last executing test programs: 13.453969529s ago: executing program 2 (id=2285): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x4, 0x0) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x4, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x40000000009f, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(0x3, 0x4040ae79, 0x38) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) read$auto_force_wakeup_fops_hci_vhci(r2, 0x0, 0x0) socket(0x10, 0x6, 0xfffffffd) set_mempolicy$auto(0x5, &(0x7f0000000000)=0x9, 0x21) mmap$auto(0x0, 0x400007, 0x0, 0x9b72, 0xffffffffffffffff, 0x4008000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mlockall$auto(0x7) clone$auto(0x7fffffff, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xa) writev$auto(r3, &(0x7f0000000080)={0x0, 0x1000}, 0x3) mmap$auto(0x0, 0xfbfffffffffffffb, 0x6, 0x50, r3, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0xffffffffffffffff) 12.387000547s ago: executing program 2 (id=2292): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x4d, 0x0) fsopen$auto(0x0, 0x1) socket(0x2, 0x5, 0x0) (async) r0 = socket(0x2, 0x5, 0x0) setsockopt$auto(r0, 0x0, 0x2a, 0x0, 0x108) ftruncate$auto(r0, 0xb) 12.060602392s ago: executing program 2 (id=2296): listmount$auto(&(0x7f0000000040)={0x200, @inferred, 0x7f, 0x81, 0x400}, 0x0, 0xf, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) mbind$auto(0x1, 0x4, 0x3, &(0x7f0000000180)=0x9, 0x8000000000, 0xa) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1b54}, 0x1, 0x0, 0x0, 0x4000004}, 0x5) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) recvmmsg$auto(r3, &(0x7f0000000180)={{0x0, 0x8, 0x0, 0x1, 0x0, 0x1000002, 0x8}, 0x800}, 0x4000005, 0x8, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) ioctl$auto(0x3, 0xae43, r1) r4 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0) read$auto_ptdump_fops_(r4, &(0x7f0000000080)=""/222, 0xde) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x8f, 0x400, 0x2}]}) 4.379630191s ago: executing program 1 (id=2321): r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0) shmat$auto(0x0, &(0x7f0000000080)='(\x00', 0xfffffffa) shmat$auto(0xb9, &(0x7f0000000040)='<\x00', 0x45) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.current\x00', 0x0, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/config/target/version\x00', 0x543003, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)=""/4110, 0x100e) lseek$auto(r0, 0x7ff, 0x1) 4.218379459s ago: executing program 1 (id=2322): mmap$auto(0x0, 0x2020009, 0x100003, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) socket(0xa, 0x2, 0x73) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80805, 0x0) socket(0x18, 0x3, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, 0x0, 0x6a) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) sysfs$auto(0x2, 0x9, 0x0) fsopen$auto(0x0, 0x1) io_uring_setup$auto(0x1, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x1, 0x0, 0x8004) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x100003, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) (async) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) (async) socket(0xa, 0x2, 0x73) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80805, 0x0) (async) socket(0x18, 0x3, 0x2) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) bind$auto(0x3, 0x0, 0x6a) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x2, 0x3a) (async) sysfs$auto(0x2, 0x9, 0x0) (async) fsopen$auto(0x0, 0x1) (async) io_uring_setup$auto(0x1, 0x0) (async) socket(0x11, 0x80003, 0x300) (async) setsockopt$auto(r1, 0x107, 0x1, 0x0, 0x8004) (async) close_range$auto(0x2, 0x8, 0x0) (async) 3.784375582s ago: executing program 1 (id=2324): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) r0 = socket(0xa, 0x1, 0x94) (async) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @local}, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x3c, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x11e789c}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x5}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) (async) pread64$auto(r1, &(0x7f0000000180)='l2tp\x00', 0x6, 0x7fffffff) (async) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x101001}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, r2, 0x100, 0x70bd26, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e22}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0xff}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x1508}]}, 0x40}, 0x1, 0x0, 0x0, 0x4008010}, 0x1) 3.678144537s ago: executing program 0 (id=2325): r0 = socket(0x10, 0x3, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x2000c010}, 0xc08e51e6ade13d54) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) 3.483674292s ago: executing program 1 (id=2326): ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000000)={0x2, 0xffffffffffffffff}) mmap$auto(0x5b21b873, 0x20007, 0x9, 0xed5, r0, 0xd) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) socket(0x2, 0x3, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1\x00', 0x201, 0x0) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.452836352s ago: executing program 3 (id=2327): mmap$auto(0x3f2b, 0x202000b, 0x3, 0xafa, 0xffffffffffffffff, 0x8000) (async) unshare$auto(0x40000080) mmap$auto(0x2, 0x3, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20000, 0x0) (async) unshare$auto(0x0) (async) r0 = ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0x9, 0xfffffffffffffffd}) (async) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DISCONNECT(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r2, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x10001}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40) (async) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40094020}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1600984e", @ANYRES16=0x0, @ANYBLOB="20002abd7000fedbdf2527000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x40008f9) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), r1) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r3, 0x100, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_BANDWIDTH_DOWN={0x8, 0x1c, 0x3ff}, @BATADV_ATTR_BLA_ADDRESS={0xa, 0x1f, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004800}, 0x4) (async) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000400), r1) sendmsg$auto_NBD_CMD_RECONFIGURE(r1, &(0x7f0000000640)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000440)={0x198, r4, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xd}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x100000001}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8000000000000001}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x6}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_SOCKETS={0x123, 0x7, 0x0, 0x1, [@generic="977961b957adfecbba320f9883fa449640fcdb5a6b3ada4952e6365eff9d88c197915a1e38bc657e5f45165037529c987690e10687af33d9072a4037ce179c89d92bea11bc6ad60b41e8e07c7bb82c3042d033b64e86a2b18da7e5c34276f452614792f2b4994bfdedd6dbd6c747d0d4a3909aef61d38ab1fc54b7a1d66136a0ba3931c2710007f3dfc174615c74ad2a346619e28c70829925ce19", @generic="49e914a4247eca4d4b99a11f50e28b08be5ed4120522f3bee44ceadf1bd5c660050df0ccc1e735fe038f6643f6ee55eb984b92b4f1af577e60a6e4cea4f799546c838fc307e5ca1837bb2d52e54195df16ad2a7c058985555803f021b361e53239961df5211db3226abe13a27a5c4a6e5136368af9103a6dbd729de518b202ab7ccfad0d"]}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xfffffffffffffffd}]}, 0x198}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000000) (async) r5 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000006c0), r0) sendmsg$auto_IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r5, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x7f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004801}, 0x4004000) (async) sendmsg$auto_IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xc4, r5, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x7f}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x3}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x3}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_CHANNEL_PAGE_LIST={0x84, 0x1e, "b81f50284686602e39017330469cafc79e867c9ee1d6683c64129a5f185cf2dbc3052767e277afc780407c18fde6dd1bfd692509974623f7954408010e574fabf004259b5aabbb29fd61a050bac9d1f053d949a1d9744ce32d1a1b85f668076c90bed574b291df55d27bdad75337b7c2bc790f19d17c33eb2f82c3089e35d893"}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}]}, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x8000) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) r6 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) (async) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) (async) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r7, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) (async) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) (async) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) ioctl$auto_BTRFS_IOC_QGROUP_CREATE(r6, 0x4010942a, &(0x7f0000000280)={0x3, 0x3}) 3.391172878s ago: executing program 0 (id=2328): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mq_getsetattr$auto(r0, 0x0, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x6f3, 0x401, 0x8000) (async) socket(0x2, 0x80002, 0x73) (async) socket(0x10, 0x3, 0x84) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) (async) mmap$auto(0x6, 0x2000d, 0xdf, 0xeb1, 0x401, 0x8000) (async) io_uring_setup$auto(0x2, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) (async) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r3, &(0x7f0000000340)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa5663248ff0945dd2e405e0d37", 0x99) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000080)={0x8, "2ba20800", @inferred=r1}) (async) mmap$auto(0x0, 0x10000, 0xdf, 0x9b72, 0x2, 0x8000) mount$auto(&(0x7f0000000040)='batadv_slave_1\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='\xc4\x00', 0x0, &(0x7f0000000180)="64b4c77cd08f587892e34838b11141f38d556a4b69fc60032a37d3aca59a69cd8c6858c163f16502d655aa5116894a5edb6b0717290b257d554d6b99d0ead2b1154ed1990832126e117c8f18f893493b3d30221b9a4057b95eb75b900b1015ff421e7010bcdbc53ec571f798a82b77e54f90b370153dac8fdd26560b109e70dedffa34e6f6323580") (async) setresuid$auto(0x6, 0x9, 0xfc4d) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x105) (async) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000040), 0x1ffffffff}, 0x6, 0x0) (async) r6 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0x103001, 0x0) write$auto_tracing_mark_raw_fops_trace(r6, 0x0, 0x0) setsockopt$auto(r4, 0x0, 0x60, 0x0, 0x50001) 3.152129427s ago: executing program 1 (id=2329): unshare$auto(0x4000087f) (async) socket(0xa, 0x1, 0x84) (async) rseq$auto(&(0x7f0000000100)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2000002}, 0x4, 0x0, 0x6) (async) mmap$auto(0x0, 0x400008, 0x1e3, 0x111, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) shmdt$auto(0x0) (async) open(&(0x7f0000000040)='./file0\x00', 0xe201, 0x100) (async) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x20000, 0x5, 0x7f, 0x10}, 0x0) (async) mmap$auto(0x8, 0x6, 0xdb, 0x9b72, 0xffffffffffffffff, 0x2000004007ffd) (async) socket(0x1, 0x2, 0xd) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) (async) r0 = io_uring_setup$auto(0x2, 0x0) close_range$auto(r0, 0xa, 0x0) (async) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x0, 0x0) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2206c2, 0x0) (async) r1 = syz_clone(0x40003000, &(0x7f0000000440)="5618df865a61b9931716996869b62323b19ed503e10d639e6a78d06f96b46d548440225f36118d0999405f56776b267670e7c33bba99538bf5d138a9ede83fd8f86c7c25a9b7a355f39fe25b48ae628c54257ffd4ebe553cd9b9a7c23a8a7690c422e89bbfe4d8a014f8860ee49abb4b7a0fd62f606efef30cb3bb772c79fc93f3be9899dd56a9bb70486149ceca2e90ac87262887d39481909e952fd484f85caeac59bcb2aef8a91ae2116c4b68dbc2ef29ddb89023a9686f77f0862bc1b75e10426c7b1701a6079c21804ba5003bb8e473e233d18f04c21af3c193510893bef7dea8c0db7cf51936b3a73e63099948c96f9ed6c4c68fa4dfa65a1f4fb8e790fcd0cdbbb023e5397bd2d3e5362c8aa8b93183fc2c943a52ae5f134d5fa36cc4b14cc817154413bd6fd38c4b1cbaf7bf91844860e9398b6db934136113fa069dcfd0ab39d46cc2a50651ee7b5f859f408aaef55b7a4ea4b708ed3f1c1cf8d00cb189fd39eea9065b4eb0dbdf9bd53f750afbea7566b44549fc7a3612f8863202b7cd1ef0d43ecea22270a32e0de014fe3a4ea786085d93c92a443aafbbfc7def9964806e9f030a950464d98d72ee424500f2e418cca34569a8469f6db6afd438eb7a4762626990eea8edac884a9262443ac988eb0efff56080ad9f743c9f88a8d8e910a1f29d990abac136f2da5f3f797b403a54ccc54ad15a3854b2f2f94234fca9ba171f3f651786f55bc984c759b218efce51ef2674d0de048ae6d6ae2f7a118a501ae09f78fd14111ab41ef4d6bba3ba8c8ff138b1180e070b825b908329b9393045b661f9d74a375241db7a82224b0e73aa72e3d634ef59931d6be050d1bbea8cdd890761fbcfe774997dd68be7224bf267f011ccb8fa24b3bcedff74a9eeda6a812ad409c9891fda6d23858fcb431624955cfbb53f89e5ac5ec7616b09d072f8956f48358c36a669e4665e51708f7cc0c81d01905ebb8361284cc72b1bfea7b41fa24234098b90e25f518e50e83171882cfc1eb50afd7e1d0df748866ef7f640b5650b92e81f18467dcbe6a8bbf03933de6c212d4592e0e9bec66ee1cf1711700ed9c422f87db3f50660eaa35c170d15067ffa01544064aeecec2e2fc82a0875fa12a78484124b80a2e77db6cc9b92d6f51b1c575d71f744eb4422f6f1af654ede9885f7a8f6b6c8e6fe51aab9dc6077944f50aac247e90d16076a1e61c9a62dc3625a74d204bd144340f68909023fe7b872c45a0f5be335d43cea9b3c34eb6207ac04cf3c8b866fd076e4be052e363b54bbb542c2fd9d81ed672a235f9cee50f8011fa0bc9078610be366a1f6b8c5ce73e314ff3d7a75c286dc366b03fa8db6af72245dde0e9663fdfe8b3d3516e91c1bd4e78b3184c2a2dae5839107b64f625d6bcbc0d77aa1ad2bed0c47c1bc9f7c4912f9d5bc2c5ac8027949d6f45e70a7d2e276b731aa6b6e5bad08b4e1c2fc293cb21e2eca3f1d21abb634238ed65f70786f0fe9a942ececf87f4f726a92b3f484f908080432b2c0bc4270258eb6ab34c992b427121ea7e91f4a839b3232e9ba1aa3e25651e14b68bae04085a662977796d4b46730b7a3b292de611d365098f81ce9d72a53d78fa3ebf270709a94535ac757ebc26e20759853c813a63ef7c17a533f5d1dde449708ca61f90e783e5f7cf2b5b48d8cfa4fde5d68ea4c6e6d1098c2dcd75390152395cdeb33385de144a3587b450fcf25ee0f405d681e8e4eecf4a6c03fdc5703c25250fc72352b10816a46efddb015505e2fc55f754fd41edae5bf58210a4abd26ff758c59161733b534ec9147850b63963e2e61cbb966701e39c4d472d572b50b94ba23d824b288771ccb7fe628b95a217c723a061c54005f8c6d972519e7285ff9e44105bd6a60d2685a8f8cf0271d782f8ba39c6915c8e98aa0eac0fab9f30865b08d2b53b343a2f893dfc5dbd305d652c9a5849d9db4789df791d508a794658f9fc00d2a473fc5920ac46e5c3c9e57328b69a93c0c2d6a4875e3af4833656561dc767f0555a4469f13d9360514940c7e071b0bb3ead8b5f4cb425f76d4760866e6c7864b15159ad4fb1c50aa584d2a67d5c3743d3b9dc8fd151cd5556ab35ac24c2bf8a55279b1f4a0ab907c68de7293c935bb7764624cd525fc32a0aeb2d24c97f082d5ecc26fd2e6def8dd9ac21f31e3dc2e4fcedd022818009085ff81251c1a65ccceb4f326cdace93151e40919099246610e3b9ba592f0b30b17ac7cfcfb62f5cb0ed2a463bdf73857fd9488d68be7f088c67a09dd1c7b5365491d82e57aa9d47990c7866fbc6d17a2f1a425616412b9420d15b06cdfaab20d901af1268109fdc81374fc24f00d067b7f4a94815e0eee3277bcfa334a8c13cc728eee5f1474fb8e37f2b76133db2a0ac167da4f85ac6012b2373e5e6142f52f88e65ffdc65e48a1b11681504cc880a9902e77289a4447e4bd9cad0db7bdd346a481e8f1165946340fd18ef78f5400de4376e04cad8b5fd1379c13f40533fdc86fc0ffe73df4c3433301c3de3e8bd989bf9afe912fb4823cf142fc5b31afbe3289f3be57ed1d17148b3012805aa35e0f60abee91667a83835b1da1e8cd8eebc58954a75c6905057b8c1fbc05ec82ce6420680babc25ad745a02cac8923151942a2babb884b174006a0fa2f3ec9adc3d971adb4c014dc748edf01e6bf3490dfec15a7b0b91b88ebddf4968dcc385e90dac7ea3c6d98bc0f1a1c13d4889187322062a8aa8e669f14ab9dd78f638dda1803f390061eeab71165a4ffdc42021e9b24c3b470400013d8b3c5f6da36f24008d0038dbdb2c66be3e63f668e1f48de9e8851259307c85b52722cfc623f187c2c2f8343d91b7d7f0283403d3cd76d73044911a9db4228240b6527dbe3b207de6a03dc04cc7def59ff762e0c6bb7aa80eb505d35a36577f73bce5206ddd0574eff688ad61e252db192544f29f910967778b37a1305b0dd917228d5d4ce9588791f672d68c73a259fc17ce0ee6b922be8b46f13d33a5843b2ddac31629b7f6f010ef6dd65daed6b274590d47efd5757c93e48d8f2d2d1db79a84343d227b46c1dc230d01ec0b94c62e9fa18903b1fbdec6aa78743e637cf8e881dedc0779180c9df2fb4ea7e35755628db25a6b5abdee13f6221757581c7bf30a12d2a6f98af19c18dc9e816d453b955e5c97662b9e1a44e98ebf4b33fbbc434f65a3b8a7f2d4e591ed3e6a6f216b68ec92e2630accb2b489fbd71a2ed8f790e3a75f89f70b2977dc6b1ecf860ee8936bd9c663a44f5fc0df2ea3c0193dc37fbb18caf5db7802a2a7b7ed55d3eaabfdbf96aff14958e2a95a4ea73c8347f74e5a226de2188659755bc295b5fb33c3d63a9c5e9c9d3c986428e282c50052ee8e2f532a3cda91d0572730911646a0dc5efceef2ebecd2e2e3498ea9cbcc70a823bd1c1e7ff58fbb5d99ef4c784394b5efc0360e4baf54357e34c85777a2abf51de7519d59628a28c508a0f92efa992a7d4284a9a4a9aa7990c82ea6f73c94db65dc9d655e57e59a1bab00fd536895d3b4e0fa313eaa4298f06d63579a2325c3f97497b56439b18717f168327624cfbcbde510a2ec41b075f6ebbc67d740d912a622ba1be8abe86e42f3c2fc48f8da4a1deb23a523ba18e4ebc417b212cf873c63cfcb3769d2c85fecd1080a7efc8ffbf1d3a171bcfa5961eb37ba112dc2699fc3108f6cd3f2d12bb5918e7c38e45b382f726e062b58efb69e16665059d88d747a28a85a89cd1b2348a1e92f4aa3f5e2e5e10019d5b77290855d0a9ad77dc61489441d4cdff151c2e96bf6e08c1ea789dd78bfabaf795cf746854b2f97861cabd87d2d82e7a436f63bf10b44cb2a0c981cebe648467c11156fb635e4aeb335c6f54058be619b99cb590eae7c55cdef192463147d3ad3c4897ea93a3e2a61203067f91e2cbc856c1ecc0d7f5f533ef944639b0dab77601888218065a6a5e32da83e9cb1281bf45e5e78f23a645b3ea63ba0687d2566a689fc64751b1a546574dd4430bddaaebebbb50dc852991f67fb2c9ac067216307ed0d396b80533e6aa8c33b57876a19afcf4ef3c86624804f2dc28c6602e267a0b585a5a178a89b01ebec1bc6d1f7fd26826792f92525e668b110e053ff1bfed91cebf27755b9487877759dfebc05f55dba25384d4a507eb219b3d42fe41e9638e40b1d38032373c415f5e40fd691c425d2d243192af12adb49f2d674cbba20244cab1f2e73d0551e188ac760062322e85c783ca0575c3b5f8f94b3d443449b448e7d04d7a86a48c67612c640719462ca8f12135de5a271bf170ff0adf769cc00caea538454f701ff34172bc538570df188dd80d28994a13f1d9aeab34655c1c66def2697a931a0f00a0c084dcddb7d5c3095a775726e82fa3939be4e61fc74e147ac12612ffccc353be4912285db5b248ef4fe91ae0677fe2766b84bfa63abda25c63ab0204d655961d3e53671eb9e401f088968adb1a1754bf9c73f7bf5a2061b7e3baaab37f57da524e0ab8b68eeb728f9bd0a71c4a5d86479494f6069004ebfa55cf25e6822d851ecc4538cc8016754999caba43c07cefc3568420601fab3ec60e8b97984d9a85fb41b8ecf55773b47854d085dce844b00fe7bc789ebdaa578e1c5374b2ec9f16418d8c1212335fd0777e90bc82488f050538b85fc211dcfb1d5a75e8d7d289e6aff8d1e30ef0e0306f6db5ed920110e9750f3020d8ed31f06f883c6b73847d6f612db4361a7f16b81c6edc513ff0f80093e6f2cbb08af41d5a12ee1a3acdfa32aa122cc6b1e81e10013a981c0733bb5799f8f9ecdfd3b63acb085643843f995a655f369641667fa389ec865248b7c0b85123c625be882183c738d9482f2171642902a851a1ab45dbb29468e43ca9ff09a3fe557ccfe60dbc452654d6db03f5eab9fc0d0a98a18cf9da36dc326deb7509ade42d745e468c6fd0a3b05444f4de3bb17fc3a49f3388d1b7f6a0def5fed9ac930081a9ace2e94174a0c92c19636fbb0aeed27dd7f3994cab12f1f97b9e0e3a54838ccefc76c19f824affc2f3bf89ee634536227b056e09204eec25fa8587281416448d851134aae16155f3f2e4e29995eb1093530672f9743a8eb22e287d76bb9e72e980cfc8fe896ae962f5cc585a2df7ee0c12dc33e53e90d2484256bf6b32b4f1a26372f4cdb53980e78d2726fcca554b7f5dbfec4413d831ef8d9830730911939cf35dcd5e95f3661a6c57b86079d500a3dd934c2bdd3e8f00305fc504ff0ee8c819efbfbf9cd9a667b0fffcbd52b626b232812efd0b2f40343d5be56b553ebcb4455543e85c8639e008c2819248004b4c2d43477cf8662d8c6f5b499ed8257683febf953fb472a1545e4cd92bfb9db93738975478dd4547e67677eab6509ee5d90ddcdf94a27b38d87ca8232c0799bc584e12eb0a394c04438370af4c45e865964226433517ace58472950a836acc023ae5f8c6adfeb2e631db3795f1805264ae51fd5e0015c8ae409fce3fbe0447b1841cdf9f3f7c19276cab85d15d93e556b01deed75040b378aa1bcc3c6e630397009343a2633a6a2713e89d119b0cfa76236c8eaf5bcd4f44a4740b0791a1be47ae1b0916eacd7144a50a65574b476ba1b02ed2b0a61fcb59c9cd2a9170162cd59ab037ffc1fa35f5ae9a6c5696b64ca30686e9bbf9056173c473d7b54bca8cd5fe1bc4f9cdd5e3d88198c97bd3b60f2609d54ec60eb4d1ae5daee1bf73a08076182e439b47d41d56ddfd5d567c2a501a881d45549a9f311b22ea6c61a4b35da87d7b9a", 0x1000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000180)="11340e1a9edb82bcaee9a1493762ac60cc088c04cacaf8fb2cb88bdb834b429d84eb76ae1cce3a3a4ec8de00954af29fe053cf3ba2ea4a091307c129dfad0893419015adfade7f218a7cdc1b2b347335a2c908d1b58cf8f89f2dd8732fa2f45084a8911d11c8ee84c5905d1af7cb37a6871c8ec92adf8824955b0173cdf182c23013a7c87de307a054b6d43a7163bf84433678b38c61b7ee36f1149c1f8d95c32408ce380ca404b4fb7b1c82d5c16820eb01cb00c5722eced23751015ca34abf5c5e28c85ce8228ec03bfd45d8512af4") prctl$auto(0x663, 0xfcf, r1, 0xffff, 0xed2) (async) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mtd0ro\x00', 0x80000, 0x0) (async) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0) (async) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x22, 0x2, 0x2) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x40) (async) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0xffffffffffffffff, 0x28000) (async) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) prctl$auto(0x3e, 0x9, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 3.032397177s ago: executing program 0 (id=2330): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, &(0x7f0000000080)) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x1, 0x0, 0x8004) execveat$auto(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) socket(0x10, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11) ioperm$auto(0x7, 0x6, 0x2) fremovexattr$auto(0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) socket(0xa, 0x3, 0x73) setsockopt$auto(0x400000000000003, 0x29, 0x4, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8000000000000000, 0x8000) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) open(0x0, 0x4041, 0x1a1) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/mpls/conf/wg0/input\x00', 0x141241, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram12/queue/io_poll_delay\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x45b9) write$auto(r2, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x22240, 0x154) setsockopt$auto(0x3, 0x1, 0x3d, 0x0, 0x8) 2.996914196s ago: executing program 1 (id=2331): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r3, 0x0, 0x7) write$auto(0xffffffffffffffff, &(0x7f0000000000)='gJ\xdf\xd9\t\x8b7\x04\\\x00\x04x\x03\xcb\x12\xfa\b\x1c\xc7\xeb', 0x2) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x0) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) mmap$auto(0x2b5, 0xe983, 0xdf, 0xebf, r1, 0x7) socketpair$auto(0x1, 0x2, 0x2, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) r4 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x80044943, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) lsm_list_modules$auto(0x0, 0x0, 0x0) r5 = socket(0x2, 0x801, 0x106) close_range$auto(r1, r4, 0x7) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) recvmmsg$auto(r5, &(0x7f0000000340)={{&(0x7f00000000c0)="c5f7f81addb919b9374c99d0ac84e73f0dcc91d58813c1e5516e9f3277aab16db9244c70e1857d42fd8563eb9e7eed477e489ff029198655b93b2478a7d7dc65bee06dcf290aff19746d0089fab8be00984f8c89d904333960432b2700cf0d468ca86064ef22a35bc470f5ffb98966e31e053d50583231aa33a380d7b017dd97e645fcd0289aece7914072bdff00cc71b7f4d6fd7e6c48570f802f47a164b758842e5fd270264575b1413626c27391304e42dad4ebf8dc7267e1168337e4cd442d0a74e739846663b8aa1bae33e86a3151aab503841137ccdf", 0x6, &(0x7f0000000040)={&(0x7f0000000480)="55d2073e6c1bfe9433a73b38ae62bc441f29d6a9fb60098695c476574e7f694e78582b06393ab3d7c77c7026fe1fa9efd0a78d48f80d2b08275dba64aa10e286eba67582c73db98b8926743826d2a0a5251a26179c053e1dc691e6445a970b3016328f2ad349f4d6012aa6cd2d1c167edb3e9a69ee07658ca15b61c1d05d2d666d075f2cb695cd48d9f1eb58650dd98ba69e0eda4e997d3bd5ac06b3da17283800a20bfb3540b27d79587a1b6eb39c4de5597521319e998a34c729caba9a03a6cfd0dfab787ad897793c31586005285c7882219f5429f6a858461e04c71d169d00e4a28bb9078f79a3c4", 0x1}, 0x4, &(0x7f00000002c0)="bd1a99994062f5425747b7680fbbc548d28d4b4c14f2f1cbd0e03cc6261e6408456bd4b6ee9a4f62564690cfffedc1f7f9be6803f79669bb232dc0d4558eb5794a6d66086da785ecfeb5c9b934d9964c00d19881", 0x4, 0x8}, 0x400}, 0x1, 0x2, &(0x7f0000000380)={0x1, 0x5}) r7 = socketpair$auto(0x800006, 0x180, 0x200000, 0x0) ioctl$auto(r6, 0x541c, r7) 2.996350366s ago: executing program 2 (id=2332): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) bind$auto(0x3, 0x0, 0x6a) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_DONE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbff, {}, [@HANDSHAKE_A_DONE_SOCKFD={0x8}]}, 0x1c}}, 0xd4) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/iosched/fifo_batch\x00', 0xa001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) msync$auto(0x2, 0x9, 0x40) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0xffffffffffffffff, r0, 0x200794) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r4, 0xffffffffffdffe00, &(0x7f0000000140)=';') 2.743860199s ago: executing program 0 (id=2333): r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) ioctl$auto_FIDEDUPERANGE(r1, 0xc0189436, 0x2) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x8001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48080}, 0xc000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00"}, 0x55) lseek$auto(r0, 0x7ff, 0x1) 2.596497064s ago: executing program 3 (id=2334): r0 = socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x300}]}, 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/bdi/43:352/stats\x00', 0x20080, 0x0) bind$auto(r3, &(0x7f0000000040)=@isdn={0x22, 0x48, 0x6, 0x4, 0x8}, 0x65) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b48, 0x1) getsockopt$auto(r0, 0x84, 0x0, 0x0, &(0x7f0000000000)=0x84) 2.108948821s ago: executing program 3 (id=2335): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D0\x00', 0x2841, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x0, 0x318f, 0x4, 0x0, 0xff, "50cfeeca8e000000000100"}) 1.803691949s ago: executing program 3 (id=2336): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000008c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(0xffffffffffffffff) pread64$auto(0xffffffffffffffff, 0x0, 0x9, 0x8000) semctl$auto_GETZCNT(0x78d9, 0x8001, 0xf, 0x8001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x8000000eb1, 0x401, 0x8000) getsockopt$auto_SO_RESERVE_MEM(0xffffffffffffffff, 0x0, 0x49, &(0x7f00000000c0)='(*@]\\\x00', &(0x7f00000001c0)=0x6f9) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={0x0, 0xfffffce9}, 0x1, 0x0, 0x0, 0x4044010}, 0x40890) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa1\x00', 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x4, 0x9) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r4], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r5) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000003080)=ANY=[@ANYBLOB="f4", @ANYRES16=r6, @ANYBLOB="010025bd7000fbdbdf251200000008000600800000000c00018008000100", @ANYRES32=r8, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x20008800) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000004280)={&(0x7f00000001c0)={0x60, r0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_MODULE_FW_FLASH_PASSWORD={0x8, 0x3, 0x804}, @ETHTOOL_A_MODULE_FW_FLASH_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME={0xc, 0x2, 'nl80211\x00'}, @ETHTOOL_A_MODULE_FW_FLASH_PASSWORD={0x8, 0x3, 0xffffffa8}, @ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME={0xc, 0x2, 'gretap0\x00'}, @ETHTOOL_A_MODULE_FW_FLASH_FILE_NAME={0xd, 0x2, 'ovs_flow\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x4c080}, 0x888) 1.703801745s ago: executing program 0 (id=2337): r0 = socket(0x10, 0x3, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x2000c010}, 0xc08e51e6ade13d54) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) 1.440610215s ago: executing program 2 (id=2338): r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) close_range$auto(r0, r1, 0x10001) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) name_to_handle_at$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x2000fdff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x22, 0x2, 0x3) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0x4008ae9c, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) mmap$auto(0x0, 0x9, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) adjtimex$auto(&(0x7f00000006c0)={0x7, 0x0, 0x0, 0x8, 0x3, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x7, {0x1, 0x10000}, 0x4, 0xe, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000005, 0x83, 0xffffffffffff628e, 0xa74a, 0x5, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) 1.439213704s ago: executing program 3 (id=2339): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/oss/sndstat\x00', 0x40441, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x5, 0x948b, 0x3, 0x200, 0x1, 0x3, 0x3, 0x800008080001f, 0x7, 0x6d41, 0xc, 0x3, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/mem\x00', 0x408483, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x53, 0x17, 0x0, 0x0, 0x4000000000) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0) read$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(r3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) 1.412675367s ago: executing program 0 (id=2340): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x40090) setresuid$auto(0x0, 0x7, 0x0) socket(0x29, 0x2, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x1a1226b6, 0x6, 0x1, 0x9b72, 0xffffffffffffffff, 0x80000008000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram14/power/runtime_active_time\x00', 0xc2a43, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc6e00, 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x802, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, 0x0) read$auto(r4, 0x0, 0xcefbce6) read$auto_nsim_dev_trap_fa_cookie_fops_dev(r4, &(0x7f0000000000)=""/156, 0x9c) kill$auto(0x0, 0x11) syz_clone3(&(0x7f0000000500)={0x400, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r1, 0x100000000008000) close_range$auto(r2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x0, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x30400, 0x0) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) 223.611955ms ago: executing program 3 (id=2342): mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) r0 = fcntl$auto(0x3, 0x4, 0xa553) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x20000010) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20080400}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r1, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@SMC_PNETID_ETHNAME={0xf, 0x2, '/dev/loop6\x00'}, @SMC_PNETID_NAME={0x6, 0x1, '#\x00'}, @SMC_PNETID_NAME={0xf, 0x1, '/dev/loop6\x00'}, @SMC_PNETID_NAME={0xf, 0x1, '/dev/loop6\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0xa5}, @SMC_PNETID_IBNAME={0xf, 0x3, '/dev/loop6\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x24004011) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x189c41, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c0a, 0x0) 0s ago: executing program 2 (id=2343): mmap$auto(0x0, 0xdb3, 0xdf, 0xeb1, 0x401, 0x8000) (async) getpid() openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x800, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0) (async) r0 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$auto_MEMGETREGIONINFO(0xffffffffffffffff, 0xc0104d08, &(0x7f00000000c0)={0x0, 0x6, 0x9, 0x800}) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/ns_last_pid\x00', 0x68001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) (async) pread64$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x400, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0xd3e, 0x1, 0x958b, 0xffffffffffffffff, 0x95f4da0a, 0xfffffffffffffffe, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) select$auto(0x12, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0xa8c, 0x3, 0x15f4da0b, 0x3, 0x3, 0x3, 0x80000023, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) kernel console output (not intermixed with test programs): 3062][T12055] ? __pfx_do_futex+0x10/0x10 [ 468.573094][T12055] ? fd_install+0x244/0x750 [ 468.573130][T12055] __x64_sys_futex+0x1e0/0x4c0 [ 468.573162][T12055] ? __do_sys_landlock_create_ruleset+0x2b2/0x4e0 [ 468.573202][T12055] ? __pfx___x64_sys_futex+0x10/0x10 [ 468.573244][T12055] do_syscall_64+0xcd/0x490 [ 468.573284][T12055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.573356][T12055] RIP: 0033:0x7fcbcb18e929 [ 468.573375][T12055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.573398][T12055] RSP: 002b:00007fcbcbff50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 468.573420][T12055] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa8 RCX: 00007fcbcb18e929 [ 468.573436][T12055] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcbcb3b5fac [ 468.573450][T12055] RBP: 00007fcbcb3b5fa0 R08: 00007fcbcbff6000 R09: 0000000000000000 [ 468.573466][T12055] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fcbcb3b5fac [ 468.573480][T12055] R13: 0000000000000000 R14: 00007ffd018ba150 R15: 00007ffd018ba238 [ 468.573509][T12055] [ 472.500636][T12107] FAULT_INJECTION: forcing a failure. [ 472.500636][T12107] name failslab, interval 1, probability 0, space 0, times 0 [ 472.611454][T12107] CPU: 0 UID: 0 PID: 12107 Comm: syz.2.1277 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 472.611507][T12107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 472.611527][T12107] Call Trace: [ 472.611538][T12107] [ 472.611551][T12107] dump_stack_lvl+0x16c/0x1f0 [ 472.611611][T12107] should_fail_ex+0x512/0x640 [ 472.611664][T12107] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 472.611724][T12107] should_failslab+0xc2/0x120 [ 472.611760][T12107] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 472.611815][T12107] ? alloc_inode+0x64/0x240 [ 472.611859][T12107] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 472.611901][T12107] alloc_inode+0x64/0x240 [ 472.611939][T12107] new_inode+0x22/0x1c0 [ 472.611990][T12107] __debugfs_create_file+0x11c/0x6b0 [ 472.612043][T12107] debugfs_create_file_full+0x41/0x60 [ 472.612096][T12107] kvm_dev_ioctl+0x14ff/0x1ad0 [ 472.612144][T12107] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 472.612192][T12107] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 472.612227][T12107] __x64_sys_ioctl+0x18b/0x210 [ 472.612274][T12107] do_syscall_64+0xcd/0x490 [ 472.612332][T12107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.612367][T12107] RIP: 0033:0x7f355ef8e929 [ 472.612396][T12107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.612430][T12107] RSP: 002b:00007f355cdd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 472.612463][T12107] RAX: ffffffffffffffda RBX: 00007f355f1b6080 RCX: 00007f355ef8e929 [ 472.612486][T12107] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 472.612506][T12107] RBP: 00007f355f010b39 R08: 0000000000000000 R09: 0000000000000000 [ 472.612526][T12107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.612546][T12107] R13: 0000000000000000 R14: 00007f355f1b6080 R15: 00007ffdd68abc48 [ 472.612588][T12107] [ 472.612601][T12107] debugfs: out of free dentries, can not create file 'remote_tlb_flush_requests' [ 476.364557][ T30] audit: type=1800 audit(6046685928.511:66): pid=12153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1290" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0 [ 478.116662][T12184] vivid-007: ================= START STATUS ================= [ 478.124698][T12184] vivid-007: Generate PTS: true [ 478.130107][T12184] vivid-007: Generate SCR: true [ 478.135121][T12184] tpg source WxH: 320x240 (Y'CbCr) [ 478.141002][T12184] tpg field: 1 [ 478.144432][T12184] tpg crop: (0,0)/320x240 [ 478.148805][T12184] tpg compose: (0,0)/320x240 [ 478.180134][T12184] tpg colorspace: 8 [ 478.184028][T12184] tpg transfer function: 0/0 [ 478.229070][T12184] tpg Y'CbCr encoding: 0/0 [ 478.233570][T12184] tpg quantization: 0/0 [ 478.237890][T12184] tpg RGB range: 0/2 [ 478.269043][T12184] vivid-007: ================== END STATUS ================== [ 479.534297][T12211] Invalid ELF header magic: != ELF [ 480.127088][T12217] blktrace: Concurrent blktraces are not allowed on loop2 [ 486.642751][T12299] zswap: compressor not available [ 486.660554][T12313] Invalid ELF header magic: != ELF [ 492.461941][T12375] FAULT_INJECTION: forcing a failure. [ 492.461941][T12375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 492.514942][T12375] CPU: 1 UID: 0 PID: 12375 Comm: syz.0.1337 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 492.514984][T12375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 492.515001][T12375] Call Trace: [ 492.515011][T12375] [ 492.515021][T12375] dump_stack_lvl+0x16c/0x1f0 [ 492.515080][T12375] should_fail_ex+0x512/0x640 [ 492.515133][T12375] _copy_from_user+0x2e/0xd0 [ 492.515158][T12375] get_timespec64+0x8b/0x1b0 [ 492.515190][T12375] ? __pfx_get_timespec64+0x10/0x10 [ 492.515222][T12375] ? ktime_get+0x200/0x310 [ 492.515262][T12375] __x64_sys_futex+0x288/0x4c0 [ 492.515299][T12375] ? __pfx___x64_sys_futex+0x10/0x10 [ 492.515334][T12375] ? xfd_validate_state+0x61/0x180 [ 492.515395][T12375] do_syscall_64+0xcd/0x490 [ 492.515445][T12375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.515477][T12375] RIP: 0033:0x7f5329d8e929 [ 492.515500][T12375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 492.515530][T12375] RSP: 002b:00007ffc9a05f288 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 492.515558][T12375] RAX: ffffffffffffffda RBX: 000000000007832d RCX: 00007f5329d8e929 [ 492.515577][T12375] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5329fb5fac [ 492.515596][T12375] RBP: 0000000000000032 R08: 00007f532abcd000 R09: 000000049a05f57f [ 492.515617][T12375] R10: 00007ffc9a05f380 R11: 0000000000000246 R12: 00007f5329fb5fac [ 492.515636][T12375] R13: 00007ffc9a05f380 R14: 000000000007835f R15: 00007ffc9a05f3a0 [ 492.515674][T12375] [ 492.676532][ C1] vkms_vblank_simulate: vblank timer overrun [ 492.909911][T12374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 492.966633][T12374] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 496.224787][T12423] mkiss: ax0: crc mode is auto. [ 496.484039][T12439] random: crng reseeded on system resumption [ 496.690805][T12443] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1350'. [ 497.705253][T12455] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1352'. [ 498.190603][T12462] FAULT_INJECTION: forcing a failure. [ 498.190603][T12462] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 498.244490][T12462] CPU: 0 UID: 0 PID: 12462 Comm: syz.2.1354 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 498.244536][T12462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 498.244554][T12462] Call Trace: [ 498.244565][T12462] [ 498.244576][T12462] dump_stack_lvl+0x16c/0x1f0 [ 498.244631][T12462] should_fail_ex+0x512/0x640 [ 498.244687][T12462] _copy_from_user+0x2e/0xd0 [ 498.244719][T12462] copy_msghdr_from_user+0x98/0x160 [ 498.244771][T12462] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 498.244829][T12462] ? kfree+0x24f/0x4d0 [ 498.244878][T12462] ? __pfx__kstrtoull+0x10/0x10 [ 498.244928][T12462] ___sys_sendmsg+0xfe/0x1d0 [ 498.244982][T12462] ? __pfx____sys_sendmsg+0x10/0x10 [ 498.245071][T12462] ? __pfx___might_resched+0x10/0x10 [ 498.245118][T12462] __sys_sendmmsg+0x200/0x420 [ 498.245175][T12462] ? __pfx___sys_sendmmsg+0x10/0x10 [ 498.245242][T12462] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 498.245313][T12462] ? fput+0x70/0xf0 [ 498.245346][T12462] ? ksys_write+0x1ac/0x250 [ 498.245394][T12462] ? __pfx_ksys_write+0x10/0x10 [ 498.245452][T12462] __x64_sys_sendmmsg+0x9c/0x100 [ 498.245502][T12462] ? lockdep_hardirqs_on+0x7c/0x110 [ 498.245552][T12462] do_syscall_64+0xcd/0x490 [ 498.245607][T12462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.245641][T12462] RIP: 0033:0x7f355ef8e929 [ 498.245666][T12462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 498.245698][T12462] RSP: 002b:00007f355cdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 498.245729][T12462] RAX: ffffffffffffffda RBX: 00007f355f1b5fa0 RCX: 00007f355ef8e929 [ 498.245750][T12462] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 498.245768][T12462] RBP: 00007f355cdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 498.245787][T12462] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 498.245806][T12462] R13: 0000000000000000 R14: 00007f355f1b5fa0 R15: 00007ffdd68abc48 [ 498.245845][T12462] [ 503.099799][T12510] FAULT_INJECTION: forcing a failure. [ 503.099799][T12510] name failslab, interval 1, probability 0, space 0, times 0 [ 503.135503][T12510] CPU: 1 UID: 0 PID: 12510 Comm: syz.1.1363 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 503.135549][T12510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 503.135569][T12510] Call Trace: [ 503.135579][T12510] [ 503.135590][T12510] dump_stack_lvl+0x16c/0x1f0 [ 503.135646][T12510] should_fail_ex+0x512/0x640 [ 503.135702][T12510] should_failslab+0xc2/0x120 [ 503.135737][T12510] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 503.135792][T12510] ? dst_alloc+0x99/0x1a0 [ 503.135843][T12510] dst_alloc+0x99/0x1a0 [ 503.135892][T12510] rt_dst_alloc+0x35/0x3a0 [ 503.135933][T12510] ip_route_output_key_hash_rcu+0x87a/0x28f0 [ 503.135998][T12510] ip_route_output_key_hash+0x137/0x2e0 [ 503.136048][T12510] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 503.136108][T12510] ? find_held_lock+0x2b/0x80 [ 503.136148][T12510] ip_route_output_flow+0x27/0x150 [ 503.136192][T12510] raw_sendmsg+0xd70/0x3820 [ 503.136236][T12510] ? __pfx_raw_sendmsg+0x10/0x10 [ 503.136269][T12510] ? __lock_acquire+0x622/0x1c90 [ 503.136307][T12510] ? __lock_acquire+0x622/0x1c90 [ 503.136351][T12510] ? __pfx___might_resched+0x10/0x10 [ 503.136377][T12510] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 503.136430][T12510] ? aa_sk_perm+0x2f4/0xb10 [ 503.136488][T12510] ? __import_iovec+0x1dd/0x650 [ 503.136509][T12510] ? __might_fault+0xe3/0x190 [ 503.136543][T12510] ? __might_fault+0x13b/0x190 [ 503.136578][T12510] ? __pfx_raw_sendmsg+0x10/0x10 [ 503.136612][T12510] inet_sendmsg+0x119/0x140 [ 503.136646][T12510] ____sys_sendmsg+0x973/0xc70 [ 503.136674][T12510] ? copy_msghdr_from_user+0x10a/0x160 [ 503.136710][T12510] ? __pfx_____sys_sendmsg+0x10/0x10 [ 503.136741][T12510] ? kfree+0x24f/0x4d0 [ 503.136768][T12510] ? __pfx__kstrtoull+0x10/0x10 [ 503.136803][T12510] ___sys_sendmsg+0x134/0x1d0 [ 503.136840][T12510] ? __pfx____sys_sendmsg+0x10/0x10 [ 503.136903][T12510] ? __pfx___might_resched+0x10/0x10 [ 503.136934][T12510] __sys_sendmmsg+0x200/0x420 [ 503.136973][T12510] ? __pfx___sys_sendmmsg+0x10/0x10 [ 503.137019][T12510] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 503.137069][T12510] ? fput+0x70/0xf0 [ 503.137104][T12510] ? ksys_write+0x1ac/0x250 [ 503.137136][T12510] ? __pfx_ksys_write+0x10/0x10 [ 503.137173][T12510] __x64_sys_sendmmsg+0x9c/0x100 [ 503.137212][T12510] ? lockdep_hardirqs_on+0x7c/0x110 [ 503.137245][T12510] do_syscall_64+0xcd/0x490 [ 503.137281][T12510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.137304][T12510] RIP: 0033:0x7fcbcb18e929 [ 503.137321][T12510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.137343][T12510] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 503.137364][T12510] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 503.137379][T12510] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 503.137392][T12510] RBP: 00007fcbcbff5090 R08: 0000000000000000 R09: 0000000000000000 [ 503.137405][T12510] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 503.137418][T12510] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 503.137457][T12510] [ 505.323162][T12525] FAULT_INJECTION: forcing a failure. [ 505.323162][T12525] name failslab, interval 1, probability 0, space 0, times 0 [ 505.377141][T12525] CPU: 0 UID: 0 PID: 12525 Comm: syz.3.1366 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 505.377191][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 505.377211][T12525] Call Trace: [ 505.377222][T12525] [ 505.377242][T12525] dump_stack_lvl+0x16c/0x1f0 [ 505.377301][T12525] should_fail_ex+0x512/0x640 [ 505.377353][T12525] ? fs_reclaim_acquire+0xae/0x150 [ 505.377401][T12525] ? ima_alloc_init_template+0x19d/0x720 [ 505.377436][T12525] should_failslab+0xc2/0x120 [ 505.377472][T12525] __kmalloc_noprof+0xd2/0x510 [ 505.377525][T12525] ? __print_lock_name+0x61/0xe0 [ 505.377569][T12525] ima_alloc_init_template+0x19d/0x720 [ 505.377608][T12525] ? take_dentry_name_snapshot+0x319/0x7d0 [ 505.377655][T12525] ima_store_measurement+0x1eb/0x5c0 [ 505.377696][T12525] ? __pfx_ima_store_measurement+0x10/0x10 [ 505.377736][T12525] ? vfs_getxattr_alloc+0xec/0x340 [ 505.377798][T12525] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 505.377859][T12525] process_measurement+0x1ddb/0x23e0 [ 505.377930][T12525] ? __pfx_process_measurement+0x10/0x10 [ 505.377992][T12525] ? alloc_empty_file+0x73/0x1e0 [ 505.378030][T12525] ? hugetlb_file_setup+0x4cd/0x620 [ 505.378068][T12525] ? ksys_mmap_pgoff+0x189/0x5c0 [ 505.378104][T12525] ? __x64_sys_mmap+0x125/0x190 [ 505.378214][T12525] ima_file_mmap+0x1b1/0x1d0 [ 505.378280][T12525] ? __pfx_ima_file_mmap+0x10/0x10 [ 505.378358][T12525] security_mmap_file+0x88c/0x990 [ 505.378406][T12525] vm_mmap_pgoff+0xec/0x450 [ 505.378447][T12525] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 505.378479][T12525] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 505.378520][T12525] ? hugetlbfs_get_inode+0x31f/0x730 [ 505.378568][T12525] ksys_mmap_pgoff+0x1c8/0x5c0 [ 505.378615][T12525] __x64_sys_mmap+0x125/0x190 [ 505.378668][T12525] do_syscall_64+0xcd/0x490 [ 505.378723][T12525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.378757][T12525] RIP: 0033:0x7fa6fc38e929 [ 505.378783][T12525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 505.378815][T12525] RSP: 002b:00007fa6fd1f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 505.378847][T12525] RAX: ffffffffffffffda RBX: 00007fa6fc5b5fa0 RCX: 00007fa6fc38e929 [ 505.378867][T12525] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 505.378887][T12525] RBP: 00007fa6fc410b39 R08: 0000000000000401 R09: 0000300000000000 [ 505.378907][T12525] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 505.378929][T12525] R13: 0000000000000000 R14: 00007fa6fc5b5fa0 R15: 00007ffd88c338e8 [ 505.378968][T12525] [ 505.948983][ T30] audit: type=1804 audit(6046685958.091:67): pid=12525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.1366" name="anon_hugepage" dev="hugetlbfs" ino=36350 res=0 errno=0 [ 506.192285][T12525] FAULT_INJECTION: forcing a failure. [ 506.192285][T12525] name fail_futex, interval 1, probability 0, space 0, times 0 [ 506.229215][T12525] CPU: 1 UID: 0 PID: 12525 Comm: syz.3.1366 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 506.229274][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 506.229292][T12525] Call Trace: [ 506.229301][T12525] [ 506.229312][T12525] dump_stack_lvl+0x16c/0x1f0 [ 506.229364][T12525] should_fail_ex+0x512/0x640 [ 506.229415][T12525] get_futex_key+0x1d0/0x1540 [ 506.229453][T12525] ? find_held_lock+0x2b/0x80 [ 506.229485][T12525] ? __pfx_get_futex_key+0x10/0x10 [ 506.229527][T12525] ? tomoyo_path_number_perm+0x18d/0x580 [ 506.229568][T12525] futex_wake+0xea/0x530 [ 506.229640][T12525] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 506.229709][T12525] ? __pfx_futex_wake+0x10/0x10 [ 506.229772][T12525] do_futex+0x1e3/0x350 [ 506.229812][T12525] ? __pfx_do_futex+0x10/0x10 [ 506.229854][T12525] ? find_held_lock+0x2b/0x80 [ 506.229891][T12525] __x64_sys_futex+0x1e0/0x4c0 [ 506.229935][T12525] ? __fget_files+0x20e/0x3c0 [ 506.229979][T12525] ? __pfx___x64_sys_futex+0x10/0x10 [ 506.230025][T12525] ? fput+0x70/0xf0 [ 506.230062][T12525] do_syscall_64+0xcd/0x490 [ 506.230113][T12525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.230152][T12525] RIP: 0033:0x7fa6fc38e929 [ 506.230177][T12525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 506.230208][T12525] RSP: 002b:00007fa6fd1f00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 506.230237][T12525] RAX: ffffffffffffffda RBX: 00007fa6fc5b5fa8 RCX: 00007fa6fc38e929 [ 506.230257][T12525] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa6fc5b5fac [ 506.230294][T12525] RBP: 00007fa6fc5b5fa0 R08: 00007fa6fd1f1000 R09: 0000000000000000 [ 506.230315][T12525] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fa6fc5b5fac [ 506.230336][T12525] R13: 0000000000000000 R14: 00007ffd88c33800 R15: 00007ffd88c338e8 [ 506.230378][T12525] [ 506.759909][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.773225][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.080603][T12543] random: crng reseeded on system resumption [ 508.279283][T12546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1371'.                                                                                                                                                                                                                                              syzkaller syzkaller login: [ 533.741275][T12942] netlink: 'syz.2.1448': attribute type 27 has an invalid length. [ 533.799105][T12942] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1448'. [ 536.852251][T12973] qrtr: Invalid version 7 [ 537.134291][T12982] FAULT_INJECTION: forcing a failure. [ 537.134291][T12982] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 537.184237][T12982] CPU: 0 UID: 0 PID: 12982 Comm: syz.3.1459 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 537.184291][T12982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 537.184311][T12982] Call Trace: [ 537.184322][T12982] [ 537.184335][T12982] dump_stack_lvl+0x16c/0x1f0 [ 537.184396][T12982] should_fail_ex+0x512/0x640 [ 537.184456][T12982] should_fail_alloc_page+0xe7/0x130 [ 537.184495][T12982] prepare_alloc_pages+0x3c2/0x610 [ 537.184557][T12982] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 537.184618][T12982] ? stack_trace_save+0x8e/0xc0 [ 537.184656][T12982] ? __pfx_stack_trace_save+0x10/0x10 [ 537.184693][T12982] ? stack_depot_save_flags+0x28/0xa40 [ 537.184754][T12982] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 537.184805][T12982] ? kasan_save_stack+0x42/0x60 [ 537.184872][T12982] ? kasan_save_track+0x14/0x30 [ 537.184924][T12982] ? snd_pcm_attach_substream+0x441/0xd60 [ 537.184969][T12982] ? snd_pcm_open_substream+0x8d/0x17f0 [ 537.185011][T12982] ? snd_pcm_open+0x29e/0x730 [ 537.185049][T12982] ? snd_pcm_playback_open+0x86/0xe0 [ 537.185099][T12982] ? snd_open+0x1fe/0x450 [ 537.185125][T12982] ? chrdev_open+0x231/0x6a0 [ 537.185154][T12982] ? do_dentry_open+0x744/0x1c10 [ 537.185210][T12982] ? do_syscall_64+0xcd/0x490 [ 537.185260][T12982] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.185305][T12982] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 537.185363][T12982] ? policy_nodemask+0xea/0x4e0 [ 537.185400][T12982] alloc_pages_mpol+0x1fb/0x550 [ 537.185438][T12982] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 537.185485][T12982] alloc_pages_noprof+0x131/0x390 [ 537.185521][T12982] alloc_pages_exact_noprof+0x37/0xe0 [ 537.185567][T12982] snd_pcm_attach_substream+0x468/0xd60 [ 537.185624][T12982] snd_pcm_open_substream+0x8d/0x17f0 [ 537.185671][T12982] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 537.185720][T12982] ? rcu_is_watching+0x12/0xc0 [ 537.185763][T12982] snd_pcm_open+0x29e/0x730 [ 537.185812][T12982] ? __pfx_snd_pcm_open+0x10/0x10 [ 537.185861][T12982] ? __pfx_default_wake_function+0x10/0x10 [ 537.185910][T12982] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 537.185949][T12982] snd_pcm_playback_open+0x86/0xe0 [ 537.185986][T12982] snd_open+0x1fe/0x450 [ 537.186012][T12982] ? __pfx_snd_open+0x10/0x10 [ 537.186036][T12982] chrdev_open+0x231/0x6a0 [ 537.186073][T12982] ? __pfx_apparmor_file_open+0x10/0x10 [ 537.186121][T12982] ? __pfx_chrdev_open+0x10/0x10 [ 537.186157][T12982] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 537.186211][T12982] do_dentry_open+0x744/0x1c10 [ 537.186263][T12982] ? __pfx_chrdev_open+0x10/0x10 [ 537.186313][T12982] vfs_open+0x82/0x3f0 [ 537.186365][T12982] path_openat+0x1de4/0x2cb0 [ 537.186412][T12982] ? __pfx_path_openat+0x10/0x10 [ 537.186449][T12982] ? __lock_acquire+0xb8a/0x1c90 [ 537.186484][T12982] do_filp_open+0x20b/0x470 [ 537.186520][T12982] ? __pfx_do_filp_open+0x10/0x10 [ 537.186577][T12982] ? alloc_fd+0x471/0x7d0 [ 537.186617][T12982] do_sys_openat2+0x11b/0x1d0 [ 537.186645][T12982] ? __pfx_do_sys_openat2+0x10/0x10 [ 537.186683][T12982] __x64_sys_openat+0x174/0x210 [ 537.186712][T12982] ? __pfx___x64_sys_openat+0x10/0x10 [ 537.186768][T12982] do_syscall_64+0xcd/0x490 [ 537.186810][T12982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.186835][T12982] RIP: 0033:0x7fa6fc38e929 [ 537.186856][T12982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 537.186882][T12982] RSP: 002b:00007fa6fd1f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 537.186906][T12982] RAX: ffffffffffffffda RBX: 00007fa6fc5b5fa0 RCX: 00007fa6fc38e929 [ 537.186922][T12982] RDX: 0000000000040140 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 537.186938][T12982] RBP: 00007fa6fc410b39 R08: 0000000000000000 R09: 0000000000000000 [ 537.186953][T12982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 537.186969][T12982] R13: 0000000000000000 R14: 00007fa6fc5b5fa0 R15: 00007ffd88c338e8 [ 537.187000][T12982] [ 538.178281][T12991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1460'. [ 539.284404][T13014] netlink: 290 bytes leftover after parsing attributes in process `syz.1.1466'. [ 540.745057][T13032] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1471'. [ 542.387098][T13057] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 543.690414][T13053] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 545.278744][T13072] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1476'. [ 546.600728][T13101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1482'. [ 547.518990][T13115] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 548.047145][T13112] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 550.705000][T13156] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1490'. [ 551.319692][T13181] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1495'. [ 551.408472][T13168] cgroup: fork rejected by pids controller in /syz3 [ 552.659541][T13279] random: crng reseeded on system resumption [ 552.804134][T13275] FAULT_INJECTION: forcing a failure. [ 552.804134][T13275] name failslab, interval 1, probability 0, space 0, times 0 [ 552.829221][T13275] CPU: 1 UID: 0 PID: 13275 Comm: syz.1.1500 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 552.829265][T13275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 552.829283][T13275] Call Trace: [ 552.829292][T13275] [ 552.829303][T13275] dump_stack_lvl+0x16c/0x1f0 [ 552.829356][T13275] should_fail_ex+0x512/0x640 [ 552.829400][T13275] ? fs_reclaim_acquire+0xae/0x150 [ 552.829440][T13275] should_failslab+0xc2/0x120 [ 552.829470][T13275] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 552.829541][T13275] ? __kernfs_new_node+0xd2/0x8e0 [ 552.829594][T13275] __kernfs_new_node+0xd2/0x8e0 [ 552.829646][T13275] ? __pfx___kernfs_new_node+0x10/0x10 [ 552.829703][T13275] ? find_held_lock+0x2b/0x80 [ 552.829767][T13275] ? kernfs_root+0xee/0x2a0 [ 552.829822][T13275] kernfs_new_node+0x13c/0x1e0 [ 552.829881][T13275] __kernfs_create_file+0x53/0x350 [ 552.829926][T13275] sysfs_add_file_mode_ns+0x207/0x3c0 [ 552.829986][T13275] internal_create_group+0x578/0xf30 [ 552.830050][T13275] ? __pfx_internal_create_group+0x10/0x10 [ 552.830111][T13275] ? kernfs_create_link+0x1bd/0x240 [ 552.830159][T13275] internal_create_groups+0x9d/0x150 [ 552.830214][T13275] device_add+0x6d1/0x1a70 [ 552.830262][T13275] ? __pfx_device_add+0x10/0x10 [ 552.830296][T13275] ? kfree+0x24f/0x4d0 [ 552.830338][T13275] ? kstrdup+0xb5/0x100 [ 552.830406][T13275] device_create_groups_vargs+0x1f8/0x270 [ 552.830453][T13275] device_create+0xed/0x130 [ 552.830495][T13275] ? __pfx_device_create+0x10/0x10 [ 552.830543][T13275] ? __pfx_vsnprintf+0x10/0x10 [ 552.830607][T13275] bdi_register_va+0x114/0x820 [ 552.830647][T13275] ? __pfx_bdi_register_va+0x10/0x10 [ 552.830685][T13275] ? __pfx___percpu_ref_switch_mode+0x10/0x10 [ 552.830731][T13275] ? do_raw_spin_lock+0x12c/0x2b0 [ 552.830802][T13275] bdi_register+0xc7/0x100 [ 552.830837][T13275] ? __pfx_bdi_register+0x10/0x10 [ 552.830876][T13275] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 552.830924][T13275] ? lockdep_hardirqs_on+0x7c/0x110 [ 552.830975][T13275] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 552.831024][T13275] ? blk_register_queue+0x329/0x4f0 [ 552.831066][T13275] __add_disk+0xb0b/0xf00 [ 552.831126][T13275] add_disk_fwnode+0x13f/0x5d0 [ 552.831181][T13275] nbd_dev_add+0x791/0xbc0 [ 552.831238][T13275] ? __pfx_nbd_dev_add+0x10/0x10 [ 552.831319][T13275] ? bpf_lsm_capable+0x9/0x10 [ 552.831365][T13275] ? __radix_tree_lookup+0x21f/0x2c0 [ 552.831422][T13275] nbd_genl_connect+0x8b0/0x1c20 [ 552.831464][T13275] ? __pfx_nbd_genl_connect+0x10/0x10 [ 552.831499][T13275] ? __nla_parse+0x40/0x60 [ 552.831541][T13275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 552.831589][T13275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 552.831645][T13275] genl_family_rcv_msg_doit+0x206/0x2f0 [ 552.831694][T13275] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 552.831739][T13275] ? genl_get_cmd+0x194/0x580 [ 552.831801][T13275] ? __radix_tree_lookup+0x21f/0x2c0 [ 552.831856][T13275] genl_rcv_msg+0x55c/0x800 [ 552.831905][T13275] ? __pfx_genl_rcv_msg+0x10/0x10 [ 552.831950][T13275] ? __pfx_nbd_genl_connect+0x10/0x10 [ 552.832001][T13275] netlink_rcv_skb+0x155/0x420 [ 552.832039][T13275] ? __pfx_genl_rcv_msg+0x10/0x10 [ 552.832085][T13275] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 552.832141][T13275] ? netlink_deliver_tap+0x1ae/0xd30 [ 552.832180][T13275] genl_rcv+0x28/0x40 [ 552.832215][T13275] netlink_unicast+0x53d/0x7f0 [ 552.832255][T13275] ? __pfx_netlink_unicast+0x10/0x10 [ 552.832305][T13275] netlink_sendmsg+0x8d1/0xdd0 [ 552.832348][T13275] ? __pfx_netlink_sendmsg+0x10/0x10 [ 552.832401][T13275] ____sys_sendmsg+0xa95/0xc70 [ 552.832442][T13275] ? copy_msghdr_from_user+0x10a/0x160 [ 552.832493][T13275] ? __pfx_____sys_sendmsg+0x10/0x10 [ 552.832542][T13275] ? __pfx_futex_wake_mark+0x10/0x10 [ 552.832601][T13275] ___sys_sendmsg+0x134/0x1d0 [ 552.832664][T13275] ? __pfx____sys_sendmsg+0x10/0x10 [ 552.832712][T13275] ? __lock_acquire+0x622/0x1c90 [ 552.832819][T13275] __sys_sendmsg+0x16d/0x220 [ 552.832870][T13275] ? __pfx___sys_sendmsg+0x10/0x10 [ 552.832918][T13275] ? __x64_sys_futex+0x1e0/0x4c0 [ 552.832984][T13275] do_syscall_64+0xcd/0x490 [ 552.833034][T13275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.833064][T13275] RIP: 0033:0x7fcbcb18e929 [ 552.833087][T13275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 552.833118][T13275] RSP: 002b:00007fcbcbfd4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 552.833146][T13275] RAX: ffffffffffffffda RBX: 00007fcbcb3b6080 RCX: 00007fcbcb18e929 [ 552.833168][T13275] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000006 [ 552.833188][T13275] RBP: 00007fcbcb210b39 R08: 0000000000000000 R09: 0000000000000000 [ 552.833208][T13275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.833227][T13275] R13: 0000000000000000 R14: 00007fcbcb3b6080 R15: 00007ffd018ba238 [ 552.833268][T13275] [ 553.442052][T13279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 553.451269][T13279] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 553.871728][T13275] nbd: failed to add new device [ 555.303328][T13338] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1504'. [ 556.843129][T13362] ima: policy update failed [ 556.994825][ T30] audit: type=1802 audit(2521.460:68): pid=13362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1508" res=0 errno=0 [ 559.643527][T13396] FAULT_INJECTION: forcing a failure. [ 559.643527][T13396] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 559.659139][T13396] CPU: 0 UID: 0 PID: 13396 Comm: syz.2.1514 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 559.659172][T13396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 559.659186][T13396] Call Trace: [ 559.659193][T13396] [ 559.659201][T13396] dump_stack_lvl+0x16c/0x1f0 [ 559.659241][T13396] should_fail_ex+0x512/0x640 [ 559.659280][T13396] _copy_from_user+0x2e/0xd0 [ 559.659302][T13396] copy_msghdr_from_user+0x98/0x160 [ 559.659345][T13396] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 559.659395][T13396] ___sys_sendmsg+0xfe/0x1d0 [ 559.659432][T13396] ? __pfx____sys_sendmsg+0x10/0x10 [ 559.659465][T13396] ? __lock_acquire+0x622/0x1c90 [ 559.659532][T13396] __sys_sendmsg+0x16d/0x220 [ 559.659568][T13396] ? __pfx___sys_sendmsg+0x10/0x10 [ 559.659622][T13396] do_syscall_64+0xcd/0x490 [ 559.659661][T13396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.659684][T13396] RIP: 0033:0x7f355ef8e929 [ 559.659702][T13396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.659724][T13396] RSP: 002b:00007f355cdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 559.659746][T13396] RAX: ffffffffffffffda RBX: 00007f355f1b5fa0 RCX: 00007f355ef8e929 [ 559.659761][T13396] RDX: 0000000000000000 RSI: 0000200000002cc0 RDI: 0000000000000003 [ 559.659774][T13396] RBP: 00007f355cdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 559.659788][T13396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 559.659802][T13396] R13: 0000000000000000 R14: 00007f355f1b5fa0 R15: 00007ffdd68abc48 [ 559.659830][T13396] [ 561.656360][T13422] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1521'. [ 564.027590][T13436] ima: Unable to open file: /suritRy/integrity?iqa/policy (-2) [ 564.033118][T13435] ima: policy update failed [ 564.082686][ T30] audit: type=1802 audit(4294969824.558:69): pid=13435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1526" res=0 errno=0 [ 566.252225][T13459] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.3.1531: bg 1: bad block bitmap checksum [ 566.276186][T13459] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6548: Filesystem failed CRC [ 566.653435][T13466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1533'. [ 567.639011][T13487] FAULT_INJECTION: forcing a failure. [ 567.639011][T13487] name fail_futex, interval 1, probability 0, space 0, times 0 [ 567.652137][T13487] CPU: 1 UID: 0 PID: 13487 Comm: syz.3.1540 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 567.652169][T13487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 567.652183][T13487] Call Trace: [ 567.652190][T13487] [ 567.652199][T13487] dump_stack_lvl+0x16c/0x1f0 [ 567.652238][T13487] should_fail_ex+0x512/0x640 [ 567.652278][T13487] get_futex_key+0x1d0/0x1540 [ 567.652311][T13487] ? __pfx_get_futex_key+0x10/0x10 [ 567.652349][T13487] futex_wake+0xea/0x530 [ 567.652393][T13487] ? __pfx_futex_wake+0x10/0x10 [ 567.652459][T13487] do_futex+0x1e3/0x350 [ 567.652505][T13487] ? __pfx_do_futex+0x10/0x10 [ 567.652542][T13487] __x64_sys_futex+0x1e0/0x4c0 [ 567.652576][T13487] ? __pfx___x64_sys_futex+0x10/0x10 [ 567.652618][T13487] do_syscall_64+0xcd/0x490 [ 567.652656][T13487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.652679][T13487] RIP: 0033:0x7fa6fc38e929 [ 567.652696][T13487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.652719][T13487] RSP: 002b:00007fa6fd1cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 567.652739][T13487] RAX: ffffffffffffffda RBX: 00007fa6fc5b6088 RCX: 00007fa6fc38e929 [ 567.652754][T13487] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa6fc5b608c [ 567.652768][T13487] RBP: 00007fa6fc5b6080 R08: 00007fa6fd1f1000 R09: 0000000000000000 [ 567.652782][T13487] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fa6fc5b608c [ 567.652797][T13487] R13: 0000000000000000 R14: 00007ffd88c33800 R15: 00007ffd88c338e8 [ 567.652825][T13487] [ 568.175335][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.181782][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.657079][T13496] FAULT_INJECTION: forcing a failure. [ 568.657079][T13496] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 568.708547][T13496] CPU: 0 UID: 0 PID: 13496 Comm: syz.1.1542 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 568.708602][T13496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 568.708620][T13496] Call Trace: [ 568.708629][T13496] [ 568.708640][T13496] dump_stack_lvl+0x16c/0x1f0 [ 568.708703][T13496] should_fail_ex+0x512/0x640 [ 568.708771][T13496] _copy_from_iter+0x29f/0x16f0 [ 568.708826][T13496] ? __alloc_skb+0x200/0x380 [ 568.708873][T13496] ? __pfx__copy_from_iter+0x10/0x10 [ 568.708928][T13496] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 568.708974][T13496] netlink_sendmsg+0x829/0xdd0 [ 568.709015][T13496] ? __pfx_netlink_sendmsg+0x10/0x10 [ 568.709065][T13496] ____sys_sendmsg+0xa95/0xc70 [ 568.709102][T13496] ? copy_msghdr_from_user+0x10a/0x160 [ 568.709152][T13496] ? __pfx_____sys_sendmsg+0x10/0x10 [ 568.709208][T13496] ___sys_sendmsg+0x134/0x1d0 [ 568.709259][T13496] ? __pfx____sys_sendmsg+0x10/0x10 [ 568.709304][T13496] ? __lock_acquire+0x622/0x1c90 [ 568.709398][T13496] __sys_sendmsg+0x16d/0x220 [ 568.709447][T13496] ? __pfx___sys_sendmsg+0x10/0x10 [ 568.709523][T13496] do_syscall_64+0xcd/0x490 [ 568.709583][T13496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.709615][T13496] RIP: 0033:0x7fcbcb18e929 [ 568.709640][T13496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.709670][T13496] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 568.709698][T13496] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 568.709717][T13496] RDX: 0000000000000000 RSI: 0000200000002cc0 RDI: 0000000000000003 [ 568.709735][T13496] RBP: 00007fcbcbff5090 R08: 0000000000000000 R09: 0000000000000000 [ 568.709754][T13496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 568.709773][T13496] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 568.709813][T13496] [ 569.822770][T13513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1545'. [ 570.670015][T13517] FAULT_INJECTION: forcing a failure. [ 570.670015][T13517] name failslab, interval 1, probability 0, space 0, times 0 [ 570.740188][T13517] CPU: 1 UID: 0 PID: 13517 Comm: syz.0.1547 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 570.740237][T13517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 570.740256][T13517] Call Trace: [ 570.740267][T13517] [ 570.740279][T13517] dump_stack_lvl+0x16c/0x1f0 [ 570.740335][T13517] should_fail_ex+0x512/0x640 [ 570.740385][T13517] ? __kmalloc_node_noprof+0xc5/0x500 [ 570.740443][T13517] should_failslab+0xc2/0x120 [ 570.740476][T13517] __kmalloc_node_noprof+0xd8/0x500 [ 570.740528][T13517] ? __get_vm_area_node+0x208/0x330 [ 570.740569][T13517] ? __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 570.740621][T13517] __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 570.740680][T13517] ? kernel_read_file+0x6ff/0x910 [ 570.740726][T13517] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 570.740776][T13517] ? ima_read_file+0x142/0x1a0 [ 570.740826][T13517] ? __pfx_ima_read_file+0x10/0x10 [ 570.740891][T13517] ? kernel_read_file+0x6ff/0x910 [ 570.740921][T13517] __vmalloc_node_noprof+0xad/0xf0 [ 570.740961][T13517] ? kernel_read_file+0x6ff/0x910 [ 570.740997][T13517] kernel_read_file+0x6ff/0x910 [ 570.741044][T13517] ? __pfx_kernel_read_file+0x10/0x10 [ 570.741090][T13517] kernel_read_file_from_path_initns+0x1cf/0x260 [ 570.741130][T13517] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 570.741180][T13517] _request_firmware+0x744/0x1470 [ 570.741243][T13517] ? __pfx__request_firmware+0x10/0x10 [ 570.741285][T13517] ? __pfx_netdev_run_todo+0x10/0x10 [ 570.741313][T13517] ? __pfx___mutex_lock+0x10/0x10 [ 570.741372][T13517] request_firmware+0x35/0x50 [ 570.741415][T13517] reg_reload_regdb+0x89/0x460 [ 570.741455][T13517] ? __pfx_reg_reload_regdb+0x10/0x10 [ 570.741495][T13517] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 570.741540][T13517] ? nl80211_pre_doit+0x1b0/0xb10 [ 570.741591][T13517] genl_family_rcv_msg_doit+0x206/0x2f0 [ 570.741634][T13517] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 570.741672][T13517] ? rcu_is_watching+0x12/0xc0 [ 570.741718][T13517] ? bpf_lsm_capable+0x9/0x10 [ 570.741757][T13517] ? security_capable+0x7e/0x260 [ 570.741796][T13517] genl_rcv_msg+0x55c/0x800 [ 570.741859][T13517] ? __pfx_genl_rcv_msg+0x10/0x10 [ 570.741901][T13517] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 570.741949][T13517] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 570.741984][T13517] ? __pfx_nl80211_post_doit+0x10/0x10 [ 570.742059][T13517] netlink_rcv_skb+0x155/0x420 [ 570.742095][T13517] ? __pfx_genl_rcv_msg+0x10/0x10 [ 570.742139][T13517] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 570.742193][T13517] ? netlink_deliver_tap+0x1ae/0xd30 [ 570.742233][T13517] genl_rcv+0x28/0x40 [ 570.742268][T13517] netlink_unicast+0x53d/0x7f0 [ 570.742309][T13517] ? __pfx_netlink_unicast+0x10/0x10 [ 570.742357][T13517] netlink_sendmsg+0x8d1/0xdd0 [ 570.742399][T13517] ? __pfx_netlink_sendmsg+0x10/0x10 [ 570.742452][T13517] ____sys_sendmsg+0xa95/0xc70 [ 570.742491][T13517] ? copy_msghdr_from_user+0x10a/0x160 [ 570.742541][T13517] ? __pfx_____sys_sendmsg+0x10/0x10 [ 570.742588][T13517] ? __pfx_futex_wake_mark+0x10/0x10 [ 570.742644][T13517] ___sys_sendmsg+0x134/0x1d0 [ 570.742698][T13517] ? __pfx____sys_sendmsg+0x10/0x10 [ 570.742744][T13517] ? __lock_acquire+0x622/0x1c90 [ 570.742842][T13517] __sys_sendmsg+0x16d/0x220 [ 570.742893][T13517] ? __pfx___sys_sendmsg+0x10/0x10 [ 570.742943][T13517] ? __x64_sys_futex+0x1e0/0x4c0 [ 570.743011][T13517] do_syscall_64+0xcd/0x490 [ 570.743072][T13517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.743104][T13517] RIP: 0033:0x7f5329d8e929 [ 570.743130][T13517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 570.743162][T13517] RSP: 002b:00007f532abcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 570.743193][T13517] RAX: ffffffffffffffda RBX: 00007f5329fb5fa0 RCX: 00007f5329d8e929 [ 570.743214][T13517] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 570.743234][T13517] RBP: 00007f5329e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 570.743254][T13517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.743273][T13517] R13: 0000000000000000 R14: 00007f5329fb5fa0 R15: 00007ffc9a05f128 [ 570.743314][T13517] [ 570.743453][T13517] syz.0.1547: vmalloc error: size 8192, failed to allocated page array size 16, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 571.259271][T13517] CPU: 1 UID: 0 PID: 13517 Comm: syz.0.1547 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 571.259316][T13517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 571.259336][T13517] Call Trace: [ 571.259347][T13517] [ 571.259359][T13517] dump_stack_lvl+0x16c/0x1f0 [ 571.259417][T13517] warn_alloc+0x248/0x3a0 [ 571.259484][T13517] ? __pfx_warn_alloc+0x10/0x10 [ 571.259533][T13517] ? dump_stack_lvl+0x1a3/0x1f0 [ 571.259592][T13517] ? rcu_is_watching+0x12/0xc0 [ 571.259627][T13517] ? trace_kmalloc+0x2b/0xd0 [ 571.259661][T13517] ? __get_vm_area_node+0x208/0x330 [ 571.259712][T13517] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 571.259772][T13517] ? kernel_read_file+0x6ff/0x910 [ 571.259818][T13517] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 571.259868][T13517] ? ima_read_file+0x142/0x1a0 [ 571.259918][T13517] ? __pfx_ima_read_file+0x10/0x10 [ 571.259973][T13517] ? kernel_read_file+0x6ff/0x910 [ 571.260006][T13517] __vmalloc_node_noprof+0xad/0xf0 [ 571.260066][T13517] ? kernel_read_file+0x6ff/0x910 [ 571.260107][T13517] kernel_read_file+0x6ff/0x910 [ 571.260149][T13517] ? __pfx_kernel_read_file+0x10/0x10 [ 571.260197][T13517] kernel_read_file_from_path_initns+0x1cf/0x260 [ 571.260248][T13517] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 571.260315][T13517] _request_firmware+0x744/0x1470 [ 571.260384][T13517] ? __pfx__request_firmware+0x10/0x10 [ 571.260430][T13517] ? __pfx_netdev_run_todo+0x10/0x10 [ 571.260460][T13517] ? __pfx___mutex_lock+0x10/0x10 [ 571.260523][T13517] request_firmware+0x35/0x50 [ 571.260569][T13517] reg_reload_regdb+0x89/0x460 [ 571.260610][T13517] ? __pfx_reg_reload_regdb+0x10/0x10 [ 571.260653][T13517] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 571.260707][T13517] ? nl80211_pre_doit+0x1b0/0xb10 [ 571.260763][T13517] genl_family_rcv_msg_doit+0x206/0x2f0 [ 571.260809][T13517] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 571.260850][T13517] ? rcu_is_watching+0x12/0xc0 [ 571.260898][T13517] ? bpf_lsm_capable+0x9/0x10 [ 571.260940][T13517] ? security_capable+0x7e/0x260 [ 571.260981][T13517] genl_rcv_msg+0x55c/0x800 [ 571.261039][T13517] ? __pfx_genl_rcv_msg+0x10/0x10 [ 571.261078][T13517] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 571.261124][T13517] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 571.261158][T13517] ? __pfx_nl80211_post_doit+0x10/0x10 [ 571.261220][T13517] netlink_rcv_skb+0x155/0x420 [ 571.261258][T13517] ? __pfx_genl_rcv_msg+0x10/0x10 [ 571.261299][T13517] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 571.261349][T13517] ? netlink_deliver_tap+0x1ae/0xd30 [ 571.261386][T13517] genl_rcv+0x28/0x40 [ 571.261419][T13517] netlink_unicast+0x53d/0x7f0 [ 571.261457][T13517] ? __pfx_netlink_unicast+0x10/0x10 [ 571.261502][T13517] netlink_sendmsg+0x8d1/0xdd0 [ 571.261542][T13517] ? __pfx_netlink_sendmsg+0x10/0x10 [ 571.261591][T13517] ____sys_sendmsg+0xa95/0xc70 [ 571.261647][T13517] ? copy_msghdr_from_user+0x10a/0x160 [ 571.261710][T13517] ? __pfx_____sys_sendmsg+0x10/0x10 [ 571.261773][T13517] ? __pfx_futex_wake_mark+0x10/0x10 [ 571.261848][T13517] ___sys_sendmsg+0x134/0x1d0 [ 571.261903][T13517] ? __pfx____sys_sendmsg+0x10/0x10 [ 571.261952][T13517] ? __lock_acquire+0x622/0x1c90 [ 571.262053][T13517] __sys_sendmsg+0x16d/0x220 [ 571.262106][T13517] ? __pfx___sys_sendmsg+0x10/0x10 [ 571.262159][T13517] ? __x64_sys_futex+0x1e0/0x4c0 [ 571.262234][T13517] do_syscall_64+0xcd/0x490 [ 571.262291][T13517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.262326][T13517] RIP: 0033:0x7f5329d8e929 [ 571.262352][T13517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.262385][T13517] RSP: 002b:00007f532abcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 571.262416][T13517] RAX: ffffffffffffffda RBX: 00007f5329fb5fa0 RCX: 00007f5329d8e929 [ 571.262439][T13517] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 571.262459][T13517] RBP: 00007f5329e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 571.262480][T13517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 571.262500][T13517] R13: 0000000000000000 R14: 00007f5329fb5fa0 R15: 00007ffc9a05f128 [ 571.262543][T13517] [ 571.262555][T13517] Mem-Info: [ 571.733319][T13525] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1549'. [ 571.800172][T13517] active_anon:9457 inactive_anon:50722 isolated_anon:0 [ 571.800172][T13517] active_file:16423 inactive_file:45352 isolated_file:0 [ 571.800172][T13517] unevictable:768 dirty:813 writeback:0 [ 571.800172][T13517] slab_reclaimable:12184 slab_unreclaimable:96153 [ 571.800172][T13517] mapped:45297 shmem:47407 pagetables:2168 [ 571.800172][T13517] sec_pagetables:0 bounce:0 [ 571.800172][T13517] kernel_misc_reclaimable:0 [ 571.800172][T13517] free:1247973 free_pcp:20548 free_cma:0 [ 572.010262][T13517] Node 0 active_anon:37828kB inactive_anon:208112kB active_file:65700kB inactive_file:181828kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:181696kB dirty:3272kB writeback:0kB shmem:193236kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12756kB pagetables:8544kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 572.080629][T13517] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1808kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 572.194158][T13517] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 572.223313][T13517] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 572.229229][T13517] Node 0 DMA32 free:1067584kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:37784kB inactive_anon:212312kB active_file:64464kB inactive_file:182656kB unevictable:1536kB writepending:3272kB present:3129332kB managed:2540340kB mlocked:0kB bounce:0kB free_pcp:62204kB local_pcp:22708kB free_cma:0kB [ 572.280601][T13517] lowmem_reserve[]: 0 0 1 1 1 [ 572.285786][T13517] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1236kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB [ 572.320633][T13517] lowmem_reserve[]: 0 0 0 0 0 [ 572.325453][T13517] Node 1 Normal free:3903248kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:136kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17200kB local_pcp:7376kB free_cma:0kB [ 572.379111][T13517] lowmem_reserve[]: 0 0 0 0 0 [ 572.389354][T13517] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 572.405240][T13517] Node 0 DMA32: 0*4kB 300*8kB (UM) 1289*16kB (UM) 1238*32kB (UME) 367*64kB (UME) 190*128kB (UME) 84*256kB (UME) 90*512kB (UM) 60*1024kB (UME) 0*2048kB 201*4096kB (UM) = 1062768kB [ 572.489047][T13517] Node 0 Normal: 0*4kB 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 572.535562][T13533] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1550'. [ 572.551233][T13517] Node 1 Normal: 184*4kB (UME) 54*8kB (UME) 34*16kB (UM) 189*32kB (UME) 63*64kB (UME) 14*128kB (UME) 4*256kB (UM) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 948*4096kB (ME) = 3903248kB [ 572.596296][T13517] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 572.628354][T13517] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 572.658332][T13517] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 572.692345][T13517] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 572.721400][T13517] 115999 total pagecache pages [ 572.749648][T13517] 0 pages in swap cache [ 572.756955][T13517] Free swap = 124996kB [ 572.762071][T13517] Total swap = 124996kB [ 572.766463][T13517] 2097051 pages RAM [ 572.770716][T13517] 0 pages HighMem/MovableOnly [ 572.775815][T13517] 429988 pages reserved [ 572.780312][T13517] 0 pages cma reserved [ 572.784583][T13517] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 572.794768][T13517] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 572.804976][T13517] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 576.031694][T13572] FAULT_INJECTION: forcing a failure. [ 576.031694][T13572] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 576.054286][T13574] FAULT_INJECTION: forcing a failure. [ 576.054286][T13574] name failslab, interval 1, probability 0, space 0, times 0 [ 576.099070][T13572] CPU: 1 UID: 0 PID: 13572 Comm: syz.2.1559 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 576.099116][T13572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 576.099134][T13572] Call Trace: [ 576.099144][T13572] [ 576.099155][T13572] dump_stack_lvl+0x16c/0x1f0 [ 576.099208][T13572] should_fail_ex+0x512/0x640 [ 576.099264][T13572] _copy_to_user+0x32/0xd0 [ 576.099297][T13572] simple_read_from_buffer+0xcb/0x170 [ 576.099345][T13572] proc_fail_nth_read+0x197/0x270 [ 576.099388][T13572] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 576.099431][T13572] ? rw_verify_area+0xcf/0x680 [ 576.099475][T13572] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 576.099517][T13572] vfs_read+0x1e4/0xc60 [ 576.099570][T13572] ? __pfx___mutex_lock+0x10/0x10 [ 576.099623][T13572] ? __pfx_vfs_read+0x10/0x10 [ 576.099683][T13572] ? __fget_files+0x20e/0x3c0 [ 576.099743][T13572] ksys_read+0x12a/0x250 [ 576.099791][T13572] ? __pfx_ksys_read+0x10/0x10 [ 576.099862][T13572] do_syscall_64+0xcd/0x490 [ 576.099920][T13572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.099953][T13572] RIP: 0033:0x7f355ef8d33c [ 576.099979][T13572] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 576.100011][T13572] RSP: 002b:00007f355cdf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 576.100053][T13572] RAX: ffffffffffffffda RBX: 00007f355f1b5fa0 RCX: 00007f355ef8d33c [ 576.100072][T13572] RDX: 000000000000000f RSI: 00007f355cdf60a0 RDI: 0000000000000004 [ 576.100089][T13572] RBP: 00007f355cdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 576.100111][T13572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 576.100129][T13572] R13: 0000000000000000 R14: 00007f355f1b5fa0 R15: 00007ffdd68abc48 [ 576.100187][T13572] [ 576.291349][T13574] CPU: 1 UID: 0 PID: 13574 Comm: syz.3.1560 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 576.291390][T13574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 576.291409][T13574] Call Trace: [ 576.291418][T13574] [ 576.291428][T13574] dump_stack_lvl+0x16c/0x1f0 [ 576.291479][T13574] should_fail_ex+0x512/0x640 [ 576.291523][T13574] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 576.291573][T13574] should_failslab+0xc2/0x120 [ 576.291603][T13574] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 576.291651][T13574] ? __alloc_skb+0x2b2/0x380 [ 576.291699][T13574] __alloc_skb+0x2b2/0x380 [ 576.291741][T13574] ? __pfx___alloc_skb+0x10/0x10 [ 576.291781][T13574] ? __pfx_addr_doit+0x10/0x10 [ 576.291828][T13574] netlink_ack+0x15d/0xb80 [ 576.291878][T13574] netlink_rcv_skb+0x332/0x420 [ 576.291910][T13574] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 576.291941][T13574] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 576.291987][T13574] ? netlink_deliver_tap+0x1ae/0xd30 [ 576.292025][T13574] netlink_unicast+0x53d/0x7f0 [ 576.292060][T13574] ? __pfx_netlink_unicast+0x10/0x10 [ 576.292103][T13574] netlink_sendmsg+0x8d1/0xdd0 [ 576.292141][T13574] ? __pfx_netlink_sendmsg+0x10/0x10 [ 576.292188][T13574] ____sys_sendmsg+0xa95/0xc70 [ 576.292223][T13574] ? copy_msghdr_from_user+0x10a/0x160 [ 576.292269][T13574] ? __pfx_____sys_sendmsg+0x10/0x10 [ 576.292321][T13574] ___sys_sendmsg+0x134/0x1d0 [ 576.292369][T13574] ? __pfx____sys_sendmsg+0x10/0x10 [ 576.292416][T13574] ? __lock_acquire+0x622/0x1c90 [ 576.292502][T13574] __sys_sendmsg+0x16d/0x220 [ 576.292550][T13574] ? __pfx___sys_sendmsg+0x10/0x10 [ 576.292620][T13574] do_syscall_64+0xcd/0x490 [ 576.292679][T13574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.292706][T13574] RIP: 0033:0x7fa6fc38e929 [ 576.292729][T13574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.292756][T13574] RSP: 002b:00007fa6fd1f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 576.292782][T13574] RAX: ffffffffffffffda RBX: 00007fa6fc5b5fa0 RCX: 00007fa6fc38e929 [ 576.292799][T13574] RDX: 0000000000000000 RSI: 0000200000002cc0 RDI: 0000000000000003 [ 576.292814][T13574] RBP: 00007fa6fd1f0090 R08: 0000000000000000 R09: 0000000000000000 [ 576.292829][T13574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 576.292850][T13574] R13: 0000000000000000 R14: 00007fa6fc5b5fa0 R15: 00007ffd88c338e8 [ 576.292885][T13574] [ 576.963404][T13575] random: crng reseeded on system resumption [ 578.378260][T13594] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1564'. [ 581.522448][T13650] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1576'. [ 581.908053][T13652] Invalid ELF header magic: != ELF [ 581.962740][T13655] vivid-003: ================= START STATUS ================= [ 581.989009][T13655] vivid-003: Radio HW Seek Mode: Bounded [ 581.994877][T13655] vivid-003: Radio Programmable HW Seek: false [ 582.019655][T13655] vivid-003: RDS Rx I/O Mode: Block I/O [ 582.025362][T13655] vivid-003: Generate RBDS Instead of RDS: false [ 582.031884][T13655] vivid-003: RDS Reception: true [ 582.036922][T13655] vivid-003: RDS Program Type: 0 inactive [ 582.062037][T13655] vivid-003: RDS PS Name: inactive [ 582.067529][T13655] vivid-003: RDS Radio Text: inactive [ 582.079091][T13655] vivid-003: RDS Traffic Announcement: false inactive [ 582.085988][T13655] vivid-003: RDS Traffic Program: false inactive [ 582.119503][T13655] vivid-003: RDS Music: false inactive [ 582.125550][T13655] vivid-003: ================== END STATUS ================== [ 585.428078][T13711] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1590'. [ 586.513754][T13724] can: request_module (can-proto-3) failed. [ 586.764960][T13732] FAULT_INJECTION: forcing a failure. [ 586.764960][T13732] name failslab, interval 1, probability 0, space 0, times 0 [ 586.810502][T13732] CPU: 0 UID: 0 PID: 13732 Comm: syz.1.1595 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 586.810545][T13732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 586.810563][T13732] Call Trace: [ 586.810572][T13732] [ 586.810593][T13732] dump_stack_lvl+0x16c/0x1f0 [ 586.810643][T13732] should_fail_ex+0x512/0x640 [ 586.810688][T13732] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 586.810739][T13732] should_failslab+0xc2/0x120 [ 586.810769][T13732] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 586.810817][T13732] ? ptlock_alloc+0x1f/0x70 [ 586.810862][T13732] ptlock_alloc+0x1f/0x70 [ 586.810900][T13732] pte_alloc_one+0x82/0x3a0 [ 586.810928][T13732] __pte_alloc+0x6d/0x3c0 [ 586.810958][T13732] ? __pfx___pte_alloc+0x10/0x10 [ 586.810989][T13732] ? _raw_spin_unlock+0x28/0x50 [ 586.811028][T13732] ? __pmd_alloc+0x3fb/0x930 [ 586.811066][T13732] __handle_mm_fault+0x4358/0x5490 [ 586.811117][T13732] ? __pfx___handle_mm_fault+0x10/0x10 [ 586.811190][T13732] handle_mm_fault+0x589/0xd10 [ 586.811238][T13732] __get_user_pages+0x589/0x3b80 [ 586.811283][T13732] ? __pfx_mt_find+0x10/0x10 [ 586.811312][T13732] ? __pfx___get_user_pages+0x10/0x10 [ 586.811362][T13732] populate_vma_page_range+0x278/0x3a0 [ 586.811402][T13732] ? __pfx_populate_vma_page_range+0x10/0x10 [ 586.811439][T13732] ? __pfx_find_vma_intersection+0x10/0x10 [ 586.811477][T13732] ? do_mmap+0x69c/0x1210 [ 586.811532][T13732] __mm_populate+0x1d8/0x380 [ 586.811574][T13732] ? __pfx___mm_populate+0x10/0x10 [ 586.811625][T13732] ? up_write+0x1b2/0x520 [ 586.811679][T13732] vm_mmap_pgoff+0x362/0x450 [ 586.811718][T13732] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 586.811761][T13732] ? __x64_sys_futex+0x1e0/0x4c0 [ 586.811800][T13732] ? __x64_sys_futex+0x1e9/0x4c0 [ 586.811846][T13732] ksys_mmap_pgoff+0x7d/0x5c0 [ 586.811881][T13732] ? xfd_validate_state+0x61/0x180 [ 586.811922][T13732] ? __pfx_ksys_write+0x10/0x10 [ 586.811973][T13732] __x64_sys_mmap+0x125/0x190 [ 586.812023][T13732] do_syscall_64+0xcd/0x490 [ 586.812075][T13732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.812106][T13732] RIP: 0033:0x7fcbcb18e929 [ 586.812147][T13732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.812180][T13732] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 586.812210][T13732] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 586.812232][T13732] RDX: 00000000000000e2 RSI: 0000000000040009 RDI: 0000000000000000 [ 586.812251][T13732] RBP: 00007fcbcb210b39 R08: 0000000000000007 R09: 0000000000028000 [ 586.812271][T13732] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 586.812290][T13732] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 586.812332][T13732] [ 587.940905][T13746] can: request_module (can-proto-3) failed. [ 587.982258][T13752] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 589.099727][T13773] CIFS mount error: No usable UNC path provided in device string! [ 589.099727][T13773] [ 589.165229][T13773] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 591.496811][T13815] ubi0: attaching mtd0 [ 591.508423][T13815] ubi0: scanning is finished [ 591.567868][T13815] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 592.025291][T13815] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 598.924244][T13922] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1632'. [ 599.130681][T13932] random: crng reseeded on system resumption [ 599.183966][T13930] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 599.440263][T13946] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1639'. [ 599.460406][T13946] bond0: entered promiscuous mode [ 599.465547][T13946] bond_slave_0: entered promiscuous mode [ 599.471904][T13946] bond_slave_1: entered promiscuous mode [ 599.767302][T13938] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 601.335953][T13978] could not allocate digest TFM handle binfmt_misc [ 601.551328][T13991] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 602.739444][T14008] random: crng reseeded on system resumption                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    [ 688.098969][T15346] FAULT_INJECTION: forcing a failure. [ 688.098969][T15346] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.115027][T15346] CPU: 0 UID: 0 PID: 15346 Comm: syz.1.1958 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 688.115083][T15346] Tainted: [U]=USER [ 688.115094][T15346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 688.115114][T15346] Call Trace: [ 688.115124][T15346] [ 688.115137][T15346] dump_stack_lvl+0x16c/0x1f0 [ 688.115195][T15346] should_fail_ex+0x512/0x640 [ 688.115254][T15346] _copy_to_user+0x32/0xd0 [ 688.115289][T15346] copy_siginfo_to_user+0x27/0xc0 [ 688.115335][T15346] x64_setup_rt_frame+0x811/0xcf0 [ 688.115386][T15346] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 688.115427][T15346] ? find_held_lock+0x2b/0x80 [ 688.115472][T15346] arch_do_signal_or_restart+0x5b4/0x790 [ 688.115516][T15346] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 688.115568][T15346] ? ksys_read+0x1ac/0x250 [ 688.115618][T15346] ? __pfx_ksys_read+0x10/0x10 [ 688.115687][T15346] exit_to_user_mode_loop+0x84/0x110 [ 688.115747][T15346] do_syscall_64+0x3f6/0x490 [ 688.115804][T15346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.115838][T15346] RIP: 0033:0x7fcbcb18e927 [ 688.115865][T15346] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 688.115898][T15346] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 688.115933][T15346] RAX: 0000000000000000 RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 688.115955][T15346] RDX: 00000000000003ff RSI: 0000000000000000 RDI: 0000000000000004 [ 688.115973][T15346] RBP: 00007fcbcb210b39 R08: 0000000000000000 R09: 0000000000000000 [ 688.115993][T15346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 688.116012][T15346] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 688.116054][T15346] syzkaller syzkaller login: [ 688.723069][T15361] netlink: zone id is out of range [ 689.953109][T15375] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1963'. [ 690.564235][T15383] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 690.946657][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.953237][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.150994][T15391] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 691.936334][T15411] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1971'. [ 692.413336][ T51] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 694.591042][T15468] mkiss: ax0: crc mode is auto. [ 697.457728][T15518] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1996'. [ 697.513867][T15518] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 697.559448][T15519] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1995'. [ 697.566910][ T51] Bluetooth: hci3: Malformed HCI Event [ 699.660480][T15557] Invalid ELF header magic: != ELF [ 701.430022][T15577] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2008'. [ 702.028681][T15584] zswap: compressor 000 not available [ 702.249594][T15596] FAULT_INJECTION: forcing a failure. [ 702.249594][T15596] name failslab, interval 1, probability 0, space 0, times 0 [ 702.333987][T15596] CPU: 1 UID: 0 PID: 15596 Comm: syz.2.2013 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 702.334040][T15596] Tainted: [U]=USER [ 702.334050][T15596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 702.334069][T15596] Call Trace: [ 702.334080][T15596] [ 702.334092][T15596] dump_stack_lvl+0x16c/0x1f0 [ 702.334148][T15596] should_fail_ex+0x512/0x640 [ 702.334198][T15596] ? __kvmalloc_node_noprof+0x124/0x620 [ 702.334251][T15596] should_failslab+0xc2/0x120 [ 702.334285][T15596] __kvmalloc_node_noprof+0x137/0x620 [ 702.334341][T15596] ? __pfx___mutex_lock+0x10/0x10 [ 702.334390][T15596] ? traverse.part.0.constprop.0+0x392/0x640 [ 702.334445][T15596] ? traverse.part.0.constprop.0+0x392/0x640 [ 702.334489][T15596] traverse.part.0.constprop.0+0x392/0x640 [ 702.334548][T15596] seq_lseek+0x2bb/0x450 [ 702.334600][T15596] ksys_lseek+0xf3/0x1b0 [ 702.334647][T15596] do_syscall_64+0xcd/0x490 [ 702.334703][T15596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.334736][T15596] RIP: 0033:0x7f355ef8e929 [ 702.334761][T15596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.334792][T15596] RSP: 002b:00007f355cdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 702.334821][T15596] RAX: ffffffffffffffda RBX: 00007f355f1b5fa0 RCX: 00007f355ef8e929 [ 702.334843][T15596] RDX: 0000000000000001 RSI: 00000000000007ff RDI: 0000000000000003 [ 702.334862][T15596] RBP: 00007f355cdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 702.334882][T15596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 702.334901][T15596] R13: 0000000000000000 R14: 00007f355f1b5fa0 R15: 00007ffdd68abc48 [ 702.334942][T15596] [ 702.563588][T15591] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2011'. [ 704.979856][T15638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2021'. [ 705.554117][T15651] FAULT_INJECTION: forcing a failure. [ 705.554117][T15651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 705.608223][T15651] CPU: 0 UID: 0 PID: 15651 Comm: syz.2.2024 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 705.608272][T15651] Tainted: [U]=USER [ 705.608282][T15651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 705.608297][T15651] Call Trace: [ 705.608306][T15651] [ 705.608316][T15651] dump_stack_lvl+0x16c/0x1f0 [ 705.608366][T15651] should_fail_ex+0x512/0x640 [ 705.608416][T15651] _copy_to_user+0x32/0xd0 [ 705.608447][T15651] simple_read_from_buffer+0xcb/0x170 [ 705.608490][T15651] proc_fail_nth_read+0x197/0x270 [ 705.608529][T15651] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 705.608569][T15651] ? rw_verify_area+0xcf/0x680 [ 705.608608][T15651] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 705.608646][T15651] vfs_read+0x1e4/0xc60 [ 705.608694][T15651] ? __pfx___mutex_lock+0x10/0x10 [ 705.608740][T15651] ? __pfx_vfs_read+0x10/0x10 [ 705.608794][T15651] ? __fget_files+0x20e/0x3c0 [ 705.608849][T15651] ksys_read+0x12a/0x250 [ 705.608893][T15651] ? __pfx_ksys_read+0x10/0x10 [ 705.608949][T15651] do_syscall_64+0xcd/0x490 [ 705.608998][T15651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.609029][T15651] RIP: 0033:0x7f355ef8d33c [ 705.609058][T15651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 705.609087][T15651] RSP: 002b:00007f355cdf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 705.609113][T15651] RAX: ffffffffffffffda RBX: 00007f355f1b5fa0 RCX: 00007f355ef8d33c [ 705.609131][T15651] RDX: 000000000000000f RSI: 00007f355cdf60a0 RDI: 0000000000000004 [ 705.609148][T15651] RBP: 00007f355cdf6090 R08: 0000000000000000 R09: 0000000000000000 [ 705.609165][T15651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 705.609180][T15651] R13: 0000000000000000 R14: 00007f355f1b5fa0 R15: 00007ffdd68abc48 [ 705.609216][T15651] [ 707.302314][T15681] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2032'. [ 707.334916][T15680] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2032'. [ 712.660672][T15779] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 713.647199][T15806] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2059'. [ 713.743551][T15808] Invalid ELF header magic: != ELF [ 714.310186][T15823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2062'. [ 715.576378][T15850] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2069'. [ 715.728304][T15842] openvswitch: netlink: Key 2 has unexpected len 5408 expected 4 [ 716.287567][T15858] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2079'. [ 716.921113][T15873] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 716.975110][T15882] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2076'. [ 718.206717][T15886] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 718.851480][T15872] kexec: Could not allocate control_code_buffer [ 718.887159][T15897] ima: policy update failed [ 718.891988][ T30] audit: type=1802 audit(4294969574.365:75): pid=15897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2078" res=0 errno=0 [ 719.683141][T15916] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2085'. [ 719.884068][T15918] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2084'. [ 722.060790][T15954] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2094'. [ 722.201673][T15960] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2096'. [ 722.734598][T15969] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2097'. [ 722.910045][T15967] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2097'. [ 724.108437][T16008] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2106'. [ 724.475159][T16016] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2108'. [ 726.265092][T16061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2119'. [ 726.914830][T16086] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2125'. [ 727.756622][T16110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2131'. [ 734.158718][T16229] cgroup: fork rejected by pids controller in /syz2 [ 735.069950][T16280] input: f as /devices/virtual/input/input46 [ 736.032496][T16295] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2168'. [ 736.579858][T16310] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2179'. [ 736.906924][T16316] FAULT_INJECTION: forcing a failure. [ 736.906924][T16316] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 737.087257][T16316] CPU: 0 UID: 0 PID: 16316 Comm: syz.2.2176 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 737.087311][T16316] Tainted: [U]=USER [ 737.087321][T16316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 737.087339][T16316] Call Trace: [ 737.087350][T16316] [ 737.087361][T16316] dump_stack_lvl+0x16c/0x1f0 [ 737.087418][T16316] should_fail_ex+0x512/0x640 [ 737.087475][T16316] _copy_from_user+0x2e/0xd0 [ 737.087507][T16316] copy_msghdr_from_user+0x98/0x160 [ 737.087559][T16316] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 737.087619][T16316] ? __pfx__kstrtoull+0x10/0x10 [ 737.087668][T16316] ___sys_sendmsg+0xfe/0x1d0 [ 737.087723][T16316] ? __pfx____sys_sendmsg+0x10/0x10 [ 737.087793][T16316] ? find_held_lock+0x2b/0x80 [ 737.087856][T16316] __sys_sendmmsg+0x200/0x420 [ 737.087912][T16316] ? __pfx___sys_sendmmsg+0x10/0x10 [ 737.087977][T16316] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 737.088048][T16316] ? fput+0x70/0xf0 [ 737.088121][T16316] ? ksys_write+0x1ac/0x250 [ 737.088169][T16316] ? __pfx_ksys_write+0x10/0x10 [ 737.088309][T16316] __x64_sys_sendmmsg+0x9c/0x100 [ 737.088368][T16316] ? lockdep_hardirqs_on+0x7c/0x110 [ 737.088414][T16316] do_syscall_64+0xcd/0x490 [ 737.088466][T16316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.088498][T16316] RIP: 0033:0x7f355ef8e929 [ 737.088523][T16316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 737.088554][T16316] RSP: 002b:00007f355cdb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 737.088584][T16316] RAX: ffffffffffffffda RBX: 00007f355f1b6160 RCX: 00007f355ef8e929 [ 737.088605][T16316] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 737.088623][T16316] RBP: 00007f355cdb4090 R08: 0000000000000000 R09: 0000000000000000 [ 737.088641][T16316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 737.088658][T16316] R13: 0000000000000000 R14: 00007f355f1b6160 R15: 00007ffdd68abc48 [ 737.088698][T16316] [ 738.610749][T16351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2188'. [ 739.237329][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2191'. [ 739.259235][T16359] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2190'. [ 739.848625][T16378] FAULT_INJECTION: forcing a failure. [ 739.848625][T16378] name failslab, interval 1, probability 0, space 0, times 0 [ 739.910544][T16378] CPU: 0 UID: 0 PID: 16378 Comm: syz.3.2195 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 739.910594][T16378] Tainted: [U]=USER [ 739.910603][T16378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 739.910620][T16378] Call Trace: [ 739.910630][T16378] [ 739.910642][T16378] dump_stack_lvl+0x16c/0x1f0 [ 739.910696][T16378] should_fail_ex+0x512/0x640 [ 739.910744][T16378] ? fs_reclaim_acquire+0xae/0x150 [ 739.910789][T16378] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 739.910837][T16378] should_failslab+0xc2/0x120 [ 739.910871][T16378] __kmalloc_noprof+0xd2/0x510 [ 739.910943][T16378] tomoyo_realpath_from_path+0xc2/0x6e0 [ 739.910995][T16378] ? tomoyo_profile+0x47/0x60 [ 739.911033][T16378] tomoyo_path_number_perm+0x245/0x580 [ 739.911071][T16378] ? tomoyo_path_number_perm+0x237/0x580 [ 739.911115][T16378] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 739.911157][T16378] ? find_held_lock+0x2b/0x80 [ 739.911228][T16378] ? find_held_lock+0x2b/0x80 [ 739.911266][T16378] ? hook_file_ioctl_common+0x145/0x410 [ 739.911337][T16378] ? __fget_files+0x20e/0x3c0 [ 739.911392][T16378] security_file_ioctl+0x9b/0x240 [ 739.911436][T16378] __x64_sys_ioctl+0xb7/0x210 [ 739.911482][T16378] do_syscall_64+0xcd/0x490 [ 739.911537][T16378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.911570][T16378] RIP: 0033:0x7fa6fc38e929 [ 739.911595][T16378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 739.911627][T16378] RSP: 002b:00007fa6fd1f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 739.911669][T16378] RAX: ffffffffffffffda RBX: 00007fa6fc5b5fa0 RCX: 00007fa6fc38e929 [ 739.911690][T16378] RDX: 0000200000000040 RSI: 00000000c0305710 RDI: 0000000000000003 [ 739.911709][T16378] RBP: 00007fa6fd1f0090 R08: 0000000000000000 R09: 0000000000000000 [ 739.911727][T16378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 739.911746][T16378] R13: 0000000000000000 R14: 00007fa6fc5b5fa0 R15: 00007ffd88c338e8 [ 739.911789][T16378] [ 739.911800][T16378] ERROR: Out of memory at tomoyo_realpath_from_path. [ 740.853688][T16393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2199'. [ 742.082521][T16418] FAULT_INJECTION: forcing a failure. [ 742.082521][T16418] name failslab, interval 1, probability 0, space 0, times 0 [ 742.097385][T16418] CPU: 1 UID: 0 PID: 16418 Comm: syz.3.2207 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 742.097420][T16418] Tainted: [U]=USER [ 742.097426][T16418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 742.097438][T16418] Call Trace: [ 742.097445][T16418] [ 742.097452][T16418] dump_stack_lvl+0x16c/0x1f0 [ 742.097499][T16418] should_fail_ex+0x512/0x640 [ 742.097532][T16418] ? fs_reclaim_acquire+0xae/0x150 [ 742.097559][T16418] ? tomoyo_encode2+0x100/0x3e0 [ 742.097585][T16418] should_failslab+0xc2/0x120 [ 742.097604][T16418] __kmalloc_noprof+0xd2/0x510 [ 742.097634][T16418] ? d_absolute_path+0x136/0x1a0 [ 742.097659][T16418] tomoyo_encode2+0x100/0x3e0 [ 742.097689][T16418] tomoyo_encode+0x29/0x50 [ 742.097715][T16418] tomoyo_realpath_from_path+0x18f/0x6e0 [ 742.097750][T16418] tomoyo_path_number_perm+0x245/0x580 [ 742.097773][T16418] ? tomoyo_path_number_perm+0x237/0x580 [ 742.097798][T16418] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 742.097824][T16418] ? find_held_lock+0x2b/0x80 [ 742.097866][T16418] ? find_held_lock+0x2b/0x80 [ 742.097885][T16418] ? hook_file_ioctl_common+0x145/0x410 [ 742.097913][T16418] ? __fget_files+0x20e/0x3c0 [ 742.097945][T16418] security_file_ioctl+0x9b/0x240 [ 742.097970][T16418] __x64_sys_ioctl+0xb7/0x210 [ 742.097996][T16418] do_syscall_64+0xcd/0x490 [ 742.098028][T16418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.098048][T16418] RIP: 0033:0x7fa6fc38e929 [ 742.098063][T16418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 742.098084][T16418] RSP: 002b:00007fa6fd1f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 742.098104][T16418] RAX: ffffffffffffffda RBX: 00007fa6fc5b5fa0 RCX: 00007fa6fc38e929 [ 742.098117][T16418] RDX: 0000200000000040 RSI: 00000000c0305710 RDI: 0000000000000003 [ 742.098129][T16418] RBP: 00007fa6fd1f0090 R08: 0000000000000000 R09: 0000000000000000 [ 742.098141][T16418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 742.098152][T16418] R13: 0000000000000000 R14: 00007fa6fc5b5fa0 R15: 00007ffd88c338e8 [ 742.098177][T16418] [ 742.098680][T16418] ERROR: Out of memory at tomoyo_realpath_from_path. [ 743.001423][T16424] : entered promiscuous mode [ 743.007757][T16422] openvswitch: 0: Dropping previously announced user features [ 743.278675][T16436] FAULT_INJECTION: forcing a failure. [ 743.278675][T16436] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 743.390743][T16436] CPU: 1 UID: 0 PID: 16436 Comm: syz.0.2209 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 743.390796][T16436] Tainted: [U]=USER [ 743.390806][T16436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 743.390823][T16436] Call Trace: [ 743.390833][T16436] [ 743.390845][T16436] dump_stack_lvl+0x16c/0x1f0 [ 743.390912][T16436] should_fail_ex+0x512/0x640 [ 743.390967][T16436] _copy_to_user+0x32/0xd0 [ 743.391000][T16436] simple_read_from_buffer+0xcb/0x170 [ 743.391047][T16436] proc_fail_nth_read+0x197/0x270 [ 743.391087][T16436] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 743.391130][T16436] ? rw_verify_area+0xcf/0x680 [ 743.391172][T16436] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 743.391212][T16436] vfs_read+0x1e4/0xc60 [ 743.391264][T16436] ? __pfx___mutex_lock+0x10/0x10 [ 743.391313][T16436] ? __pfx_vfs_read+0x10/0x10 [ 743.391371][T16436] ? __fget_files+0x20e/0x3c0 [ 743.391439][T16436] ksys_read+0x12a/0x250 [ 743.391481][T16436] ? __pfx_ksys_read+0x10/0x10 [ 743.391537][T16436] do_syscall_64+0xcd/0x490 [ 743.391587][T16436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.391622][T16436] RIP: 0033:0x7f5329d8d33c [ 743.391645][T16436] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 743.391674][T16436] RSP: 002b:00007f532ab8a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 743.391701][T16436] RAX: ffffffffffffffda RBX: 00007f5329fb6160 RCX: 00007f5329d8d33c [ 743.391720][T16436] RDX: 000000000000000f RSI: 00007f532ab8a0a0 RDI: 0000000000000006 [ 743.391738][T16436] RBP: 00007f532ab8a090 R08: 0000000000000000 R09: 0000000000000000 [ 743.391756][T16436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 743.391774][T16436] R13: 0000000000000000 R14: 00007f5329fb6160 R15: 00007ffc9a05f128 [ 743.391813][T16436] [ 744.211836][T16446] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2213'. [ 745.528601][T16476] FAULT_INJECTION: forcing a failure. [ 745.528601][T16476] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 745.585606][T16476] CPU: 1 UID: 0 PID: 16476 Comm: syz.0.2217 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 745.585659][T16476] Tainted: [U]=USER [ 745.585669][T16476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 745.585691][T16476] Call Trace: [ 745.585701][T16476] [ 745.585713][T16476] dump_stack_lvl+0x16c/0x1f0 [ 745.585768][T16476] should_fail_ex+0x512/0x640 [ 745.585823][T16476] _copy_from_user+0x2e/0xd0 [ 745.585856][T16476] snd_rawmidi_ioctl+0x3a8/0x950 [ 745.585901][T16476] ? __pfx_snd_rawmidi_ioctl+0x10/0x10 [ 745.585960][T16476] ? __pfx_snd_rawmidi_ioctl+0x10/0x10 [ 745.586006][T16476] __x64_sys_ioctl+0x18b/0x210 [ 745.586051][T16476] do_syscall_64+0xcd/0x490 [ 745.586105][T16476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.586139][T16476] RIP: 0033:0x7f5329d8e929 [ 745.586164][T16476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.586196][T16476] RSP: 002b:00007f532abcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 745.586225][T16476] RAX: ffffffffffffffda RBX: 00007f5329fb5fa0 RCX: 00007f5329d8e929 [ 745.586246][T16476] RDX: 0000200000000040 RSI: 00000000c0305710 RDI: 0000000000000003 [ 745.586266][T16476] RBP: 00007f532abcc090 R08: 0000000000000000 R09: 0000000000000000 [ 745.586286][T16476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 745.586305][T16476] R13: 0000000000000000 R14: 00007f5329fb5fa0 R15: 00007ffc9a05f128 [ 745.586346][T16476] [ 746.074467][T16488] HfR: entered promiscuous mode [ 748.746804][T16546] FAULT_INJECTION: forcing a failure. [ 748.746804][T16546] name failslab, interval 1, probability 0, space 0, times 0 [ 748.759602][T16546] CPU: 0 UID: 0 PID: 16546 Comm: syz.1.2231 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 748.759640][T16546] Tainted: [U]=USER [ 748.759647][T16546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 748.759661][T16546] Call Trace: [ 748.759669][T16546] [ 748.759678][T16546] dump_stack_lvl+0x16c/0x1f0 [ 748.759718][T16546] should_fail_ex+0x512/0x640 [ 748.759754][T16546] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 748.759794][T16546] should_failslab+0xc2/0x120 [ 748.759819][T16546] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 748.759855][T16546] ? is_bad_inode+0xd/0x40 [ 748.759883][T16546] ? ima_d_path+0xbd/0x2a0 [ 748.759909][T16546] ima_d_path+0xbd/0x2a0 [ 748.759930][T16546] ? vfs_getxattr_alloc+0xec/0x340 [ 748.759963][T16546] ? __pfx_ima_d_path+0x10/0x10 [ 748.759991][T16546] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 748.760032][T16546] process_measurement+0x1d86/0x23e0 [ 748.760078][T16546] ? __pfx_process_measurement+0x10/0x10 [ 748.760118][T16546] ? alloc_empty_file+0x73/0x1e0 [ 748.760143][T16546] ? hugetlb_file_setup+0x4cd/0x620 [ 748.760179][T16546] ? ksys_mmap_pgoff+0x189/0x5c0 [ 748.760204][T16546] ? __x64_sys_mmap+0x125/0x190 [ 748.760278][T16546] ima_file_mmap+0x1b1/0x1d0 [ 748.760314][T16546] ? __pfx_ima_file_mmap+0x10/0x10 [ 748.760357][T16546] security_mmap_file+0x88c/0x990 [ 748.760391][T16546] vm_mmap_pgoff+0xec/0x450 [ 748.760418][T16546] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 748.760440][T16546] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 748.760468][T16546] ? hugetlbfs_get_inode+0x31f/0x730 [ 748.760501][T16546] ksys_mmap_pgoff+0x1c8/0x5c0 [ 748.760532][T16546] __x64_sys_mmap+0x125/0x190 [ 748.760568][T16546] do_syscall_64+0xcd/0x490 [ 748.760606][T16546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.760629][T16546] RIP: 0033:0x7fcbcb18e929 [ 748.760647][T16546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.760670][T16546] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 748.760691][T16546] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 748.760706][T16546] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 748.760720][T16546] RBP: 00007fcbcb210b39 R08: 0000000000000401 R09: 0000300000000000 [ 748.760734][T16546] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 748.760747][T16546] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 748.760776][T16546] [ 749.534313][ T51] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 750.876437][T16587] input: f as /devices/virtual/input/input47 [ 751.611466][T16602] FAULT_INJECTION: forcing a failure. [ 751.611466][T16602] name failslab, interval 1, probability 0, space 0, times 0 [ 751.690479][T16602] CPU: 1 UID: 0 PID: 16602 Comm: syz.1.2246 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 751.690535][T16602] Tainted: [U]=USER [ 751.690546][T16602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 751.690564][T16602] Call Trace: [ 751.690575][T16602] [ 751.690587][T16602] dump_stack_lvl+0x16c/0x1f0 [ 751.690651][T16602] should_fail_ex+0x512/0x640 [ 751.690700][T16602] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 751.690763][T16602] should_failslab+0xc2/0x120 [ 751.690798][T16602] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 751.690855][T16602] ? __addrconf_sysctl_register+0xbb/0x360 [ 751.690917][T16602] kmemdup_noprof+0x29/0x60 [ 751.690969][T16602] __addrconf_sysctl_register+0xbb/0x360 [ 751.691029][T16602] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 751.691083][T16602] ? trace_kmalloc+0x2b/0xd0 [ 751.691121][T16602] ? addrconf_init_net+0x1e9/0x8f0 [ 751.691155][T16602] ? __asan_memcpy+0x3c/0x60 [ 751.691206][T16602] addrconf_init_net+0x513/0x8f0 [ 751.691241][T16602] ? __pfx_addrconf_init_net+0x10/0x10 [ 751.691272][T16602] ops_init+0x1e2/0x5f0 [ 751.691307][T16602] setup_net+0x1ff/0x510 [ 751.691336][T16602] ? lockdep_init_map_type+0x5c/0x280 [ 751.691384][T16602] ? __pfx_setup_net+0x10/0x10 [ 751.691418][T16602] ? debug_mutex_init+0x37/0x70 [ 751.691457][T16602] copy_net_ns+0x2a6/0x5f0 [ 751.691499][T16602] create_new_namespaces+0x3ea/0xa90 [ 751.691548][T16602] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 751.691611][T16602] ksys_unshare+0x45b/0xa40 [ 751.691671][T16602] ? __pfx_ksys_unshare+0x10/0x10 [ 751.691721][T16602] ? xfd_validate_state+0x61/0x180 [ 751.691782][T16602] __x64_sys_unshare+0x31/0x40 [ 751.691830][T16602] do_syscall_64+0xcd/0x490 [ 751.691893][T16602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.691929][T16602] RIP: 0033:0x7fcbcb18e929 [ 751.691956][T16602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 751.691990][T16602] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 751.692023][T16602] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 751.692045][T16602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 751.692065][T16602] RBP: 00007fcbcb210b39 R08: 0000000000000000 R09: 0000000000000000 [ 751.692084][T16602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.692104][T16602] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 751.692146][T16602] [ 752.071779][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.079433][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.331499][T16625] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2251'. [ 753.666496][T16634] nvme_fabrics: missing parameter 'transport=%s' [ 753.706542][T16634] nvme_fabrics: missing parameter 'nqn=%s' [ 753.858468][T16643] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2254'. [ 755.980729][T16674] random: crng reseeded on system resumption [ 756.356357][T16681] FAULT_INJECTION: forcing a failure. [ 756.356357][T16681] name failslab, interval 1, probability 0, space 0, times 0 [ 756.406331][T16681] CPU: 0 UID: 0 PID: 16681 Comm: syz.1.2263 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 756.406398][T16681] Tainted: [U]=USER [ 756.406409][T16681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 756.406428][T16681] Call Trace: [ 756.406438][T16681] [ 756.406450][T16681] dump_stack_lvl+0x16c/0x1f0 [ 756.406533][T16681] should_fail_ex+0x512/0x640 [ 756.406580][T16681] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 756.406633][T16681] should_failslab+0xc2/0x120 [ 756.406665][T16681] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 756.406715][T16681] ? mas_alloc_nodes+0x18b/0x8b0 [ 756.406764][T16681] mas_alloc_nodes+0x18b/0x8b0 [ 756.406815][T16681] mas_node_count_gfp+0x105/0x130 [ 756.406862][T16681] mas_preallocate+0x7e0/0xde0 [ 756.406893][T16681] ? __memcg_slab_post_alloc_hook+0x422/0x960 [ 756.406936][T16681] ? __pfx_mas_preallocate+0x10/0x10 [ 756.406982][T16681] ? anon_vma_name+0x75/0x100 [ 756.407022][T16681] __split_vma+0x34a/0x1070 [ 756.407071][T16681] ? __pfx___split_vma+0x10/0x10 [ 756.407113][T16681] ? mas_next_slot+0x12d3/0x21b0 [ 756.407163][T16681] vms_gather_munmap_vmas+0x392/0x1310 [ 756.407218][T16681] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 756.407271][T16681] ? mas_walk+0x6a6/0x910 [ 756.407328][T16681] __mmap_region+0x3c7/0x25e0 [ 756.407382][T16681] ? __pfx___mmap_region+0x10/0x10 [ 756.407441][T16681] ? is_bpf_text_address+0x94/0x1a0 [ 756.407493][T16681] ? kernel_text_address+0x8d/0x100 [ 756.407522][T16681] ? __kernel_text_address+0xd/0x40 [ 756.407550][T16681] ? unwind_get_return_address+0x59/0xa0 [ 756.407599][T16681] ? arch_stack_walk+0xa6/0x100 [ 756.407644][T16681] ? stack_trace_save+0x8e/0xc0 [ 756.407680][T16681] ? __pfx_stack_trace_save+0x10/0x10 [ 756.407716][T16681] ? stack_depot_save_flags+0x28/0xa40 [ 756.407812][T16681] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 756.407864][T16681] mmap_region+0x32b/0x3f0 [ 756.407899][T16681] do_mmap+0xa3e/0x1210 [ 756.407943][T16681] ? __pfx_do_mmap+0x10/0x10 [ 756.407981][T16681] ? __pfx_down_write_killable+0x10/0x10 [ 756.408022][T16681] vm_mmap_pgoff+0x281/0x450 [ 756.408063][T16681] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 756.408093][T16681] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 756.408131][T16681] ? hugetlbfs_get_inode+0x31f/0x730 [ 756.408193][T16681] ksys_mmap_pgoff+0x1c8/0x5c0 [ 756.408269][T16681] __x64_sys_mmap+0x125/0x190 [ 756.408326][T16681] do_syscall_64+0xcd/0x490 [ 756.408385][T16681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.408420][T16681] RIP: 0033:0x7fcbcb18e929 [ 756.408447][T16681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 756.408486][T16681] RSP: 002b:00007fcbcbff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 756.408517][T16681] RAX: ffffffffffffffda RBX: 00007fcbcb3b5fa0 RCX: 00007fcbcb18e929 [ 756.408539][T16681] RDX: 0000000000000401 RSI: 0000000000a00006 RDI: 0000000000c00000 [ 756.408561][T16681] RBP: 00007fcbcb210b39 R08: 0000000000000602 R09: 0000300000000000 [ 756.408584][T16681] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 756.408605][T16681] R13: 0000000000000000 R14: 00007fcbcb3b5fa0 R15: 00007ffd018ba238 [ 756.408648][T16681] [ 757.779183][T16708] netlink: 206 bytes leftover after parsing attributes in process `syz.2.2268'. [ 759.608447][T16737] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 760.219741][T16740] Invalid ELF header magic: != ELF [ 763.414831][T16814] Invalid ELF header magic: != ELF [ 769.625640][T16899] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 770.122162][T16909] random: crng reseeded on system resumption [ 770.704109][T16916] vivid-003: ================= START STATUS ================= [ 770.800965][T16916] vivid-003: Radio HW Seek Mode: Bounded [ 770.806712][T16916] vivid-003: Radio Programmable HW Seek: false [ 770.887412][T16916] vivid-003: RDS Rx I/O Mode: Block I/O [ 770.929544][T16916] vivid-003: Generate RBDS Instead of RDS: false [ 770.935986][T16916] vivid-003: RDS Reception: true [ 771.007358][T16916] vivid-003: RDS Program Type: 0 inactive [ 771.033051][T16916] vivid-003: RDS PS Name: inactive [ 771.072601][T16916] vivid-003: RDS Radio Text: inactive [ 771.082762][T16924] kafs: addr_prefs: Too many elements in string [ 771.124913][T16916] vivid-003: RDS Traffic Announcement: false inactive [ 771.165291][T16916] vivid-003: RDS Traffic Program: false inactive [ 771.200208][T16916] vivid-003: RDS Music: false inactive [ 771.224460][T16916] vivid-003: ================== END STATUS ================== [ 771.256750][T16929] lo: entered allmulticast mode [ 771.289026][T16929] lo: left allmulticast mode [ 773.655632][T16994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2336'. [ 775.200032][T17004] ------------[ cut here ]------------ [ 775.206102][T17004] ODEBUG: free active (active state 0) object: ffff88803413d318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 775.280499][T17014] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 775.289823][T17004] WARNING: CPU: 1 PID: 17004 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 775.299687][T17004] Modules linked in: [ 775.303609][T17004] CPU: 1 UID: 7 PID: 17004 Comm: syz.0.2340 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 775.317330][T17004] Tainted: [U]=USER [ 775.321530][T17004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 775.331644][T17004] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 775.337529][T17004] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 82 15 8c 4c 89 e6 48 c7 c7 40 77 15 8c e8 2f 2e 9c fc 90 <0f> 0b 90 90 58 83 05 f6 4e cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 775.357414][T17004] RSP: 0018:ffffc90019b67768 EFLAGS: 00010286 [ 775.363498][T17004] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1f8 [ 775.371516][T17004] RDX: ffff888028afda00 RSI: ffffffff817aa205 RDI: 0000000000000001 [ 775.379545][T17004] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 775.387705][T17004] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157de0 [ 775.395798][T17004] R13: ffffffff8bafe840 R14: ffffffff8a8fdbe0 R15: ffffc90019b67868 [ 775.404070][T17004] FS: 0000000000000000(0000) GS:ffff888124822000(0000) knlGS:0000000000000000 [ 775.413061][T17004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 775.419731][T17004] CR2: 00007f9abe9f6d00 CR3: 0000000077aea000 CR4: 00000000003526f0 [ 775.427944][T17014] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 775.430595][T17014] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 775.435057][T17004] Call Trace: [ 775.445433][T17004] [ 775.445596][T17014] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 775.448428][T17004] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 775.448487][T17004] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 775.457514][T17014] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 775.460977][T17004] debug_check_no_obj_freed+0x4b7/0x600 [ 775.479581][T17004] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 775.485718][T17004] ? rcu_is_watching+0x12/0xc0 [ 775.490757][T17004] ? kmem_cache_free+0x2d1/0x4d0 [ 775.495787][T17004] kfree+0x28f/0x4d0 [ 775.499775][T17004] ? hci_release_dev+0x4d8/0x600 [ 775.504750][T17004] hci_release_dev+0x4d8/0x600 [ 775.509605][T17004] ? __pfx_hci_release_dev+0x10/0x10 [ 775.514968][T17004] ? rcu_is_watching+0x12/0xc0 [ 775.519941][T17004] ? kfree+0x24f/0x4d0 [ 775.524091][T17004] bt_host_release+0x6a/0xb0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 775.529113][T17004] ? __pfx_bt_host_release+0x10/0x10 [ 775.534457][T17004] device_release+0xa4/0x240 [ 775.539174][T17004] kobject_put+0x1e7/0x5a0 [ 775.543644][T17004] ? __pfx_vhci_release+0x10/0x10 [ 775.548797][T17004] put_device+0x1f/0x30 [ 775.553023][T17004] vhci_release+0x81/0xf0 [ 775.557545][T17004] __fput+0x3ff/0xb70 [ 775.561597][T17004] task_work_run+0x14d/0x240 [ 775.566300][T17004] ? __pfx_task_work_run+0x10/0x10 [ 775.571483][T17004] do_exit+0x86c/0x2bd0 [ 775.575778][T17004] ? rcu_is_watching+0x12/0xc0 [ 775.580609][T17004] ? __pfx_do_exit+0x10/0x10 [ 775.585287][T17004] ? do_raw_spin_lock+0x12c/0x2b0 [ 775.590487][T17004] ? find_held_lock+0x2b/0x80 [ 775.595269][T17004] do_group_exit+0xd3/0x2a0 [ 775.599946][T17004] get_signal+0x2673/0x26d0 [ 775.604618][T17004] ? __hrtimer_setup+0x176/0x280 [ 775.609743][T17004] ? hrtimer_nanosleep+0x187/0x380 [ 775.615022][T17004] ? __pfx_get_signal+0x10/0x10 [ 775.620008][T17004] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 775.625387][T17004] arch_do_signal_or_restart+0x8f/0x790 [ 775.631439][T17004] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 775.637862][T17004] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 775.644102][T17004] exit_to_user_mode_loop+0x84/0x110 [ 775.649534][T17004] do_syscall_64+0x3f6/0x490 [ 775.654209][T17004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.660212][T17004] RIP: 0033:0x7f5329dc11e5 [ 775.664683][T17004] Code: Unable to access opcode bytes at 0x7f5329dc11bb. [ 775.671779][T17004] RSP: 002b:00007f532abcbea0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 775.680304][T17004] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007f5329dc11e5 [ 775.688464][T17004] RDX: 00007f532abcbee0 RSI: 0000000000000000 RDI: 0000000000000000 [ 775.696593][T17004] RBP: 00007f5329e10b39 R08: 0000000000000000 R09: 0000000000000058 [ 775.704622][T17004] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 775.712707][T17004] R13: 0000000000000000 R14: 00007f5329fb5fa0 R15: 00007ffc9a05f128 [ 775.720830][T17004] [ 775.723905][T17004] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 775.731671][T17004] CPU: 1 UID: 7 PID: 17004 Comm: syz.0.2340 Tainted: G U 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) [ 775.745365][T17004] Tainted: [U]=USER [ 775.749201][T17004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 775.759307][T17004] Call Trace: [ 775.762627][T17004] [ 775.765597][T17004] dump_stack_lvl+0x3d/0x1f0 [ 775.770261][T17004] panic+0x71c/0x800 [ 775.774225][T17004] ? __pfx_panic+0x10/0x10 [ 775.778711][T17004] ? show_trace_log_lvl+0x29b/0x3e0 [ 775.783992][T17004] ? check_panic_on_warn+0x1f/0xb0 [ 775.789172][T17004] ? debug_print_object+0x1a2/0x2b0 [ 775.794433][T17004] check_panic_on_warn+0xab/0xb0 [ 775.799457][T17004] __warn+0xf6/0x3c0 [ 775.803427][T17004] ? debug_print_object+0x1a2/0x2b0 [ 775.808687][T17004] report_bug+0x3c3/0x580 [ 775.813082][T17004] ? debug_print_object+0x1a2/0x2b0 [ 775.818428][T17004] handle_bug+0x184/0x210 [ 775.822829][T17004] exc_invalid_op+0x17/0x50 [ 775.827387][T17004] asm_exc_invalid_op+0x1a/0x20 [ 775.832290][T17004] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 775.838161][T17004] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 82 15 8c 4c 89 e6 48 c7 c7 40 77 15 8c e8 2f 2e 9c fc 90 <0f> 0b 90 90 58 83 05 f6 4e cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 775.857830][T17004] RSP: 0018:ffffc90019b67768 EFLAGS: 00010286 [ 775.863957][T17004] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa1f8 [ 775.871985][T17004] RDX: ffff888028afda00 RSI: ffffffff817aa205 RDI: 0000000000000001 [ 775.880006][T17004] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 775.888012][T17004] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157de0 [ 775.896006][T17004] R13: ffffffff8bafe840 R14: ffffffff8a8fdbe0 R15: ffffc90019b67868 [ 775.904011][T17004] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 775.909543][T17004] ? __warn_printk+0x198/0x350 [ 775.914380][T17004] ? __warn_printk+0x1a5/0x350 [ 775.919202][T17004] ? debug_print_object+0x1a1/0x2b0 [ 775.924424][T17004] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 775.929933][T17004] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 775.935788][T17004] debug_check_no_obj_freed+0x4b7/0x600 [ 775.941406][T17004] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 775.947527][T17004] ? rcu_is_watching+0x12/0xc0 [ 775.952329][T17004] ? kmem_cache_free+0x2d1/0x4d0 [ 775.957322][T17004] kfree+0x28f/0x4d0 [ 775.961251][T17004] ? hci_release_dev+0x4d8/0x600 [ 775.966231][T17004] hci_release_dev+0x4d8/0x600 [ 775.971030][T17004] ? __pfx_hci_release_dev+0x10/0x10 [ 775.976346][T17004] ? rcu_is_watching+0x12/0xc0 [ 775.981144][T17004] ? kfree+0x24f/0x4d0 [ 775.985259][T17004] bt_host_release+0x6a/0xb0 [ 775.989879][T17004] ? __pfx_bt_host_release+0x10/0x10 [ 775.995186][T17004] device_release+0xa4/0x240 [ 775.999819][T17004] kobject_put+0x1e7/0x5a0 [ 776.004256][T17004] ? __pfx_vhci_release+0x10/0x10 [ 776.009313][T17004] put_device+0x1f/0x30 [ 776.013500][T17004] vhci_release+0x81/0xf0 [ 776.017859][T17004] __fput+0x3ff/0xb70 [ 776.021883][T17004] task_work_run+0x14d/0x240 [ 776.026527][T17004] ? __pfx_task_work_run+0x10/0x10 [ 776.031685][T17004] do_exit+0x86c/0x2bd0 [ 776.035883][T17004] ? rcu_is_watching+0x12/0xc0 [ 776.040686][T17004] ? __pfx_do_exit+0x10/0x10 [ 776.045322][T17004] ? do_raw_spin_lock+0x12c/0x2b0 [ 776.050385][T17004] ? find_held_lock+0x2b/0x80 [ 776.055089][T17004] do_group_exit+0xd3/0x2a0 [ 776.059651][T17004] get_signal+0x2673/0x26d0 [ 776.064204][T17004] ? __hrtimer_setup+0x176/0x280 [ 776.069186][T17004] ? hrtimer_nanosleep+0x187/0x380 [ 776.074319][T17004] ? __pfx_get_signal+0x10/0x10 [ 776.079202][T17004] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 776.084445][T17004] arch_do_signal_or_restart+0x8f/0x790 [ 776.090028][T17004] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 776.096222][T17004] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 776.102404][T17004] exit_to_user_mode_loop+0x84/0x110 [ 776.107740][T17004] do_syscall_64+0x3f6/0x490 [ 776.112371][T17004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 776.118288][T17004] RIP: 0033:0x7f5329dc11e5 [ 776.122727][T17004] Code: Unable to access opcode bytes at 0x7f5329dc11bb. [ 776.129813][T17004] RSP: 002b:00007f532abcbea0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 776.138344][T17004] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007f5329dc11e5 [ 776.146336][T17004] RDX: 00007f532abcbee0 RSI: 0000000000000000 RDI: 0000000000000000 [ 776.154342][T17004] RBP: 00007f5329e10b39 R08: 0000000000000000 R09: 0000000000000058 [ 776.162329][T17004] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 776.170313][T17004] R13: 0000000000000000 R14: 00007f5329fb5fa0 R15: 00007ffc9a05f128 [ 776.178333][T17004] [ 776.181735][T17004] Kernel Offset: disabled [ 776.186077][T17004] Rebooting in 86400 seconds..