db5fa0 R15: 00007ffcfed012d8 [ 579.202965][T14464] [ 579.504749][ C1] vkms_vblank_simulate: vblank timer overrun [ 579.942914][T14481] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input99 [ 581.048532][T10223] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 581.048571][T10223] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 581.063674][T10223] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 581.063695][T10223] Bluetooth: hci2: adv larger than maximum supported [ 581.070807][T10223] Bluetooth: hci2: adv larger than maximum supported [ 581.078393][T10223] Bluetooth: hci2: Malformed LE Event: 0x0d [ 581.700250][T14516] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input100 [ 581.920411][T14519] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input101 [ 581.946261][T10223] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 581.946298][T10223] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 581.962263][T10223] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 581.962296][T10223] Bluetooth: hci2: adv larger than maximum supported [ 581.969411][T10223] Bluetooth: hci2: adv larger than maximum supported [ 581.976121][T10223] Bluetooth: hci2: Malformed LE Event: 0x0d [ 583.062324][T14537] FAULT_INJECTION: forcing a failure. [ 583.062324][T14537] name failslab, interval 1, probability 0, space 0, times 0 [ 583.125777][T14537] CPU: 0 UID: 0 PID: 14537 Comm: syz.2.2099 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 583.125800][T14537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 583.125809][T14537] Call Trace: [ 583.125815][T14537] [ 583.125822][T14537] dump_stack_lvl+0x16c/0x1f0 [ 583.125848][T14537] should_fail_ex+0x512/0x640 [ 583.125867][T14537] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 583.125893][T14537] should_failslab+0xc2/0x120 [ 583.125907][T14537] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 583.125929][T14537] ? do_raw_spin_lock+0x12c/0x2b0 [ 583.125949][T14537] ? kvasprintf_const+0x66/0x1a0 [ 583.125965][T14537] kvasprintf+0xbc/0x160 [ 583.125977][T14537] ? __pfx_kvasprintf+0x10/0x10 [ 583.125992][T14537] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 583.126010][T14537] ? __debug_object_init+0x2de/0x3d0 [ 583.126029][T14537] kvasprintf_const+0x66/0x1a0 [ 583.126043][T14537] kobject_set_name_vargs+0x5a/0x140 [ 583.126058][T14537] dev_set_name+0xc7/0x100 [ 583.126074][T14537] ? __pfx_dev_set_name+0x10/0x10 [ 583.126092][T14537] ? lockdep_init_map_type+0x5c/0x280 [ 583.126111][T14537] ? __init_waitqueue_head+0xca/0x150 [ 583.126131][T14537] wakeup_source_device_create+0x1d5/0x2a0 [ 583.126148][T14537] wakeup_source_sysfs_add+0x1c/0x90 [ 583.126163][T14537] wakeup_source_register+0x154/0x3e0 [ 583.126184][T14537] ep_create_wakeup_source+0x1dd/0x2e0 [ 583.126202][T14537] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 583.126223][T14537] ? do_epoll_ctl+0x1470/0x2ff0 [ 583.126243][T14537] do_epoll_ctl+0x1ba2/0x2ff0 [ 583.126267][T14537] ? __pfx_do_epoll_ctl+0x10/0x10 [ 583.126283][T14537] ? find_held_lock+0x2b/0x80 [ 583.126296][T14537] ? __might_fault+0xe3/0x190 [ 583.126316][T14537] ? __might_fault+0xe3/0x190 [ 583.126342][T14537] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 583.126358][T14537] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 583.126375][T14537] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 583.126398][T14537] do_syscall_64+0xcd/0x490 [ 583.126420][T14537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.126434][T14537] RIP: 0033:0x7f5e0418e929 [ 583.126447][T14537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.126462][T14537] RSP: 002b:00007f5e04f64038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 583.126476][T14537] RAX: ffffffffffffffda RBX: 00007f5e043b5fa0 RCX: 00007f5e0418e929 [ 583.126486][T14537] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000005 [ 583.126495][T14537] RBP: 00007f5e04210b39 R08: 0000000000000000 R09: 0000000000000000 [ 583.126504][T14537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.126513][T14537] R13: 0000000000000000 R14: 00007f5e043b5fa0 R15: 00007ffffaff7998 [ 583.126532][T14537] [ 583.247227][T14540] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input102 [ 584.204214][T14541] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input103 [ 584.737899][T14553] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input104 [ 585.034751][T14562] FAULT_INJECTION: forcing a failure. [ 585.034751][T14562] name failslab, interval 1, probability 0, space 0, times 0 [ 585.068436][T14562] CPU: 1 UID: 0 PID: 14562 Comm: syz.3.2104 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 585.068459][T14562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 585.068469][T14562] Call Trace: [ 585.068474][T14562] [ 585.068481][T14562] dump_stack_lvl+0x16c/0x1f0 [ 585.068506][T14562] should_fail_ex+0x512/0x640 [ 585.068527][T14562] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 585.068550][T14562] should_failslab+0xc2/0x120 [ 585.068564][T14562] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 585.068584][T14562] ? vma_merge_new_range+0x37f/0xa00 [ 585.068602][T14562] ? vm_area_alloc+0x1f/0x160 [ 585.068632][T14562] vm_area_alloc+0x1f/0x160 [ 585.068649][T14562] __mmap_region+0xf0a/0x25e0 [ 585.068673][T14562] ? __pfx___mmap_region+0x10/0x10 [ 585.068694][T14562] ? rcu_is_watching+0x12/0xc0 [ 585.068713][T14562] ? rcu_is_watching+0x12/0xc0 [ 585.068728][T14562] ? trace_sched_exit_tp+0xde/0x130 [ 585.068746][T14562] ? __schedule+0x1181/0x5de0 [ 585.068763][T14562] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 585.068786][T14562] ? __lock_acquire+0xb71/0x1c90 [ 585.068811][T14562] ? __pfx___schedule+0x10/0x10 [ 585.068850][T14562] ? trace_cap_capable+0x18d/0x200 [ 585.068870][T14562] mmap_region+0x1ab/0x3f0 [ 585.068890][T14562] ? __get_unmapped_area+0x267/0x440 [ 585.068908][T14562] do_mmap+0xa3e/0x1210 [ 585.068927][T14562] ? __pfx_do_mmap+0x10/0x10 [ 585.068942][T14562] ? __pfx_down_write_killable+0x10/0x10 [ 585.068955][T14562] ? kmem_cache_free+0x2d1/0x4d0 [ 585.068977][T14562] vm_mmap_pgoff+0x281/0x450 [ 585.068996][T14562] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 585.069014][T14562] ? __x64_sys_futex+0x1e0/0x4c0 [ 585.069043][T14562] ? __x64_sys_futex+0x1e9/0x4c0 [ 585.069063][T14562] ksys_mmap_pgoff+0x7d/0x5c0 [ 585.069084][T14562] ? xfd_validate_state+0x61/0x180 [ 585.069106][T14562] __x64_sys_mmap+0x125/0x190 [ 585.069128][T14562] do_syscall_64+0xcd/0x490 [ 585.069150][T14562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.069165][T14562] RIP: 0033:0x7f0e91b8e929 [ 585.069178][T14562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 585.069192][T14562] RSP: 002b:00007f0e929e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 585.069206][T14562] RAX: ffffffffffffffda RBX: 00007f0e91db5fa0 RCX: 00007f0e91b8e929 [ 585.069215][T14562] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 585.069223][T14562] RBP: 00007f0e91c10b39 R08: 0000000000000002 R09: 0000000000008000 [ 585.069233][T14562] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 585.069241][T14562] R13: 0000000000000000 R14: 00007f0e91db5fa0 R15: 00007ffcfed012d8 [ 585.069260][T14562] [ 585.341189][ C1] vkms_vblank_simulate: vblank timer overrun [ 585.935945][T14554] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input105 [ 588.292865][T14598] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input106 [ 588.637102][T14600] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input107 [ 589.051458][T14608] : renamed from gre0 (while UP) [ 590.004483][T14623] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input108 [ 590.428648][T14626] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input109 [ 592.837628][T14643] Invalid ELF header magic: != ELF [ 593.332988][T14655] FAULT_INJECTION: forcing a failure. [ 593.332988][T14655] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 593.437155][T14655] CPU: 0 UID: 0 PID: 14655 Comm: syz.2.2128 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 593.437198][T14655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 593.437215][T14655] Call Trace: [ 593.437224][T14655] [ 593.437235][T14655] dump_stack_lvl+0x16c/0x1f0 [ 593.437279][T14655] should_fail_ex+0x512/0x640 [ 593.437322][T14655] should_fail_alloc_page+0xe7/0x130 [ 593.437352][T14655] prepare_alloc_pages+0x3c2/0x610 [ 593.437390][T14655] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 593.437434][T14655] ? mas_next_slot+0x12d3/0x21b0 [ 593.437494][T14655] ? __up_read+0x1f8/0x750 [ 593.437543][T14655] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 593.437592][T14655] ? validate_mm+0x40a/0x570 [ 593.437633][T14655] ? __pfx_validate_mm+0x10/0x10 [ 593.437666][T14655] ? lockdep_hardirqs_on+0x7c/0x110 [ 593.437707][T14655] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 593.437748][T14655] ? policy_nodemask+0xea/0x4e0 [ 593.437777][T14655] alloc_pages_mpol+0x1fb/0x550 [ 593.437806][T14655] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 593.437843][T14655] alloc_pages_noprof+0x131/0x390 [ 593.437868][T14655] __pmd_alloc+0x3b/0x930 [ 593.437900][T14655] __handle_mm_fault+0xaac/0x5490 [ 593.437943][T14655] ? __pfx___handle_mm_fault+0x10/0x10 [ 593.438009][T14655] handle_mm_fault+0x589/0xd10 [ 593.438052][T14655] __get_user_pages+0x589/0x3b80 [ 593.438092][T14655] ? __pfx_mt_find+0x10/0x10 [ 593.438118][T14655] ? __pfx___get_user_pages+0x10/0x10 [ 593.438162][T14655] populate_vma_page_range+0x278/0x3a0 [ 593.438197][T14655] ? __pfx_populate_vma_page_range+0x10/0x10 [ 593.438228][T14655] ? __pfx_find_vma_intersection+0x10/0x10 [ 593.438261][T14655] ? do_mmap+0x69c/0x1210 [ 593.438291][T14655] __mm_populate+0x1d8/0x380 [ 593.438324][T14655] ? __pfx___mm_populate+0x10/0x10 [ 593.438359][T14655] ? up_write+0x1b2/0x520 [ 593.438401][T14655] vm_mmap_pgoff+0x362/0x450 [ 593.438434][T14655] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 593.438479][T14655] ? __x64_sys_futex+0x1e0/0x4c0 [ 593.438511][T14655] ? __x64_sys_futex+0x1e9/0x4c0 [ 593.438550][T14655] ksys_mmap_pgoff+0x7d/0x5c0 [ 593.438580][T14655] ? xfd_validate_state+0x61/0x180 [ 593.438621][T14655] __x64_sys_mmap+0x125/0x190 [ 593.438671][T14655] do_syscall_64+0xcd/0x490 [ 593.438711][T14655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.438738][T14655] RIP: 0033:0x7f5e0418e929 [ 593.438762][T14655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.438788][T14655] RSP: 002b:00007f5e04f64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 593.438815][T14655] RAX: ffffffffffffffda RBX: 00007f5e043b5fa0 RCX: 00007f5e0418e929 [ 593.438833][T14655] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 593.438851][T14655] RBP: 00007f5e04210b39 R08: 0000000000000002 R09: 0000000000008000 [ 593.438869][T14655] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 593.438886][T14655] R13: 0000000000000000 R14: 00007f5e043b5fa0 R15: 00007ffffaff7998 [ 593.438922][T14655] [ 593.745576][ C0] vkms_vblank_simulate: vblank timer overrun [ 594.037991][T14659] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input110 [ 594.423434][T14661] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input111 [ 594.649643][T14671] : Can't lookup blockdev [ 595.283857][T14665] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112 [ 596.134067][T10223] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 596.134117][T10223] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 596.158823][T10223] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 596.158861][T10223] Bluetooth: hci3: adv larger than maximum supported [ 596.166104][T10223] Bluetooth: hci3: adv larger than maximum supported [ 596.172812][T10223] Bluetooth: hci3: Malformed LE Event: 0x0d [ 596.213531][T14666] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113 [ 597.147036][T14709] nbd: socks must be embedded in a SOCK_ITEM attr [ 597.153754][T14709] block nbd0: shutting down sockets [ 597.469404][T14712] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input114 [ 598.272000][T14715] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115 [ 598.417889][T10223] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 598.417928][T10223] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 598.433355][T10223] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 598.433389][T10223] Bluetooth: hci0: adv larger than maximum supported [ 598.440638][T10223] Bluetooth: hci0: adv larger than maximum supported [ 598.447513][T10223] Bluetooth: hci0: Malformed LE Event: 0x0d [ 599.898427][T14743] netlink: 'syz.3.2149': attribute type 16 has an invalid length. [ 599.916089][T14743] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2149'. [ 599.998817][T14743] veth1_macvtap: left promiscuous mode [ 600.214052][T14751] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 600.475314][T10223] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 600.475352][T10223] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 600.490719][T10223] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 600.490755][T10223] Bluetooth: hci1: adv larger than maximum supported [ 600.498703][T10223] Bluetooth: hci1: adv larger than maximum supported [ 600.505662][T10223] Bluetooth: hci1: Malformed LE Event: 0x0d [ 600.700769][T14770] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input116 [ 600.999735][T14776] FAULT_INJECTION: forcing a failure. [ 600.999735][T14776] name fail_futex, interval 1, probability 0, space 0, times 0 [ 601.086952][T14776] CPU: 1 UID: 0 PID: 14776 Comm: syz.1.2161 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 601.086993][T14776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 601.087009][T14776] Call Trace: [ 601.087019][T14776] [ 601.087031][T14776] dump_stack_lvl+0x16c/0x1f0 [ 601.087075][T14776] should_fail_ex+0x512/0x640 [ 601.087118][T14776] get_futex_key+0x1d0/0x1540 [ 601.087155][T14776] ? __pfx_get_futex_key+0x10/0x10 [ 601.087183][T14776] ? do_raw_spin_lock+0x12c/0x2b0 [ 601.087227][T14776] ? find_held_lock+0x2b/0x80 [ 601.087261][T14776] futex_wait_setup+0x84/0x510 [ 601.087307][T14776] __futex_wait+0x194/0x2f0 [ 601.087345][T14776] ? __pfx___futex_wait+0x10/0x10 [ 601.087389][T14776] ? __pfx_futex_wake_mark+0x10/0x10 [ 601.087430][T14776] ? __lock_acquire+0xb8a/0x1c90 [ 601.087472][T14776] ? __futex_hash.constprop.0+0x1e9/0x440 [ 601.087516][T14776] futex_wait+0xe8/0x380 [ 601.087551][T14776] ? __pfx_futex_wait+0x10/0x10 [ 601.087600][T14776] ? sock_common_getsockopt+0x21/0xb0 [ 601.087629][T14776] do_futex+0x229/0x350 [ 601.087661][T14776] ? __pfx_do_futex+0x10/0x10 [ 601.087688][T14776] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 601.087724][T14776] __x64_sys_futex+0x1e0/0x4c0 [ 601.087760][T14776] ? __pfx___x64_sys_futex+0x10/0x10 [ 601.087791][T14776] ? __sys_getsockopt+0x144/0x1b0 [ 601.087838][T14776] do_syscall_64+0xcd/0x490 [ 601.087878][T14776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.087905][T14776] RIP: 0033:0x7f5ceb58e929 [ 601.087927][T14776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 601.087952][T14776] RSP: 002b:00007f5ce93f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 601.087980][T14776] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa8 RCX: 00007f5ceb58e929 [ 601.087999][T14776] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5ceb7b5fa8 [ 601.088016][T14776] RBP: 00007f5ceb7b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 601.088033][T14776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ceb7b5fac [ 601.088049][T14776] R13: 0000000000000000 R14: 00007ffc91366f20 R15: 00007ffc91367008 [ 601.088081][T14776] [ 602.222820][T14773] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input117 [ 602.348940][T10223] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 602.348968][T10223] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 602.363705][T10223] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 602.363724][T10223] Bluetooth: hci3: adv larger than maximum supported [ 602.370822][T10223] Bluetooth: hci3: adv larger than maximum supported [ 602.377509][T10223] Bluetooth: hci3: Malformed LE Event: 0x0d [ 602.498564][T14803] FAULT_INJECTION: forcing a failure. [ 602.498564][T14803] name fail_futex, interval 1, probability 0, space 0, times 0 [ 602.518672][T14803] CPU: 1 UID: 0 PID: 14803 Comm: syz.1.2170 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 602.518703][T14803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 602.518713][T14803] Call Trace: [ 602.518719][T14803] [ 602.518725][T14803] dump_stack_lvl+0x16c/0x1f0 [ 602.518750][T14803] should_fail_ex+0x512/0x640 [ 602.518786][T14803] get_futex_key+0x1d0/0x1540 [ 602.518822][T14803] ? __pfx_get_futex_key+0x10/0x10 [ 602.518847][T14803] ? do_raw_spin_lock+0x12c/0x2b0 [ 602.518888][T14803] ? find_held_lock+0x2b/0x80 [ 602.518921][T14803] futex_wait_setup+0x84/0x510 [ 602.518966][T14803] __futex_wait+0x194/0x2f0 [ 602.519004][T14803] ? __pfx___futex_wait+0x10/0x10 [ 602.519047][T14803] ? __pfx_futex_wake_mark+0x10/0x10 [ 602.519089][T14803] ? __lock_acquire+0xb8a/0x1c90 [ 602.519130][T14803] ? __futex_hash.constprop.0+0x1e9/0x440 [ 602.519165][T14803] futex_wait+0xe8/0x380 [ 602.519202][T14803] ? __pfx_futex_wait+0x10/0x10 [ 602.519252][T14803] ? sock_common_getsockopt+0x21/0xb0 [ 602.519284][T14803] do_futex+0x229/0x350 [ 602.519317][T14803] ? __pfx_do_futex+0x10/0x10 [ 602.519346][T14803] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 602.519384][T14803] __x64_sys_futex+0x1e0/0x4c0 [ 602.519422][T14803] ? __pfx___x64_sys_futex+0x10/0x10 [ 602.519454][T14803] ? __sys_getsockopt+0x144/0x1b0 [ 602.519501][T14803] do_syscall_64+0xcd/0x490 [ 602.519553][T14803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.519581][T14803] RIP: 0033:0x7f5ceb58e929 [ 602.519603][T14803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 602.519629][T14803] RSP: 002b:00007f5ce93f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 602.519655][T14803] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa8 RCX: 00007f5ceb58e929 [ 602.519673][T14803] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5ceb7b5fa8 [ 602.519690][T14803] RBP: 00007f5ceb7b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 602.519707][T14803] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ceb7b5fac [ 602.519724][T14803] R13: 0000000000000000 R14: 00007ffc91366f20 R15: 00007ffc91367008 [ 602.519757][T14803] [ 603.574263][T14809] FAULT_INJECTION: forcing a failure. [ 603.574263][T14809] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 603.587967][T14809] CPU: 1 UID: 0 PID: 14809 Comm: syz.1.2180 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 603.587989][T14809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 603.587998][T14809] Call Trace: [ 603.588004][T14809] [ 603.588010][T14809] dump_stack_lvl+0x16c/0x1f0 [ 603.588037][T14809] should_fail_ex+0x512/0x640 [ 603.588059][T14809] should_fail_alloc_page+0xe7/0x130 [ 603.588074][T14809] prepare_alloc_pages+0x3c2/0x610 [ 603.588094][T14809] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 603.588117][T14809] ? mas_next_slot+0x12d3/0x21b0 [ 603.588138][T14809] ? __up_read+0x1f8/0x750 [ 603.588177][T14809] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 603.588200][T14809] ? validate_mm+0x40a/0x570 [ 603.588222][T14809] ? __pfx_validate_mm+0x10/0x10 [ 603.588240][T14809] ? lockdep_hardirqs_on+0x7c/0x110 [ 603.588264][T14809] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 603.588286][T14809] ? policy_nodemask+0xea/0x4e0 [ 603.588301][T14809] alloc_pages_mpol+0x1fb/0x550 [ 603.588315][T14809] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 603.588334][T14809] alloc_pages_noprof+0x131/0x390 [ 603.588348][T14809] __pmd_alloc+0x3b/0x930 [ 603.588366][T14809] __handle_mm_fault+0xaac/0x5490 [ 603.588389][T14809] ? __pfx___handle_mm_fault+0x10/0x10 [ 603.588422][T14809] handle_mm_fault+0x589/0xd10 [ 603.588444][T14809] __get_user_pages+0x589/0x3b80 [ 603.588465][T14809] ? __pfx_mt_find+0x10/0x10 [ 603.588479][T14809] ? __pfx___get_user_pages+0x10/0x10 [ 603.588502][T14809] populate_vma_page_range+0x278/0x3a0 [ 603.588520][T14809] ? __pfx_populate_vma_page_range+0x10/0x10 [ 603.588536][T14809] ? __pfx_find_vma_intersection+0x10/0x10 [ 603.588552][T14809] ? do_mmap+0x69c/0x1210 [ 603.588570][T14809] __mm_populate+0x1d8/0x380 [ 603.588587][T14809] ? __pfx___mm_populate+0x10/0x10 [ 603.588605][T14809] ? up_write+0x1b2/0x520 [ 603.588626][T14809] vm_mmap_pgoff+0x362/0x450 [ 603.588644][T14809] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 603.588662][T14809] ? __x64_sys_futex+0x1e0/0x4c0 [ 603.588678][T14809] ? __x64_sys_futex+0x1e9/0x4c0 [ 603.588697][T14809] ksys_mmap_pgoff+0x7d/0x5c0 [ 603.588711][T14809] ? xfd_validate_state+0x61/0x180 [ 603.588733][T14809] __x64_sys_mmap+0x125/0x190 [ 603.588754][T14809] do_syscall_64+0xcd/0x490 [ 603.588775][T14809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.588789][T14809] RIP: 0033:0x7f5ceb58e929 [ 603.588803][T14809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.588816][T14809] RSP: 002b:00007f5ce93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 603.588830][T14809] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb58e929 [ 603.588841][T14809] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 603.588851][T14809] RBP: 00007f5ceb610b39 R08: 0000000000000002 R09: 0000000000008000 [ 603.588860][T14809] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 603.588868][T14809] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 603.588888][T14809] [ 604.303137][T10223] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 604.303176][T10223] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 604.318895][T10223] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 604.318926][T10223] Bluetooth: hci1: adv larger than maximum supported [ 604.326050][T10223] Bluetooth: hci1: adv larger than maximum supported [ 604.333063][T10223] Bluetooth: hci1: Malformed LE Event: 0x0d [ 604.486276][T14834] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2179'. [ 604.504703][T14834] geneve1: entered promiscuous mode [ 604.526555][T14834] geneve1: entered allmulticast mode [ 604.559573][T14830] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2179'. [ 605.685790][T14858] nbd: socks must be embedded in a SOCK_ITEM attr [ 605.736201][T14858] block nbd0: shutting down sockets [ 605.891408][T14865] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input118 [ 606.348458][T10223] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 606.348495][T10223] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 606.363297][T10223] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 606.363317][T10223] Bluetooth: hci1: adv larger than maximum supported [ 606.370525][T10223] Bluetooth: hci1: adv larger than maximum supported [ 606.377286][T10223] Bluetooth: hci1: Malformed LE Event: 0x0d [ 606.414341][T14866] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input119 [ 606.692010][T10223] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 606.692056][T10223] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 606.708098][T10223] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 606.708150][T10223] Bluetooth: hci0: Malformed LE Event: 0x0d [ 606.823887][ T30] audit: type=1800 audit(6046983941.520:14): pid=14881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2192" name="lu_gp_id" dev="configfs" ino=49525 res=0 errno=0 [ 606.953286][T14881] ALUA LU Group already has a valid ID, ignoring request [ 607.875462][T14892] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input120 [ 608.214274][T14891] page: refcount:8 mapcount:7 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 608.223350][T14891] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 608.239996][T14891] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 608.299068][T14891] raw: 0000000000000000 0000000000000000 0000000800000006 0000000000000000 [ 608.308487][T14891] page dumped because: unmovable page [ 608.315993][T14891] page_owner tracks the page as allocated [ 608.323672][T14891] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5844, tgid 5844 (syz-executor), ts 84880326471, free_ts 81165879296 [ 608.344402][T14891] post_alloc_hook+0x1c0/0x230 [ 608.350970][T14891] get_page_from_freelist+0x1321/0x3890 [ 608.357796][T14891] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 608.365481][T14891] alloc_pages_mpol+0x1fb/0x550 [ 608.372062][T14891] alloc_pages_noprof+0x131/0x390 [ 608.378626][T14891] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 608.388198][T14891] vmalloc_user_noprof+0x9e/0xe0 [ 608.394785][T14891] kcov_ioctl+0x4c/0x730 [ 608.401491][T14891] __x64_sys_ioctl+0x18b/0x210 [ 608.408063][T14891] do_syscall_64+0xcd/0x490 [ 608.414645][T14891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.422273][T14891] page last free pid 5838 tgid 5838 stack trace: [ 608.430970][T14891] __free_frozen_pages+0x7fe/0x1180 [ 608.437522][T14891] vfree+0x1fd/0xb50 [ 608.442997][T14891] kcov_close+0x34/0x60 [ 608.448457][T14891] __fput+0x3ff/0xb70 [ 608.453910][T14891] fput_close_sync+0x118/0x260 [ 608.460482][T14891] __x64_sys_close+0x8b/0x120 [ 608.467440][T14891] do_syscall_64+0xcd/0x490 [ 608.472119][T14891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.509734][T14897] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input121 [ 610.213010][T14927] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input122 [ 610.695681][T14928] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input123 [ 613.402721][T10223] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 613.402750][T10223] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 613.417879][T10223] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 613.417923][T10223] Bluetooth: hci2: Malformed LE Event: 0x0d [ 613.569675][T14978] FAULT_INJECTION: forcing a failure. [ 613.569675][T14978] name fail_futex, interval 1, probability 0, space 0, times 0 [ 613.616403][T14978] CPU: 1 UID: 0 PID: 14978 Comm: syz.3.2222 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 613.616428][T14978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 613.616437][T14978] Call Trace: [ 613.616443][T14978] [ 613.616449][T14978] dump_stack_lvl+0x16c/0x1f0 [ 613.616475][T14978] should_fail_ex+0x512/0x640 [ 613.616500][T14978] get_futex_key+0x1d0/0x1540 [ 613.616522][T14978] ? __pfx_get_futex_key+0x10/0x10 [ 613.616537][T14978] ? __lock_acquire+0xb8a/0x1c90 [ 613.616558][T14978] ? __pfx___might_resched+0x10/0x10 [ 613.616574][T14978] ? __futex_hash.constprop.0+0x1e9/0x440 [ 613.616592][T14978] futex_wake+0xe7/0x4e0 [ 613.616612][T14978] ? __pfx_futex_wake+0x10/0x10 [ 613.616635][T14978] ? sock_common_getsockopt+0x21/0xb0 [ 613.616652][T14978] do_futex+0x1e3/0x350 [ 613.616669][T14978] ? __pfx_do_futex+0x10/0x10 [ 613.616684][T14978] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 613.616704][T14978] __x64_sys_futex+0x1e0/0x4c0 [ 613.616723][T14978] ? __pfx___x64_sys_futex+0x10/0x10 [ 613.616742][T14978] ? __sys_getsockopt+0x144/0x1b0 [ 613.616767][T14978] do_syscall_64+0xcd/0x490 [ 613.616788][T14978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.616803][T14978] RIP: 0033:0x7f0e91b8e929 [ 613.616815][T14978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 613.616829][T14978] RSP: 002b:00007f0e929e80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 613.616844][T14978] RAX: ffffffffffffffda RBX: 00007f0e91db5fa8 RCX: 00007f0e91b8e929 [ 613.616853][T14978] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0e91db5fac [ 613.616862][T14978] RBP: 00007f0e91db5fa0 R08: 00007f0e929e9000 R09: 0000000000000000 [ 613.616871][T14978] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f0e91db5fac [ 613.616880][T14978] R13: 0000000000000000 R14: 00007ffcfed011f0 R15: 00007ffcfed012d8 [ 613.616898][T14978] [ 613.967090][T10223] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 613.967129][T10223] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 613.982823][T10223] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 613.982855][T10223] Bluetooth: hci3: adv larger than maximum supported [ 613.990212][T10223] Bluetooth: hci3: adv larger than maximum supported [ 614.001163][T10223] Bluetooth: hci3: Malformed LE Event: 0x0d [ 615.307024][T10223] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 615.307048][T10223] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 615.326689][T10223] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 615.326726][T10223] Bluetooth: hci0: adv larger than maximum supported [ 615.333877][T10223] Bluetooth: hci0: Malformed LE Event: 0x0d [ 616.552951][T15042] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input124 [ 617.689232][T15043] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input125 [ 619.089144][T10223] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 619.089183][T10223] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 619.104550][T10223] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 619.104582][T10223] Bluetooth: hci0: adv larger than maximum supported [ 619.117559][T10223] Bluetooth: hci0: adv larger than maximum supported [ 619.124295][T10223] Bluetooth: hci0: Malformed LE Event: 0x0d [ 620.527333][T15109] nbd: socks must be embedded in a SOCK_ITEM attr [ 620.534933][T15109] block nbd0: shutting down sockets [ 621.532289][T10223] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 621.532318][T10223] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 621.548258][T10223] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 621.548306][T10223] Bluetooth: hci2: Malformed LE Event: 0x0d [ 623.105653][T15143] nbd: socks must be embedded in a SOCK_ITEM attr [ 623.112425][T15143] block nbd0: shutting down sockets [ 624.394740][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.401567][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.702630][T15183] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126 [ 625.821889][T15186] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input127 [ 627.436975][T15200] nbd: socks must be embedded in a SOCK_ITEM attr [ 627.443679][T15200] block nbd0: shutting down sockets [ 627.455245][T10223] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 627.455268][T10223] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 627.472632][T10223] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 627.472656][T10223] Bluetooth: hci2: adv larger than maximum supported [ 627.479759][T10223] Bluetooth: hci2: adv larger than maximum supported [ 627.486591][T10223] Bluetooth: hci2: Malformed LE Event: 0x0d [ 627.882791][T15215] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input128 [ 628.036726][T15219] FAULT_INJECTION: forcing a failure. [ 628.036726][T15219] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 628.050087][T15219] CPU: 0 UID: 0 PID: 15219 Comm: syz.1.2292 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 628.050109][T15219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 628.050118][T15219] Call Trace: [ 628.050124][T15219] [ 628.050130][T15219] dump_stack_lvl+0x16c/0x1f0 [ 628.050156][T15219] should_fail_ex+0x512/0x640 [ 628.050178][T15219] _copy_from_user+0x2e/0xd0 [ 628.050200][T15219] move_addr_to_kernel+0x65/0x170 [ 628.050219][T15219] __copy_msghdr+0x386/0x470 [ 628.050239][T15219] copy_msghdr_from_user+0xc1/0x160 [ 628.050267][T15219] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 628.050307][T15219] ? __pfx__kstrtoull+0x10/0x10 [ 628.050342][T15219] ___sys_sendmsg+0xfe/0x1d0 [ 628.050366][T15219] ? __pfx____sys_sendmsg+0x10/0x10 [ 628.050393][T15219] ? find_held_lock+0x2b/0x80 [ 628.050420][T15219] __sys_sendmmsg+0x200/0x420 [ 628.050442][T15219] ? __pfx___sys_sendmmsg+0x10/0x10 [ 628.050467][T15219] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 628.050495][T15219] ? fput+0x70/0xf0 [ 628.050511][T15219] ? ksys_write+0x1ac/0x250 [ 628.050530][T15219] ? __pfx_ksys_write+0x10/0x10 [ 628.050552][T15219] __x64_sys_sendmmsg+0x9c/0x100 [ 628.050571][T15219] ? lockdep_hardirqs_on+0x7c/0x110 [ 628.050590][T15219] do_syscall_64+0xcd/0x490 [ 628.050612][T15219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.050626][T15219] RIP: 0033:0x7f5ceb58e929 [ 628.050639][T15219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 628.050653][T15219] RSP: 002b:00007f5ce93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 628.050668][T15219] RAX: ffffffffffffffda RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb58e929 [ 628.050677][T15219] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 628.050686][T15219] RBP: 00007f5ce93f6090 R08: 0000000000000000 R09: 0000000000000000 [ 628.050695][T15219] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 628.050703][T15219] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 628.050721][T15219] [ 628.547171][T15216] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input129 [ 629.193962][T15217] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input130 [ 629.845363][T15220] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input131 [ 631.603034][T15268] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input132 [ 631.890458][T15269] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input133 [ 634.225319][T15315] FAULT_INJECTION: forcing a failure. [ 634.225319][T15315] name failslab, interval 1, probability 0, space 0, times 0 [ 634.264325][T15315] CPU: 1 UID: 0 PID: 15315 Comm: syz.0.2318 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 634.264367][T15315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 634.264382][T15315] Call Trace: [ 634.264391][T15315] [ 634.264402][T15315] dump_stack_lvl+0x16c/0x1f0 [ 634.264447][T15315] should_fail_ex+0x512/0x640 [ 634.264483][T15315] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 634.264524][T15315] should_failslab+0xc2/0x120 [ 634.264550][T15315] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 634.264589][T15315] ? security_file_alloc+0x34/0x2b0 [ 634.264628][T15315] security_file_alloc+0x34/0x2b0 [ 634.264662][T15315] init_file+0x93/0x4c0 [ 634.264689][T15315] alloc_empty_file+0x73/0x1e0 [ 634.264718][T15315] alloc_file_pseudo+0x13a/0x230 [ 634.264750][T15315] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 634.264787][T15315] ? alloc_fd+0x471/0x7d0 [ 634.264836][T15315] sock_alloc_file+0x50/0x210 [ 634.264879][T15315] __sys_socket+0x1c0/0x260 [ 634.264906][T15315] ? __x64_sys_openat+0x174/0x210 [ 634.264936][T15315] ? __pfx___sys_socket+0x10/0x10 [ 634.264966][T15315] ? xfd_validate_state+0x61/0x180 [ 634.265009][T15315] __x64_sys_socket+0x72/0xb0 [ 634.265037][T15315] ? lockdep_hardirqs_on+0x7c/0x110 [ 634.265076][T15315] do_syscall_64+0xcd/0x490 [ 634.265112][T15315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.265136][T15315] RIP: 0033:0x7fb05278e929 [ 634.265156][T15315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 634.265181][T15315] RSP: 002b:00007fb0535b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 634.265207][T15315] RAX: ffffffffffffffda RBX: 00007fb0529b5fa0 RCX: 00007fb05278e929 [ 634.265225][T15315] RDX: 0000000000000014 RSI: 0000000000000002 RDI: 0000000000000010 [ 634.265240][T15315] RBP: 00007fb052810b39 R08: 0000000000000000 R09: 0000000000000000 [ 634.265255][T15315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 634.265270][T15315] R13: 0000000000000000 R14: 00007fb0529b5fa0 R15: 00007ffffe206758 [ 634.265305][T15315] [ 634.526848][ T30] audit: type=1800 audit(6046983969.220:15): pid=15304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2316" name="dbroot" dev="configfs" ino=51825 res=0 errno=0 [ 635.156429][ T7352] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 635.166393][T15325] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input134 [ 635.196388][ T7352] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 635.228131][ T7352] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 635.237365][ T7352] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 635.246133][ T7352] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 635.396978][T12628] ------------[ cut here ]------------ [ 635.402460][T12628] ODEBUG: free active (active state 0) object: ffff88807c181318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 635.472321][T12628] WARNING: CPU: 1 PID: 12628 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 635.482027][T12628] Modules linked in: [ 635.486083][T12628] CPU: 1 UID: 0 PID: 12628 Comm: syz.1.1600 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 635.498524][T12628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 635.509216][T12628] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 635.515150][T12628] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 89 15 8c 4c 89 e6 48 c7 c7 40 7e 15 8c e8 bf 68 9c fc 90 <0f> 0b 90 90 58 83 05 76 85 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 635.535185][T12628] RSP: 0018:ffffc9000475f768 EFLAGS: 00010286 [ 635.541280][T12628] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817ab108 [ 635.549303][T12628] RDX: ffff88802cbe9e00 RSI: ffffffff817ab115 RDI: 0000000000000001 [ 635.557327][T12628] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 635.565336][T12628] R10: 0000000000000001 R11: fffffffffffce070 R12: ffffffff8c1584e0 [ 635.573317][T12628] R13: ffffffff8baff080 R14: ffffffff8a8fb040 R15: ffffc9000475f868 [ 635.581420][T12628] FS: 0000000000000000(0000) GS:ffff888124821000(0000) knlGS:0000000000000000 [ 635.590782][T12628] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 635.597474][T12628] CR2: 00007fb2e8b18066 CR3: 0000000034b58000 CR4: 00000000003526f0 [ 635.605769][T12628] Call Trace: [ 635.609061][T12628] [ 635.612003][T12628] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 635.617525][T12628] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 635.623386][T12628] debug_check_no_obj_freed+0x4b7/0x600 [ 635.629008][T12628] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 635.635165][T12628] ? rcu_is_watching+0x12/0xc0 [ 635.639976][T12628] ? kmem_cache_free+0x2d1/0x4d0 [ 635.644957][T12628] kfree+0x28f/0x4d0 [ 635.648935][T12628] ? hci_release_dev+0x4d8/0x600 [ 635.653925][T12628] hci_release_dev+0x4d8/0x600 [ 635.658757][T12628] ? __pfx_hci_release_dev+0x10/0x10 [ 635.664085][T12628] ? rcu_is_watching+0x12/0xc0 [ 635.669139][T12628] ? kfree+0x24f/0x4d0 [ 635.673310][T12628] bt_host_release+0x6a/0xb0 [ 635.677942][T12628] ? __pfx_bt_host_release+0x10/0x10 [ 635.683243][T12628] device_release+0xa4/0x240 [ 635.687913][T12628] kobject_put+0x1e7/0x5a0 [ 635.692374][T12628] ? __pfx_vhci_release+0x10/0x10 [ 635.697494][T12628] put_device+0x1f/0x30 [ 635.701989][T12628] vhci_release+0x81/0xf0 [ 635.706387][T12628] __fput+0x3ff/0xb70 [ 635.710408][T12628] task_work_run+0x150/0x240 [ 635.715048][T12628] ? __pfx_task_work_run+0x10/0x10 [ 635.720354][T12628] do_exit+0x86c/0x2bd0 [ 635.724521][T12628] ? __pfx_do_exit+0x10/0x10 [ 635.729182][T12628] ? cgroup_update_frozen_flag+0x107/0x210 [ 635.735026][T12628] ? find_held_lock+0x2b/0x80 [ 635.739776][T12628] do_group_exit+0xd3/0x2a0 [ 635.744322][T12628] get_signal+0x2673/0x26d0 [ 635.748914][T12628] ? hrtimer_nanosleep+0x187/0x380 [ 635.754063][T12628] ? __pfx_get_signal+0x10/0x10 [ 635.759012][T12628] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 635.764264][T12628] arch_do_signal_or_restart+0x8f/0x790 [ 635.769913][T12628] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 635.776146][T12628] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 635.782349][T12628] exit_to_user_mode_loop+0x84/0x110 [ 635.787736][T12628] do_syscall_64+0x3f6/0x490 [ 635.792369][T12628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.798334][T12628] RIP: 0033:0x7f5ceb5c11e5 [ 635.803083][T12628] Code: Unable to access opcode bytes at 0x7f5ceb5c11bb. [ 635.810163][T12628] RSP: 002b:00007f5ce93f5f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 635.818667][T12628] RAX: fffffffffffffdfc RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb5c11e5 [ 635.826696][T12628] RDX: 00007f5ce93f5fc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 635.834747][T12628] RBP: 00007f5ceb610b39 R08: 0000000000000000 R09: 0000000000000000 [ 635.842806][T12628] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 635.850854][T12628] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 635.858918][T12628] [ 635.861969][T12628] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 635.869267][T12628] CPU: 1 UID: 0 PID: 12628 Comm: syz.1.1600 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(full) [ 635.881360][T12628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 635.891421][T12628] Call Trace: [ 635.894707][T12628] [ 635.897641][T12628] dump_stack_lvl+0x3d/0x1f0 [ 635.902251][T12628] panic+0x71c/0x800 [ 635.906169][T12628] ? __pfx_panic+0x10/0x10 [ 635.910603][T12628] ? show_trace_log_lvl+0x29b/0x3e0 [ 635.915830][T12628] ? check_panic_on_warn+0x1f/0xb0 [ 635.920961][T12628] ? debug_print_object+0x1a2/0x2b0 [ 635.926166][T12628] check_panic_on_warn+0xab/0xb0 [ 635.931128][T12628] __warn+0xf6/0x3c0 [ 635.935037][T12628] ? debug_print_object+0x1a2/0x2b0 [ 635.940247][T12628] report_bug+0x3c3/0x580 [ 635.944594][T12628] ? debug_print_object+0x1a2/0x2b0 [ 635.949806][T12628] handle_bug+0x184/0x210 [ 635.954144][T12628] exc_invalid_op+0x17/0x50 [ 635.958656][T12628] asm_exc_invalid_op+0x1a/0x20 [ 635.963521][T12628] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 635.969339][T12628] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 89 15 8c 4c 89 e6 48 c7 c7 40 7e 15 8c e8 bf 68 9c fc 90 <0f> 0b 90 90 58 83 05 76 85 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 635.988963][T12628] RSP: 0018:ffffc9000475f768 EFLAGS: 00010286 [ 635.995039][T12628] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817ab108 [ 636.003016][T12628] RDX: ffff88802cbe9e00 RSI: ffffffff817ab115 RDI: 0000000000000001 [ 636.010992][T12628] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 636.018966][T12628] R10: 0000000000000001 R11: fffffffffffce070 R12: ffffffff8c1584e0 [ 636.026978][T12628] R13: ffffffff8baff080 R14: ffffffff8a8fb040 R15: ffffc9000475f868 [ 636.035221][T12628] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 636.040711][T12628] ? __warn_printk+0x198/0x350 [ 636.046271][T12628] ? __warn_printk+0x1a5/0x350 [ 636.051061][T12628] ? debug_print_object+0x1a1/0x2b0 [ 636.056266][T12628] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 636.061741][T12628] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 636.067563][T12628] debug_check_no_obj_freed+0x4b7/0x600 [ 636.073131][T12628] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 636.079292][T12628] ? rcu_is_watching+0x12/0xc0 [ 636.084082][T12628] ? kmem_cache_free+0x2d1/0x4d0 [ 636.089040][T12628] kfree+0x28f/0x4d0 [ 636.092951][T12628] ? hci_release_dev+0x4d8/0x600 [ 636.097907][T12628] hci_release_dev+0x4d8/0x600 [ 636.102684][T12628] ? __pfx_hci_release_dev+0x10/0x10 [ 636.107981][T12628] ? rcu_is_watching+0x12/0xc0 [ 636.112753][T12628] ? kfree+0x24f/0x4d0 [ 636.116941][T12628] bt_host_release+0x6a/0xb0 [ 636.121549][T12628] ? __pfx_bt_host_release+0x10/0x10 [ 636.126852][T12628] device_release+0xa4/0x240 [ 636.131453][T12628] kobject_put+0x1e7/0x5a0 [ 636.135890][T12628] ? __pfx_vhci_release+0x10/0x10 [ 636.140950][T12628] put_device+0x1f/0x30 [ 636.145139][T12628] vhci_release+0x81/0xf0 [ 636.149505][T12628] __fput+0x3ff/0xb70 [ 636.153601][T12628] task_work_run+0x150/0x240 [ 636.158226][T12628] ? __pfx_task_work_run+0x10/0x10 [ 636.163370][T12628] do_exit+0x86c/0x2bd0 [ 636.167554][T12628] ? __pfx_do_exit+0x10/0x10 [ 636.172165][T12628] ? cgroup_update_frozen_flag+0x107/0x210 [ 636.177991][T12628] ? find_held_lock+0x2b/0x80 [ 636.182684][T12628] do_group_exit+0xd3/0x2a0 [ 636.187213][T12628] get_signal+0x2673/0x26d0 [ 636.191743][T12628] ? hrtimer_nanosleep+0x187/0x380 [ 636.196868][T12628] ? __pfx_get_signal+0x10/0x10 [ 636.201731][T12628] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 636.206952][T12628] arch_do_signal_or_restart+0x8f/0x790 [ 636.212511][T12628] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 636.218692][T12628] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 636.224876][T12628] exit_to_user_mode_loop+0x84/0x110 [ 636.230184][T12628] do_syscall_64+0x3f6/0x490 [ 636.234793][T12628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.240871][T12628] RIP: 0033:0x7f5ceb5c11e5 [ 636.245293][T12628] Code: Unable to access opcode bytes at 0x7f5ceb5c11bb. [ 636.252395][T12628] RSP: 002b:00007f5ce93f5f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 636.260819][T12628] RAX: fffffffffffffdfc RBX: 00007f5ceb7b5fa0 RCX: 00007f5ceb5c11e5 [ 636.268796][T12628] RDX: 00007f5ce93f5fc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 636.276768][T12628] RBP: 00007f5ceb610b39 R08: 0000000000000000 R09: 0000000000000000 [ 636.284750][T12628] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 636.293155][T12628] R13: 0000000000000000 R14: 00007f5ceb7b5fa0 R15: 00007ffc91367008 [ 636.301233][T12628] [ 636.304500][T12628] Kernel Offset: disabled [ 636.308826][T12628] Rebooting in 86400 seconds..