last executing test programs: 31.8804306s ago: executing program 1 (id=881): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) unshare$auto(0x40000080) socket(0x1e, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000006980)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000ffdbdf250300000038121c8084100580801000802400048008000200070000000c00030005000000000000000400050004000500040005004700010015498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f800040004800800048004000500041001001fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7ff07f9cf1e1eb23e07009"], 0x124c}, 0x1, 0x0, 0x0, 0x20000041}, 0x800) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/net\x00') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) timer_delete$auto(0x2) prctl$auto(0x3f, 0x7ff, 0x0, 0x5, 0x5) tgkill$auto(0x0, 0x1, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) statmount$auto(0x0, &(0x7f0000000180)={0x315, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x6, 0x3, 0x2, 0x9, 0x2, 0x4000006, 0x4, 0xb6, 0x80000000009, 0x6, 0x10003, 0xb, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84}, 0x1fe, 0xd) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf25030000000600070008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060006004000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 30.153111451s ago: executing program 1 (id=887): mmap$auto(0x0, 0x2020009, 0x200000000007, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) (async) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) (async) socket(0x1e, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0) ioctl$auto(r0, 0x900064b8, r0) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r1, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) (async) socket(0xa, 0x1, 0x100) (async) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) (async) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/lru_gen_full\x00', 0x161002, 0x0) pread64$auto(r2, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x5) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x5, 0x0, 0x0, 0xffffffffffffffff) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x5, 0x15f4da0a, 0x20000003, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3f, 0x9, 0x2, 0x6]}, 0x0) (async, rerun: 32) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) (rerun: 32) sendfile$auto(r4, r4, 0x0, 0x0) (async, rerun: 32) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) (async, rerun: 32) unshare$auto(0x40000080) (async) mmap$auto(0x8, 0x100000000, 0x40000000000df, 0x9b72, 0xffffffffffffffff, 0x8004) (async) mmap$auto(0x1, 0x400008, 0xdf, 0x10, 0x2, 0x88000) (async, rerun: 32) madvise$auto(0x0, 0xffffffffffff0004, 0x19) (async, rerun: 32) madvise$auto(0x0, 0x200007, 0x19) 28.997169879s ago: executing program 1 (id=892): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x7, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r1, &(0x7f0000000300)={0xbd, 0x2, "0200000000000000c32f1a88a7d2ac4f994d42b9ccb04eead5e03d771a33bb03d2d7de959b4fd3cea3ebd9c48b2687fb19852b1da5ab33a6ca4c2b285666489ad5391024feca142d2ce5d558ded9719dea51d787328f8ead177dce68174a0f5524b4ae35369f8a21404d65bd5f6de5969ae3ab017c1bfc19029e678420377d0f040a0177ed0345f589774ee5a94eaa7f61f9b3f5deed725ac61251cf2764951f92e1945bfc2f2a921c06506e166743fbd01a69d364e3a9b990ef201ef5"}, 0x9) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) rseq$auto(&(0x7f00000005c0)={0x7, 0x6, 0x9, 0xbff, 0xa896, 0xffffffff, "af18c8a1eea866e9840b50cd944973113586d3c13361bac7f306af96f7efff43128e2b8c922b8fb895af349b0e062b81eb9c283c708b70b3acce9ee9cb134a7d7b89f2ffb21780113116e8528cfb4e952a1b38f43f7f7b0488d02d3f54d5f95a2b518d94598435ff9e3cb359f175b4a79e5debbe3437a9ee705e85abac6b17f188af31073da2af00acf600fea4db39bb050ffdfdf770463b"}, 0x584, 0x4, 0x100) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x62, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x401, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x80000000000000a, 0x2, 0x0) memfd_secret$auto(0x0) close_range$auto(0x2, 0x8000, 0x0) unshare$auto(0x200) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') madvise$auto(0x0, 0x7fffffffffffffff, 0xa) setns(r4, 0x0) syz_clone(0x18e21480, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301001, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r5, 0x4048aecb, 0x0) 27.855725184s ago: executing program 1 (id=899): r0 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000003a40), 0x80100, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r3, 0x0, 0x20) ioctl$auto(r2, 0xe, r3) ioctl$auto_XFS_IOC_PATH_TO_HANDLE(r1, 0xc0385869, &(0x7f0000000280)={r0, &(0x7f0000000000)="0609c0e381b13476c98e2c495be3248780c889dac88e494b7ccdf4324198b4d5e8aa4d", 0x4, &(0x7f0000000040)="e3260a6518206313f30c3d16db820f1519cc93cc0ea19d48181cc9be3146295440ad80d8ac7919d8db62f334e020b6c1329cd40c26a625d8247602b0123ec393bbce8d63d487741c586d6a4674b3ff2afb5bbbc1e039ccdc2acc3cc12163a188c8b00ad2a80656bd99efa8025bc031270d18493ef76c0eb35283f8484ffb0e2b900be7ef68581d2c7b4ca454b1d5504c51d29b879c4592fa196852a3221ebbc2a6c297475be37a52bda92538d3899ee8a51ef27bb921ec3bcec5d95dfbae7cae9e7f31aa4330970a0256a41e4e6113557c0f04501badb82cfdf22de3d7b2dffe101775bf04dbbfe4c61ea8ae3b", 0x6, &(0x7f0000000140)="64a24623fc2e353d7dd99798f9a501a6e4dd02509b8c71fe3318eb02f199c1a973c2eabde24f9f8ada9035143edc89bc5e221075bb8a38c2873bbf63552820b5c02f7d9427ca2f85c4094a74774fcc9d0e33e096d67da479b4255f9c40b75cb45fe32fe1f1d5a607e9c650defaf9c8ce74216977b2e79efa8a8df5299a23dd8e7145d481d81cf46cd0042d2a4291ff1a522c68d4483c2f716297628b06b5ef28affef5171f7ed806fdbf1eecc8addb1dcd0eb08af6e29ea4fb3176f1962cb9560079648f94ae6b31ea69549011a9d5ccf0f98cf2a2e71f85356f2763b2a2", &(0x7f0000000240)=0x7ff}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = socket(0x1d, 0x2, 0x6) setsockopt$auto(r4, 0x6a, 0x2, 0x0, 0x3) ioctl$auto_RNDGETENTCNT(r0, 0x80045200, 0xfffffffffffffffe) 27.631578777s ago: executing program 1 (id=900): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x100) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/vivid.0/video4linux/vbi17/power/control\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000140)=""/235, 0xeb) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x1) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) read$auto_dvb_dvr_fops_dmxdev(r2, &(0x7f0000000240)=""/129, 0x81) (async) read$auto_dvb_dvr_fops_dmxdev(r2, &(0x7f0000000240)=""/129, 0x81) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) capset$auto(0x0, 0x0) r3 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x3, 0x8001}) sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x5, 0x0, 0x7, 0x1000}, 0x5}, 0x2, 0x100) msync$auto(0x8, 0x1800000000000fe, 0x7fffffff) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x40103d0b, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) process_vm_writev$auto(0x0, 0x0, 0x1007, 0x0, 0x7, 0x0) mmap$auto(0x4, 0x2020009, 0x2240, 0x3ff, r0, 0x73fd) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) (async) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) (async) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/conf/default/tag\x00', 0x163041, 0x0) (async) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/conf/default/tag\x00', 0x163041, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r5, 0x0, 0x0) (async) write$auto_proc_sys_file_operations_proc_sysctl(r5, 0x0, 0x0) 27.057384081s ago: executing program 1 (id=902): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x1, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) (async) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_FS_IOC_FIEMAP(r1, 0xc020660b, 0x9) (async) ioctl$auto_FS_IOC_FIEMAP(r1, 0xc020660b, 0x9) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) (async) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r2 = socket(0x10, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000b00)={0x14, r3, 0xf1b, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44040}, 0x8040) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto(0x6, 0x0, 0x100000001) recvmmsg$auto(r0, 0x0, 0xfffffe0c, 0x8e0, 0x0) (async) recvmmsg$auto(r0, 0x0, 0xfffffe0c, 0x8e0, 0x0) 11.825599945s ago: executing program 32 (id=902): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x1, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) (async) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_FS_IOC_FIEMAP(r1, 0xc020660b, 0x9) (async) ioctl$auto_FS_IOC_FIEMAP(r1, 0xc020660b, 0x9) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) (async) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r2 = socket(0x10, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000b00)={0x14, r3, 0xf1b, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44040}, 0x8040) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto(0x6, 0x0, 0x100000001) recvmmsg$auto(r0, 0x0, 0xfffffe0c, 0x8e0, 0x0) (async) recvmmsg$auto(r0, 0x0, 0xfffffe0c, 0x8e0, 0x0) 7.994144438s ago: executing program 2 (id=952): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x801, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/packet\x00', 0x2840, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001080)=""/244, 0xf4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x101a02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000001100)={{@raw=0x7f, 0x100110d, 0xfffd, 0x6, "e927783f468fa2e92feaec7a46cbb766439daa1ee12a0000000000040000660e07010000000c0000008000", @raw=0x9}, 0x6, 0x0, 0x0, @raw=0x404, @enumerated={0x55d3, 0x4, "bf154d70dcfcea02000000004222db1f207fdb681dc9b0bf2c6cff01000000000000a7aa16659cd5e4dc8374caf945548e604179f1f87c3bd8701d3d5c3d998c", 0xffffffffffffffff, 0x91e0}, "a4699d30a05e09e0d28401c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584db1592f6ab606c08cc7b860aa363e6de6e76803400"}) write$auto(0x3, 0x0, 0xfdef) r3 = openat$auto_fops_x64_ro_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy17/netdev:wlan1/stations/08:02:11:00:00:00/driver_buffered_tids\x00', 0x4001, 0x0) close_range$auto(r3, r0, 0x4) 7.74805913s ago: executing program 2 (id=954): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, 0x0, 0x6f3) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x80001e, 0x4, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 7.540992657s ago: executing program 3 (id=955): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x22, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x7, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r1, &(0x7f0000000300)={0xbd, 0x2, "0200000000000000c32f1a88a7d2ac4f994d42b9ccb04eead5e03d771a33bb03d2d7de959b4fd3cea3ebd9c48b2687fb19852b1da5ab33a6ca4c2b285666489ad5391024feca142d2ce5d558ded9719dea51d787328f8ead177dce68174a0f5524b4ae35369f8a21404d65bd5f6de5969ae3ab017c1bfc19029e678420377d0f040a0177ed0345f589774ee5a94eaa7f61f9b3f5deed725ac61251cf2764951f92e1945bfc2f2a921c06506e166743fbd01a69d364e3a9b990ef201ef5"}, 0x9) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) rseq$auto(&(0x7f00000005c0)={0x7, 0x6, 0x9, 0xfff, 0xa896, 0xffffffff, "af18c8a1eea866e9840b50cd944973113586d3c13361bac7f306af96f7efff43128e2b8c922b8fb895af349b0e062b81eb9c283c708b70b3acce9ee9cb134a7d7b89f2ffb21780113116e8528cfb4e952a1b38f43f7f7b0488d02d3f54d5f95a2b518d94598435ff9e3cb359f175b4a79e5debbe3437a9ee705e85abac6b17f188af31073da2af00acf600fea4db39bb050ffdfdf770463b"}, 0x584, 0x1, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x62, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x401, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x80000000000000a, 0x2, 0x0) memfd_secret$auto(0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301001, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000000)=0x200000000) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000022c0)='/sys/devices/system/memory/memory10/removable\x00', 0x8500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f00000000c0)=""/4096, 0x1000) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r4, 0x4048aecb, 0x0) 6.913261059s ago: executing program 0 (id=956): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) (async) ioctl$auto(0x3, 0x4020565a, 0x38) (async) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) (async) prctl$auto(0xffff8000, 0xfff, 0x0, 0x3, 0x7) (async) socket(0x1e, 0x1, 0x0) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x200181, 0x0) (async) socket(0x21, 0x3, 0x9) (async) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000dddbdf25020001000800030000000000080015"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0xfffffffffffffffa, 0x9}, 0x100007}, 0x3, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) sysfs$auto(0x2, 0x100001000000032, 0x0) (async) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0) madvise$auto(0xdd62, 0x100000000, 0x7fff) (async) utimes$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)={0x1, 0x8000}) (async) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/can/rcvlist_sff\x00', 0xc2000, 0x0) 6.089024423s ago: executing program 0 (id=957): setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000000)={{0x3, 0x3}, {0x8, 0x5}}, 0x0) unshare$auto(0x40000080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) ioctl$auto(0x3, 0x50434903, 0x1) setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000180)={{0x34c, 0x9}, {0xfffffffffffffffd}}, 0x0) setitimer$auto(0x5, &(0x7f0000000240)={{0xfea07d8, 0x9d}, {0xfffffffffffffffb, 0x9}}, &(0x7f0000000280)={{0x4, 0x200}, {0x2, 0x6}}) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000140), 0xffffffffffffffff) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f00000000c0)={0xffffffffffffffff, 0xf}) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, 0x0, 0x30004011) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r0, 0x80184132, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) unshare$auto(0x6) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) open(0x0, 0xeee00, 0x31) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) r2 = socket(0x23, 0x5, 0x0) listen$auto(r2, 0x5ed) connect$auto(r2, &(0x7f0000000480)=@rc={0x1f, @any, 0x1}, 0x53) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x102, 0x4, 0x1, 0x20fd, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) close_range$auto(0x2, 0x8, 0x0) openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/format\x00', 0x10000, 0x0) openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/make-it-fail\x00', 0x201, 0x0) 6.088686152s ago: executing program 2 (id=958): r0 = socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000004, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r3, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28230200000061603ac440a120d03388ef04c42acce7189bbb1172dbf6b482079d9cd452368e3caa1ded8c215d9625c0c6d4c04df9b12aad1cace277c0d657000941930053ed72512786ddc8d7588eca025b3cbba322182aea3524", @ANYRES16=r4, @ANYBLOB="01002bbd7008fcdbdf250600000014000180090002006e6673640000000004000100"], 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000280), 0xffffffffffffffff) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x3, 0x0, 0x3, 0x8000000000000011, r5, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r0) r6 = socket(0x1f, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xd551) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[], 0x1ac}}, 0x4048861) recvmmsg$auto(r6, &(0x7f0000000180)={{0x0, 0xf240, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x50}, 0x80000}, 0x10c, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24044845}, 0x10) 5.39332651s ago: executing program 3 (id=959): ioctl$auto_XFS_IOC_COMMIT_RANGE(0xffffffffffffffff, 0x40585883, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x300000000000, 0x5, 0x7, 0x9, [0xff, 0x6, 0x4, 0x5, 0xfffffffffffffffa, 0x7]}) mmap$auto(0x2, 0x4a, 0xd, 0x17, r0, 0xffff) mmap$auto(0x7, 0xfffffffffffffff8, 0x7f, 0x1b35, r0, 0x3) setsockopt$auto_SO_DOMAIN(r0, 0x4, 0x27, &(0x7f0000000080)='\x00', 0xfffffffa) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000640)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000140)={0x48c, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_BEACON_TAIL={0x37e, 0xf, "3a94793b093061f50fcd08501c9cfd70afe09f338c95bd675479d7755580a5e6306d9e0a1ecb5db26f566d21234d138e6571e44475f82573cc93e0e72d8a3c62ceb565c24de78296645dc3ee2e29ca5dcd06dc64f421ed1f3378ba9f309dda9825fd0c11002ba640c7353035ef7f9823b07efac9857b3d4b4d24f6d5248f844ec2fb95ac5ff9dee29051c18ed258725e6b0f9c7d6dd992bb98e10a3f7021de62aac1831101dc25e2e68587050eae388720534a67a4cacfb8dd86248e1f425a26ae53888e6f34ac9fd213abe32305478d43f355a14116d0663ad85176cc5cd435c7bae12df469a3e2630454a371bace350f8420b2c97a24cafd523f7d90d7253f0b8a5552c4417070fc8fa6f7098322f1e778d495d6019cf7d61c832d79146bde94f1665e0f4916569ae7762d1d4b750f95ab07dbbd67ea5d6d27a4657fca8dba6053ed3ce587d86282dcddb94010b627d3e95714d4c90afe79dfc0bef6402abce27f0dd44f4cf913a5c431c3e3cb6a840e31b8c7133307838b6229e764cae148b923aea67c01d22f86a5d5bdd0f780635215adacca0d3af427331928cf008544720966a1c4a2b3751aedf56c13e79076f74ae73abd86ffd1c1b1dc3b43ada0646fd695fe74cb0128d4b548df49b1e028956ad015f161a4646ed25c9474c712f6b82c9fb72186ebb3c66efecdf57b3b2dfa55f9932dbd045070544592fd1dfd40640da4b82672bc94692ca0b4aaf14161cb273eac99f937312199e152e79e2374fa7282ceaa6afde8116099eca32fa11ed78d64d90b89eaa40f508a92d12b37e14800efb5fdf4ef824085edcbe5bb797b6cc255cdef6b97d803c4f960961ad8f0bb4d24614435bf19cc812fdd5bf3b1d99c82b399690db44d8c7c3a874488b29af2ad3bd79370e677daf9844d34785847b99e68239ea1759fc3668d02470d594f19b8d7fb934ca39f51eb2148519a5e534b4f6e5ac3b1c2e7eed48c260aee7fb674045ce76663c7c706f2e6cbbbdbd051e26a9f1a7ab1174f4cca8a6c6eceffa3232b162f0ecf4435b52f602eece6257d0654a90d90b3428495d0ae6eefd4dde6ef7d67fb6f529febd6f859534136a41d94af754882f62a991b8ebbbff70517efb453b6aee045990945cd7c05582f2c67674f14c3e57bd038c063d76549786469d9b9bb5842ae6b4ea964f3fc4da060476569b3b93022bfedd580037ea20bfb8506c2141a0e5fdc9368aabb02e3b80bbf6990e3fb62e12d95354f"}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x3}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0x53, 0x129, "3503aa57d3ba974746f988f93e7ece549e7e5e0417c232b99ba7db4eab7703f77ca01fcd13fe342d3871ccacc59e4b1c7e11a917897b5640d35823bda7bcc567ac209870f274738ee82ccb6f1b6ee7"}, @NL80211_ATTR_PMKID={0x9a, 0x55, "9d238a7490111c1c4de19df521875b64ef3252b9d1d8e03c49c46b68cf57302e722b98876df66eb044295c728b3dc256804bd531d6b824826f23619db2349d00e19a14f32aaee914841efe4f636d0570d82dad5a8468a71085aa07dca161f1cc6a25e4930707354ad12e97a7be30cce084a55fbed34ce81547ffdca2eef6f11a4ae1c5540a21da2becb629197534ad6fe46cc6ad456e"}]}, 0x48c}, 0x1, 0x0, 0x0, 0x4020}, 0x20044040) close_range$auto(r0, r0, 0x9) sendmsg$auto_NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x18, r1, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x40080) ioctl$auto_BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000780)="3c24035fdf01e5c14dae7d0fc3efe5dd28ddb4b0bd91eca4048224cf69bd3e4b0a91cd6c2de0e815578a18a9cb8dc576e8f5c7b920722b1730feb247b0d636bfd98dbd1e8849362a54837ef078d1327d7f9345289b2bd46bc9d9cfdcd3707b51d971b47777") read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000800)=""/242, 0xf2) pkey_mprotect$auto(0x6, 0x2, 0x8, 0x7) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000940), r0) shmctl$auto_SHM_LOCK(0x41d1, 0xb, &(0x7f0000000a80)={{0x1, 0xffffffffffffffff, 0xee00, 0x40, 0x430b2243, 0x7, 0x1}, 0x2, 0x7fffffff, 0x5c8, 0x401, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000980)="0d1977402d3c53f7b57d7df77b78317abc5729482acf140ec42dc4da2e30aff7e66ef7d18c5d9b0c326896a4ac77c18b4dfb5a3cf83420e9666031e38a31f47195c06d0f88adf3ff87b0216a", &(0x7f0000000a00)="cb67f19ce9ed3cdc810ea4038228f9ce1078184fea5d5b591e487e19d05fb213de63e335a5a7edbef7971325013f4137c1e49a231b87ae6ff24de49d47c1cb5bc6e66ee439ceb4d8b554c1f24abbbf19b22f7ad8463d759717be1aed78d0796f324adbadf894276811700e29b2970e6a6bf77254401f6e68ef134222c5"}) r4 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r0, 0x8004b709, &(0x7f0000000b00)=0x2) r5 = getpgid$auto(0x0) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, &(0x7f0000001900)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000018c0)={&(0x7f0000000b40)={0xd54, r2, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x3a, 0x6, 0x0, 0x1, [@generic="988aa1cd3485ca3efcbe638d881f9ab71bcdd893bbe31be451024afcefdfa9ad1bd68fdd09ed4fbb164462900b832996d5b8b17778e3"]}, @TIPC_NLA_SOCK={0x1c0, 0x2, 0x0, 0x1, [@nested={0x1b1, 0x67, 0x0, 0x1, [@generic="cbde8020f7a249d50c2eab3f548e3d7a9690ec565fc41d42deae568340abb294d1f5a98085032b5f28c1896945244f37cd9eea77bcd73d920a79fd672701a2a12522cd98cf0bb36f76e5dad737c96fa4bb24651feca5fcd98c6f9c5f5b2ecf148d9c5ba70e91af61757dc9c98c503533cc06c23522b152f0c03bc023308f6dfec1038a70992facc6db13e9c74fa51883a1ec949c6b9449512b5e17d08809994219c2d35ba023b36628ee54d53525daa503e0352ea5820c04d49eb42d772d9a1abff8b2029c5d7cf91537cd3f48d29a150a709dba91b0769e679994bebbce84d5", @generic="a50c6cd61bcb60d6354cc48b79d1bb81c489d03e1fcaba940201ae1b19ea9bf9dd43dfebbe95bc4d10bca39d3173b0885350d48e95a230a24bffea09c0843270348c0e4b0b70dfbd300f8af072260f952571facde5a278c845de45d93723bc8e65d48fe81f16c1909b151606aedd7a158f1ec1987dcb8136bebddfa56748ca89a143ef05dcda7130e90ed83d920472798384c2416df36222cd4cb11f9ef10a51cdc6f01d80d1a95117", @typed={0x8, 0x44, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x3f}}, @typed={0x8, 0x1, 0x0, 0x0, @fd=r0}, @typed={0x8, 0x107, 0x0, 0x0, @pid}, @typed={0xc, 0x14f, 0x0, 0x0, @str='nl80211\x00'}]}, @typed={0x8, 0x3a, 0x0, 0x0, @uid=r3}]}, @TIPC_NLA_NODE={0xd7, 0x6, 0x0, 0x1, [@generic="811e3482f4d18048088c466bc2e6995bccaca0ec382cc36c8ec2770632d80c2a019c57765bc1e17cb9486390fa224e7c41260798ba558fc00211989249fbae01dcc8f49c48b20f7a3328d77014e324ad58edafeb59977c416b9a849f6a8214b1ebe0c0fd39d54ec3c07557bcdf6e6869adf7b16ca2c2486104fb8632931f1dd265f95496c4e3f8c2aaadcbd30ca9cb42569d8d2399e98a69268f1efec7d871e83d0916969ce1e9d19b42889dee7277603b871802dcb17121cfbcd7b61ffa28f37710250b3b23ee2912978e832ad906a67b44df"]}, @TIPC_NLA_SOCK={0x1d8, 0x2, 0x0, 0x1, [@typed={0x8, 0x116, 0x0, 0x0, @pid=r4}, @generic="fd6c67546aaebbdef98d715836efe2d56db6943c744f4673da19b8db83cf6cb25008b8786a0b859c7fa10673a328f90104b5b3daa8dd860a620808caf6304a37b74e0e248f956deba037ae090b871dcb8301d694eed84a295ae8276863436f26832cc5586d1373d14a11a5e186dd6c1f5cc3ed0fdaf10093c4d4e94af7d4c8a27b427c61b5a3239a2ae6a6252d78946f1d73c65fd0731588e2764c113c14727f02d613fedcbed90683626851ca9881509486f08a25737e1ba6a0bb4314a2741e", @generic="95239260c69bb9fb8d0ea6e2b68f2ae73eccee277a2732903ab8ef551aaf817bc0075a154b7fc6076cea758949af62106c2be2378997f0636cc4b5076d2ef16f6311646ae8609b013c85b97b70e418f415c45dfb9f7c404f3db4fcd651baa684491529a3076525d477f436ffe78a96452e1082c99f89f7727fe3d573d4aefd4ada42b94e9534159f16356227bd8cf86d7d8c7fa9af0e657044ce32efd2b0aaf5f4cbc159695edcdcf8e9ab4cfc6cefeeabf2c8e02071374ad1a4f26c2e9762f5c51c04f39c", @generic="aa2c748e11050b3d9fb031e44aa2c2a0fbb4ed7ba608b0bcc20ed150dd7d7fbeff21b6479b5773ebf6228916c7b66fbb", @generic="041cd534f1739ed75f5edc", @typed={0xc, 0x49, 0x0, 0x0, @u64=0x4}]}, @TIPC_NLA_PUBL={0xc5, 0x3, 0x0, 0x1, [@generic="bd075c9f5320cfbdf673327a9a02e6828e248b4ab1b2d8a260f1f6539c1868ad2ae8de1320419f2e8c4456955149f6cbe0e1db719ff2016378b2aea68838489a38ef3eb7d40cc5877b732bdd0f6ddf3dd15d4fbba5e7e7d8403a872595779a9c68091d1b00e8a343a849236dcdbf9c2450b7ad17f4e7562f6298ad0b222529f34dd82b475da23d80bea633b1085c8845e76a431135348216b760c8565e9d05256759b777655fc178aaedfa9ef370e44a3d9da3a30f55a4f30626db76ab45601430"]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_NET={0x2ff, 0x7, 0x0, 0x1, [@typed={0xc, 0x53, 0x0, 0x0, @u64=0xce}, @generic="580a965a61d95b5041dc3a2b60dfc243cb649e6a2433c5eed1655a7ade2cf2b532d722276a3e1f2d88376adec75203218e7a712836971bcf3287a5fa9cd9f9816ae36550341540f42a8a77a4319f5838505c5c2fc6e15b71a0e6cab4e9e7bb6103743b383babfdf08659915d18622fd804dd6532fc3e55c2346281f8beef5afdd8b8640624aeee442ab0106f45d9aa0993eb55a498d806b06dff2adafbb10c88611c18005583586be751297b073e1d09113526e7dae38dbe72a30902c2020c8efc93e7199b5a578dac96c7", @generic="4a5477dc8017ee5733f78dc26d73a26e2f247f57f138436a44093b890334373ece91bc4dddce2ceaf3949ade72a469a89dd30f", @generic="5986a39cd1cd8f8d4abab6c8bd21ebb6cc98232df5344969c2c3d5875fd0583b565f63701b45f36b7fe96a916564bc6dc92cde1be176b210e6780ec52f5fca4fa5b5561af1e9cf40510fc4f0a4f3f92d07a3d03fc2368e94796591cbd627bcbb0b6abbed037849b42a3d63ef6090b494b04307bbc5f603709ada203735a4318501ba34c8f4affd84de417d7f89226917dfc60edf3b7e4c29d7f30393e7a70c9644c6654a06025174d1c792ed63d3bc0a01b8fb0a1a8eda61c3a1760c47c90a33ac", @nested={0x72, 0xfb, 0x0, 0x1, [@generic="deb838ce01739a9114d22c3ed7859c547192dd69ba31007d1bfa902d0fc7bee6d1974bd98f72cddcb746ac295d2b8ba6bc04ab800cada99ac84be6ce2caf90081721a129446f3e0364282c2c9270220f7f35864b78444210279328ba4d0c00722b03dfaee049658a4b92", @nested={0x4, 0x7a}]}, @generic="2fb1b8c5bcb95f885a7516499e785d82c69b076edb1dfb3b4e5a0662f3121cfd61ef733ba95c307592e0eed1588c525df227e11df295c682b71ed2cf7190f32fd5cbc29efbaeb1a6cc671d1d8966509aa9995ed8c3e762ee739e2c1fba3969b3227dc92f2c53f043d6d2789f370631d1b73a5b8c2995629f0bf7b6fea98263abecf3c4f37a7beaacfb0671012393636b4871663cfdac2342bf5d7cefb8c54125417217828f3040c7377542c0e16d7c46d58cdf1b", @nested={0x8, 0x32, 0x0, 0x1, [@nested={0x4, 0xee}]}]}, @TIPC_NLA_PUBL={0x460, 0x3, 0x0, 0x1, [@generic="d1393d8c9bfe3b3c839bfcea9a2b651560ddc49aec004c74a2ab3ccfd39506ca287d3180ca1c3b22182453a1134fc628779a25d685a452ae2be2af92681158995a5698cc265449b3fbb9e66f45ed101056be36983ee6f11af22990e846666624b348c3082d88b0e840524174d246c972114baf58f982f0814bb1ea5206a540bc43d1632b0e7cf6721d73377b4f1fdbfaa923c867db5c1b7a41fd5f7d6ff8479be25afb027bacfee2", @generic="3a7e7a86e278bf7c89251634bb3bbeba6f78671b86cde42aaf1f1b32fcc1a5c9184260ef26b3e4bc86cf8d5a9e238bcff3438e4f19661b1676d74c5d7b3ba80ae870cebba6537109b3f3bff5995a58f2f84309418654dd887b65e61697e6c299566bf04930a8a5a41b44d4cd3db01e2d11bdc66a3d9bfd31362cc96a06a6a32857c963c31591e763021716f5ca", @nested={0x280, 0x95, 0x0, 0x1, [@generic="30255e5cd47c77dd4edf8548ea5eb0eec87d8e233abc4b97721aa28078ceb6cec4316a5f343ab77b6f20b430b3bbee0c0d369132a6dc8d06c38095062a8375dc7bc3df9b433b89063656f881008bc3b369f10cbbbbeb95fd16bbe2688440c3a229b621dd350f7b7ad1e7bad78bb72c780e8dedb395c0e09871a267ff6a54420cdd34068bac4ead9e4d32de24c993dc55ec834f1a4b0c1ab2ebfa4dfe76cb1f74432b87bedec439a6650b1849926f06baae1ed61b73ae3bb9280917337d066c53feb7ab9803da56a42ffc057ace58732861ed87990a55fdc1b462", @generic="51c75e04314a2c68e36f37ff3982bf2a2d71fd633eadc68711a59e9eefa231e10767edafb752b2749b30eaaa73df9f889f1dc5c6b688f7c8f0ba492bf7b0be8576faae2a04002a1f255776fd877a804512bab71a39d4159c040d4d823a49316134850b47304fb68548f0dcccecf82f2b01091a2e2aeec24ad5a39a5fcfb14e1accb117fd1cecc5a22b31820d2611a19f1d7eaa9443a94b6d1e56e1e0f59a039b94e5b429f6", @generic="09932661e4b3b3aec24ec5fc5e80b776ff5553df0a76af88f4a2584c5ea0c352c65c398de5a370c7dea77b90bd6d841d5b3332ed01ee734495ebb3b8915a0aa8ad2db63f0a81d6af062c8287baf36a537253bec0b6c9eaa47d788e5a5eaf2d6322975db1db1594292c2154b8a255d5fc5c27fd86189f9dd5a005bd5bdf7955d16f8174594543133b95fa26e24912aaa46cdf392c31c8bd28040504db5e9c4a911e5caa935c9f5563a1bbcf7c67b51e5731e21de13a2278b17b3f832120df783ef4cd701098cc3095644b9b0112c536b78f30b055f040fa700cdc3a3f8c86c33fc2b3f279e4179badcbbb79948b3f2782edc3a39cb0", @nested={0x4, 0x8d}, @nested={0x4, 0x7d}]}, @generic="f6eade37249fc989dcf9c3f3ff068baad78b763a4ba80b49581a5baee7c372f5704e28b18b80d032b29ba29499d50519a8d97a2b700df941a645f0cb88469f59a60aec2bf1120ab78e459fb80111a1f09edb937e81d36411aa78fa397dd58258ffda8b6048a164803f60339936028c089e61310ddc5ab3dc31faec030d29aa7d7078c01aa7e8f8de8de11585fb110f3632ab96159b2d66f263f7a7a08ee0100c43c945a72affbf"]}, @TIPC_NLA_LINK={0x14, 0x4, 0x0, 0x1, [@typed={0x8, 0x4a, 0x0, 0x0, @u32=0x1}, @typed={0x8, 0x7f, 0x0, 0x0, @u32=0x5}]}, @TIPC_NLA_SOCK={0x53, 0x2, 0x0, 0x1, [@typed={0x8, 0x30, 0x0, 0x0, @ipv4=@empty}, @typed={0x8, 0xa2, 0x0, 0x0, @pid=r5}, @generic="e292721c004cc688824395e8223b70aebd0d5fdc429f2515e0403ecdf3789e44999799655b5b26a643ec62a527361ebc87df6ad1990612ee452f351514dbfd"]}]}, 0xd54}, 0x1, 0x0, 0x0, 0x200500d0}, 0x4044002) r6 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000001940)='/proc/thread-self/oom_adj\x00', 0x424001, 0x0) getpgid(r5) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000001980), r0) madvise$auto(0x4, 0xff, 0x4) set_mempolicy$auto(0x8, &(0x7f00000019c0)=0x7f, 0x1657) fremovexattr$auto(r0, &(0x7f0000001a00)='/proc/thread-self/oom_adj\x00') write$auto_mousedev_fops_mousedev(r0, &(0x7f0000001a40)='B1#3C', 0x5) madvise$auto(0x100000000000, 0x0, 0x7f) r7 = prctl$auto(0x42, 0x6, r4, 0x8, 0x1) pipe2$auto(&(0x7f0000001a80)=r6, 0x5) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(r0, &(0x7f0000001b80)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001b00)={0x3c, r1, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_CENTER_FREQ1_OFFSET={0x8, 0x123, 0x2}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x7}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0xc1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x7f}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x984}]}, 0x3c}, 0x1, 0x0, 0x0, 0x274108dd41b8d51f}, 0x0) ioctl$auto_PPPIOCSPASS(r7, 0x40107447, &(0x7f0000001c00)={0x6, &(0x7f0000001bc0)={0x100, 0xa4, 0x68}}) ioctl$auto(0xffffffffffffffff, 0x1, r7) ioctl$auto_PPPIOCATTACH(r0, 0x4004743d, &(0x7f0000001c40)) 5.338405978s ago: executing program 3 (id=960): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) semctl$auto_GETPID(0x0, 0x4, 0xb, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="13000000", @ANYRES16=0x0, @ANYBLOB="2586f2bd7000fedbdf2504000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) clock_getres$auto(0x10, &(0x7f0000000080)={0x5, 0x200}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x4) socket(0xa, 0x801, 0x84) lsm_list_modules$auto(0x0, 0x0, 0xf710) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002dbd70fcdbdf257e00b0412942fde153939ed57d52a5b3a0e240455c6fe4916cd4bfa9385208ca4f1b875e258c7317ff0ce360094d5b41c1d63869573f2533b5260e96c0305ffc10c7a6cad00a47b851abc481628028e0a0692e55d6d3323a70c581ff095c19114e11097732c6556bc99b4506580a63acb4b041bface0cb28ae140b34198777d6139a93bfaf13a839e23bb07fb1e538c3a83209dfa884887c453fc4ffae8c0abebc67413aaabf"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) write$auto(0x3, 0x0, 0x80000003) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x101082, 0x0) ioctl$auto(r4, 0xc0045543, 0xffffffffffffffff) socket(0x10, 0x2, 0xc) 4.547855896s ago: executing program 3 (id=961): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) write$auto(0x3, 0x0, 0xfdef) (async) write$auto(0x3, 0x0, 0xfdef) sched_rr_get_interval$auto(0x0, 0x0) madvise$auto(0x5, 0x3, 0x9) poll$auto(0x0, 0x4, 0x100000) mmap$auto(0x4, 0x8000000000000001, 0x2, 0x96b1, 0xfffffffffffffffa, 0xffff) (async) mmap$auto(0x4, 0x8000000000000001, 0x2, 0x96b1, 0xfffffffffffffffa, 0xffff) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r2 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x100}, 0x9, 0x0, 0x0, 0xb}, 0x2}, 0x5, 0x311) setsockopt$auto(r1, 0x4c, 0x1, 0x0, 0x10008) (async) setsockopt$auto(r1, 0x4c, 0x1, 0x0, 0x10008) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) (async) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) (async) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x630001, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x630001, 0x0) r3 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r3, 0x29, 0xce, 0x0, 0x0) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x80101, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000004440)) 3.515912965s ago: executing program 0 (id=962): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4008ae8a, 0x0) madvise$auto(0x0, 0x20200, 0x15) ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f0000001240)="9ab50f4ecf847be05f351e6488b61b974daa95047bb74b315eed6dca52dbdae0242fcfb571a66c97616937dd93b97753a5af8eadde84d075a946b81cdc6c72bd40aad677442d78a9994343e93dbf7822b41297f10050e625de61812235419b61ca6e1cf512102bf572750799aa3964739a05ea21d618836df2cf96ebcc6d292f0545e1eb5e66f83ca5b02974f6e1cd2acedee5d3b4ffdafe41befaaf1e517f633ea0e3d67782d4189bdf2c6a65f72859659a9ab103b7813b1630bb6f2fb4863586abb50472130ea12c4b4aba1e6bc7bac83382aa3bba6fc507788cd0b19beec49ae5b89b5a91aa0048f0d058daad9b1f0a396c35595d66e0ca73bd85830896d61370d97956eed87e06c4199bb2afa4338793b007e67835158c000971ca880dc7ee66113cf14495b0f4339cef5ac32c775d7db142f0a63d7fe953177f2ef74fbe6791a0dbbeddb2060899962e8a45a9fa8f07c39e260873330d84b00875d18b79e1c773918de40b9d457e92aa8cb305e4d88c10e8e27e7452362269216617b6688155473a8ce9850ba6627d1dc13f6b12679cb1a2c292ec5f4179b5f3b3375ad86b07e9d0ce7b00aa9ed5ca064645dc63be31d980f23257e30f76da5b7c7b9288b1f9201526113dc5a1bb6868da8c4097911a19863753cab06714d88848a93cfb183d2fc04ef62292aca7030578e9deb86077d38502dffc31e5eba12846f302793061d70cd92f6e8dcea38a4d51e9d96e20e49b70fab676aa1e69ce4ad9350001eaa3dd7f9af5aedf664876fe6fdac17799b2046f62fe5052ed5f3408fe2f1c716e9e9a1f5ba039a39db432c6dab2ec3a720a0415baca171e6e611c14bb511444af9e559223a1e9d2692ce839be9168d82477cbef48d915698ab249e58667942914a841828f4e15d5bb6d00fddbdd6b5b170f0326be5d5e2f515e7e5a8933fcacbd3d14f5d03a3b85a28462f3b22c5a0fea03f8ea21b5a0de0b1ff8ff47e2a6a7d2da26ec901d27ca5816108494e1ee2d8e9c1af62daa7e2f9437a735d504bb46dd720578ed308f70609188ce6a15d30bd9fe10e4c028f46450a7572256f84d1d59444e4a08d6f79811115506206e4d6714cb12dac45a6a85be8913ba01d71e5f19d6e90d830958a3f56923edb5a0efc8346d4d193a0abbb658f219279a5d9f5c5d524e5f000cfe9943beb70eb5994e26aadbd3f47dc18003165b39b5cf718900ab4b845a0493481ee388fccfc460859bd85fa63c0b58b775d3729db3c1cc58573e36b3bd33dd890a9d26a2a3a8b2def1a7c6eb3129cdceff29d3ec2ff52b9bd2ecb7ebc103706366c9e88c089f332d8bb380dc3afe436e490a538cd8c43ea63bd65e9486ce2c52e55d9eca84b24cc77f33e2c3096a04705dedc238779c4a497082d6d6a7dfb3b5259112546874411622e28e15c70ad98fd1e916843b06c4ee3f13c3cfdf5fc0d393391bad9d68335c0b4e32c4407c60ba070eeb6dd282b2f7ff6134e039eb011f0b4026f2ed46426fb07a335c21614dbabfb7cef26b96f29b0805642e9b0f5d9c675d5cf89111791600d330d8503efd3ee384e5e7fe02b8137f8881e8ac23eb4f4fa6a1a88a9fa8dfa9e446bb7f117a3d6687b2d2d505c461703eb5df4032b9371ebe49710c8e8244f10943a516bb84307769d12ea0d2c5244d8f41e646d162706cb35b9ac6e2e1650eddf1cca58c1a8fd2c8e6fc485ab478dd2a0913ffdce715d775f38c4b692d16cab3a24edc5fe496dc98a68451eb4776db277465525780d92bcaeebf145408a6607f86fc94043ee30683106cde9c71edd460f783e602465f32554c09376860d3d9420badf095ff9fdfb3311af5800eda2ee5741e555ea42b121d1f7001b471df869b7b2b0de36a31b443e75bc8f101884c227fab4951f0bd1b503f9d5c816afe75061648eec404c1ed0eb57e4f8a5e966f45227be127369550f5daec076d5020274a9a5bac078e700dd9b95ba961be08f97fcd543f88691e32d0aa9f8776f58c96de8cce194aee6f9010d7710b692ddfa24457a3a623b91d743521dfe43a21ecce2863356308526687c7ed1169386be11059614cd138d439725ac4b5c0a9e04f503dd1461e57935de94a12a64d18c1845500665f81bae9ef33033a4a2d04ca381da212a68e1f267f03ffb71db53ff0da93176b47ff0568a5acee10190c12c9fda1543c318229708f6985e224ce750e9ca937d6927c1de7e5fd7e7db6cd42478e0d11a97e8959ce0118d556960d4cfde1625c72220ac1988fc3c69850d00a08246bda3846b623e0c1a731d47ba3216fa91139d5f5a8af9897fb08bc53e682e669e4a20962f841e13da43b62ad6eba654f815c2ad347ae279ab134cca6a1ebd06e822cdceeb58d4329d501c216357a12fd92fa0c27de77e756cdec09698284802eb2d21ca7e1a3619da2591c1fe29d4da0744f1110594f57a20c286f78b1111814c55715e05e4c753bc0242c9abb850b508e061c1179d88fb11b33bb1f34d05cb38e99a57d1a06ea61590431db1cf22817c85f885978f08f92335e997eff96a5feb784e410d41a953a6d92eb5973c08aa728ab673c0e693f47055c112d8efc8bd84f4c85b2f160b4c47da302cfa214b822b68276fbd50933facc06956aea16f35e61e859072749a49f13d33376ec41f7dc85625e1e48fc821317f43b0be304f448eb1de7c68ba84e774a2d22b1d3f55c144f59c15fc19c6df45ac3ac6461df9aebebfc8738b7b2e0dbdd99909498a3741d9101d82540a64b5e7a149e1f98a0788704a843faece338d465826b58f3e11aef73d44efdce1739b1927c45248d32be74ea0fabbe17e7c0657cc68419d96f19119493ab5569c86aa80b6bc4b410b011a12e1ad5365c674720c2f2a4c78962affef7e63c4ca0d4235f977ae416153edef6402b95ec61cb561759217002b66a78b65819d1b649a85308943148ac025410dbe4f9f18694a1c7289118035f454f81e1d9b6ab076ddb50e8c7b8ed2fd36d4dd6c5c928041afc8936fa83244aa9dbf08676cc30580d8fee518e24ed4089b63f9930c194e048b88cec98f9190a81f1a09e80c2af63e4738d4bf6c8e4eff41a846a25f8d74ab88f9d85c9b059bab15fc1fc485e1f92fa4f41a3a275e9609ea0c7dff7c9488f482067f38f4e8f424007498ac1da9eeba9857b34dc21d552dada4aff917d37463fb054ddedf52ab3def2813fd115e3f36c3f82719a486d2605aadd9c3e708261e2acf13fa9cd81fa2f23aea49b3a42b3ad43bd140ccb5c274c099062d1148d1def0171c5b8b49ac6b462de5246523cee3bb96d6340c8992114ce7f3d0d6ef92f02bfe3142dc1cc03310ea49fe1000b6a5e2353e25b4d373830a2030f7a7f33c60d583ca9ecf9930a22fb8415364d22a1f5aa8ebd95930123e04edaa80b5bdd0473a2c95be3797d6100145d674498fea24a87009149aa27a7060ccaf0ea0675a0c498370beff8978604ac3d3aec9cf3ad53ec8a698c5e1a44d0a4be22e5a16547db9eef5577d6ecd5a2967c4d4255e8908ccb347fe7cb5a7246345035a7a8a12993f8fdc661ffd3a84736ee9a5852dcf8e3aca4afa19a598c9379dd6d3c594e9aa54c1b5f0a2add05c979c76f9d1796c2072e0a6b5348ec199aa7abb34cde352f97e61823977723500867f803371f115c3528b30442fdd828f872d7c962f21053d6fb1fea2ac4e273902edf14d1b9c362f76c67ee7ff175ddb443afd3bab63767d2a64416d50015c09ae0a0faf5b6cbd39a31b7d324d110a84800f2c541cb39836c4cc2e7de0596b78e580533c1dc1126acc7aa5e8d2c2680b511ef4160351e924411b092a94c0a6df787eea3a6960ee27c1480ffc3dd286af35183020315a00ea9dc2384edb0a9c420c12a35ef16fa73d6caf07d796416768be12fad0fd636304918b7cc7901d5db64e6d3d1f7560b859c2044f38e46eec7c2cca01492309c948880326e60fb540bec547626cb5ceb48eae7f0bdd5f38b7ca69159bf39e5a6dee36f2199bae38a2d21e3316c8debcadfb4121af4446cc9fe2a536689816f66510d8906a1f96db1b71a7ab1a9de45e67d93586db93397eae71e6eca1e84531ba50ee9ab11bc01eba40063e74b0efd6ae4ab90bb50e2312861c92b43720e83d3bad50bf66f87be98c40b275339177dba753ddab002b07827ab860e9613a1bb0c13e690dbd71f5a30578e5ab1d1426ca07cb698f30cdfe1853a10fa976822da5c1b3ab8bd6df956e74a667867b94f26b696b9379ab818eed48a13fa6a3590cc1b6e159f25d3f7f7c5178ae84974460d7880b84aa90077a0a8dce82fd6bed76df7cf1dd42b33ec26cdf374ff068db186ddf08112eabfcd7b3f25afaa765bc831a3c7e7d93d6794c2c92d1223de9b15217632aa17ee09651556d0617219d9142f155dd8b1d87cf31715113519edbfdc5d6849feb239a73b53f94430f8e7ee022cdf8cc9aeb877e4109db461e6dd68351a1522d41854ff59a91b854cab163329442c01cbc3b352c8068131c8c22f7b9220e009e3890f396d5fe69137e2f0b52b27d190705cc4dac692ebb7d9662268cc641d03804d7f5bc99437e49a3e2e6b8879d37322faaec90df4a1201bb1f58d1eedadf74df18be13e0aff304b583da98589aa22e27b1f78beaea663e3182d2b12a2f3c835c0feb3001d787b297a2aaaaa649fbd9269dc534c810ea064d6d27d54e54f73e39ed4ef101491c144f7010aa2519587cda497d770763f60e6d9df6672c3a47991d757b7ccaa38550f42d0ed724b52c04a61e3670a3af1bab73543112f20b4b17e1ca567c2e2dfd8ded52e80ef79f2f0ca312099a2905ee699a61eb34aee75c974ba6c8e6b6f8d4346baa5164edbf9f892f5b20fe2e4d63d697e17a41ff323e114e5b8f8bf9204ac842e4cb0eaf872ed92e92a09a61e17010be88bcffa11a464e9dd15f772b17a0a26a384a6bbe80a2bed2c5f3c5db439384781893c68f35e7f04dd4b90fb35566b4b5e230410f2a88302436113a0d7ce0a589e9155273ffee7fc927dd0f1e5592c727a2bcfe61eb5d95811981d0d307406d5da4c6c164be156558675bc34d2bb1e9bfb3ff557b101892ba10bce45f85ff739acb1513058e74ebf675dafc64501525b510f70338d31ba19b7ab4eae92c2c33d59b616fbeacb0b0af4615a08b316d9ea8ef31b7e27f0d286aa4f918d8fd553d8e463df06cd6a7303b5f0ee14e2b60e910f02e7e4eeb55ca3b1210050359d9f662556ba38c50ea31080fe172438b438af83572cd33451fb92ec62ab10d4a439c571ee290d524270a0cc90665c9f6347f9f3d78efcda9e6e13a255f9080f66dbf0030cb9c1d10ade44412bb9e5783a86e35eb5b28095f52942b83013967d661e2e7bd9b525f1fb8b0d127dce73876805ed4954bd7cf9cf6f43c06c4463dc9d339394e2f83304223627d76d61b245140f440446d4e6eabe0450034f82b1d6f2d6d090895de305a84e7bb7824ad84429aa50775536dbda7bcacadfe01b5d6ca8e46b897c21122655677a176bab6b260deb3d6803607b9aa85d74e748aedc17537bb0bd0b4800cd9ad3705b9960a61f501a4bdaee05309c5537189a8d616554429de7717674aa88674733fb68eeab898aade23712c8058a855904f4e7085115f36b6df394864d88e6cf183753248eefad820ff3f1dda2ff430da2c16633f7bb86fced18a6217c71a412287f31c1699553ad9695195a95baca9cd3f6510d9dbcb5a404fb02d4a6a476090ffab0efa6") mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x8000012, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x8081) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000080)={&(0x7f0000000000), 0x8}, 0xf, 0x8, 0x0) r2 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r2, 0x0, 0xe) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r4) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), r4) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, r7, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) sendmsg$auto_WG_CMD_GET_DEVICE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r5, 0x703, 0x70bd27, 0x25dfd9fc}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x4) write$auto_tty_fops_tty_io(r3, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef) modify_ldt$auto(0x11, 0xfffffffffffffffc, 0x23b94) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/029/001\x00', 0xa002, 0x0) 3.449044781s ago: executing program 3 (id=963): r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/nullb/features\x00', 0x40240, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r1) sendmsg$auto_OVS_VPORT_CMD_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x18, r2, 0x1, 0x71bd27, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x88542, 0x0) write$auto(r6, 0x0, 0x0) pwrite64$auto(r6, &(0x7f0000002500)=']\x00', 0x3, 0xd) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x302, 0x0) mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0x401, 0x300000000000) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x2120, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r5, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) socket(0x2, 0x1, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat2$auto(0xffffffffffffffff, 0x0, 0x0, 0xa3) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x4002, 0x0) fchmod$auto(r0, 0x7) 2.85840586s ago: executing program 3 (id=964): mmap$auto(0x2b, 0x2000a, 0xe2, 0x13, 0xffffffffffffffff, 0xffffffffffffffff) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socket(0x2a, 0x801, 0x4405) r0 = io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) futex_waitv$auto(&(0x7f0000000000)={0x10000000, 0x0, 0x9}, 0x1, 0x0, 0x0, 0x100623d) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) sysfs$auto(0x2, 0x26, 0x0) fsopen$auto(0x0, 0x1) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000340)="0040e89a57f9752def5516f43100", 0xe) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffd, 0x5508, 0x0) init_module$auto(0x0, 0xfffff, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x404840, 0x0) madvise$auto(0x0, 0xffffffffffff000d, 0x80000001) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/cx231xx/parameters/radio_nr\x00', 0x202540, 0x0) madvise$auto(0x80000000, 0x8000000000000005, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) capset$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x3, 0x13, 0xfffffffffffffffa, 0x40) fallocate$auto(r0, 0xfffffffd, 0x58f, 0x100000004) 2.469571266s ago: executing program 2 (id=965): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82140, 0x0) socket(0xa, 0x1, 0x100) vmsplice$auto(r0, &(0x7f0000000080)={&(0x7f0000000340)="6184494649504c6647e0bd7ab144975569055db0331f4ce50bf4399fd19446c045456623cacaeac05d63898b60ce883de61d5c33e8c35513ec9920957bd81efabc89914667ff8beaf43cc13bda4baad46fff498a02322bb13147b66ee886d99c38ae23fa67666137b886457d3454c7ffb77bcecc4381292701783824f897569aced6a55358f1101694990fd3ac3539308fe9fbbf6fa70462848ef85ee9299ac4425e1f71485887a707f4db1295aecb02f78f217fafb6aa1d3b1e7272eef2489da21d72ca48552fa36d284fc716058166e725466c", 0x5}, 0x8, 0x101) ioperm$auto(0x7, 0x5ad2, 0xc) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x1, 0x0) exit$auto(0x7) write$auto_proc_pid_attr_operations_base(r2, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/tracing_cpumask\x00', 0x200000, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0) setuid$auto(0x800000000008) read$auto(0x3, 0x0, 0xf34) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) write$auto(r3, &(0x7f0000000640)='0\x00\xa6\xcc\r\x91Q\x00\x00\x00\x00\x00\x00\x00\x04\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:\x00\x00@\x00\xeb\xf0\xc4\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfh\xf4\v\xf3C\x00\x00\x00\x00\x00\x00\x00\x000\xdc\xc8\xd5\'Y\xbe\xf3%\x88j9\x969R\x06\xfe\xf8\x90\xa62\bp!\xd16\x8b\x95\xdaN\x87\xba\xf3\xac\xeeDj\xc8\x8a\xa8 \x1e\xa5\xaa\xc0f\xfaK\xe1\x85\xd8\xeb\xf4C3\x02\x1bG\'\xd8\xfd\x05n}\xe12X\x98\x8f\x18\x9e\xf6\xb2\x9a\x00\xb4\xe0Ub\xa5\bk\x95\xd9\xb8\x8a\xc0\xf2\b\r\xdf\xa6\xfd\xed%w\xde8\x8aR\xc0/\xe7a\xd5\x9c~\xc1\x13\xf9\xfb\x11h\xf9\xb1C\xb1\xb5$\x97d\xbc{ZI\xc6\x10/=z\x03\xf6\xa4\x1e\vay:\xf10\x10Nr4\x8eq[\x9eQ3\v\x16\x0fu\x99l\xd8>|\xc6jm\x1c\bR\x86Z\x9c\x83\x8e\xcdZU\r\xb6\xc4\x95\xe1\xfeT\xbda\x99\x19?\xbe\x87zy\xdb\x1a\x05\xe8\xd2\xc8*|\b\xb7 \xe1', 0xffff) 2.304309623s ago: executing program 0 (id=966): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c2580, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x100, 0x0) pidfd_open$auto(0x1, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/napi_defer_hard_irqs\x00', 0xc2481, 0x0) write$auto(r1, &(0x7f0000000080)='7\x00\\\xa0\x042\a\xc3\xd0\x11\x03\aKk+\xf4\xcd\x12\xa6\x85\xd6Y\xe6\xc3I)\xaa\x8f\xa5\xc3\x94\xaf\x18\xf9]\xdd\xc3\x91m\xc9{;\b\x04\x94\xf18', 0x2) futex$auto(&(0x7f00000000c0)=0x58, 0x5, 0x3, 0x0, &(0x7f0000000440)=0x2, 0xc8) (async) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/51, 0x33) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) ioperm$auto(0x7, 0x71, 0x863) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) fadvise64$auto(r3, 0x8, 0x400000000000006, 0x4) (async) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) pread64$auto(r4, 0x0, 0xfffffffffffffffa, 0x200005ef6) (async) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), r2) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/time_for_children\x00') getdents$auto(r5, 0x0, 0xc08) (async) getdents$auto(r5, 0x0, 0xa2b0) (async) sendmsg$auto_NETDEV_CMD_DEV_GET(r2, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x1, 0xf0ffff, 0x0, 0x4005}, 0x28044004) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) (async) madvise$auto(0x0, 0x2000040080000004, 0xe) r6 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x20000, 0x0) write$auto_proc_mem_operations_base(r6, 0x0, 0x0) (async) listmount$auto(0x0, 0x0, 0xa, 0x1) (async) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs\x00', 0x400202, 0x0) write$auto(r7, 0x0, 0x2b6) (async) close_range$auto(0x2, 0x8, 0x0) 1.435194349s ago: executing program 2 (id=967): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x22, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x7, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r1, &(0x7f0000000300)={0xbd, 0x2, "0200000000000000c32f1a88a7d2ac4f994d42b9ccb04eead5e03d771a33bb03d2d7de959b4fd3cea3ebd9c48b2687fb19852b1da5ab33a6ca4c2b285666489ad5391024feca142d2ce5d558ded9719dea51d787328f8ead177dce68174a0f5524b4ae35369f8a21404d65bd5f6de5969ae3ab017c1bfc19029e678420377d0f040a0177ed0345f589774ee5a94eaa7f61f9b3f5deed725ac61251cf2764951f92e1945bfc2f2a921c06506e166743fbd01a69d364e3a9b990ef201ef5"}, 0x9) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) rseq$auto(&(0x7f00000005c0)={0x7, 0x6, 0x9, 0xfff, 0xa896, 0xffffffff, "af18c8a1eea866e9840b50cd944973113586d3c13361bac7f306af96f7efff43128e2b8c922b8fb895af349b0e062b81eb9c283c708b70b3acce9ee9cb134a7d7b89f2ffb21780113116e8528cfb4e952a1b38f43f7f7b0488d02d3f54d5f95a2b518d94598435ff9e3cb359f175b4a79e5debbe3437a9ee705e85abac6b17f188af31073da2af00acf600fea4db39bb050ffdfdf770463b"}, 0x584, 0x1, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x62, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x401, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x80000000000000a, 0x2, 0x0) memfd_secret$auto(0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301001, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000000)=0x200000000) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000022c0)='/sys/devices/system/memory/memory10/removable\x00', 0x8500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f00000000c0)=""/4096, 0x1000) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r4, 0x4048aecb, 0x0) 733.143296ms ago: executing program 0 (id=968): mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/dri/0000:00:02.0/state\x00', 0x10000, 0x0) ioctl$auto(r0, 0x702e, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100cda4429629bd7100f9db5f2502000000"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000300)="4676f81a02f29828490e4a50dad6b5d78d09c92360f035e56eeff9e712d2c3a48cb69196a70ed24ed7f68a2aa3401d0b6cc078eb364b71d6dc6f8125938411517c25d11f397168c7355e258ba7bf50b93faeedb76e9a2bd25310c03eb83fc989e02053d6b410c968ef5310451fd6230eac1712b3b7b33fc886b7dbfd4afb9d6ce5e096b81b7d71f8150fa5449bf3b4139ddd3bb37fb600f441a40c66d1bd9d4df9b739a75cb5abde2cc4ff1b6cd446dc57fbb630421a0a19aa4deda574c03362a96cf46b18f6cf12ff48eb67b3ae2407857dd9b4d3298bcd43ab580c8b0fb9b159fa0c7dfa93edb271b9fe6715ac82c3fc4e8c3072622bfabe3acd4b4ba864fb1647aff5433d25f4ce55b8401b1f1b12406355705f9943a4194b83e61013d0c38b1bcd1d4488a8460e94c37b1e22d82cafa566929b77a3f0e51c8dc361790be747", 0xfc2}, 0x3, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008) 324.622487ms ago: executing program 2 (id=969): socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x6a) r0 = socket(0x2c, 0x3, 0x0) bind$auto(r0, &(0x7f0000000080)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4) connect$auto(0x3, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x800000}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) socket(0xa, 0x5, 0x3) ioctl$auto(0xffffffffffffffff, 0xab07, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000002300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000022c0)={&(0x7f0000000b00)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x48050) r2 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) semctl$auto(0x8, 0x806, 0x13, 0x46) syz_genetlink_get_family_id$auto_thermal(0x0, 0xffffffffffffffff) msgctl$auto_IPC_INFO(0x7, 0x3, &(0x7f0000000200)={{0x13b8, 0x0, 0xee01, 0x100, 0x3, 0x7fffffff, 0x3afa}, &(0x7f0000000180)=0x3, &(0x7f00000001c0)=0xa, 0x7, 0x3, 0x9, 0x4, 0x8, 0xffff, 0xfffd, 0x6498, @raw=0x71, @raw=0xa}) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(r2, 0x0, 0x4004061) setsockopt$auto(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x10000) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x7ec3, 0x3, 0x62, 0x8000001f, 0x40007, 0x6d3b, 0xa, 0x2, 0x8]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0xffffffff) mmap$auto(0x800, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sync_file_range$auto(r2, 0x0, 0x8, 0xbeb) 0s ago: executing program 0 (id=970): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8080) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r1 = socket(0x22, 0x2, 0x1) socketpair$auto(0x4005, 0x7, 0x8000000000000000, 0x0) close_range$auto(r1, r1, 0x5) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) fstat$auto(r1, 0x0) prctl$auto(0x21, 0x10000, 0x0, 0x0, 0x80000000000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r3 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x42, 0x20) r4 = open_tree$auto(r3, 0x0, 0xff8) statx$auto(r4, 0x0, 0x4001000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x1a70c0, 0x75) socket(0x2c, 0x6, 0xfff) setsockopt$auto(r0, 0xffffff8b, 0xffffff81, 0x0, 0x20000002) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) ptrace$auto(0x10, 0x0, 0x6, 0x80000000005ff) setfsuid$auto(0xee00) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4048aecb, 0x0) mmap$auto(0x0, 0x9, 0xff8, 0x8000000008011, 0x3, 0x800) r5 = io_uring_setup$auto(0x6, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000080)='/sys/devices/\xe3\xdbS@^\x19\x92D0\x98\x1cB\xe90vir/net-bond0/bonding/all_', 0x81) ioctl$auto_SG_GET_REQUEST_TABLE(r5, 0x2286, &(0x7f0000000100)="efa9312b35e5974f01d6086dba62b412fd39aefc805b16088703e9159844be98d6b9792cf38c789f94125abf0150270cc2f2a7732a3867509d225b886c6791bca286c675373ee7c4c2a508c5165887fad0631f338e8dac") syz_clone3(&(0x7f0000000340)={0x305000, &(0x7f00000000c0), 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58) madvise$auto(0x0, 0xffffffffffff0005, 0x19) kernel console output (not intermixed with test programs): 135.554544][ T6295] CIFS: VFS: Malformed UNC in devname [ 137.203151][ T30] audit: type=1800 audit(6046796652.629:3): pid=6330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.79" name="features" dev="configfs" ino=8192 res=0 errno=0 [ 139.722848][ T6368] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 140.475944][ T6379] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 142.100595][ T6399] program syz.0.93 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 142.110041][ T6399] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 142.299589][ T6402] random: crng reseeded on system resumption [ 142.447152][ T6404] snd_aloop snd_aloop.0: control 1:9:7:ª¸è:0 is already present [ 143.113266][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.125751][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.495459][ T30] audit: type=1800 audit(6046796658.919:4): pid=6424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.96" name="features" dev="configfs" ino=9377 res=0 errno=0 [ 144.136816][ T6425] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 144.179851][ T6431] tipc: Withdrawal distribution failure [ 144.199302][ T6425] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 144.205622][ T6425] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 144.218046][ T6425] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 145.542318][ T6442] Malformed UNC in devname [ 145.542318][ T6442] [ 145.549149][ T6442] CIFS: VFS: Malformed UNC in devname [ 145.808554][ T5172] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.228637][ T5172] Bluetooth: hci3: command 0x0c1a tx timeout [ 146.228916][ T5858] Bluetooth: hci2: command 0x0c1a tx timeout [ 146.234706][ T5172] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.604309][ T6453] FAULT_INJECTION: forcing a failure. [ 146.604309][ T6453] name failslab, interval 1, probability 0, space 0, times 0 [ 146.617770][ T6453] CPU: 1 UID: 0 PID: 6453 Comm: syz.3.103 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 146.617814][ T6453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.617831][ T6453] Call Trace: [ 146.617841][ T6453] [ 146.617852][ T6453] dump_stack_lvl+0x16c/0x1f0 [ 146.617904][ T6453] should_fail_ex+0x512/0x640 [ 146.617950][ T6453] ? fs_reclaim_acquire+0xae/0x150 [ 146.617990][ T6453] ? tomoyo_encode2+0x100/0x3e0 [ 146.618034][ T6453] should_failslab+0xc2/0x120 [ 146.618066][ T6453] __kmalloc_noprof+0xd2/0x510 [ 146.618113][ T6453] ? d_absolute_path+0x136/0x1a0 [ 146.618154][ T6453] tomoyo_encode2+0x100/0x3e0 [ 146.618208][ T6453] tomoyo_encode+0x29/0x50 [ 146.618253][ T6453] tomoyo_realpath_from_path+0x18f/0x6e0 [ 146.618318][ T6453] tomoyo_path_number_perm+0x245/0x580 [ 146.618358][ T6453] ? tomoyo_path_number_perm+0x237/0x580 [ 146.618402][ T6453] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 146.618482][ T6453] ? find_held_lock+0x2b/0x80 [ 146.618517][ T6453] ? hook_file_ioctl_common+0x145/0x410 [ 146.618574][ T6453] ? __fget_files+0x20e/0x3c0 [ 146.618631][ T6453] security_file_ioctl+0x9b/0x240 [ 146.618678][ T6453] __x64_sys_ioctl+0xb7/0x210 [ 146.618724][ T6453] do_syscall_64+0xcd/0x490 [ 146.618781][ T6453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.618814][ T6453] RIP: 0033:0x7f8f19d8e929 [ 146.618842][ T6453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.618873][ T6453] RSP: 002b:00007f8f1ab6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.618904][ T6453] RAX: ffffffffffffffda RBX: 00007f8f19fb6160 RCX: 00007f8f19d8e929 [ 146.618925][ T6453] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 146.618944][ T6453] RBP: 00007f8f19e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 146.618963][ T6453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.618981][ T6453] R13: 0000000000000000 R14: 00007f8f19fb6160 R15: 00007ffd670af178 [ 146.619022][ T6453] [ 146.868633][ T6453] ERROR: Out of memory at tomoyo_realpath_from_path. [ 147.900532][ T6467] program syz.3.107 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 147.936760][ T6467] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 148.074875][ T6469] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 148.127004][ T6471] snd_aloop snd_aloop.0: control 1:9:7:ª¸è:0 is already present [ 149.172095][ T30] audit: type=1800 audit(6046796664.589:5): pid=6488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.111" name="features" dev="configfs" ino=9482 res=0 errno=0 [ 151.856569][ T6529] FAULT_INJECTION: forcing a failure. [ 151.856569][ T6529] name failslab, interval 1, probability 0, space 0, times 0 [ 151.879746][ T6529] CPU: 0 UID: 0 PID: 6529 Comm: syz.2.115 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 151.879780][ T6529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 151.879794][ T6529] Call Trace: [ 151.879804][ T6529] [ 151.879813][ T6529] dump_stack_lvl+0x16c/0x1f0 [ 151.879858][ T6529] should_fail_ex+0x512/0x640 [ 151.879907][ T6529] ? fs_reclaim_acquire+0xae/0x150 [ 151.879950][ T6529] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 151.879985][ T6529] should_failslab+0xc2/0x120 [ 151.880015][ T6529] __kmalloc_noprof+0xd2/0x510 [ 151.880059][ T6529] tomoyo_realpath_from_path+0xc2/0x6e0 [ 151.880101][ T6529] tomoyo_get_exe+0x63/0xa0 [ 151.880126][ T6529] tomoyo_write_control+0x689/0x1430 [ 151.880161][ T6529] ? __pfx_tomoyo_write_control+0x10/0x10 [ 151.880191][ T6529] ? __pfx_tomoyo_write+0x10/0x10 [ 151.880223][ T6529] vfs_write+0x2a0/0x1150 [ 151.880262][ T6529] ? __pfx___mutex_lock+0x10/0x10 [ 151.880298][ T6529] ? __pfx_vfs_write+0x10/0x10 [ 151.880340][ T6529] ? __fget_files+0x20e/0x3c0 [ 151.880382][ T6529] ksys_write+0x12a/0x250 [ 151.880415][ T6529] ? __pfx_ksys_write+0x10/0x10 [ 151.880458][ T6529] do_syscall_64+0xcd/0x490 [ 151.880496][ T6529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.880520][ T6529] RIP: 0033:0x7ff17e38e929 [ 151.880538][ T6529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.880560][ T6529] RSP: 002b:00007ff17c1d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 151.880581][ T6529] RAX: ffffffffffffffda RBX: 00007ff17e5b6080 RCX: 00007ff17e38e929 [ 151.880596][ T6529] RDX: 0000000000000070 RSI: 0000000000000000 RDI: 0000000000000003 [ 151.880610][ T6529] RBP: 00007ff17c1d5090 R08: 0000000000000000 R09: 0000000000000000 [ 151.880623][ T6529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.880636][ T6529] R13: 0000000000000000 R14: 00007ff17e5b6080 R15: 00007ffe99f185e8 [ 151.880666][ T6529] [ 151.880675][ T6529] ERROR: Out of memory at tomoyo_realpath_from_path. [ 152.573238][ T6548] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 153.920207][ T6569] random: crng reseeded on system resumption [ 155.634831][ T6597] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 156.581761][ T6605] FAULT_INJECTION: forcing a failure. [ 156.581761][ T6605] name failslab, interval 1, probability 0, space 0, times 0 [ 156.740912][ T6605] CPU: 1 UID: 0 PID: 6605 Comm: syz.2.135 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 156.740959][ T6605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 156.741000][ T6605] Call Trace: [ 156.741011][ T6605] [ 156.741023][ T6605] dump_stack_lvl+0x16c/0x1f0 [ 156.741077][ T6605] should_fail_ex+0x512/0x640 [ 156.741134][ T6605] ? fs_reclaim_acquire+0xae/0x150 [ 156.741177][ T6605] ? tomoyo_encode2+0x100/0x3e0 [ 156.741221][ T6605] should_failslab+0xc2/0x120 [ 156.741254][ T6605] __kmalloc_noprof+0xd2/0x510 [ 156.741305][ T6605] ? d_absolute_path+0x136/0x1a0 [ 156.741347][ T6605] tomoyo_encode2+0x100/0x3e0 [ 156.741406][ T6605] tomoyo_encode+0x29/0x50 [ 156.741450][ T6605] tomoyo_realpath_from_path+0x18f/0x6e0 [ 156.741510][ T6605] tomoyo_get_exe+0x63/0xa0 [ 156.741545][ T6605] tomoyo_write_control+0x689/0x1430 [ 156.741595][ T6605] ? __pfx_tomoyo_write_control+0x10/0x10 [ 156.741638][ T6605] ? __pfx_tomoyo_write+0x10/0x10 [ 156.741685][ T6605] vfs_write+0x2a0/0x1150 [ 156.741739][ T6605] ? __pfx___mutex_lock+0x10/0x10 [ 156.741789][ T6605] ? __pfx_vfs_write+0x10/0x10 [ 156.741850][ T6605] ? __fget_files+0x20e/0x3c0 [ 156.741909][ T6605] ksys_write+0x12a/0x250 [ 156.741956][ T6605] ? __pfx_ksys_write+0x10/0x10 [ 156.742018][ T6605] do_syscall_64+0xcd/0x490 [ 156.742073][ T6605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.742107][ T6605] RIP: 0033:0x7ff17e38e929 [ 156.742133][ T6605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.742163][ T6605] RSP: 002b:00007ff17c1d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 156.742192][ T6605] RAX: ffffffffffffffda RBX: 00007ff17e5b6080 RCX: 00007ff17e38e929 [ 156.742212][ T6605] RDX: 0000000000000070 RSI: 0000000000000000 RDI: 0000000000000003 [ 156.742230][ T6605] RBP: 00007ff17c1d5090 R08: 0000000000000000 R09: 0000000000000000 [ 156.742248][ T6605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.742266][ T6605] R13: 0000000000000000 R14: 00007ff17e5b6080 R15: 00007ffe99f185e8 [ 156.742307][ T6605] [ 156.742411][ T6605] ERROR: Out of memory at tomoyo_realpath_from_path. [ 157.450630][ T6631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.140'. [ 157.529381][ T6631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.140'. [ 157.601312][ T6631] netlink: 'syz.1.140': attribute type 1 has an invalid length. [ 158.248153][ T6640] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 159.566719][ T6656] syz.0.145 (6656) used greatest stack depth: 19800 bytes left [ 159.954007][ T6668] netlink: 20 bytes leftover after parsing attributes in process `syz.3.147'. [ 160.419366][ T6668] hsr_slave_0 (unregistering): left promiscuous mode [ 160.893629][ T6691] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 163.897032][ T6743] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 164.212392][ T6748] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 164.376061][ T6745] netlink: 186 bytes leftover after parsing attributes in process `syz.3.161'. [ 164.740913][ T6754] random: crng reseeded on system resumption [ 165.068658][ T6762] ptrace attach of "./syz-executor exec"[5855] was attempted by ""[6762] [ 165.481831][ T6766] ptp ptp0: new virtual clock ptp1 [ 165.533606][ T6766] ptp ptp0: new virtual clock ptp2 [ 165.581743][ T6766] ptp ptp0: new virtual clock ptp3 [ 165.621746][ T6766] ptp ptp0: guarantee physical clock free running [ 166.897211][ T6789] netlink: 4 bytes leftover after parsing attributes in process `syz.1.171'. [ 166.912876][ T6789] FAULT_INJECTION: forcing a failure. [ 166.912876][ T6789] name failslab, interval 1, probability 0, space 0, times 0 [ 166.927232][ T6789] CPU: 0 UID: 0 PID: 6789 Comm: syz.1.171 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 166.927274][ T6789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.927291][ T6789] Call Trace: [ 166.927301][ T6789] [ 166.927311][ T6789] dump_stack_lvl+0x16c/0x1f0 [ 166.927363][ T6789] should_fail_ex+0x512/0x640 [ 166.927412][ T6789] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 166.927467][ T6789] should_failslab+0xc2/0x120 [ 166.927499][ T6789] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 166.927550][ T6789] ? __d_alloc+0x31/0xaa0 [ 166.927583][ T6789] __d_alloc+0x31/0xaa0 [ 166.927615][ T6789] d_alloc+0x4a/0x1e0 [ 166.927646][ T6789] d_alloc_parallel+0xe3/0x12e0 [ 166.927696][ T6789] ? find_held_lock+0x2b/0x80 [ 166.927733][ T6789] ? __pfx_d_alloc_parallel+0x10/0x10 [ 166.927777][ T6789] ? __d_lookup+0x266/0x4a0 [ 166.927827][ T6789] lookup_open.isra.0+0x665/0x1580 [ 166.927879][ T6789] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 166.927945][ T6789] ? mnt_get_write_access+0x20c/0x300 [ 166.927997][ T6789] path_openat+0x893/0x2cb0 [ 166.928057][ T6789] ? __pfx_path_openat+0x10/0x10 [ 166.928119][ T6789] ? __lock_acquire+0xb8a/0x1c90 [ 166.928168][ T6789] do_filp_open+0x20b/0x470 [ 166.928219][ T6789] ? __pfx_do_filp_open+0x10/0x10 [ 166.928306][ T6789] ? alloc_fd+0x471/0x7d0 [ 166.928364][ T6789] do_sys_openat2+0x11b/0x1d0 [ 166.928403][ T6789] ? __pfx_do_sys_openat2+0x10/0x10 [ 166.928456][ T6789] __x64_sys_openat+0x174/0x210 [ 166.928495][ T6789] ? __pfx___x64_sys_openat+0x10/0x10 [ 166.928553][ T6789] do_syscall_64+0xcd/0x490 [ 166.928608][ T6789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.928640][ T6789] RIP: 0033:0x7f6bc1d8e929 [ 166.928667][ T6789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.928698][ T6789] RSP: 002b:00007f6bc2bd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 166.928719][ T6789] RAX: ffffffffffffffda RBX: 00007f6bc1fb5fa0 RCX: 00007f6bc1d8e929 [ 166.928734][ T6789] RDX: 0000000000000201 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 166.928748][ T6789] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 166.928761][ T6789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.928773][ T6789] R13: 0000000000000000 R14: 00007f6bc1fb5fa0 R15: 00007ffe389e4bf8 [ 166.928802][ T6789] [ 167.165138][ C0] vkms_vblank_simulate: vblank timer overrun [ 167.842926][ T6797] netlink: 4 bytes leftover after parsing attributes in process `syz.2.172'. [ 168.298228][ T6804] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 168.460363][ T6800] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 168.467460][ T6800] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 168.485818][ T6800] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 168.501216][ T6800] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 168.703534][ T6813] kAFS: Invalid Command on /proc/fs/afs/cells file [ 169.600054][ T5172] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 170.068665][ T5172] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.479564][ T5172] Bluetooth: hci1: command 0x0c1a tx timeout [ 170.508295][ T6851] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 170.551417][ T5172] Bluetooth: hci3: command 0x0c1a tx timeout [ 170.558163][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.246143][ T6863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.187'. [ 174.425126][ T6913] syz.1.193(6913): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 174.453959][ T6915] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 174.844910][ T5172] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 174.844952][ T5172] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 174.860061][ T5172] Bluetooth: hci1: Dropping invalid advertising data [ 174.866983][ T5172] Bluetooth: hci1: Dropping invalid advertising data [ 174.873871][ T5172] Bluetooth: hci1: Dropping invalid advertising data [ 174.881288][ T5172] Bluetooth: hci1: Dropping invalid advertising data [ 174.888037][ T5172] Bluetooth: hci1: Malformed LE Event: 0x02 [ 175.259998][ T6916] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 175.266238][ T6916] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 175.334197][ T6916] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 175.365846][ T6916] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 175.429428][ T6916] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 175.829395][ T6932] netlink: 4 bytes leftover after parsing attributes in process `syz.2.199'. [ 175.963017][ T6934] netlink: 25 bytes leftover after parsing attributes in process `syz.2.199'. [ 176.758880][ T6951] program syz.1.203 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 176.814466][ T6952] program syz.1.203 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 176.866374][ T6955] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 177.108599][ T5172] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.269294][ T5172] Bluetooth: hci1: command 0x0c1a tx timeout [ 177.349216][ T5172] Bluetooth: hci2: command 0x0c1a tx timeout [ 177.508578][ T5172] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.375974][ T6980] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.1.209: 7 [ 178.995574][ T6985] i2c i2c-0: delete_device: Can't find device in list [ 179.428548][ T5172] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.174171][ T7013] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 181.560518][ T7040] FAULT_INJECTION: forcing a failure. [ 181.560518][ T7040] name failslab, interval 1, probability 0, space 0, times 0 [ 181.635519][ T7040] CPU: 0 UID: 0 PID: 7040 Comm: syz.2.221 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 181.635562][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 181.635583][ T7040] Call Trace: [ 181.635593][ T7040] [ 181.635607][ T7040] dump_stack_lvl+0x16c/0x1f0 [ 181.635664][ T7040] should_fail_ex+0x512/0x640 [ 181.635714][ T7040] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 181.635769][ T7040] should_failslab+0xc2/0x120 [ 181.635803][ T7040] __kmalloc_cache_node_noprof+0x6d/0x420 [ 181.635854][ T7040] ? lockdep_init_map_type+0x5c/0x280 [ 181.635897][ T7040] ? __alloc_workqueue+0x506/0x1810 [ 181.635945][ T7040] __alloc_workqueue+0x506/0x1810 [ 181.636001][ T7040] alloc_workqueue+0xd2/0x200 [ 181.636042][ T7040] ? __pfx_alloc_workqueue+0x10/0x10 [ 181.636086][ T7040] ? __fget_files+0x204/0x3c0 [ 181.636150][ T7040] loop_configure+0x1072/0x1720 [ 181.636216][ T7040] ? find_held_lock+0x2b/0x80 [ 181.636250][ T7040] ? is_bpf_text_address+0x8a/0x1a0 [ 181.636300][ T7040] ? __pfx_loop_configure+0x10/0x10 [ 181.636389][ T7040] lo_ioctl+0xc1c/0x2760 [ 181.636431][ T7040] ? __lock_acquire+0xb8a/0x1c90 [ 181.636482][ T7040] ? kasan_save_stack+0x42/0x60 [ 181.636532][ T7040] ? kasan_save_stack+0x33/0x60 [ 181.636580][ T7040] ? kasan_save_track+0x14/0x30 [ 181.636626][ T7040] ? kasan_save_free_info+0x3b/0x60 [ 181.636667][ T7040] ? __kasan_slab_free+0x51/0x70 [ 181.636693][ T7040] ? kfree+0x2b4/0x4d0 [ 181.636731][ T7040] ? tomoyo_path_number_perm+0x470/0x580 [ 181.636770][ T7040] ? security_file_ioctl+0x9b/0x240 [ 181.636810][ T7040] ? __x64_sys_ioctl+0xb7/0x210 [ 181.636847][ T7040] ? do_syscall_64+0xcd/0x490 [ 181.636896][ T7040] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.636943][ T7040] ? __pfx_lo_ioctl+0x10/0x10 [ 181.637020][ T7040] ? kasan_quarantine_put+0x10a/0x240 [ 181.637069][ T7040] ? lockdep_hardirqs_on+0x7c/0x110 [ 181.637123][ T7040] ? find_held_lock+0x2b/0x80 [ 181.637158][ T7040] ? tomoyo_path_number_perm+0x295/0x580 [ 181.637205][ T7040] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 181.637260][ T7040] ? blkdev_common_ioctl+0x1dd/0x2480 [ 181.637298][ T7040] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 181.637393][ T7040] ? __pfx_lo_ioctl+0x10/0x10 [ 181.637432][ T7040] blkdev_ioctl+0x277/0x6d0 [ 181.637467][ T7040] ? __pfx_blkdev_ioctl+0x10/0x10 [ 181.637507][ T7040] ? __pfx_blkdev_ioctl+0x10/0x10 [ 181.637543][ T7040] __x64_sys_ioctl+0x18e/0x210 [ 181.637581][ T7040] do_syscall_64+0xcd/0x490 [ 181.637630][ T7040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.637663][ T7040] RIP: 0033:0x7ff17e38e929 [ 181.637690][ T7040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.637721][ T7040] RSP: 002b:00007ff17c1d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 181.637760][ T7040] RAX: ffffffffffffffda RBX: 00007ff17e5b6080 RCX: 00007ff17e38e929 [ 181.637779][ T7040] RDX: 0000000000000000 RSI: 0000000000004c00 RDI: 0000000000000001 [ 181.637796][ T7040] RBP: 00007ff17e410b39 R08: 0000000000000000 R09: 0000000000000000 [ 181.637813][ T7040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.637830][ T7040] R13: 0000000000000000 R14: 00007ff17e5b6080 R15: 00007ffe99f185e8 [ 181.637866][ T7040] [ 182.542646][ T7047] syz.0.222: vmalloc error: size 1904640, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 182.610444][ T7047] CPU: 1 UID: 0 PID: 7047 Comm: syz.0.222 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 182.610489][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.610507][ T7047] Call Trace: [ 182.610517][ T7047] [ 182.610529][ T7047] dump_stack_lvl+0x16c/0x1f0 [ 182.610585][ T7047] warn_alloc+0x248/0x3a0 [ 182.610638][ T7047] ? __pfx_warn_alloc+0x10/0x10 [ 182.610691][ T7047] ? alloc_pages_mpol+0x25a/0x550 [ 182.610727][ T7047] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 182.610779][ T7047] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 182.610839][ T7047] ? __snd_dma_alloc_pages+0x50/0x90 [ 182.610893][ T7047] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 182.610946][ T7047] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 182.611003][ T7047] ? __snd_dma_alloc_pages+0x50/0x90 [ 182.611045][ T7047] __vmalloc_node_noprof+0xad/0xf0 [ 182.611088][ T7047] ? __snd_dma_alloc_pages+0x50/0x90 [ 182.611129][ T7047] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 182.611179][ T7047] __snd_dma_alloc_pages+0x50/0x90 [ 182.611224][ T7047] snd_dma_alloc_dir_pages+0x151/0x240 [ 182.611280][ T7047] do_alloc_pages+0x115/0x280 [ 182.611326][ T7047] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 182.611376][ T7047] snd_pcm_hw_params+0x15e1/0x1b40 [ 182.611426][ T7047] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 182.611470][ T7047] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 182.611514][ T7047] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 182.611553][ T7047] ? __asan_memset+0x23/0x50 [ 182.611602][ T7047] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 182.611647][ T7047] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 182.611706][ T7047] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 182.611748][ T7047] ? snd_pcm_oss_sync+0x30c/0x840 [ 182.611822][ T7047] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 182.611863][ T7047] snd_pcm_oss_sync+0x32e/0x840 [ 182.611906][ T7047] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 182.611943][ T7047] snd_pcm_oss_release+0x28b/0x310 [ 182.611984][ T7047] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 182.612019][ T7047] __fput+0x402/0xb70 [ 182.612064][ T7047] task_work_run+0x14d/0x240 [ 182.612119][ T7047] ? __pfx_task_work_run+0x10/0x10 [ 182.612171][ T7047] ? __pfx___do_sys_close_range+0x10/0x10 [ 182.612232][ T7047] exit_to_user_mode_loop+0xeb/0x110 [ 182.612293][ T7047] do_syscall_64+0x3f6/0x490 [ 182.612349][ T7047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.612382][ T7047] RIP: 0033:0x7f70ec38e929 [ 182.612407][ T7047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.612437][ T7047] RSP: 002b:00007f70ed13e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 182.612466][ T7047] RAX: 0000000000000000 RBX: 00007f70ec5b5fa0 RCX: 00007f70ec38e929 [ 182.612486][ T7047] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 182.612505][ T7047] RBP: 00007f70ec410b39 R08: 0000000000000000 R09: 0000000000000000 [ 182.612523][ T7047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.612541][ T7047] R13: 0000000000000000 R14: 00007f70ec5b5fa0 R15: 00007ffcaf755198 [ 182.612583][ T7047] [ 182.612594][ T7047] Mem-Info: [ 182.879597][ C1] vkms_vblank_simulate: vblank timer overrun [ 183.011713][ T7047] active_anon:15084 inactive_anon:55 isolated_anon:0 [ 183.011713][ T7047] active_file:14623 inactive_file:40104 isolated_file:0 [ 183.011713][ T7047] unevictable:768 dirty:475 writeback:32 [ 183.011713][ T7047] slab_reclaimable:10586 slab_unreclaimable:93636 [ 183.011713][ T7047] mapped:31538 shmem:6451 pagetables:1128 [ 183.011713][ T7047] sec_pagetables:0 bounce:0 [ 183.011713][ T7047] kernel_misc_reclaimable:0 [ 183.011713][ T7047] free:1315180 free_pcp:16607 free_cma:0 [ 183.308907][ T7047] Node 0 active_anon:65768kB inactive_anon:220kB active_file:58492kB inactive_file:160212kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129984kB dirty:1632kB writeback:0kB shmem:30068kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12012kB pagetables:4460kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 183.408506][ T7047] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 183.442476][ T7047] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 183.622883][ T7047] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 183.648711][ T7047] Node 0 DMA32 free:1338556kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:70896kB inactive_anon:220kB active_file:58492kB inactive_file:158888kB unevictable:1536kB writepending:1628kB present:3129332kB managed:2540340kB mlocked:0kB bounce:0kB free_pcp:47184kB local_pcp:20516kB free_cma:0kB [ 183.788619][ T7047] lowmem_reserve[]: 0 0 1 1 1 [ 183.834128][ T7047] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:4kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 183.863831][ T7047] lowmem_reserve[]: 0 0 0 0 0 [ 183.879499][ T7047] Node 1 Normal free:3892004kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:12kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:24008kB local_pcp:13336kB free_cma:0kB [ 184.042111][ T7075] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.059715][ T7047] lowmem_reserve[]: 0 0 0 0 0 [ 184.108877][ T7047] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 184.165991][ T7047] Node 0 DMA32: 319*4kB (UE) 93*8kB (UM) 495*16kB (UME) 526*32kB (UME) 295*64kB (UM) 67*128kB (UM) 30*256kB (UM) 10*512kB (M) 8*1024kB (ME) 4*2048kB (UM) 308*4096kB (UM) = 1344980kB [ 184.214120][ T7047] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 184.236462][ T7047] Node 1 Normal: 189*4kB (UME) 46*8kB (UME) 27*16kB (UME) 72*32kB (UME) 25*64kB (UE) 8*128kB (UME) 5*256kB (UME) 3*512kB (M) 2*1024kB (ME) 1*2048kB (E) 947*4096kB (UM) = 3892308kB [ 184.256021][ T7047] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 184.268101][ T7047] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 184.292790][ T7047] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 184.422264][ T7047] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 184.501125][ T7047] 64753 total pagecache pages [ 184.520386][ T7047] 56 pages in swap cache [ 184.535061][ T7047] Free swap = 124700kB syzkaller syzkaller login: [ 184.577781][ T7047] Total swap = 124996kB [ 184.606934][ T7047] 2097051 pages RAM [ 184.625391][ T7047] 0 pages HighMem/MovableOnly [ 184.700859][ T7047] 429988 pages reserved [ 184.743617][ T7047] 0 pages cma reserved [ 185.036711][ T7091] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 185.289770][ T7084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.227'. [ 185.441885][ T7089] FAULT_INJECTION: forcing a failure. [ 185.441885][ T7089] name fail_futex, interval 1, probability 0, space 0, times 1 [ 185.472788][ T7089] CPU: 0 UID: 0 PID: 7089 Comm: syz.1.227 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 185.472913][ T7089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 185.472932][ T7089] Call Trace: [ 185.472943][ T7089] [ 185.472955][ T7089] dump_stack_lvl+0x16c/0x1f0 [ 185.473011][ T7089] should_fail_ex+0x512/0x640 [ 185.473067][ T7089] get_futex_key+0x1d0/0x1540 [ 185.473181][ T7089] ? find_held_lock+0x2b/0x80 [ 185.473218][ T7089] ? __pfx_get_futex_key+0x10/0x10 [ 185.473261][ T7089] ? __mutex_trylock_common+0xe9/0x250 [ 185.473317][ T7089] futex_wake+0xea/0x530 [ 185.473370][ T7089] ? __pfx_futex_wake+0x10/0x10 [ 185.473414][ T7089] ? __lock_acquire+0xb8a/0x1c90 [ 185.473477][ T7089] do_futex+0x1e3/0x350 [ 185.473521][ T7089] ? __pfx_do_futex+0x10/0x10 [ 185.473560][ T7089] ? __might_fault+0xe3/0x190 [ 185.473622][ T7089] mm_release+0x24e/0x300 [ 185.473661][ T7089] do_exit+0x68b/0x2bd0 [ 185.473716][ T7089] ? __pfx_do_exit+0x10/0x10 [ 185.473761][ T7089] ? do_raw_spin_lock+0x12c/0x2b0 [ 185.473812][ T7089] ? find_held_lock+0x2b/0x80 [ 185.473853][ T7089] do_group_exit+0xd3/0x2a0 [ 185.473903][ T7089] get_signal+0x2673/0x26d0 [ 185.473954][ T7089] ? __pfx_get_signal+0x10/0x10 [ 185.473992][ T7089] ? do_futex+0x122/0x350 [ 185.474034][ T7089] ? __pfx_do_futex+0x10/0x10 [ 185.474079][ T7089] arch_do_signal_or_restart+0x8f/0x790 [ 185.474120][ T7089] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 185.474181][ T7089] ? xfd_validate_state+0x61/0x180 [ 185.474233][ T7089] exit_to_user_mode_loop+0x84/0x110 [ 185.474288][ T7089] do_syscall_64+0x3f6/0x490 [ 185.474343][ T7089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.474375][ T7089] RIP: 0033:0x7f6bc1d8e929 [ 185.474401][ T7089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.474430][ T7089] RSP: 002b:00007f6bc2bb80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 185.474459][ T7089] RAX: fffffffffffffe00 RBX: 00007f6bc1fb6088 RCX: 00007f6bc1d8e929 [ 185.474480][ T7089] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6bc1fb6088 [ 185.474498][ T7089] RBP: 00007f6bc1fb6080 R08: 0000000000000000 R09: 0000000000000000 [ 185.474516][ T7089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6bc1fb608c [ 185.474535][ T7089] R13: 0000000000000000 R14: 00007ffe389e4b10 R15: 00007ffe389e4bf8 [ 185.474575][ T7089] [ 187.306330][ T7134] FAULT_INJECTION: forcing a failure. [ 187.306330][ T7134] name failslab, interval 1, probability 0, space 0, times 0 [ 187.356052][ T7134] CPU: 1 UID: 0 PID: 7134 Comm: syz.3.237 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 187.356102][ T7134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 187.356121][ T7134] Call Trace: [ 187.356132][ T7134] [ 187.356144][ T7134] dump_stack_lvl+0x16c/0x1f0 [ 187.356204][ T7134] should_fail_ex+0x512/0x640 [ 187.356255][ T7134] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 187.356315][ T7134] should_failslab+0xc2/0x120 [ 187.356351][ T7134] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 187.356406][ T7134] ? __d_alloc+0x31/0xaa0 [ 187.356437][ T7134] ? stack_trace_save+0x8e/0xc0 [ 187.356477][ T7134] __d_alloc+0x31/0xaa0 [ 187.356510][ T7134] d_alloc+0x4a/0x1e0 [ 187.356542][ T7134] d_alloc_parallel+0xe3/0x12e0 [ 187.356590][ T7134] ? find_held_lock+0x2b/0x80 [ 187.356627][ T7134] ? __pfx_d_alloc_parallel+0x10/0x10 [ 187.356672][ T7134] ? __d_lookup+0x266/0x4a0 [ 187.356721][ T7134] lookup_open.isra.0+0x665/0x1580 [ 187.356773][ T7134] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 187.356838][ T7134] ? __pfx_down_write+0x10/0x10 [ 187.356867][ T7134] ? mnt_get_write_access+0x20c/0x300 [ 187.356910][ T7134] path_openat+0x893/0x2cb0 [ 187.356974][ T7134] ? __pfx_path_openat+0x10/0x10 [ 187.357027][ T7134] do_filp_open+0x20b/0x470 [ 187.357079][ T7134] ? __pfx_do_filp_open+0x10/0x10 [ 187.357157][ T7134] ? _raw_spin_unlock+0x28/0x50 [ 187.357199][ T7134] ? alloc_fd+0x471/0x7d0 [ 187.357255][ T7134] do_sys_openat2+0x11b/0x1d0 [ 187.357294][ T7134] ? __pfx_do_sys_openat2+0x10/0x10 [ 187.357351][ T7134] __x64_sys_open+0x153/0x1e0 [ 187.357390][ T7134] ? __pfx___x64_sys_open+0x10/0x10 [ 187.357438][ T7134] ? rcu_is_watching+0x12/0xc0 [ 187.357498][ T7134] do_syscall_64+0xcd/0x490 [ 187.357547][ T7134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.357575][ T7134] RIP: 0033:0x7f8f19d8e929 [ 187.357598][ T7134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.357625][ T7134] RSP: 002b:00007f8f1abac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 187.357652][ T7134] RAX: ffffffffffffffda RBX: 00007f8f19fb5fa0 RCX: 00007f8f19d8e929 [ 187.357671][ T7134] RDX: 0000000000000000 RSI: 0000000000149443 RDI: 0000200000000040 [ 187.357690][ T7134] RBP: 00007f8f19e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 187.357708][ T7134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 187.357726][ T7134] R13: 0000000000000000 R14: 00007f8f19fb5fa0 R15: 00007ffd670af178 [ 187.357767][ T7134] [ 187.751999][ T7141] capability: warning: `syz.2.239' uses 32-bit capabilities (legacy support in use) [ 187.818902][ T7141] netlink: 12 bytes leftover after parsing attributes in process `syz.2.239'. [ 187.942600][ T7141] HfR: entered promiscuous mode [ 187.968157][ T7144] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 188.264907][ T7150] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 188.288682][ T7147] netlink: 28 bytes leftover after parsing attributes in process `syz.2.241'. [ 188.527088][ T7154] random: crng reseeded on system resumption [ 188.534217][ T7152] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 188.620024][ T7154] FAULT_INJECTION: forcing a failure. [ 188.620024][ T7154] name failslab, interval 1, probability 0, space 0, times 0 [ 188.634218][ T7154] CPU: 0 UID: 0 PID: 7154 Comm: syz.3.243 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 188.634264][ T7154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 188.634283][ T7154] Call Trace: [ 188.634294][ T7154] [ 188.634306][ T7154] dump_stack_lvl+0x16c/0x1f0 [ 188.634362][ T7154] should_fail_ex+0x512/0x640 [ 188.634423][ T7154] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 188.634474][ T7154] should_failslab+0xc2/0x120 [ 188.634507][ T7154] __kmalloc_cache_noprof+0x6a/0x3e0 [ 188.634563][ T7154] ? mpi_alloc+0x46/0x230 [ 188.634609][ T7154] mpi_alloc+0x46/0x230 [ 188.634648][ T7154] rsa_check_payload+0x3b/0xc0 [ 188.634680][ T7154] rsa_enc+0x198/0x3b0 [ 188.634710][ T7154] ? __pfx_rsa_enc+0x10/0x10 [ 188.634739][ T7154] ? __virt_addr_valid+0x81/0x610 [ 188.634774][ T7154] ? __phys_addr+0xe8/0x180 [ 188.634809][ T7154] ? sg_init_one+0xf5/0x1b0 [ 188.634858][ T7154] rsassa_pkcs1_verify+0x502/0xb60 [ 188.634909][ T7154] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 188.634970][ T7154] ? rsa_max_size+0xd/0x70 [ 188.635019][ T7154] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 188.635062][ T7154] public_key_verify_signature+0x66f/0x970 [ 188.635112][ T7154] ? __pfx_public_key_verify_signature+0x10/0x10 [ 188.635159][ T7154] ? crypto_destroy_tfm+0x14d/0x2b0 [ 188.635227][ T7154] pkcs7_verify+0x32f/0x1b20 [ 188.635294][ T7154] verify_pkcs7_message_sig+0xdd/0x250 [ 188.635334][ T7154] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 188.635371][ T7154] ? kfree+0x2b4/0x4d0 [ 188.635411][ T7154] ? public_key_signature_free+0xda/0x110 [ 188.635452][ T7154] ? pkcs7_parse_message+0x531/0x720 [ 188.635510][ T7154] ? pkcs7_parse_message+0x536/0x720 [ 188.635573][ T7154] verify_pkcs7_signature+0x6d/0xa0 [ 188.635617][ T7154] valid_regdb+0x215/0x590 [ 188.635655][ T7154] ? __pfx___mutex_lock+0x10/0x10 [ 188.635708][ T7154] ? __pfx_valid_regdb+0x10/0x10 [ 188.635754][ T7154] reg_reload_regdb+0x11e/0x460 [ 188.635797][ T7154] ? __pfx_reg_reload_regdb+0x10/0x10 [ 188.635839][ T7154] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 188.635888][ T7154] ? nl80211_pre_doit+0x1b0/0xb10 [ 188.635944][ T7154] genl_family_rcv_msg_doit+0x206/0x2f0 [ 188.635991][ T7154] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 188.636033][ T7154] ? rcu_is_watching+0x12/0xc0 [ 188.636082][ T7154] ? bpf_lsm_capable+0x9/0x10 [ 188.636124][ T7154] ? security_capable+0x7e/0x260 [ 188.636167][ T7154] genl_rcv_msg+0x55c/0x800 [ 188.636214][ T7154] ? __pfx_genl_rcv_msg+0x10/0x10 [ 188.636257][ T7154] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 188.636305][ T7154] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 188.636342][ T7154] ? __pfx_nl80211_post_doit+0x10/0x10 [ 188.636409][ T7154] netlink_rcv_skb+0x155/0x420 [ 188.636445][ T7154] ? __pfx_genl_rcv_msg+0x10/0x10 [ 188.636489][ T7154] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 188.636551][ T7154] ? netlink_deliver_tap+0x1ae/0xd30 [ 188.636592][ T7154] genl_rcv+0x28/0x40 [ 188.636629][ T7154] netlink_unicast+0x53a/0x7f0 [ 188.636671][ T7154] ? __pfx_netlink_unicast+0x10/0x10 [ 188.636720][ T7154] netlink_sendmsg+0x8d1/0xdd0 [ 188.636764][ T7154] ? __pfx_netlink_sendmsg+0x10/0x10 [ 188.636817][ T7154] ____sys_sendmsg+0xa98/0xc70 [ 188.636858][ T7154] ? copy_msghdr_from_user+0x10a/0x160 [ 188.636909][ T7154] ? __pfx_____sys_sendmsg+0x10/0x10 [ 188.636945][ T7154] ? preempt_schedule_thunk+0x16/0x30 [ 188.636996][ T7154] ? try_to_wake_up+0xa2f/0x1680 [ 188.637039][ T7154] ___sys_sendmsg+0x134/0x1d0 [ 188.637104][ T7154] ? __pfx____sys_sendmsg+0x10/0x10 [ 188.637152][ T7154] ? __lock_acquire+0x622/0x1c90 [ 188.637250][ T7154] __sys_sendmsg+0x16d/0x220 [ 188.637301][ T7154] ? __pfx___sys_sendmsg+0x10/0x10 [ 188.637372][ T7154] ? __x64_sys_futex+0x1e0/0x4c0 [ 188.637444][ T7154] do_syscall_64+0xcd/0x490 [ 188.637500][ T7154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.637540][ T7154] RIP: 0033:0x7f8f19d8e929 [ 188.637568][ T7154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.637599][ T7154] RSP: 002b:00007f8f1abac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 188.637632][ T7154] RAX: ffffffffffffffda RBX: 00007f8f19fb5fa0 RCX: 00007f8f19d8e929 [ 188.637653][ T7154] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004 [ 188.637672][ T7154] RBP: 00007f8f19e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 188.637692][ T7154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.637710][ T7154] R13: 0000000000000000 R14: 00007f8f19fb5fa0 R15: 00007ffd670af178 [ 188.637752][ T7154] [ 190.066189][ T7169] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 190.177045][ T5172] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 190.990975][ T7192] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 193.698659][ T7248] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 193.744017][ T7252] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 194.996465][ T7273] program syz.3.270 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 195.396904][ T7277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.269'. [ 196.022474][ T7291] netlink: 206 bytes leftover after parsing attributes in process `syz.3.275'. [ 196.150981][ T7293] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 197.807502][ T7322] netlink: 330 bytes leftover after parsing attributes in process `syz.0.282'. [ 198.257148][ T7326] netlink: 28 bytes leftover after parsing attributes in process `syz.3.283'. [ 198.928076][ T7326] team0: Port device team_slave_1 removed [ 199.949159][ T7354] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 200.124235][ T7357] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 202.073234][ T7393] netlink: 130 bytes leftover after parsing attributes in process `syz.2.295'. [ 202.929036][ T7399] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 203.804979][ T7409] tty tty57: ldisc open failed (-12), clearing slot 56 [ 204.253112][ T7416] binder: 7415:7416 ioctl c018620c 0 returned -1 [ 204.554890][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.571088][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.223236][ T7448] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 205.471125][ T7455] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 205.525926][ T7454] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 205.605703][ T7458] netlink: 334 bytes leftover after parsing attributes in process `syz.2.311'. [ 205.803390][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.312'. [ 205.966749][ T7457] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 syzkaller syzkaller login: [ 206.317807][ T7468] ======================================================= [ 206.317807][ T7468] WARNING: The mand mount option has been deprecated and [ 206.317807][ T7468] and is ignored by this kernel. Remove the mand [ 206.317807][ T7468] option from the mount to silence this warning. [ 206.317807][ T7468] ======================================================= [ 206.369137][ T7473] program syz.1.319 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 206.447482][ T7468] nfsd: Unknown parameter '˜ÛZØ' [ 206.573914][ T7474] netlink: 342 bytes leftover after parsing attributes in process `syz.2.315'. [ 207.122213][ T7474] cifs: Unknown parameter '$' [ 208.392356][ T7499] random: crng reseeded on system resumption [ 208.429733][ T7499] FAULT_INJECTION: forcing a failure. [ 208.429733][ T7499] name failslab, interval 1, probability 0, space 0, times 0 [ 208.442641][ T7499] CPU: 0 UID: 0 PID: 7499 Comm: syz.1.321 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 208.442672][ T7499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 208.442686][ T7499] Call Trace: [ 208.442694][ T7499] [ 208.442703][ T7499] dump_stack_lvl+0x116/0x1f0 [ 208.442744][ T7499] should_fail_ex+0x512/0x640 [ 208.442785][ T7499] should_failslab+0xc2/0x120 [ 208.442810][ T7499] __kmalloc_cache_noprof+0x6a/0x3e0 [ 208.442844][ T7499] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 208.442882][ T7499] ? alloc_fw_cache_entry+0x3f/0xd0 [ 208.442915][ T7499] ? __pfx_fw_name_devm_release+0x10/0x10 [ 208.442946][ T7499] alloc_fw_cache_entry+0x3f/0xd0 [ 208.442978][ T7499] dev_create_fw_entry+0x3d/0x150 [ 208.443009][ T7499] ? __pfx_fw_name_devm_release+0x10/0x10 [ 208.443038][ T7499] devres_for_each_res+0x173/0x1d0 [ 208.443062][ T7499] ? __pfx_devm_name_match+0x10/0x10 [ 208.443089][ T7499] ? __pfx_dev_create_fw_entry+0x10/0x10 [ 208.443123][ T7499] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 208.443155][ T7499] dev_cache_fw_image+0xa2/0x490 [ 208.443189][ T7499] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 208.443226][ T7499] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 208.443266][ T7499] dpm_for_each_dev+0x5d/0xb0 [ 208.443296][ T7499] fw_pm_notify+0x81/0x150 [ 208.443325][ T7499] notifier_call_chain+0xbc/0x410 [ 208.443353][ T7499] ? __pfx_fw_pm_notify+0x10/0x10 [ 208.443389][ T7499] blocking_notifier_call_chain_robust+0xc8/0x160 [ 208.443422][ T7499] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 208.443465][ T7499] pm_notifier_call_chain_robust+0x27/0x60 [ 208.443500][ T7499] snapshot_open+0x218/0x2b0 [ 208.443529][ T7499] ? __pfx_snapshot_open+0x10/0x10 [ 208.443560][ T7499] misc_open+0x35d/0x420 [ 208.443591][ T7499] ? __pfx_misc_open+0x10/0x10 [ 208.443622][ T7499] chrdev_open+0x234/0x6a0 [ 208.443643][ T7499] ? __pfx_apparmor_file_open+0x10/0x10 [ 208.443675][ T7499] ? __pfx_chrdev_open+0x10/0x10 [ 208.443699][ T7499] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 208.443738][ T7499] do_dentry_open+0x741/0x1c10 [ 208.443776][ T7499] ? __pfx_chrdev_open+0x10/0x10 [ 208.443804][ T7499] vfs_open+0x82/0x3f0 [ 208.443842][ T7499] path_openat+0x1de4/0x2cb0 [ 208.443888][ T7499] ? __pfx_path_openat+0x10/0x10 [ 208.443926][ T7499] ? __lock_acquire+0xb8a/0x1c90 [ 208.443963][ T7499] do_filp_open+0x20b/0x470 [ 208.443999][ T7499] ? __pfx_do_filp_open+0x10/0x10 [ 208.444057][ T7499] ? alloc_fd+0x471/0x7d0 [ 208.444099][ T7499] do_sys_openat2+0x11b/0x1d0 [ 208.444126][ T7499] ? __pfx_do_sys_openat2+0x10/0x10 [ 208.444173][ T7499] __x64_sys_openat+0x174/0x210 [ 208.444211][ T7499] ? __pfx___x64_sys_openat+0x10/0x10 [ 208.444274][ T7499] do_syscall_64+0xcd/0x490 [ 208.444328][ T7499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.444352][ T7499] RIP: 0033:0x7f6bc1d8e929 [ 208.444372][ T7499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.444394][ T7499] RSP: 002b:00007f6bc2bd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 208.444416][ T7499] RAX: ffffffffffffffda RBX: 00007f6bc1fb5fa0 RCX: 00007f6bc1d8e929 [ 208.444431][ T7499] RDX: 0000000000080201 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 208.444445][ T7499] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 208.444459][ T7499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.444473][ T7499] R13: 0000000000000000 R14: 00007f6bc1fb5fa0 R15: 00007ffe389e4bf8 [ 208.444504][ T7499] [ 209.656732][ T7504] vivid-009: ================= START STATUS ================= [ 209.679793][ T7504] vivid-009: Enable Output Cropping: true [ 209.700142][ T7504] vivid-009: Enable Output Composing: true [ 209.708812][ T7504] vivid-009: Enable Output Scaler: true [ 209.714457][ T7504] vivid-009: Tx RGB Quantization Range: Automatic [ 209.769161][ T7504] vivid-009: Transmit Mode: HDMI [ 209.785616][ T7504] vivid-009: Hotplug Present: 0x00000000 [ 209.820341][ T7504] vivid-009: RxSense Present: 0x00000000 [ 209.860578][ T7514] block nbd7: not configured, cannot reconfigure [ 209.882706][ T7517] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 209.918154][ T7504] vivid-009: EDID Present: 0x00000000 [ 209.970937][ T7504] vivid-009: ================== END STATUS ================== [ 210.060209][ T7516] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 210.335099][ T7520] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 211.568956][ T7541] netlink: 20 bytes leftover after parsing attributes in process `syz.0.329'. [ 212.103727][ T7546] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 213.113906][ T7557] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 213.372889][ T7561] netlink: 334 bytes leftover after parsing attributes in process `syz.3.338'. [ 213.402330][ T7563] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 213.487683][ T7565] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 214.142485][ T7576] netlink: 28 bytes leftover after parsing attributes in process `syz.0.349'. [ 214.221475][ T7577] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 214.595239][ T7584] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 214.948324][ T7591] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 215.305800][ T7593] FAULT_INJECTION: forcing a failure. [ 215.305800][ T7593] name failslab, interval 1, probability 0, space 0, times 0 [ 215.342619][ T7593] CPU: 0 UID: 0 PID: 7593 Comm: syz.1.346 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 215.342666][ T7593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 215.342684][ T7593] Call Trace: [ 215.342695][ T7593] [ 215.342706][ T7593] dump_stack_lvl+0x16c/0x1f0 [ 215.342767][ T7593] should_fail_ex+0x512/0x640 [ 215.342812][ T7593] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 215.342864][ T7593] should_failslab+0xc2/0x120 [ 215.342894][ T7593] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 215.342941][ T7593] ? __d_alloc+0x31/0xaa0 [ 215.342972][ T7593] __d_alloc+0x31/0xaa0 [ 215.342996][ T7593] ? do_raw_spin_lock+0x12c/0x2b0 [ 215.343045][ T7593] d_alloc+0x4a/0x1e0 [ 215.343073][ T7593] d_alloc_name+0x83/0xb0 [ 215.343099][ T7593] ? __pfx_d_alloc_name+0x10/0x10 [ 215.343134][ T7593] simple_fill_super+0x2eb/0x720 [ 215.343181][ T7593] ? __pfx_nfsd_fill_super+0x10/0x10 [ 215.343215][ T7593] nfsd_fill_super+0x90/0x530 [ 215.343246][ T7593] ? __pfx_set_anon_super_fc+0x10/0x10 [ 215.343285][ T7593] ? __pfx_nfsd_fill_super+0x10/0x10 [ 215.343316][ T7593] get_tree_keyed+0x10e/0x1d0 [ 215.343360][ T7593] vfs_get_tree+0x8e/0x340 [ 215.343395][ T7593] path_mount+0x1414/0x2020 [ 215.343423][ T7593] ? kmem_cache_free+0x2d1/0x4d0 [ 215.343465][ T7593] ? __pfx_path_mount+0x10/0x10 [ 215.343497][ T7593] ? putname+0x154/0x1a0 [ 215.343531][ T7593] __x64_sys_mount+0x28d/0x310 [ 215.343558][ T7593] ? __pfx___x64_sys_mount+0x10/0x10 [ 215.343596][ T7593] do_syscall_64+0xcd/0x490 [ 215.343644][ T7593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.343673][ T7593] RIP: 0033:0x7f6bc1d8e929 [ 215.343696][ T7593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.343723][ T7593] RSP: 002b:00007f6bc2bd9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 215.343758][ T7593] RAX: ffffffffffffffda RBX: 00007f6bc1fb5fa0 RCX: 00007f6bc1d8e929 [ 215.343778][ T7593] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000 [ 215.343797][ T7593] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 215.343814][ T7593] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000 [ 215.343832][ T7593] R13: 0000000000000000 R14: 00007f6bc1fb5fa0 R15: 00007ffe389e4bf8 [ 215.343867][ T7593] [ 216.693829][ T7597] ima: policy update failed [ 216.699198][ T30] audit: type=1802 audit(4294967353.280:6): pid=7597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.347" res=0 errno=0 [ 218.463092][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.355'. [ 219.050764][ T7641] netlink: 28 bytes leftover after parsing attributes in process `syz.2.358'. [ 219.060114][ T7641] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 219.067661][ T7641] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 219.090201][ T7641] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 219.114440][ T7641] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 219.233286][ T7646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 219.613630][ T7647] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 220.414298][ T7659] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 220.576582][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.362'. [ 221.221814][ T7671] openvswitch: netlink: IP tunnel dst address not specified [ 221.959615][ T7666] ima: policy update failed [ 221.965209][ T30] audit: type=1802 audit(4294967358.540:7): pid=7666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.363" res=0 errno=0 [ 222.248931][ T7679] random: crng reseeded on system resumption [ 223.271360][ T7695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 224.100397][ T7696] ALSA: mixer_oss: invalid OSS volume '' [ 225.121825][ T7724] netlink: 20 bytes leftover after parsing attributes in process `syz.2.373'. [ 225.200253][ T7724] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 225.455805][ T7725] block nbd0: Unsupported socket: shutdown callout must be supported. [ 226.188852][ T7735] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 226.468033][ T7740] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 227.144939][ T7743] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 228.664635][ T30] audit: type=1800 audit(4294967365.210:8): pid=7785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.382" name="dbroot" dev="configfs" ino=14992 res=0 errno=0 [ 229.674133][ T7803] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 229.953894][ T7813] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 229.953894][ T7813] The task syz.0.389 (7813) triggered the difference, watch for misbehavior. [ 231.259190][ T7835] netlink: 342 bytes leftover after parsing attributes in process `syz.1.395'. [ 232.300651][ T7851] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 234.131679][ T7883] syz.2.406 uses obsolete (PF_INET,SOCK_PACKET) [ 234.387513][ T7890] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 235.801632][ T7919] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 236.386097][ T7921] loop6: detected capacity change from 0 to 8192 [ 236.584296][ T7935] warning: `syz.3.422' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 240.284501][ T7973] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 240.610783][ T7975] binder: 7974:7975 ioctl c018620c 0 returned -1 [ 243.125336][ T8009] ima: policy update failed [ 243.182057][ T30] audit: type=1802 audit(4294967379.750:9): pid=8009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.437" res=0 errno=0 [ 243.917655][ T8020] zero sized request [ 243.926353][ T8020] netlink: 16 bytes leftover after parsing attributes in process `syz.2.439'. [ 244.419817][ T8017] ima: policy update failed [ 244.469836][ T30] audit: type=1802 audit(4294967381.050:10): pid=8017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.438" res=0 errno=0 [ 244.806314][ T8031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.442'. [ 245.700722][ T30] audit: type=1800 audit(4294967382.280:11): pid=8057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.446" name="dbroot" dev="configfs" ino=16123 res=0 errno=0 [ 246.446312][ T8053] ima: policy update failed [ 246.472287][ T30] audit: type=1802 audit(4294967383.030:12): pid=8053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.447" res=0 errno=0 [ 246.836636][ T8066] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 248.173626][ T30] audit: type=1800 audit(4294967384.750:13): pid=8086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.454" name="discovery_nqn" dev="configfs" ino=16177 res=0 errno=0 [ 248.224689][ T8081] synth uevent: /devices/platform/vicodec.0/video4linux/video2: unknown uevent action string [ 248.299637][ T8081] video4linux video2: uevent: failed to send synthetic uevent: -22 [ 250.387950][ T8101] ima: policy update failed [ 250.419342][ T30] audit: type=1802 audit(4294967386.989:14): pid=8101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.459" res=0 errno=0 [ 250.636396][ T8109] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 252.025996][ T8133] i2c i2c-0: new_device: Can't parse I2C address [ 254.005123][ T5172] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 254.005168][ T5172] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 254.020340][ T5172] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 254.020388][ T5172] Bluetooth: hci0: adv larger than maximum supported [ 254.027471][ T5172] Bluetooth: hci0: Unknown advertising packet type: 0x40 [ 254.034386][ T5172] Bluetooth: hci0: adv larger than maximum supported [ 254.041738][ T5172] Bluetooth: hci0: Malformed LE Event: 0x0d [ 254.418352][ T8163] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 254.440921][ T8163] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 254.470813][ T8163] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 254.477079][ T8163] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 255.988686][ T5172] Bluetooth: hci0: command 0x0c1a tx timeout [ 256.193656][ T30] audit: type=1800 audit(4294967392.759:15): pid=8222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.484" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 256.474998][ T5172] Bluetooth: hci1: command 0x0c1a tx timeout [ 256.549785][ T5172] Bluetooth: hci3: command 0x0c1a tx timeout [ 256.549999][ T5854] Bluetooth: hci2: command 0x0c1a tx timeout [ 256.748015][ T8228] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 256.793578][ T8228] audit: out of memory in audit_log_start [ 257.140071][ T8240] [U]  [ 257.143177][ T8240] [U] [ 257.145927][ T8240] [U] [ 257.148675][ T8240] [U] [ 257.207865][ T8240] [U] [ 257.210677][ T8240] [U] [ 257.213443][ T8240] [U] [ 257.216201][ T8240] [U] [ 257.242617][ T8240] [U] [ 257.245436][ T8240] [U] [ 257.248200][ T8240] [U] [ 257.250968][ T8240] [U] [ 257.288964][ T8240] [U] [ 257.291767][ T8240] [U] [ 257.294526][ T8240] [U] [ 257.297291][ T8240] [U] [ 257.314417][ T8240] [U] [ 257.317223][ T8240] [U] [ 257.319984][ T8240] [U] [ 257.322739][ T8240] [U] [ 257.375049][ T8243] [U] [ 257.792001][ T8248] Invalid ELF header magic: != ELF [ 260.177996][ T8273] hub 8-0:1.0: USB hub found [ 260.200644][ T8273] hub 8-0:1.0: 1 port detected [ 260.212137][ T8281] netlink: 'syz.2.498': attribute type 64 has an invalid length. [ 260.212168][ T8281] netlink: 74 bytes leftover after parsing attributes in process `syz.2.498'. [ 261.637490][ T8291] ima: policy update failed [ 261.665349][ T30] audit: type=1802 audit(4294967398.229:16): pid=8291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.501" res=0 errno=0 [ 263.164518][ T8326] can: request_module (can-proto-0) failed. [ 263.834518][ T8340] ptrace attach of "./syz-executor exec"[8343] was attempted by "./syz-executor exec"[8340] [ 265.782493][ T8367] netlink: 28 bytes leftover after parsing attributes in process `syz.2.519'. [ 265.924490][ T8370] netlink: 28 bytes leftover after parsing attributes in process `syz.2.519'. [ 265.995944][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.002542][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.026952][ T8357] ima: policy update failed [ 266.034323][ T30] audit: type=1802 audit(4294967402.609:17): pid=8357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.516" res=0 errno=0 [ 266.569256][ T8380] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 266.688700][ T30] audit: type=1804 audit(4294967403.259:18): pid=8373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.520" name="/newroot/133/file0" dev="tmpfs" ino=707 res=1 errno=0 [ 269.237660][ T8425] FAULT_INJECTION: forcing a failure. [ 269.237660][ T8425] name failslab, interval 1, probability 0, space 0, times 0 [ 269.352949][ T8425] CPU: 1 UID: 0 PID: 8425 Comm: syz.3.531 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 269.352983][ T8425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 269.353008][ T8425] Call Trace: [ 269.353016][ T8425] [ 269.353024][ T8425] dump_stack_lvl+0x16c/0x1f0 [ 269.353066][ T8425] should_fail_ex+0x512/0x640 [ 269.353100][ T8425] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 269.353141][ T8425] should_failslab+0xc2/0x120 [ 269.353165][ T8425] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 269.353202][ T8425] ? sock_alloc_inode+0x25/0x1c0 [ 269.353231][ T8425] ? __pfx_sock_alloc_inode+0x10/0x10 [ 269.353254][ T8425] sock_alloc_inode+0x25/0x1c0 [ 269.353285][ T8425] alloc_inode+0x61/0x240 [ 269.353311][ T8425] sock_alloc+0x40/0x280 [ 269.353333][ T8425] sock_create_lite+0x82/0x120 [ 269.353359][ T8425] __netlink_kernel_create+0xbd/0x750 [ 269.353383][ T8425] ? trace_kmalloc+0x2b/0xd0 [ 269.353406][ T8425] ? __kvmalloc_node_noprof+0x298/0x620 [ 269.353441][ T8425] ? __pfx___netlink_kernel_create+0x10/0x10 [ 269.353464][ T8425] ? fib4_semantics_init+0x25/0x100 [ 269.353507][ T8425] fib_net_init+0x26d/0x3f0 [ 269.353531][ T8425] ? __pfx___register_sysctl_table+0x10/0x10 [ 269.353555][ T8425] ? __pfx_fib_net_init+0x10/0x10 [ 269.353580][ T8425] ? lockdep_init_map_type+0x5c/0x280 [ 269.353614][ T8425] ? __pfx_nl_fib_input+0x10/0x10 [ 269.353644][ T8425] ? devinet_init_net+0x5c2/0x910 [ 269.353678][ T8425] ? __pfx_fib_net_init+0x10/0x10 [ 269.353703][ T8425] ops_init+0x1df/0x5f0 [ 269.353727][ T8425] setup_net+0x1ff/0x510 [ 269.353747][ T8425] ? lockdep_init_map_type+0x5c/0x280 [ 269.353780][ T8425] ? __pfx_setup_net+0x10/0x10 [ 269.353803][ T8425] ? debug_mutex_init+0x37/0x70 [ 269.353830][ T8425] copy_net_ns+0x2a6/0x5f0 [ 269.353857][ T8425] create_new_namespaces+0x3ea/0xa90 [ 269.353891][ T8425] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 269.353920][ T8425] ksys_unshare+0x45b/0xa40 [ 269.353953][ T8425] ? __pfx_ksys_unshare+0x10/0x10 [ 269.353986][ T8425] ? xfd_validate_state+0x61/0x180 [ 269.354026][ T8425] __x64_sys_unshare+0x31/0x40 [ 269.354057][ T8425] do_syscall_64+0xcd/0x490 [ 269.354096][ T8425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.354119][ T8425] RIP: 0033:0x7f8f19d8e929 [ 269.354137][ T8425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.354159][ T8425] RSP: 002b:00007f8f1abac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 269.354191][ T8425] RAX: ffffffffffffffda RBX: 00007f8f19fb5fa0 RCX: 00007f8f19d8e929 [ 269.354206][ T8425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 269.354237][ T8425] RBP: 00007f8f19e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 269.354251][ T8425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.354271][ T8425] R13: 0000000000000000 R14: 00007f8f19fb5fa0 R15: 00007ffd670af178 [ 269.354300][ T8425] [ 269.716179][ T8414] ima: policy update failed [ 269.788728][ T30] audit: type=1802 audit(4294967406.299:19): pid=8414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.529" res=0 errno=0 [ 270.077023][ T8423] FAULT_INJECTION: forcing a failure. [ 270.077023][ T8423] name failslab, interval 1, probability 0, space 0, times 0 [ 270.107101][ T8423] CPU: 1 UID: 0 PID: 8423 Comm: syz.2.532 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 270.107145][ T8423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 270.107164][ T8423] Call Trace: [ 270.107174][ T8423] [ 270.107186][ T8423] dump_stack_lvl+0x16c/0x1f0 [ 270.107240][ T8423] should_fail_ex+0x512/0x640 [ 270.107291][ T8423] ? fs_reclaim_acquire+0xae/0x150 [ 270.107334][ T8423] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 270.107381][ T8423] should_failslab+0xc2/0x120 [ 270.107421][ T8423] __kmalloc_noprof+0xd2/0x510 [ 270.107483][ T8423] tomoyo_realpath_from_path+0xc2/0x6e0 [ 270.107541][ T8423] tomoyo_check_open_permission+0x2ab/0x3c0 [ 270.107585][ T8423] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 270.107669][ T8423] ? do_raw_spin_lock+0x12c/0x2b0 [ 270.107735][ T8423] tomoyo_file_open+0x6b/0x90 [ 270.107767][ T8423] security_file_open+0x84/0x1e0 [ 270.107815][ T8423] do_dentry_open+0x596/0x1c10 [ 270.107881][ T8423] vfs_open+0x82/0x3f0 [ 270.107925][ T8423] path_openat+0x1de4/0x2cb0 [ 270.107988][ T8423] ? __pfx_path_openat+0x10/0x10 [ 270.108062][ T8423] ? __lock_acquire+0xb8a/0x1c90 [ 270.108115][ T8423] do_filp_open+0x20b/0x470 [ 270.108168][ T8423] ? __pfx_do_filp_open+0x10/0x10 [ 270.108250][ T8423] ? alloc_fd+0x471/0x7d0 [ 270.108310][ T8423] do_sys_openat2+0x11b/0x1d0 [ 270.108350][ T8423] ? __pfx_do_sys_openat2+0x10/0x10 [ 270.108390][ T8423] ? __fget_files+0x204/0x3c0 [ 270.108460][ T8423] __x64_sys_openat+0x174/0x210 [ 270.108501][ T8423] ? __pfx___x64_sys_openat+0x10/0x10 [ 270.108561][ T8423] do_syscall_64+0xcd/0x490 [ 270.108617][ T8423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.108651][ T8423] RIP: 0033:0x7ff17e38e929 [ 270.108677][ T8423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.108707][ T8423] RSP: 002b:00007ff17c1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 270.108737][ T8423] RAX: ffffffffffffffda RBX: 00007ff17e5b5fa0 RCX: 00007ff17e38e929 [ 270.108759][ T8423] RDX: 0000000000080000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 270.108779][ T8423] RBP: 00007ff17e410b39 R08: 0000000000000000 R09: 0000000000000000 [ 270.108799][ T8423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.108817][ T8423] R13: 0000000000000000 R14: 00007ff17e5b5fa0 R15: 00007ffe99f185e8 [ 270.108859][ T8423] [ 270.403273][ T8423] ERROR: Out of memory at tomoyo_realpath_from_path. [ 271.104477][ T8423] kexec: Could not allocate control_code_buffer [ 272.110126][ T8463] Invalid ELF header magic: != ELF [ 272.458908][ T8487] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 272.517281][ T8481] ima: policy update failed [ 272.710369][ T30] audit: type=1802 audit(4294967409.179:20): pid=8481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.543" res=0 errno=0 [ 273.341886][ T8484] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 274.582718][ T8537] ima: policy update failed [ 274.608618][ T30] audit: type=1802 audit(4294967411.179:21): pid=8537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.553" res=0 errno=0 [ 274.696073][ T8547] vhci_hcd: invalid port number 16 [ 274.704541][ T8547] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 275.562853][ T8584] FAULT_INJECTION: forcing a failure. [ 275.562853][ T8584] name failslab, interval 1, probability 0, space 0, times 0 [ 275.602596][ T8586] netlink: 326 bytes leftover after parsing attributes in process `syz.2.562'. [ 275.659860][ T8584] CPU: 1 UID: 0 PID: 8584 Comm: syz.1.563 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 275.659894][ T8584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 275.659907][ T8584] Call Trace: [ 275.659915][ T8584] [ 275.659924][ T8584] dump_stack_lvl+0x16c/0x1f0 [ 275.659965][ T8584] should_fail_ex+0x512/0x640 [ 275.660001][ T8584] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 275.660042][ T8584] should_failslab+0xc2/0x120 [ 275.660066][ T8584] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 275.660104][ T8584] ? __d_alloc+0x31/0xaa0 [ 275.660130][ T8584] __d_alloc+0x31/0xaa0 [ 275.660149][ T8584] ? __lock_acquire+0x622/0x1c90 [ 275.660184][ T8584] d_alloc+0x4a/0x1e0 [ 275.660207][ T8584] d_alloc_parallel+0xe3/0x12e0 [ 275.660241][ T8584] ? find_held_lock+0x2b/0x80 [ 275.660266][ T8584] ? __d_lookup+0x25c/0x4a0 [ 275.660294][ T8584] ? __pfx_d_alloc_parallel+0x10/0x10 [ 275.660324][ T8584] ? __d_lookup+0x266/0x4a0 [ 275.660351][ T8584] ? lockdep_init_map_type+0x5c/0x280 [ 275.660386][ T8584] ? lockdep_init_map_type+0x5c/0x280 [ 275.660426][ T8584] proc_fill_cache+0x2e6/0x470 [ 275.660460][ T8584] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 275.660497][ T8584] ? __pfx_proc_fill_cache+0x10/0x10 [ 275.660569][ T8584] proc_pident_readdir+0x1bc/0x560 [ 275.660611][ T8584] iterate_dir+0x296/0xb40 [ 275.660647][ T8584] __x64_sys_getdents+0x13c/0x2b0 [ 275.660679][ T8584] ? __pfx___x64_sys_getdents+0x10/0x10 [ 275.660716][ T8584] ? __pfx_filldir+0x10/0x10 [ 275.660757][ T8584] do_syscall_64+0xcd/0x490 [ 275.660796][ T8584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.660820][ T8584] RIP: 0033:0x7f6bc1d8e929 [ 275.660839][ T8584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.660865][ T8584] RSP: 002b:00007f6bc2bd9038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 275.660887][ T8584] RAX: ffffffffffffffda RBX: 00007f6bc1fb5fa0 RCX: 00007f6bc1d8e929 [ 275.660902][ T8584] RDX: 00000000000003f1 RSI: 0000000000000000 RDI: 0000000000000007 [ 275.660916][ T8584] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 275.660930][ T8584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 275.660943][ T8584] R13: 0000000000000000 R14: 00007f6bc1fb5fa0 R15: 00007ffe389e4bf8 [ 275.660973][ T8584] [ 276.227386][ T8593] ima: policy update failed [ 276.272392][ T30] audit: type=1802 audit(4294967412.849:22): pid=8593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.564" res=0 errno=0 [ 276.397370][ T8607] netlink: 4 bytes leftover after parsing attributes in process `syz.2.566'. [ 276.681954][ T30] audit: type=1804 audit(4294967413.259:23): pid=8613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.568" name="/newroot/sys/kernel/debug/tracing/dynamic_events" dev="tracefs" ino=1062 res=1 errno=0 [ 277.321621][ T8627] random: crng reseeded on system resumption [ 278.297519][ T8639] could not allocate digest TFM handle [ 278.716535][ T8664] can: request_module (can-proto-3) failed. [ 279.345985][ T8661] ima: policy update failed [ 279.360660][ T30] audit: type=1802 audit(4294967415.929:24): pid=8661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.576" res=0 errno=0 [ 279.722069][ T8696] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 280.609393][ T8699] ovs_ÿþ: entered promiscuous mode [ 280.755303][ T8715] vhci_hcd: invalid port number 16 [ 280.785394][ T8715] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 283.365003][ T8759] Invalid ELF header magic: != ELF [ 286.954095][ T8836] netlink: 28 bytes leftover after parsing attributes in process `syz.2.608'. [ 287.418741][ T8840] netlink: 342 bytes leftover after parsing attributes in process `syz.3.609'. [ 287.461565][ T8840] netlink: 342 bytes leftover after parsing attributes in process `syz.3.609'. [ 288.611541][ T8850] FAULT_INJECTION: forcing a failure. [ 288.611541][ T8850] name failslab, interval 1, probability 0, space 0, times 0 [ 288.779419][ T8850] CPU: 0 UID: 0 PID: 8850 Comm: syz.2.613 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 288.779458][ T8850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.779472][ T8850] Call Trace: [ 288.779479][ T8850] [ 288.779488][ T8850] dump_stack_lvl+0x16c/0x1f0 [ 288.779529][ T8850] should_fail_ex+0x512/0x640 [ 288.779564][ T8850] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 288.779599][ T8850] should_failslab+0xc2/0x120 [ 288.779623][ T8850] __kmalloc_cache_noprof+0x6a/0x3e0 [ 288.779654][ T8850] ? __lock_acquire+0xb8a/0x1c90 [ 288.779685][ T8850] ? snd_timer_instance_new+0x47/0x2e0 [ 288.779713][ T8850] snd_timer_instance_new+0x47/0x2e0 [ 288.779736][ T8850] snd_seq_timer_open+0x1cc/0x5e0 [ 288.779771][ T8850] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 288.779806][ T8850] ? find_held_lock+0x2b/0x80 [ 288.779834][ T8850] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 288.779866][ T8850] ? lockdep_hardirqs_on+0x7c/0x110 [ 288.779899][ T8850] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 288.779935][ T8850] queue_use+0xe3/0x250 [ 288.779961][ T8850] snd_seq_queue_alloc+0x2e5/0x550 [ 288.779994][ T8850] snd_seq_ioctl_create_queue+0xa9/0x380 [ 288.780032][ T8850] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 288.780065][ T8850] alloc_seq_queue+0xda/0x180 [ 288.780089][ T8850] ? __pfx_alloc_seq_queue+0x10/0x10 [ 288.780129][ T8850] ? mark_held_locks+0x49/0x80 [ 288.780161][ T8850] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.780196][ T8850] snd_seq_oss_open+0x38c/0xa20 [ 288.780226][ T8850] odev_open+0x6f/0x90 [ 288.780244][ T8850] ? __pfx_odev_open+0x10/0x10 [ 288.780264][ T8850] soundcore_open+0x40c/0x580 [ 288.780305][ T8850] ? __pfx_soundcore_open+0x10/0x10 [ 288.780344][ T8850] chrdev_open+0x234/0x6a0 [ 288.780366][ T8850] ? __pfx_apparmor_file_open+0x10/0x10 [ 288.780398][ T8850] ? __pfx_chrdev_open+0x10/0x10 [ 288.780422][ T8850] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 288.780461][ T8850] do_dentry_open+0x741/0x1c10 [ 288.780499][ T8850] ? __pfx_chrdev_open+0x10/0x10 [ 288.780526][ T8850] vfs_open+0x82/0x3f0 [ 288.780557][ T8850] path_openat+0x1de4/0x2cb0 [ 288.780602][ T8850] ? __pfx_path_openat+0x10/0x10 [ 288.780639][ T8850] ? __lock_acquire+0xb8a/0x1c90 [ 288.780688][ T8850] do_filp_open+0x20b/0x470 [ 288.780738][ T8850] ? __pfx_do_filp_open+0x10/0x10 [ 288.780819][ T8850] ? alloc_fd+0x471/0x7d0 [ 288.780879][ T8850] do_sys_openat2+0x11b/0x1d0 [ 288.780920][ T8850] ? __pfx_do_sys_openat2+0x10/0x10 [ 288.780977][ T8850] __x64_sys_openat+0x174/0x210 [ 288.781020][ T8850] ? __pfx___x64_sys_openat+0x10/0x10 [ 288.781088][ T8850] do_syscall_64+0xcd/0x490 [ 288.781146][ T8850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.781181][ T8850] RIP: 0033:0x7ff17e38e929 [ 288.781208][ T8850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.781238][ T8850] RSP: 002b:00007ff17c1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 288.781269][ T8850] RAX: ffffffffffffffda RBX: 00007ff17e5b5fa0 RCX: 00007ff17e38e929 [ 288.781290][ T8850] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 288.781310][ T8850] RBP: 00007ff17e410b39 R08: 0000000000000000 R09: 0000000000000000 [ 288.781329][ T8850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 288.781347][ T8850] R13: 0000000000000000 R14: 00007ff17e5b5fa0 R15: 00007ffe99f185e8 [ 288.781389][ T8850] [ 290.045463][ T8854] random: crng reseeded on system resumption [ 291.654590][ T8869] ima: policy update failed [ 291.727063][ T30] audit: type=1802 audit(4294967428.299:25): pid=8869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.617" res=0 errno=0 [ 292.900184][ T8892] random: crng reseeded on system resumption [ 293.555219][ T8895] nbd: socks must be embedded in a SOCK_ITEM attr [ 293.585826][ T8895] block nbd0: shutting down sockets [ 293.885720][ T8904] FAULT_INJECTION: forcing a failure. [ 293.885720][ T8904] name failslab, interval 1, probability 0, space 0, times 0 [ 293.902673][ T8904] CPU: 0 UID: 0 PID: 8904 Comm: syz.3.624 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 293.902717][ T8904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 293.902736][ T8904] Call Trace: [ 293.902747][ T8904] [ 293.902758][ T8904] dump_stack_lvl+0x16c/0x1f0 [ 293.902815][ T8904] should_fail_ex+0x512/0x640 [ 293.902865][ T8904] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 293.902923][ T8904] should_failslab+0xc2/0x120 [ 293.902958][ T8904] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 293.903009][ T8904] ? __proc_create+0xc3/0x8c0 [ 293.903038][ T8904] ? __proc_create+0x2ce/0x8c0 [ 293.903074][ T8904] __proc_create+0x2ce/0x8c0 [ 293.903107][ T8904] ? __pfx___proc_create+0x10/0x10 [ 293.903155][ T8904] proc_create_reg+0x7d/0x180 [ 293.903193][ T8904] proc_create_net_data+0x8e/0x1b0 [ 293.903228][ T8904] ? __pfx_proc_create_net_data+0x10/0x10 [ 293.903275][ T8904] udp6_proc_init+0x57/0x80 [ 293.903326][ T8904] inet6_net_init+0x67a/0xb20 [ 293.903361][ T8904] ? __pfx_inet6_net_init+0x10/0x10 [ 293.903392][ T8904] ops_init+0x1df/0x5f0 [ 293.903428][ T8904] setup_net+0x1ff/0x510 [ 293.903468][ T8904] ? lockdep_init_map_type+0x5c/0x280 [ 293.903518][ T8904] ? __pfx_setup_net+0x10/0x10 [ 293.903553][ T8904] ? debug_mutex_init+0x37/0x70 [ 293.903593][ T8904] copy_net_ns+0x2a6/0x5f0 [ 293.903634][ T8904] create_new_namespaces+0x3ea/0xa90 [ 293.903683][ T8904] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 293.903726][ T8904] ksys_unshare+0x45b/0xa40 [ 293.903774][ T8904] ? __pfx_ksys_unshare+0x10/0x10 [ 293.903823][ T8904] ? xfd_validate_state+0x61/0x180 [ 293.903882][ T8904] __x64_sys_unshare+0x31/0x40 [ 293.903928][ T8904] do_syscall_64+0xcd/0x490 [ 293.903983][ T8904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.904017][ T8904] RIP: 0033:0x7f8f19d8e929 [ 293.904043][ T8904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.904073][ T8904] RSP: 002b:00007f8f1abac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 293.904103][ T8904] RAX: ffffffffffffffda RBX: 00007f8f19fb5fa0 RCX: 00007f8f19d8e929 [ 293.904124][ T8904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 293.904143][ T8904] RBP: 00007f8f19e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 293.904162][ T8904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.904180][ T8904] R13: 0000000000000000 R14: 00007f8f19fb5fa0 R15: 00007ffd670af178 [ 293.904223][ T8904] [ 295.590836][ T8917] ima: policy update failed [ 295.631301][ T30] audit: type=1802 audit(4294967432.169:26): pid=8917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.627" res=0 errno=0 [ 295.950958][ T8931] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 297.652905][ T8955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 297.754946][ T8955] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 297.834508][ T8955] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 297.948802][ T8955] page_type: f5(slab) [ 297.969541][ T8955] raw: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 298.032798][ T8955] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 298.100078][ T8964] ima: policy update failed [ 298.105912][ T30] audit: type=1802 audit(4294967434.679:27): pid=8964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.638" res=0 errno=0 [ 298.124370][ T8955] head: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 298.133317][ T8955] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 298.142229][ T8955] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 298.151133][ T8955] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 298.160438][ T8955] page dumped because: unmovable page [ 298.165974][ T8955] page_owner tracks the page as allocated [ 298.172898][ T8955] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5862, tgid 5862 (syz-executor), ts 106165702178, free_ts 67780103970 [ 298.203734][ T8955] post_alloc_hook+0x1c0/0x230 [ 298.216698][ T8955] get_page_from_freelist+0x1321/0x3890 [ 298.267775][ T8955] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 298.290078][ T8977] ecryptfs_miscdev_write: Invalid packet size [1] [ 298.301070][ T8955] alloc_pages_mpol+0x1fb/0x550 [ 298.377808][ T8955] new_slab+0x23b/0x330 [ 298.383894][ T8955] ___slab_alloc+0xd9c/0x1940 [ 298.397694][ T8955] __slab_alloc.constprop.0+0x56/0xb0 [ 298.414912][ T8955] __kmalloc_cache_noprof+0xfb/0x3e0 [ 298.420388][ T8955] ipv6_add_dev+0x1c9/0x15f0 [ 298.435258][ T8955] addrconf_notify+0x53e/0x19e0 [ 298.445375][ T8955] notifier_call_chain+0xbc/0x410 [ 298.482718][ T8955] call_netdevice_notifiers_info+0xbe/0x140 [ 298.508727][ T8955] register_netdevice+0x182e/0x2270 [ 298.538656][ T8955] register_vlan_dev+0x372/0x940 [ 298.543705][ T8955] vlan_newlink+0x48c/0x760 [ 298.548296][ T8955] rtnl_newlink+0xc42/0x2000 [ 298.611987][ T8955] page last free pid 5526 tgid 5526 stack trace: [ 298.672059][ T8955] __free_frozen_pages+0x7fe/0x1180 [ 298.677374][ T8955] __put_partials+0x16d/0x1c0 [ 298.738154][ T8955] qlist_free_all+0x4d/0x120 [ 298.753970][ T8955] kasan_quarantine_reduce+0x195/0x1e0 [ 298.765621][ T8955] __kasan_slab_alloc+0x69/0x90 [ 298.775790][ T8955] __kmalloc_noprof+0x1d4/0x510 [ 298.791296][ T8955] tomoyo_realpath_from_path+0xc2/0x6e0 [ 298.800803][ T8955] tomoyo_path_perm+0x274/0x460 [ 298.805799][ T8955] security_inode_getattr+0x116/0x290 [ 298.813074][ T8955] vfs_fstat+0x4b/0xe0 [ 298.817228][ T8955] __do_sys_newfstat+0x87/0x100 [ 298.825912][ T8955] do_syscall_64+0xcd/0x490 [ 298.826001][ T8955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.962374][ T8952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 299.048501][ T8952] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 299.098684][ T8952] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 299.168522][ T8952] page_type: f5(slab) [ 299.173664][ T8952] raw: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 299.224643][ T8952] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 299.260719][ T8952] head: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 299.318664][ T8952] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 299.327443][ T8952] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 299.393947][ T8952] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 299.407907][ T8952] page dumped because: unmovable page [ 299.420055][ T8952] page_owner tracks the page as allocated [ 299.436872][ T8952] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5862, tgid 5862 (syz-executor), ts 106165702178, free_ts 67780103970 [ 299.578765][ T8952] post_alloc_hook+0x1c0/0x230 [ 299.583623][ T8952] get_page_from_freelist+0x1321/0x3890 [ 299.597264][ T8952] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 299.603663][ T8952] alloc_pages_mpol+0x1fb/0x550 [ 299.608986][ T8952] new_slab+0x23b/0x330 [ 299.613236][ T8952] ___slab_alloc+0xd9c/0x1940 [ 299.623079][ T8952] __slab_alloc.constprop.0+0x56/0xb0 [ 299.632219][ T8952] __kmalloc_cache_noprof+0xfb/0x3e0 [ 299.640505][ T8952] ipv6_add_dev+0x1c9/0x15f0 [ 299.645276][ T8952] addrconf_notify+0x53e/0x19e0 [ 299.668310][ T8952] notifier_call_chain+0xbc/0x410 [ 299.688512][ T8952] call_netdevice_notifiers_info+0xbe/0x140 [ 299.708512][ T8952] register_netdevice+0x182e/0x2270 [ 299.714991][ T8952] register_vlan_dev+0x372/0x940 [ 299.735458][ T8952] vlan_newlink+0x48c/0x760 [ 299.750730][ T8952] rtnl_newlink+0xc42/0x2000 [ 299.765362][ T8952] page last free pid 5526 tgid 5526 stack trace: [ 299.771855][ T8952] __free_frozen_pages+0x7fe/0x1180 [ 299.777203][ T8952] __put_partials+0x16d/0x1c0 [ 299.783279][ T8952] qlist_free_all+0x4d/0x120 [ 299.791118][ T8952] kasan_quarantine_reduce+0x195/0x1e0 [ 299.835689][ T8952] __kasan_slab_alloc+0x69/0x90 [ 299.844619][ T8952] __kmalloc_noprof+0x1d4/0x510 [ 299.862290][ T8952] tomoyo_realpath_from_path+0xc2/0x6e0 [ 299.880018][ T8952] tomoyo_path_perm+0x274/0x460 [ 299.886830][ T8952] security_inode_getattr+0x116/0x290 [ 299.900738][ T8952] vfs_fstat+0x4b/0xe0 [ 299.941628][ T8952] __do_sys_newfstat+0x87/0x100 [ 299.946742][ T8952] do_syscall_64+0xcd/0x490 [ 299.951541][ T8952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.761290][ T9046] random: crng reseeded on system resumption [ 301.481653][ T9034] ima: policy update failed [ 301.486441][ T30] audit: type=1802 audit(4294967438.059:28): pid=9034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.651" res=0 errno=0 [ 302.958673][ T9072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 302.968488][ T9072] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 302.994082][ T9072] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 303.013040][ T9072] page_type: f5(slab) [ 303.017106][ T9072] raw: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 303.037378][ T9072] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 303.066797][ T9072] head: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 303.075985][ T9072] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 303.093028][ T9072] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 303.105745][ T9072] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 303.114866][ T9072] page dumped because: unmovable page [ 303.163415][ T9072] page_owner tracks the page as allocated [ 303.222653][ T9072] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5862, tgid 5862 (syz-executor), ts 106165702178, free_ts 67780103970 [ 303.246172][ T9072] post_alloc_hook+0x1c0/0x230 [ 303.251124][ T9072] get_page_from_freelist+0x1321/0x3890 [ 303.256843][ T9072] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 303.266030][ T9072] alloc_pages_mpol+0x1fb/0x550 [ 303.271368][ T9072] new_slab+0x23b/0x330 [ 303.276973][ T9072] ___slab_alloc+0xd9c/0x1940 [ 303.282054][ T9072] __slab_alloc.constprop.0+0x56/0xb0 [ 303.287511][ T9072] __kmalloc_cache_noprof+0xfb/0x3e0 [ 303.293088][ T9072] ipv6_add_dev+0x1c9/0x15f0 [ 303.297792][ T9072] addrconf_notify+0x53e/0x19e0 [ 303.308162][ T9072] notifier_call_chain+0xbc/0x410 [ 303.313387][ T9072] call_netdevice_notifiers_info+0xbe/0x140 [ 303.321220][ T9072] register_netdevice+0x182e/0x2270 [ 303.326491][ T9072] register_vlan_dev+0x372/0x940 [ 303.331671][ T9072] vlan_newlink+0x48c/0x760 [ 303.336326][ T9072] rtnl_newlink+0xc42/0x2000 [ 303.342983][ T9072] page last free pid 5526 tgid 5526 stack trace: [ 303.349618][ T9072] __free_frozen_pages+0x7fe/0x1180 [ 303.354985][ T9072] __put_partials+0x16d/0x1c0 [ 303.365069][ T9072] qlist_free_all+0x4d/0x120 [ 303.371766][ T9072] kasan_quarantine_reduce+0x195/0x1e0 [ 303.377603][ T9072] __kasan_slab_alloc+0x69/0x90 [ 303.388557][ T9072] __kmalloc_noprof+0x1d4/0x510 [ 303.393513][ T9072] tomoyo_realpath_from_path+0xc2/0x6e0 [ 303.402757][ T9072] tomoyo_path_perm+0x274/0x460 [ 303.420176][ T9072] security_inode_getattr+0x116/0x290 [ 303.425651][ T9072] vfs_fstat+0x4b/0xe0 [ 303.429923][ T9072] __do_sys_newfstat+0x87/0x100 [ 303.440202][ T9072] do_syscall_64+0xcd/0x490 [ 303.444808][ T9072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.906006][ T9098] ima: policy update failed [ 304.912793][ T30] audit: type=1802 audit(4294967441.489:29): pid=9098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.665" res=0 errno=0 [ 308.945280][ T9188] FAULT_INJECTION: forcing a failure. [ 308.945280][ T9188] name failslab, interval 1, probability 0, space 0, times 0 [ 309.006459][ T9188] CPU: 0 UID: 0 PID: 9188 Comm: syz.2.678 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 309.006505][ T9188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.006523][ T9188] Call Trace: [ 309.006534][ T9188] [ 309.006546][ T9188] dump_stack_lvl+0x16c/0x1f0 [ 309.006601][ T9188] should_fail_ex+0x512/0x640 [ 309.006650][ T9188] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 309.006705][ T9188] should_failslab+0xc2/0x120 [ 309.006738][ T9188] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 309.006797][ T9188] ? trace_kmalloc+0x2b/0xd0 [ 309.006829][ T9188] ? seq_open+0x55/0x170 [ 309.006868][ T9188] seq_open+0x55/0x170 [ 309.006903][ T9188] __seq_open_private+0x3e/0xd0 [ 309.006943][ T9188] tracing_open+0x25f/0xf90 [ 309.006979][ T9188] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 309.007035][ T9188] do_dentry_open+0x741/0x1c10 [ 309.007088][ T9188] ? __pfx_tracing_open+0x10/0x10 [ 309.007132][ T9188] vfs_open+0x82/0x3f0 [ 309.007175][ T9188] path_openat+0x1de4/0x2cb0 [ 309.007238][ T9188] ? __pfx_path_openat+0x10/0x10 [ 309.007290][ T9188] ? __lock_acquire+0xb8a/0x1c90 [ 309.007340][ T9188] do_filp_open+0x20b/0x470 [ 309.007391][ T9188] ? __pfx_do_filp_open+0x10/0x10 [ 309.007472][ T9188] ? alloc_fd+0x471/0x7d0 [ 309.007527][ T9188] do_sys_openat2+0x11b/0x1d0 [ 309.007566][ T9188] ? __pfx_do_sys_openat2+0x10/0x10 [ 309.007607][ T9188] ? find_held_lock+0x2b/0x80 [ 309.007651][ T9188] __x64_sys_openat+0x174/0x210 [ 309.007691][ T9188] ? __pfx___x64_sys_openat+0x10/0x10 [ 309.007749][ T9188] do_syscall_64+0xcd/0x490 [ 309.007817][ T9188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.007850][ T9188] RIP: 0033:0x7ff17e38e929 [ 309.007876][ T9188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.007907][ T9188] RSP: 002b:00007ff17c1d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 309.007935][ T9188] RAX: ffffffffffffffda RBX: 00007ff17e5b6080 RCX: 00007ff17e38e929 [ 309.007954][ T9188] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 309.007970][ T9188] RBP: 00007ff17e410b39 R08: 0000000000000000 R09: 0000000000000000 [ 309.007988][ T9188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.008007][ T9188] R13: 0000000000000000 R14: 00007ff17e5b6080 R15: 00007ffe99f185e8 [ 309.008047][ T9188] [ 309.243435][ C0] vkms_vblank_simulate: vblank timer overrun [ 311.383366][ T9229] i2c i2c-0: delete_device: Can't find device in list [ 313.364637][ T9241] FAULT_INJECTION: forcing a failure. [ 313.364637][ T9241] name failslab, interval 1, probability 0, space 0, times 0 [ 313.397597][ T9233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 313.408295][ T9233] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 313.417929][ T9233] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 313.450329][ T9233] page_type: f5(slab) [ 313.454412][ T9233] raw: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 313.506161][ T9233] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 313.515072][ T9233] head: 00fff00000000040 ffff88801b84b3c0 dead000000000122 0000000000000000 [ 313.523876][ T9233] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 313.532820][ T9233] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 313.542994][ T9233] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 313.552149][ T9233] page dumped because: unmovable page [ 313.557721][ T9233] page_owner tracks the page as allocated [ 313.564348][ T9233] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5862, tgid 5862 (syz-executor), ts 106165702178, free_ts 67780103970 [ 313.586343][ T9233] post_alloc_hook+0x1c0/0x230 [ 313.591065][ T9241] CPU: 0 UID: 0 PID: 9241 Comm: syz.3.691 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 313.591118][ T9241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 313.591141][ T9241] Call Trace: [ 313.591153][ T9241] [ 313.591165][ T9241] dump_stack_lvl+0x16c/0x1f0 [ 313.591228][ T9241] should_fail_ex+0x512/0x640 [ 313.591276][ T9241] ? __kvmalloc_node_noprof+0x124/0x620 [ 313.591329][ T9241] should_failslab+0xc2/0x120 [ 313.591370][ T9241] __kvmalloc_node_noprof+0x137/0x620 [ 313.591420][ T9241] ? alloc_netdev_mqs+0xfbe/0x1570 [ 313.591479][ T9241] ? alloc_netdev_mqs+0xfbe/0x1570 [ 313.591529][ T9241] alloc_netdev_mqs+0xfbe/0x1570 [ 313.591593][ T9241] __ip_tunnel_create+0x3ad/0x6e0 [ 313.591641][ T9241] ? __pfx___ip_tunnel_create+0x10/0x10 [ 313.591699][ T9241] ip_tunnel_init_net+0x22f/0x7d0 [ 313.591749][ T9241] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 313.591803][ T9241] ? trace_kmalloc+0x2b/0xd0 [ 313.591840][ T9241] ? __kmalloc_noprof+0x242/0x510 [ 313.591893][ T9241] ? lockdep_init_map_type+0x5c/0x280 [ 313.591954][ T9241] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 313.592015][ T9241] ops_init+0x1df/0x5f0 [ 313.592052][ T9241] setup_net+0x1ff/0x510 [ 313.592089][ T9241] ? lockdep_init_map_type+0x5c/0x280 [ 313.592141][ T9241] ? __pfx_setup_net+0x10/0x10 [ 313.592178][ T9241] ? debug_mutex_init+0x37/0x70 [ 313.592236][ T9241] copy_net_ns+0x2a6/0x5f0 [ 313.592281][ T9241] create_new_namespaces+0x3ea/0xa90 [ 313.592334][ T9241] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 313.592383][ T9241] ksys_unshare+0x45b/0xa40 [ 313.592454][ T9241] ? __pfx_ksys_unshare+0x10/0x10 [ 313.592507][ T9241] ? xfd_validate_state+0x61/0x180 [ 313.592573][ T9241] __x64_sys_unshare+0x31/0x40 [ 313.592626][ T9241] do_syscall_64+0xcd/0x490 [ 313.592688][ T9241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.592727][ T9241] RIP: 0033:0x7f8f19d8e929 [ 313.592755][ T9241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.592793][ T9241] RSP: 002b:00007f8f1abac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 313.592828][ T9241] RAX: ffffffffffffffda RBX: 00007f8f19fb5fa0 RCX: 00007f8f19d8e929 [ 313.592853][ T9241] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 313.592875][ T9241] RBP: 00007f8f19e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 313.592896][ T9241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 313.592919][ T9241] R13: 0000000000000000 R14: 00007f8f19fb5fa0 R15: 00007ffd670af178 [ 313.592966][ T9241] [ 313.875685][ T9233] get_page_from_freelist+0x1321/0x3890 [ 313.938561][ T9233] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 313.965032][ T9233] alloc_pages_mpol+0x1fb/0x550 [ 313.965080][ T9233] new_slab+0x23b/0x330 [ 313.965123][ T9233] ___slab_alloc+0xd9c/0x1940 [ 313.965169][ T9233] __slab_alloc.constprop.0+0x56/0xb0 [ 313.965215][ T9233] __kmalloc_cache_noprof+0xfb/0x3e0 [ 313.965263][ T9233] ipv6_add_dev+0x1c9/0x15f0 [ 313.966972][ T9233] addrconf_notify+0x53e/0x19e0 [ 313.967020][ T9233] notifier_call_chain+0xbc/0x410 [ 313.967062][ T9233] call_netdevice_notifiers_info+0xbe/0x140 [ 313.967104][ T9233] register_netdevice+0x182e/0x2270 [ 313.967136][ T9233] register_vlan_dev+0x372/0x940 [ 313.967171][ T9233] vlan_newlink+0x48c/0x760 [ 313.967213][ T9233] rtnl_newlink+0xc42/0x2000 [ 313.967242][ T9233] page last free pid 5526 tgid 5526 stack trace: [ 313.967264][ T9233] __free_frozen_pages+0x7fe/0x1180 [ 313.967311][ T9233] __put_partials+0x16d/0x1c0 [ 313.967355][ T9233] qlist_free_all+0x4d/0x120 [ 313.967402][ T9233] kasan_quarantine_reduce+0x195/0x1e0 [ 313.967453][ T9233] __kasan_slab_alloc+0x69/0x90 [ 313.967490][ T9233] __kmalloc_noprof+0x1d4/0x510 [ 313.983853][ T9233] tomoyo_realpath_from_path+0xc2/0x6e0 [ 313.983912][ T9233] tomoyo_path_perm+0x274/0x460 [ 313.983951][ T9233] security_inode_getattr+0x116/0x290 [ 313.983993][ T9233] vfs_fstat+0x4b/0xe0 [ 313.984027][ T9233] __do_sys_newfstat+0x87/0x100 [ 313.984063][ T9233] do_syscall_64+0xcd/0x490 [ 313.984113][ T9233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.993677][ T9248] nbd: socks must be embedded in a SOCK_ITEM attr [ 313.993992][ T9248] block nbd0: shutting down sockets [ 315.296111][ T9262] ima: policy update failed [ 315.334725][ T30] audit: type=1802 audit(4294967451.879:30): pid=9262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.696" res=0 errno=0 [ 317.199434][ T5854] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 317.199480][ T5854] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 317.216864][ T5854] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 317.216927][ T5854] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 317.216949][ T5854] Bluetooth: hci3: adv larger than maximum supported [ 317.216962][ T5854] Bluetooth: hci3: Malformed LE Event: 0x0d [ 318.089792][ T9300] netlink: 8 bytes leftover after parsing attributes in process `syz.3.705'. [ 319.989937][ T9314] ima: policy update failed [ 320.001585][ T30] audit: type=1802 audit(4294967456.579:31): pid=9314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.708" res=0 errno=0 [ 321.294158][ T9347] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 323.481132][ T9347] ovs_ÿþ: entered promiscuous mode [ 323.681384][ T9376] can: request_module (can-proto-3) failed. [ 327.433666][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.440140][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.172694][ T30] audit: type=1804 audit(4294967464.749:32): pid=9432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.727" name="/newroot/sys/kernel/debug/tracing/dynamic_events" dev="tracefs" ino=1062 res=1 errno=0 [ 329.060982][ T9437] random: crng reseeded on system resumption [ 330.597075][ T9460] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 332.543855][ T9470] ima: policy update failed [ 332.684424][ T30] audit: type=1802 audit(4294967469.249:33): pid=9470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.733" res=0 errno=0 [ 333.723104][ T9485] netlink: 28 bytes leftover after parsing attributes in process `syz.3.735'. [ 333.835459][ T9485] ipvlan1: entered allmulticast mode [ 333.856288][ T9484] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 333.886364][ T9485] veth0_vlan: entered allmulticast mode [ 334.031904][ T9486] netlink: 28 bytes leftover after parsing attributes in process `syz.3.735'. [ 335.357248][ T9502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 335.378784][ T9502] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 336.638847][ T9528] random: crng reseeded on system resumption [ 336.934309][ T9526] bond0: entered promiscuous mode [ 336.944073][ T9526] bond0: entered allmulticast mode [ 339.243445][ T9558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 339.253631][ T9558] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 340.360430][ T9563] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 340.678961][ T9568] vhci_hcd: invalid port number 16 [ 340.697747][ T9568] vhci_hcd: invalid port number 16 [ 340.747295][ T9572] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 342.799029][ T9592] FAULT_INJECTION: forcing a failure. [ 342.799029][ T9592] name failslab, interval 1, probability 0, space 0, times 0 [ 342.888523][ T9592] CPU: 1 UID: 0 PID: 9592 Comm: syz.1.764 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 342.888574][ T9592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 342.888594][ T9592] Call Trace: [ 342.888605][ T9592] [ 342.888617][ T9592] dump_stack_lvl+0x16c/0x1f0 [ 342.888674][ T9592] should_fail_ex+0x512/0x640 [ 342.888726][ T9592] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 342.888778][ T9592] should_failslab+0xc2/0x120 [ 342.888812][ T9592] __kmalloc_cache_noprof+0x6a/0x3e0 [ 342.888859][ T9592] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 342.888911][ T9592] ? ipv6_add_dev+0x1c9/0x15f0 [ 342.888947][ T9592] ipv6_add_dev+0x1c9/0x15f0 [ 342.888993][ T9592] addrconf_notify+0x53e/0x19e0 [ 342.889035][ T9592] ? ip6mr_device_event+0x1bc/0x230 [ 342.889087][ T9592] notifier_call_chain+0xbc/0x410 [ 342.889125][ T9592] ? __pfx_addrconf_notify+0x10/0x10 [ 342.889175][ T9592] call_netdevice_notifiers_info+0xbe/0x140 [ 342.889220][ T9592] register_netdevice+0x182e/0x2270 [ 342.889262][ T9592] ? __pfx_register_netdevice+0x10/0x10 [ 342.889305][ T9592] ? __pfx_loopback_net_init+0x10/0x10 [ 342.889347][ T9592] register_netdev+0x34/0x50 [ 342.889380][ T9592] loopback_net_init+0x7a/0x170 [ 342.889422][ T9592] ? __pfx_loopback_net_init+0x10/0x10 [ 342.889461][ T9592] ops_init+0x1df/0x5f0 [ 342.889496][ T9592] setup_net+0x1ff/0x510 [ 342.889526][ T9592] ? lockdep_init_map_type+0x5c/0x280 [ 342.889575][ T9592] ? __pfx_setup_net+0x10/0x10 [ 342.889608][ T9592] ? debug_mutex_init+0x37/0x70 [ 342.889647][ T9592] copy_net_ns+0x2a6/0x5f0 [ 342.889687][ T9592] create_new_namespaces+0x3ea/0xa90 [ 342.889736][ T9592] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 342.889786][ T9592] ksys_unshare+0x45b/0xa40 [ 342.889835][ T9592] ? __pfx_ksys_unshare+0x10/0x10 [ 342.889885][ T9592] ? xfd_validate_state+0x61/0x180 [ 342.889950][ T9592] __x64_sys_unshare+0x31/0x40 [ 342.890006][ T9592] do_syscall_64+0xcd/0x490 [ 342.890061][ T9592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.890095][ T9592] RIP: 0033:0x7f6bc1d8e929 [ 342.890119][ T9592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.890142][ T9592] RSP: 002b:00007f6bc2bd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 342.890164][ T9592] RAX: ffffffffffffffda RBX: 00007f6bc1fb5fa0 RCX: 00007f6bc1d8e929 [ 342.890179][ T9592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 342.890193][ T9592] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 342.890209][ T9592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.890225][ T9592] R13: 0000000000000000 R14: 00007f6bc1fb5fa0 R15: 00007ffe389e4bf8 [ 342.890255][ T9592] [ 344.064904][ T9612] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 346.176723][ T9625] ima: policy update failed [ 346.186157][ T30] audit: type=1802 audit(4294967482.759:34): pid=9625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.772" res=0 errno=0 [ 346.555742][ T9633] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock syzkaller syzkaller login: [ 351.153408][ T9660] ptrace attach of "./syz-executor exec"[5861] was attempted by ""[9660] [ 351.211980][ T9663] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.1.780: 7 [ 351.846879][ T9668] FAULT_INJECTION: forcing a failure. [ 351.846879][ T9668] name failslab, interval 1, probability 0, space 0, times 0 [ 351.948690][ T9668] CPU: 1 UID: 0 PID: 9668 Comm: syz.0.781 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 351.948740][ T9668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 351.948759][ T9668] Call Trace: [ 351.948770][ T9668] [ 351.948783][ T9668] dump_stack_lvl+0x16c/0x1f0 [ 351.948841][ T9668] should_fail_ex+0x512/0x640 [ 351.948894][ T9668] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 351.948946][ T9668] should_failslab+0xc2/0x120 [ 351.948981][ T9668] __kmalloc_cache_noprof+0x6a/0x3e0 [ 351.949028][ T9668] ? lockdep_init_map_type+0x5c/0x280 [ 351.949076][ T9668] ? fib6_net_init+0x165/0xb20 [ 351.949128][ T9668] ? do_init_timer+0xc9/0x110 [ 351.949172][ T9668] ? __pfx_fib6_net_init+0x10/0x10 [ 351.949227][ T9668] fib6_net_init+0x165/0xb20 [ 351.949285][ T9668] ? __pfx_fib6_net_init+0x10/0x10 [ 351.949337][ T9668] ops_init+0x1df/0x5f0 [ 351.949373][ T9668] setup_net+0x1ff/0x510 [ 351.949402][ T9668] ? lockdep_init_map_type+0x5c/0x280 [ 351.949451][ T9668] ? __pfx_setup_net+0x10/0x10 [ 351.949486][ T9668] ? debug_mutex_init+0x37/0x70 [ 351.949525][ T9668] copy_net_ns+0x2a6/0x5f0 [ 351.949565][ T9668] create_new_namespaces+0x3ea/0xa90 [ 351.949615][ T9668] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 351.949659][ T9668] ksys_unshare+0x45b/0xa40 [ 351.949708][ T9668] ? __pfx_ksys_unshare+0x10/0x10 [ 351.949756][ T9668] ? xfd_validate_state+0x61/0x180 [ 351.949815][ T9668] __x64_sys_unshare+0x31/0x40 [ 351.949861][ T9668] do_syscall_64+0xcd/0x490 [ 351.949918][ T9668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.949952][ T9668] RIP: 0033:0x7f70ec38e929 [ 351.949978][ T9668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.950010][ T9668] RSP: 002b:00007f70ed13e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 351.950048][ T9668] RAX: ffffffffffffffda RBX: 00007f70ec5b5fa0 RCX: 00007f70ec38e929 [ 351.950069][ T9668] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 351.950088][ T9668] RBP: 00007f70ec410b39 R08: 0000000000000000 R09: 0000000000000000 [ 351.950107][ T9668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 351.950126][ T9668] R13: 0000000000000000 R14: 00007f70ec5b5fa0 R15: 00007ffcaf755198 [ 351.950175][ T9668] [ 353.348298][ T9688] netlink: 186 bytes leftover after parsing attributes in process `syz.1.784'. [ 353.662956][ T9687] random: crng reseeded on system resumption [ 355.419524][ T9695] ima: policy update failed [ 355.438159][ T30] audit: type=1802 audit(4294967491.999:35): pid=9695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.786" res=0 errno=0 [ 356.700655][ T9725] GUP no longer grows the stack in syz.0.791 (9725): 14000-401000 (4000) [ 356.730285][ T9725] CPU: 1 UID: 0 PID: 9725 Comm: syz.0.791 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 356.730336][ T9725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 356.730356][ T9725] Call Trace: [ 356.730373][ T9725] [ 356.730386][ T9725] dump_stack_lvl+0x16c/0x1f0 [ 356.730445][ T9725] gup_vma_lookup+0x1d2/0x220 [ 356.730485][ T9725] __get_user_pages+0x271/0x3b80 [ 356.730537][ T9725] ? __pfx___schedule+0x10/0x10 [ 356.730586][ T9725] ? __pfx___get_user_pages+0x10/0x10 [ 356.730643][ T9725] __gup_longterm_locked+0x20d/0x1840 [ 356.730698][ T9725] ? __pfx___gup_longterm_locked+0x10/0x10 [ 356.730738][ T9725] ? __pfx_rwsem_down_read_slowpath+0x10/0x10 [ 356.730796][ T9725] pin_user_pages_remote+0xed/0x140 [ 356.730840][ T9725] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 356.730882][ T9725] ? mm_access+0x22d/0x2e0 [ 356.730938][ T9725] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 356.730993][ T9725] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 356.731033][ T9725] ? iovec_from_user+0xbb/0x140 [ 356.731086][ T9725] ? iovec_from_user+0xbb/0x140 [ 356.731122][ T9725] process_vm_rw+0x216/0x2c0 [ 356.731159][ T9725] ? __pfx_process_vm_rw+0x10/0x10 [ 356.731189][ T9725] ? __pfx_futex_wake+0x10/0x10 [ 356.731248][ T9725] ? up_write+0x1b2/0x520 [ 356.731338][ T9725] ? xfd_validate_state+0x61/0x180 [ 356.731389][ T9725] ? __task_pid_nr_ns+0x17c/0x500 [ 356.731440][ T9725] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 356.731475][ T9725] ? do_syscall_64+0x91/0x490 [ 356.731527][ T9725] ? lockdep_hardirqs_on+0x7c/0x110 [ 356.731575][ T9725] do_syscall_64+0xcd/0x490 [ 356.731631][ T9725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.731665][ T9725] RIP: 0033:0x7f70ec38e929 [ 356.731692][ T9725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.731723][ T9725] RSP: 002b:00007f70ea1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 356.731756][ T9725] RAX: ffffffffffffffda RBX: 00007f70ec5b6160 RCX: 00007f70ec38e929 [ 356.731779][ T9725] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000365 [ 356.731799][ T9725] RBP: 00007f70ec410b39 R08: 0000000000000003 R09: 0000000000000000 [ 356.731819][ T9725] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 356.731839][ T9725] R13: 0000000000000000 R14: 00007f70ec5b6160 R15: 00007ffcaf755198 [ 356.731882][ T9725] [ 356.976489][ C1] vkms_vblank_simulate: vblank timer overrun [ 357.676068][ T9753] netlink: 342 bytes leftover after parsing attributes in process `syz.0.799'. [ 357.840958][ T9753] netlink: 110 bytes leftover after parsing attributes in process `syz.0.799'. [ 358.550256][ T9766] syz.1.802 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 359.203658][ T9775] mtrr: base(0x1010101000) is not aligned on a size(0x0000) boundary [ 361.412271][ T9815] Invalid ELF header magic: != ELF [ 362.614453][ T9842] netlink: 28 bytes leftover after parsing attributes in process `syz.0.821'. [ 364.144386][ T9882] netlink: 'syz.2.830': attribute type 1 has an invalid length. [ 364.330565][ T9874] could not allocate digest TFM handle [ 369.004524][ T9980] Invalid ELF header magic: != ELF [ 369.661147][T10007] batman_adv: Routing algorithm '' is not supported [ 369.820281][T10011] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 370.012929][T10011] FAULT_INJECTION: forcing a failure. [ 370.012929][T10011] name failslab, interval 1, probability 0, space 0, times 0 [ 370.047343][T10015] netlink: 350 bytes leftover after parsing attributes in process `syz.0.854'. [ 370.105670][T10011] CPU: 0 UID: 0 PID: 10011 Comm: syz.1.853 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 370.105717][T10011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 370.105737][T10011] Call Trace: [ 370.105757][T10011] [ 370.105770][T10011] dump_stack_lvl+0x16c/0x1f0 [ 370.105825][T10011] should_fail_ex+0x512/0x640 [ 370.105876][T10011] ? fs_reclaim_acquire+0xae/0x150 [ 370.105921][T10011] should_failslab+0xc2/0x120 [ 370.105956][T10011] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 370.106008][T10011] ? security_inode_alloc+0x3b/0x2b0 [ 370.106053][T10011] security_inode_alloc+0x3b/0x2b0 [ 370.106093][T10011] inode_init_always_gfp+0xce4/0x1030 [ 370.106150][T10011] alloc_inode+0x86/0x240 [ 370.106187][T10011] sock_alloc+0x40/0x280 [ 370.106221][T10011] sock_create_lite+0x82/0x120 [ 370.106259][T10011] __netlink_kernel_create+0xbd/0x750 [ 370.106299][T10011] ? __pfx___netlink_kernel_create+0x10/0x10 [ 370.106347][T10011] ? __pfx_crypto_netlink_init+0x10/0x10 [ 370.106401][T10011] crypto_netlink_init+0xb7/0x140 [ 370.106453][T10011] ? cpus_read_unlock+0x83/0x150 [ 370.106491][T10011] ? __pfx_crypto_netlink_init+0x10/0x10 [ 370.106544][T10011] ? __nf_register_net_hook+0x371/0x730 [ 370.106600][T10011] ? __pfx_crypto_netlink_rcv+0x10/0x10 [ 370.106654][T10011] ? nf_register_net_hook+0x117/0x160 [ 370.106709][T10011] ? nf_register_net_hooks+0xb1/0xd0 [ 370.106777][T10011] ops_init+0x1df/0x5f0 [ 370.106813][T10011] setup_net+0x1ff/0x510 [ 370.106843][T10011] ? lockdep_init_map_type+0x5c/0x280 [ 370.106892][T10011] ? __pfx_setup_net+0x10/0x10 [ 370.106927][T10011] ? debug_mutex_init+0x37/0x70 [ 370.106966][T10011] copy_net_ns+0x2a6/0x5f0 [ 370.107005][T10011] create_new_namespaces+0x3ea/0xa90 [ 370.107054][T10011] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 370.107098][T10011] ksys_unshare+0x45b/0xa40 [ 370.107145][T10011] ? __pfx_ksys_unshare+0x10/0x10 [ 370.107192][T10011] ? xfd_validate_state+0x61/0x180 [ 370.107250][T10011] __x64_sys_unshare+0x31/0x40 [ 370.107295][T10011] do_syscall_64+0xcd/0x490 [ 370.107351][T10011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.107384][T10011] RIP: 0033:0x7f6bc1d8e929 [ 370.107437][T10011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.107471][T10011] RSP: 002b:00007f6bc2bd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 370.107504][T10011] RAX: ffffffffffffffda RBX: 00007f6bc1fb5fa0 RCX: 00007f6bc1d8e929 [ 370.107526][T10011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 370.107546][T10011] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 370.107565][T10011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 370.107583][T10011] R13: 0000000000000000 R14: 00007f6bc1fb5fa0 R15: 00007ffe389e4bf8 [ 370.107625][T10011] [ 370.389360][ C0] vkms_vblank_simulate: vblank timer overrun [ 370.402151][T10018] netlink: 350 bytes leftover after parsing attributes in process `syz.0.854'. [ 373.278676][T10060] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 376.026667][T10106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.869'. [ 376.169307][T10106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.869'. [ 376.636868][T10110] bond0: no command found in slaves file - use +ifname or -ifname [ 379.424244][T10121] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 380.817911][T10151] random: crng reseeded on system resumption [ 382.646390][T10163] netlink: 338 bytes leftover after parsing attributes in process `syz.1.881'. [ 383.461963][T10209] vhci_hcd: invalid port number 16 [ 383.487545][T10209] vhci_hcd: invalid port number 16 [ 383.633440][T10217] sd 0:0:1:0: PR command failed: 1026 [ 383.639039][T10217] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 383.646253][T10217] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 386.710734][T10299] tc_dump_action: action bad kind [ 388.885875][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.892645][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.763880][T10345] netlink: 186 bytes leftover after parsing attributes in process `syz.3.910'. [ 389.789406][T10346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.910'. [ 394.118257][T10397] ALSA: mixer_oss: invalid OSS volume '' [ 395.347127][T10409] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 395.359021][T10409] vhci_hcd: default hub control req: 1000 v0000 i0000 l0 [ 395.423567][T10418] FAULT_INJECTION: forcing a failure. [ 395.423567][T10418] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 395.439439][T10418] CPU: 1 UID: 0 PID: 10418 Comm: syz.2.923 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 395.439488][T10418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 395.439508][T10418] Call Trace: [ 395.439520][T10418] [ 395.439533][T10418] dump_stack_lvl+0x16c/0x1f0 [ 395.439592][T10418] should_fail_ex+0x512/0x640 [ 395.439652][T10418] should_fail_alloc_page+0xe7/0x130 [ 395.439691][T10418] prepare_alloc_pages+0x3c2/0x610 [ 395.439733][T10418] ? rcu_is_watching+0x12/0xc0 [ 395.439774][T10418] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 395.439841][T10418] ? __lock_acquire+0xb8a/0x1c90 [ 395.439907][T10418] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 395.439963][T10418] ? do_raw_spin_lock+0x12c/0x2b0 [ 395.440020][T10418] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 395.440075][T10418] ? find_held_lock+0x2b/0x80 [ 395.440125][T10418] ? __lock_acquire+0xb8a/0x1c90 [ 395.440171][T10418] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 395.440227][T10418] ? policy_nodemask+0xea/0x4e0 [ 395.440266][T10418] alloc_pages_mpol+0x1fb/0x550 [ 395.440302][T10418] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 395.440350][T10418] folio_alloc_mpol_noprof+0x36/0x2f0 [ 395.440395][T10418] shmem_alloc_folio+0x135/0x160 [ 395.440446][T10418] shmem_alloc_and_add_folio+0x499/0xc20 [ 395.440507][T10418] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 395.440564][T10418] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 395.440624][T10418] shmem_get_folio_gfp+0x67f/0x1600 [ 395.440686][T10418] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 395.440741][T10418] ? filemap_map_pages+0xf6f/0x1680 [ 395.440796][T10418] shmem_fault+0x1fe/0xa30 [ 395.440860][T10418] ? __pfx_shmem_fault+0x10/0x10 [ 395.440919][T10418] ? __pfx_filemap_map_pages+0x10/0x10 [ 395.440987][T10418] __do_fault+0x10d/0x490 [ 395.441047][T10418] __handle_mm_fault+0x3c2a/0x5490 [ 395.441106][T10418] ? __pfx___handle_mm_fault+0x10/0x10 [ 395.441152][T10418] ? __pfx_mt_find+0x10/0x10 [ 395.441209][T10418] ? find_vma+0xbf/0x140 [ 395.441244][T10418] ? __pfx_find_vma+0x10/0x10 [ 395.441286][T10418] handle_mm_fault+0x589/0xd10 [ 395.441335][T10418] ? __pkru_allows_pkey+0x41/0xb0 [ 395.441384][T10418] do_user_addr_fault+0x7a6/0x1370 [ 395.441436][T10418] ? rcu_is_watching+0x12/0xc0 [ 395.441478][T10418] exc_page_fault+0x5c/0xb0 [ 395.441527][T10418] asm_exc_page_fault+0x26/0x30 [ 395.441559][T10418] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 395.441602][T10418] Code: 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f 10 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 395.441635][T10418] RSP: 0018:ffffc9000b20f8a8 EFLAGS: 00050206 [ 395.441662][T10418] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 395.441683][T10418] RDX: 0000000000000000 RSI: 000000000006b000 RDI: ffff888032b52000 [ 395.441703][T10418] RBP: 0000000000001000 R08: 0000000000000001 R09: ffffed100656a5ff [ 395.441723][T10418] R10: ffff888032b52fff R11: 0000000000000000 R12: 000000000006b000 [ 395.441742][T10418] R13: ffffc9000b20fd80 R14: ffff888032b52000 R15: 000000000006b000 [ 395.441786][T10418] _copy_from_iter+0x4eb/0x16f0 [ 395.441861][T10418] ? anon_pipe_write+0x6f1/0x1a70 [ 395.441916][T10418] ? __pfx__copy_from_iter+0x10/0x10 [ 395.441970][T10418] ? __pfx___mutex_lock+0x10/0x10 [ 395.442042][T10418] copy_page_from_iter+0xde/0x180 [ 395.442103][T10418] anon_pipe_write+0xbe7/0x1a70 [ 395.442174][T10418] ? __pfx_anon_pipe_write+0x10/0x10 [ 395.442231][T10418] ? __pfx_autoremove_wake_function+0x10/0x10 [ 395.442278][T10418] ? __futex_wait+0x24c/0x2f0 [ 395.442330][T10418] ? copy_iovec_from_user+0x131/0x170 [ 395.442389][T10418] do_iter_readv_writev+0x654/0x950 [ 395.442439][T10418] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 395.442495][T10418] ? bpf_lsm_file_permission+0x9/0x10 [ 395.442534][T10418] ? security_file_permission+0x71/0x210 [ 395.442584][T10418] ? rw_verify_area+0xcf/0x680 [ 395.442634][T10418] vfs_writev+0x35f/0xde0 [ 395.442694][T10418] ? __pfx_vfs_writev+0x10/0x10 [ 395.442774][T10418] ? __fget_files+0x20e/0x3c0 [ 395.442843][T10418] ? do_writev+0x28c/0x340 [ 395.442888][T10418] do_writev+0x28c/0x340 [ 395.442935][T10418] ? __pfx_do_writev+0x10/0x10 [ 395.442980][T10418] ? syscall_user_dispatch+0x78/0x140 [ 395.443026][T10418] do_syscall_64+0xcd/0x490 [ 395.443083][T10418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.443117][T10418] RIP: 0033:0x7ff17e38e929 [ 395.443145][T10418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.443176][T10418] RSP: 002b:00007ff17c1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 395.443207][T10418] RAX: ffffffffffffffda RBX: 00007ff17e5b5fa0 RCX: 00007ff17e38e929 [ 395.443228][T10418] RDX: 0000000000000002 RSI: 0000200000000200 RDI: 0000000000000000 [ 395.443247][T10418] RBP: 00007ff17e410b39 R08: 0000000000000000 R09: 0000000000000000 [ 395.443267][T10418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.443285][T10418] R13: 0000000000000000 R14: 00007ff17e5b5fa0 R15: 00007ffe99f185e8 [ 395.443328][T10418] [ 397.043761][T10419] ima: policy update failed [ 397.072961][ T30] audit: type=1802 audit(4294968720.609:36): pid=10419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.924" res=0 errno=0 [ 400.733326][T10473] ima: policy update failed [ 400.748687][ T30] audit: type=1802 audit(4294968724.299:37): pid=10473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.936" res=0 errno=0 [ 402.328816][ T5172] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 402.342706][ T5172] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 402.351089][ T5172] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 402.380360][ T5172] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 402.395266][ T5172] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 403.295819][T10510] chnl_net:caif_netlink_parms(): no params data found [ 403.664842][T10519] ima: policy update failed [ 403.674879][ T30] audit: type=1802 audit(4294968727.229:38): pid=10519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.946" res=0 errno=0 [ 404.029971][T10510] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.057674][T10510] bridge0: port 1(bridge_slave_0) entered disabled state [ 404.077205][T10510] bridge_slave_0: entered allmulticast mode [ 404.106527][T10510] bridge_slave_0: entered promiscuous mode [ 404.165212][T10510] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.199530][T10510] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.206835][T10510] bridge_slave_1: entered allmulticast mode [ 404.220887][T10510] bridge_slave_1: entered promiscuous mode [ 404.478557][ T5854] Bluetooth: hci4: command tx timeout [ 404.534356][T10510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 404.700089][T10510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 405.044437][T10510] team0: Port device team_slave_0 added [ 405.080087][T10510] team0: Port device team_slave_1 added [ 405.380285][T10510] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 405.387306][T10510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 405.469085][T10510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 405.482609][T10510] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 405.489718][T10510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 405.522193][T10510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 405.841872][T10510] hsr_slave_0: entered promiscuous mode [ 405.874748][T10510] hsr_slave_1: entered promiscuous mode [ 405.992180][T10510] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 406.020335][T10510] Cannot create hsr debugfs directory [ 406.549372][ T5854] Bluetooth: hci4: command tx timeout [ 408.177586][T10510] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 408.221819][T10510] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 408.330915][T10510] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 408.530806][T10510] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 408.631451][ T5854] Bluetooth: hci4: command tx timeout [ 409.087775][T10510] 8021q: adding VLAN 0 to HW filter on device bond0 [ 409.237903][T10510] 8021q: adding VLAN 0 to HW filter on device team0 [ 409.301563][ T3508] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.308777][ T3508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 409.352939][ T3508] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.360155][ T3508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 409.497367][T10510] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 409.786652][ T30] audit: type=1800 audit(4294968733.339:39): pid=10616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.963" name="features" dev="configfs" ino=30556 res=0 errno=0 [ 410.640254][T10510] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 410.720817][ T5854] Bluetooth: hci4: command tx timeout [ 411.809529][T10638] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 411.815854][T10638] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 411.828950][T10638] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 411.857544][T10638] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 411.928706][T10638] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 411.934869][T10638] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 412.104883][T10638] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 412.544489][T10510] veth0_vlan: entered promiscuous mode [ 412.763996][T10510] veth1_vlan: entered promiscuous mode [ 413.095702][T10510] veth0_macvtap: entered promiscuous mode [ 413.132431][T10510] veth1_macvtap: entered promiscuous mode [ 413.193507][T10510] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 413.235743][T10510] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 413.254729][T10303] ------------[ cut here ]------------ [ 413.260363][T10303] ODEBUG: free active (active state 0) object: ffff88803502d318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 413.277035][T10303] WARNING: CPU: 1 PID: 10303 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 413.287332][T10303] Modules linked in: [ 413.292070][T10303] CPU: 1 UID: 0 PID: 10303 Comm: syz.1.902 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 413.304157][T10303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 413.314296][T10303] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 413.320251][T10303] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 80 83 15 8c 4c 89 e6 48 c7 c7 00 78 15 8c e8 2f 2f 9c fc 90 <0f> 0b 90 90 58 83 05 f6 51 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 413.340091][T10303] RSP: 0018:ffffc9000c38f768 EFLAGS: 00010286 [ 413.346204][T10303] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1f8 [ 413.354423][T10303] RDX: ffff88802568bc00 RSI: ffffffff817aa205 RDI: 0000000000000001 [ 413.362484][T10303] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 413.370524][T10303] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157ea0 [ 413.378880][T10303] R13: ffffffff8bafe840 R14: ffffffff8a8fd9f0 R15: ffffc9000c38f868 [ 413.387577][T10303] FS: 0000000000000000(0000) GS:ffff888124822000(0000) knlGS:0000000000000000 [ 413.397248][T10303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 413.404257][T10303] CR2: 0000555580dc8808 CR3: 0000000079f86000 CR4: 00000000003526f0 [ 413.412296][T10303] Call Trace: [ 413.415594][T10303] [ 413.418588][T10303] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 413.424082][T10303] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 413.430081][T10303] debug_check_no_obj_freed+0x4b7/0x600 [ 413.435664][T10303] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 413.441818][T10303] ? rcu_is_watching+0x12/0xc0 [ 413.446615][T10303] ? kmem_cache_free+0x2d1/0x4d0 [ 413.451622][T10303] kfree+0x28f/0x4d0 [ 413.455604][T10303] ? hci_release_dev+0x4d8/0x600 [ 413.460637][T10303] hci_release_dev+0x4d8/0x600 [ 413.465442][T10303] ? __pfx_hci_release_dev+0x10/0x10 [ 413.470805][T10303] ? rcu_is_watching+0x12/0xc0 [ 413.475704][T10303] ? kfree+0x24f/0x4d0 [ 413.479855][T10303] bt_host_release+0x6a/0xb0 [ 413.485182][T10303] ? __pfx_bt_host_release+0x10/0x10 [ 413.491104][T10303] device_release+0xa4/0x240 [ 413.495827][T10303] kobject_put+0x1e7/0x5a0 [ 413.500369][T10303] ? __pfx_vhci_release+0x10/0x10 [ 413.505432][T10303] put_device+0x1f/0x30 [ 413.509691][T10303] vhci_release+0x81/0xf0 [ 413.514057][T10303] __fput+0x402/0xb70 [ 413.518072][T10303] task_work_run+0x14d/0x240 [ 413.522738][T10303] ? __pfx_task_work_run+0x10/0x10 [ 413.527932][T10303] do_exit+0x86c/0x2bd0 [ 413.532251][T10303] ? __pfx___might_resched+0x10/0x10 [ 413.537567][T10303] ? __pfx_do_exit+0x10/0x10 [ 413.542272][T10303] ? do_raw_spin_lock+0x12c/0x2b0 [ 413.547366][T10303] ? find_held_lock+0x2b/0x80 [ 413.552145][T10303] do_group_exit+0xd3/0x2a0 [ 413.556734][T10303] get_signal+0x2673/0x26d0 [ 413.561388][T10303] ? __pfx_do_recvmmsg+0x10/0x10 [ 413.566402][T10303] ? __pfx_get_signal+0x10/0x10 [ 413.571344][T10303] ? do_futex+0x122/0x350 [ 413.575786][T10303] arch_do_signal_or_restart+0x8f/0x790 [ 413.581458][T10303] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 413.588394][T10303] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 413.594021][T10303] exit_to_user_mode_loop+0x84/0x110 [ 413.600028][T10303] do_syscall_64+0x3f6/0x490 [ 413.604688][T10303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.610642][T10303] RIP: 0033:0x7f6bc1d8e929 [ 413.615075][T10303] Code: Unable to access opcode bytes at 0x7f6bc1d8e8ff. [ 413.622152][T10303] RSP: 002b:00007f6bc2b55038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 413.630696][T10303] RAX: 0000000000080840 RBX: 00007f6bc1fb6320 RCX: 00007f6bc1d8e929 [ 413.638720][T10303] RDX: 00000000fffffe0c RSI: 0000000000000000 RDI: 0000000000000003 [ 413.646710][T10303] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 413.654750][T10303] R10: 00000000000008e0 R11: 0000000000000246 R12: 0000000000000000 [ 413.662788][T10303] R13: 0000000000000000 R14: 00007f6bc1fb6320 R15: 00007ffe389e4bf8 [ 413.671229][T10303] [ 413.674281][T10303] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 413.681583][T10303] CPU: 1 UID: 0 PID: 10303 Comm: syz.1.902 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) [ 413.693591][T10303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 413.703664][T10303] Call Trace: [ 413.706960][T10303] [ 413.709906][T10303] dump_stack_lvl+0x3d/0x1f0 [ 413.714528][T10303] panic+0x71c/0x800 [ 413.718460][T10303] ? __pfx_panic+0x10/0x10 [ 413.722905][T10303] ? show_trace_log_lvl+0x29b/0x3e0 [ 413.728139][T10303] ? check_panic_on_warn+0x1f/0xb0 [ 413.733308][T10303] ? debug_print_object+0x1a2/0x2b0 [ 413.738552][T10303] check_panic_on_warn+0xab/0xb0 [ 413.743642][T10303] __warn+0xf6/0x3c0 [ 413.747589][T10303] ? debug_print_object+0x1a2/0x2b0 [ 413.752835][T10303] report_bug+0x3c3/0x580 [ 413.757219][T10303] ? debug_print_object+0x1a2/0x2b0 [ 413.762455][T10303] handle_bug+0x184/0x210 [ 413.766817][T10303] exc_invalid_op+0x17/0x50 [ 413.771444][T10303] asm_exc_invalid_op+0x1a/0x20 [ 413.776413][T10303] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 413.782379][T10303] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 80 83 15 8c 4c 89 e6 48 c7 c7 00 78 15 8c e8 2f 2f 9c fc 90 <0f> 0b 90 90 58 83 05 f6 51 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 413.802035][T10303] RSP: 0018:ffffc9000c38f768 EFLAGS: 00010286 [ 413.808138][T10303] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1f8 [ 413.816141][T10303] RDX: ffff88802568bc00 RSI: ffffffff817aa205 RDI: 0000000000000001 [ 413.824146][T10303] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 413.832146][T10303] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157ea0 [ 413.840234][T10303] R13: ffffffff8bafe840 R14: ffffffff8a8fd9f0 R15: ffffc9000c38f868 [ 413.848238][T10303] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 413.853752][T10303] ? __warn_printk+0x198/0x350 [ 413.858661][T10303] ? __warn_printk+0x1a5/0x350 [ 413.863469][T10303] ? debug_print_object+0x1a1/0x2b0 [ 413.868703][T10303] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 413.874205][T10303] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 413.880045][T10303] debug_check_no_obj_freed+0x4b7/0x600 [ 413.885626][T10303] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 413.891812][T10303] ? rcu_is_watching+0x12/0xc0 [ 413.896622][T10303] ? kmem_cache_free+0x2d1/0x4d0 [ 413.901778][T10303] kfree+0x28f/0x4d0 [ 413.905711][T10303] ? hci_release_dev+0x4d8/0x600 [ 413.910692][T10303] hci_release_dev+0x4d8/0x600 [ 413.915537][T10303] ? __pfx_hci_release_dev+0x10/0x10 [ 413.921011][T10303] ? rcu_is_watching+0x12/0xc0 [ 413.925824][T10303] ? kfree+0x24f/0x4d0 [ 413.929983][T10303] bt_host_release+0x6a/0xb0 [ 413.934612][T10303] ? __pfx_bt_host_release+0x10/0x10 [ 413.939928][T10303] device_release+0xa4/0x240 [ 413.944558][T10303] kobject_put+0x1e7/0x5a0 [ 413.949013][T10303] ? __pfx_vhci_release+0x10/0x10 [ 413.954188][T10303] put_device+0x1f/0x30 [ 413.958393][T10303] vhci_release+0x81/0xf0 [ 413.962780][T10303] __fput+0x402/0xb70 [ 413.966805][T10303] task_work_run+0x14d/0x240 [ 413.971448][T10303] ? __pfx_task_work_run+0x10/0x10 [ 413.976615][T10303] do_exit+0x86c/0x2bd0 [ 413.980811][T10303] ? __pfx___might_resched+0x10/0x10 [ 413.986159][T10303] ? __pfx_do_exit+0x10/0x10 [ 413.990811][T10303] ? do_raw_spin_lock+0x12c/0x2b0 [ 413.996304][T10303] ? find_held_lock+0x2b/0x80 [ 414.001034][T10303] do_group_exit+0xd3/0x2a0 [ 414.005595][T10303] get_signal+0x2673/0x26d0 [ 414.010137][T10303] ? __pfx_do_recvmmsg+0x10/0x10 [ 414.015141][T10303] ? __pfx_get_signal+0x10/0x10 [ 414.020027][T10303] ? do_futex+0x122/0x350 [ 414.024480][T10303] arch_do_signal_or_restart+0x8f/0x790 [ 414.030059][T10303] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 414.036245][T10303] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 414.041847][T10303] exit_to_user_mode_loop+0x84/0x110 [ 414.047195][T10303] do_syscall_64+0x3f6/0x490 [ 414.051828][T10303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.057754][T10303] RIP: 0033:0x7f6bc1d8e929 [ 414.062192][T10303] Code: Unable to access opcode bytes at 0x7f6bc1d8e8ff. [ 414.069230][T10303] RSP: 002b:00007f6bc2b55038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 414.077675][T10303] RAX: 0000000000080840 RBX: 00007f6bc1fb6320 RCX: 00007f6bc1d8e929 [ 414.085667][T10303] RDX: 00000000fffffe0c RSI: 0000000000000000 RDI: 0000000000000003 [ 414.093665][T10303] RBP: 00007f6bc1e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 414.101658][T10303] R10: 00000000000008e0 R11: 0000000000000246 R12: 0000000000000000 [ 414.109646][T10303] R13: 0000000000000000 R14: 00007f6bc1fb6320 R15: 00007ffe389e4bf8 [ 414.117654][T10303] [ 414.121005][T10303] Kernel Offset: disabled [ 414.125358][T10303] Rebooting in 86400 seconds..