last executing test programs: 10m20.594991349s ago: executing program 2 (id=966): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x400000000000401, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r1, 0x0) symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00') rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') 10m20.511399657s ago: executing program 2 (id=967): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) write$auto(0x3, 0x0, 0x3f00) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60642, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r1, 0x28000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 10m20.36473538s ago: executing program 2 (id=970): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x43, 0x6, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x200, 0x6, 0x10003, 0x83, 0x4000000004, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84}, 0x1fe, 0xd) unshare$auto(0x40000080) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001040)={0x2c, r0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20008800) 10m19.887139451s ago: executing program 2 (id=978): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(r1, 0xae41, r0) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x9, 0x0, [{0x580, 0x400, 0x4}]}) 10m19.099709714s ago: executing program 2 (id=987): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 10m18.99236594s ago: executing program 2 (id=988): capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) fanotify_init$auto(0x5, 0x2000000000002) ioctl$auto(0xffffffffffffffff, 0x40246f4c, 0x38) prctl$auto(0x23, 0x4, 0x7fffffffefff, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio1\x00', 0x10dc00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) dup3$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x101) write$auto(0x3, 0x0, 0x81) 10m3.646932169s ago: executing program 32 (id=988): capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) fanotify_init$auto(0x5, 0x2000000000002) ioctl$auto(0xffffffffffffffff, 0x40246f4c, 0x38) prctl$auto(0x23, 0x4, 0x7fffffffefff, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio1\x00', 0x10dc00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) dup3$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x101) write$auto(0x3, 0x0, 0x81) 7m20.591839504s ago: executing program 0 (id=1811): syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) memfd_secret$auto(0x0) ftruncate$auto(0x3, 0x700) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = prctl$auto_PR_SYS_DISPATCH_ON(0x8, 0x1, 0x0, 0x9, 0x401) read$auto_ext4_dir_operations_ext4(r1, &(0x7f0000000080)=""/4096, 0x1000) ioctl$auto_TUNSETNOCSUM(r1, 0x400454c8, &(0x7f0000000100)=0x6) setsockopt$auto(0xffffffffffffffff, 0x107, 0xe, 0x0, 0x4) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) write$auto(r2, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0) 7m18.885713467s ago: executing program 0 (id=1809): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) fstat$auto(0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x149443, 0x0) socket(0x22, 0x2, 0x3) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x105842, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4080aea2, 0x0) 7m16.551530037s ago: executing program 0 (id=1827): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x4, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x28, 0x1, 0x0) socket(0x1, 0x1, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x22042, 0x45) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x0, &(0x7f0000000080)={0x0, 0x60}, 0x3) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) close_range$auto(0x2, 0x8, 0x0) 7m15.778070223s ago: executing program 0 (id=1822): mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) splice$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x5, 0x1) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x46) ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20051040}, 0x82) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 7m15.237712381s ago: executing program 0 (id=1823): sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00)) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) 7m10.600247827s ago: executing program 0 (id=1842): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyq5\x00', 0xa40, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x1000000000007fff, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) 6m55.373334391s ago: executing program 33 (id=1842): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyq5\x00', 0xa40, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x1000000000007fff, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) 14.068411599s ago: executing program 5 (id=3181): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r0, 0x0) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) mlock$auto(0x81, 0xffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, 0x0) write$auto(r2, 0x0, 0x6) syslog$auto(0x3, 0x0, 0x5) unshare$auto(0x40000080) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000300), 0x41, 0x0) 12.209358234s ago: executing program 5 (id=3189): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x2, 0x5, 0x0) bpf$auto(0x0, 0x0, 0xa3) socket(0x2, 0x801, 0x100) socket(0x25, 0x1, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) setreuid$auto(0xffffffffffffffff, 0x8) r1 = pidfd_open$auto(0x1, 0x0) setns(r1, 0x20000) getpid() prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0xe4, 0x95f4da0a, 0xfffffffffff7ffff, 0x3, 0x62, 0x80000001, 0xa, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948d, 0x3, 0x15f4da0a, 0x4, 0xffffffffffffff3f, 0x100, 0x8000001f, 0x29, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0) 10.501036844s ago: executing program 5 (id=3193): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x80502, 0x0) sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000003180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x4, 0x0, 0x9, 0x15, 0xffffffffffffffff, 0xce9) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x4, 0x2, 0x10, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 7.142102214s ago: executing program 5 (id=3198): mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x200000000002d57, 0xeb1, 0xffffffffffffffff, 0x8000) mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) io_uring_setup$auto(0x1, 0x0) uname$auto(0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0) write$auto(r0, 0x0, 0x3) 7.141781701s ago: executing program 4 (id=3200): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x2584, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0x2, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x76, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) sysfs$auto(0x2, 0x11, 0x0) r1 = fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) setsockopt$auto(0x3, 0x10e, 0x2, 0x0, 0x7) sendmsg$auto_NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, 0x0, 0x40400d4) wait4$auto(0xffffffffffffffff, 0x0, 0x800000, &(0x7f0000000140)={{0x2, 0xfffffffffffff001}, {0x100000001, 0x80000000}, 0x9c2, 0x2, 0x7, 0xfffffffffffffc9f, 0x800, 0x7, 0x7, 0x9, 0xd, 0x80, 0x10001, 0x1, 0x8, 0xd}) fspick$auto(r1, &(0x7f0000000200)='./file0\x00', 0xd) semctl$auto_GETPID(0x0, 0x3, 0xb, 0x9) ioctl$auto_XFS_IOC_FREESP64(r1, 0x40305825, 0x0) 7.048754107s ago: executing program 3 (id=3201): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_last_time_ms\x00', 0x2240, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/105, 0x69) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40000) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000100)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xf}, 0x6, 0x0) getsid$auto(r2) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x1, 0x1007181, 0x8a0d, 0x4, 0x7, 0x7, 0x89, 0x26, 0x4, 0x200000000000, 0xfffffffffffff343, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x0, 0xfffffffffffffffe, 0x6, 0x401, 0x22000, 0x9, 0xfffffffc, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xe]}, 0x9, 0xd) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) r4 = socket(0x2c, 0x3, 0x0) getsockopt$auto_SO_DEBUG(r4, 0x4, 0x1, 0x0, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd04, &(0x7f00000001c0)) socket(0x2b, 0x1, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mlockall$auto(0x7) removexattrat$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000000c0)='\x00') 6.888037265s ago: executing program 4 (id=3202): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x1a680, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x29) mmap$auto(0xc, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="0100000000ba08eaca", @ANYRES16=r2, @ANYRESHEX=0x0], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose1/statistics/rx_missed_errors\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/44, 0x2c) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x541c, r4) 6.579489634s ago: executing program 3 (id=3204): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x161342, 0x100) socket$nl_generic(0x10, 0x3, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 6.54653642s ago: executing program 4 (id=3205): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) unshare$auto(0x40000080) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)="b2", 0x1) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r3, 0x0, 0x1) 6.174997286s ago: executing program 3 (id=3206): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x5014c0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0xffffffffffffffff, 0x2007f) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) write$auto_mousedev_fops_mousedev(r1, 0x0, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsu\x00', 0x108002, 0x0) r2 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_NVRAM_INIT(r2, 0x7040, 0x0) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x2000, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000002180), 0x100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) setgroups$auto(0xe32, 0x0) 5.811514791s ago: executing program 5 (id=3207): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) madvise$auto(0x1d7, 0x8, 0x7fff) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x3, 0x7fff, 0x9) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) setsockopt$auto_SO_BUSY_POLL_BUDGET(0xffffffffffffffff, 0x3, 0x46, &(0x7f0000000200)='})*($$\x00', 0x9) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r1, 0x401870c8, r0) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x0, 0x0, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_KEY_SEQ={0x7, 0xa, "107c4c"}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x3}, @NL80211_ATTR_WIPHY_NAME={0x5, 0x2, '\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 4.957413824s ago: executing program 4 (id=3209): close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) msgctl$auto_MSG_STAT(0xbf, 0xb, &(0x7f0000000180)={{0x922, 0xee01, 0xffffffffffffffff, 0x4, 0x6, 0xff, 0x3}, 0x0, 0x0, 0x80000000, 0x9, 0x80000001, 0x8000000000000000, 0x3, 0x2, 0xc, 0x0, @raw=0x3, @inferred=0xffffffffffffffff}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x8080) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3.147568698s ago: executing program 1 (id=3210): socket(0x1d, 0x2, 0x6) socket(0x2, 0x1, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) 3.145764227s ago: executing program 3 (id=3211): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0xc200, 0x0) write$auto_def_blk_fops_fs(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x15, 0x5, 0x0) r1 = getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0) linkat$auto(r1, &(0x7f0000000180)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0xe28a) unshare$auto(0x40000080) mmap$auto(0x0, 0x8, 0x1000e2, 0xeb1, 0x405, 0x100008000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0x298, r3, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x5}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_TX_RATES={0x252, 0x5a, 0x0, 0x1, [@nested={0x68, 0x4d, 0x0, 0x1, [@typed={0x8, 0xd9, 0x0, 0x0, @fd}, @generic="25f46400e9801b908e0ebfcf0840ffab99e400ff1dccccbc3f1faaa2d14ced3bd89df02e5750da66020ff70ae6701b75b37a0dd16bea520d3875b786f9cfbf9ad5ccf1a895eaa28d7c3878d0ae216b5553f99d18", @nested={0x4, 0x112}, @nested={0x4, 0x3a}]}, @nested={0x198, 0xc5, 0x0, 0x1, [@generic="0f0c1ace004e0d43f4d22628667d9a8403f1359451c130d82bc571815ddc6c32814e0a9552a67a27971bc182586b56e9e7c4e1ca8b3edeee6ceea2d69c179de260b0905ceb9337a64fbf64c2e8942e73c02e76b0c1991902e1ffd6109c9523bfaf3722d7efd5b00d7704dcebccd919609ebc7b4fb0c59bf94463ad7146b1cbd498cc955807ce66bcfc7efb6adff89f0bec8531e395f6d6206da6bcc9620d4946761142f5c3b97ec05834273b1576a9d8a24453df3b33fdc7de350210a7f5d9fb0bf8cf5cc03dcafcbc6b346ef7bd46d4c46fd682530ddb991b894aad18f0aea2699fcddae08a60", @typed={0x6, 0xce, 0x0, 0x0, @str='#\x00'}, @typed={0xc, 0x6b, 0x0, 0x0, @u64=0x6}, @nested={0x4, 0x10d}, @generic="a054c3842a3b9f859df3864916ad64b8f6e998cec9ce1903a7fda98543c54acacc4cc5123d45e6d1014f69335796b4a5ae9efc14fa56a0748d478edb343a1315182d41876e836690e18428a2314a03971753d2d5e57f131a157a9ecbca9312ff4f26cb821f2f06e3662b075f2321eb854640773061576a135328fc7d7ba25b7590f46204db885c3543583d626b", @typed={0x8, 0x56, 0x0, 0x0, @u32}]}, @typed={0x8, 0xa1, 0x0, 0x0, @u32=0x7}, @generic="60600624bf038e63d40f8eb31a1c546a52eaf1791895cae654f75cb5ab17596de8f9efa21439b1dae0a72cf794a3f0529fb8053980268237b18e4d7ddeea318f0c9a79a9eb60"]}, @NL80211_ATTR_FILS_KEK={0x6, 0xf2, "d3ef"}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x10000}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x6}]}, 0x298}, 0x1, 0x0, 0x0, 0x4008084}, 0x4080) r4 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r4, 0x0, 0x80, 0x0, &(0x7f0000000040)=0x5) 2.976941859s ago: executing program 4 (id=3212): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/teql0/queues/tx-0/byte_queue_limits/limit_min\x00', 0x88282, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r1 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) getsockopt$auto_SO_MEMINFO(r1, 0x8, 0x37, 0x0, &(0x7f00000000c0)=0x6) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_delete$auto(0x1) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) 2.884833356s ago: executing program 1 (id=3213): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, 0x0, 0xc800) socket(0xa, 0x1, 0x100) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x8) select$auto(0x1, 0x0, 0x0, 0x0, 0x0) write$auto(r1, 0x0, 0x100000a3d9) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0xffffffffffffffff, 0x4, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, r2, 0x8000) mmap$auto(0x0, 0x3d, 0x2, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/smaps_rollup\x00', 0x1a3000, 0x0) pread64$auto(r3, 0x0, 0x12a, 0x8) r4 = socket(0x2a, 0x2, 0x0) ioctl$auto(r4, 0x8912, 0x38) 1.856980825s ago: executing program 1 (id=3214): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84}, 0x9, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84") ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setrlimit$auto(0x1000000007, 0x0) socket(0x15, 0x5, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r4 = socket(0x1a, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r3, 0x0, 0xffffff4b) 1.644490012s ago: executing program 1 (id=3215): socket(0x9, 0x4, 0xff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0) prctl$auto(0x23, 0x7, 0x0, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/vrf/strict_mode\x00', 0x80202, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r2], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xff, 0x0, @raw=0xfffff030}}) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) flistxattr$auto(r0, &(0x7f0000000380)='\\#$\'\'$O+&$[+#%]:,\x8b\x00', 0x8) readv$auto(0x3, &(0x7f0000000280)={0x0, 0xf7}, 0x87) sendfile$auto(r0, 0x3, 0x0, 0x100000000000009) r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x1c0a42, 0x0) ioctl$auto(r3, 0x40084d02, r3) 1.19888924s ago: executing program 3 (id=3216): socket(0x1a, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000001200)={0xf2f, [{0x529, 0x5}, {0x19f1a9bc, 0x7}, {0x800, 0x5}, {0x9, 0x45053277}, {0x7d, 0xf}, {0x7fffffffffffffff, 0x5}, {0x8, 0x1000}, {0x8, 0xf94}, {0x9, 0x5}, {0x7fff}, {0x80000000, 0x5}, {0x6b, 0x6}, {0x6, 0xfffffffffffffe00}, {0x1}, {0x5, 0xb11}, {0x8, 0x7}, {0x3, 0x8}, {0x2, 0x2}, {0x0, 0x5bf8}, {0x6, 0xfff}, {0x100, 0x1000}, {0x10000}, {0x6, 0x1}, {0x9, 0xee}, {0x9, 0x2}, {0xff, 0x6}, {0x7, 0x4}, {0x8, 0xb}, {0x9, 0x6}, {0x9, 0x101}, {0x1, 0x9}, {0x5, 0x2c3}, {0x3, 0xfe}, {0x9, 0x40}, {0x5b, 0x6}, {0xfff, 0x10000}, {0x5, 0x7fffffffffffffff}, {0x40004}, {0x2, 0x12580000}, {0x9}, {0x9, 0x100000001}, {0x2, 0x7}, {0x6, 0x5}, {0x10, 0x4}, {0x9, 0x1}, {0x5, 0x10}, {0x9, 0x200}, {0xb, 0x4d97}, {0xffffffffffffff7f, 0x8000000000000001}, {0x7f, 0x800}, {0x3, 0x10000}, {0x6, 0xffffffffffffffff}, {0x6, 0x2}, {0x5, 0x3}, {}, {0x3, 0x1}, {0x1, 0xbb1}, {0x9, 0x8000}, {0x6302, 0x3}, {0x9, 0x9}, {0xa, 0x401}, {0x2}, {0x4, 0x800002}, {0x0, 0x4}, {0x7ff}, {0x6, 0x7fffffff}, {0x1, 0x9}, {0x67a, 0xffff}, {0xc, 0x8}, {0x80, 0xe0}, {0x3e75, 0x1}, {0xe8, 0x9}, {0x5}, {0x0, 0x1}, {0xfffffffffffffffe, 0x9}, {0x8, 0xf870}, {0x1ae8df8a, 0x5}, {0xf8, 0xd7c}, {0x0, 0x8}, {0x9, 0xffffffffffffffff}, {0x5de8, 0x7ff}, {0x2, 0x800}, {0xfffffffffffffff8, 0x2}, {0x2, 0x4}, {0x3, 0x5}, {0x0, 0x7ff}, {0x8b, 0x6e}, {0x8000000000000000, 0x3}, {0x4, 0xf434}, {0x4, 0xa0b}, {0x400000002, 0x5}, {0x4, 0x5}, {0x9, 0x5}, {0xd0c7, 0x9}, {0x7, 0x1}, {0x35d, 0x75}, {0x7, 0x3}, {0x3, 0xfffffffffffffffa}, {0x1, 0x38a}, {0x4, 0x1}, {0x100000001, 0x1}, {0x6, 0x5}, {0x5, 0x5}, {0x81, 0x821}, {0x2, 0x1}, {0x100000000, 0x5}, {0x8008, 0xfffffffffffffffa}, {0x9, 0xc}, {0x0, 0x2}, {0x2, 0x70829e47}, {0x255, 0x100000001}, {0x7, 0x8}, {0x1315, 0x7}, {0x4, 0x100}, {0x2, 0x24ad}, {0xd, 0x7}, {0x5, 0x131}, {0x1}, {0x7fffffff, 0xaf06}, {0x8, 0x6}, {0x10, 0x8}, {0x2, 0x5}, {0x1, 0x7}, {0x6, 0xc184}, {0x5, 0x8}, {0x101, 0x24}, {0xfab, 0x3}, {0x1, 0x8}, {0xffffffffffffff89, 0x1}, {0x7ff}, {0x3, 0x9}, {0x7fffffff, 0xffffffffffffffff}, {0x1, 0x1944}, {0x7, 0xfffffffffffffff7}, {0x4, 0xa7}, {0x3, 0xd}, {0x4, 0x6}, {0xfff, 0xa81}, {0x3, 0xc0}, {0x1ff, 0x800}, {0x1000, 0x5}, {0xb, 0x8}, {0x4, 0x6}, {0x1000000000002, 0x5}, {0x200000007, 0x6}, {0x8001, 0xb}, {0x7fffffff, 0x953c}, {0x1, 0x2}, {0x4}, {0x1, 0x5}, {0xfffffffffffffff8, 0xbd}, {0x4}, {0x54e5, 0x6000}, {0x100000001, 0x100000001}, {0x4, 0x8}, {0x200, 0x7afe}, {0x5, 0x2}, {0xfffffffffffffff7, 0x3e9}, {0x0, 0x8}, {0x3, 0x9}, {0x80, 0x1000}, {0x802, 0xd}, {0x0, 0x6}, {0x7, 0x10}, {0x80000000000000, 0x5}, {0xf, 0xc}, {0x0, 0x3}, {0x0, 0x9bd}, {0x4, 0xf96a}, {0x203b0000000000, 0x6}, {0x9}, {0x1, 0x8}, {0x1e, 0x2}, {0x6, 0x400}, {0x8, 0x80000001}, {0x3fc0, 0x6}, {0x4}, {0x7fff, 0x7}, {0x30, 0x8399}, {0xffffffffffffffff, 0x2}, {0x1ff, 0x7}, {0x5, 0x4}, {0x4, 0x79}, {0x3, 0x2}, {0x6, 0x7fff}, {0x6, 0x8}, {0x1000, 0xef62}, {0xbd1b, 0x10001}, {0x8, 0x6}, {0xbd8, 0x80000000}, {0x5, 0x80000001}, {0x1, 0x6}, {0xfff, 0x7}, {0x100, 0x3}, {0x7a}, {0x100}, {0x7, 0xffffffffffffffff}, {0x238b, 0x5}, {0x0, 0x2}, {0xd3fe, 0x7}, {0x5, 0x7}, {0x1, 0x1}, {0x99, 0xfffffffffffffffc}, {0x6, 0xee}, {0x6, 0x100}, {0x78e, 0x5}, {0x1ddf, 0x6}, {0x9, 0x40}, {0x1, 0x2}, {0x8001, 0x91}, {0x8000, 0x1}, {0x9, 0x6}, {0x2, 0x4}, {0x5, 0x3}, {0x0, 0xffff}, {0x5}, {0x5aa, 0x8020000000000}, {0x7, 0x8000000000000000}, {0x400005c4a, 0x4}, {0x3, 0x7de}, {0x0, 0x2}, {0x780000000, 0x8}, {0x9, 0xffffffffffffff3f}, {0x3, 0x4}, {0x81, 0x6a04}, {0x2, 0x1c25}, {0xffffffffffffffc0, 0x8}, {0x1, 0x427}, {0x2, 0x1}, {0x2000008, 0xed3}, {0x3, 0xbe28}, {0x8000000000000000, 0xffffffffffffffff}, {0x2, 0x2}, {0x7, 0x7}, {0x80000001, 0x3987}, {0x66f3, 0x101}, {0x5, 0x101}, {0x4, 0x2}, {0xfff, 0x2}, {0x4, 0x8000000000000001}, {0x1}, {0xa, 0x6}, {0x6, 0x4}, {0x6, 0x3}, {0xd, 0x2}, {0x1, 0x10001000000000}, {0x0, 0x7fffffffffffffff}, {0x9, 0x6}, {0x200, 0x2f91}, {0xd5c5, 0x81}, {0x8, 0x8000}, {0x800, 0xfffffffffffffffa}, {0x301983e2, 0x5}, {0x3, 0x7}, {0x0, 0x4}], 0x7, "0a54d639d08954"}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 1.189104789s ago: executing program 1 (id=3217): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macsec0\x00'}) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100026bd7000fedbdf25030000000800040008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa3a000008000200", @ANYRES32=r2, @ANYBLOB="eeeeca74f5af6a3e08000300080001"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 996.430921ms ago: executing program 4 (id=3218): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r0 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r0, 0x29, 0x6, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x1003, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x3, 0x7, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x4000000003, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x9, 0x2, 0x8000000000000006]}, 0x0) 603.761072ms ago: executing program 1 (id=3219): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1d, 0x2, 0x7) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6}, 0x6a) sendto$auto(r4, 0x0, 0xc, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, r7}, 0x36) 457.967844ms ago: executing program 5 (id=3220): memfd_secret$auto(0x0) r0 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r0, 0x0, 0x100000001, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993024f5e7522"}, 0xc) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) epoll_create$auto(0x9) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) r2 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000a40), 0x100, 0x0) pread64$auto(r2, 0x0, 0x3, 0x10000) 0s ago: executing program 3 (id=3221): socket(0x2, 0x3, 0xe3) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/vulnerabilities/gather_data_sampling\x00', 0x940, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x20600, 0x0) openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x121040, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.rpcsec.init/channel\x00', 0xaa102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop2/queue/discard_max_hw_bytes\x00', 0x42200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) kernel console output (not intermixed with test programs): 25 bytes leftover after parsing attributes in process `syz.5.2593'. [ 652.570649][T15045] FAULT_INJECTION: forcing a failure. [ 652.570649][T15045] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 652.614723][T15045] CPU: 1 UID: 0 PID: 15045 Comm: syz.5.2605 Not tainted syzkaller #0 PREEMPT(full) [ 652.614761][T15045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 652.614779][T15045] Call Trace: [ 652.614788][T15045] [ 652.614799][T15045] dump_stack_lvl+0x16c/0x1f0 [ 652.614844][T15045] should_fail_ex+0x512/0x640 [ 652.614874][T15045] _copy_from_user+0x2e/0xd0 [ 652.614901][T15045] do_handle_open+0x5e9/0xc90 [ 652.614937][T15045] ? __pfx_do_handle_open+0x10/0x10 [ 652.614968][T15045] ? __x64_sys_futex+0x1e0/0x4c0 [ 652.615003][T15045] ? xfd_validate_state+0x61/0x180 [ 652.615042][T15045] ? do_syscall_64+0xcd/0xfa0 [ 652.615076][T15045] do_syscall_64+0xcd/0xfa0 [ 652.615115][T15045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.615141][T15045] RIP: 0033:0x7f0e62b8efc9 [ 652.615162][T15045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.615186][T15045] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 652.615212][T15045] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 652.615230][T15045] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000006 [ 652.615246][T15045] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 652.615262][T15045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.615278][T15045] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 652.615312][T15045] [ 654.016718][T15064] net_ratelimit: 5 callbacks suppressed [ 654.016732][T15064] netlink: zone id is out of range [ 654.098547][T15061] netlink: set zone limit has 8 unknown bytes [ 654.181594][T15064] netlink: del zone limit has 4 unknown bytes [ 654.221931][T15061] HfR: entered promiscuous mode [ 655.366110][T15078] sd 0:0:1:0: PR command failed: 1026 [ 655.436703][T15078] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 655.478040][T15078] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 655.587405][T15089] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2615'. [ 655.803815][T15092] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2618'. [ 655.833952][T15092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 656.172684][T15092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 656.965631][T15111] FAULT_INJECTION: forcing a failure. [ 656.965631][T15111] name failslab, interval 1, probability 0, space 0, times 0 [ 657.033278][T15111] CPU: 0 UID: 0 PID: 15111 Comm: syz.3.2623 Not tainted syzkaller #0 PREEMPT(full) [ 657.033318][T15111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 657.033335][T15111] Call Trace: [ 657.033346][T15111] [ 657.033358][T15111] dump_stack_lvl+0x16c/0x1f0 [ 657.033404][T15111] should_fail_ex+0x512/0x640 [ 657.033431][T15111] ? __kmalloc_cache_noprof+0x5f/0x780 [ 657.033469][T15111] should_failslab+0xc2/0x120 [ 657.033495][T15111] __kmalloc_cache_noprof+0x72/0x780 [ 657.033529][T15111] ? lockdep_hardirqs_on+0x7c/0x110 [ 657.033567][T15111] ? sctp_endpoint_new+0xfc/0xb20 [ 657.033597][T15111] ? sctp_endpoint_new+0xfc/0xb20 [ 657.033621][T15111] sctp_endpoint_new+0xfc/0xb20 [ 657.033649][T15111] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 657.033677][T15111] ? lockdep_init_map_type+0x5c/0x280 [ 657.033708][T15111] ? lockdep_init_map_type+0x5c/0x280 [ 657.033742][T15111] sctp_init_sock+0xe2b/0x12f0 [ 657.033777][T15111] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 657.033819][T15111] sctp_v6_init_sock+0x16/0x70 [ 657.033853][T15111] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 657.033888][T15111] inet6_create+0xb30/0x12b0 [ 657.033913][T15111] ? inet6_create+0x7f/0x12b0 [ 657.033943][T15111] __sock_create+0x338/0x8d0 [ 657.033982][T15111] __sys_socket+0x14d/0x260 [ 657.034017][T15111] ? __pfx___sys_socket+0x10/0x10 [ 657.034049][T15111] ? xfd_validate_state+0x61/0x180 [ 657.034075][T15111] ? __pfx_ksys_write+0x10/0x10 [ 657.034121][T15111] __x64_sys_socket+0x72/0xb0 [ 657.034160][T15111] ? lockdep_hardirqs_on+0x7c/0x110 [ 657.034204][T15111] do_syscall_64+0xcd/0xfa0 [ 657.034243][T15111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.034272][T15111] RIP: 0033:0x7f356b78efc9 [ 657.034294][T15111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.034322][T15111] RSP: 002b:00007f356c572038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 657.034348][T15111] RAX: ffffffffffffffda RBX: 00007f356b9e6090 RCX: 00007f356b78efc9 [ 657.034365][T15111] RDX: 0000000000000084 RSI: 0000000000000005 RDI: 000000000000000a [ 657.034381][T15111] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 657.034402][T15111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.034420][T15111] R13: 00007f356b9e6128 R14: 00007f356b9e6090 R15: 00007ffcf7374d28 [ 657.034459][T15111] [ 659.015390][T15135] [U]  [ 659.018826][T15135] [U] [ 659.021534][T15135] [U] [ 659.024229][T15135] [U] [ 659.067275][T15135] [U] [ 659.070038][T15135] [U] [ 659.072762][T15135] [U] [ 659.075479][T15135] [U] [ 659.078623][T15135] [U] [ 659.081355][T15135] [U] [ 659.084071][T15135] [U] [ 659.086788][T15135] [U] [ 659.090253][T15135] [U] [ 659.092984][T15135] [U] [ 659.095702][T15135] [U] [ 659.098419][T15135] [U] [ 659.101583][T15135] [U] [ 659.104311][T15135] [U] [ 659.107028][T15135] [U] [ 659.109746][T15135] [U] [ 659.123317][T15135] [U] [ 659.126076][T15135] [U] [ 659.128796][T15135] [U] [ 659.131514][T15135] [U] [ 659.196077][T15135] [U] [ 659.198835][T15135] [U] [ 659.201555][T15135] [U] [ 659.204283][T15135] [U] [ 659.379493][T15135] [U] [ 659.382253][T15135] [U] [ 659.385058][T15135] [U] [ 659.387803][T15135] [U] [ 659.480655][T15135] [U] [ 659.483415][T15135] [U] [ 659.486137][T15135] [U] [ 659.488862][T15135] [U] [ 659.536343][T15135] [U] [ 659.539085][T15135] [U] [ 659.541797][T15135] [U] [ 659.544506][T15135] [U] [ 659.570861][T15135] [U] [ 659.573621][T15135] [U] [ 659.576349][T15135] [U] [ 659.579062][T15135] [U] [ 659.615242][T15135] [U] [ 660.011122][T15147] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 660.026878][T15147] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 660.052686][T15147] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 660.102434][T15147] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 660.109541][T15147] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 660.151801][T15147] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 660.165841][T15147] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 660.186966][T15159] sd 0:0:1:0: PR command failed: 1026 [ 660.225366][T15147] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 660.232664][T15147] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 660.251143][T15147] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 660.274616][T15159] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 660.293379][T15147] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 660.309658][T15159] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 660.445381][T15147] Process accounting resumed [ 660.554560][T15161] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2635'. [ 660.616985][T15161] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2635: iget: checksum invalid [ 660.628803][T15161] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 660.640425][T15161] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2635: iget: checksum invalid [ 660.652388][T15161] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 660.662923][T15161] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2635: iget: checksum invalid [ 660.675067][T15161] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 660.697092][T15161] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2635: iget: checksum invalid [ 660.712222][T15161] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 660.730669][T15161] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 660.740720][T15161] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 661.338683][T15177] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2639'. [ 661.368709][T15177] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2639: iget: checksum invalid [ 661.438341][T15177] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 661.505801][T15180] vhci_hcd: invalid port number 16 [ 661.506778][T15177] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2639: iget: checksum invalid [ 661.533316][T15180] vhci_hcd: invalid port number 16 [ 661.566916][T15177] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 661.592035][T15182] FAULT_INJECTION: forcing a failure. [ 661.592035][T15182] name failslab, interval 1, probability 0, space 0, times 0 [ 661.611084][T15177] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2639: iget: checksum invalid [ 661.641380][ T5827] Bluetooth: hci1: command 0x0406 tx timeout [ 661.644330][T15180] random: crng reseeded on system resumption [ 661.657376][T15177] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 661.677133][T15177] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2639: iget: checksum invalid [ 661.740045][T15182] CPU: 0 UID: 0 PID: 15182 Comm: syz.3.2641 Not tainted syzkaller #0 PREEMPT(full) [ 661.740085][T15182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 661.740106][T15182] Call Trace: [ 661.740115][T15182] [ 661.740126][T15182] dump_stack_lvl+0x16c/0x1f0 [ 661.740173][T15182] should_fail_ex+0x512/0x640 [ 661.740198][T15182] ? __kmalloc_cache_noprof+0x5f/0x780 [ 661.740235][T15182] should_failslab+0xc2/0x120 [ 661.740262][T15182] __kmalloc_cache_noprof+0x72/0x780 [ 661.740295][T15182] ? percpu_ref_init+0xec/0x410 [ 661.740340][T15182] ? percpu_ref_init+0xec/0x410 [ 661.740374][T15182] ? __pfx_blkg_release+0x10/0x10 [ 661.740401][T15182] percpu_ref_init+0xec/0x410 [ 661.740434][T15182] ? kasan_save_track+0x14/0x30 [ 661.740475][T15182] blkg_alloc+0xea/0xb60 [ 661.740508][T15182] ? find_held_lock+0x2b/0x80 [ 661.740550][T15182] blkcg_init_disk+0x51/0x160 [ 661.740588][T15182] __alloc_disk_node+0x299/0x640 [ 661.740620][T15182] __blk_mq_alloc_disk+0x89/0x120 [ 661.740661][T15182] loop_add+0x490/0xb70 [ 661.740693][T15182] ? __pfx_loop_add+0x10/0x10 [ 661.740748][T15182] ? find_held_lock+0x2b/0x80 [ 661.740786][T15182] loop_control_ioctl+0x13e/0x630 [ 661.740816][T15182] ? __pfx_loop_control_ioctl+0x10/0x10 [ 661.740852][T15182] ? __pfx_loop_control_ioctl+0x10/0x10 [ 661.740884][T15182] __x64_sys_ioctl+0x18e/0x210 [ 661.740916][T15182] do_syscall_64+0xcd/0xfa0 [ 661.740957][T15182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.740984][T15182] RIP: 0033:0x7f356b78efc9 [ 661.741013][T15182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.741040][T15182] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 661.741072][T15182] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 661.741091][T15182] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 661.741108][T15182] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 661.741125][T15182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.741141][T15182] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 661.741183][T15182] [ 661.745691][T15180] FAULT_INJECTION: forcing a failure. [ 661.745691][T15180] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 661.777437][T15177] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 661.851734][T15180] CPU: 0 UID: 0 PID: 15180 Comm: syz.4.2639 Not tainted syzkaller #0 PREEMPT(full) [ 661.851772][T15180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 661.851789][T15180] Call Trace: [ 661.851799][T15180] [ 661.851811][T15180] dump_stack_lvl+0x16c/0x1f0 [ 661.851854][T15180] should_fail_ex+0x512/0x640 [ 661.851885][T15180] should_fail_alloc_page+0xe7/0x130 [ 661.851916][T15180] prepare_alloc_pages+0x3c2/0x610 [ 661.851944][T15180] ? rcu_is_watching+0x12/0xc0 [ 661.851983][T15180] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 661.852041][T15180] ? stack_trace_save+0x8e/0xc0 [ 661.852079][T15180] ? __pfx_stack_trace_save+0x10/0x10 [ 661.852123][T15180] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 661.852162][T15180] ? kasan_save_stack+0x42/0x60 [ 661.852197][T15180] ? kasan_save_stack+0x33/0x60 [ 661.852237][T15180] ? do_dentry_open+0x982/0x1530 [ 661.852271][T15180] ? vfs_open+0x82/0x3f0 [ 661.852295][T15180] ? path_openat+0x1de4/0x2cb0 [ 661.852327][T15180] ? do_filp_open+0x20b/0x470 [ 661.852359][T15180] ? do_sys_openat2+0x11b/0x1d0 [ 661.852385][T15180] ? __x64_sys_openat+0x174/0x210 [ 661.852411][T15180] ? do_syscall_64+0xcd/0xfa0 [ 661.852447][T15180] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.852474][T15180] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 661.852507][T15180] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 661.852541][T15180] ? policy_nodemask+0xea/0x4e0 [ 661.852571][T15180] alloc_pages_mpol+0x1fb/0x550 [ 661.852599][T15180] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 661.852635][T15180] alloc_pages_noprof+0x131/0x390 [ 661.852662][T15180] get_zeroed_page_noprof+0x18/0xb0 [ 661.852686][T15180] get_image_page+0x18/0x190 [ 661.852721][T15180] alloc_rtree_node+0x3c/0xb0 [ 661.852756][T15180] memory_bm_create+0x519/0x810 [ 661.852804][T15180] create_basic_memory_bitmaps+0xbd/0x320 [ 661.852847][T15180] snapshot_open+0x235/0x2b0 [ 661.852870][T15180] ? __pfx_snapshot_open+0x10/0x10 [ 661.852895][T15180] misc_open+0x26d/0x450 [ 661.852920][T15180] ? __pfx_misc_open+0x10/0x10 [ 661.852943][T15180] chrdev_open+0x234/0x6a0 [ 661.852980][T15180] ? __pfx_apparmor_file_open+0x10/0x10 [ 661.853017][T15180] ? __pfx_chrdev_open+0x10/0x10 [ 661.853059][T15180] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 661.853104][T15180] do_dentry_open+0x982/0x1530 [ 661.853144][T15180] ? __pfx_chrdev_open+0x10/0x10 [ 661.853187][T15180] vfs_open+0x82/0x3f0 [ 661.853219][T15180] path_openat+0x1de4/0x2cb0 [ 661.853266][T15180] ? __pfx_path_openat+0x10/0x10 [ 661.853303][T15180] ? __lock_acquire+0xb8a/0x1c90 [ 661.853334][T15180] do_filp_open+0x20b/0x470 [ 661.853371][T15180] ? __pfx_do_filp_open+0x10/0x10 [ 661.853431][T15180] ? alloc_fd+0x471/0x7d0 [ 661.853475][T15180] do_sys_openat2+0x11b/0x1d0 [ 661.853504][T15180] ? __pfx_do_sys_openat2+0x10/0x10 [ 661.853535][T15180] ? __pfx___might_resched+0x10/0x10 [ 661.853579][T15180] __x64_sys_openat+0x174/0x210 [ 661.853609][T15180] ? __pfx___x64_sys_openat+0x10/0x10 [ 661.853652][T15180] do_syscall_64+0xcd/0xfa0 [ 661.853691][T15180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.853719][T15180] RIP: 0033:0x7f40d418efc9 [ 661.853740][T15180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.853766][T15180] RSP: 002b:00007f40d5076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 661.853793][T15180] RAX: ffffffffffffffda RBX: 00007f40d43e6090 RCX: 00007f40d418efc9 [ 661.853811][T15180] RDX: 0000000000180b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 661.853829][T15180] RBP: 00007f40d4211f91 R08: 0000000000000000 R09: 0000000000000000 [ 661.853847][T15180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.853863][T15180] R13: 00007f40d43e6128 R14: 00007f40d43e6090 R15: 00007ffd4b2dc238 [ 661.853900][T15180] [ 662.129827][ T5827] Bluetooth: hci3: command 0x0406 tx timeout [ 662.146584][T15177] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 662.196627][ T5827] Bluetooth: hci4: command 0x0406 tx timeout [ 662.322198][T13209] Bluetooth: hci2: command 0x0406 tx timeout [ 662.325607][T15177] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 662.350270][T15186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2642'. [ 663.470311][T15202] netlink: zone id is out of range [ 663.522513][T15202] netlink: del zone limit has 4 unknown bytes [ 663.564011][T15199] netlink: set zone limit has 8 unknown bytes [ 663.682665][T15199] HfR: entered promiscuous mode [ 663.726846][T13209] Bluetooth: hci1: command 0x0406 tx timeout [ 664.196708][T13209] Bluetooth: hci3: command 0x0406 tx timeout [ 664.356622][T13209] Bluetooth: hci4: command 0x0406 tx timeout [ 664.362729][T13209] Bluetooth: hci2: command 0x0406 tx timeout [ 664.867508][T13291] usb usb38-port5: attempt power cycle [ 665.468173][T13291] usb usb38-port5: unable to enumerate USB device [ 665.796811][T13209] Bluetooth: hci1: command 0x0406 tx timeout [ 666.436583][T13209] Bluetooth: hci2: command 0x0406 tx timeout [ 667.212527][T15243] sd 0:0:1:0: PR command failed: 1026 [ 667.226723][T15243] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 667.247110][T15243] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 668.516794][T13209] Bluetooth: hci2: command 0x0406 tx timeout [ 669.111974][T15272] netlink: 206 bytes leftover after parsing attributes in process `syz.5.2661'. [ 672.003534][T15304] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2670'. [ 672.129919][T15304] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2670: iget: checksum invalid [ 672.147511][T15304] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 672.162021][T15304] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2670: iget: checksum invalid [ 672.246924][T15304] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 672.436973][T15304] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2670: iget: checksum invalid [ 672.450040][T15304] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 672.484773][T15304] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2670: iget: checksum invalid [ 672.657467][T15304] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 672.702299][T15304] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 672.756621][T15304] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 673.104888][T15309] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2671'. [ 673.126821][T15309] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 673.594363][T15309] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 673.708438][T15316] sd 0:0:1:0: PR command failed: 1026 [ 673.749042][T15316] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 673.966716][T15316] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 677.168585][T15351] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2690'. [ 677.278659][T15354] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2689'. [ 677.336991][T15354] netlink: 354 bytes leftover after parsing attributes in process `syz.5.2689'. [ 678.999070][T15356] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2681'. [ 679.443336][T15367] FAULT_INJECTION: forcing a failure. [ 679.443336][T15367] name failslab, interval 1, probability 0, space 0, times 0 [ 679.508485][T15356] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2681: iget: checksum invalid [ 679.537432][T15356] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 679.569922][T15367] CPU: 1 UID: 0 PID: 15367 Comm: syz.5.2684 Not tainted syzkaller #0 PREEMPT(full) [ 679.569960][T15367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 679.569977][T15367] Call Trace: [ 679.569987][T15367] [ 679.569999][T15367] dump_stack_lvl+0x16c/0x1f0 [ 679.570045][T15367] should_fail_ex+0x512/0x640 [ 679.570077][T15367] should_failslab+0xc2/0x120 [ 679.570105][T15367] kmem_cache_alloc_noprof+0x75/0x6e0 [ 679.570141][T15367] ? dst_alloc+0x99/0x1a0 [ 679.570183][T15367] ? dst_alloc+0x99/0x1a0 [ 679.570216][T15367] dst_alloc+0x99/0x1a0 [ 679.570261][T15367] rt_dst_alloc+0x35/0x3a0 [ 679.570294][T15367] ip_route_output_key_hash_rcu+0x87a/0x28e0 [ 679.570344][T15367] ip_route_output_key_hash+0x10f/0x2b0 [ 679.570383][T15367] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 679.570419][T15367] ? __asan_memcpy+0x3c/0x60 [ 679.570471][T15367] ip_route_output_flow+0x27/0x150 [ 679.570509][T15367] sctp_v4_get_dst+0x3cf/0x1220 [ 679.570560][T15367] ? _get_random_bytes+0xa9/0x1e0 [ 679.570604][T15367] ? __pfx_sctp_v4_get_dst+0x10/0x10 [ 679.570663][T15367] ? __pfx_sctp_generate_proto_unreach_event+0x10/0x10 [ 679.570702][T15367] ? lockdep_init_map_type+0x5c/0x280 [ 679.570740][T15367] sctp_transport_route+0x132/0x350 [ 679.570778][T15367] sctp_assoc_add_peer+0x741/0x1550 [ 679.570817][T15367] sctp_connect_new_asoc+0x1f8/0x770 [ 679.570851][T15367] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 679.570886][T15367] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 679.570930][T15367] __sctp_connect+0x3f3/0xc60 [ 679.570969][T15367] ? do_raw_spin_lock+0x12c/0x2b0 [ 679.571002][T15367] ? __pfx___sctp_connect+0x10/0x10 [ 679.571036][T15367] ? __pfx_sctp_inet_connect+0x10/0x10 [ 679.571068][T15367] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 679.571105][T15367] ? __pfx_sctp_inet_connect+0x10/0x10 [ 679.571134][T15367] sctp_inet_connect+0x15f/0x200 [ 679.571167][T15367] __sys_connect_file+0x141/0x1a0 [ 679.571207][T15367] __sys_connect+0x13b/0x160 [ 679.571242][T15367] ? __pfx___sys_connect+0x10/0x10 [ 679.571295][T15367] ? xfd_validate_state+0x61/0x180 [ 679.571334][T15367] __x64_sys_connect+0x72/0xb0 [ 679.571368][T15367] ? lockdep_hardirqs_on+0x7c/0x110 [ 679.571407][T15367] do_syscall_64+0xcd/0xfa0 [ 679.571448][T15367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.571475][T15367] RIP: 0033:0x7f0e62b8efc9 [ 679.571497][T15367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 679.571525][T15367] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 679.571551][T15367] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 679.571569][T15367] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000002 [ 679.571584][T15367] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 679.571598][T15367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 679.571612][T15367] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 679.571643][T15367] [ 680.177256][T15356] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2681: iget: checksum invalid [ 680.403754][T15356] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 680.587595][T15356] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2681: iget: checksum invalid [ 680.599270][T15356] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 680.611518][T15356] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2681: iget: checksum invalid [ 680.622925][T15356] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 680.632964][T15356] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 680.643095][T15356] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 680.653081][ T5876] Process accounting resumed [ 682.444610][T15393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2694'. [ 682.524529][T15395] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2692'. [ 682.799279][T15396] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2693'. [ 685.921003][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.927425][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.751669][T15432] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2703'. [ 687.292971][T15440] sp0: Synchronizing with TNC [ 688.026125][T15452] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2706'. [ 688.062559][T15452] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 688.276301][T15452] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 688.878625][T15474] random: crng reseeded on system resumption [ 689.174990][T15478] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2713'. [ 691.252694][T15510] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2721'. [ 691.277448][T15506] Process accounting paused [ 691.924199][T15513] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2723'. [ 694.342076][T15558] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 694.717545][T15551] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2730'. [ 694.728542][T15551] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2730: iget: checksum invalid [ 694.808329][T15551] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 694.877923][T15551] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2730: iget: checksum invalid [ 694.967859][T15551] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 695.087007][T15551] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2730: iget: checksum invalid [ 695.105977][T15551] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 695.172768][T15551] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2730: iget: checksum invalid [ 695.207035][T15551] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 695.230434][T15551] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 695.259834][T15551] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 698.851123][T15611] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2743'. [ 698.947198][T15611] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2743: iget: checksum invalid [ 698.967028][T15611] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 699.001441][T15611] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2743: iget: checksum invalid [ 699.162390][T15611] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 699.456738][T15611] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2743: iget: checksum invalid [ 699.519575][T15611] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 699.577135][T15611] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2743: iget: checksum invalid [ 699.747250][T15611] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 699.812622][T15611] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 699.856696][T15611] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 703.269751][T15653] hub 8-0:1.0: USB hub found [ 703.396710][T15653] hub 8-0:1.0: 1 port detected [ 704.277043][T15659] random: crng reseeded on system resumption [ 704.380176][T15659] Restarting kernel threads ... [ 704.405747][T15659] Done restarting kernel threads. [ 704.860880][T15670] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2758'. [ 705.013814][T15670] veth0_macvtap: left promiscuous mode [ 705.027126][T15673] random: crng reseeded on system resumption [ 705.466680][ T5876] Process accounting resumed [ 705.511125][T15678] FAULT_INJECTION: forcing a failure. [ 705.511125][T15678] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 705.996995][T15678] CPU: 1 UID: 0 PID: 15678 Comm: syz.3.2761 Not tainted syzkaller #0 PREEMPT(full) [ 705.997034][T15678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 705.997059][T15678] Call Trace: [ 705.997070][T15678] [ 705.997082][T15678] dump_stack_lvl+0x16c/0x1f0 [ 705.997129][T15678] should_fail_ex+0x512/0x640 [ 705.997161][T15678] should_fail_alloc_page+0xe7/0x130 [ 705.997191][T15678] prepare_alloc_pages+0x3c2/0x610 [ 705.997218][T15678] ? rcu_is_watching+0x12/0xc0 [ 705.997257][T15678] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 705.997292][T15678] ? css_rstat_updated+0x1c2/0x510 [ 705.997330][T15678] ? __pfx_css_rstat_updated+0x10/0x10 [ 705.997372][T15678] ? __lock_acquire+0x622/0x1c90 [ 705.997403][T15678] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 705.997453][T15678] ? __lock_acquire+0x622/0x1c90 [ 705.997485][T15678] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 705.997521][T15678] ? policy_nodemask+0xea/0x4e0 [ 705.997552][T15678] alloc_pages_mpol+0x1fb/0x550 [ 705.997580][T15678] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 705.997617][T15678] folio_alloc_mpol_noprof+0x36/0x2f0 [ 705.997651][T15678] vma_alloc_folio_noprof+0xed/0x1e0 [ 705.997682][T15678] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 705.997721][T15678] do_pte_missing+0x2202/0x3ba0 [ 705.997751][T15678] ? find_held_lock+0x2b/0x80 [ 705.997795][T15678] __handle_mm_fault+0x1556/0x2aa0 [ 705.997837][T15678] ? __pfx___handle_mm_fault+0x10/0x10 [ 705.997872][T15678] ? __pte_offset_map_lock+0x174/0x310 [ 705.997912][T15678] ? find_held_lock+0x2b/0x80 [ 705.997958][T15678] ? follow_page_pte+0x5cf/0x1390 [ 705.997992][T15678] handle_mm_fault+0x589/0xd10 [ 705.998031][T15678] __get_user_pages+0x54e/0x3530 [ 705.998082][T15678] ? __pfx___get_user_pages+0x10/0x10 [ 705.998121][T15678] populate_vma_page_range+0x267/0x3f0 [ 705.998153][T15678] ? __pfx_populate_vma_page_range+0x10/0x10 [ 705.998181][T15678] ? __pfx_find_vma_intersection+0x10/0x10 [ 705.998224][T15678] ? do_mmap+0x69c/0x1210 [ 705.998252][T15678] __mm_populate+0x1d8/0x380 [ 705.998283][T15678] ? __pfx___mm_populate+0x10/0x10 [ 705.998314][T15678] ? up_write+0x1b2/0x520 [ 705.998348][T15678] vm_mmap_pgoff+0x37f/0x470 [ 705.998379][T15678] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 705.998413][T15678] ? __x64_sys_futex+0x1e0/0x4c0 [ 705.998438][T15678] ? __x64_sys_futex+0x1e9/0x4c0 [ 705.998470][T15678] ksys_mmap_pgoff+0x7d/0x5c0 [ 705.998494][T15678] ? xfd_validate_state+0x61/0x180 [ 705.998521][T15678] ? __pfx_do_writev+0x10/0x10 [ 705.998559][T15678] __x64_sys_mmap+0x125/0x190 [ 705.998594][T15678] do_syscall_64+0xcd/0xfa0 [ 705.998636][T15678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.998664][T15678] RIP: 0033:0x7f356b78efc9 [ 705.998687][T15678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.998713][T15678] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 705.998739][T15678] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 705.998758][T15678] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 705.998775][T15678] RBP: 00007f356b811f91 R08: 0000000000000002 R09: 0000000000008000 [ 705.998792][T15678] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 705.998810][T15678] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 705.998848][T15678] [ 706.336153][ C1] vkms_vblank_simulate: vblank timer overrun [ 708.792354][T15717] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2771'. [ 712.159162][T15761] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2779'. [ 714.658993][T15786] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2794'. [ 718.760651][T15834] program syz.4.2799 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 719.991321][T15838] FAULT_INJECTION: forcing a failure. [ 719.991321][T15838] name failslab, interval 1, probability 0, space 0, times 0 [ 720.005665][T15838] CPU: 0 UID: 0 PID: 15838 Comm: syz.5.2800 Not tainted syzkaller #0 PREEMPT(full) [ 720.005701][T15838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 720.005717][T15838] Call Trace: [ 720.005727][T15838] [ 720.005738][T15838] dump_stack_lvl+0x16c/0x1f0 [ 720.005782][T15838] should_fail_ex+0x512/0x640 [ 720.005808][T15838] ? __kmalloc_noprof+0xca/0x880 [ 720.005844][T15838] should_failslab+0xc2/0x120 [ 720.005872][T15838] __kmalloc_noprof+0xdd/0x880 [ 720.005901][T15838] ? __pfx___mutex_lock+0x10/0x10 [ 720.005926][T15838] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 720.005972][T15838] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 720.006010][T15838] kvm_io_bus_register_dev+0x1cf/0x720 [ 720.006058][T15838] kvm_pic_init+0x1fd/0x380 [ 720.006093][T15838] kvm_arch_vm_ioctl+0x8f0/0x18b0 [ 720.006142][T15838] ? register_lock_class+0x41/0x4c0 [ 720.006168][T15838] ? find_held_lock+0x2b/0x80 [ 720.006204][T15838] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 720.006240][T15838] ? ima_match_policy+0x7f9/0x22e0 [ 720.006278][T15838] ? __lock_acquire+0x622/0x1c90 [ 720.006311][T15838] ? __lock_acquire+0x622/0x1c90 [ 720.006348][T15838] ? __lock_acquire+0x622/0x1c90 [ 720.006381][T15838] ? __lock_acquire+0x622/0x1c90 [ 720.006433][T15838] ? bpf_ksym_find+0x124/0x1c0 [ 720.006473][T15838] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 720.006506][T15838] ? is_bpf_text_address+0x94/0x1a0 [ 720.006530][T15838] ? kernel_text_address+0x8d/0x100 [ 720.006557][T15838] ? widen_string+0xdc/0x2d0 [ 720.006583][T15838] ? __kernel_text_address+0xd/0x40 [ 720.006611][T15838] ? unwind_get_return_address+0x59/0xa0 [ 720.006646][T15838] ? arch_stack_walk+0xa6/0x100 [ 720.006687][T15838] ? stack_trace_save+0x8e/0xc0 [ 720.006718][T15838] ? __pfx_stack_trace_save+0x10/0x10 [ 720.006754][T15838] ? stack_depot_save_flags+0x29/0x9c0 [ 720.006781][T15838] ? __lock_acquire+0xb8a/0x1c90 [ 720.006810][T15838] ? kasan_save_stack+0x42/0x60 [ 720.006844][T15838] ? kasan_save_stack+0x33/0x60 [ 720.006878][T15838] ? kasan_save_track+0x14/0x30 [ 720.006914][T15838] ? __kasan_save_free_info+0x3b/0x60 [ 720.006943][T15838] ? __kasan_slab_free+0x5f/0x80 [ 720.006963][T15838] ? kfree+0x2b8/0x6d0 [ 720.006989][T15838] ? tomoyo_path_number_perm+0x470/0x580 [ 720.007026][T15838] kvm_vm_ioctl+0x1a91/0x3fd0 [ 720.007077][T15838] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 720.007139][T15838] ? kasan_quarantine_put+0x10a/0x240 [ 720.007175][T15838] ? lockdep_hardirqs_on+0x7c/0x110 [ 720.007216][T15838] ? find_held_lock+0x2b/0x80 [ 720.007250][T15838] ? tomoyo_path_number_perm+0x295/0x580 [ 720.007289][T15838] ? tomoyo_path_number_perm+0x18d/0x580 [ 720.007320][T15838] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 720.007363][T15838] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 720.007398][T15838] ? do_vfs_ioctl+0x128/0x14f0 [ 720.007426][T15838] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 720.007467][T15838] ? find_held_lock+0x2b/0x80 [ 720.007501][T15838] ? hook_file_ioctl_common+0x145/0x410 [ 720.007543][T15838] ? __fget_files+0x20e/0x3c0 [ 720.007582][T15838] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 720.007621][T15838] __x64_sys_ioctl+0x18e/0x210 [ 720.007653][T15838] do_syscall_64+0xcd/0xfa0 [ 720.007693][T15838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.007720][T15838] RIP: 0033:0x7f0e62b8efc9 [ 720.007744][T15838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 720.007770][T15838] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 720.007796][T15838] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 720.007814][T15838] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 720.007832][T15838] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 720.007850][T15838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.007864][T15838] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 720.007901][T15838] [ 721.392588][T15858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2804'. [ 721.781047][T15865] FAULT_INJECTION: forcing a failure. [ 721.781047][T15865] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 721.866727][T15865] CPU: 1 UID: 0 PID: 15865 Comm: syz.4.2815 Not tainted syzkaller #0 PREEMPT(full) [ 721.866764][T15865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 721.866780][T15865] Call Trace: [ 721.866789][T15865] [ 721.866799][T15865] dump_stack_lvl+0x16c/0x1f0 [ 721.866845][T15865] should_fail_ex+0x512/0x640 [ 721.866876][T15865] _copy_from_user+0x2e/0xd0 [ 721.866904][T15865] copy_msghdr_from_user+0x98/0x160 [ 721.866944][T15865] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 721.866983][T15865] ? lockdep_hardirqs_on+0x7c/0x110 [ 721.867025][T15865] ? kfree+0x252/0x6d0 [ 721.867053][T15865] ? ___sys_sendmsg+0x141/0x1d0 [ 721.867091][T15865] ? trace_ignore_this_task+0xc3/0x100 [ 721.867131][T15865] ___sys_sendmsg+0xfe/0x1d0 [ 721.867172][T15865] ? __pfx____sys_sendmsg+0x10/0x10 [ 721.867244][T15865] ? __pfx___might_resched+0x10/0x10 [ 721.867287][T15865] __sys_sendmmsg+0x200/0x420 [ 721.867316][T15865] ? __pfx___sys_sendmmsg+0x10/0x10 [ 721.867351][T15865] ? __pfx_do_futex+0x10/0x10 [ 721.867398][T15865] ? xfd_validate_state+0x61/0x180 [ 721.867434][T15865] __x64_sys_sendmmsg+0x9c/0x100 [ 721.867458][T15865] ? lockdep_hardirqs_on+0x7c/0x110 [ 721.867495][T15865] do_syscall_64+0xcd/0xfa0 [ 721.867536][T15865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.867562][T15865] RIP: 0033:0x7f40d418efc9 [ 721.867584][T15865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 721.867609][T15865] RSP: 002b:00007f40d5076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 721.867635][T15865] RAX: ffffffffffffffda RBX: 00007f40d43e6090 RCX: 00007f40d418efc9 [ 721.867653][T15865] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 721.867670][T15865] RBP: 00007f40d4211f91 R08: 0000000000000000 R09: 0000000000000000 [ 721.867686][T15865] R10: 000000000000e3a7 R11: 0000000000000246 R12: 0000000000000000 [ 721.867709][T15865] R13: 00007f40d43e6128 R14: 00007f40d43e6090 R15: 00007ffd4b2dc238 [ 721.867744][T15865] [ 722.277163][T15859] random: crng reseeded on system resumption [ 722.359794][T15859] Restarting kernel threads ... [ 722.386593][T15859] Done restarting kernel threads. [ 723.233152][T15877] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2808'. [ 723.777546][T15889] program syz.1.2811 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 725.001421][T15896] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2813: iget: checksum invalid [ 725.022478][T15896] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 725.037300][T15896] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2813: iget: checksum invalid [ 725.093823][T15896] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 725.122731][T15896] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2813: iget: checksum invalid [ 725.139498][T15896] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 725.225816][T15896] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2813: iget: checksum invalid [ 725.245531][T15896] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 725.263096][T15896] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 725.286545][T15896] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 726.385743][T15904] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2817'. [ 726.398455][T15904] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2817: iget: checksum invalid [ 726.412061][T15904] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 726.432504][T15904] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2817: iget: checksum invalid [ 726.444402][T15904] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 726.464931][T15904] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2817: iget: checksum invalid [ 726.542944][T15904] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 726.609525][T15904] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2817: iget: checksum invalid [ 726.781071][T15904] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 726.814886][T15904] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 726.848981][T15904] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 729.336347][T15936] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2822'. [ 729.387577][T15936] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2822: iget: checksum invalid [ 729.399745][T15936] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 729.513050][T15936] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2822: iget: checksum invalid [ 729.586790][T15936] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 729.631628][T15936] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 729.666955][T15947] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2825'. [ 730.006956][T15936] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 730.016815][T15936] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 730.027134][T15936] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 731.134557][T15967] FAULT_INJECTION: forcing a failure. [ 731.134557][T15967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 731.189143][T15967] CPU: 1 UID: 0 PID: 15967 Comm: syz.3.2831 Not tainted syzkaller #0 PREEMPT(full) [ 731.189180][T15967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 731.189202][T15967] Call Trace: [ 731.189212][T15967] [ 731.189223][T15967] dump_stack_lvl+0x16c/0x1f0 [ 731.189267][T15967] should_fail_ex+0x512/0x640 [ 731.189296][T15967] _copy_from_iter+0x29f/0x1720 [ 731.189323][T15967] ? __alloc_skb+0x200/0x380 [ 731.189359][T15967] ? __pfx___alloc_skb+0x10/0x10 [ 731.189394][T15967] ? __pfx__copy_from_iter+0x10/0x10 [ 731.189423][T15967] ? skb_page_frag_refill+0x11d/0x5c0 [ 731.189450][T15967] ? sk_forced_mem_schedule+0x60/0x2f0 [ 731.189477][T15967] ? sk_page_frag_refill+0x6c/0x2f0 [ 731.189511][T15967] tcp_sendmsg_locked+0x2900/0x42e0 [ 731.189565][T15967] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 731.189599][T15967] ? do_raw_spin_lock+0x12c/0x2b0 [ 731.189628][T15967] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 731.189665][T15967] ? __local_bh_enable_ip+0xa4/0x120 [ 731.189703][T15967] tcp_sendmsg+0x2e/0x50 [ 731.189730][T15967] ? __pfx_tcp_sendmsg+0x10/0x10 [ 731.189759][T15967] inet_sendmsg+0xb9/0x140 [ 731.189793][T15967] ____sys_sendmsg+0x973/0xc70 [ 731.189822][T15967] ? copy_msghdr_from_user+0x10a/0x160 [ 731.189857][T15967] ? __pfx_____sys_sendmsg+0x10/0x10 [ 731.189884][T15967] ? lockdep_hardirqs_on+0x7c/0x110 [ 731.189922][T15967] ? kfree+0x2b8/0x6d0 [ 731.189948][T15967] ? ___sys_sendmsg+0x141/0x1d0 [ 731.189990][T15967] ___sys_sendmsg+0x134/0x1d0 [ 731.190027][T15967] ? __pfx____sys_sendmsg+0x10/0x10 [ 731.190094][T15967] ? __pfx___might_resched+0x10/0x10 [ 731.190132][T15967] __sys_sendmmsg+0x200/0x420 [ 731.190159][T15967] ? __pfx___sys_sendmmsg+0x10/0x10 [ 731.190198][T15967] ? __pfx_do_futex+0x10/0x10 [ 731.190244][T15967] ? xfd_validate_state+0x61/0x180 [ 731.190280][T15967] __x64_sys_sendmmsg+0x9c/0x100 [ 731.190303][T15967] ? lockdep_hardirqs_on+0x7c/0x110 [ 731.190337][T15967] do_syscall_64+0xcd/0xfa0 [ 731.190374][T15967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.190399][T15967] RIP: 0033:0x7f356b78efc9 [ 731.190421][T15967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.190445][T15967] RSP: 002b:00007f356c572038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 731.190470][T15967] RAX: ffffffffffffffda RBX: 00007f356b9e6090 RCX: 00007f356b78efc9 [ 731.190488][T15967] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 731.190505][T15967] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 731.190520][T15967] R10: 000000000000e3a7 R11: 0000000000000246 R12: 0000000000000000 [ 731.190535][T15967] R13: 00007f356b9e6128 R14: 00007f356b9e6090 R15: 00007ffcf7374d28 [ 731.190569][T15967] [ 731.499146][T15959] netlink: 268 bytes leftover after parsing attributes in process `syz.5.2838'. [ 731.749517][T15959] EXT4-fs error: 2 callbacks suppressed [ 731.749588][T15959] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2838: iget: checksum invalid [ 731.766921][T15959] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 731.787384][T15959] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2838: iget: checksum invalid [ 731.799418][T15959] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 731.810141][T15959] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2838: iget: checksum invalid [ 731.822059][T15959] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 731.845308][T15959] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2838: iget: checksum invalid [ 731.867069][T15959] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 731.877006][T15959] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 731.889552][T15959] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 732.323063][T15973] FAULT_INJECTION: forcing a failure. [ 732.323063][T15973] name failslab, interval 1, probability 0, space 0, times 0 [ 732.386723][T15973] CPU: 1 UID: 0 PID: 15973 Comm: syz.3.2833 Not tainted syzkaller #0 PREEMPT(full) [ 732.386762][T15973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 732.386788][T15973] Call Trace: [ 732.386798][T15973] [ 732.386808][T15973] dump_stack_lvl+0x16c/0x1f0 [ 732.386854][T15973] should_fail_ex+0x512/0x640 [ 732.386877][T15973] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 732.386915][T15973] should_failslab+0xc2/0x120 [ 732.386939][T15973] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 732.386973][T15973] ? proc_alloc_inode+0x25/0x200 [ 732.387001][T15973] ? __pfx_proc_alloc_inode+0x10/0x10 [ 732.387021][T15973] ? proc_alloc_inode+0x25/0x200 [ 732.387042][T15973] proc_alloc_inode+0x25/0x200 [ 732.387064][T15973] alloc_inode+0x64/0x240 [ 732.387087][T15973] new_inode+0x22/0x1c0 [ 732.387115][T15973] proc_pid_make_inode+0x22/0x160 [ 732.387141][T15973] proc_pident_instantiate+0x85/0x310 [ 732.387170][T15973] proc_fill_cache+0x361/0x470 [ 732.387193][T15973] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 732.387220][T15973] ? __pfx_proc_fill_cache+0x10/0x10 [ 732.387274][T15973] proc_pident_readdir+0x1bc/0x530 [ 732.387301][T15973] iterate_dir+0x296/0xaf0 [ 732.387330][T15973] __x64_sys_getdents+0x13c/0x2b0 [ 732.387363][T15973] ? __pfx___x64_sys_getdents+0x10/0x10 [ 732.387395][T15973] ? __pfx_filldir+0x10/0x10 [ 732.387431][T15973] do_syscall_64+0xcd/0xfa0 [ 732.387469][T15973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.387493][T15973] RIP: 0033:0x7f356b78efc9 [ 732.387513][T15973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 732.387535][T15973] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 732.387556][T15973] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 732.387572][T15973] RDX: 00000000000003f1 RSI: 0000000000000000 RDI: 0000000000000004 [ 732.387589][T15973] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 732.387603][T15973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.387617][T15973] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 732.387653][T15973] [ 735.962319][T16016] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2843'. [ 737.073094][T16034] FAULT_INJECTION: forcing a failure. [ 737.073094][T16034] name failslab, interval 1, probability 0, space 0, times 0 [ 737.106680][T16034] CPU: 0 UID: 0 PID: 16034 Comm: syz.5.2847 Not tainted syzkaller #0 PREEMPT(full) [ 737.106717][T16034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 737.106734][T16034] Call Trace: [ 737.106744][T16034] [ 737.106755][T16034] dump_stack_lvl+0x16c/0x1f0 [ 737.106800][T16034] should_fail_ex+0x512/0x640 [ 737.106824][T16034] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 737.106865][T16034] should_failslab+0xc2/0x120 [ 737.106892][T16034] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 737.106928][T16034] ? proc_alloc_inode+0x25/0x200 [ 737.106957][T16034] ? __pfx_proc_alloc_inode+0x10/0x10 [ 737.106980][T16034] ? proc_alloc_inode+0x25/0x200 [ 737.107003][T16034] proc_alloc_inode+0x25/0x200 [ 737.107026][T16034] alloc_inode+0x64/0x240 [ 737.107053][T16034] new_inode+0x22/0x1c0 [ 737.107081][T16034] proc_pid_make_inode+0x22/0x160 [ 737.107108][T16034] proc_pident_instantiate+0x85/0x310 [ 737.107137][T16034] proc_fill_cache+0x361/0x470 [ 737.107162][T16034] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 737.107190][T16034] ? __pfx_proc_fill_cache+0x10/0x10 [ 737.107251][T16034] proc_pident_readdir+0x1bc/0x530 [ 737.107285][T16034] iterate_dir+0x296/0xaf0 [ 737.107321][T16034] __x64_sys_getdents+0x13c/0x2b0 [ 737.107352][T16034] ? __pfx___x64_sys_getdents+0x10/0x10 [ 737.107384][T16034] ? __pfx_filldir+0x10/0x10 [ 737.107435][T16034] do_syscall_64+0xcd/0xfa0 [ 737.107479][T16034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.107506][T16034] RIP: 0033:0x7f0e62b8efc9 [ 737.107527][T16034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 737.107553][T16034] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 737.107578][T16034] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 737.107595][T16034] RDX: 00000000000003f1 RSI: 0000000000000000 RDI: 0000000000000004 [ 737.107611][T16034] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 737.107627][T16034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 737.107643][T16034] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 737.107681][T16034] [ 737.919521][T16049] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2851'. [ 738.266732][T16058] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2861: iget: checksum invalid [ 738.285078][T16058] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 738.304420][T16058] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2861: iget: checksum invalid [ 738.347543][T16058] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 738.358463][T16058] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2861: iget: checksum invalid [ 738.377102][T16058] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 738.438218][T16058] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2861: iget: checksum invalid [ 738.482376][T16058] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 738.538968][T16058] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 738.550655][T16058] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 740.841213][T16085] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2862'. [ 740.898440][T16085] netlink: 17 bytes leftover after parsing attributes in process `syz.5.2862'. [ 740.956783][T16085] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2862'. [ 741.651275][T16100] FAULT_INJECTION: forcing a failure. [ 741.651275][T16100] name failslab, interval 1, probability 0, space 0, times 0 [ 741.725674][T16100] CPU: 1 UID: 0 PID: 16100 Comm: syz.5.2873 Not tainted syzkaller #0 PREEMPT(full) [ 741.725709][T16100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 741.725720][T16100] Call Trace: [ 741.725725][T16100] [ 741.725733][T16100] dump_stack_lvl+0x16c/0x1f0 [ 741.725760][T16100] should_fail_ex+0x512/0x640 [ 741.725775][T16100] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 741.725799][T16100] should_failslab+0xc2/0x120 [ 741.725814][T16100] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 741.725834][T16100] ? kasan_save_stack+0x42/0x60 [ 741.725855][T16100] ? __d_alloc+0x32/0xae0 [ 741.725879][T16100] ? __d_alloc+0x32/0xae0 [ 741.725897][T16100] ? vfs_cmd_create+0xd7/0x2a0 [ 741.725910][T16100] __d_alloc+0x32/0xae0 [ 741.725928][T16100] ? do_syscall_64+0xcd/0xfa0 [ 741.725948][T16100] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.725965][T16100] d_alloc_parallel+0x111/0x1510 [ 741.725984][T16100] ? __lock_acquire+0xb8a/0x1c90 [ 741.726003][T16100] ? __pfx_d_alloc_parallel+0x10/0x10 [ 741.726021][T16100] ? lockdep_init_map_type+0x5c/0x280 [ 741.726039][T16100] ? lockdep_init_map_type+0x5c/0x280 [ 741.726059][T16100] __lookup_slow+0x193/0x460 [ 741.726077][T16100] ? __pfx___lookup_slow+0x10/0x10 [ 741.726096][T16100] ? shmem_zero_setup+0x120/0x1a0 [ 741.726122][T16100] ? shmem_zero_setup+0x120/0x1a0 [ 741.726142][T16100] ? d_lookup+0xe7/0x190 [ 741.726160][T16100] lookup_noperm+0xe1/0x110 [ 741.726177][T16100] simple_start_creating+0xd1/0x1b0 [ 741.726197][T16100] rpc_new_dir+0x27/0x440 [ 741.726214][T16100] ? d_instantiate+0x77/0x90 [ 741.726236][T16100] rpc_fill_super+0x30c/0x4f0 [ 741.726255][T16100] ? __pfx_rpc_fill_super+0x10/0x10 [ 741.726273][T16100] get_tree_keyed+0x10e/0x1d0 [ 741.726308][T16100] vfs_get_tree+0x8e/0x340 [ 741.726326][T16100] vfs_cmd_create+0xd7/0x2a0 [ 741.726342][T16100] __do_sys_fsconfig+0x7b8/0xbe0 [ 741.726358][T16100] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 741.726382][T16100] do_syscall_64+0xcd/0xfa0 [ 741.726405][T16100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.726419][T16100] RIP: 0033:0x7f0e62b8efc9 [ 741.726432][T16100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.726445][T16100] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 741.726460][T16100] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 741.726479][T16100] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 741.726494][T16100] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 741.726509][T16100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.726524][T16100] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 741.726559][T16100] [ 745.250783][T16137] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2872: iget: checksum invalid [ 745.287361][T16137] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 745.309380][T16137] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2872: iget: checksum invalid [ 745.326105][T16137] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 745.342491][T16137] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2872: iget: checksum invalid [ 745.361262][T16137] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 745.372214][T16137] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.2872: iget: checksum invalid [ 745.384605][T16137] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 745.394976][T16137] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 745.410670][T16129] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2871'. [ 745.421426][T16137] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 745.829781][T16135] FAULT_INJECTION: forcing a failure. [ 745.829781][T16135] name failslab, interval 1, probability 0, space 0, times 0 [ 745.884579][T16135] CPU: 1 UID: 0 PID: 16135 Comm: syz.3.2874 Not tainted syzkaller #0 PREEMPT(full) [ 745.884617][T16135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 745.884634][T16135] Call Trace: [ 745.884642][T16135] [ 745.884652][T16135] dump_stack_lvl+0x16c/0x1f0 [ 745.884709][T16135] should_fail_ex+0x512/0x640 [ 745.884734][T16135] ? __kmalloc_noprof+0xca/0x880 [ 745.884768][T16135] should_failslab+0xc2/0x120 [ 745.884793][T16135] __kmalloc_noprof+0xdd/0x880 [ 745.884819][T16135] ? __pfx___mutex_lock+0x10/0x10 [ 745.884844][T16135] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 745.884888][T16135] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 745.884925][T16135] kvm_io_bus_register_dev+0x1cf/0x720 [ 745.884979][T16135] kvm_pic_init+0x22f/0x380 [ 745.885012][T16135] kvm_arch_vm_ioctl+0x8f0/0x18b0 [ 745.885048][T16135] ? finish_task_switch.isra.0+0x221/0xc10 [ 745.885082][T16135] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 745.885122][T16135] ? trace_sched_exit_tp+0xd1/0x120 [ 745.885151][T16135] ? __schedule+0x11a3/0x5de0 [ 745.885197][T16135] ? __lock_acquire+0xb8a/0x1c90 [ 745.885228][T16135] ? __pfx___schedule+0x10/0x10 [ 745.885261][T16135] ? __lock_acquire+0x622/0x1c90 [ 745.885302][T16135] ? mark_held_locks+0x49/0x80 [ 745.885326][T16135] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 745.885362][T16135] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.885399][T16135] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 745.885445][T16135] ? __rcu_read_unlock+0x2bc/0x550 [ 745.885473][T16135] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 745.885512][T16135] ? is_bpf_text_address+0x94/0x1a0 [ 745.885539][T16135] ? kernel_text_address+0x8d/0x100 [ 745.885568][T16135] ? widen_string+0xdc/0x2d0 [ 745.885596][T16135] ? __kernel_text_address+0xd/0x40 [ 745.885625][T16135] ? unwind_get_return_address+0x59/0xa0 [ 745.885661][T16135] ? arch_stack_walk+0xa6/0x100 [ 745.885724][T16135] ? stack_trace_save+0x8e/0xc0 [ 745.885762][T16135] ? __pfx_stack_trace_save+0x10/0x10 [ 745.885799][T16135] ? stack_depot_save_flags+0x29/0x9c0 [ 745.885826][T16135] ? __lock_acquire+0xb8a/0x1c90 [ 745.885855][T16135] ? kasan_save_stack+0x42/0x60 [ 745.885890][T16135] ? kasan_save_stack+0x33/0x60 [ 745.885920][T16135] ? kasan_save_track+0x14/0x30 [ 745.885952][T16135] ? __kasan_save_free_info+0x3b/0x60 [ 745.885981][T16135] ? __kasan_slab_free+0x5f/0x80 [ 745.886003][T16135] ? kfree+0x2b8/0x6d0 [ 745.886028][T16135] ? tomoyo_path_number_perm+0x470/0x580 [ 745.886064][T16135] kvm_vm_ioctl+0x1a91/0x3fd0 [ 745.886112][T16135] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 745.886172][T16135] ? kasan_quarantine_put+0x10a/0x240 [ 745.886208][T16135] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.886249][T16135] ? find_held_lock+0x2b/0x80 [ 745.886283][T16135] ? tomoyo_path_number_perm+0x295/0x580 [ 745.886320][T16135] ? tomoyo_path_number_perm+0x18d/0x580 [ 745.886353][T16135] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 745.886403][T16135] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 745.886442][T16135] ? do_vfs_ioctl+0x128/0x14f0 [ 745.886472][T16135] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 745.886506][T16135] ? find_held_lock+0x2b/0x80 [ 745.886538][T16135] ? hook_file_ioctl_common+0x145/0x410 [ 745.886575][T16135] ? __fget_files+0x20e/0x3c0 [ 745.886612][T16135] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 745.886646][T16135] __x64_sys_ioctl+0x18e/0x210 [ 745.886688][T16135] do_syscall_64+0xcd/0xfa0 [ 745.886729][T16135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.886754][T16135] RIP: 0033:0x7f356b78efc9 [ 745.886776][T16135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.886803][T16135] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 745.886829][T16135] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 745.886848][T16135] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 745.886865][T16135] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 745.886880][T16135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.886895][T16135] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 745.886932][T16135] [ 747.326379][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.332774][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.348223][T16157] program syz.3.2876 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 749.879102][T16190] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2886: iget: checksum invalid [ 750.135302][T16190] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 750.191711][T16190] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2886: iget: checksum invalid [ 750.204342][T16190] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 750.249339][T16190] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2886: iget: checksum invalid [ 750.264523][T16190] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 750.287456][T16190] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2886: iget: checksum invalid [ 750.308059][T16190] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 750.317784][T16190] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 750.328087][T16190] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 751.372050][T16206] program syz.3.2891 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 751.438034][T16205] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2900: iget: checksum invalid [ 751.537446][T16205] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 751.595391][T16205] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2900: iget: checksum invalid [ 751.716695][T16205] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 751.736216][T16205] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2900: iget: checksum invalid [ 751.752832][T16205] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 751.770161][T16205] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2900: iget: checksum invalid [ 751.783154][T16205] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 751.798491][T16209] FAULT_INJECTION: forcing a failure. [ 751.798491][T16209] name failslab, interval 1, probability 0, space 0, times 0 [ 751.815429][T16209] CPU: 1 UID: 0 PID: 16209 Comm: syz.4.2889 Not tainted syzkaller #0 PREEMPT(full) [ 751.815452][T16209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 751.815462][T16209] Call Trace: [ 751.815468][T16209] [ 751.815475][T16209] dump_stack_lvl+0x16c/0x1f0 [ 751.815503][T16209] should_fail_ex+0x512/0x640 [ 751.815517][T16209] ? __kmalloc_noprof+0xca/0x880 [ 751.815541][T16209] should_failslab+0xc2/0x120 [ 751.815555][T16209] __kmalloc_noprof+0xdd/0x880 [ 751.815573][T16209] ? kvm_set_irq_routing+0xf3/0x970 [ 751.815596][T16209] ? kvm_set_irq_routing+0xf3/0x970 [ 751.815612][T16209] kvm_set_irq_routing+0xf3/0x970 [ 751.815631][T16209] ? kvm_ioapic_init+0x445/0x590 [ 751.815652][T16209] kvm_arch_vm_ioctl+0x934/0x18b0 [ 751.815674][T16209] ? register_lock_class+0x41/0x4c0 [ 751.815689][T16209] ? find_held_lock+0x2b/0x80 [ 751.815711][T16209] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 751.815731][T16209] ? ima_match_policy+0x7f9/0x22e0 [ 751.815753][T16209] ? __lock_acquire+0x622/0x1c90 [ 751.815770][T16209] ? __lock_acquire+0x622/0x1c90 [ 751.815789][T16209] ? __lock_acquire+0x622/0x1c90 [ 751.815808][T16209] ? __lock_acquire+0x622/0x1c90 [ 751.815834][T16209] ? bpf_ksym_find+0x124/0x1c0 [ 751.815854][T16209] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 751.815876][T16209] ? is_bpf_text_address+0x94/0x1a0 [ 751.815891][T16209] ? kernel_text_address+0x8d/0x100 [ 751.815908][T16209] ? widen_string+0xdc/0x2d0 [ 751.815924][T16209] ? __kernel_text_address+0xd/0x40 [ 751.815941][T16209] ? unwind_get_return_address+0x59/0xa0 [ 751.815961][T16209] ? arch_stack_walk+0xa6/0x100 [ 751.815987][T16209] ? stack_trace_save+0x8e/0xc0 [ 751.816006][T16209] ? __pfx_stack_trace_save+0x10/0x10 [ 751.816027][T16209] ? stack_depot_save_flags+0x29/0x9c0 [ 751.816042][T16209] ? __lock_acquire+0xb8a/0x1c90 [ 751.816057][T16209] ? kasan_save_stack+0x42/0x60 [ 751.816077][T16209] ? kasan_save_stack+0x33/0x60 [ 751.816095][T16209] ? kasan_save_track+0x14/0x30 [ 751.816115][T16209] ? __kasan_save_free_info+0x3b/0x60 [ 751.816131][T16209] ? __kasan_slab_free+0x5f/0x80 [ 751.816142][T16209] ? kfree+0x2b8/0x6d0 [ 751.816157][T16209] ? tomoyo_path_number_perm+0x470/0x580 [ 751.816177][T16209] kvm_vm_ioctl+0x1a91/0x3fd0 [ 751.816204][T16209] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 751.816236][T16209] ? kasan_quarantine_put+0x10a/0x240 [ 751.816255][T16209] ? lockdep_hardirqs_on+0x7c/0x110 [ 751.816278][T16209] ? find_held_lock+0x2b/0x80 [ 751.816297][T16209] ? tomoyo_path_number_perm+0x295/0x580 [ 751.816317][T16209] ? tomoyo_path_number_perm+0x18d/0x580 [ 751.816336][T16209] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 751.816352][T16209] ? futex_wake+0x1ad/0x530 [ 751.816374][T16209] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 751.816394][T16209] ? do_vfs_ioctl+0x128/0x14f0 [ 751.816411][T16209] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 751.816432][T16209] ? find_held_lock+0x2b/0x80 [ 751.816450][T16209] ? hook_file_ioctl_common+0x145/0x410 [ 751.816486][T16209] ? __fget_files+0x20e/0x3c0 [ 751.816522][T16209] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 751.816561][T16209] __x64_sys_ioctl+0x18e/0x210 [ 751.816579][T16209] do_syscall_64+0xcd/0xfa0 [ 751.816603][T16209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.816619][T16209] RIP: 0033:0x7f40d418efc9 [ 751.816632][T16209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 751.816646][T16209] RSP: 002b:00007f40d5076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 751.816661][T16209] RAX: ffffffffffffffda RBX: 00007f40d43e6090 RCX: 00007f40d418efc9 [ 751.816672][T16209] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 751.816681][T16209] RBP: 00007f40d4211f91 R08: 0000000000000000 R09: 0000000000000000 [ 751.816690][T16209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.816699][T16209] R13: 00007f40d43e6128 R14: 00007f40d43e6090 R15: 00007ffd4b2dc238 [ 751.816719][T16209] [ 752.293200][T16205] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 752.302950][T16205] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 752.807942][T16221] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2896'. [ 753.049447][T16221] bond0: (slave bond_slave_1): Releasing backup interface [ 753.884876][T16244] program syz.5.2904 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 754.563286][T16239] mkiss: ax0: crc mode is auto. [ 755.153986][T16256] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2906: iget: checksum invalid [ 755.166301][T16256] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 755.181329][T16256] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2906: iget: checksum invalid [ 755.238947][T16256] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 755.290843][T16256] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2906: iget: checksum invalid [ 755.329687][T16256] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 755.343421][T16256] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2906: iget: checksum invalid [ 755.354974][T16256] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 755.568886][T16256] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 755.591920][T16256] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 756.532273][T16272] FAULT_INJECTION: forcing a failure. [ 756.532273][T16272] name failslab, interval 1, probability 0, space 0, times 0 [ 756.613290][T16272] CPU: 0 UID: 0 PID: 16272 Comm: syz.4.2918 Not tainted syzkaller #0 PREEMPT(full) [ 756.613325][T16272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 756.613340][T16272] Call Trace: [ 756.613349][T16272] [ 756.613358][T16272] dump_stack_lvl+0x16c/0x1f0 [ 756.613423][T16272] should_fail_ex+0x512/0x640 [ 756.613445][T16272] ? fs_reclaim_acquire+0xae/0x150 [ 756.613473][T16272] should_failslab+0xc2/0x120 [ 756.613500][T16272] __kmalloc_noprof+0xdd/0x880 [ 756.613531][T16272] ? tomoyo_encode2+0x100/0x3e0 [ 756.613573][T16272] ? tomoyo_encode2+0x100/0x3e0 [ 756.613602][T16272] tomoyo_encode2+0x100/0x3e0 [ 756.613640][T16272] tomoyo_encode+0x29/0x50 [ 756.613668][T16272] tomoyo_realpath_from_path+0x18f/0x6e0 [ 756.613711][T16272] tomoyo_mkdev_perm+0x22b/0x570 [ 756.613738][T16272] ? tomoyo_mkdev_perm+0x217/0x570 [ 756.613769][T16272] ? __pfx_tomoyo_mkdev_perm+0x10/0x10 [ 756.613811][T16272] ? do_raw_spin_lock+0x12c/0x2b0 [ 756.613849][T16272] ? do_raw_spin_unlock+0x172/0x230 [ 756.613898][T16272] ? __pfx_current_check_access_path+0x10/0x10 [ 756.613936][T16272] ? simple_lookup+0x105/0x1d0 [ 756.613977][T16272] tomoyo_path_mknod+0x12a/0x190 [ 756.614000][T16272] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 756.614027][T16272] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 756.614062][T16272] security_path_mknod+0x161/0x310 [ 756.614095][T16272] do_mknodat+0x239/0x5d0 [ 756.614135][T16272] ? __pfx_do_mknodat+0x10/0x10 [ 756.614167][T16272] ? getname_flags.part.0+0x1c5/0x550 [ 756.614204][T16272] __x64_sys_mknod+0x87/0xb0 [ 756.614238][T16272] do_syscall_64+0xcd/0xfa0 [ 756.614279][T16272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.614309][T16272] RIP: 0033:0x7f40d418efc9 [ 756.614330][T16272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 756.614354][T16272] RSP: 002b:00007f40d5097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 756.614378][T16272] RAX: ffffffffffffffda RBX: 00007f40d43e5fa0 RCX: 00007f40d418efc9 [ 756.614396][T16272] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 756.614413][T16272] RBP: 00007f40d4211f91 R08: 0000000000000000 R09: 0000000000000000 [ 756.614429][T16272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 756.614444][T16272] R13: 00007f40d43e6038 R14: 00007f40d43e5fa0 R15: 00007ffd4b2dc238 [ 756.614482][T16272] [ 756.614510][T16272] ERROR: Out of memory at tomoyo_realpath_from_path. [ 757.850659][T16287] zswap: compressor 000 not available [ 761.136052][T16352] netlink: 'syz.3.2928': attribute type 4 has an invalid length. [ 761.143876][T16352] netlink: 314 bytes leftover after parsing attributes in process `syz.3.2928'. [ 761.375714][T16361] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2929'. [ 761.538286][T16342] FAULT_INJECTION: forcing a failure. [ 761.538286][T16342] name failslab, interval 1, probability 0, space 0, times 0 [ 761.644434][T16342] CPU: 0 UID: 0 PID: 16342 Comm: syz.5.2925 Not tainted syzkaller #0 PREEMPT(full) [ 761.644473][T16342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 761.644489][T16342] Call Trace: [ 761.644498][T16342] [ 761.644509][T16342] dump_stack_lvl+0x16c/0x1f0 [ 761.644556][T16342] should_fail_ex+0x512/0x640 [ 761.644581][T16342] ? __kmalloc_cache_noprof+0x5f/0x780 [ 761.644619][T16342] should_failslab+0xc2/0x120 [ 761.644645][T16342] __kmalloc_cache_noprof+0x72/0x780 [ 761.644692][T16342] ? kvm_dev_ioctl+0x1358/0x1a80 [ 761.644738][T16342] ? kvm_dev_ioctl+0x1358/0x1a80 [ 761.644774][T16342] kvm_dev_ioctl+0x1358/0x1a80 [ 761.644823][T16342] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 761.644873][T16342] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 761.644913][T16342] __x64_sys_ioctl+0x18e/0x210 [ 761.644947][T16342] do_syscall_64+0xcd/0xfa0 [ 761.644987][T16342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.645013][T16342] RIP: 0033:0x7f0e62b8efc9 [ 761.645034][T16342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 761.645060][T16342] RSP: 002b:00007f0e63a0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 761.645086][T16342] RAX: ffffffffffffffda RBX: 00007f0e62de6090 RCX: 00007f0e62b8efc9 [ 761.645104][T16342] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 761.645119][T16342] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 761.645136][T16342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.645151][T16342] R13: 00007f0e62de6128 R14: 00007f0e62de6090 R15: 00007ffeb8e2e888 [ 761.645186][T16342] [ 763.188446][T16396] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 764.205907][T16404] vhci_hcd: invalid port number 16 [ 764.221969][T16404] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 764.885967][T16407] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2940'. [ 765.299427][T16412] netlink: 62 bytes leftover after parsing attributes in process `syz.5.2942'. [ 767.369962][T16437] random: crng reseeded on system resumption [ 768.409475][T16458] netlink: 'syz.1.2952': attribute type 4 has an invalid length. [ 768.418006][T16458] netlink: 'syz.1.2952': attribute type 5 has an invalid length. [ 768.425896][T16458] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2952'. [ 768.705205][T16468] netlink: 'syz.1.2956': attribute type 1 has an invalid length. [ 769.110018][T16476] FAULT_INJECTION: forcing a failure. [ 769.110018][T16476] name failslab, interval 1, probability 0, space 0, times 0 [ 769.171640][T16476] CPU: 1 UID: 0 PID: 16476 Comm: syz.3.2958 Not tainted syzkaller #0 PREEMPT(full) [ 769.171678][T16476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 769.171696][T16476] Call Trace: [ 769.171706][T16476] [ 769.171717][T16476] dump_stack_lvl+0x16c/0x1f0 [ 769.171763][T16476] should_fail_ex+0x512/0x640 [ 769.171788][T16476] ? __kmalloc_cache_noprof+0x5f/0x780 [ 769.171837][T16476] should_failslab+0xc2/0x120 [ 769.171865][T16476] __kmalloc_cache_noprof+0x72/0x780 [ 769.171902][T16476] ? input_allocate_device+0x44/0x350 [ 769.171935][T16476] ? input_allocate_device+0x44/0x350 [ 769.171961][T16476] input_allocate_device+0x44/0x350 [ 769.171989][T16476] uinput_ioctl_handler.isra.0+0x8bb/0x1df0 [ 769.172027][T16476] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 769.172056][T16476] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 769.172098][T16476] ? rcu_is_watching+0x12/0xc0 [ 769.172133][T16476] ? irqentry_exit+0x3b/0x90 [ 769.172155][T16476] ? lockdep_hardirqs_on+0x7c/0x110 [ 769.172215][T16476] ? __pfx_uinput_ioctl+0x10/0x10 [ 769.172253][T16476] __x64_sys_ioctl+0x18e/0x210 [ 769.172285][T16476] do_syscall_64+0xcd/0xfa0 [ 769.172326][T16476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 769.172352][T16476] RIP: 0033:0x7f356b78efc9 [ 769.172374][T16476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 769.172397][T16476] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 769.172423][T16476] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 769.172441][T16476] RDX: 0000000000000000 RSI: 00000000c06855c8 RDI: 0000000000000006 [ 769.172457][T16476] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 769.172474][T16476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 769.172490][T16476] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 769.172530][T16476] [ 769.947559][T16485] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 770.149696][ T30] audit: type=1804 audit(4294968303.678:22): pid=16491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2964" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 770.449669][T16490] zswap: compressor 000 not available [ 772.723629][T16529] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input21 [ 774.502340][ T30] audit: type=1804 audit(4294968308.028:23): pid=16549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2978" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 775.182959][ T30] audit: type=1804 audit(4294968308.068:24): pid=16549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2978" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 777.534196][T16564] FAULT_INJECTION: forcing a failure. [ 777.534196][T16564] name failslab, interval 1, probability 0, space 0, times 0 [ 777.606614][T16564] CPU: 1 UID: 0 PID: 16564 Comm: syz.3.2981 Not tainted syzkaller #0 PREEMPT(full) [ 777.606652][T16564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 777.606669][T16564] Call Trace: [ 777.606679][T16564] [ 777.606690][T16564] dump_stack_lvl+0x16c/0x1f0 [ 777.606754][T16564] should_fail_ex+0x512/0x640 [ 777.606779][T16564] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 777.606816][T16564] should_failslab+0xc2/0x120 [ 777.606840][T16564] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 777.606872][T16564] ? __d_alloc+0x32/0xae0 [ 777.606910][T16564] ? __d_alloc+0x32/0xae0 [ 777.606940][T16564] ? is_bpf_text_address+0x8a/0x1a0 [ 777.606965][T16564] __d_alloc+0x32/0xae0 [ 777.606998][T16564] ? bpf_ksym_find+0x124/0x1c0 [ 777.607034][T16564] d_alloc_parallel+0x111/0x1510 [ 777.607062][T16564] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.607089][T16564] ? unwind_get_return_address+0x59/0xa0 [ 777.607127][T16564] ? arch_stack_walk+0xa6/0x100 [ 777.607166][T16564] ? __pfx_d_alloc_parallel+0x10/0x10 [ 777.607199][T16564] ? lockdep_init_map_type+0x5c/0x280 [ 777.607227][T16564] ? lockdep_init_map_type+0x5c/0x280 [ 777.607260][T16564] __lookup_slow+0x193/0x460 [ 777.607296][T16564] ? __pfx___lookup_slow+0x10/0x10 [ 777.607338][T16564] ? shmem_zero_setup+0x120/0x1a0 [ 777.607385][T16564] ? shmem_zero_setup+0x120/0x1a0 [ 777.607423][T16564] ? d_lookup+0xe7/0x190 [ 777.607457][T16564] lookup_noperm+0xe1/0x110 [ 777.607486][T16564] simple_start_creating+0xd1/0x1b0 [ 777.607523][T16564] debugfs_start_creating.part.0+0x82/0x190 [ 777.607557][T16564] __debugfs_create_file+0xa7/0x6b0 [ 777.607595][T16564] debugfs_create_file_full+0x41/0x60 [ 777.607631][T16564] kvm_dev_ioctl+0x14ca/0x1a80 [ 777.607679][T16564] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 777.607727][T16564] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 777.607765][T16564] __x64_sys_ioctl+0x18e/0x210 [ 777.607798][T16564] do_syscall_64+0xcd/0xfa0 [ 777.607841][T16564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.607867][T16564] RIP: 0033:0x7f356b78efc9 [ 777.607890][T16564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 777.607915][T16564] RSP: 002b:00007f356c551038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 777.607939][T16564] RAX: ffffffffffffffda RBX: 00007f356b9e6180 RCX: 00007f356b78efc9 [ 777.607957][T16564] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 777.607974][T16564] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 777.607990][T16564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 777.608006][T16564] R13: 00007f356b9e6218 R14: 00007f356b9e6180 R15: 00007ffcf7374d28 [ 777.608042][T16564] [ 780.093059][ T2154] smpboot: CPU 1 is now offline [ 782.740606][T16614] FAULT_INJECTION: forcing a failure. [ 782.740606][T16614] name failslab, interval 1, probability 0, space 0, times 0 [ 782.906616][T16614] CPU: 0 UID: 0 PID: 16614 Comm: syz.4.2992 Not tainted syzkaller #0 PREEMPT(full) [ 782.906640][T16614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 782.906655][T16614] Call Trace: [ 782.906661][T16614] [ 782.906667][T16614] dump_stack_lvl+0x16c/0x1f0 [ 782.906694][T16614] should_fail_ex+0x512/0x640 [ 782.906709][T16614] ? __kmalloc_cache_noprof+0x5f/0x780 [ 782.906730][T16614] should_failslab+0xc2/0x120 [ 782.906745][T16614] __kmalloc_cache_noprof+0x72/0x780 [ 782.906764][T16614] ? kvm_dev_ioctl+0x1358/0x1a80 [ 782.906789][T16614] ? kvm_dev_ioctl+0x1358/0x1a80 [ 782.906809][T16614] kvm_dev_ioctl+0x1358/0x1a80 [ 782.906835][T16614] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 782.906863][T16614] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 782.906886][T16614] __x64_sys_ioctl+0x18e/0x210 [ 782.906903][T16614] do_syscall_64+0xcd/0xfa0 [ 782.906926][T16614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.906941][T16614] RIP: 0033:0x7f40d418efc9 [ 782.906954][T16614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.906967][T16614] RSP: 002b:00007f40d5076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 782.906982][T16614] RAX: ffffffffffffffda RBX: 00007f40d43e6090 RCX: 00007f40d418efc9 [ 782.906992][T16614] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 782.907000][T16614] RBP: 00007f40d4211f91 R08: 0000000000000000 R09: 0000000000000000 [ 782.907009][T16614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 782.907018][T16614] R13: 00007f40d43e6128 R14: 00007f40d43e6090 R15: 00007ffd4b2dc238 [ 782.907036][T16614] [ 783.578432][T16633] Console: switching to colour frame buffer device 128x48 [ 783.990281][T16629] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 784.011277][T16629] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 784.053566][T16629] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 784.098982][T16629] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 784.594013][T16644] mkiss: ax0: crc mode is auto. [ 785.397489][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 786.036631][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 786.116686][T13209] Bluetooth: hci4: command 0x0406 tx timeout [ 786.123030][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 789.978656][T16712] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 790.734396][T16720] Invalid ELF header magic: != ELF [ 790.821089][ T30] audit: type=1800 audit(4294968324.338:25): pid=16723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3018" name="lu_gp_id" dev="configfs" ino=197064 res=0 errno=0 [ 791.418754][T16732] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3021'. [ 791.528929][T16734] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 791.801118][T16720] FAULT_INJECTION: forcing a failure. [ 791.801118][T16720] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 791.880976][T16720] CPU: 0 UID: 0 PID: 16720 Comm: syz.4.3017 Not tainted syzkaller #0 PREEMPT(full) [ 791.881000][T16720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 791.881010][T16720] Call Trace: [ 791.881016][T16720] [ 791.881022][T16720] dump_stack_lvl+0x16c/0x1f0 [ 791.881052][T16720] should_fail_ex+0x512/0x640 [ 791.881069][T16720] should_fail_alloc_page+0xe7/0x130 [ 791.881087][T16720] prepare_alloc_pages+0x3c2/0x610 [ 791.881105][T16720] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 791.881130][T16720] ? kasan_quarantine_put+0x10a/0x240 [ 791.881153][T16720] ? lockdep_hardirqs_on+0x7c/0x110 [ 791.881177][T16720] ? kmem_cache_free+0x2d4/0x6c0 [ 791.881195][T16720] ? zswap_entry_free+0x355/0x5e0 [ 791.881216][T16720] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 791.881250][T16720] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 791.881270][T16720] ? policy_nodemask+0xea/0x4e0 [ 791.881285][T16720] alloc_pages_mpol+0x1fb/0x550 [ 791.881300][T16720] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 791.881320][T16720] alloc_pages_noprof+0x131/0x390 [ 791.881335][T16720] pte_alloc_one+0x1e/0x350 [ 791.881356][T16720] do_pte_missing+0x1acf/0x3ba0 [ 791.881374][T16720] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 791.881395][T16720] __handle_mm_fault+0x1556/0x2aa0 [ 791.881415][T16720] ? mt_find+0x3e2/0xa20 [ 791.881429][T16720] ? __pfx___handle_mm_fault+0x10/0x10 [ 791.881445][T16720] ? __pfx_mt_find+0x10/0x10 [ 791.881469][T16720] ? find_vma+0xbf/0x140 [ 791.881489][T16720] ? __pfx_find_vma+0x10/0x10 [ 791.881511][T16720] handle_mm_fault+0x589/0xd10 [ 791.881529][T16720] ? __pkru_allows_pkey+0x11/0xb0 [ 791.881547][T16720] do_user_addr_fault+0x7a6/0x1370 [ 791.881567][T16720] ? rcu_is_watching+0x12/0xc0 [ 791.881589][T16720] exc_page_fault+0x64/0xc0 [ 791.881610][T16720] asm_exc_page_fault+0x26/0x30 [ 791.881624][T16720] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 791.881641][T16720] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 791.881655][T16720] RSP: 0018:ffffc90004a07940 EFLAGS: 00050246 [ 791.881668][T16720] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 791.881677][T16720] RDX: fffff52000940f41 RSI: 0000000000000000 RDI: ffffc90004a07a00 [ 791.881688][T16720] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52000940f40 [ 791.881697][T16720] R10: ffffc90004a07a07 R11: 0000000000000001 R12: 0000000000000000 [ 791.881705][T16720] R13: ffffc90004a07a00 R14: ffffffff892c5500 R15: ffff88807c41a500 [ 791.881716][T16720] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 791.881741][T16720] _copy_from_user+0x98/0xd0 [ 791.881757][T16720] sctp_getsockopt_local_addrs+0x106/0xcd0 [ 791.881774][T16720] ? __lock_acquire+0xb8a/0x1c90 [ 791.881796][T16720] ? __pfx_sctp_getsockopt_local_addrs+0x10/0x10 [ 791.881820][T16720] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 791.881840][T16720] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 791.881858][T16720] ? __local_bh_enable_ip+0xa4/0x120 [ 791.881881][T16720] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 791.881903][T16720] sctp_getsockopt+0x124f/0x69b0 [ 791.881922][T16720] ? __futex_wait+0x24b/0x2f0 [ 791.881942][T16720] ? __pfx_sctp_getsockopt+0x10/0x10 [ 791.881969][T16720] ? __lock_acquire+0xb8a/0x1c90 [ 791.881994][T16720] ? find_held_lock+0x2b/0x80 [ 791.882012][T16720] ? __might_fault+0xe3/0x190 [ 791.882030][T16720] ? __might_fault+0xe3/0x190 [ 791.882046][T16720] ? __might_fault+0x13b/0x190 [ 791.882071][T16720] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 791.882086][T16720] do_sock_getsockopt+0x34d/0x440 [ 791.882103][T16720] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 791.882117][T16720] ? __fget_files+0x204/0x3c0 [ 791.882145][T16720] __sys_getsockopt+0x123/0x1b0 [ 791.882170][T16720] __x64_sys_getsockopt+0xbd/0x160 [ 791.882189][T16720] ? do_syscall_64+0x91/0xfa0 [ 791.882209][T16720] ? lockdep_hardirqs_on+0x7c/0x110 [ 791.882230][T16720] do_syscall_64+0xcd/0xfa0 [ 791.882252][T16720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.882271][T16720] RIP: 0033:0x7f40d418efc9 [ 791.882287][T16720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.882300][T16720] RSP: 002b:00007f40d5097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 791.882314][T16720] RAX: ffffffffffffffda RBX: 00007f40d43e5fa0 RCX: 00007f40d418efc9 [ 791.882324][T16720] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000004 [ 791.882333][T16720] RBP: 00007f40d4211f91 R08: 0000200000000280 R09: 0000000000000000 [ 791.882343][T16720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 791.882352][T16720] R13: 00007f40d43e6038 R14: 00007f40d43e5fa0 R15: 00007ffd4b2dc238 [ 791.882373][T16720] [ 792.595511][T16751] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3033'. [ 792.604631][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3033'. [ 793.034524][T16748] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 797.415834][T16812] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3041: iget: checksum invalid [ 797.520052][T16812] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 797.652991][T16812] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3041: iget: checksum invalid [ 797.741421][T16812] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 797.793226][T16816] FAULT_INJECTION: forcing a failure. [ 797.793226][T16816] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 797.807375][T16812] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3041: iget: checksum invalid [ 797.886928][T16812] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 797.897645][T16816] CPU: 0 UID: 0 PID: 16816 Comm: syz.5.3042 Not tainted syzkaller #0 PREEMPT(full) [ 797.897666][T16816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 797.897676][T16816] Call Trace: [ 797.897681][T16816] [ 797.897688][T16816] dump_stack_lvl+0x16c/0x1f0 [ 797.897716][T16816] should_fail_ex+0x512/0x640 [ 797.897733][T16816] should_fail_alloc_page+0xe7/0x130 [ 797.897750][T16816] prepare_alloc_pages+0x3c2/0x610 [ 797.897768][T16816] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 797.897799][T16816] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 797.897822][T16816] ? validate_mm+0x403/0x560 [ 797.897842][T16816] ? __pfx_validate_mm+0x10/0x10 [ 797.897863][T16816] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 797.897883][T16816] ? policy_nodemask+0xea/0x4e0 [ 797.897899][T16816] alloc_pages_mpol+0x1fb/0x550 [ 797.897914][T16816] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 797.897934][T16816] alloc_pages_noprof+0x131/0x390 [ 797.897949][T16816] __pmd_alloc+0x3b/0x8b0 [ 797.897965][T16816] move_page_tables+0x30b7/0x4230 [ 797.897995][T16816] ? __pfx_copy_vma+0x10/0x10 [ 797.898017][T16816] ? __pfx_move_page_tables+0x10/0x10 [ 797.898045][T16816] ? rcu_is_watching+0x12/0xc0 [ 797.898065][T16816] ? finish_task_switch.isra.0+0x221/0xc10 [ 797.898085][T16816] ? lockdep_hardirqs_on+0x7c/0x110 [ 797.898109][T16816] copy_vma_and_data+0x24e/0x790 [ 797.898130][T16816] ? __pfx_copy_vma_and_data+0x10/0x10 [ 797.898152][T16816] ? __vma_enter_locked+0x163/0x3f0 [ 797.898170][T16816] ? find_held_lock+0x2b/0x80 [ 797.898190][T16816] ? move_vma+0x52e/0x1770 [ 797.898212][T16816] move_vma+0x540/0x1770 [ 797.898233][T16816] ? __pfx_move_vma+0x10/0x10 [ 797.898254][T16816] ? shmem_get_unmapped_area+0x170/0xa00 [ 797.898271][T16816] ? cap_mmap_addr+0x4b/0x120 [ 797.898286][T16816] ? bpf_lsm_mmap_addr+0x9/0x10 [ 797.898306][T16816] ? security_mmap_addr+0x6c/0x1e0 [ 797.898325][T16816] ? __get_unmapped_area+0x267/0x440 [ 797.898340][T16816] ? vrm_set_new_addr+0x208/0x290 [ 797.898360][T16816] mremap_to+0x1b7/0x450 [ 797.898379][T16816] do_mremap+0x13a8/0x2020 [ 797.898406][T16816] ? futex_private_hash_put+0xf0/0x300 [ 797.898435][T16816] ? __pfx_do_mremap+0x10/0x10 [ 797.898464][T16816] __do_sys_mremap+0x119/0x170 [ 797.898483][T16816] ? __pfx___do_sys_mremap+0x10/0x10 [ 797.898507][T16816] ? __x64_sys_futex+0x1e0/0x4c0 [ 797.898533][T16816] do_syscall_64+0xcd/0xfa0 [ 797.898555][T16816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 797.898569][T16816] RIP: 0033:0x7f0e62b8efc9 [ 797.898582][T16816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 797.898596][T16816] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 797.898610][T16816] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 797.898620][T16816] RDX: 0000000000000843 RSI: 00000000000000ff RDI: 00000000001ff000 [ 797.898629][T16816] RBP: 00007f0e62c11f91 R08: 00000000fffff000 R09: 0000000000000000 [ 797.898638][T16816] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 797.898647][T16816] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 797.898668][T16816] [ 798.544998][T16816] : Can't lookup blockdev [ 798.559093][T16812] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.3041: iget: checksum invalid [ 798.616816][T16812] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 798.626383][T16812] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 798.736579][T16812] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 799.805527][ T30] audit: type=1800 audit(4294968333.328:26): pid=16826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3045" name="lu_gp_id" dev="configfs" ino=199742 res=0 errno=0 [ 799.908098][T16825] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 800.053070][T16825] CPU: 0 UID: 0 PID: 16825 Comm: syz.5.3044 Not tainted syzkaller #0 PREEMPT(full) [ 800.053093][T16825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 800.053102][T16825] Call Trace: [ 800.053108][T16825] [ 800.053115][T16825] dump_stack_lvl+0x16c/0x1f0 [ 800.053141][T16825] sysfs_warn_dup+0x7f/0xa0 [ 800.053171][T16825] sysfs_do_create_link_sd+0x124/0x140 [ 800.053195][T16825] sysfs_create_link+0x61/0xc0 [ 800.053218][T16825] device_add+0x62c/0x1aa0 [ 800.053235][T16825] ? __pfx_device_add+0x10/0x10 [ 800.053248][T16825] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 800.053269][T16825] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 800.053295][T16825] wiphy_register+0x1eb0/0x2b20 [ 800.053313][T16825] ? netdev_run_todo+0x864/0x1320 [ 800.053334][T16825] ? __pfx_wiphy_register+0x10/0x10 [ 800.053359][T16825] ieee80211_register_hw+0x253d/0x4120 [ 800.053383][T16825] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 800.053399][T16825] ? __pfx___debug_object_init+0x10/0x10 [ 800.053422][T16825] ? find_held_lock+0x2b/0x80 [ 800.053442][T16825] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 800.053461][T16825] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 800.053481][T16825] ? __hrtimer_setup+0x176/0x280 [ 800.053500][T16825] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 800.053529][T16825] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 800.053551][T16825] hwsim_new_radio_nl+0xba2/0x1330 [ 800.053569][T16825] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 800.053592][T16825] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 800.053610][T16825] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 800.053632][T16825] genl_family_rcv_msg_doit+0x209/0x2f0 [ 800.053651][T16825] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 800.053674][T16825] ? bpf_lsm_capable+0x9/0x10 [ 800.053688][T16825] ? security_capable+0x7e/0x260 [ 800.053704][T16825] ? ns_capable+0xd7/0x110 [ 800.053725][T16825] genl_rcv_msg+0x55c/0x800 [ 800.053744][T16825] ? __pfx_genl_rcv_msg+0x10/0x10 [ 800.053761][T16825] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 800.053779][T16825] ? __lock_acquire+0x622/0x1c90 [ 800.053797][T16825] netlink_rcv_skb+0x158/0x420 [ 800.053811][T16825] ? __pfx_genl_rcv_msg+0x10/0x10 [ 800.053828][T16825] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 800.053851][T16825] ? netlink_deliver_tap+0x1ae/0xd30 [ 800.053876][T16825] genl_rcv+0x28/0x40 [ 800.053889][T16825] netlink_unicast+0x5aa/0x870 [ 800.053906][T16825] ? __pfx_netlink_unicast+0x10/0x10 [ 800.053920][T16825] ? __pfx___might_resched+0x10/0x10 [ 800.053946][T16825] netlink_sendmsg+0x8c8/0xdd0 [ 800.053964][T16825] ? __pfx_netlink_sendmsg+0x10/0x10 [ 800.053981][T16825] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 800.054000][T16825] ____sys_sendmsg+0xa98/0xc70 [ 800.054019][T16825] ? copy_msghdr_from_user+0x10a/0x160 [ 800.054040][T16825] ? __pfx_____sys_sendmsg+0x10/0x10 [ 800.054062][T16825] ? __pfx_futex_wake_mark+0x10/0x10 [ 800.054082][T16825] ___sys_sendmsg+0x134/0x1d0 [ 800.054102][T16825] ? futex_private_hash_put+0x176/0x300 [ 800.054125][T16825] ? __pfx____sys_sendmsg+0x10/0x10 [ 800.054145][T16825] ? __lock_acquire+0x622/0x1c90 [ 800.054192][T16825] __sys_sendmsg+0x16d/0x220 [ 800.054214][T16825] ? __pfx___sys_sendmsg+0x10/0x10 [ 800.054237][T16825] ? __x64_sys_futex+0x1e0/0x4c0 [ 800.054265][T16825] do_syscall_64+0xcd/0xfa0 [ 800.054289][T16825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.054303][T16825] RIP: 0033:0x7f0e62b8efc9 [ 800.054317][T16825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.054331][T16825] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 800.054346][T16825] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 800.054356][T16825] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 800.054365][T16825] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 800.054374][T16825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 800.054384][T16825] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 800.054405][T16825] [ 801.106847][T16835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3046'. [ 801.219320][T16835] macvlan0: entered allmulticast mode [ 801.279953][T16835] veth1_vlan: entered allmulticast mode [ 804.190222][T16866] openvswitch: HfR: Dropping previously announced user features [ 804.669054][T16875] blktrace: Concurrent blktraces are not allowed on loop2 [ 804.700610][T16873] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 805.754731][T16891] FAULT_INJECTION: forcing a failure. [ 805.754731][T16891] name failslab, interval 1, probability 0, space 0, times 0 [ 805.879657][T16891] CPU: 0 UID: 0 PID: 16891 Comm: syz.5.3060 Not tainted syzkaller #0 PREEMPT(full) [ 805.879681][T16891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 805.879692][T16891] Call Trace: [ 805.879698][T16891] [ 805.879705][T16891] dump_stack_lvl+0x16c/0x1f0 [ 805.879733][T16891] should_fail_ex+0x512/0x640 [ 805.879747][T16891] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 805.879769][T16891] should_failslab+0xc2/0x120 [ 805.879784][T16891] kmem_cache_alloc_noprof+0x75/0x6e0 [ 805.879803][T16891] ? __pmd_alloc+0xbf/0x8b0 [ 805.879821][T16891] ? __pmd_alloc+0xbf/0x8b0 [ 805.879834][T16891] __pmd_alloc+0xbf/0x8b0 [ 805.879851][T16891] huge_pte_alloc+0x41d/0x5b0 [ 805.879872][T16891] hugetlb_fault+0x373/0x2f40 [ 805.879894][T16891] ? __pfx_hugetlb_fault+0x10/0x10 [ 805.879921][T16891] ? find_vma+0xbf/0x140 [ 805.879941][T16891] ? __pfx_find_vma+0x10/0x10 [ 805.879964][T16891] handle_mm_fault+0xbfa/0xd10 [ 805.879982][T16891] ? __pkru_allows_pkey+0x11/0xb0 [ 805.880001][T16891] do_user_addr_fault+0x7a6/0x1370 [ 805.880022][T16891] ? rcu_is_watching+0x12/0xc0 [ 805.880044][T16891] exc_page_fault+0x64/0xc0 [ 805.880066][T16891] asm_exc_page_fault+0x26/0x30 [ 805.880080][T16891] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 805.880098][T16891] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 7f 3e 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 805.880111][T16891] RSP: 0018:ffffc9000bbdfb98 EFLAGS: 00050206 [ 805.880123][T16891] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 805.880132][T16891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88807d288000 [ 805.880141][T16891] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100fa511ff [ 805.880150][T16891] R10: ffff88807d288fff R11: 0000000000000000 R12: ffffc9000bbdfd90 [ 805.880158][T16891] R13: 0000000000001000 R14: ffff88807d288000 R15: 00007ffffffff000 [ 805.880179][T16891] _copy_from_iter+0x383/0x1720 [ 805.880199][T16891] ? __pfx__copy_from_iter+0x10/0x10 [ 805.880214][T16891] ? rcu_is_watching+0x12/0xc0 [ 805.880232][T16891] ? trace_kmalloc+0x2b/0xd0 [ 805.880244][T16891] ? __kmalloc_noprof+0x34f/0x880 [ 805.880261][T16891] ? kernfs_fop_write_iter+0x237/0x570 [ 805.880284][T16891] kernfs_fop_write_iter+0x19a/0x570 [ 805.880305][T16891] vfs_write+0x7d3/0x11d0 [ 805.880325][T16891] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 805.880344][T16891] ? __pfx___mutex_lock+0x10/0x10 [ 805.880358][T16891] ? __pfx_vfs_write+0x10/0x10 [ 805.880391][T16891] ksys_write+0x12a/0x250 [ 805.880411][T16891] ? __pfx_ksys_write+0x10/0x10 [ 805.880436][T16891] do_syscall_64+0xcd/0xfa0 [ 805.880459][T16891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.880473][T16891] RIP: 0033:0x7f0e62b8efc9 [ 805.880484][T16891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 805.880498][T16891] RSP: 002b:00007f0e639e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 805.880511][T16891] RAX: ffffffffffffffda RBX: 00007f0e62de6180 RCX: 00007f0e62b8efc9 [ 805.880520][T16891] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 805.880529][T16891] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 805.880538][T16891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 805.880546][T16891] R13: 00007f0e62de6218 R14: 00007f0e62de6180 R15: 00007ffeb8e2e888 [ 805.880566][T16891] [ 807.500685][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 807.507360][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.638014][T16913] mkiss: ax0: crc mode is auto. [ 809.381364][T16918] FAULT_INJECTION: forcing a failure. [ 809.381364][T16918] name failslab, interval 1, probability 0, space 0, times 0 [ 809.480506][T16918] CPU: 0 UID: 0 PID: 16918 Comm: syz.5.3068 Not tainted syzkaller #0 PREEMPT(full) [ 809.480531][T16918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 809.480541][T16918] Call Trace: [ 809.480547][T16918] [ 809.480554][T16918] dump_stack_lvl+0x16c/0x1f0 [ 809.480581][T16918] should_fail_ex+0x512/0x640 [ 809.480595][T16918] ? __kmalloc_cache_noprof+0x5f/0x780 [ 809.480616][T16918] should_failslab+0xc2/0x120 [ 809.480631][T16918] __kmalloc_cache_noprof+0x72/0x780 [ 809.480650][T16918] ? allocate_file_region_entries+0x1a0/0x620 [ 809.480676][T16918] ? allocate_file_region_entries+0x1a0/0x620 [ 809.480696][T16918] ? _raw_spin_unlock+0x28/0x50 [ 809.480715][T16918] allocate_file_region_entries+0x1a0/0x620 [ 809.480740][T16918] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 809.480769][T16918] region_chg+0x85/0x140 [ 809.480783][T16918] __vma_reservation_common+0x43b/0x740 [ 809.480799][T16918] ? __pfx___vma_reservation_common+0x10/0x10 [ 809.480814][T16918] ? __pfx___might_resched+0x10/0x10 [ 809.480833][T16918] ? folio_zero_user+0x1db/0x7c0 [ 809.480853][T16918] hugetlb_fault+0x198e/0x2f40 [ 809.480875][T16918] ? __pfx_hugetlb_fault+0x10/0x10 [ 809.480901][T16918] ? find_vma+0xbf/0x140 [ 809.480921][T16918] ? __pfx_find_vma+0x10/0x10 [ 809.480944][T16918] handle_mm_fault+0xbfa/0xd10 [ 809.480961][T16918] ? __pkru_allows_pkey+0x11/0xb0 [ 809.480980][T16918] do_user_addr_fault+0x7a6/0x1370 [ 809.481000][T16918] ? rcu_is_watching+0x12/0xc0 [ 809.481022][T16918] exc_page_fault+0x64/0xc0 [ 809.481045][T16918] asm_exc_page_fault+0x26/0x30 [ 809.481058][T16918] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 809.481076][T16918] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 809.481090][T16918] RSP: 0018:ffffc9000c6ffda0 EFLAGS: 00050206 [ 809.481102][T16918] RAX: 000000000000002f RBX: 0000000000000005 RCX: 0000000000000005 [ 809.481111][T16918] RDX: ffffed100ef05860 RSI: ffff88807782c2fb RDI: 0000000000000000 [ 809.481120][T16918] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100ef0585f [ 809.481129][T16918] R10: ffff88807782c2ff R11: 0000000000000001 R12: ffff88807782c2fb [ 809.481138][T16918] R13: 0000000000000005 R14: 00007ffffffff000 R15: 0000000000000000 [ 809.481157][T16918] _copy_to_user+0xbb/0xd0 [ 809.481174][T16918] __do_sys_getcwd+0x483/0x930 [ 809.481195][T16918] ? __pfx___do_sys_getcwd+0x10/0x10 [ 809.481208][T16918] ? fput+0x9b/0xd0 [ 809.481223][T16918] ? xfd_validate_state+0x61/0x180 [ 809.481237][T16918] ? __pfx_ksys_write+0x10/0x10 [ 809.481263][T16918] do_syscall_64+0xcd/0xfa0 [ 809.481284][T16918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.481298][T16918] RIP: 0033:0x7f0e62b8efc9 [ 809.481310][T16918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 809.481323][T16918] RSP: 002b:00007f0e63a2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 809.481336][T16918] RAX: ffffffffffffffda RBX: 00007f0e62de5fa0 RCX: 00007f0e62b8efc9 [ 809.481346][T16918] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 809.481353][T16918] RBP: 00007f0e62c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 809.481362][T16918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 809.481370][T16918] R13: 00007f0e62de6038 R14: 00007f0e62de5fa0 R15: 00007ffeb8e2e888 [ 809.481390][T16918] [ 811.734023][T16940] openvswitch: HfR: Dropping previously announced user features [ 813.215131][T16964] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3078: iget: checksum invalid [ 813.289192][T16964] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 813.376755][T16964] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3078: iget: checksum invalid [ 813.551601][T16964] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 813.713701][T16971] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3080'. [ 813.726884][T16964] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3078: iget: checksum invalid [ 813.774714][T16971] netlink: 354 bytes leftover after parsing attributes in process `syz.5.3080'. [ 813.931745][T16964] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 814.057714][T16964] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3078: iget: checksum invalid [ 814.142704][T16964] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 814.207068][T16964] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 814.274148][T16964] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 815.135983][T16987] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3085'. [ 815.209609][T16987] macvlan0: entered allmulticast mode [ 815.254675][T16987] veth1_vlan: entered allmulticast mode [ 815.405517][T16990] warning: `syz.5.3086' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 816.003468][ T5831] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 816.840569][T17019] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3094: iget: checksum invalid [ 816.948125][T17019] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 817.019064][T17019] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3094: iget: checksum invalid [ 817.079705][T17019] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 817.135518][T17019] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3094: iget: checksum invalid [ 817.194335][T17019] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 817.249146][T17019] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.3094: iget: checksum invalid [ 817.306137][T17019] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 817.364734][T17019] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 817.431589][T17019] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 817.501153][T17032] Console: switching to colour VGA+ 80x25 [ 817.599232][ T2154] usb usb38-port5: attempt power cycle [ 817.661434][T17033] Console: switching to colour frame buffer device 4x6 [ 818.167263][ T2154] usb usb38-port5: unable to enumerate USB device [ 819.738540][T17051] hub 1-0:1.0: USB hub found [ 819.781596][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880316ce800: rx timeout, send abort [ 819.789977][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880316cc400: rx timeout, send abort [ 819.798462][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880316ce800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 819.812841][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880316cc400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 819.881156][T17051] hub 1-0:1.0: 1 port detected [ 823.269594][T17108] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3113'. [ 826.151560][T17147] tipc: Started in network mode [ 826.174729][T17147] tipc: Node identity ee00, cluster identity 4711 [ 826.248526][T17147] tipc: Node number set to 60928 [ 826.735441][T17154] FAULT_INJECTION: forcing a failure. [ 826.735441][T17154] name failslab, interval 1, probability 0, space 0, times 0 [ 826.865247][T17154] CPU: 0 UID: 0 PID: 17154 Comm: syz.4.3125 Not tainted syzkaller #0 PREEMPT(full) [ 826.865270][T17154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 826.865280][T17154] Call Trace: [ 826.865285][T17154] [ 826.865292][T17154] dump_stack_lvl+0x16c/0x1f0 [ 826.865325][T17154] should_fail_ex+0x512/0x640 [ 826.865339][T17154] ? __kmalloc_cache_noprof+0x5f/0x780 [ 826.865361][T17154] should_failslab+0xc2/0x120 [ 826.865376][T17154] __kmalloc_cache_noprof+0x72/0x780 [ 826.865395][T17154] ? allocate_file_region_entries+0x1a0/0x620 [ 826.865421][T17154] ? allocate_file_region_entries+0x1a0/0x620 [ 826.865446][T17154] allocate_file_region_entries+0x1a0/0x620 [ 826.865471][T17154] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 826.865500][T17154] region_chg+0x85/0x140 [ 826.865514][T17154] __vma_reservation_common+0x43b/0x740 [ 826.865530][T17154] ? __pfx___vma_reservation_common+0x10/0x10 [ 826.865551][T17154] alloc_hugetlb_folio+0x946/0x1560 [ 826.865572][T17154] ? __pfx_alloc_hugetlb_folio+0x10/0x10 [ 826.865588][T17154] ? _raw_spin_unlock+0x28/0x50 [ 826.865609][T17154] ? __filemap_get_folio+0x32b/0xc30 [ 826.865634][T17154] hugetlb_fault+0x1bce/0x2f40 [ 826.865657][T17154] ? __pfx_hugetlb_fault+0x10/0x10 [ 826.865683][T17154] ? find_vma+0xbf/0x140 [ 826.865703][T17154] ? __pfx_find_vma+0x10/0x10 [ 826.865731][T17154] handle_mm_fault+0xbfa/0xd10 [ 826.865749][T17154] ? __pkru_allows_pkey+0x11/0xb0 [ 826.865769][T17154] do_user_addr_fault+0x7a6/0x1370 [ 826.865790][T17154] ? rcu_is_watching+0x12/0xc0 [ 826.865812][T17154] exc_page_fault+0x64/0xc0 [ 826.865834][T17154] asm_exc_page_fault+0x26/0x30 [ 826.865848][T17154] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 826.865865][T17154] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 7f 3e 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 826.865878][T17154] RSP: 0018:ffffc9000473fb98 EFLAGS: 00050206 [ 826.865891][T17154] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 826.865900][T17154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888077928000 [ 826.865909][T17154] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100ef251ff [ 826.865918][T17154] R10: ffff888077928fff R11: 0000000000000000 R12: ffffc9000473fd90 [ 826.865927][T17154] R13: 0000000000001000 R14: ffff888077928000 R15: 00007ffffffff000 [ 826.865947][T17154] _copy_from_iter+0x383/0x1720 [ 826.865968][T17154] ? __pfx__copy_from_iter+0x10/0x10 [ 826.865982][T17154] ? rcu_is_watching+0x12/0xc0 [ 826.866007][T17154] ? trace_kmalloc+0x2b/0xd0 [ 826.866020][T17154] ? __kmalloc_noprof+0x34f/0x880 [ 826.866038][T17154] ? kernfs_fop_write_iter+0x237/0x570 [ 826.866062][T17154] kernfs_fop_write_iter+0x19a/0x570 [ 826.866084][T17154] vfs_write+0x7d3/0x11d0 [ 826.866105][T17154] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 826.866124][T17154] ? __pfx___mutex_lock+0x10/0x10 [ 826.866137][T17154] ? __pfx_vfs_write+0x10/0x10 [ 826.866170][T17154] ksys_write+0x12a/0x250 [ 826.866190][T17154] ? __pfx_ksys_write+0x10/0x10 [ 826.866216][T17154] do_syscall_64+0xcd/0xfa0 [ 826.866238][T17154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.866252][T17154] RIP: 0033:0x7f40d418efc9 [ 826.866264][T17154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 826.866277][T17154] RSP: 002b:00007f40d5055038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 826.866290][T17154] RAX: ffffffffffffffda RBX: 00007f40d43e6180 RCX: 00007f40d418efc9 [ 826.866299][T17154] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 826.866308][T17154] RBP: 00007f40d4211f91 R08: 0000000000000000 R09: 0000000000000000 [ 826.866316][T17154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 826.866324][T17154] R13: 00007f40d43e6218 R14: 00007f40d43e6180 R15: 00007ffd4b2dc238 [ 826.866344][T17154] [ 827.246335][ C0] vkms_vblank_simulate: vblank timer overrun [ 828.036567][T17160] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 828.899269][T17176] input: f as /devices/virtual/input/input22 [ 830.453362][T17168] kexec: Could not allocate control_code_buffer [ 833.157759][T17229] binder: 17225:17229 ioctl c0046209 ffffffffffffffff returned -22 [ 833.755056][T17243] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.3148: iget: checksum invalid [ 833.853634][T17243] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 833.956905][T17243] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.3148: iget: checksum invalid [ 834.265675][T17243] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 834.453292][T17243] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.3148: iget: checksum invalid [ 834.699527][T17243] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 834.781936][T17243] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.3148: iget: checksum invalid [ 834.877349][T17243] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 834.942614][T17243] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 835.012113][T17243] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 836.644777][T17278] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3159'. [ 837.180974][T17287] ptrace attach of "./syz-executor exec"[12197] was attempted by ""[17287] [ 838.145406][ T5831] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 839.362985][T17316] FAULT_INJECTION: forcing a failure. [ 839.362985][T17316] name failslab, interval 1, probability 0, space 0, times 0 [ 839.497704][T17316] CPU: 0 UID: 0 PID: 17316 Comm: syz.3.3169 Not tainted syzkaller #0 PREEMPT(full) [ 839.497727][T17316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 839.497737][T17316] Call Trace: [ 839.497743][T17316] [ 839.497750][T17316] dump_stack_lvl+0x16c/0x1f0 [ 839.497779][T17316] should_fail_ex+0x512/0x640 [ 839.497794][T17316] ? __kmalloc_cache_noprof+0x5f/0x780 [ 839.497816][T17316] should_failslab+0xc2/0x120 [ 839.497831][T17316] __kmalloc_cache_noprof+0x72/0x780 [ 839.497850][T17316] ? blk_mq_init_allocated_queue+0xd1/0x1240 [ 839.497876][T17316] ? blk_mq_init_allocated_queue+0xd1/0x1240 [ 839.497905][T17316] blk_mq_init_allocated_queue+0xd1/0x1240 [ 839.497930][T17316] ? blk_alloc_queue+0x630/0x760 [ 839.497947][T17316] ? blk_mq_alloc_queue+0x172/0x280 [ 839.497968][T17316] ? blk_alloc_queue+0x1a3/0x760 [ 839.497987][T17316] blk_mq_alloc_queue+0x1bb/0x280 [ 839.498008][T17316] ? __pfx_blk_mq_alloc_queue+0x10/0x10 [ 839.498040][T17316] ? blk_mq_alloc_tag_set+0xb95/0x12e0 [ 839.498065][T17316] __blk_mq_alloc_disk+0x29/0x120 [ 839.498087][T17316] loop_add+0x490/0xb70 [ 839.498105][T17316] ? __pfx_loop_add+0x10/0x10 [ 839.498133][T17316] ? find_held_lock+0x2b/0x80 [ 839.498154][T17316] loop_control_ioctl+0x13e/0x630 [ 839.498171][T17316] ? __pfx_loop_control_ioctl+0x10/0x10 [ 839.498190][T17316] ? __pfx_loop_control_ioctl+0x10/0x10 [ 839.498207][T17316] __x64_sys_ioctl+0x18e/0x210 [ 839.498225][T17316] do_syscall_64+0xcd/0xfa0 [ 839.498247][T17316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.498262][T17316] RIP: 0033:0x7f356b78efc9 [ 839.498274][T17316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 839.498288][T17316] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 839.498302][T17316] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 839.498312][T17316] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000003 [ 839.498321][T17316] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 839.498330][T17316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 839.498338][T17316] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 839.498358][T17316] [ 840.967264][T17325] tipc: Started in network mode [ 840.972189][T17325] tipc: Node identity ee00, cluster identity 4711 [ 841.040139][T17325] tipc: Node number set to 60928 [ 841.470326][T17327] FAULT_INJECTION: forcing a failure. [ 841.470326][T17327] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 841.573010][T17327] CPU: 0 UID: 0 PID: 17327 Comm: syz.3.3173 Not tainted syzkaller #0 PREEMPT(full) [ 841.573033][T17327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 841.573043][T17327] Call Trace: [ 841.573049][T17327] [ 841.573056][T17327] dump_stack_lvl+0x16c/0x1f0 [ 841.573083][T17327] should_fail_ex+0x512/0x640 [ 841.573102][T17327] should_fail_alloc_page+0xe7/0x130 [ 841.573119][T17327] prepare_alloc_pages+0x3c2/0x610 [ 841.573138][T17327] ? smp_call_function_many_cond+0x457/0x1600 [ 841.573162][T17327] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 841.573183][T17327] ? avic_vcpu_unblocking+0xe/0x160 [ 841.573202][T17327] ? avic_vcpu_unblocking+0xe/0x160 [ 841.573221][T17327] ? avic_vcpu_unblocking+0xe/0x160 [ 841.573240][T17327] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 841.573264][T17327] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 841.573283][T17327] ? __pfx___text_poke+0x10/0x10 [ 841.573301][T17327] ? find_held_lock+0x2b/0x80 [ 841.573324][T17327] ? static_key_slow_inc_cpuslocked+0x101/0x150 [ 841.573344][T17327] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 841.573357][T17327] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 841.573378][T17327] ? policy_nodemask+0xea/0x4e0 [ 841.573393][T17327] alloc_pages_mpol+0x1fb/0x550 [ 841.573408][T17327] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 841.573427][T17327] alloc_pages_noprof+0x131/0x390 [ 841.573442][T17327] kvm_arch_vcpu_create+0x2a7/0xb20 [ 841.573460][T17327] ? lockdep_init_map_type+0x5c/0x280 [ 841.573478][T17327] kvm_vm_ioctl+0xfec/0x3fd0 [ 841.573505][T17327] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 841.573536][T17327] ? kasan_quarantine_put+0x10a/0x240 [ 841.573556][T17327] ? lockdep_hardirqs_on+0x7c/0x110 [ 841.573579][T17327] ? find_held_lock+0x2b/0x80 [ 841.573598][T17327] ? tomoyo_path_number_perm+0x295/0x580 [ 841.573619][T17327] ? tomoyo_path_number_perm+0x18d/0x580 [ 841.573638][T17327] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 841.573662][T17327] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 841.573682][T17327] ? do_vfs_ioctl+0x128/0x14f0 [ 841.573698][T17327] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 841.573723][T17327] ? find_held_lock+0x2b/0x80 [ 841.573749][T17327] ? hook_file_ioctl_common+0x145/0x410 [ 841.573773][T17327] ? __fget_files+0x20e/0x3c0 [ 841.573795][T17327] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 841.573817][T17327] __x64_sys_ioctl+0x18e/0x210 [ 841.573836][T17327] do_syscall_64+0xcd/0xfa0 [ 841.573859][T17327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 841.573873][T17327] RIP: 0033:0x7f356b78efc9 [ 841.573886][T17327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 841.573900][T17327] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 841.573915][T17327] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 841.573925][T17327] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 841.573934][T17327] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 841.573943][T17327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 841.573952][T17327] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 841.573972][T17327] [ 842.216056][T17342] random: crng reseeded on system resumption [ 844.662887][T17372] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3185'. [ 846.902001][T17408] syz.1.3191 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 847.456370][T17405] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 847.484206][T17405] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 847.546774][T17405] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 847.552798][T17405] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 849.316794][T13209] Bluetooth: hci1: command 0x0406 tx timeout [ 849.556680][T13209] Bluetooth: hci3: command 0x0406 tx timeout [ 849.636837][T13209] Bluetooth: hci2: command 0x0406 tx timeout [ 849.643053][T13209] Bluetooth: hci4: command 0x0406 tx timeout [ 851.273985][T17463] Console: switching to colour VGA+ 80x25 [ 852.514411][T17474] sd 0:0:1:0: PR command failed: 1026 [ 853.378206][T17474] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 854.218626][T17479] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3209'. [ 854.413499][T17474] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 855.779424][T17503] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 856.603411][T17510] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3217'. [ 856.702851][T17510] : renamed from vlan0 (while UP) [ 856.762551][T17510] : entered allmulticast mode [ 857.786707][T17528] ================================================================== [ 857.794834][T17528] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 857.802552][T17528] Read of size 8 at addr ffff888146a9fc18 by task syz.3.3221/17528 [ 857.810448][T17528] [ 857.812761][T17528] CPU: 0 UID: 0 PID: 17528 Comm: syz.3.3221 Not tainted syzkaller #0 PREEMPT(full) [ 857.812781][T17528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 857.812791][T17528] Call Trace: [ 857.812799][T17528] [ 857.812806][T17528] dump_stack_lvl+0x116/0x1f0 [ 857.812832][T17528] print_report+0xcd/0x630 [ 857.812847][T17528] ? __virt_addr_valid+0x81/0x610 [ 857.812861][T17528] ? __phys_addr+0xe8/0x180 [ 857.812874][T17528] ? dvb_device_open+0x36a/0x3b0 [ 857.812893][T17528] kasan_report+0xe0/0x110 [ 857.812908][T17528] ? dvb_device_open+0x36a/0x3b0 [ 857.812927][T17528] ? __pfx_dvb_device_open+0x10/0x10 [ 857.812946][T17528] dvb_device_open+0x36a/0x3b0 [ 857.812963][T17528] ? __pfx_dvb_device_open+0x10/0x10 [ 857.812981][T17528] chrdev_open+0x234/0x6a0 [ 857.813002][T17528] ? __pfx_apparmor_file_open+0x10/0x10 [ 857.813018][T17528] ? __pfx_chrdev_open+0x10/0x10 [ 857.813039][T17528] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 857.813061][T17528] do_dentry_open+0x982/0x1530 [ 857.813081][T17528] ? __pfx_chrdev_open+0x10/0x10 [ 857.813103][T17528] vfs_open+0x82/0x3f0 [ 857.813118][T17528] path_openat+0x1de4/0x2cb0 [ 857.813140][T17528] ? __pfx_path_openat+0x10/0x10 [ 857.813160][T17528] ? __lock_acquire+0xb8a/0x1c90 [ 857.813175][T17528] do_filp_open+0x20b/0x470 [ 857.813195][T17528] ? __pfx_do_filp_open+0x10/0x10 [ 857.813220][T17528] ? alloc_fd+0x471/0x7d0 [ 857.813240][T17528] do_sys_openat2+0x11b/0x1d0 [ 857.813255][T17528] ? __pfx_do_sys_openat2+0x10/0x10 [ 857.813270][T17528] ? __pfx_do_sys_openat2+0x10/0x10 [ 857.813286][T17528] ? __pfx___might_resched+0x10/0x10 [ 857.813307][T17528] __x64_sys_openat+0x174/0x210 [ 857.813323][T17528] ? __pfx___x64_sys_openat+0x10/0x10 [ 857.813342][T17528] do_syscall_64+0xcd/0xfa0 [ 857.813364][T17528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 857.813379][T17528] RIP: 0033:0x7f356b78efc9 [ 857.813399][T17528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 857.813414][T17528] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 857.813429][T17528] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 857.813440][T17528] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 857.813449][T17528] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 857.813458][T17528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 857.813467][T17528] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 857.813482][T17528] [ 857.813487][T17528] [ 858.068108][T17528] Allocated by task 17320: [ 858.072506][T17528] kasan_save_stack+0x33/0x60 [ 858.077202][T17528] kasan_save_track+0x14/0x30 [ 858.081866][T17528] __kasan_kmalloc+0xaa/0xb0 [ 858.086442][T17528] __kvmalloc_node_noprof+0x3a3/0x9c0 [ 858.091799][T17528] io_alloc_cache_init+0x38/0x170 [ 858.096805][T17528] io_uring_setup+0x62f/0x20e0 [ 858.101562][T17528] __x64_sys_io_uring_setup+0xc2/0x170 [ 858.107006][T17528] do_syscall_64+0xcd/0xfa0 [ 858.111539][T17528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 858.117426][T17528] [ 858.119730][T17528] Freed by task 60: [ 858.123510][T17528] kasan_save_stack+0x33/0x60 [ 858.128260][T17528] kasan_save_track+0x14/0x30 [ 858.132927][T17528] __kasan_save_free_info+0x3b/0x60 [ 858.138111][T17528] __kasan_slab_free+0x5f/0x80 [ 858.142856][T17528] kfree+0x2b8/0x6d0 [ 858.146733][T17528] io_alloc_cache_free+0x1eb/0x2e0 [ 858.151826][T17528] io_ring_exit_work+0x7e3/0x10f0 [ 858.156835][T17528] process_one_work+0x9cf/0x1b70 [ 858.161757][T17528] worker_thread+0x6c8/0xf10 [ 858.166378][T17528] kthread+0x3c5/0x780 [ 858.170428][T17528] ret_from_fork+0x675/0x7d0 [ 858.175000][T17528] ret_from_fork_asm+0x1a/0x30 [ 858.179744][T17528] [ 858.182046][T17528] The buggy address belongs to the object at ffff888146a9fc00 [ 858.182046][T17528] which belongs to the cache kmalloc-256 of size 256 [ 858.196100][T17528] The buggy address is located 24 bytes inside of [ 858.196100][T17528] freed 256-byte region [ffff888146a9fc00, ffff888146a9fd00) [ 858.209794][T17528] [ 858.212104][T17528] The buggy address belongs to the physical page: [ 858.218581][T17528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888146a9fc00 pfn:0x146a9e [ 858.228727][T17528] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 858.237204][T17528] flags: 0x57ff00000000240(workingset|head|node=1|zone=2|lastcpupid=0x7ff) [ 858.245770][T17528] page_type: f5(slab) [ 858.249754][T17528] raw: 057ff00000000240 ffff88813ffa6b40 ffff888140400708 ffffea00051aa190 [ 858.258337][T17528] raw: ffff888146a9fc00 000000000010000f 00000000f5000000 0000000000000000 [ 858.266914][T17528] head: 057ff00000000240 ffff88813ffa6b40 ffff888140400708 ffffea00051aa190 [ 858.275568][T17528] head: ffff888146a9fc00 000000000010000f 00000000f5000000 0000000000000000 [ 858.284224][T17528] head: 057ff00000000001 ffffea00051aa781 00000000ffffffff 00000000ffffffff [ 858.292878][T17528] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 858.301526][T17528] page dumped because: kasan: bad access detected [ 858.307925][T17528] page_owner tracks the page as allocated [ 858.313640][T17528] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19288250892, free_ts 0 [ 858.333362][T17528] post_alloc_hook+0x1c0/0x230 [ 858.338139][T17528] get_page_from_freelist+0x10a3/0x3a30 [ 858.343674][T17528] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 858.349555][T17528] alloc_pages_mpol+0x1fb/0x550 [ 858.354399][T17528] new_slab+0x24a/0x360 [ 858.358572][T17528] ___slab_alloc+0xdc4/0x1ae0 [ 858.363243][T17528] __slab_alloc.constprop.0+0x63/0x110 [ 858.368703][T17528] __kmalloc_cache_noprof+0x477/0x780 [ 858.374061][T17528] bus_add_driver+0x92/0x690 [ 858.378638][T17528] driver_register+0x15c/0x4b0 [ 858.383388][T17528] usb_register_driver+0x216/0x4d0 [ 858.388481][T17528] do_one_initcall+0x123/0x6e0 [ 858.393229][T17528] kernel_init_freeable+0x5c8/0x920 [ 858.398417][T17528] kernel_init+0x1c/0x2b0 [ 858.402729][T17528] ret_from_fork+0x675/0x7d0 [ 858.407304][T17528] ret_from_fork_asm+0x1a/0x30 [ 858.412051][T17528] page_owner free stack trace missing [ 858.417397][T17528] [ 858.419702][T17528] Memory state around the buggy address: [ 858.425314][T17528] ffff888146a9fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 858.433359][T17528] ffff888146a9fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 858.441401][T17528] >ffff888146a9fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 858.449441][T17528] ^ [ 858.454280][T17528] ffff888146a9fc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 858.462353][T17528] ffff888146a9fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 858.470399][T17528] ================================================================== [ 858.479367][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805ab0a000: rx timeout, send abort [ 858.487630][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805ab0a800: rx timeout, send abort [ 858.496995][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805ab0a000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 858.511405][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805ab0a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 859.940529][T17528] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 859.947748][T17528] CPU: 0 UID: 0 PID: 17528 Comm: syz.3.3221 Not tainted syzkaller #0 PREEMPT(full) [ 859.957103][T17528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 859.967140][T17528] Call Trace: [ 859.970408][T17528] [ 859.973339][T17528] dump_stack_lvl+0x3d/0x1f0 [ 859.977922][T17528] vpanic+0x640/0x6f0 [ 859.981893][T17528] panic+0xca/0xd0 [ 859.985597][T17528] ? __pfx_panic+0x10/0x10 [ 859.990003][T17528] ? dvb_device_open+0x36a/0x3b0 [ 859.995018][T17528] ? preempt_schedule_common+0x44/0xc0 [ 860.000466][T17528] ? preempt_schedule_thunk+0x16/0x30 [ 860.005826][T17528] check_panic_on_warn+0xab/0xb0 [ 860.010753][T17528] end_report+0x107/0x170 [ 860.015065][T17528] kasan_report+0xee/0x110 [ 860.019462][T17528] ? dvb_device_open+0x36a/0x3b0 [ 860.024389][T17528] ? __pfx_dvb_device_open+0x10/0x10 [ 860.029661][T17528] dvb_device_open+0x36a/0x3b0 [ 860.034416][T17528] ? __pfx_dvb_device_open+0x10/0x10 [ 860.039684][T17528] chrdev_open+0x234/0x6a0 [ 860.044089][T17528] ? __pfx_apparmor_file_open+0x10/0x10 [ 860.049620][T17528] ? __pfx_chrdev_open+0x10/0x10 [ 860.054549][T17528] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 860.060866][T17528] do_dentry_open+0x982/0x1530 [ 860.065625][T17528] ? __pfx_chrdev_open+0x10/0x10 [ 860.070558][T17528] vfs_open+0x82/0x3f0 [ 860.074614][T17528] path_openat+0x1de4/0x2cb0 [ 860.079212][T17528] ? __pfx_path_openat+0x10/0x10 [ 860.084147][T17528] ? __lock_acquire+0xb8a/0x1c90 [ 860.089098][T17528] do_filp_open+0x20b/0x470 [ 860.093597][T17528] ? __pfx_do_filp_open+0x10/0x10 [ 860.098642][T17528] ? alloc_fd+0x471/0x7d0 [ 860.102963][T17528] do_sys_openat2+0x11b/0x1d0 [ 860.107626][T17528] ? __pfx_do_sys_openat2+0x10/0x10 [ 860.112822][T17528] ? __pfx_do_sys_openat2+0x10/0x10 [ 860.118026][T17528] ? __pfx___might_resched+0x10/0x10 [ 860.123360][T17528] __x64_sys_openat+0x174/0x210 [ 860.128228][T17528] ? __pfx___x64_sys_openat+0x10/0x10 [ 860.133608][T17528] do_syscall_64+0xcd/0xfa0 [ 860.138108][T17528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 860.143992][T17528] RIP: 0033:0x7f356b78efc9 [ 860.148398][T17528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 860.168088][T17528] RSP: 002b:00007f356c593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 860.176498][T17528] RAX: ffffffffffffffda RBX: 00007f356b9e5fa0 RCX: 00007f356b78efc9 [ 860.184476][T17528] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 860.192519][T17528] RBP: 00007f356b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 860.200489][T17528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 860.208460][T17528] R13: 00007f356b9e6038 R14: 00007f356b9e5fa0 R15: 00007ffcf7374d28 [ 860.216423][T17528] [ 860.219482][T17528] Kernel Offset: disabled [ 860.223795][T17528] Rebooting in 86400 seconds..