last executing test programs: 18m40.185105964s ago: executing program 2 (id=4245): r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40103d0b, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x4, 0x38) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) ioctl$auto(r1, 0x5646, r1) connect$auto(r1, &(0x7f0000000000)=@xdp={0x2c, 0x0, 0x0, 0x37}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000040), 0x109000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) 18m39.148193433s ago: executing program 2 (id=4249): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) r0 = socket(0x2, 0x1, 0x106) semctl$auto_GETPID(0x0, 0x4, 0xb, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clock_getres$auto(0x60004, &(0x7f00000001c0)={0xfffb, 0xffffffff80000000}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r1 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto_SO_BROADCAST(r1, 0x0, 0x6, &(0x7f0000000000)='[\x00', 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="53c331387aea7714f94cb64d17403eebb2672472e19e461acde3e197e4b9b713e35ec33fcef8c9813572efe684297a18be1c7e5beefab1ef6d0537931c65988b38c1b6efd34b974cfe273789164e5c0bfadb7adcb6e8d7c2f8f4850ad09482f89f56a2bed8169653b6c9b6621c7bf0d29af257708428d582d296c2a5620badcd64ee246072f8bec609bc1d74200bc0afe3a12b2b3bb542350c8efbc7d4c11588c275304ec10f2672753169ca3f2768ce1d87b1c6dc869d30a7c9489733130049a7f1edc3cf424d636ca5bd0c", @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf257e000000"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) write$auto(0x3, 0x0, 0x80000003) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) poll$auto(0x0, 0x0, 0x9f) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYBLOB, @ANYRES32, @ANYBLOB="b75fe3026f55bf76ddebf220f10fecca0e558137de91a8a54cc179a33d349b56c1d0eed54f953feac4a50c1d1ce971c139e33122e35c7fa342f3bde1113587f4331bb0ab39ca6aeb5c0711bcdebfef3bcb8169e948fa5d66a154080cd97f4f6f"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) 18m38.197033808s ago: executing program 2 (id=4255): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb3, 0x401, 0x300000000000) socket(0x1e, 0x6, 0x3f) connect$auto(0x3, 0x0, 0x58) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x4000000000000c8, 0x400454d8, 0x3) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) read$auto(0x3, 0x0, 0x80) ioctl$auto_TIOCVHANGUP(r0, 0x5437, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x200000036, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, 0x0) set_mempolicy$auto(0x203, &(0x7f0000000000)=0x2, 0x9) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) fcntl$auto_F_OFD_SETLKW(0xffffffffffffffff, 0x26, 0x6) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) io_uring_setup$auto(0x1, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x3ff, 0x10000000000002) mmap$auto(0x7, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x200, 0x4) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/ip_unprivileged_port_start\x00', 0x101202, 0x0) times$auto(0xfffffffffffffffc) write$auto(r1, 0x0, 0x0) 18m37.734407894s ago: executing program 2 (id=4257): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001980)=ANY=[], 0x1288}}, 0x4000000) syz_genetlink_get_family_id$auto_macsec(0x0, r1) sendfile$auto(r1, r1, &(0x7f0000000340)=0x7, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x9, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r0, 0x0, 0x594c, 0xf) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.5/usb6/bNumInterfaces\x00', 0x143262, 0x0) write$auto(r6, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x83) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010180bd7020fcdbdf256f000040"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd700002dcdf25030000000400087918000180140010800c"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) r9 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r9, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0xfffffffffffffffc, 0x40cb1, r6, 0x300000000004) r10 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xff7ffffffffffffe, 0x2, 0x8, 0xc00, 0x66f, 0x4042, 0x3, 0x2}) 18m36.125760513s ago: executing program 2 (id=4261): socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0xe883, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(0xffffffffffffffff, 0x3304, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) ioperm$auto(0x7, 0x800, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r0 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r0, 0x29, 0xce, 0x0, 0x0) socket(0x2, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/cpu_dma_latency/power/runtime_active_time\x00', 0x200, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0xfffff000, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) madvise$auto(0x0, 0x2003f0, 0x18) 18m35.140343872s ago: executing program 2 (id=4268): bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x2e) socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0x70) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) 18m20.023452919s ago: executing program 32 (id=4268): bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x2e) socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0x70) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) 10m56.938723456s ago: executing program 3 (id=6005): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r0, r1, 0x0, 0x1000200) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) r3 = socketcall$auto_SYS_SOCKET(0x1, 0x0) r4 = socket(0x10, 0x2, 0x0) splice$auto(r4, 0x0, r3, &(0x7f00000001c0)=0x9, 0x2, 0x1) sendfile$auto(r2, r2, 0x0, 0x3) 10m55.6499688s ago: executing program 3 (id=6008): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8}) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x415441, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r1 = socket(0x22, 0x1, 0x100) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$auto_SW_SYNC_GET_DEADLINE(r2, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r2}) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x2000000000001, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00', 0x0}) r8 = getpid() sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012bbd7000fedbdf250100000008000900", @ANYRES32=r7, @ANYBLOB="050001000000000008000200", @ANYRES32=r8, @ANYBLOB="0805000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901) getsockopt$auto_SO_LOCK_FILTER(r6, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$auto_psample(0x0, r5) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r5, 0x0, 0x801) mmap$auto(0x8, 0x20009, 0x3, 0xffffffff, 0x405, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r9 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r9, 0x40186f40, 0x0) r10 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r10, 0x4b41, 0x7) 10m54.319517939s ago: executing program 3 (id=6011): r0 = dup$auto(0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0x80000000df, 0x9b72, r0, 0x28000) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) unshare$auto(0x40000080) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder0\x00', 0xc80, 0x0) ioctl$auto_BINDER_GET_FROZEN_INFO(r1, 0xc00c620f, &(0x7f0000000180)) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x6a) listen$auto(0x3, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x3, &(0x7f0000000080)="1d3e23c068b844b0ee56838053d6af6444fdf49e8a44943146d4461d17130adec3c5ad3765eec614140a2167d29ea83d3de9c81f9d14449f9c945aae92") madvise$auto(0xd29, 0x53, 0x0) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x2, 0x0, 0x28) 10m52.074548387s ago: executing program 3 (id=6017): clone$auto(0xffffffffffffffff, 0xf7, &(0x7f0000000040)=0x3, &(0x7f0000000080)=0x6, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0) write$auto(r0, &(0x7f00000001c0)='-\x001c\xc2.b\x97\x1a\xf4\xd8\x1a\x1c\xb2\x9db\xb1\xec\xdeGDr=\xc2\xdc\xdf\x8cg\xa10Fzk\x86bd\xfc\x19\x96y\x9cYy\xc1\xc4\xf1\x0fH\x0f2\xa6\xbd\x9b\xe8\x97\xb0>,\xbf\xb8Kje\x05\xc4\xf8\x01\xd3]\x7f\xb8\x83S\xaf\xc5\xceZZlTO\xf5\x81`$\xec=|1\x05\xa9\x95Q\xf6\a\x81)\x94\xdaJ.\x04\xf2\xd7O\xa7=u1\xcd$\x17(t\xa4.\x1d\xfd\xf1\xc8e\x9c\xb4k\xfd\x94+B\x17o\\>4\xb7d5\a\xef\xb6\xe5F\xba\xf9Q\xdb\xd0\xb5\xa6\x1b\\\x0e\xb7\xab\xc3\x7fO`\x0e\x15\xca\x01z\xc23\xa1\x03\xdd@\xf3', 0xfdef) r1 = socket(0x2, 0x5, 0x0) close_range$auto(r1, 0x8, 0x0) socket(0xa, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040), 0x5) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r2) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x34, r3, 0x1, 0x70bd26, 0x25dbdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x34}, 0x1, 0x300, 0x0, 0x24000040}, 0x2004c840) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/ati_remote2/parameters/mode_mask\x00', 0x80401, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x800f) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) r5 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x141080, 0x0) read$auto_ftrace_set_event_notrace_pid_fops_trace_events(r5, &(0x7f0000000400)=""/43, 0x2b) sendfile$auto(0xffffffffffffffff, r4, 0x0, 0x1000200) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/pm_debug_messages\x00', 0xa0440, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000280), r1) sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r7, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="00022bbd700000"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x1bef8a3657dd5a1a) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000080)=""/64, 0x40) r9 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r9, &(0x7f0000000040)="1f91f2c3881f4610e18d5fc5e5bfd9800e9b4b", 0x13) sendmsg$auto_NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x6}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0xbf}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) 10m51.870599093s ago: executing program 3 (id=6020): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x42a81, 0x0) unshare$auto(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') setns(r0, 0x0) mount$auto(0x0, &(0x7f0000000040)='.\x00', 0x0, 0x43ffc, 0x0) 10m51.710291001s ago: executing program 3 (id=6021): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x6) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8502, 0x0) write$auto(r1, 0x0, 0x80001) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(0xffffffffffffffff, 0x0, 0x4000000) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) open(0x0, 0x2a4c0, 0x40) execve$auto(0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x10001, 0x7fffffffffffffff, 0xe817) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, r3, 0x10008000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x2, 0x0) pwritev$auto(r4, &(0x7f0000000100)={&(0x7f0000000080), 0xe001}, 0x3, 0xe, 0x3) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/sequencer2\x00', 0x1, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r5, 0x40085112, 0x0) mmap$auto(0x7fffffe, 0x6, 0x40005, 0x13, 0x3fd, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) 10m36.647224944s ago: executing program 33 (id=6021): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x6) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8502, 0x0) write$auto(r1, 0x0, 0x80001) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(0xffffffffffffffff, 0x0, 0x4000000) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) open(0x0, 0x2a4c0, 0x40) execve$auto(0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x10001, 0x7fffffffffffffff, 0xe817) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, r3, 0x10008000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x2, 0x0) pwritev$auto(r4, &(0x7f0000000100)={&(0x7f0000000080), 0xe001}, 0x3, 0xe, 0x3) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/sequencer2\x00', 0x1, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r5, 0x40085112, 0x0) mmap$auto(0x7fffffe, 0x6, 0x40005, 0x13, 0x3fd, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) 7.75073759s ago: executing program 4 (id=7672): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f00000002c0)="117400001567c21d9b7eb5ae6e609a4da1d274faa66649bd50152707000000bf7827b9631d9c01f686d14ff0d014958268a680ced9764d7c1ac6617d3b6e2e2ff60a185cfa", 0x45) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r1, r2, 0x0, 0x1000200) mmap$auto(0x3, 0x2, 0x7, 0x16, r0, 0x2) r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f00000000c0)="0218a8317de78a86569096b02d7c60217e7d6f1f048db9bdcd2a5050f1a4910c2ea434da6324116241f4929196e4ec76e8145a15199e808cca9e82d6f05f4ff4da32c0397469fd7bb3b99258d601821870a2e5e2d62a4870f50d821866b0c7671a2c4f6a92fa19db1843ad3948959794cb7371faf218977d725b8a65850618f6015e188a5da5fc6ccbde0851aff7ef018c3f72656f99fa606b3390a9bbb561060a92bbc8c17bd3f36dcf6c02c457137196167b3a76e26590f3f496789e3421b92249d4071a74c938f9b7b5f9579643cdb94fee63e1aa288d2eb6c2414dbe54d7aaaba98d31c368cfe02d4c9019dd588175f2a7f2e81caa62b57484a4f627", 0xfe) ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x2, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) r5 = socketcall$auto_SYS_SOCKET(0x1, 0x0) r6 = socket(0x10, 0x2, 0x0) splice$auto(r6, 0x0, r5, &(0x7f00000001c0)=0x9, 0x2, 0x1) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/ip6_flowlabel\x00', 0x42000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r7, &(0x7f0000002100)=""/15, 0xf) sendfile$auto(r4, r4, 0x0, 0x3) 6.694086246s ago: executing program 5 (id=7674): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x10, 0x2, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x42080, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="0c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4830) write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r4 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x401, r4, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x8000, 0x1, 0x101) close_range$auto(0x2, 0x8, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r7, 0x10e, 0x5, 0x0, 0x0) socket(0x2, 0x1, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xa4e00, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 6.395434775s ago: executing program 0 (id=7675): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa0182, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300005000000) 6.365784045s ago: executing program 1 (id=7676): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) futex_waitv$auto(&(0x7f0000000300)={0x7f, 0x100000001, 0x2}, 0x1, 0x0, &(0x7f0000000340)={0x92, 0x6}, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) socket(0x11, 0x2, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x4, 0xa, 0x48}) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto(r1, 0x0, 0x5) sendmsg$auto_NFC_CMD_GET_DEVICE(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0xc8, 0x0, 0x4, 0x70bd2d, 0x25dfdbfc, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x4}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0xff}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1482}, @NFC_ATTR_VENDOR_DATA={0x83, 0x1f, "3e3fe36d2345c4a020a978d05c864042975f4eb9e314243e49d7e98adb21c07b702a4b5d172d64253010602703b76d4ad5a4ef0a65b8b595c314c263f23bf62adaae34fb3e709d2f5dfaf9f77ed1cc0ba0215d7b170a39ab66e1ef0b72f41da7341218461f5d028d826e0dcd1fafd700943c344cfad1b65649cda9ea2667c4"}, @NFC_ATTR_LLC_PARAM_RW={0x5}, @NFC_ATTR_FIRMWARE_NAME={0xe, 0x14, '/dev/vmci\x00'}]}, 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f0000000380)={0xb, 0x55f, 0x4, 0x6, 0x5, 0x4, "0bbcd5e11480a52d43eb8617753ccdbf76f737473bf7c339db13e26f4f196a9e3ed832e2e41c2f4b0b1da5fe40fb5040fb13def293a269d3db9dcda8999e995d"}) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x101) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca481, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x26, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0xffffff28, 0x84, 0x0, 0x0, 0x0, 0xffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x80000, 0x0, 0xffff, 0x10, 0x0, 0x8, 0x10000, 0x0, 0x0, 0x0, 0x6, 0xbdcc, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) write$auto(0x3, 0x0, 0xffd8) read$auto(r0, 0x0, 0x20) 5.90467191s ago: executing program 0 (id=7677): mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x3, &(0x7f0000002a40)={0x0, 0x7}, 0x4, 0x0) madvise$auto(0x0, 0x2003ed, 0x19) mmap$auto(0xf00, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 5.726906544s ago: executing program 5 (id=7678): r0 = socket(0x10, 0x2, 0x4) futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$auto_VHOST_SET_VRING_ERR2(0xffffffffffffffff, 0x4008af22, &(0x7f0000000040)={0x7, r0}) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) ioperm$auto(0x7, 0x800, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r1 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r1, 0x29, 0xce, 0x0, 0x0) socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/cpu_dma_latency/power/runtime_active_time\x00', 0x200, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300005000000) madvise$auto(0x0, 0x2003f0, 0x18) 5.672443267s ago: executing program 0 (id=7679): r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8}) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x400, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x1010, r1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r2 = socket(0x22, 0x1, 0x100) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram7\x00', 0x60742, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r4 = ioctl$auto_SW_SYNC_GET_DEADLINE(r3, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r3}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) keyctl$auto(0x11, 0xfffffffffffffffa, 0x0, 0x4, 0x3) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x2000000000001, 0x0) r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xffffffffffffffff, 0x8fd7, 0xae8f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x7ffffffd, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffff3d4]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r8 = socket(0x25, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00'}) getpid() sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="61db88f13b44302bc24ab4df72523815305c4ea9bdaf410c26eb39e50af48588935d0fdfcdac64f62f8dd0ef", @ANYRESDEC=r7, @ANYRES32=r7, @ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="650a880a20539b8ba70475a69a83b539b18e6ce8639b861c14c87782492bb626a12ef2577660197e106b9ecb97fa65a4d454685568fbdc9a968cf7a776c26e7e34165656892f8c6d45ce31f06da24c4b167fa8c3487a7fbe49f9884a04e9f3835fa82ed4fe9a40e6c0865fa9f74bd45d22172988facd"], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901) getsockopt$auto_SO_LOCK_FILTER(r8, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$auto_psample(0x0, r6) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r6, 0x0, 0x801) mmap$auto(0x8, 0x4, 0x3, 0xffffffff, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x183582, 0x84) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) 5.519877247s ago: executing program 4 (id=7680): ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x62, 0x2, 0x2100000, 0x4, 0xfffffffffffffffe, 0x1, 0x0, 0xe8, 0x0, 0x4, 0x0, 0x2}) r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, r0, 0x8000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x9c) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 5.286027557s ago: executing program 1 (id=7681): ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x62, 0x2, 0x2100000, 0x4, 0xfffffffffffffffe, 0x1, 0x0, 0xe8, 0x0, 0x4, 0x0, 0x2}) r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, r0, 0x8000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x9c) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (fail_nth: 3) 5.08701769s ago: executing program 4 (id=7682): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) pselect6$auto(0x2000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) prctl$auto(0x7ff, 0x100000003, 0x4, 0x5, 0x20000000010004) futimesat$auto(0xda, 0x0, 0x0) read$auto(r0, &(0x7f0000000140)='/dev/video15\x00', 0x5) mmap$auto(0x0, 0x5, 0x7, 0x9b72, 0x2, 0x8000) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_DQEVENT(r2, 0xc0506107, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) ioctl$auto(0x3, 0x560d, 0x38) socket(0x2, 0x801, 0x100) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) sendfile$auto(r4, r4, 0x0, 0x10000800000003) socket(0x28, 0x5, 0x0) setsockopt$auto(0x400000000000003, 0x2a, 0x40000006, 0x0, 0x56d) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000000)=""/194, 0xc2) select$auto(0x5, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.400384269s ago: executing program 1 (id=7683): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8}) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x415441, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r1 = socket(0x22, 0x1, 0x100) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$auto_SW_SYNC_GET_DEADLINE(r2, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r2}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x2000000000001, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00', 0x0}) r8 = getpid() sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012bbd7000fedbdf250100000008000900", @ANYRES32=r7, @ANYBLOB="050001000000000008000200", @ANYRES32=r8, @ANYBLOB="0805000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901) getsockopt$auto_SO_LOCK_FILTER(r6, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$auto_psample(0x0, r5) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r5, 0x0, 0x801) mmap$auto(0x8, 0x20009, 0x3, 0xffffffff, 0x405, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r9 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r9, 0x40186f40, 0x0) (fail_nth: 2) r10 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r10, 0x4b41, 0x7) 4.131681914s ago: executing program 5 (id=7684): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) mmap$auto(0x700, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8}) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x415441, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r1 = socket(0x22, 0x1, 0x100) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$auto_SW_SYNC_GET_DEADLINE(r2, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r2}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x2000000000001, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00', 0x0}) r8 = getpid() sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012bbd7000fedbdf250100000008000900", @ANYRES32=r7, @ANYBLOB="050001000000000008000200", @ANYRES32=r8, @ANYBLOB="0805000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901) getsockopt$auto_SO_LOCK_FILTER(r6, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$auto_psample(0x0, r5) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r5, 0x0, 0x801) mmap$auto(0x8, 0x20009, 0x3, 0xffffffff, 0x405, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r9 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r9, 0x40186f40, 0x0) r10 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r10, 0x4b41, 0x7) 3.451258018s ago: executing program 1 (id=7685): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/extfrag/extfrag_index\x00', 0x101200, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r1, &(0x7f0000000300)=""/241, 0xfe62) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) read$auto(r0, &(0x7f0000000140)='/dev/video15\x00', 0x5) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r2, 0x5407, 0xffffffffffffffff) socket(0x10, 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001200)='/dev/v4l-subdev0\x00', 0x0, 0x0) capget$auto(0x0, 0xfffffffffffffffe) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x64, 0xff, 0x0, @raw=0xfffff020}}) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto_SO_SNDBUF(0xffffffffffffffff, 0x7fff, 0x7, 0x0, 0x3) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfdef) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r4, 0x0, 0x9) close_range$auto(0x2, r4, 0x0) timerfd_create$auto(0x8, 0x800) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00') 3.233576623s ago: executing program 0 (id=7686): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) sendto$auto(r0, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can, 0x36) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r2 = socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r2, &(0x7f0000000000)=@can={0x1d, r4}, 0x6a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.089547432s ago: executing program 4 (id=7687): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r1, 0x323, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xfffff000}, 0x20008804) 2.035184854s ago: executing program 5 (id=7688): close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0x1) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10b402, 0x0) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/3/smp_affinity_list\x00', 0x8f3b7a51b8162d21, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x0, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 1.985228363s ago: executing program 0 (id=7689): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty38\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) mkdir$auto(&(0x7f0000000000)='./file0\x00', 0x5) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x4, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) ioctl$auto(0x3, 0x541b, 0x38) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x6, 0x100000003, 0x100000001, 0x2, 0x1ff, 0x100000003, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0xfff, 0x80000001, 0x1]}, 0x0, &(0x7f0000000280)={0x10006, 0xcb}) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r1 = socket(0x23, 0x5, 0x0) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r1, 0x0, 0x80) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioctl$auto(0x3, 0x541b, 0x74) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) 1.972765058s ago: executing program 4 (id=7690): ioctl$auto_VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f00000001c0)={0x3}) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x9) r1 = socket(0x1d, 0x3, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c804}, 0x4000) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x60840, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) sendmmsg$auto(r4, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) r5 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r5, @new_prog_fd=0x4, 0x4, @old_map_fd=r4}, 0xa3) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="080129bd7000fcdbdf253900000006003600020000000800f8b6873e8f93b43da70100000000"], 0x2c}, 0x1, 0x0, 0x0, 0x400c041}, 0x80) ioctl$auto(0x3, 0x40045532, 0x38) r6 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x88c00, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_DRAIN2(r6, 0x4144, 0x0) 1.680743077s ago: executing program 1 (id=7691): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) clock_settime$auto(0xfffffffe, 0x0) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x415441, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) r1 = socket(0x22, 0x1, 0x100) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) r3 = ioctl$auto_SW_SYNC_GET_DEADLINE(r2, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r2}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x2000000000001, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00'}) getpid() sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x7ec284a4a8dc18cd}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x20040901) getsockopt$auto_SO_LOCK_FILTER(r6, 0x0, 0x2c, 0x0, &(0x7f0000000100)=0x8) syz_genetlink_get_family_id$auto_psample(0x0, r5) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r5, 0x0, 0x801) mmap$auto(0x8, 0x20009, 0x3, 0xffffffff, 0x405, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r7 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r7, 0x40186f40, 0x0) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r8, 0x4b41, 0x7) 1.518703393s ago: executing program 5 (id=7692): mmap$auto(0x0, 0x400008, 0x4, 0x9b72, 0xffffffffffffffff, 0xe) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa0182, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, 0x0) ioctl$auto_UI_SET_EVBIT(r1, 0x40045564, &(0x7f0000000040)=0xfffffffe) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)) mmap$auto(0x0, 0x2000040000c, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 1.09444303s ago: executing program 4 (id=7693): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen\x00', 0x382c02, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x5}, 0x4, 0x0, 0x1, 0x4}, 0x4}, 0xffff, 0x300, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x60100, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) 261.702203ms ago: executing program 0 (id=7694): openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r1, 0x400, 0x70bd29, 0x25dddc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xd, 0x3, 0x0, 0x9, 0x9) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) lstat$auto(0x0, &(0x7f0000000640)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0x1000, 0x8, 0x80000000000000a, 0x40000404, 0xd, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) write$auto(r0, &(0x7f00000000c0)='\x00', 0x6) mmap$auto(0x0, 0x20009, 0x29b010c0, 0x100000eb1, 0x40000000000a1, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x2b, 0x5, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) write$auto(r4, &(0x7f00000003c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x14\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C\xf8B^`\xf8\xc2\x0e\xfc>\xa1\xc5\x1dc\xb5S\xb0eX\xba\xe2\xb8\x17\xd1?\xec\xa3Rc2U\xc2OD\x1cl\xc6\xf0,4\x84A\x8f\xa0\xecJ\xb7\xfcnDO\n[^\xfc\xee\xf4\x98\xb3:K\x05\xd6ElP\xb1\xdc\xa2cg\xafENM\xb2\x1e\xfe\x0f}\xba\x83\x00\x81\x1at\xbf\x9ezF+x\xec\xe1`Qfm:\xfd\xeek\xa6#\xde\x16\x8f\xe9\xe9\xccbP\xb2z\xe1\xed\x97\x11\xaa\xea@\xee:\r\xb8\xe5\xd9CNG\x94\xe5\xcf\xfc3\xc7Z8\x03\x00\x00\x00\xc9\xe2ny\xa7\xd4\xb5A\x8e\xe2\x87\xf0\x17\x90%c\x1dE\xb1j2\x13\x10\xc2\x98\xeak\xa8\x10\xa0\x0f\xe8\x828\"9\xc1\xf2\xb6\x18\x9atD\xf13\xb2+$\x06q\xd6\x8e\xc18\x85\xd2\xd2\x1f\x97\x1d\xd7\x88\"\x01w\xaa\\\f\x98\xbf\xff\xeb\xceg\xa7\x8e\x84B\x7fn\xddu\xe0i\xd3\xf8\x8e\xf4\x111\x86\xfd\xcb\xa1\xd41\x8cI\xe0\xfa\xb3/(s\xd6\xd8\xcdCr\xf5MZ\xb8\xd4\x97\xae1\xc23ph\x84-@\xd4N_\n\xef\x86\x93T\\x\xf2\xce \xfe\v2E\xcatr\x00\xe5\xd7\xb2\x13\xe6\xd8\xd0\xe1|f\xaa\xadX@!\xc2]\xf9\x80\x9a\x1d\xcbt;\xfew\x14\x92\xc27\xbf\xad\x10\xa4\x93\xcd\xdc\x89\xa15\xe7r\x85\xcc\xd2p?\xf2\x0f`+\xb2\xcb\xf1\xddXw\xd2}Is%x\xbbJx\xebo{\x80\xc6o\x9e\xb2\"\x1c\vzL\"\x880|\v\xe0N\x8f\xd6\x8a\xaf', 0x80001) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000240)={0x0, 0xe8}, 0x2, 0x0, 0x3, 0xa505}, 0x800}, 0x7, 0x4008) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000) mmap$auto(0x4, 0x4, 0x4000000000df, 0x13, r0, 0x6a111780) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) r5 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r5, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xc64, 0x5, @_sigchld={r5, 0x0, 0x401, 0x5, 0x3}}}) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x10001, 0x7fffffffffffffff, 0xe817) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) 60.192611ms ago: executing program 5 (id=7695): r0 = io_uring_setup$auto(0xf377, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000017c0), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, &(0x7f0000001a80)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000001b80)=ANY=[@ANYBLOB="dfa6e3cc", @ANYRES16=r2, @ANYBLOB="020027bd7000fedbdf250700000008001d00ff010000080003000000010004021380fe00ee00b086ba4787cca353d661c191ba1a982a4c5299bee6c26b61546ee16da6c24fa421e884e94c5db9f7c8a3adf945524c15c5bc8b5887b0a620dbb4dc06f57b9258e133f1bd4121e84f44da34cb38f8b8dcc5375e8f9e43472519d307de0bfd21b73a211291c6c2ee577a379ac735bb9c6732e218afe114361607c8d26a7c9a2e6beda2e30b369dcbef82739eb1cf1c556e3e95a0c72304fc014acba2bc7afe0a5406cbc52abc5a9c7cf8e3dfc8204f16c406879b2d9b5b655a09d1ecbacb2978ee836ccc18e739ee5d1e8d53d0ad62a421d0c96cfe9adc77b48318805e4338de8ca99ba27be54e6479e74403393fa57d5d5fc42001a3eea1c7c45efe1e0000fd0002800800400001000000060034002a000000acf3f62afa4b27b49107b0fbab3ddb5c5a8f2d51be000ccc32aa462db9d9795b8d363ce1a9bc9541c58e4cb73156bacd64fbf0a424acba8ebd6f84a56c1102743e0fed4494561cbe49d33680e7523feee427f2f4581040edc686ff075df705d32d8ab567cc27c891988f763ddb5c7deeb08e7fb8ea6050c5bbc1579377fb4106d12978eee9465737dcff65c98d267a8becb2d87d77f7299a1067f2be575c2da6917a6a2a324e92ad338dd42f9203eb4bd208d2a1668d441f19435785271430dd0e0c637397c838977e066ff0b4c96fbcc79f1d3b5daf06c4ad54d4901c04000680080002000ffbd71df9ca56df0027eeaf4789190b608fa70aaf477df98629c7a941bfe657cd1659c84aff7c57a230b4bb6828761037065568241545a251c9d1abdc1861693f5cf3f4f21b8367d49492900cdd6324e4118e4e1fc2f9dda11f12aedd62088cd24b0799fdffe27c01a1d8adb923881ef59540f93a928e083891cdd768f90fbe5839723d4ffdcc542cd76e4bd10ec5ff31b33a9ecb0d9ad9e272deb2bcaaa75e1b3d473eab35a4bcca191ec13c8a6fa83e26c35ee94618fde0ee68c6de667d3ca9e5bab0d4f63fcee8a81d9b2b2a842cb7ad5a53cdd070ccfe763dfef0a6146e81fab8bdb09b72e49a60b536958b318ba08c542fffaa98ff371012d2dd8cb1d70d8ef18ad7ad5e8da9528150f2175bf13775082bb921f1304a3d324016d2d63a7d721ca07c6d90af4fdaf08cfdf4", @ANYRES32, @ANYRES16], 0x228}, 0x1, 0x0, 0x0, 0x400c004}, 0x4000000) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000001f00)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000128bd7000fcdbdf251000000014021380cf0023003f0e20baec02411457592a281256c99f3dd9001a8155d832782c61c755136670aaf70e3f3ce2547f0a269c7b9c9a74064153cddada03e831c82eb5996a85bb9ff92d11e7f89419604e083bedd92d18f2db9b2ae03db32e6b4363400617b207afe3876bd76d825244f1b146642b78ffa62a842be212d324c8768adfb060fa93947b15d83a38803c18fcbe2ae71ea197b045df5dadfaf21438063dfa625d4375bb60202cb939472a2f2bcf8cea1fa658f78f32f08284bef8ebf9310dc9a0f9c4af5c2678ba9900425079571a000400b8803c01288032012f800800f600ac141426694495d8239987a218cc3f8fa9e91df38a620f69f1f04c707335756bdc73cdc98ef5d28474a8cb456d2c04c56a2ec1a5bec23fb3c95f87ee29aaaefbeb766bed095db6f644bc036e0f163d7d6df2a7cf0520999b6e1ee07df9523d6a7e33073b31ead5ca081773538d2d63495b40d840f75a650a47dbdb62ab5610c819193d4c4143d807fc006281f872c76ecc2e990bd323ba7ebc5e4fca1ffebf3f43897d6e48b78ec4142032e3a301b3dc08dd0d2ada624305bac9d75ae214009c00fc0200000000000000000000000000005700d68008002d000200000008003400ac1414aa08001b800400aa80fecee52685929eb3ea8990d05fc50af5bc81a182963477677096147c72466716b90eb97ee8c4e1c3286387af8c30f142fe209acf4e52fc31b4039a002a00000400828008000e004000000008000d0004000000"], 0x238}}, 0xc081a5f05449d167) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_RESET(r0, 0x5000, &(0x7f0000000180)="5104d8dc9bda8e91aa777523dce292b6dd5defa9ad9e6a56a0e3c64022d7238a7c9ceee3c86bbe768de651ac15f00eed2cf77bd15e8f6782af2c887932f8759164c31dea3944a17e0db8a694d948f6ae3919866667d236cfafd625d05f1a474d0c9102444f052af6f41c39869d4378a46471db230be46f1740809c7268fbd42de8726e6e173ad02392c0e762c1ceaf228ef0ae9a9f45276ace54e6dbfea5569980a2c267e8168bb74edfc8e0eb30bb4b9995ddf6") prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82400, 0x0) ioctl$auto_SG_SCSI_RESET(r4, 0x2284, 0x0) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) epoll_create$auto(0x4) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x17f, 0x7, 0xd, 0x5, 0x948b, 0x4000000000003, 0x15f4da0a, 0x0, 0x40, 0x62, 0x80000004, 0x7, 0x6d3f, 0x9, 0x6, 0xaa1]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x9, 0x7ffffffd, 0x0, 0x100, 0xee01, 0x0, 0x0, 0x4346, 0xfd3, 0x2, 0xffffffffffff3307, 0x4, 0x80000000081, 0x8, 0x2}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x6, r3) ioctl$auto(0x20000000000003, 0x8946, 0x2) close_range$auto(r1, 0x8, 0x0) socket(0x2, 0x5, 0x0) bind$auto(0x3, 0x0, 0x6a) 0s ago: executing program 1 (id=7696): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r0, 0x29, 0x11, 0x0, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) futex_wake$auto(&(0x7f0000000140), 0x8, 0x6, 0x6) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000740), 0x101001, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x11, 0x80003, 0x300) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x1000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1001, 0x5905, 0x5, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mq_open$auto(&(0x7f0000000000)='nlctrl\x00', 0x80, 0x8001, &(0x7f0000000040)={0x4, 0x1, 0x4c3, 0x28}) mmap$auto(0x0, 0x40006, 0xe2, 0x20009b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0x121980, 0x0) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2) close_range$auto(0x2, 0xa, 0x186) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) kernel console output (not intermixed with test programs): _64+0xcd/0x490 [ 2182.192721][T13547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2182.192736][T13547] RIP: 0033:0x7fd2e698ebe9 [ 2182.192749][T13547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2182.192763][T13547] RSP: 002b:00007fd2e77f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2182.192778][T13547] RAX: ffffffffffffffda RBX: 00007fd2e6bb5fa0 RCX: 00007fd2e698ebe9 [ 2182.192787][T13547] RDX: 0000000000060080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2182.192796][T13547] RBP: 00007fd2e6a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2182.192805][T13547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2182.192813][T13547] R13: 00007fd2e6bb6038 R14: 00007fd2e6bb5fa0 R15: 00007ffc822f7aa8 [ 2182.192831][T13547] [ 2183.400140][T13612] ubi0: attaching mtd0 [ 2183.420311][T13612] ubi0: scanning is finished [ 2183.420349][T13612] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2183.727165][T13612] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2184.805772][T13609] tty tty12: ldisc open failed (-12), clearing slot 11 [ 2184.865461][T13615] tty tty12: ldisc open failed (-12), clearing slot 11 [ 2186.575089][T30910] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2186.595397][T30910] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2186.624890][T30910] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2186.634810][T30910] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2186.642496][T30910] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2186.905247][T13689] ptrace attach of "./syz-executor exec"[1539] was attempted by ""[13689] [ 2187.151608][T25159] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2187.369063][T13692] ubi0: attaching mtd0 [ 2187.436828][T13692] ubi0: scanning is finished [ 2187.709050][T13692] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2187.721253][T25159] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2188.267522][T25159] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2188.316636][T13692] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2188.324773][T13711] ubi0: attaching mtd0 [ 2188.338516][T13711] ubi0: scanning is finished [ 2188.343494][T13711] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2188.665908][T30910] Bluetooth: hci4: command tx timeout [ 2188.714332][T13711] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2189.145930][T25159] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2189.220795][T13774] ubi0: attaching mtd0 [ 2189.324996][T13774] ubi0: scanning is finished [ 2189.479217][T13774] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2189.633599][T13675] chnl_net:caif_netlink_parms(): no params data found [ 2190.181205][T13774] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2190.471853][T13675] bridge0: port 1(bridge_slave_0) entered blocking state [ 2190.516101][T13675] bridge0: port 1(bridge_slave_0) entered disabled state [ 2190.523507][T13675] bridge_slave_0: entered allmulticast mode [ 2190.595234][T13675] bridge_slave_0: entered promiscuous mode [ 2190.638301][T13675] bridge0: port 2(bridge_slave_1) entered blocking state [ 2190.695456][T13675] bridge0: port 2(bridge_slave_1) entered disabled state [ 2190.734740][T30910] Bluetooth: hci4: command tx timeout [ 2190.764636][T13675] bridge_slave_1: entered allmulticast mode [ 2190.802257][T13675] bridge_slave_1: entered promiscuous mode [ 2190.845326][T25159] hsr0: left allmulticast mode [ 2190.850142][T25159] hsr_slave_0: left allmulticast mode [ 2190.876907][T25159] hsr_slave_1: left allmulticast mode [ 2190.906537][T25159] hsr0: left promiscuous mode [ 2190.911602][T25159] bridge0: port 3(hsr0) entered disabled state [ 2191.020421][T25159] bridge_slave_1: left allmulticast mode [ 2191.061733][T25159] bridge_slave_1: left promiscuous mode [ 2191.098534][T25159] bridge0: port 2(bridge_slave_1) entered disabled state [ 2191.152321][T25159] bridge_slave_0: left allmulticast mode [ 2191.158038][T25159] bridge_slave_0: left promiscuous mode [ 2191.219726][T25159] bridge0: port 1(bridge_slave_0) entered disabled state [ 2191.603726][T13896] ptrace attach of "./syz-executor exec"[1539] was attempted by "./syz-executor exec"[13896] [ 2192.802705][T30910] Bluetooth: hci4: command tx timeout [ 2193.265391][T25159] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2193.318423][T25159] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2193.348549][T25159] bond0 (unregistering): Released all slaves [ 2193.551211][T25159] HfR: left promiscuous mode [ 2193.612729][T13675] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2193.650005][T13675] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2193.994234][T13675] team0: Port device team_slave_0 added [ 2194.276172][T13675] team0: Port device team_slave_1 added [ 2194.472803][T25159] hsr_slave_0: left promiscuous mode [ 2194.603208][T25159] hsr_slave_1: left promiscuous mode [ 2194.609084][T25159] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2194.643717][T25159] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2194.675146][T25159] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2194.698222][T25159] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2194.769705][T25159] veth1_macvtap: left promiscuous mode [ 2194.781734][T25159] veth0_macvtap: left promiscuous mode [ 2194.802036][T25159] veth1_vlan: left promiscuous mode [ 2194.807364][T25159] veth0_vlan: left promiscuous mode [ 2194.872298][T30910] Bluetooth: hci4: command tx timeout [ 2197.389617][T25159] team0 (unregistering): Port device team_slave_1 removed [ 2197.677951][T25159] team0 (unregistering): Port device team_slave_0 removed [ 2198.431771][T14075] ubi0: attaching mtd0 [ 2198.464194][T14075] ubi0: scanning is finished [ 2198.557834][T14075] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2199.001042][T14075] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2200.586720][T13675] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2200.632309][T13675] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2200.731204][T13675] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2200.790956][T13675] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2200.797927][T13675] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2200.909368][T13675] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2201.428203][T13675] hsr_slave_0: entered promiscuous mode [ 2201.467276][T13675] hsr_slave_1: entered promiscuous mode [ 2203.152533][T14214] ptrace attach of "./syz-executor exec"[1539] was attempted by ""[14214] [ 2204.019936][T13675] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2204.079884][T13675] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2204.148148][T13675] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2204.208960][T13675] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2204.583787][T14254] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7154'. [ 2204.700704][T14254] ipvlan1: entered promiscuous mode [ 2204.731913][T14254] ipvlan1: entered allmulticast mode [ 2205.184326][T13675] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2205.491578][T13675] 8021q: adding VLAN 0 to HW filter on device team0 [ 2205.660018][T25159] bridge0: port 1(bridge_slave_0) entered blocking state [ 2205.667645][T25159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2205.739660][T25159] bridge0: port 2(bridge_slave_1) entered blocking state [ 2205.746828][T25159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2206.201255][T14309] blktrace: Concurrent blktraces are not allowed on loop2 [ 2206.694655][T13675] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2206.952187][T13675] veth0_vlan: entered promiscuous mode [ 2207.093410][T13675] veth1_vlan: entered promiscuous mode [ 2207.559527][T13675] veth0_macvtap: entered promiscuous mode [ 2207.634337][T13675] veth1_macvtap: entered promiscuous mode [ 2207.748471][T13675] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2207.834828][T13675] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2207.895228][T25157] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2208.831518][T25157] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2208.888881][T25157] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2209.365434][T25157] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2209.617812][T17937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2209.672495][T17937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2209.781935][T17937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2209.818812][T17937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2210.270558][T14410] bond0: option lp_interval: invalid value (0) [ 2210.313903][T14410] bond0: option lp_interval: allowed values 1 - 2147483647 [ 2211.951685][T14439] ptrace attach of "./syz-executor exec"[13675] was attempted by ""[14439] [ 2212.766324][T14453] ptrace attach of "./syz-executor exec"[23871] was attempted by ""[14453] [ 2214.134790][T14481] ubi0: attaching mtd0 [ 2214.139963][T14481] ubi0: scanning is finished [ 2214.234020][T14481] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2214.915360][T14481] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2215.243953][T14510] ubi0: attaching mtd0 [ 2215.309518][T14510] ubi0: scanning is finished [ 2215.455956][T14510] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2215.491504][T14505] netlink: ct family unspecified [ 2215.537307][T14514] ptrace attach of "./syz-executor exec"[23871] was attempted by ""[14514] [ 2215.875275][T14510] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2215.966327][T14519] ubi0: attaching mtd0 [ 2216.003050][T14519] ubi0: scanning is finished [ 2216.032862][T14519] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2216.266722][T14525] binder: 14523:14525 unknown command 4294967282 [ 2216.312868][T14525] binder: 14523:14525 ioctl c0306201 2000000000c0 returned -22 [ 2216.464306][T14525] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7183'. [ 2216.543871][T14519] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2219.634088][T14594] ptrace attach of "./syz-executor exec"[9721] was attempted by "./syz-executor exec"[14594] [ 2220.901972][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 2220.909645][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 2227.262397][T14802] binder: 14775:14802 ioctl c00c620f 200000000180 returned -22 [ 2227.830858][T14815] ubi0: attaching mtd0 [ 2227.836035][T14815] ubi0: scanning is finished [ 2228.168640][T14815] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2228.911770][T14815] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2229.231411][T14911] ubi0: attaching mtd0 [ 2229.277557][T14911] ubi0: scanning is finished [ 2229.381728][T14911] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2230.187072][T14911] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2230.409399][T14937] capability: warning: `syz.1.7224' uses deprecated v2 capabilities in a way that may be insecure [ 2230.676693][T14941] ptrace attach of "./syz-executor exec"[23871] was attempted by ""[14941] [ 2230.709469][T14938] FAULT_INJECTION: forcing a failure. [ 2230.709469][T14938] name failslab, interval 1, probability 0, space 0, times 0 [ 2230.912405][T14938] CPU: 1 UID: 0 PID: 14938 Comm: syz.5.7223 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2230.912434][T14938] Tainted: [U]=USER [ 2230.912440][T14938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2230.912453][T14938] Call Trace: [ 2230.912459][T14938] [ 2230.912466][T14938] dump_stack_lvl+0x16c/0x1f0 [ 2230.912490][T14938] should_fail_ex+0x512/0x640 [ 2230.912516][T14938] should_failslab+0xc2/0x120 [ 2230.912536][T14938] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2230.912554][T14938] ? skb_clone+0x190/0x3f0 [ 2230.912575][T14938] skb_clone+0x190/0x3f0 [ 2230.912594][T14938] netlink_deliver_tap+0xabd/0xd30 [ 2230.912618][T14938] netlink_unicast+0x64c/0x870 [ 2230.912639][T14938] ? __pfx_netlink_unicast+0x10/0x10 [ 2230.912657][T14938] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2230.912684][T14938] ? __lock_acquire+0xb97/0x1ce0 [ 2230.912709][T14938] netlink_sendmsg+0x8d1/0xdd0 [ 2230.912732][T14938] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2230.912753][T14938] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 2230.912772][T14938] ____sys_sendmsg+0xa95/0xc70 [ 2230.912794][T14938] ? copy_msghdr_from_user+0x10a/0x160 [ 2230.912812][T14938] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2230.912838][T14938] ? __pfx_futex_wake_mark+0x10/0x10 [ 2230.912862][T14938] ___sys_sendmsg+0x134/0x1d0 [ 2230.912880][T14938] ? __pfx____sys_sendmsg+0x10/0x10 [ 2230.912921][T14938] __sys_sendmsg+0x16d/0x220 [ 2230.912939][T14938] ? __pfx___sys_sendmsg+0x10/0x10 [ 2230.912956][T14938] ? __x64_sys_futex+0x1e0/0x4c0 [ 2230.912985][T14938] do_syscall_64+0xcd/0x490 [ 2230.913005][T14938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2230.913020][T14938] RIP: 0033:0x7f83e1d8ebe9 [ 2230.913032][T14938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2230.913047][T14938] RSP: 002b:00007f83e2b1b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2230.913063][T14938] RAX: ffffffffffffffda RBX: 00007f83e1fb6090 RCX: 00007f83e1d8ebe9 [ 2230.913073][T14938] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 2230.913083][T14938] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2230.913093][T14938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2230.913102][T14938] R13: 00007f83e1fb6128 R14: 00007f83e1fb6090 R15: 00007ffc533d8fc8 [ 2230.913121][T14938] [ 2231.159307][ C1] vkms_vblank_simulate: vblank timer overrun [ 2231.444846][T14951] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 2232.189266][T14967] ubi0: attaching mtd0 [ 2232.238935][T14967] ubi0: scanning is finished [ 2232.326907][T14967] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2233.274784][T14967] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2234.309486][T14994] ptrace attach of "./syz-executor exec"[23871] was attempted by ""[14994] [ 2234.480080][T14998] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7233'. [ 2239.636242][T15097] ptrace attach of "./syz-executor exec"[23871] was attempted by "./syz-executor exec"[15097] [ 2239.801636][T15140] ptrace attach of "./syz-executor exec"[13675] was attempted by ""[15140] [ 2240.499978][T15156] netlink: 'syz.0.7255': attribute type 1 has an invalid length. [ 2241.763027][T15219] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2242.556974][T15242] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input51 [ 2243.234866][T15247] ptrace attach of "./syz-executor exec"[13675] was attempted by "./syz-executor exec"[15247] [ 2244.039484][T15290] ubi0: attaching mtd0 [ 2244.113906][T15290] ubi0: scanning is finished [ 2244.187155][T15290] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2244.595376][T15290] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2245.982717][T15352] ubi0: attaching mtd0 [ 2246.047368][T15352] ubi0: scanning is finished [ 2246.052169][T15352] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2246.550135][T15352] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2246.649036][T15358] ubi0: attaching mtd0 [ 2246.706315][T15358] ubi0: scanning is finished [ 2246.736920][T15358] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2247.190331][T15358] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2249.746541][T15419] ubi0: attaching mtd0 [ 2249.775616][T15419] ubi0: scanning is finished [ 2249.833694][T15419] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2249.947157][T15429] ptrace attach of "./syz-executor exec"[23871] was attempted by ""[15429] [ 2250.249203][T15419] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2250.492639][T15440] ptrace attach of "./syz-executor exec"[13675] was attempted by ""[15440] [ 2250.542664][T15440] FAULT_INJECTION: forcing a failure. [ 2250.542664][T15440] name failslab, interval 1, probability 0, space 0, times 0 [ 2250.629363][T15440] CPU: 1 UID: 0 PID: 15440 Comm: syz.1.7286 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2250.629392][T15440] Tainted: [U]=USER [ 2250.629397][T15440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2250.629406][T15440] Call Trace: [ 2250.629412][T15440] [ 2250.629418][T15440] dump_stack_lvl+0x16c/0x1f0 [ 2250.629443][T15440] should_fail_ex+0x512/0x640 [ 2250.629464][T15440] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2250.629484][T15440] should_failslab+0xc2/0x120 [ 2250.629504][T15440] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2250.629521][T15440] ? vm_area_dup+0x27/0x8d0 [ 2250.629540][T15440] vm_area_dup+0x27/0x8d0 [ 2250.629556][T15440] __split_vma+0x18e/0x1070 [ 2250.629575][T15440] ? __pfx___split_vma+0x10/0x10 [ 2250.629594][T15440] ? __pfx_mas_prev+0x10/0x10 [ 2250.629620][T15440] vms_gather_munmap_vmas+0x3b1/0x1340 [ 2250.629641][T15440] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 2250.629659][T15440] ? mas_walk+0x6f5/0x980 [ 2250.629681][T15440] __mmap_region+0x436/0x27b0 [ 2250.629700][T15440] ? __pfx___mmap_region+0x10/0x10 [ 2250.629716][T15440] ? __lock_acquire+0x62e/0x1ce0 [ 2250.629742][T15440] ? lock_acquire+0x179/0x350 [ 2250.629761][T15440] ? find_held_lock+0x2b/0x80 [ 2250.629775][T15440] ? page_table_check_set+0x627/0x750 [ 2250.629798][T15440] ? __lock_acquire+0x62e/0x1ce0 [ 2250.629840][T15440] ? trace_cap_capable+0x18d/0x200 [ 2250.629861][T15440] mmap_region+0x1ab/0x3f0 [ 2250.629878][T15440] ? __get_unmapped_area+0x267/0x440 [ 2250.629900][T15440] do_mmap+0xa3e/0x1210 [ 2250.629924][T15440] ? __pfx_do_mmap+0x10/0x10 [ 2250.629944][T15440] ? __pfx_down_write_killable+0x10/0x10 [ 2250.629968][T15440] vm_mmap_pgoff+0x29e/0x470 [ 2250.629995][T15440] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2250.630017][T15440] ? __fget_files+0x20e/0x3c0 [ 2250.630038][T15440] ksys_mmap_pgoff+0x7d/0x5c0 [ 2250.630058][T15440] ? __pfx_ksys_write+0x10/0x10 [ 2250.630077][T15440] __x64_sys_mmap+0x125/0x190 [ 2250.630101][T15440] do_syscall_64+0xcd/0x490 [ 2250.630121][T15440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2250.630136][T15440] RIP: 0033:0x7ff5b318ebe9 [ 2250.630149][T15440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2250.630163][T15440] RSP: 002b:00007ff5b407f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2250.630179][T15440] RAX: ffffffffffffffda RBX: 00007ff5b33b5fa0 RCX: 00007ff5b318ebe9 [ 2250.630193][T15440] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 2250.630203][T15440] RBP: 00007ff5b407f090 R08: 0000000000000401 R09: 0000000000008000 [ 2250.630212][T15440] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 2250.630220][T15440] R13: 00007ff5b33b6038 R14: 00007ff5b33b5fa0 R15: 00007ffcb3a4a238 [ 2250.630239][T15440] [ 2251.368038][T15444] ptrace attach of "./syz-executor exec"[23871] was attempted by "./syz-executor exec"[15444] [ 2251.949125][T15481] ubi0: attaching mtd0 [ 2251.999505][T15481] ubi0: scanning is finished [ 2252.018663][T15481] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2253.941052][ T7707] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2253.955028][ T7707] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2253.963776][ T7707] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2253.973255][ T7707] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2253.984634][ T7707] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2254.547459][T15505] ptrace attach of "./syz-executor exec"[13675] was attempted by "./syz-executor exec"[15505] [ 2256.076060][ T7707] Bluetooth: hci0: command tx timeout [ 2258.064737][T15481] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2258.152492][ T7707] Bluetooth: hci0: command tx timeout [ 2259.420514][T25159] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2259.712154][T15615] ubi0: attaching mtd0 [ 2259.753890][T15615] ubi0: scanning is finished [ 2259.836453][T15615] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2260.049482][T25159] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2260.085104][T15615] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2260.214854][ T7707] Bluetooth: hci0: command tx timeout [ 2260.778129][T25159] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2261.000984][T15503] chnl_net:caif_netlink_parms(): no params data found [ 2261.801687][T15503] bridge0: port 1(bridge_slave_0) entered blocking state [ 2261.861020][T15503] bridge0: port 1(bridge_slave_0) entered disabled state [ 2261.907220][T15503] bridge_slave_0: entered allmulticast mode [ 2261.946298][T15503] bridge_slave_0: entered promiscuous mode [ 2262.204990][T15503] bridge0: port 2(bridge_slave_1) entered blocking state [ 2262.247136][T15503] bridge0: port 2(bridge_slave_1) entered disabled state [ 2262.272340][T15779] ubi0: attaching mtd0 [ 2262.277890][T15779] ubi0: scanning is finished [ 2262.291495][ T7707] Bluetooth: hci0: command tx timeout [ 2262.312131][T15503] bridge_slave_1: entered allmulticast mode [ 2262.349252][T15503] bridge_slave_1: entered promiscuous mode [ 2262.452170][T15779] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2262.737108][T15503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2262.832017][T25159] hsr0: left allmulticast mode [ 2262.836995][T25159] hsr_slave_0: left allmulticast mode [ 2262.882525][T25159] hsr_slave_1: left allmulticast mode [ 2262.921605][T25159] hsr0: left promiscuous mode [ 2262.926768][T25159] bridge0: port 3(hsr0) entered disabled state [ 2262.999366][T25159] bridge_slave_1: left allmulticast mode [ 2263.029294][T25159] bridge_slave_1: left promiscuous mode [ 2263.035140][T25159] bridge0: port 2(bridge_slave_1) entered disabled state [ 2263.056167][T15779] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2263.097149][T25159] bridge_slave_0: left allmulticast mode [ 2263.141314][T25159] bridge_slave_0: left promiscuous mode [ 2263.163019][T25159] bridge0: port 1(bridge_slave_0) entered disabled state [ 2263.887230][T15837] : Can't lookup blockdev [ 2265.526772][T25159] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2265.584243][T25159] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2265.616471][T25159] bond0 (unregistering): Released all slaves [ 2265.675278][T15503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2265.830003][T25159] ovs_: left promiscuous mode [ 2265.955351][T15503] team0: Port device team_slave_0 added [ 2266.135108][T25159] HfR: left promiscuous mode [ 2266.183116][T15503] team0: Port device team_slave_1 added [ 2266.462116][T15503] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2266.497093][T15503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2266.615420][T15503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2266.781947][T15503] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2266.817586][T15503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2266.844359][ C1] vkms_vblank_simulate: vblank timer overrun [ 2266.928248][T15503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2267.327280][T15503] hsr_slave_0: entered promiscuous mode [ 2267.334259][T15503] hsr_slave_1: entered promiscuous mode [ 2267.376076][T15503] debugfs: 'hsr0' already exists in 'hsr' [ 2267.382084][T15503] Cannot create hsr debugfs directory [ 2267.536734][T25159] hsr_slave_0: left promiscuous mode [ 2267.579318][T25159] hsr_slave_1: left promiscuous mode [ 2267.602233][T25159] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2267.621764][T25159] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2267.656932][T25159] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2267.680016][T25159] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2267.741918][T25159] veth1_macvtap: left promiscuous mode [ 2267.766078][T25159] veth0_macvtap: left promiscuous mode [ 2267.803236][T25159] veth1_vlan: left promiscuous mode [ 2267.811844][T25159] veth0_vlan: left promiscuous mode [ 2269.983285][T25159] team0 (unregistering): Port device team_slave_1 removed [ 2270.213736][T25159] team0 (unregistering): Port device team_slave_0 removed [ 2273.682797][T16119] netlink: 'syz.1.7315': attribute type 1 has an invalid length. [ 2274.289700][T16128] ubi0: attaching mtd0 [ 2274.325680][T16128] ubi0: scanning is finished [ 2274.449347][T16128] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2274.740860][T16128] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2275.631356][T15503] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2275.744244][T15503] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2275.895719][T15503] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2275.974249][T15503] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2276.090109][T16162] ubi0: attaching mtd0 [ 2276.224808][T16162] ubi0: scanning is finished [ 2276.377263][T16162] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2276.390032][T15503] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2276.484791][T15503] 8021q: adding VLAN 0 to HW filter on device team0 [ 2276.547765][T25159] bridge0: port 1(bridge_slave_0) entered blocking state [ 2276.555247][T25159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2276.615254][T25159] bridge0: port 2(bridge_slave_1) entered blocking state [ 2276.622642][T25159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2276.836507][T15503] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2276.995085][T16162] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2278.138237][T15503] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2278.335386][T15503] veth0_vlan: entered promiscuous mode [ 2278.414972][T15503] veth1_vlan: entered promiscuous mode [ 2278.571573][T15503] veth0_macvtap: entered promiscuous mode [ 2278.683709][T15503] veth1_macvtap: entered promiscuous mode [ 2278.940909][T15503] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2279.059292][T15503] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2279.160902][ T7110] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2279.210926][ T7110] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2279.308873][ T7110] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2279.417691][ T7110] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2279.671124][ T7110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2279.731607][ T7110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2279.969287][T17937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2280.004302][T17937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2280.375951][T16250] ubi0: attaching mtd0 [ 2280.449598][T16250] ubi0: scanning is finished [ 2280.496835][T16250] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2280.922381][T16250] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2281.059631][T16269] binder: 16262:16269 ioctl c00c620f 200000000180 returned -22 [ 2282.021939][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 2282.029402][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 2283.477106][T16366] netlink: ct family unspecified [ 2283.685252][ T30] audit: type=1800 audit(4294968254.646:32): pid=16370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.7336" name="dbroot" dev="configfs" ino=185447 res=0 errno=0 [ 2283.859342][T16375] ptrace attach of "./syz-executor exec"[15503] was attempted by ""[16375] [ 2284.195359][T16380] serio: Serial port pty6 [ 2284.493068][T16395] ubi0: attaching mtd0 [ 2284.652926][T16395] ubi0: scanning is finished [ 2284.782855][T16395] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2285.284656][T16395] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2286.019198][T16412] ptrace attach of "./syz-executor exec"[13675] was attempted by "./syz-executor exec"[16412] [ 2288.693739][T16577] ubi0: attaching mtd0 [ 2288.745535][T16577] ubi0: scanning is finished [ 2288.763803][T16577] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2289.121203][T16577] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2289.785282][T16590] Unable to find swap-space signature [ 2290.515430][T16601] ubi0: attaching mtd0 [ 2290.632961][T16601] ubi0: scanning is finished [ 2290.699047][T16601] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2291.145889][T16601] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2291.666802][T16632] ubi0: attaching mtd0 [ 2291.745442][T16632] ubi0: scanning is finished [ 2291.805595][T16632] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2292.047660][T16633] netlink: ct family unspecified [ 2292.106712][T16632] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2292.549153][T16641] ubi0: attaching mtd0 [ 2292.596313][T16641] ubi0: scanning is finished [ 2292.641482][T16641] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2293.002451][T16641] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2293.173472][T16654] ubi0: attaching mtd0 [ 2293.211310][T16654] ubi0: scanning is finished [ 2293.216142][T16654] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2293.563367][T16654] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2295.117298][T16693] FAULT_INJECTION: forcing a failure. [ 2295.117298][T16693] name failslab, interval 1, probability 0, space 0, times 0 [ 2295.185688][T16693] CPU: 1 UID: 0 PID: 16693 Comm: syz.5.7378 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2295.185716][T16693] Tainted: [U]=USER [ 2295.185722][T16693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2295.185732][T16693] Call Trace: [ 2295.185738][T16693] [ 2295.185745][T16693] dump_stack_lvl+0x16c/0x1f0 [ 2295.185779][T16693] should_fail_ex+0x512/0x640 [ 2295.185800][T16693] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2295.185822][T16693] should_failslab+0xc2/0x120 [ 2295.185841][T16693] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2295.185859][T16693] ? __d_alloc+0x32/0xae0 [ 2295.185879][T16693] __d_alloc+0x32/0xae0 [ 2295.185898][T16693] d_alloc_parallel+0x111/0x1480 [ 2295.185924][T16693] ? find_held_lock+0x2b/0x80 [ 2295.185940][T16693] ? __pfx_d_alloc_parallel+0x10/0x10 [ 2295.185963][T16693] ? __d_lookup+0x266/0x4a0 [ 2295.185988][T16693] lookup_open.isra.0+0x665/0x1580 [ 2295.186007][T16693] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 2295.186033][T16693] ? lookup_fast+0x156/0x610 [ 2295.186049][T16693] path_openat+0x893/0x2cb0 [ 2295.186072][T16693] ? __pfx_path_openat+0x10/0x10 [ 2295.186093][T16693] do_filp_open+0x20b/0x470 [ 2295.186110][T16693] ? __pfx_do_filp_open+0x10/0x10 [ 2295.186133][T16693] ? __pfx_kfree_link+0x10/0x10 [ 2295.186160][T16693] ? alloc_fd+0x471/0x7d0 [ 2295.186180][T16693] do_sys_openat2+0x11b/0x1d0 [ 2295.186201][T16693] ? __pfx_do_sys_openat2+0x10/0x10 [ 2295.186229][T16693] __x64_sys_openat+0x174/0x210 [ 2295.186250][T16693] ? __pfx___x64_sys_openat+0x10/0x10 [ 2295.186279][T16693] do_syscall_64+0xcd/0x490 [ 2295.186298][T16693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2295.186313][T16693] RIP: 0033:0x7f83e1d8ebe9 [ 2295.186326][T16693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2295.186341][T16693] RSP: 002b:00007f83e2b3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2295.186355][T16693] RAX: ffffffffffffffda RBX: 00007f83e1fb5fa0 RCX: 00007f83e1d8ebe9 [ 2295.186365][T16693] RDX: 0000000000060080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2295.186374][T16693] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2295.186383][T16693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2295.186392][T16693] R13: 00007f83e1fb6038 R14: 00007f83e1fb5fa0 R15: 00007ffc533d8fc8 [ 2295.186411][T16693] [ 2295.429603][ C1] vkms_vblank_simulate: vblank timer overrun [ 2296.048117][T16695] ubi0: attaching mtd0 [ 2296.053423][T16695] ubi0: scanning is finished [ 2296.095425][T16695] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2296.375673][T16695] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2297.287391][T16713] ubi0: attaching mtd0 [ 2297.463543][T16713] ubi0: scanning is finished [ 2297.727718][T16713] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2298.872977][T16713] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2299.007401][T16732] ubi0: attaching mtd0 [ 2299.016272][T16732] ubi0: scanning is finished [ 2299.050697][T16732] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2299.372758][T16732] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2301.487186][T16778] ptrace attach of "./syz-executor exec"[1539] was attempted by "./syz-executor exec"[16778] [ 2302.149763][T16824] ubi0: attaching mtd0 [ 2302.204791][T16824] ubi0: scanning is finished [ 2302.209435][T16824] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2302.583507][T16824] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2302.629261][T16830] ubi0: attaching mtd0 [ 2302.684215][T16830] ubi0: scanning is finished [ 2302.721666][T16830] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2302.870520][T16825] netlink: ct family unspecified [ 2303.310088][T16830] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2305.027869][T16940] ubi0: attaching mtd0 [ 2305.115198][T16940] ubi0: scanning is finished [ 2305.349423][T16940] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2306.198377][T16940] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2306.447035][T16957] ubi0: attaching mtd0 [ 2306.472328][T16957] ubi0: scanning is finished [ 2306.476974][T16957] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2306.808103][T16957] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2306.868851][T16990] ubi0: attaching mtd0 [ 2306.890908][T16990] ubi0: scanning is finished [ 2306.895540][T16990] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2307.208555][T17002] FAULT_INJECTION: forcing a failure. [ 2307.208555][T17002] name failslab, interval 1, probability 0, space 0, times 0 [ 2307.264630][T17002] CPU: 1 UID: 0 PID: 17002 Comm: syz.0.7417 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2307.264658][T17002] Tainted: [U]=USER [ 2307.264664][T17002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2307.264673][T17002] Call Trace: [ 2307.264678][T17002] [ 2307.264685][T17002] dump_stack_lvl+0x16c/0x1f0 [ 2307.264708][T17002] should_fail_ex+0x512/0x640 [ 2307.264728][T17002] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2307.264748][T17002] should_failslab+0xc2/0x120 [ 2307.264768][T17002] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2307.264786][T17002] ? proc_alloc_inode+0x25/0x200 [ 2307.264808][T17002] ? __pfx_proc_alloc_inode+0x10/0x10 [ 2307.264825][T17002] proc_alloc_inode+0x25/0x200 [ 2307.264842][T17002] alloc_inode+0x61/0x240 [ 2307.264864][T17002] new_inode+0x22/0x1c0 [ 2307.264885][T17002] proc_pid_make_inode+0x22/0x160 [ 2307.264904][T17002] proc_pident_instantiate+0x85/0x310 [ 2307.264924][T17002] proc_pident_lookup+0x1f5/0x270 [ 2307.264947][T17002] __lookup_slow+0x251/0x460 [ 2307.264971][T17002] ? __pfx___lookup_slow+0x10/0x10 [ 2307.265004][T17002] ? lookup_fast+0x156/0x610 [ 2307.265021][T17002] walk_component+0x353/0x5b0 [ 2307.265038][T17002] link_path_walk+0x627/0xe20 [ 2307.265059][T17002] path_openat+0x1b0/0x2cb0 [ 2307.265075][T17002] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2307.265104][T17002] ? __pfx_path_openat+0x10/0x10 [ 2307.265126][T17002] do_filp_open+0x20b/0x470 [ 2307.265144][T17002] ? __pfx_do_filp_open+0x10/0x10 [ 2307.265167][T17002] ? __pfx_kfree_link+0x10/0x10 [ 2307.265194][T17002] ? alloc_fd+0x471/0x7d0 [ 2307.265214][T17002] do_sys_openat2+0x11b/0x1d0 [ 2307.265236][T17002] ? __pfx_do_sys_openat2+0x10/0x10 [ 2307.265259][T17002] ? __fget_files+0x20e/0x3c0 [ 2307.265278][T17002] __x64_sys_openat+0x174/0x210 [ 2307.265299][T17002] ? __pfx___x64_sys_openat+0x10/0x10 [ 2307.265320][T17002] ? ksys_write+0x1ac/0x250 [ 2307.265342][T17002] do_syscall_64+0xcd/0x490 [ 2307.265363][T17002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2307.265402][T17002] RIP: 0033:0x7f4b4778ebe9 [ 2307.265414][T17002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2307.265428][T17002] RSP: 002b:00007f4b486a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2307.265443][T17002] RAX: ffffffffffffffda RBX: 00007f4b479b5fa0 RCX: 00007f4b4778ebe9 [ 2307.265453][T17002] RDX: 0000000000060080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2307.265462][T17002] RBP: 00007f4b486a3090 R08: 0000000000000000 R09: 0000000000000000 [ 2307.265471][T17002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2307.265480][T17002] R13: 00007f4b479b6038 R14: 00007f4b479b5fa0 R15: 00007ffcafb735a8 [ 2307.265498][T17002] [ 2309.739716][T17038] FAULT_INJECTION: forcing a failure. [ 2309.739716][T17038] name failslab, interval 1, probability 0, space 0, times 0 [ 2309.966832][T17041] binder: 17033:17041 ioctl c00c620f 200000000180 returned -22 [ 2309.980483][T17038] CPU: 1 UID: 0 PID: 17038 Comm: syz.0.7423 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2309.980511][T17038] Tainted: [U]=USER [ 2309.980516][T17038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2309.980525][T17038] Call Trace: [ 2309.980532][T17038] [ 2309.980538][T17038] dump_stack_lvl+0x16c/0x1f0 [ 2309.980562][T17038] should_fail_ex+0x512/0x640 [ 2309.980582][T17038] ? __kmalloc_noprof+0xbf/0x510 [ 2309.980602][T17038] ? iter_file_splice_write+0x1cc/0x1270 [ 2309.980617][T17038] should_failslab+0xc2/0x120 [ 2309.980682][T17038] __kmalloc_noprof+0xd2/0x510 [ 2309.980703][T17038] iter_file_splice_write+0x1cc/0x1270 [ 2309.980722][T17038] ? kfree+0x2b4/0x4d0 [ 2309.980744][T17038] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2309.980760][T17038] ? __lock_acquire+0xb97/0x1ce0 [ 2309.980781][T17038] ? __pfx_copy_splice_read+0x10/0x10 [ 2309.980806][T17038] ? __pfx_iter_file_splice_write+0x10/0x10 [ 2309.980823][T17038] direct_splice_actor+0x192/0x6c0 [ 2309.980840][T17038] splice_direct_to_actor+0x342/0xa30 [ 2309.980857][T17038] ? __pfx_direct_splice_actor+0x10/0x10 [ 2309.980875][T17038] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2309.980892][T17038] ? get_pid_task+0xfc/0x250 [ 2309.980917][T17038] do_splice_direct+0x174/0x240 [ 2309.980932][T17038] ? __pfx_do_splice_direct+0x10/0x10 [ 2309.980951][T17038] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2309.980970][T17038] ? rw_verify_area+0xcf/0x6c0 [ 2309.980987][T17038] do_sendfile+0xb06/0xe50 [ 2309.981006][T17038] ? __pfx_do_sendfile+0x10/0x10 [ 2309.981022][T17038] ? __fget_files+0x20e/0x3c0 [ 2309.981043][T17038] __x64_sys_sendfile64+0x1d8/0x220 [ 2309.981061][T17038] ? ksys_write+0x1ac/0x250 [ 2309.981077][T17038] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2309.981110][T17038] do_syscall_64+0xcd/0x490 [ 2309.981130][T17038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2309.981146][T17038] RIP: 0033:0x7f4b4778ebe9 [ 2309.981158][T17038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2309.981173][T17038] RSP: 002b:00007f4b48640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2309.981187][T17038] RAX: ffffffffffffffda RBX: 00007f4b479b6270 RCX: 00007f4b4778ebe9 [ 2309.981197][T17038] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 2309.981206][T17038] RBP: 00007f4b48640090 R08: 0000000000000000 R09: 0000000000000000 [ 2309.981215][T17038] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 2309.981223][T17038] R13: 00007f4b479b6308 R14: 00007f4b479b6270 R15: 00007ffcafb735a8 [ 2309.981242][T17038] [ 2310.696071][T17009] Bluetooth: hci4: command 0x0406 tx timeout [ 2311.622475][T16990] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2311.666407][T17048] ubi0: attaching mtd0 [ 2311.671556][T17048] ubi0: scanning is finished [ 2311.715080][T17048] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2311.877734][T17103] netlink: ct family unspecified [ 2311.920653][T17048] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2312.667298][T17119] FAULT_INJECTION: forcing a failure. [ 2312.667298][T17119] name failslab, interval 1, probability 0, space 0, times 0 [ 2312.805784][T17119] CPU: 1 UID: 0 PID: 17119 Comm: syz.5.7429 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2312.805813][T17119] Tainted: [U]=USER [ 2312.805818][T17119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2312.805827][T17119] Call Trace: [ 2312.805833][T17119] [ 2312.805840][T17119] dump_stack_lvl+0x16c/0x1f0 [ 2312.805864][T17119] should_fail_ex+0x512/0x640 [ 2312.805887][T17119] ? __kmalloc_noprof+0xbf/0x510 [ 2312.805907][T17119] ? __register_sysctl_table+0xb3/0x1900 [ 2312.805927][T17119] should_failslab+0xc2/0x120 [ 2312.805946][T17119] __kmalloc_noprof+0xd2/0x510 [ 2312.805967][T17119] __register_sysctl_table+0xb3/0x1900 [ 2312.805988][T17119] ? is_module_address+0x5f/0xf0 [ 2312.806012][T17119] ? __pfx___register_sysctl_table+0x10/0x10 [ 2312.806032][T17119] ? is_module_address+0x69/0xf0 [ 2312.806051][T17119] ? register_net_sysctl_sz+0x228/0x3e0 [ 2312.806076][T17119] ? __asan_memcpy+0x3c/0x60 [ 2312.806092][T17119] xfrm_sysctl_init+0x1f5/0x2d0 [ 2312.806115][T17119] xfrm_net_init+0x842/0xcc0 [ 2312.806138][T17119] ? __pfx_xfrm_net_init+0x10/0x10 [ 2312.806157][T17119] ops_init+0x1e2/0x5f0 [ 2312.806178][T17119] setup_net+0x10f/0x380 [ 2312.806195][T17119] ? lockdep_init_map_type+0x5c/0x280 [ 2312.806217][T17119] ? __pfx_setup_net+0x10/0x10 [ 2312.806236][T17119] ? debug_mutex_init+0x37/0x70 [ 2312.806252][T17119] copy_net_ns+0x2a6/0x5f0 [ 2312.806275][T17119] create_new_namespaces+0x3ea/0xa90 [ 2312.806296][T17119] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2312.806314][T17119] ksys_unshare+0x45b/0xa40 [ 2312.806334][T17119] ? __pfx_ksys_unshare+0x10/0x10 [ 2312.806353][T17119] ? xfd_validate_state+0x61/0x180 [ 2312.806393][T17119] __x64_sys_unshare+0x31/0x40 [ 2312.806412][T17119] do_syscall_64+0xcd/0x490 [ 2312.806433][T17119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2312.806448][T17119] RIP: 0033:0x7f83e1d8ebe9 [ 2312.806460][T17119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2312.806475][T17119] RSP: 002b:00007f83dfff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2312.806490][T17119] RAX: ffffffffffffffda RBX: 00007f83e1fb6180 RCX: 00007f83e1d8ebe9 [ 2312.806501][T17119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2312.806510][T17119] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2312.806519][T17119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2312.806528][T17119] R13: 00007f83e1fb6218 R14: 00007f83e1fb6180 R15: 00007ffc533d8fc8 [ 2312.806547][T17119] [ 2313.939634][T17166] ubi0: attaching mtd0 [ 2314.202366][T17166] ubi0: scanning is finished [ 2314.207170][T17166] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2314.300495][T17169] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input53 [ 2314.348999][T17160] usb usb24: usbfs: process 17160 (syz.0.7434) did not claim interface 0 before use [ 2314.392710][T17166] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2316.506749][T17251] ubi0: attaching mtd0 [ 2316.545524][T17251] ubi0: scanning is finished [ 2316.570530][T17251] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2317.009414][T17251] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2318.921829][T17283] ptrace attach of "./syz-executor exec"[15503] was attempted by "./syz-executor exec"[17283] [ 2319.344564][T17319] netlink: 330 bytes leftover after parsing attributes in process `syz.1.7448'. [ 2319.480865][T17337] FAULT_INJECTION: forcing a failure. [ 2319.480865][T17337] name failslab, interval 1, probability 0, space 0, times 0 [ 2319.587500][T17337] CPU: 1 UID: 0 PID: 17337 Comm: syz.0.7450 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2319.587528][T17337] Tainted: [U]=USER [ 2319.587533][T17337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2319.587543][T17337] Call Trace: [ 2319.587549][T17337] [ 2319.587555][T17337] dump_stack_lvl+0x16c/0x1f0 [ 2319.587579][T17337] should_fail_ex+0x512/0x640 [ 2319.587598][T17337] ? fs_reclaim_acquire+0xae/0x150 [ 2319.587622][T17337] should_failslab+0xc2/0x120 [ 2319.587641][T17337] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2319.587659][T17337] ? security_inode_alloc+0x3b/0x2b0 [ 2319.587679][T17337] security_inode_alloc+0x3b/0x2b0 [ 2319.587695][T17337] inode_init_always_gfp+0xce4/0x1030 [ 2319.587715][T17337] alloc_inode+0x86/0x240 [ 2319.587736][T17337] new_inode+0x22/0x1c0 [ 2319.587757][T17337] proc_pid_make_inode+0x22/0x160 [ 2319.587777][T17337] proc_pident_instantiate+0x85/0x310 [ 2319.587798][T17337] proc_pident_lookup+0x1f5/0x270 [ 2319.587821][T17337] __lookup_slow+0x251/0x460 [ 2319.587843][T17337] ? __pfx___lookup_slow+0x10/0x10 [ 2319.587876][T17337] ? lookup_fast+0x156/0x610 [ 2319.587893][T17337] walk_component+0x353/0x5b0 [ 2319.587909][T17337] link_path_walk+0x627/0xe20 [ 2319.587936][T17337] path_openat+0x1b0/0x2cb0 [ 2319.587952][T17337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2319.587974][T17337] ? __pfx_path_openat+0x10/0x10 [ 2319.587996][T17337] do_filp_open+0x20b/0x470 [ 2319.588013][T17337] ? __pfx_do_filp_open+0x10/0x10 [ 2319.588037][T17337] ? __pfx_kfree_link+0x10/0x10 [ 2319.588064][T17337] ? alloc_fd+0x471/0x7d0 [ 2319.588085][T17337] do_sys_openat2+0x11b/0x1d0 [ 2319.588107][T17337] ? __pfx_do_sys_openat2+0x10/0x10 [ 2319.588130][T17337] ? __fget_files+0x20e/0x3c0 [ 2319.588149][T17337] __x64_sys_openat+0x174/0x210 [ 2319.588171][T17337] ? __pfx___x64_sys_openat+0x10/0x10 [ 2319.588192][T17337] ? ksys_write+0x1ac/0x250 [ 2319.588215][T17337] do_syscall_64+0xcd/0x490 [ 2319.588235][T17337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2319.588249][T17337] RIP: 0033:0x7f4b4778ebe9 [ 2319.588262][T17337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2319.588276][T17337] RSP: 002b:00007f4b486a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2319.588290][T17337] RAX: ffffffffffffffda RBX: 00007f4b479b5fa0 RCX: 00007f4b4778ebe9 [ 2319.588300][T17337] RDX: 0000000000060080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2319.588310][T17337] RBP: 00007f4b486a3090 R08: 0000000000000000 R09: 0000000000000000 [ 2319.588318][T17337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2319.588327][T17337] R13: 00007f4b479b6038 R14: 00007f4b479b5fa0 R15: 00007ffcafb735a8 [ 2319.588346][T17337] [ 2320.863762][T17319] mac80211_hwsim hwsim52 ›: renamed from wlan0 (while UP) [ 2325.243165][T17494] i2c i2c-0: delete_device: Extra parameters [ 2326.169815][T17517] ubi0: attaching mtd0 [ 2326.363885][T17517] ubi0: scanning is finished [ 2326.465136][T17517] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2327.399462][T17517] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2327.487839][T17531] ubi0: attaching mtd0 [ 2327.535416][T17531] ubi0: scanning is finished [ 2327.540080][T17531] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2327.966235][T17531] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2330.000610][T17583] ptrace attach of "./syz-executor exec"[13675] was attempted by "./syz-executor exec"[17583] [ 2331.967279][T17693] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7476'. [ 2332.056681][T17687] FAULT_INJECTION: forcing a failure. [ 2332.056681][T17687] name failslab, interval 1, probability 0, space 0, times 0 [ 2332.236704][T17693] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2332.336854][T17693] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2332.359209][T17687] CPU: 1 UID: 0 PID: 17687 Comm: syz.4.7475 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2332.359235][T17687] Tainted: [U]=USER [ 2332.359241][T17687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2332.359259][T17687] Call Trace: [ 2332.359267][T17687] [ 2332.359274][T17687] dump_stack_lvl+0x16c/0x1f0 [ 2332.359298][T17687] should_fail_ex+0x512/0x640 [ 2332.359319][T17687] ? __kmalloc_noprof+0xbf/0x510 [ 2332.359338][T17687] ? lsm_blob_alloc+0x68/0x90 [ 2332.359361][T17687] should_failslab+0xc2/0x120 [ 2332.359379][T17687] __kmalloc_noprof+0xd2/0x510 [ 2332.359400][T17687] lsm_blob_alloc+0x68/0x90 [ 2332.359422][T17687] security_sk_alloc+0x30/0x270 [ 2332.359438][T17687] sk_prot_alloc+0xfb/0x2a0 [ 2332.359462][T17687] sk_alloc+0x36/0xc20 [ 2332.359479][T17687] inet_create+0x3a1/0x1040 [ 2332.359494][T17687] ? inet_create+0x93/0x1040 [ 2332.359511][T17687] __sock_create+0x335/0x8d0 [ 2332.359536][T17687] inet_ctl_sock_create+0x94/0x230 [ 2332.359559][T17687] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 2332.359580][T17687] ? lockdep_init_map_type+0x5c/0x280 [ 2332.359601][T17687] ? lockdep_init_map_type+0x5c/0x280 [ 2332.359624][T17687] ? __pfx_igmp_net_init+0x10/0x10 [ 2332.359640][T17687] igmp_net_init+0xd0/0x1a0 [ 2332.359655][T17687] ops_init+0x1e2/0x5f0 [ 2332.359677][T17687] setup_net+0x10f/0x380 [ 2332.359695][T17687] ? lockdep_init_map_type+0x5c/0x280 [ 2332.359714][T17687] ? __pfx_setup_net+0x10/0x10 [ 2332.359733][T17687] ? debug_mutex_init+0x37/0x70 [ 2332.359749][T17687] copy_net_ns+0x2a6/0x5f0 [ 2332.359771][T17687] create_new_namespaces+0x3ea/0xa90 [ 2332.359792][T17687] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2332.359810][T17687] ksys_unshare+0x45b/0xa40 [ 2332.359830][T17687] ? __pfx_ksys_unshare+0x10/0x10 [ 2332.359850][T17687] ? xfd_validate_state+0x61/0x180 [ 2332.359876][T17687] __x64_sys_unshare+0x31/0x40 [ 2332.359901][T17687] do_syscall_64+0xcd/0x490 [ 2332.359923][T17687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2332.359938][T17687] RIP: 0033:0x7f961d78ebe9 [ 2332.359951][T17687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2332.359965][T17687] RSP: 002b:00007f961e639038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2332.359980][T17687] RAX: ffffffffffffffda RBX: 00007f961d9b6180 RCX: 00007f961d78ebe9 [ 2332.359991][T17687] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2332.360000][T17687] RBP: 00007f961d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 2332.360009][T17687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2332.360018][T17687] R13: 00007f961d9b6218 R14: 00007f961d9b6180 R15: 00007ffe880d4d38 [ 2332.360038][T17687] [ 2332.360099][T17687] Failed to initialize the IGMP autojoin socket (err -12) [ 2333.300037][T17711] netlink: ct family unspecified [ 2333.562503][T17693] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2333.570079][T17693] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2334.505690][T17728] ubi0: attaching mtd0 [ 2334.510901][T17728] ubi0: scanning is finished [ 2334.569133][T17728] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2335.133925][T17728] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2335.417331][T17758] random: crng reseeded on system resumption [ 2335.771885][T17761] ubi0: attaching mtd0 [ 2335.777009][T17761] ubi0: scanning is finished [ 2335.837594][T17761] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2336.190867][T17761] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2336.830851][T17795] svc: failed to register nfsdv3 RPC service (errno 111). [ 2336.888778][T17795] svc: failed to register nfsaclv3 RPC service (errno 111). [ 2339.376157][T17847] ptrace attach of "./syz-executor exec"[13675] was attempted by ""[17847] [ 2339.505786][T17849] FAULT_INJECTION: forcing a failure. [ 2339.505786][T17849] name failslab, interval 1, probability 0, space 0, times 0 [ 2339.680668][T17849] CPU: 1 UID: 0 PID: 17849 Comm: syz.1.7493 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2339.680697][T17849] Tainted: [U]=USER [ 2339.680702][T17849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2339.680711][T17849] Call Trace: [ 2339.680717][T17849] [ 2339.680723][T17849] dump_stack_lvl+0x16c/0x1f0 [ 2339.680747][T17849] should_fail_ex+0x512/0x640 [ 2339.680767][T17849] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2339.680787][T17849] should_failslab+0xc2/0x120 [ 2339.680806][T17849] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2339.680824][T17849] ? __d_alloc+0x32/0xae0 [ 2339.680844][T17849] __d_alloc+0x32/0xae0 [ 2339.680864][T17849] d_alloc_pseudo+0x1c/0xc0 [ 2339.680885][T17849] alloc_file_pseudo+0xcf/0x230 [ 2339.680907][T17849] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2339.680934][T17849] __shmem_file_setup+0x1a3/0x330 [ 2339.680951][T17849] shmem_zero_setup+0x93/0x1a0 [ 2339.680970][T17849] __mmap_region+0x2081/0x27b0 [ 2339.680991][T17849] ? __pfx___mmap_region+0x10/0x10 [ 2339.681006][T17849] ? __lock_acquire+0x62e/0x1ce0 [ 2339.681032][T17849] ? lock_acquire+0x179/0x350 [ 2339.681051][T17849] ? find_held_lock+0x2b/0x80 [ 2339.681096][T17849] ? trace_cap_capable+0x18d/0x200 [ 2339.681121][T17849] mmap_region+0x1ab/0x3f0 [ 2339.681138][T17849] ? __get_unmapped_area+0x267/0x440 [ 2339.681161][T17849] do_mmap+0xa3e/0x1210 [ 2339.681184][T17849] ? __pfx_do_mmap+0x10/0x10 [ 2339.681204][T17849] ? __pfx_down_write_killable+0x10/0x10 [ 2339.681229][T17849] vm_mmap_pgoff+0x29e/0x470 [ 2339.681252][T17849] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2339.681274][T17849] ? __fget_files+0x20e/0x3c0 [ 2339.681301][T17849] ksys_mmap_pgoff+0x7d/0x5c0 [ 2339.681323][T17849] ? __pfx_ksys_write+0x10/0x10 [ 2339.681342][T17849] __x64_sys_mmap+0x125/0x190 [ 2339.681366][T17849] do_syscall_64+0xcd/0x490 [ 2339.681386][T17849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2339.681401][T17849] RIP: 0033:0x7ff5b318ebe9 [ 2339.681413][T17849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2339.681427][T17849] RSP: 002b:00007ff5b405e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2339.681442][T17849] RAX: ffffffffffffffda RBX: 00007ff5b33b6090 RCX: 00007ff5b318ebe9 [ 2339.681452][T17849] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 2339.681461][T17849] RBP: 00007ff5b405e090 R08: 0000000000000401 R09: 0000000000008000 [ 2339.681470][T17849] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 2339.681478][T17849] R13: 00007ff5b33b6128 R14: 00007ff5b33b6090 R15: 00007ffcb3a4a238 [ 2339.681498][T17849] [ 2339.951078][ C1] vkms_vblank_simulate: vblank timer overrun [ 2341.876562][T17868] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 2343.147959][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 2343.154594][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 2343.215206][T17915] ubi0: attaching mtd0 [ 2343.254050][T17915] ubi0: scanning is finished [ 2343.299871][T17915] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2343.554140][T17915] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2345.136859][T17927] ptrace attach of "./syz-executor exec"[9721] was attempted by "./syz-executor exec"[17927] [ 2345.532256][T17959] ubi0: attaching mtd0 [ 2345.572919][T17959] ubi0: scanning is finished [ 2345.577564][T17959] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2346.110824][T17959] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2346.234537][T17975] ubi0: attaching mtd0 [ 2346.239719][T17975] ubi0: scanning is finished [ 2346.359250][T17975] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2346.514036][T17991] FAULT_INJECTION: forcing a failure. [ 2346.514036][T17991] name failslab, interval 1, probability 0, space 0, times 0 [ 2346.666736][T17991] CPU: 1 UID: 0 PID: 17991 Comm: syz.0.7513 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2346.666765][T17991] Tainted: [U]=USER [ 2346.666770][T17991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2346.666779][T17991] Call Trace: [ 2346.666785][T17991] [ 2346.666792][T17991] dump_stack_lvl+0x16c/0x1f0 [ 2346.666815][T17991] should_fail_ex+0x512/0x640 [ 2346.666836][T17991] ? __kmalloc_noprof+0xbf/0x510 [ 2346.666854][T17991] ? iovec_from_user+0x108/0x140 [ 2346.666866][T17991] should_failslab+0xc2/0x120 [ 2346.666885][T17991] __kmalloc_noprof+0xd2/0x510 [ 2346.666906][T17991] iovec_from_user+0x108/0x140 [ 2346.666921][T17991] __import_iovec+0x88/0x650 [ 2346.666934][T17991] ? __might_fault+0xe3/0x190 [ 2346.666949][T17991] ? __might_fault+0x13b/0x190 [ 2346.666968][T17991] import_iovec+0x86/0xb0 [ 2346.666983][T17991] copy_msghdr_from_user+0xf9/0x160 [ 2346.667002][T17991] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2346.667024][T17991] ? __pfx__kstrtoull+0x10/0x10 [ 2346.667044][T17991] ___sys_sendmsg+0xfe/0x1d0 [ 2346.667063][T17991] ? __pfx____sys_sendmsg+0x10/0x10 [ 2346.667089][T17991] ? find_held_lock+0x2b/0x80 [ 2346.667115][T17991] __sys_sendmmsg+0x200/0x420 [ 2346.667135][T17991] ? __pfx___sys_sendmmsg+0x10/0x10 [ 2346.667159][T17991] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2346.667185][T17991] ? fput+0x9b/0xd0 [ 2346.667205][T17991] ? ksys_write+0x1ac/0x250 [ 2346.667221][T17991] ? __pfx_ksys_write+0x10/0x10 [ 2346.667240][T17991] __x64_sys_sendmmsg+0x9c/0x100 [ 2346.667258][T17991] ? lockdep_hardirqs_on+0x7c/0x110 [ 2346.667275][T17991] do_syscall_64+0xcd/0x490 [ 2346.667295][T17991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2346.667311][T17991] RIP: 0033:0x7f4b4778ebe9 [ 2346.667323][T17991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2346.667337][T17991] RSP: 002b:00007f4b48682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2346.667353][T17991] RAX: ffffffffffffffda RBX: 00007f4b479b6090 RCX: 00007f4b4778ebe9 [ 2346.667362][T17991] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 2346.667371][T17991] RBP: 00007f4b48682090 R08: 0000000000000000 R09: 0000000000000000 [ 2346.667381][T17991] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000001 [ 2346.667389][T17991] R13: 00007f4b479b6128 R14: 00007f4b479b6090 R15: 00007ffcafb735a8 [ 2346.667407][T17991] [ 2346.913947][ C1] vkms_vblank_simulate: vblank timer overrun [ 2347.440675][T17975] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2347.573007][T17997] ubi0: attaching mtd0 [ 2347.628039][T17997] ubi0: scanning is finished [ 2347.632907][T17997] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2348.324246][T17997] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2348.635324][T18022] FAULT_INJECTION: forcing a failure. [ 2348.635324][T18022] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.833310][T18022] CPU: 1 UID: 0 PID: 18022 Comm: syz.1.7517 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2348.833338][T18022] Tainted: [U]=USER [ 2348.833343][T18022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2348.833352][T18022] Call Trace: [ 2348.833358][T18022] [ 2348.833364][T18022] dump_stack_lvl+0x16c/0x1f0 [ 2348.833387][T18022] should_fail_ex+0x512/0x640 [ 2348.833407][T18022] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 2348.833424][T18022] should_failslab+0xc2/0x120 [ 2348.833447][T18022] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2348.833462][T18022] ? kstrdup_quotable_cmdline+0x132/0x210 [ 2348.833478][T18022] ? kstrdup_quotable_cmdline+0x52/0x210 [ 2348.833497][T18022] kstrdup_quotable_cmdline+0x52/0x210 [ 2348.833515][T18022] __report_access+0x77/0x370 [ 2348.833535][T18022] ? _raw_spin_unlock_irq+0x23/0x50 [ 2348.833553][T18022] task_work_run+0x150/0x240 [ 2348.833576][T18022] ? __pfx_task_work_run+0x10/0x10 [ 2348.833596][T18022] ? ksys_write+0x1ac/0x250 [ 2348.833614][T18022] ? __pfx_ksys_write+0x10/0x10 [ 2348.833634][T18022] exit_to_user_mode_loop+0xeb/0x110 [ 2348.833657][T18022] do_syscall_64+0x3f6/0x490 [ 2348.833682][T18022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2348.833701][T18022] RIP: 0033:0x7ff5b318ebe9 [ 2348.833713][T18022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2348.833727][T18022] RSP: 002b:00007ff5b407f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 2348.833742][T18022] RAX: ffffffffffffffff RBX: 00007ff5b33b5fa0 RCX: 00007ff5b318ebe9 [ 2348.833752][T18022] RDX: 0000000000000003 RSI: 0000200000002980 RDI: 0000000000000001 [ 2348.833761][T18022] RBP: 00007ff5b407f090 R08: 0000000000000004 R09: 0000000000000000 [ 2348.833770][T18022] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000001 [ 2348.833779][T18022] R13: 00007ff5b33b6038 R14: 00007ff5b33b5fa0 R15: 00007ffcb3a4a238 [ 2348.833797][T18022] [ 2348.834402][T18022] ptrace attach of "./syz-executor exec"[13675] was attempted by "(null)"[18022] [ 2349.223464][T18051] ubi0: attaching mtd0 [ 2349.292880][T18051] ubi0: scanning is finished [ 2349.297538][T18051] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2350.289808][T18050] ptrace attach of "./syz-executor exec"[15503] was attempted by "./syz-executor exec"[18050] [ 2350.323137][T18051] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2351.255775][T18094] FAULT_INJECTION: forcing a failure. [ 2351.255775][T18094] name failslab, interval 1, probability 0, space 0, times 0 [ 2351.315704][T18099] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 2351.503065][T18094] CPU: 1 UID: 0 PID: 18094 Comm: syz.4.7523 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2351.503095][T18094] Tainted: [U]=USER [ 2351.503101][T18094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2351.503111][T18094] Call Trace: [ 2351.503117][T18094] [ 2351.503123][T18094] dump_stack_lvl+0x16c/0x1f0 [ 2351.503148][T18094] should_fail_ex+0x512/0x640 [ 2351.503170][T18094] ? __kmalloc_node_noprof+0xc5/0x500 [ 2351.503193][T18094] should_failslab+0xc2/0x120 [ 2351.503213][T18094] __kmalloc_node_noprof+0xd8/0x500 [ 2351.503229][T18094] ? __get_vm_area_node+0x208/0x330 [ 2351.503251][T18094] ? __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 2351.503277][T18094] __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 2351.503300][T18094] ? look_up_lock_class+0x59/0x150 [ 2351.503322][T18094] ? n_tty_open+0x1a/0x170 [ 2351.503349][T18094] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2351.503384][T18094] ? console_unlock+0x184/0x210 [ 2351.503398][T18094] ? __pfx_console_unlock+0x10/0x10 [ 2351.503415][T18094] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 2351.503441][T18094] ? n_tty_open+0x1a/0x170 [ 2351.503461][T18094] __vmalloc_node_noprof+0xad/0xf0 [ 2351.503484][T18094] ? n_tty_open+0x1a/0x170 [ 2351.503504][T18094] ? __pfx_n_tty_open+0x10/0x10 [ 2351.503525][T18094] n_tty_open+0x1a/0x170 [ 2351.503545][T18094] ? __pfx_n_tty_open+0x10/0x10 [ 2351.503565][T18094] tty_ldisc_open+0x9c/0x120 [ 2351.503583][T18094] tty_ldisc_setup+0x40/0x100 [ 2351.503600][T18094] tty_init_dev.part.0+0x1ec/0x500 [ 2351.503622][T18094] tty_open+0xa50/0xf90 [ 2351.503649][T18094] ? __pfx_tty_open+0x10/0x10 [ 2351.503671][T18094] ? chrdev_open+0x10b/0x6a0 [ 2351.503693][T18094] ? __pfx_tty_open+0x10/0x10 [ 2351.503712][T18094] chrdev_open+0x231/0x6a0 [ 2351.503729][T18094] ? __pfx_apparmor_file_open+0x10/0x10 [ 2351.503745][T18094] ? __pfx_chrdev_open+0x10/0x10 [ 2351.503770][T18094] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2351.503791][T18094] do_dentry_open+0x97f/0x1530 [ 2351.503811][T18094] ? __pfx_chrdev_open+0x10/0x10 [ 2351.503833][T18094] vfs_open+0x82/0x3f0 [ 2351.503857][T18094] path_openat+0x1de4/0x2cb0 [ 2351.503881][T18094] ? __pfx_path_openat+0x10/0x10 [ 2351.503903][T18094] do_filp_open+0x20b/0x470 [ 2351.503920][T18094] ? __pfx_do_filp_open+0x10/0x10 [ 2351.503951][T18094] ? alloc_fd+0x471/0x7d0 [ 2351.503972][T18094] do_sys_openat2+0x11b/0x1d0 [ 2351.503993][T18094] ? __pfx_do_sys_openat2+0x10/0x10 [ 2351.504023][T18094] __x64_sys_openat+0x174/0x210 [ 2351.504045][T18094] ? __pfx___x64_sys_openat+0x10/0x10 [ 2351.504075][T18094] do_syscall_64+0xcd/0x490 [ 2351.504095][T18094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2351.504110][T18094] RIP: 0033:0x7f961d78ebe9 [ 2351.504123][T18094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2351.504137][T18094] RSP: 002b:00007f961e67b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2351.504152][T18094] RAX: ffffffffffffffda RBX: 00007f961d9b5fa0 RCX: 00007f961d78ebe9 [ 2351.504161][T18094] RDX: 0000000000000800 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2351.504171][T18094] RBP: 00007f961d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 2351.504181][T18094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2351.504190][T18094] R13: 00007f961d9b6038 R14: 00007f961d9b5fa0 R15: 00007ffe880d4d38 [ 2351.504209][T18094] [ 2351.839548][ C1] vkms_vblank_simulate: vblank timer overrun [ 2352.233115][T18094] warn_alloc: 1 callbacks suppressed [ 2352.233132][T18094] syz.4.7523: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 2352.558872][T18094] CPU: 1 UID: 0 PID: 18094 Comm: syz.4.7523 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2352.558902][T18094] Tainted: [U]=USER [ 2352.558908][T18094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2352.558917][T18094] Call Trace: [ 2352.558923][T18094] [ 2352.558931][T18094] dump_stack_lvl+0x16c/0x1f0 [ 2352.558956][T18094] warn_alloc+0x248/0x3a0 [ 2352.558977][T18094] ? __pfx_warn_alloc+0x10/0x10 [ 2352.558994][T18094] ? dump_stack_lvl+0x1a3/0x1f0 [ 2352.559018][T18094] ? rcu_is_watching+0x12/0xc0 [ 2352.559033][T18094] ? trace_kmalloc+0x2b/0xd0 [ 2352.559054][T18094] ? __get_vm_area_node+0x208/0x330 [ 2352.559081][T18094] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 2352.559107][T18094] ? look_up_lock_class+0x59/0x150 [ 2352.559133][T18094] ? n_tty_open+0x1a/0x170 [ 2352.559159][T18094] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 2352.559180][T18094] ? console_unlock+0x184/0x210 [ 2352.559194][T18094] ? __pfx_console_unlock+0x10/0x10 [ 2352.559209][T18094] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 2352.559234][T18094] ? n_tty_open+0x1a/0x170 [ 2352.559253][T18094] __vmalloc_node_noprof+0xad/0xf0 [ 2352.559279][T18094] ? n_tty_open+0x1a/0x170 [ 2352.559299][T18094] ? __pfx_n_tty_open+0x10/0x10 [ 2352.559328][T18094] n_tty_open+0x1a/0x170 [ 2352.559349][T18094] ? __pfx_n_tty_open+0x10/0x10 [ 2352.559370][T18094] tty_ldisc_open+0x9c/0x120 [ 2352.559388][T18094] tty_ldisc_setup+0x40/0x100 [ 2352.559406][T18094] tty_init_dev.part.0+0x1ec/0x500 [ 2352.559427][T18094] tty_open+0xa50/0xf90 [ 2352.559450][T18094] ? __pfx_tty_open+0x10/0x10 [ 2352.559469][T18094] ? chrdev_open+0x10b/0x6a0 [ 2352.559490][T18094] ? __pfx_tty_open+0x10/0x10 [ 2352.559509][T18094] chrdev_open+0x231/0x6a0 [ 2352.559526][T18094] ? __pfx_apparmor_file_open+0x10/0x10 [ 2352.559542][T18094] ? __pfx_chrdev_open+0x10/0x10 [ 2352.559561][T18094] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2352.559581][T18094] do_dentry_open+0x97f/0x1530 [ 2352.559600][T18094] ? __pfx_chrdev_open+0x10/0x10 [ 2352.559626][T18094] vfs_open+0x82/0x3f0 [ 2352.559649][T18094] path_openat+0x1de4/0x2cb0 [ 2352.559673][T18094] ? __pfx_path_openat+0x10/0x10 [ 2352.559696][T18094] do_filp_open+0x20b/0x470 [ 2352.559713][T18094] ? __pfx_do_filp_open+0x10/0x10 [ 2352.559744][T18094] ? alloc_fd+0x471/0x7d0 [ 2352.559765][T18094] do_sys_openat2+0x11b/0x1d0 [ 2352.559786][T18094] ? __pfx_do_sys_openat2+0x10/0x10 [ 2352.559815][T18094] __x64_sys_openat+0x174/0x210 [ 2352.559836][T18094] ? __pfx___x64_sys_openat+0x10/0x10 [ 2352.559866][T18094] do_syscall_64+0xcd/0x490 [ 2352.559886][T18094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2352.559901][T18094] RIP: 0033:0x7f961d78ebe9 [ 2352.559914][T18094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2352.559929][T18094] RSP: 002b:00007f961e67b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2352.559944][T18094] RAX: ffffffffffffffda RBX: 00007f961d9b5fa0 RCX: 00007f961d78ebe9 [ 2352.559955][T18094] RDX: 0000000000000800 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2352.559964][T18094] RBP: 00007f961d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 2352.559973][T18094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2352.559982][T18094] R13: 00007f961d9b6038 R14: 00007f961d9b5fa0 R15: 00007ffe880d4d38 [ 2352.560003][T18094] [ 2352.561246][T18094] Mem-Info: [ 2352.846221][ C1] vkms_vblank_simulate: vblank timer overrun [ 2353.126910][T18114] ubi0: attaching mtd0 [ 2353.156917][T18114] ubi0: scanning is finished [ 2353.171978][T18114] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2354.586683][T18114] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2354.839383][T18127] FAULT_INJECTION: forcing a failure. [ 2354.839383][T18127] name failslab, interval 1, probability 0, space 0, times 0 [ 2355.089772][T18127] CPU: 1 UID: 0 PID: 18127 Comm: syz.0.7529 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2355.089802][T18127] Tainted: [U]=USER [ 2355.089807][T18127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2355.089817][T18127] Call Trace: [ 2355.089824][T18127] [ 2355.089831][T18127] dump_stack_lvl+0x16c/0x1f0 [ 2355.089855][T18127] should_fail_ex+0x512/0x640 [ 2355.089876][T18127] ? __kmalloc_noprof+0xbf/0x510 [ 2355.089894][T18127] ? constrain_params_by_rules+0x175/0xca0 [ 2355.089915][T18127] should_failslab+0xc2/0x120 [ 2355.089934][T18127] __kmalloc_noprof+0xd2/0x510 [ 2355.089950][T18127] ? kasan_quarantine_put+0x10a/0x240 [ 2355.089966][T18127] ? lockdep_hardirqs_on+0x7c/0x110 [ 2355.089987][T18127] constrain_params_by_rules+0x175/0xca0 [ 2355.090008][T18127] ? constrain_params_by_rules+0xa09/0xca0 [ 2355.090033][T18127] ? constrain_params_by_rules+0xa0e/0xca0 [ 2355.090057][T18127] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 2355.090084][T18127] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 2355.090128][T18127] snd_pcm_hw_refine+0x7de/0xad0 [ 2355.090154][T18127] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 2355.090179][T18127] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 2355.090204][T18127] ? snd_pcm_hw_param_value+0x266/0x5b0 [ 2355.090228][T18127] snd_pcm_hw_param_first+0x334/0x6f0 [ 2355.090251][T18127] ? trace_hw_mask_param+0x18b/0x200 [ 2355.090272][T18127] snd_pcm_hw_params+0x5eb/0x1ba0 [ 2355.090291][T18127] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 2355.090307][T18127] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 2355.090333][T18127] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 2355.090355][T18127] ? __asan_memset+0x23/0x50 [ 2355.090371][T18127] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 2355.090388][T18127] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 2355.090420][T18127] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 2355.090458][T18127] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 2355.090484][T18127] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 2355.090499][T18127] ? hook_file_ioctl_common+0x145/0x410 [ 2355.090519][T18127] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 2355.090535][T18127] ? __fget_files+0x20e/0x3c0 [ 2355.090553][T18127] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 2355.090569][T18127] __x64_sys_ioctl+0x18e/0x210 [ 2355.090592][T18127] do_syscall_64+0xcd/0x490 [ 2355.090612][T18127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2355.090627][T18127] RIP: 0033:0x7f4b4778ebe9 [ 2355.090640][T18127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2355.090654][T18127] RSP: 002b:00007f4b48682038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2355.090669][T18127] RAX: ffffffffffffffda RBX: 00007f4b479b6090 RCX: 00007f4b4778ebe9 [ 2355.090679][T18127] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009 [ 2355.090688][T18127] RBP: 00007f4b47811e19 R08: 0000000000000000 R09: 0000000000000000 [ 2355.090697][T18127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2355.090706][T18127] R13: 00007f4b479b6128 R14: 00007f4b479b6090 R15: 00007ffcafb735a8 [ 2355.090726][T18127] [ 2356.526596][T18094] active_anon:13769 inactive_anon:53548 isolated_anon:0 [ 2356.526596][T18094] active_file:15857 inactive_file:40508 isolated_file:0 [ 2356.526596][T18094] unevictable:768 dirty:248 writeback:0 [ 2356.526596][T18094] slab_reclaimable:14347 slab_unreclaimable:98339 [ 2356.526596][T18094] mapped:53260 shmem:46610 pagetables:1559 [ 2356.526596][T18094] sec_pagetables:0 bounce:0 [ 2356.526596][T18094] kernel_misc_reclaimable:0 [ 2356.526596][T18094] free:979928 free_pcp:27558 free_cma:0 [ 2356.680130][T18094] Node 0 active_anon:55076kB inactive_anon:219036kB active_file:62840kB inactive_file:161904kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:213040kB dirty:992kB writeback:0kB shmem:187608kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:59392kB kernel_stack:11472kB pagetables:6224kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 2356.793972][T18094] Node 1 active_anon:0kB inactive_anon:0kB active_file:588kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 2356.890820][T18094] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2357.023758][T18094] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 2357.162039][T18094] Node 0 DMA32 free:1049084kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:60684kB inactive_anon:225932kB active_file:61936kB inactive_file:161568kB unevictable:1536kB writepending:1024kB present:3129332kB managed:2539616kB mlocked:0kB bounce:0kB free_pcp:83568kB local_pcp:83568kB free_cma:0kB [ 2357.431335][T18094] lowmem_reserve[]: 0 0 1 1 1 [ 2357.490224][T18094] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:940kB inactive_file:384kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2357.643016][T18094] lowmem_reserve[]: 0 0 0 0 0 [ 2357.699284][T18094] Node 1 Normal free:2847568kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:588kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17344kB local_pcp:17344kB free_cma:0kB [ 2357.742433][T18185] FAULT_INJECTION: forcing a failure. [ 2357.742433][T18185] name failslab, interval 1, probability 0, space 0, times 0 [ 2357.834127][T18094] lowmem_reserve[]: 0 0 0 0 0 [ 2357.845741][T18185] CPU: 1 UID: 0 PID: 18185 Comm: syz.0.7532 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2357.845775][T18185] Tainted: [U]=USER [ 2357.845780][T18185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2357.845789][T18185] Call Trace: [ 2357.845795][T18185] [ 2357.845802][T18185] dump_stack_lvl+0x16c/0x1f0 [ 2357.845825][T18185] should_fail_ex+0x512/0x640 [ 2357.845847][T18185] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 2357.845867][T18185] should_failslab+0xc2/0x120 [ 2357.845894][T18185] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 2357.845914][T18185] ? trace_kmem_cache_alloc+0x28/0xc0 [ 2357.845936][T18185] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 2357.845953][T18185] ? mas_alloc_nodes+0x18b/0x8b0 [ 2357.845971][T18185] ? mas_alloc_nodes+0x2f1/0x8b0 [ 2357.845986][T18185] mas_alloc_nodes+0x2f1/0x8b0 [ 2357.846006][T18185] mas_node_count_gfp+0x105/0x130 [ 2357.846023][T18185] mas_preallocate+0x7e0/0xde0 [ 2357.846047][T18185] ? __pfx_mas_preallocate+0x10/0x10 [ 2357.846072][T18185] ? rcu_read_unlock+0x17/0x60 [ 2357.846094][T18185] vma_link+0x135/0x6a0 [ 2357.846112][T18185] ? __pfx_vma_link+0x10/0x10 [ 2357.846128][T18185] ? rcu_is_watching+0x12/0xc0 [ 2357.846146][T18185] ? anon_vma_clone+0x405/0x5c0 [ 2357.846161][T18185] ? anon_vma_name+0x81/0x2f0 [ 2357.846184][T18185] copy_vma+0x6c2/0xaa0 [ 2357.846203][T18185] ? __pfx_copy_vma+0x10/0x10 [ 2357.846223][T18185] ? register_lock_class+0x41/0x4c0 [ 2357.846252][T18185] ? finish_task_switch.isra.0+0x21c/0xc10 [ 2357.846270][T18185] copy_vma_and_data+0x1cf/0x790 [ 2357.846289][T18185] ? __pfx_copy_vma_and_data+0x10/0x10 [ 2357.846309][T18185] ? __vma_enter_locked+0x163/0x3f0 [ 2357.846325][T18185] ? find_held_lock+0x2b/0x80 [ 2357.846339][T18185] ? move_vma+0x536/0x1780 [ 2357.846359][T18185] move_vma+0x548/0x1780 [ 2357.846378][T18185] ? __pfx_move_vma+0x10/0x10 [ 2357.846392][T18185] ? mm_get_unmapped_area+0x95/0xe0 [ 2357.846413][T18185] ? shmem_get_unmapped_area+0x170/0xa00 [ 2357.846428][T18185] ? cap_mmap_addr+0x4b/0x120 [ 2357.846442][T18185] ? bpf_lsm_mmap_addr+0x9/0x10 [ 2357.846461][T18185] ? security_mmap_addr+0x6c/0x1e0 [ 2357.846479][T18185] ? __get_unmapped_area+0x267/0x440 [ 2357.846501][T18185] ? vrm_set_new_addr+0x208/0x290 [ 2357.846518][T18185] mremap_to+0x1b7/0x450 [ 2357.846535][T18185] do_mremap+0x1004/0x1f80 [ 2357.846559][T18185] ? __pfx_do_mremap+0x10/0x10 [ 2357.846573][T18185] ? __pfx_futex_wake+0x10/0x10 [ 2357.846597][T18185] ? up_write+0x1b2/0x520 [ 2357.846621][T18185] __do_sys_mremap+0x119/0x170 [ 2357.846637][T18185] ? __pfx___do_sys_mremap+0x10/0x10 [ 2357.846658][T18185] ? __x64_sys_futex+0x1e0/0x4c0 [ 2357.846687][T18185] do_syscall_64+0xcd/0x490 [ 2357.846706][T18185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2357.846721][T18185] RIP: 0033:0x7f4b4778ebe9 [ 2357.846734][T18185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2357.846748][T18185] RSP: 002b:00007f4b486a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 2357.846762][T18185] RAX: ffffffffffffffda RBX: 00007f4b479b5fa0 RCX: 00007f4b4778ebe9 [ 2357.846773][T18185] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 2357.846782][T18185] RBP: 00007f4b47811e19 R08: 00007effffffb000 R09: 0000000000000000 [ 2357.846792][T18185] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 2357.846800][T18185] R13: 00007f4b479b6038 R14: 00007f4b479b5fa0 R15: 00007ffcafb735a8 [ 2357.846819][T18185] [ 2357.847513][T18094] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 2359.147756][T18094] Node 0 DMA32: 141*4kB (UE) 1013*8kB (UE) 90*16kB (UME) 146*32kB (UE) 121*64kB (UE) 452*128kB (UM) 451*256kB (UM) 499*512kB (UM) 294*1024kB (UM) 6*2048kB (UME) 69*4096kB (UM) = 1047292kB [ 2359.208241][T18094] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 2359.246818][T18094] Node 1 Normal: 3*4kB (M) 4*8kB (ME) 14*16kB (ME) 8*32kB (UME) 7*64kB (ME) 31*128kB (UME) 15*256kB (UME) 5*512kB (UM) 4*1024kB (UME) 3*2048kB (UME) 690*4096kB (UM) = 2847820kB [ 2359.306411][T18094] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2359.341400][T18094] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 2359.372130][T18094] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=1048576kB [ 2359.416626][T18094] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 2359.448233][T18094] 101227 total pagecache pages [ 2359.457428][T18094] 26 pages in swap cache [ 2359.473100][T18094] Free swap = 122536kB [ 2359.488746][T18094] Total swap = 124996kB [ 2359.515360][T18094] 2097051 pages RAM [ 2359.525292][T18094] 0 pages HighMem/MovableOnly [ 2359.535274][T18094] 430185 pages reserved [ 2359.557848][T18094] 0 pages cma reserved [ 2359.566419][T18094] tty tty12: ldisc open failed (-12), clearing slot 11 [ 2359.595498][T18116] tty tty12: ldisc open failed (-12), clearing slot 11 [ 2359.615025][T18119] tty tty12: ldisc open failed (-12), clearing slot 11 [ 2359.623928][T18120] tty tty12: ldisc open failed (-12), clearing slot 11 [ 2359.670693][T18122] ttyprintk ttyprintk: ldisc open failed (-12), clearing slot 0 [ 2362.443932][T18261] ubi0: attaching mtd0 [ 2362.510980][T18261] ubi0: scanning is finished [ 2362.598332][T18261] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2363.141380][T18261] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2363.289144][T18225] ptrace attach of "./syz-executor exec"[15503] was attempted by "./syz-executor exec"[18225] [ 2364.203753][T18289] FAULT_INJECTION: forcing a failure. [ 2364.203753][T18289] name failslab, interval 1, probability 0, space 0, times 0 [ 2364.324584][T18289] CPU: 1 UID: 0 PID: 18289 Comm: syz.4.7550 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2364.324613][T18289] Tainted: [U]=USER [ 2364.324618][T18289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2364.324627][T18289] Call Trace: [ 2364.324633][T18289] [ 2364.324639][T18289] dump_stack_lvl+0x16c/0x1f0 [ 2364.324663][T18289] should_fail_ex+0x512/0x640 [ 2364.324683][T18289] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2364.324704][T18289] should_failslab+0xc2/0x120 [ 2364.324723][T18289] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2364.324741][T18289] ? __d_alloc+0x32/0xae0 [ 2364.324761][T18289] __d_alloc+0x32/0xae0 [ 2364.324781][T18289] d_alloc_parallel+0x111/0x1480 [ 2364.324811][T18289] ? __pfx_d_alloc_parallel+0x10/0x10 [ 2364.324835][T18289] ? lockdep_init_map_type+0x5c/0x280 [ 2364.324856][T18289] ? lockdep_init_map_type+0x5c/0x280 [ 2364.324878][T18289] __lookup_slow+0x193/0x460 [ 2364.324901][T18289] ? __pfx___lookup_slow+0x10/0x10 [ 2364.324925][T18289] ? perf_trace_mm_compaction_try_to_compact_pages+0x430/0x4b0 [ 2364.324957][T18289] ? perf_trace_mm_compaction_try_to_compact_pages+0x430/0x4b0 [ 2364.324978][T18289] ? d_lookup+0xe7/0x190 [ 2364.325002][T18289] lookup_noperm+0xe1/0x110 [ 2364.325025][T18289] simple_start_creating+0xd1/0x1b0 [ 2364.325042][T18289] start_creating.part.0+0x82/0x190 [ 2364.325060][T18289] __debugfs_create_file+0xa7/0x6b0 [ 2364.325079][T18289] debugfs_create_file_full+0x41/0x60 [ 2364.325098][T18289] ? __pfx_caifdev_setup+0x10/0x10 [ 2364.325112][T18289] ref_tracker_dir_debugfs+0x19d/0x290 [ 2364.325134][T18289] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 2364.325171][T18289] ? snprintf+0xb0/0x100 [ 2364.325186][T18289] ? alloc_netdev_mqs+0xd2/0x1500 [ 2364.325206][T18289] ? lockdep_init_map_type+0x5c/0x280 [ 2364.325228][T18289] alloc_netdev_mqs+0x30f/0x1500 [ 2364.325246][T18289] ? security_capable+0x7e/0x260 [ 2364.325263][T18289] ldisc_open+0x155/0x970 [ 2364.325279][T18289] ? __pfx_ldisc_open+0x10/0x10 [ 2364.325296][T18289] ? tty_set_ldisc+0x2b8/0x780 [ 2364.325313][T18289] ? down_write+0x14d/0x200 [ 2364.325333][T18289] ? __pfx_ldisc_open+0x10/0x10 [ 2364.325349][T18289] tty_ldisc_open+0x9c/0x120 [ 2364.325366][T18289] tty_set_ldisc+0x32b/0x780 [ 2364.325386][T18289] tty_ioctl+0xc2e/0x1680 [ 2364.325406][T18289] ? __pfx_tty_ioctl+0x10/0x10 [ 2364.325431][T18289] ? find_held_lock+0x2b/0x80 [ 2364.325445][T18289] ? hook_file_ioctl_common+0x145/0x410 [ 2364.325468][T18289] ? __fget_files+0x20e/0x3c0 [ 2364.325492][T18289] ? __pfx_tty_ioctl+0x10/0x10 [ 2364.325511][T18289] __x64_sys_ioctl+0x18e/0x210 [ 2364.325534][T18289] do_syscall_64+0xcd/0x490 [ 2364.325554][T18289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2364.325570][T18289] RIP: 0033:0x7f961d78ebe9 [ 2364.325582][T18289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2364.325596][T18289] RSP: 002b:00007f961e67b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2364.325612][T18289] RAX: ffffffffffffffda RBX: 00007f961d9b5fa0 RCX: 00007f961d78ebe9 [ 2364.325621][T18289] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000014 [ 2364.325630][T18289] RBP: 00007f961e67b090 R08: 0000000000000000 R09: 0000000000000000 [ 2364.325638][T18289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2364.325647][T18289] R13: 00007f961d9b6038 R14: 00007f961d9b5fa0 R15: 00007ffe880d4d38 [ 2364.325666][T18289] [ 2367.441111][T18339] ubi0: attaching mtd0 [ 2367.510183][T18339] ubi0: scanning is finished [ 2367.573040][T18339] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2368.038873][T18339] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2368.149127][T18341] ptrace attach of "./syz-executor exec"[15503] was attempted by "./syz-executor exec"[18341] [ 2368.741604][T18405] ubi0: attaching mtd0 [ 2368.794626][T18405] ubi0: scanning is finished [ 2368.867195][T18405] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2368.887870][T18401] netlink: ct family unspecified [ 2369.283092][T18405] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2370.074820][T18449] FAULT_INJECTION: forcing a failure. [ 2370.074820][T18449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2370.162389][T18449] CPU: 1 UID: 0 PID: 18449 Comm: syz.0.7569 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2370.162417][T18449] Tainted: [U]=USER [ 2370.162422][T18449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2370.162432][T18449] Call Trace: [ 2370.162441][T18449] [ 2370.162447][T18449] dump_stack_lvl+0x16c/0x1f0 [ 2370.162470][T18449] should_fail_ex+0x512/0x640 [ 2370.162494][T18449] _copy_to_user+0x32/0xd0 [ 2370.162518][T18449] simple_read_from_buffer+0xcb/0x170 [ 2370.162545][T18449] proc_fail_nth_read+0x197/0x240 [ 2370.162562][T18449] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2370.162579][T18449] ? rw_verify_area+0xcf/0x6c0 [ 2370.162594][T18449] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2370.162609][T18449] vfs_read+0x1e4/0xcf0 [ 2370.162628][T18449] ? __pfx___mutex_lock+0x10/0x10 [ 2370.162647][T18449] ? __pfx_vfs_read+0x10/0x10 [ 2370.162668][T18449] ? __fget_files+0x20e/0x3c0 [ 2370.162689][T18449] ksys_read+0x12a/0x250 [ 2370.162705][T18449] ? __pfx_ksys_read+0x10/0x10 [ 2370.162726][T18449] do_syscall_64+0xcd/0x490 [ 2370.162746][T18449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2370.162762][T18449] RIP: 0033:0x7f4b4778d5fc [ 2370.162774][T18449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2370.162789][T18449] RSP: 002b:00007f4b486a3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2370.162803][T18449] RAX: ffffffffffffffda RBX: 00007f4b479b5fa0 RCX: 00007f4b4778d5fc [ 2370.162813][T18449] RDX: 000000000000000f RSI: 00007f4b486a30a0 RDI: 000000000000000d [ 2370.162822][T18449] RBP: 00007f4b486a3090 R08: 0000000000000000 R09: 0000000000000000 [ 2370.162831][T18449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2370.162839][T18449] R13: 00007f4b479b6038 R14: 00007f4b479b5fa0 R15: 00007ffcafb735a8 [ 2370.162858][T18449] [ 2370.359003][ C1] vkms_vblank_simulate: vblank timer overrun [ 2370.807748][T18475] FAULT_INJECTION: forcing a failure. [ 2370.807748][T18475] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.917414][T18475] CPU: 1 UID: 0 PID: 18475 Comm: syz.0.7570 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2370.917446][T18475] Tainted: [U]=USER [ 2370.917451][T18475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2370.917460][T18475] Call Trace: [ 2370.917467][T18475] [ 2370.917474][T18475] dump_stack_lvl+0x16c/0x1f0 [ 2370.917498][T18475] should_fail_ex+0x512/0x640 [ 2370.917518][T18475] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2370.917540][T18475] should_failslab+0xc2/0x120 [ 2370.917559][T18475] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2370.917577][T18475] ? sock_alloc_inode+0x25/0x1c0 [ 2370.917601][T18475] ? __pfx_sock_alloc_inode+0x10/0x10 [ 2370.917619][T18475] sock_alloc_inode+0x25/0x1c0 [ 2370.917639][T18475] alloc_inode+0x61/0x240 [ 2370.917660][T18475] sock_alloc+0x40/0x280 [ 2370.917679][T18475] __sock_create+0xc1/0x8d0 [ 2370.917704][T18475] __sys_socket+0x14d/0x260 [ 2370.917718][T18475] ? __pfx___sys_socket+0x10/0x10 [ 2370.917732][T18475] ? xfd_validate_state+0x61/0x180 [ 2370.917757][T18475] __x64_sys_socket+0x72/0xb0 [ 2370.917770][T18475] ? lockdep_hardirqs_on+0x7c/0x110 [ 2370.917787][T18475] do_syscall_64+0xcd/0x490 [ 2370.917807][T18475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2370.917821][T18475] RIP: 0033:0x7f4b47790b07 [ 2370.917834][T18475] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2370.917848][T18475] RSP: 002b:00007f4b486a1fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 2370.917862][T18475] RAX: ffffffffffffffda RBX: 00007f4b479b5fa0 RCX: 00007f4b47790b07 [ 2370.917871][T18475] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 2370.917880][T18475] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 2370.917888][T18475] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 2370.917904][T18475] R13: 00007f4b479b6038 R14: 00007f4b479b5fa0 R15: 00007ffcafb735a8 [ 2370.917923][T18475] [ 2370.917948][T18475] socket: no more sockets [ 2371.654873][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888060204800: 0x00000: (2) System resources were needed for another task so this connection managed session was terminated. [ 2374.782818][T18549] FAULT_INJECTION: forcing a failure. [ 2374.782818][T18549] name failslab, interval 1, probability 0, space 0, times 0 [ 2374.868790][T18551] ptrace attach of "./syz-executor exec"[13675] was attempted by ""[18551] [ 2374.879832][T18549] CPU: 1 UID: 0 PID: 18549 Comm: syz.5.7579 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2374.879861][T18549] Tainted: [U]=USER [ 2374.879866][T18549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2374.879876][T18549] Call Trace: [ 2374.879882][T18549] [ 2374.879888][T18549] dump_stack_lvl+0x16c/0x1f0 [ 2374.879912][T18549] should_fail_ex+0x512/0x640 [ 2374.879934][T18549] ? fs_reclaim_acquire+0xae/0x150 [ 2374.879958][T18549] ? tomoyo_init_log+0x1385/0x2140 [ 2374.879977][T18549] should_failslab+0xc2/0x120 [ 2374.879998][T18549] __kmalloc_noprof+0xd2/0x510 [ 2374.880014][T18549] ? __pfx_from_kuid+0x10/0x10 [ 2374.880039][T18549] tomoyo_init_log+0x1385/0x2140 [ 2374.880068][T18549] ? __pfx_tomoyo_init_log+0x10/0x10 [ 2374.880086][T18549] ? tomoyo_profile+0x47/0x60 [ 2374.880107][T18549] ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0 [ 2374.880126][T18549] tomoyo_supervisor+0x302/0x13b0 [ 2374.880151][T18549] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 2374.880175][T18549] ? tomoyo_file_matches_pattern+0x112/0x1c0 [ 2374.880199][T18549] ? tomoyo_check_path_acl+0xad/0x210 [ 2374.880216][T18549] ? tomoyo_check_acl+0x1f7/0x410 [ 2374.880234][T18549] tomoyo_path_permission+0x270/0x3b0 [ 2374.880253][T18549] tomoyo_check_open_permission+0x37b/0x3c0 [ 2374.880271][T18549] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 2374.880307][T18549] ? do_raw_spin_lock+0x12c/0x2b0 [ 2374.880334][T18549] tomoyo_file_open+0x6b/0x90 [ 2374.880348][T18549] security_file_open+0x84/0x1e0 [ 2374.880367][T18549] do_dentry_open+0x596/0x1530 [ 2374.880390][T18549] vfs_open+0x82/0x3f0 [ 2374.880413][T18549] path_openat+0x1de4/0x2cb0 [ 2374.880436][T18549] ? __pfx_path_openat+0x10/0x10 [ 2374.880457][T18549] do_filp_open+0x20b/0x470 [ 2374.880474][T18549] ? __pfx_do_filp_open+0x10/0x10 [ 2374.880496][T18549] ? __pfx_kfree_link+0x10/0x10 [ 2374.880523][T18549] ? alloc_fd+0x471/0x7d0 [ 2374.880543][T18549] do_sys_openat2+0x11b/0x1d0 [ 2374.880564][T18549] ? __pfx_do_sys_openat2+0x10/0x10 [ 2374.880592][T18549] __x64_sys_openat+0x174/0x210 [ 2374.880613][T18549] ? __pfx___x64_sys_openat+0x10/0x10 [ 2374.880650][T18549] do_syscall_64+0xcd/0x490 [ 2374.880672][T18549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2374.880688][T18549] RIP: 0033:0x7f83e1d8ebe9 [ 2374.880701][T18549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2374.880715][T18549] RSP: 002b:00007f83e2b3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2374.880734][T18549] RAX: ffffffffffffffda RBX: 00007f83e1fb5fa0 RCX: 00007f83e1d8ebe9 [ 2374.880744][T18549] RDX: 0000000000060080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2374.880753][T18549] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2374.880761][T18549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2374.880769][T18549] R13: 00007f83e1fb6038 R14: 00007f83e1fb5fa0 R15: 00007ffc533d8fc8 [ 2374.880789][T18549] [ 2375.797186][T30910] Bluetooth: hci0: command 0x0406 tx timeout [ 2376.028794][T18567] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7583'. [ 2377.716834][T18606] ubi0: attaching mtd0 [ 2377.812252][T18606] ubi0: scanning is finished [ 2377.882589][T18606] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2378.458524][T18606] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2380.528118][T18633] ptrace attach of "./syz-executor exec"[1539] was attempted by "./syz-executor exec"[18633] [ 2381.369892][T18732] FAULT_INJECTION: forcing a failure. [ 2381.369892][T18732] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2381.455788][T18732] CPU: 1 UID: 0 PID: 18732 Comm: syz.1.7600 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2381.455816][T18732] Tainted: [U]=USER [ 2381.455822][T18732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2381.455831][T18732] Call Trace: [ 2381.455836][T18732] [ 2381.455842][T18732] dump_stack_lvl+0x16c/0x1f0 [ 2381.455866][T18732] should_fail_ex+0x512/0x640 [ 2381.455889][T18732] should_fail_alloc_page+0xe7/0x130 [ 2381.455910][T18732] prepare_alloc_pages+0x3c2/0x610 [ 2381.455935][T18732] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2381.455955][T18732] ? rcu_is_watching+0x12/0xc0 [ 2381.455971][T18732] ? look_up_lock_class+0x59/0x150 [ 2381.455990][T18732] ? __lock_acquire+0xb97/0x1ce0 [ 2381.456010][T18732] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2381.456028][T18732] ? mas_destroy+0x5de/0xa20 [ 2381.456057][T18732] ? perf_event_mmap+0xbb/0xd40 [ 2381.456081][T18732] ? __pfx_perf_event_mmap+0x10/0x10 [ 2381.456107][T18732] ? uprobe_mmap+0x133/0x10e0 [ 2381.456126][T18732] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2381.456149][T18732] ? policy_nodemask+0xea/0x4e0 [ 2381.456169][T18732] alloc_pages_mpol+0x1fb/0x550 [ 2381.456189][T18732] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 2381.456212][T18732] alloc_pages_noprof+0x131/0x390 [ 2381.456232][T18732] __pmd_alloc+0x3b/0x930 [ 2381.456252][T18732] ? find_held_lock+0x2b/0x80 [ 2381.456267][T18732] __handle_mm_fault+0xa06/0x2a50 [ 2381.456288][T18732] ? __pfx___handle_mm_fault+0x10/0x10 [ 2381.456319][T18732] handle_mm_fault+0x589/0xd10 [ 2381.456337][T18732] __get_user_pages+0x551/0x34a0 [ 2381.456367][T18732] ? __pfx___get_user_pages+0x10/0x10 [ 2381.456393][T18732] populate_vma_page_range+0x267/0x3f0 [ 2381.456416][T18732] ? __pfx_populate_vma_page_range+0x10/0x10 [ 2381.456438][T18732] ? __pfx_find_vma_intersection+0x10/0x10 [ 2381.456459][T18732] ? do_mmap+0x69c/0x1210 [ 2381.456481][T18732] __mm_populate+0x1d8/0x380 [ 2381.456503][T18732] ? __pfx___mm_populate+0x10/0x10 [ 2381.456526][T18732] ? up_write+0x1b2/0x520 [ 2381.456549][T18732] vm_mmap_pgoff+0x37f/0x470 [ 2381.456571][T18732] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 2381.456595][T18732] ? __fget_files+0x20e/0x3c0 [ 2381.456614][T18732] ksys_mmap_pgoff+0x32c/0x5c0 [ 2381.456633][T18732] ? __pfx_ksys_write+0x10/0x10 [ 2381.456652][T18732] __x64_sys_mmap+0x125/0x190 [ 2381.456676][T18732] do_syscall_64+0xcd/0x490 [ 2381.456696][T18732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2381.456711][T18732] RIP: 0033:0x7ff5b318ebe9 [ 2381.456723][T18732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2381.456737][T18732] RSP: 002b:00007ff5b407f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2381.456752][T18732] RAX: ffffffffffffffda RBX: 00007ff5b33b5fa0 RCX: 00007ff5b318ebe9 [ 2381.456762][T18732] RDX: fffffffffffffe01 RSI: 0000000004000002 RDI: 0000000000000000 [ 2381.456772][T18732] RBP: 00007ff5b407f090 R08: 0000000000000003 R09: 0000000000000000 [ 2381.456780][T18732] R10: 0000000000008051 R11: 0000000000000246 R12: 0000000000000001 [ 2381.456790][T18732] R13: 00007ff5b33b6038 R14: 00007ff5b33b5fa0 R15: 00007ffcb3a4a238 [ 2381.456808][T18732] [ 2382.271585][ T30] audit: type=1800 audit(4294969380.261:33): pid=18743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.7601" name="members" dev="configfs" ino=191032 res=0 errno=0 [ 2385.222694][T18820] ubi0: attaching mtd0 [ 2385.274208][T18820] ubi0: scanning is finished [ 2385.302859][T18814] ptrace attach of "./syz-executor exec"[9721] was attempted by ""[18814] [ 2385.321561][T18820] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2385.526233][T18831] binder: 18821:18831 ioctl c00c620f 200000000180 returned -22 [ 2385.681557][T18820] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2387.433506][T18989] FAULT_INJECTION: forcing a failure. [ 2387.433506][T18989] name failslab, interval 1, probability 0, space 0, times 0 [ 2387.480510][T18989] CPU: 1 UID: 0 PID: 18989 Comm: syz.5.7617 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2387.480540][T18989] Tainted: [U]=USER [ 2387.480545][T18989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2387.480556][T18989] Call Trace: [ 2387.480562][T18989] [ 2387.480569][T18989] dump_stack_lvl+0x16c/0x1f0 [ 2387.480594][T18989] should_fail_ex+0x512/0x640 [ 2387.480614][T18989] ? fs_reclaim_acquire+0xae/0x150 [ 2387.480646][T18989] ? tomoyo_supervisor+0x45b/0x13b0 [ 2387.480670][T18989] should_failslab+0xc2/0x120 [ 2387.480691][T18989] __kmalloc_noprof+0xd2/0x510 [ 2387.480708][T18989] ? tomoyo_profile+0x47/0x60 [ 2387.480732][T18989] tomoyo_supervisor+0x45b/0x13b0 [ 2387.480758][T18989] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 2387.480792][T18989] ? tomoyo_check_path_acl+0xad/0x210 [ 2387.480809][T18989] ? tomoyo_check_acl+0x1f7/0x410 [ 2387.480827][T18989] tomoyo_path_permission+0x270/0x3b0 [ 2387.480846][T18989] tomoyo_check_open_permission+0x37b/0x3c0 [ 2387.480863][T18989] ? init_file+0x93/0x4c0 [ 2387.480881][T18989] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 2387.480898][T18989] ? do_sys_openat2+0x11b/0x1d0 [ 2387.480918][T18989] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2387.480949][T18989] ? do_raw_spin_lock+0x12c/0x2b0 [ 2387.480976][T18989] tomoyo_file_open+0x6b/0x90 [ 2387.480990][T18989] security_file_open+0x84/0x1e0 [ 2387.481009][T18989] do_dentry_open+0x596/0x1530 [ 2387.481032][T18989] vfs_open+0x82/0x3f0 [ 2387.481055][T18989] path_openat+0x1de4/0x2cb0 [ 2387.481077][T18989] ? __pfx_path_openat+0x10/0x10 [ 2387.481099][T18989] do_filp_open+0x20b/0x470 [ 2387.481115][T18989] ? __pfx_do_filp_open+0x10/0x10 [ 2387.481146][T18989] ? alloc_fd+0x471/0x7d0 [ 2387.481166][T18989] do_sys_openat2+0x11b/0x1d0 [ 2387.481187][T18989] ? __pfx_do_sys_openat2+0x10/0x10 [ 2387.481215][T18989] __x64_sys_openat+0x174/0x210 [ 2387.481237][T18989] ? __pfx___x64_sys_openat+0x10/0x10 [ 2387.481266][T18989] do_syscall_64+0xcd/0x490 [ 2387.481285][T18989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2387.481299][T18989] RIP: 0033:0x7f83e1d8ebe9 [ 2387.481312][T18989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2387.481327][T18989] RSP: 002b:00007f83e2b3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2387.481342][T18989] RAX: ffffffffffffffda RBX: 00007f83e1fb5fa0 RCX: 00007f83e1d8ebe9 [ 2387.481352][T18989] RDX: 0000000000000800 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 2387.481362][T18989] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2387.481371][T18989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2387.481380][T18989] R13: 00007f83e1fb6038 R14: 00007f83e1fb5fa0 R15: 00007ffc533d8fc8 [ 2387.481398][T18989] [ 2392.667808][T19068] netlink: ct family unspecified [ 2393.066535][T19072] tipc: Started in network mode [ 2393.101276][T19072] tipc: Node identity ee00, cluster identity 4711 [ 2393.141885][T19072] tipc: Node number set to 60928 [ 2393.260331][T19073] Process accounting resumed [ 2396.049286][T19130] QAT: Stopping all acceleration devices. [ 2396.201907][T19140] FAULT_INJECTION: forcing a failure. [ 2396.201907][T19140] name failslab, interval 1, probability 0, space 0, times 0 [ 2396.302950][T19140] CPU: 1 UID: 0 PID: 19140 Comm: syz.1.7643 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2396.302980][T19140] Tainted: [U]=USER [ 2396.302985][T19140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2396.302995][T19140] Call Trace: [ 2396.303000][T19140] [ 2396.303007][T19140] dump_stack_lvl+0x16c/0x1f0 [ 2396.303030][T19140] should_fail_ex+0x512/0x640 [ 2396.303054][T19140] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 2396.303072][T19140] should_failslab+0xc2/0x120 [ 2396.303093][T19140] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2396.303108][T19140] ? alloc_tty_struct+0x96/0x8c0 [ 2396.303132][T19140] alloc_tty_struct+0x96/0x8c0 [ 2396.303153][T19140] ? __pfx_alloc_tty_struct+0x10/0x10 [ 2396.303178][T19140] tty_init_dev.part.0+0x1e/0x500 [ 2396.303200][T19140] tty_open+0xa50/0xf90 [ 2396.303222][T19140] ? __pfx_tty_open+0x10/0x10 [ 2396.303242][T19140] ? chrdev_open+0x10b/0x6a0 [ 2396.303263][T19140] ? __pfx_tty_open+0x10/0x10 [ 2396.303282][T19140] chrdev_open+0x231/0x6a0 [ 2396.303299][T19140] ? __pfx_apparmor_file_open+0x10/0x10 [ 2396.303315][T19140] ? __pfx_chrdev_open+0x10/0x10 [ 2396.303334][T19140] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2396.303353][T19140] do_dentry_open+0x97f/0x1530 [ 2396.303372][T19140] ? __pfx_chrdev_open+0x10/0x10 [ 2396.303394][T19140] vfs_open+0x82/0x3f0 [ 2396.303418][T19140] path_openat+0x1de4/0x2cb0 [ 2396.303441][T19140] ? __pfx_path_openat+0x10/0x10 [ 2396.303462][T19140] do_filp_open+0x20b/0x470 [ 2396.303479][T19140] ? __pfx_do_filp_open+0x10/0x10 [ 2396.303509][T19140] ? alloc_fd+0x471/0x7d0 [ 2396.303534][T19140] do_sys_openat2+0x11b/0x1d0 [ 2396.303555][T19140] ? __pfx_do_sys_openat2+0x10/0x10 [ 2396.303583][T19140] __x64_sys_openat+0x174/0x210 [ 2396.303605][T19140] ? __pfx___x64_sys_openat+0x10/0x10 [ 2396.303635][T19140] do_syscall_64+0xcd/0x490 [ 2396.303655][T19140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2396.303671][T19140] RIP: 0033:0x7ff5b318ebe9 [ 2396.303683][T19140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2396.303698][T19140] RSP: 002b:00007ff5b407f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2396.303713][T19140] RAX: ffffffffffffffda RBX: 00007ff5b33b5fa0 RCX: 00007ff5b318ebe9 [ 2396.303723][T19140] RDX: 0000000000000800 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2396.303732][T19140] RBP: 00007ff5b3211e19 R08: 0000000000000000 R09: 0000000000000000 [ 2396.303741][T19140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2396.303749][T19140] R13: 00007ff5b33b6038 R14: 00007ff5b33b5fa0 R15: 00007ffcb3a4a238 [ 2396.303768][T19140] [ 2396.699012][T19147] ubi0: attaching mtd0 [ 2396.704594][T19147] ubi0: scanning is finished [ 2396.709300][T19147] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2397.025287][T19147] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2397.359995][T19169] FAULT_INJECTION: forcing a failure. [ 2397.359995][T19169] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2397.677902][T19169] CPU: 1 UID: 0 PID: 19169 Comm: syz.5.7648 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2397.677934][T19169] Tainted: [U]=USER [ 2397.677939][T19169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2397.677949][T19169] Call Trace: [ 2397.677956][T19169] [ 2397.677962][T19169] dump_stack_lvl+0x16c/0x1f0 [ 2397.677987][T19169] should_fail_ex+0x512/0x640 [ 2397.678011][T19169] should_fail_alloc_page+0xe7/0x130 [ 2397.678033][T19169] prepare_alloc_pages+0x3c2/0x610 [ 2397.678063][T19169] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 2397.678085][T19169] ? __lock_acquire+0x62e/0x1ce0 [ 2397.678107][T19169] ? css_rstat_updated+0x1c2/0x510 [ 2397.678125][T19169] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 2397.678147][T19169] ? rcu_is_watching+0x12/0xc0 [ 2397.678166][T19169] ? __lock_acquire+0x62e/0x1ce0 [ 2397.678184][T19169] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2397.678206][T19169] ? policy_nodemask+0xea/0x4e0 [ 2397.678225][T19169] alloc_pages_mpol+0x1fb/0x550 [ 2397.678245][T19169] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 2397.678264][T19169] ? filemap_get_entry+0x1a7/0x3b0 [ 2397.678286][T19169] folio_alloc_noprof+0x20/0x2d0 [ 2397.678307][T19169] filemap_alloc_folio_noprof+0x3a1/0x470 [ 2397.678332][T19169] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 2397.678360][T19169] __filemap_get_folio+0x5e1/0xc30 [ 2397.678383][T19169] ioctx_alloc+0x761/0x2120 [ 2397.678409][T19169] ? __pfx_ioctx_alloc+0x10/0x10 [ 2397.678424][T19169] ? __might_fault+0x13b/0x190 [ 2397.678445][T19169] __x64_sys_io_setup+0xc9/0x210 [ 2397.678462][T19169] do_syscall_64+0xcd/0x490 [ 2397.678482][T19169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2397.678498][T19169] RIP: 0033:0x7f83e1d8ebe9 [ 2397.678511][T19169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2397.678525][T19169] RSP: 002b:00007f83e2b1b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 2397.678541][T19169] RAX: ffffffffffffffda RBX: 00007f83e1fb6090 RCX: 00007f83e1d8ebe9 [ 2397.678551][T19169] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 00000000000099b2 [ 2397.678560][T19169] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2397.678568][T19169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2397.678576][T19169] R13: 00007f83e1fb6128 R14: 00007f83e1fb6090 R15: 00007ffc533d8fc8 [ 2397.678596][T19169] [ 2398.121273][T19171] FAULT_INJECTION: forcing a failure. [ 2398.121273][T19171] name failslab, interval 1, probability 0, space 0, times 0 [ 2398.134161][T19171] CPU: 1 UID: 0 PID: 19171 Comm: syz.4.7650 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2398.134188][T19171] Tainted: [U]=USER [ 2398.134192][T19171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2398.134202][T19171] Call Trace: [ 2398.134209][T19171] [ 2398.134216][T19171] dump_stack_lvl+0x16c/0x1f0 [ 2398.134240][T19171] should_fail_ex+0x512/0x640 [ 2398.134260][T19171] ? fs_reclaim_acquire+0xae/0x150 [ 2398.134284][T19171] ? tomoyo_init_log+0x1385/0x2140 [ 2398.134306][T19171] should_failslab+0xc2/0x120 [ 2398.134326][T19171] __kmalloc_noprof+0xd2/0x510 [ 2398.134342][T19171] ? __pfx_from_kuid+0x10/0x10 [ 2398.134368][T19171] tomoyo_init_log+0x1385/0x2140 [ 2398.134397][T19171] ? __pfx_tomoyo_init_log+0x10/0x10 [ 2398.134416][T19171] ? tomoyo_profile+0x47/0x60 [ 2398.134437][T19171] ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0 [ 2398.134457][T19171] tomoyo_supervisor+0x302/0x13b0 [ 2398.134482][T19171] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 2398.134506][T19171] ? tomoyo_file_matches_pattern+0x112/0x1c0 [ 2398.134530][T19171] ? tomoyo_check_path_acl+0xad/0x210 [ 2398.134547][T19171] ? tomoyo_check_acl+0x1f7/0x410 [ 2398.134565][T19171] tomoyo_path_permission+0x270/0x3b0 [ 2398.134584][T19171] tomoyo_check_open_permission+0x37b/0x3c0 [ 2398.134602][T19171] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 2398.134639][T19171] ? do_raw_spin_lock+0x12c/0x2b0 [ 2398.134666][T19171] tomoyo_file_open+0x6b/0x90 [ 2398.134680][T19171] security_file_open+0x84/0x1e0 [ 2398.134700][T19171] do_dentry_open+0x596/0x1530 [ 2398.134723][T19171] vfs_open+0x82/0x3f0 [ 2398.134746][T19171] path_openat+0x1de4/0x2cb0 [ 2398.134770][T19171] ? __pfx_path_openat+0x10/0x10 [ 2398.134795][T19171] do_filp_open+0x20b/0x470 [ 2398.134812][T19171] ? __pfx_do_filp_open+0x10/0x10 [ 2398.134835][T19171] ? __pfx_kfree_link+0x10/0x10 [ 2398.134862][T19171] ? alloc_fd+0x471/0x7d0 [ 2398.134882][T19171] do_sys_openat2+0x11b/0x1d0 [ 2398.134904][T19171] ? __pfx_do_sys_openat2+0x10/0x10 [ 2398.134927][T19171] ? __fget_files+0x20e/0x3c0 [ 2398.134945][T19171] __x64_sys_openat+0x174/0x210 [ 2398.134968][T19171] ? __pfx___x64_sys_openat+0x10/0x10 [ 2398.134989][T19171] ? ksys_write+0x1ac/0x250 [ 2398.135011][T19171] do_syscall_64+0xcd/0x490 [ 2398.135036][T19171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2398.135052][T19171] RIP: 0033:0x7f961d78ebe9 [ 2398.135066][T19171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2398.135080][T19171] RSP: 002b:00007f961e67b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2398.135094][T19171] RAX: ffffffffffffffda RBX: 00007f961d9b5fa0 RCX: 00007f961d78ebe9 [ 2398.135105][T19171] RDX: 0000000000060080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2398.135114][T19171] RBP: 00007f961e67b090 R08: 0000000000000000 R09: 0000000000000000 [ 2398.135123][T19171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2398.135131][T19171] R13: 00007f961d9b6038 R14: 00007f961d9b5fa0 R15: 00007ffe880d4d38 [ 2398.135150][T19171] [ 2399.668920][T19191] FAULT_INJECTION: forcing a failure. [ 2399.668920][T19191] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.782272][T19191] CPU: 1 UID: 0 PID: 19191 Comm: syz.5.7652 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2399.782302][T19191] Tainted: [U]=USER [ 2399.782307][T19191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2399.782320][T19191] Call Trace: [ 2399.782326][T19191] [ 2399.782332][T19191] dump_stack_lvl+0x16c/0x1f0 [ 2399.782356][T19191] should_fail_ex+0x512/0x640 [ 2399.782377][T19191] ? __kvmalloc_node_noprof+0x124/0x620 [ 2399.782396][T19191] should_failslab+0xc2/0x120 [ 2399.782416][T19191] __kvmalloc_node_noprof+0x137/0x620 [ 2399.782433][T19191] ? v4l2_ctrl_new+0x97d/0x2180 [ 2399.782452][T19191] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2399.782476][T19191] ? v4l2_ctrl_new+0x97d/0x2180 [ 2399.782494][T19191] v4l2_ctrl_new+0x97d/0x2180 [ 2399.782520][T19191] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 2399.782539][T19191] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 2399.782562][T19191] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2399.782584][T19191] v4l2_ctrl_new_std+0x1be/0x290 [ 2399.782609][T19191] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 2399.782628][T19191] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 2399.782656][T19191] ? rcu_is_watching+0x12/0xc0 [ 2399.782686][T19191] ? trace_kmalloc+0x2b/0xd0 [ 2399.782706][T19191] ? __kvmalloc_node_noprof+0x298/0x620 [ 2399.782727][T19191] ? media_request_object_init+0x100/0x180 [ 2399.782753][T19191] vim2m_open+0x184/0x8a0 [ 2399.782776][T19191] v4l2_open+0x222/0x490 [ 2399.782792][T19191] ? __pfx_v4l2_open+0x10/0x10 [ 2399.782808][T19191] chrdev_open+0x231/0x6a0 [ 2399.782827][T19191] ? __pfx_apparmor_file_open+0x10/0x10 [ 2399.782842][T19191] ? __pfx_chrdev_open+0x10/0x10 [ 2399.782861][T19191] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2399.782881][T19191] do_dentry_open+0x97f/0x1530 [ 2399.782901][T19191] ? __pfx_chrdev_open+0x10/0x10 [ 2399.782922][T19191] vfs_open+0x82/0x3f0 [ 2399.782955][T19191] path_openat+0x1de4/0x2cb0 [ 2399.782988][T19191] ? __pfx_path_openat+0x10/0x10 [ 2399.783011][T19191] do_filp_open+0x20b/0x470 [ 2399.783029][T19191] ? __pfx_do_filp_open+0x10/0x10 [ 2399.783065][T19191] ? alloc_fd+0x471/0x7d0 [ 2399.783087][T19191] do_sys_openat2+0x11b/0x1d0 [ 2399.783109][T19191] ? __pfx_do_sys_openat2+0x10/0x10 [ 2399.783138][T19191] __x64_sys_openat+0x174/0x210 [ 2399.783160][T19191] ? __pfx___x64_sys_openat+0x10/0x10 [ 2399.783189][T19191] do_syscall_64+0xcd/0x490 [ 2399.783209][T19191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2399.783224][T19191] RIP: 0033:0x7f83e1d8ebe9 [ 2399.783237][T19191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2399.783252][T19191] RSP: 002b:00007f83e2b1b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2399.783266][T19191] RAX: ffffffffffffffda RBX: 00007f83e1fb6090 RCX: 00007f83e1d8ebe9 [ 2399.783276][T19191] RDX: 000000000010b000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 2399.783286][T19191] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2399.783295][T19191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2399.783305][T19191] R13: 00007f83e1fb6128 R14: 00007f83e1fb6090 R15: 00007ffc533d8fc8 [ 2399.783324][T19191] [ 2401.081933][T19208] FAULT_INJECTION: forcing a failure. [ 2401.081933][T19208] name failslab, interval 1, probability 0, space 0, times 0 [ 2401.207394][T19208] CPU: 1 UID: 0 PID: 19208 Comm: syz.5.7655 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2401.207423][T19208] Tainted: [U]=USER [ 2401.207429][T19208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2401.207438][T19208] Call Trace: [ 2401.207444][T19208] [ 2401.207450][T19208] dump_stack_lvl+0x16c/0x1f0 [ 2401.207474][T19208] should_fail_ex+0x512/0x640 [ 2401.207497][T19208] ? __kvmalloc_node_noprof+0x124/0x620 [ 2401.207517][T19208] should_failslab+0xc2/0x120 [ 2401.207536][T19208] __kvmalloc_node_noprof+0x137/0x620 [ 2401.207552][T19208] ? lockdep_init_map_type+0x5c/0x280 [ 2401.207573][T19208] ? alloc_netdev_mqs+0xae5/0x1500 [ 2401.207595][T19208] ? alloc_netdev_mqs+0xae5/0x1500 [ 2401.207612][T19208] alloc_netdev_mqs+0xae5/0x1500 [ 2401.207634][T19208] ppp_ioctl+0x1761/0x2660 [ 2401.207656][T19208] ? find_held_lock+0x2b/0x80 [ 2401.207670][T19208] ? __pfx_ppp_ioctl+0x10/0x10 [ 2401.207692][T19208] ? __fget_files+0x20e/0x3c0 [ 2401.207711][T19208] ? __pfx_ppp_ioctl+0x10/0x10 [ 2401.207730][T19208] __x64_sys_ioctl+0x18e/0x210 [ 2401.207753][T19208] do_syscall_64+0xcd/0x490 [ 2401.207772][T19208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2401.207787][T19208] RIP: 0033:0x7f83e1d8ebe9 [ 2401.207799][T19208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2401.207814][T19208] RSP: 002b:00007f83dfff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2401.207829][T19208] RAX: ffffffffffffffda RBX: 00007f83e1fb6180 RCX: 00007f83e1d8ebe9 [ 2401.207838][T19208] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000004 [ 2401.207847][T19208] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2401.207857][T19208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2401.207865][T19208] R13: 00007f83e1fb6218 R14: 00007f83e1fb6180 R15: 00007ffc533d8fc8 [ 2401.207884][T19208] [ 2401.820560][T19251] ubi0: attaching mtd0 [ 2401.834082][T19251] ubi0: scanning is finished [ 2401.845300][T19251] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2401.984577][T19282] binder: 19255:19282 ioctl c00c620f 200000000180 returned -22 [ 2402.797486][T19251] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2404.269188][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 2404.282113][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 2404.670821][T19361] netlink: ct family unspecified [ 2404.992566][T19357] : Can't lookup blockdev [ 2405.309814][T19372] FAULT_INJECTION: forcing a failure. [ 2405.309814][T19372] name failslab, interval 1, probability 0, space 0, times 0 [ 2405.372748][T19372] CPU: 1 UID: 0 PID: 19372 Comm: syz.5.7665 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2405.372778][T19372] Tainted: [U]=USER [ 2405.372784][T19372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2405.372793][T19372] Call Trace: [ 2405.372799][T19372] [ 2405.372806][T19372] dump_stack_lvl+0x16c/0x1f0 [ 2405.372830][T19372] should_fail_ex+0x512/0x640 [ 2405.372852][T19372] ? __kmalloc_noprof+0xbf/0x510 [ 2405.372871][T19372] ? vhost_dev_set_owner+0x287/0xa50 [ 2405.372892][T19372] should_failslab+0xc2/0x120 [ 2405.372911][T19372] __kmalloc_noprof+0xd2/0x510 [ 2405.372932][T19372] vhost_dev_set_owner+0x287/0xa50 [ 2405.372959][T19372] vhost_dev_ioctl+0x2eb/0xe20 [ 2405.372980][T19372] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2405.373004][T19372] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 2405.373032][T19372] vhost_vsock_dev_ioctl+0x3a5/0xb30 [ 2405.373053][T19372] ? hook_file_ioctl_common+0x145/0x410 [ 2405.373072][T19372] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 2405.373094][T19372] ? __fget_files+0x20e/0x3c0 [ 2405.373113][T19372] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 2405.373134][T19372] __x64_sys_ioctl+0x18e/0x210 [ 2405.373158][T19372] do_syscall_64+0xcd/0x490 [ 2405.373178][T19372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2405.373193][T19372] RIP: 0033:0x7f83e1d8ebe9 [ 2405.373205][T19372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2405.373220][T19372] RSP: 002b:00007f83e2b3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2405.373234][T19372] RAX: ffffffffffffffda RBX: 00007f83e1fb5fa0 RCX: 00007f83e1d8ebe9 [ 2405.373244][T19372] RDX: 0000000000000003 RSI: 000000000000af01 RDI: 0000000000000003 [ 2405.373254][T19372] RBP: 00007f83e1e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 2405.373262][T19372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2405.373278][T19372] R13: 00007f83e1fb6038 R14: 00007f83e1fb5fa0 R15: 00007ffc533d8fc8 [ 2405.373298][T19372] [ 2406.416177][T19372] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7665'. [ 2406.912411][T19395] Invalid ELF header magic: != ELF [ 2407.645218][T19405] netlink: ct family unspecified [ 2408.604642][T19425] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7676'. [ 2408.863921][T19429] ptrace attach of "./syz-executor exec"[15503] was attempted by ""[19429] [ 2409.133686][T19425] team0: Port device team_slave_1 removed [ 2409.545611][T19451] FAULT_INJECTION: forcing a failure. [ 2409.545611][T19451] name failslab, interval 1, probability 0, space 0, times 0 [ 2409.639806][T19451] CPU: 1 UID: 0 PID: 19451 Comm: syz.1.7681 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2409.639835][T19451] Tainted: [U]=USER [ 2409.639840][T19451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2409.639850][T19451] Call Trace: [ 2409.639855][T19451] [ 2409.639862][T19451] dump_stack_lvl+0x16c/0x1f0 [ 2409.639886][T19451] should_fail_ex+0x512/0x640 [ 2409.639909][T19451] should_failslab+0xc2/0x120 [ 2409.639930][T19451] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2409.639944][T19451] ? __pfx_sctp_get_port_local+0x10/0x10 [ 2409.639961][T19451] ? sctp_bind_addr_match+0x193/0x300 [ 2409.639974][T19451] ? sctp_add_bind_addr+0xae/0x3f0 [ 2409.639990][T19451] sctp_add_bind_addr+0xae/0x3f0 [ 2409.640006][T19451] sctp_do_bind+0x2d6/0x700 [ 2409.640028][T19451] sctp_connect_new_asoc+0x5e7/0x770 [ 2409.640050][T19451] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 2409.640072][T19451] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2409.640097][T19451] __sctp_connect+0x3f3/0xc60 [ 2409.640119][T19451] ? do_raw_spin_lock+0x12c/0x2b0 [ 2409.640141][T19451] ? __pfx___sctp_connect+0x10/0x10 [ 2409.640162][T19451] ? __pfx_sctp_inet_connect+0x10/0x10 [ 2409.640182][T19451] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2409.640204][T19451] ? __pfx_sctp_inet_connect+0x10/0x10 [ 2409.640222][T19451] sctp_inet_connect+0x15f/0x200 [ 2409.640243][T19451] __sys_connect_file+0x141/0x1a0 [ 2409.640268][T19451] __sys_connect+0x13b/0x160 [ 2409.640298][T19451] ? __pfx___sys_connect+0x10/0x10 [ 2409.640326][T19451] ? __pfx_ksys_write+0x10/0x10 [ 2409.640347][T19451] __x64_sys_connect+0x72/0xb0 [ 2409.640362][T19451] ? lockdep_hardirqs_on+0x7c/0x110 [ 2409.640379][T19451] do_syscall_64+0xcd/0x490 [ 2409.640398][T19451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2409.640414][T19451] RIP: 0033:0x7ff5b318ebe9 [ 2409.640426][T19451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2409.640440][T19451] RSP: 002b:00007ff5b407f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2409.640456][T19451] RAX: ffffffffffffffda RBX: 00007ff5b33b5fa0 RCX: 00007ff5b318ebe9 [ 2409.640466][T19451] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 2409.640475][T19451] RBP: 00007ff5b407f090 R08: 0000000000000000 R09: 0000000000000000 [ 2409.640484][T19451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2409.640492][T19451] R13: 00007ff5b33b6038 R14: 00007ff5b33b5fa0 R15: 00007ffcb3a4a238 [ 2409.640511][T19451] [ 2413.390348][T19529] ubi0: attaching mtd0 [ 2413.476258][T19529] ubi0: scanning is finished [ 2413.564874][T19529] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 2414.060706][T19497] ptrace attach of "./syz-executor exec"[15503] was attempted by "./syz-executor exec"[19497] [ 2414.230518][T19529] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 2414.761244][T19544] ptp ptp0: delete virtual clock ptp3 [ 2414.836726][T19544] [ 2414.839072][T19544] ====================================================== [ 2414.846070][T19544] WARNING: possible circular locking dependency detected [ 2414.853161][T19544] 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 Tainted: G U [ 2414.861904][T19544] ------------------------------------------------------ [ 2414.868908][T19544] syz.0.7694/19544 is trying to acquire lock: [ 2414.874965][T19544] ffff8880793de130 (&clk->rwsem){++++}-{4:4}, at: posix_clock_unregister+0x4d/0xd0 [ 2414.884320][T19544] [ 2414.884320][T19544] but task is already holding lock: [ 2414.891698][T19544] ffff8880300f0870 (&ptp->n_vclocks_mux){+.+.}-{4:4}, at: n_vclocks_store+0xf1/0x6d0 [ 2414.901174][T19544] [ 2414.901174][T19544] which lock already depends on the new lock. [ 2414.901174][T19544] [ 2414.911739][T19544] [ 2414.911739][T19544] the existing dependency chain (in reverse order) is: [ 2414.920762][T19544] [ 2414.920762][T19544] -> #1 (&ptp->n_vclocks_mux){+.+.}-{4:4}: [ 2414.928946][T19544] __mutex_lock+0x193/0x10b0 [ 2414.934084][T19544] ptp_clock_adjtime+0x527/0x760 [ 2414.939576][T19544] pc_clock_adjtime+0x118/0x1e0 [ 2414.944947][T19544] __do_sys_clock_adjtime+0x175/0x290 [ 2414.950838][T19544] do_syscall_64+0xcd/0x490 [ 2414.955869][T19544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2414.962373][T19544] [ 2414.962373][T19544] -> #0 (&clk->rwsem){++++}-{4:4}: [ 2414.969867][T19544] __lock_acquire+0x12a6/0x1ce0 [ 2414.975261][T19544] lock_acquire+0x179/0x350 [ 2414.980377][T19544] down_write+0x92/0x200 [ 2414.985229][T19544] posix_clock_unregister+0x4d/0xd0 [ 2414.991068][T19544] ptp_clock_unregister+0x14f/0x250 [ 2414.996796][T19544] ptp_vclock_unregister+0x11a/0x160 [ 2415.002611][T19544] unregister_vclock+0x108/0x1a0 [ 2415.008420][T19544] device_for_each_child_reverse+0x133/0x1a0 [ 2415.015092][T19544] n_vclocks_store+0x4b6/0x6d0 [ 2415.020369][T19544] dev_attr_store+0x58/0x80 [ 2415.025653][T19544] sysfs_kf_write+0xef/0x150 [ 2415.031038][T19544] kernfs_fop_write_iter+0x351/0x510 [ 2415.036938][T19544] vfs_write+0x7d0/0x11d0 [ 2415.041981][T19544] ksys_write+0x12a/0x250 [ 2415.046923][T19544] do_syscall_64+0xcd/0x490 [ 2415.052484][T19544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2415.058911][T19544] [ 2415.058911][T19544] other info that might help us debug this: [ 2415.058911][T19544] [ 2415.069404][T19544] Possible unsafe locking scenario: [ 2415.069404][T19544] [ 2415.076974][T19544] CPU0 CPU1 [ 2415.082426][T19544] ---- ---- [ 2415.087784][T19544] lock(&ptp->n_vclocks_mux); [ 2415.092537][T19544] lock(&clk->rwsem); [ 2415.099205][T19544] lock(&ptp->n_vclocks_mux); [ 2415.107020][T19544] lock(&clk->rwsem); [ 2415.111100][T19544] [ 2415.111100][T19544] *** DEADLOCK *** [ 2415.111100][T19544] [ 2415.119320][T19544] 5 locks held by syz.0.7694/19544: [ 2415.124537][T19544] #0: ffff88804f9ebeb8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 2415.133781][T19544] #1: ffff8880250a8428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2415.142758][T19544] #2: ffff888043dad088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 2415.152533][T19544] #3: ffff88803003d698 (kn->active#125){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 2415.162628][T19544] #4: ffff8880300f0870 (&ptp->n_vclocks_mux){+.+.}-{4:4}, at: n_vclocks_store+0xf1/0x6d0 [ 2415.172589][T19544] [ 2415.172589][T19544] stack backtrace: [ 2415.178551][T19544] CPU: 1 UID: 0 PID: 19544 Comm: syz.0.7694 Tainted: G U 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 2415.178575][T19544] Tainted: [U]=USER [ 2415.178580][T19544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2415.178589][T19544] Call Trace: [ 2415.178598][T19544] [ 2415.178605][T19544] dump_stack_lvl+0x116/0x1f0 [ 2415.178627][T19544] print_circular_bug+0x275/0x350 [ 2415.178647][T19544] check_noncircular+0x14c/0x170 [ 2415.178667][T19544] __lock_acquire+0x12a6/0x1ce0 [ 2415.178688][T19544] lock_acquire+0x179/0x350 [ 2415.178705][T19544] ? posix_clock_unregister+0x4d/0xd0 [ 2415.178723][T19544] ? __pfx___might_resched+0x10/0x10 [ 2415.178738][T19544] ? cdev_default_release+0x35/0x50 [ 2415.178757][T19544] down_write+0x92/0x200 [ 2415.178775][T19544] ? posix_clock_unregister+0x4d/0xd0 [ 2415.178791][T19544] ? __pfx_down_write+0x10/0x10 [ 2415.178809][T19544] ? kobject_put+0x210/0x5a0 [ 2415.178829][T19544] posix_clock_unregister+0x4d/0xd0 [ 2415.178845][T19544] ptp_clock_unregister+0x14f/0x250 [ 2415.178860][T19544] ptp_vclock_unregister+0x11a/0x160 [ 2415.178876][T19544] unregister_vclock+0x108/0x1a0 [ 2415.178891][T19544] ? __pfx_unregister_vclock+0x10/0x10 [ 2415.178905][T19544] device_for_each_child_reverse+0x133/0x1a0 [ 2415.178924][T19544] ? __pfx_device_for_each_child_reverse+0x10/0x10 [ 2415.178940][T19544] ? __pfx_kstrtouint+0x10/0x10 [ 2415.178959][T19544] n_vclocks_store+0x4b6/0x6d0 [ 2415.178974][T19544] ? __pfx_n_vclocks_store+0x10/0x10 [ 2415.178989][T19544] ? find_held_lock+0x2b/0x80 [ 2415.179004][T19544] ? __pfx_n_vclocks_store+0x10/0x10 [ 2415.179018][T19544] dev_attr_store+0x58/0x80 [ 2415.179037][T19544] ? __pfx_dev_attr_store+0x10/0x10 [ 2415.179057][T19544] sysfs_kf_write+0xef/0x150 [ 2415.179073][T19544] kernfs_fop_write_iter+0x351/0x510 [ 2415.179086][T19544] ? __pfx_sysfs_kf_write+0x10/0x10 [ 2415.179102][T19544] vfs_write+0x7d0/0x11d0 [ 2415.179119][T19544] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 2415.179133][T19544] ? __pfx___mutex_lock+0x10/0x10 [ 2415.179154][T19544] ? __pfx_vfs_write+0x10/0x10 [ 2415.179175][T19544] ksys_write+0x12a/0x250 [ 2415.179191][T19544] ? __pfx_ksys_write+0x10/0x10 [ 2415.179209][T19544] do_syscall_64+0xcd/0x490 [ 2415.179227][T19544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2415.179242][T19544] RIP: 0033:0x7f4b4778ebe9 [ 2415.179256][T19544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2415.179270][T19544] RSP: 002b:00007f4b486a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2415.179284][T19544] RAX: ffffffffffffffda RBX: 00007f4b479b5fa0 RCX: 00007f4b4778ebe9 [ 2415.179294][T19544] RDX: 0000000000080001 RSI: 00002000000003c0 RDI: 0000000000000006 [ 2415.179303][T19544] RBP: 00007f4b47811e19 R08: 0000000000000000 R09: 0000000000000000 [ 2415.179312][T19544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2415.179321][T19544] R13: 00007f4b479b6038 R14: 00007f4b479b5fa0 R15: 00007ffcafb735a8 [ 2415.179335][T19544] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 2417.300211][T25157] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2417.362939][T25157] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2417.459263][T25157] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2417.554777][T19544] ptp ptp0: delete virtual clock ptp2 [ 2417.597651][T19544] ptp ptp0: delete virtual clock ptp1 [ 2417.625617][T19544] ptp ptp0: only physical clock in use now [ 2417.735340][T25157] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2417.943590][T25157] bridge_slave_1: left allmulticast mode [ 2417.949260][T25157] bridge_slave_1: left promiscuous mode [ 2417.991393][T25157] bridge0: port 2(bridge_slave_1) entered disabled state [ 2418.061543][T25157] bridge_slave_0: left allmulticast mode [ 2418.100891][T25157] bridge_slave_0: left promiscuous mode [ 2418.106671][T25157] bridge0: port 1(bridge_slave_0) entered disabled state [ 2418.267309][T25157] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2418.290705][T25157] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2418.310473][T25157] bond0 (unregistering): Released all slaves [ 2418.444979][T25157] hsr_slave_0: left promiscuous mode [ 2418.463072][T25157] hsr_slave_1: left promiscuous mode [ 2418.481724][T25157] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2418.508676][T25157] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2418.538657][T25157] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2418.546132][T25157] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2418.608103][T25157] veth1_macvtap: left promiscuous mode [ 2418.613891][T25157] veth0_macvtap: left promiscuous mode [ 2418.638035][T25157] veth1_vlan: left promiscuous mode [ 2418.643421][T25157] veth0_vlan: left promiscuous mode [ 2418.897287][T25157] team0 (unregistering): Port device team_slave_1 removed [ 2418.956973][T25157] team0 (unregistering): Port device team_slave_0 removed [ 2419.308017][T25157] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.369831][T25157] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.417803][T25157] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.458638][T25157] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.535932][T25157] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.587429][T25157] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.637077][T25157] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.677802][T25157] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2419.745239][T25157] bridge_slave_1: left allmulticast mode [ 2419.751765][T25157] bridge_slave_1: left promiscuous mode [ 2419.784548][T25157] bridge0: port 2(bridge_slave_1) entered disabled state [ 2419.795129][T25157] bridge_slave_0: left allmulticast mode [ 2419.800789][T25157] bridge_slave_0: left promiscuous mode [ 2419.822502][T25157] bridge0: port 1(bridge_slave_0) entered disabled state [ 2419.975160][T25157] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2419.998525][T25157] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2420.022620][T25157] bond0 (unregistering): Released all slaves [ 2420.078370][T25157] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2420.101666][T25157] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2420.122048][T25157] bond0 (unregistering): Released all slaves [ 2420.185772][T25157] tipc: Left network mode [ 2420.375625][T25157] hsr_slave_0: left promiscuous mode [ 2420.390133][T25157] hsr_slave_1: left promiscuous mode [ 2420.401140][T25157] hsr_slave_0: left promiscuous mode [ 2420.419114][T25157] hsr_slave_1: left promiscuous mode [ 2420.430010][T25157] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2420.437392][T25157] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2420.459719][T25157] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2420.478300][T25157] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2420.502280][T25157] veth1_macvtap: left promiscuous mode [ 2420.518313][T25157] veth0_macvtap: left promiscuous mode [ 2420.524665][T25157] veth1_vlan: left promiscuous mode [ 2420.547979][T25157] veth0_vlan: left promiscuous mode [ 2420.553858][T25157] veth1_macvtap: left promiscuous mode [ 2420.568078][T25157] veth0_macvtap: left promiscuous mode [ 2420.573648][T25157] veth1_vlan: left promiscuous mode [ 2420.588568][T25157] veth0_vlan: left promiscuous mode [ 2420.956513][T25157] team0 (unregistering): Port device team_slave_1 removed [ 2420.980515][T25157] team0 (unregistering): Port device team_slave_0 removed [ 2421.294625][T25157] team0 (unregistering): Port device team_slave_1 removed [ 2421.354242][T25157] team0 (unregistering): Port device team_slave_0 removed [ 2422.117910][T17937] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2422.164418][T17937] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2422.214682][T17937] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2422.263663][T17937] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2422.351325][T17937] bridge_slave_1: left allmulticast mode [ 2422.357054][T17937] bridge_slave_1: left promiscuous mode [ 2422.379327][T17937] bridge0: port 2(bridge_slave_1) entered disabled state [ 2422.399522][T17937] bridge_slave_0: left allmulticast mode [ 2422.405357][T17937] bridge_slave_0: left promiscuous mode [ 2422.419422][T17937] bridge0: port 1(bridge_slave_0) entered disabled state [ 2422.522025][T17937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2422.539302][T17937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2422.558266][T17937] bond0 (unregistering): Released all slaves [ 2422.733248][T17937] hsr_slave_0: left promiscuous mode [ 2422.747126][T17937] hsr_slave_1: left promiscuous mode [ 2422.757797][T17937] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2422.765283][T17937] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2422.798003][T17937] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2422.816181][T17937] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2422.828318][T17937] veth1_macvtap: left promiscuous mode [ 2422.834257][T17937] veth0_macvtap: left promiscuous mode [ 2422.855960][T17937] veth1_vlan: left promiscuous mode [ 2422.861367][T17937] veth0_vlan: left promiscuous mode [ 2423.155245][T17937] team0 (unregistering): Port device team_slave_0 removed