last executing test programs: 6m25.118900063s ago: executing program 2 (id=1981): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x20044000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="0100"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={&(0x7f0000000080), 0x96bc}, 0x2, &(0x7f0000000380), 0x7, 0xa505}, 0x9}, 0x7, 0x4008) 6m25.007047459s ago: executing program 2 (id=1982): socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x1000006, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x1f, 0x3, 0x400001) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[], 0x1ac}}, 0x4c041) r1 = socket(0xf, 0x5, 0xf) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, 0x0) setsockopt$auto(r1, 0x6, 0xc, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r4) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[], 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xfffffe01, 0x22, 0x940, 0x1ffde, 0x3, 0x3, 0x7, 0x9, 0x5, 0xfffffffffffffffc, 0x8004, 0xb0, 0x7, 0x1, 0x3, 0x5, 0x7, 0xfffffffe, 0x0, 0x0, 0x1000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x6, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x7, 0x281) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x2850}, 0x40000) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x900, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getpeername$auto(0x3, 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) 6m23.982164542s ago: executing program 2 (id=1988): sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000200) 6m23.851421994s ago: executing program 2 (id=1990): mmap$auto(0x0, 0x402000c, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x20, 0x40009, 0x7fffffff, 0x9b72, 0xffffffffffffffff, 0x100000000028000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/reboot/cpu\x00', 0x1a1842, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 6m23.683427309s ago: executing program 2 (id=1993): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) symlink$auto(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00') creat$auto(&(0x7f0000000680)='./file0\x00', 0x3) 6m23.517119803s ago: executing program 2 (id=1994): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) (async) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) r1 = socketcall$auto(0x8000, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r3, 0x5459, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae60, 0x10000000000402) (async) ioctl$auto(0x3, 0xae41, r1) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x101083, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(r4, 0xc0245720, &(0x7f0000000040)={0x0, 0x5, 0x200, 0x6, 0x2bc9, "05a3b1ec88daacca01cdfa58da68cbb5"}) (async) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) (async) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000003180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000049bd02000000060e"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4008010) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r5, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef) (async, rerun: 32) prctl$auto(0x35, 0x2, 0x0, 0x0, 0x0) (async, rerun: 32) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) write$auto(r6, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r7, 0x540a, 0x0) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) (async) r8 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r8, 0x0, 0x7ff, 0x400) (async, rerun: 32) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) 6m8.457507595s ago: executing program 32 (id=1994): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) (async) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) r1 = socketcall$auto(0x8000, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r3, 0x5459, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae60, 0x10000000000402) (async) ioctl$auto(0x3, 0xae41, r1) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x101083, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(r4, 0xc0245720, &(0x7f0000000040)={0x0, 0x5, 0x200, 0x6, 0x2bc9, "05a3b1ec88daacca01cdfa58da68cbb5"}) (async) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) (async) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000003180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000049bd02000000060e"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4008010) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r5, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef) (async, rerun: 32) prctl$auto(0x35, 0x2, 0x0, 0x0, 0x0) (async, rerun: 32) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) write$auto(r6, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r7, 0x540a, 0x0) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) (async) r8 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r8, 0x0, 0x7ff, 0x400) (async, rerun: 32) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) 4m53.521448723s ago: executing program 3 (id=2306): syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) ustat$auto(0x801, 0x0) (fail_nth: 7) mincore$auto(0x1000, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = socket(0x2, 0x1, 0x106) setsockopt$auto(r1, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) 4m52.771041022s ago: executing program 3 (id=2308): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/kernel/seccomp/actions_logged\x00', 0x8202, 0x0) sendfile$auto(r1, r1, 0x0, 0x1048) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) socket(0xa, 0x2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x2, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) r4 = socket(0x1e, 0x1, 0x0) poll$auto(&(0x7f0000000040)={r4, 0x8, 0xea85}, 0x100, 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r6 = socket(0x2b, 0x1, 0x1) io_uring_setup$auto(0x6, 0x0) futex$auto(0x0, 0x6, 0x6, 0x0, 0x0, 0x9) setsockopt$auto(r6, 0x0, 0x33, 0x0, 0x4) listen$auto(r5, 0x31) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) 4m52.04966743s ago: executing program 3 (id=2310): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (fail_nth: 7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto_TUNGETIFF(r0, 0x800454d2, 0x0) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80002, 0x73) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 4m50.802913964s ago: executing program 3 (id=2314): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0x2003f0, 0x15) (async) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x10, 0x0) (async) pipe$auto(0x0) pipe$auto(0x0) (async) tee$auto(0x2000000000000, 0x3, 0x402, 0x6) (async) madvise$auto(0x0, 0x200007, 0x19) setresgid$auto(0x0, 0xee01, 0xffffffffffffffff) 4m50.258213309s ago: executing program 3 (id=2315): tkill$auto(0x1, 0x7) keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x614481, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/sub5/hw_params\x00', 0x101000, 0x0) socket(0x11, 0x4, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x4, 0x28000) setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x400) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/notify_on_release\x00', 0x20000, 0x0) mmap$auto(0x1000000, 0x20009, 0x80000001, 0x100000eb1, r0, 0x8000) socket(0x2a, 0x2, 0x1) io_uring_setup$auto(0x2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x80000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(r1, 0x8, 0x6) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8f3b7a51b81f7920, 0x0) getsockopt$auto_SO_MAX_PACING_RATE(r2, 0xd, 0x2f, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', &(0x7f0000000100)=0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) 4m49.869808186s ago: executing program 3 (id=2317): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto_TUNGETIFF(r0, 0x800454d2, 0x0) mmap$auto(0xf5, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80002, 0x73) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 4m49.273081454s ago: executing program 33 (id=2317): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto_TUNGETIFF(r0, 0x800454d2, 0x0) mmap$auto(0xf5, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80002, 0x73) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 8.389886433s ago: executing program 5 (id=3137): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r1, 0x301, 0x4070bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) socket(0x2, 0x1, 0x106) r2 = getpgid$auto(0xffffffffffffffff) prctl$auto(0xfb, 0x8, r2, 0x5, 0x7) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 7.54915843s ago: executing program 5 (id=3140): unshare$auto(0x40000080) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 64) madvise$auto(0x0, 0x2003f0, 0x15) (async, rerun: 64) madvise$auto(0x0, 0x200007, 0x19) (async) select$auto(0xe, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x7}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/nilfs2/features/README\x00', 0x40, 0x0) (async, rerun: 32) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) (rerun: 32) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x7, 0x0) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async, rerun: 64) close_range$auto(0x2, 0xa, 0x0) (async, rerun: 64) rseq$auto(&(0x7f00000001c0)={0xe, 0x401, 0x5fc, 0x10000006, 0xffffffff, 0xfffffff2}, 0x8000, 0x0, 0x6) (async) mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000) (async) setregid$auto(0x0, 0x3) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) wait4$auto(0x0, 0xfffffffffffffffc, 0x60000002, 0x0) setns(0xffffffffffffffff, 0x60020000) (async) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_REWIND(r1, 0x40084146, &(0x7f0000000000)=0x1) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x480200, 0x0) pipe$auto(0x0) (async) dup2$auto(0x5, 0x4) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) 6.130997808s ago: executing program 5 (id=3146): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r1, 0x301, 0x4070bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) socket(0x2, 0x1, 0x106) r2 = getpgid$auto(0xffffffffffffffff) prctl$auto(0xfb, 0x8, r2, 0x5, 0x7) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 6.10891807s ago: executing program 0 (id=3147): mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) r0 = signalfd$auto(0x4, 0x0, 0x8) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xc08) write$auto(0x3, 0x0, 0x5c8) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0xb0, r2, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_HE_6GHZ_CAPABILITY={0x1e, 0x125, "29484b29ac3219199fe0a5a5f1f608dcdcffa890f098b7a44609"}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xfffffffffffff92e}, @NL80211_ATTR_MAC_HINT={0x45, 0xc8, "28d39012ae25adcebf841be1375674f33943aa00c2f6df1572e4976ac2e866f98d588ad340ed915d3865fb7652cf1482c6860e5084e14435c50e1ddc6cea2fdf44"}, @NL80211_ATTR_FILS_CACHE_ID={0x19, 0xfd, "37a49e0bbc887be85f625e83fa33d6930a7821f57b"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xab}]}, 0xb0}}, 0x0) 5.840991456s ago: executing program 4 (id=3148): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) r0 = socket(0xa, 0x3, 0x3a) setsockopt$auto(r0, 0x3a, 0x1, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x382, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) inotify_init1$auto(0x3000000000000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f00000014c0)='M+{\x00', 0xfffffffa, 0x7, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) write$auto(0x3, 0x0, 0x100082) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000580)={{@inferred, 0xf0ee, 0x401, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) r3 = socket(0x10, 0x2, 0xf) bpf$auto(0x0, &(0x7f0000000200)=@bpf_attr_4={0x1e, r3, 0x5}, 0xd) bpf$auto(0x2, 0x0, 0x5) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) 5.762786944s ago: executing program 1 (id=3149): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0xb, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x25, 0x5, 0xf) setsockopt$auto(r0, 0x1, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300200000000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto(r1, 0x540a, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r3) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0xc000) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r3, 0x57, r2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) ioctl$auto_SIOCGIFHWADDR2(r3, 0x8927, &(0x7f00000001c0)="f7ab310f77ea24eb0255cb3f87260a21fa8aed171088e0912126accb7abe04f0b7182712cb378b") execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r4 = socket(0x2, 0x801, 0x100) listen$auto(r4, 0x2) write$auto(0x3, 0x0, 0x5c8) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189082, 0x0) sysfs$auto(0x2, 0x2, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, 0x0) 4.85229472s ago: executing program 5 (id=3150): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0xb, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x25, 0x5, 0xf) setsockopt$auto(r0, 0x1, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300200000000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto(r1, 0x540a, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r3) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0xc000) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r3, 0x57, r2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) ioctl$auto_SIOCGIFHWADDR2(r3, 0x8927, &(0x7f00000001c0)="f7ab310f77ea24eb0255cb3f87260a21fa8aed171088e0912126accb7abe04f0b7182712cb378b") execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r4 = socket(0x2, 0x801, 0x100) listen$auto(r4, 0x2) write$auto(0x3, 0x0, 0x5c8) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189082, 0x0) mmap$auto(0x1000000400000000, 0xa, 0xdb, 0x18, 0x5, 0x7ff9) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, 0x0) 4.755166657s ago: executing program 1 (id=3151): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) bind$auto(0xffffffffffffffff, &(0x7f0000000180)=@hci={0x1f, 0x3}, 0x1ff) connect$auto(0x3, 0x0, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x44, 0x1, 0x0, 0xfffffffffffffffd, 0x0) setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8000, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xd, 0xb979, 0x8000001f, 0x1000, 0x6d3d, 0xc, 0x2, 0x8]}, 0x0) openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmsg$auto(r2, 0x0, 0x5) select$auto(0x9, &(0x7f00000000c0)={[0xeeca, 0x7, 0xb, 0x9, 0x6, 0x1fc, 0x6, 0x3, 0x2, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0xc, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0xb01, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000040)='\x80\xdc)~\xe5', &(0x7f0000000540)="1a72989b442ad67a591164b0a0529b6715230fe4a7415cee9d38f438279a209f870c4e7a21b12317cc7896c5003a9754688f30bc01f111b247bde4a9fc96338cc28edacbe26ea731b9eb759554892dfdcd253d3bab6512c5f8cec2d732508a2f52170257344cca2c415d55844d06b6270df3167e1e47215e25f46b021cd6cc125c22a3a0b1e6a340ae46ee37a5903a54cbebf56ea50455e13ea23ea5ec74d5d7552763e9317d876604ce8c8cc2620db4f40d173adb56ba9ef8c326e9447465757fa6c1f77d9ebdd96e310163c674a9b3d64ca4a6931d4b1e89632c24af776b25aff6b9db80ae862bced4afb0130d1d868c26f3dd6020ee", 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) sendmsg$auto_NFC_CMD_GET_DEVICE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="f62a425b", @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf2501000000050010000400000005000c00ff000000080003008214000083001f003e3fe36d2345c4a020a978d05c864042975f4eb9e314243e49d7e98adb21c07bff7f4b5d172d64253010602703b76d4ad5a4ef0a65b8b595c314c263f23bf62adaae34fb3e709d2f5dfaf9f77ed1cc0ba0215ddd000000000000000b72f41da7341218461f5d028d826e0dcd1fafd700943c344cfad1b65649cda9ea2667c40005001000000000000e0014002f6465762f766d6369000000"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x7fff) 4.602952369s ago: executing program 4 (id=3152): prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x7, 0x2, 0x0, 0xb380, 0x1) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_STAT(0x0, 0xb, &(0x7f0000000140)={{0x4, 0xee00, 0xee00, 0x800080, 0x4, 0x7, 0x9}, &(0x7f00000000c0)=0xc7, 0x0, 0x9, 0x4, 0x6e08, 0x10, 0x4, 0x3, 0x81, 0xd977, @raw=0x2, @inferred=0xffffffffffffffff}) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) listen$auto(0xffffffffffffffff, 0x1f64b57d) unshare$auto(0x40000080) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r0 = socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x890b, r0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000280), 0x440, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) io_uring_setup$auto(0x9, 0x0) r2 = socket(0xa, 0x1, 0x84) getsockopt$auto(r2, 0x0, 0x487, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4, @loopback}, 0x54) 3.594761212s ago: executing program 5 (id=3153): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f00000002c0)={0x8, r1, 0x1, 0x33}) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r3, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000340), r2) sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r2, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r4, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0x3}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x8}]}, 0x24}}, 0x8001) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2c, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x14, 0x1, 0x0, 0x1, [@nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x1d}]}, @typed={0x8, 0x14, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r7, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) 3.464426864s ago: executing program 0 (id=3154): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) write$auto(0x3, 0x0, 0xfffffdef) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x58542, 0x0) write$auto(r1, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) read$auto_clk_dump_fops_(0xffffffffffffffff, 0x0, 0x0) arch_prctl$auto(0x5001, 0x800) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) 3.382021341s ago: executing program 0 (id=3155): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x60800, 0x0) ioctl$auto(r0, 0x901064ac, 0x5) getsockopt$auto_SO_NO_CHECK(r0, 0x80000001, 0xb, &(0x7f00000003c0)=']%&[\\/([%+]]@/*$\x00', &(0x7f0000000400)=0x56) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0/file0\x00') r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mkdir$auto(&(0x7f0000000000)='./file0/file1\x00', 0x2) renameat2$auto(r1, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000240)='./file1\x00', 0x2) fcntl$auto_F_SETFL(r0, 0x4, 0x4) r2 = socket(0x2, 0x1, 0x0) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r2) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f0000000080)={0x288, r3, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@HWSIM_ATTR_RADIO_ID={0x8, 0xa, 0x6}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x61, 0x2, "72da8bb16f0b57915d81064baeb24cf5cb527d72beed541c05290afe78798a9408a0872f58e73579659d87d7b88aad8186ceb0d707be9713b9f7adea8573d6d1823d3038120b13e5a4286ca1e398ac5bf5d7f9f1995ea997996f3c8599"}, @HWSIM_ATTR_PERM_ADDR={0x88, 0x16, "466a5697ac66815a65ec851138e38d27cb007af9be614f16580757f398161c9631280bb09a2ecab7a3197ea1d25d971a5b57cc43151a7eac1b6fee1dd77c3e0e3ed11d5060302d91d8310d1925f8ac32adc18df1f54310f17b8cb03e4210353f138e86fb7c8b2b8ab20956f41e7ee39af10f5cc85724f95a26174880860fbb5f140037a3"}, @HWSIM_ATTR_CIPHER_SUPPORT={0x83, 0x18, "c8d5578e72d6e4b9296564f502bc649483dc7af39bf19af23091136c55bcdb20ec611c28f24fe1979e7e19dbd92acf480f283b6ff3ec63b34e5130e64d055e136a92670a542350c9d3135ffa3ea17e786107f79f161564e7e3c58acf54418849b3c9fc447e663ac5073173f52ce3379f585526f733713a8d547254dd766a5b"}, @HWSIM_ATTR_TX_INFO_FLAGS={0xfb, 0x15, "4a292ef6d1293820d8964c4206859608783a217dd4364f2d3c80b9dfa61e72a34af1ca6a154d8768b1e32a4dc80f1c64bb15148676337a083583f4c1cc59fec9ba3b9432f975a87f086bde9d31e3f476927837b5f43432b57f09f257fc8843e55f566170c917fa9c26ea0852819c7d98a72a8caf90c86d07de0892f8cb98424a9803af8e1bad6273e78c4c58972087b743ed9428de286c73343f93d2a40bfe22c0552a8c6c5c489833a567d6b05f78bcd217027bb6cc703278e01691a491e250d818ccda81296b05e06b404101f8c309d4e46bc2e874db0998d0d0aa67533576affe8f9143c44e9a83228ccc103bd6d030d5461c998ef5"}]}, 0x288}, 0x1, 0x0, 0x0, 0x50}, 0x881) getsockopt$auto(r2, 0x6, 0x9, 0x0, 0x0) 2.68733486s ago: executing program 4 (id=3156): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0xb, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x25, 0x5, 0xf) setsockopt$auto(r0, 0x1, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300200000000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto(r1, 0x540a, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r3) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0xc000) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r3, 0x57, r2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) ioctl$auto_SIOCGIFHWADDR2(r3, 0x8927, &(0x7f00000001c0)="f7ab310f77ea24eb0255cb3f87260a21fa8aed171088e0912126accb7abe04f0b7182712cb378b") execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r4 = socket(0x2, 0x801, 0x100) listen$auto(r4, 0x2) write$auto(0x3, 0x0, 0x5c8) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189082, 0x0) mmap$auto(0x1000000400000000, 0xa, 0xdb, 0x18, 0x5, 0x7ff9) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, 0x0) 2.684802595s ago: executing program 0 (id=3164): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xc02, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) write$auto(r2, &(0x7f0000000000)='/dev/audio1\x00', 0x4) r3 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x121001, 0x0) r4 = fsmount$auto(0xffffffffffffffff, 0x710, 0xa3ab) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r3, 0xc038586b, &(0x7f0000000300)={r4, &(0x7f0000000100)="16d3611444042ebdd78184a913383b19d7f4329edad419af4d2d8abc66d8f9e1b8cea142caa7a43c01cd34", 0xb, &(0x7f0000000340)="9d2234cec0a951449398caad1fe2e81f694657ef04e134e2e3c92ce048e03f232d7af9c2ccaab2c7c93f5bcf072f427fd3a058d599150a2bc3d1b31b23bfc1048c8eed1e764f119b675aba74e9be1c1318d41e2ab883ddd477a2b3d01e185b7c1f4131de626677d0a8bc11791ad95ec5515588d0ce534638c8a66babba17d6ad5f8fa390c52e8554e6690288e7dd5b833b1c11aa2c3972e05d358835a9d4f99c05d324c235d04ac52e5e4a0aba1b8bb3f1da1d6ad847b4b47e04fad7fc337dddbea72b1b84855cc26caa8e2e1922ae7d070db3ade51455e0b4f32d995d008ca401c32cfb32a6601611cedd05ccf5ca134cb6ab7de1b105a863b6", 0xffffff43, &(0x7f0000000240)="5b18960ae319728448aa1c0aada0a838e7ce339efc177490e40eb1cde3e39de69b24fce8edf28f59a08281b44489dae79a40e5efbd34d8dea19f16ef8328c21dcabf809692", &(0x7f00000002c0)=0xd9}) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r5, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/smaps_rollup\x00', 0x1a3000, 0x0) 2.05207401s ago: executing program 1 (id=3157): prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x7, 0x2, 0x0, 0xb380, 0x1) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_STAT(0x0, 0xb, &(0x7f0000000140)={{0x4, 0xee00, 0xee00, 0x800080, 0x4, 0x7, 0x9}, &(0x7f00000000c0)=0xc7, 0x0, 0x9, 0x4, 0x6e08, 0x10, 0x4, 0x3, 0x81, 0xd977, @raw=0x2, @inferred=0xffffffffffffffff}) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) listen$auto(0xffffffffffffffff, 0x1f64b57d) unshare$auto(0x40000080) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r0 = socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x890b, r0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000280), 0x440, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) 1.878528174s ago: executing program 0 (id=3158): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x2, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) ioperm$auto(0x7, 0x800, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = socket(0x2, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto(r0, 0x400454cb, 0x5) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) unshare$auto(0x40000080) r2 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) sendmsg$auto_NETDEV_CMD_DEV_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NETDEV_A_DEV_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x4004845) getsockopt$auto(r2, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x14) mmap$auto(0x7, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/read_ahead_kb\x00', 0x181482, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) 1.632762453s ago: executing program 4 (id=3159): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0xb, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x25, 0x5, 0xf) setsockopt$auto(r0, 0x1, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300200000000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto(r1, 0x540a, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r3) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0xc000) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r3, 0x57, r2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) ioctl$auto_SIOCGIFHWADDR2(r3, 0x8927, &(0x7f00000001c0)="f7ab310f77ea24eb0255cb3f87260a21fa8aed171088e0912126accb7abe04f0b7182712cb378b") execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r4 = socket(0x2, 0x801, 0x100) listen$auto(r4, 0x2) write$auto(0x3, 0x0, 0x5c8) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189082, 0x0) sysfs$auto(0x2, 0x2, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, 0x0) 1.341234625s ago: executing program 1 (id=3160): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x300, &(0x7f0000000240)={&(0x7f0000001980)={0x3c, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x4, 0x0, 0x1, [@nested={0x4, 0x128}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) 1.218553195s ago: executing program 1 (id=3161): prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x7, 0x2, 0x0, 0xb380, 0x1) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_STAT(0x0, 0xb, &(0x7f0000000140)={{0x4, 0xee00, 0xee00, 0x800080, 0x4, 0x7, 0x9}, &(0x7f00000000c0)=0xc7, 0x0, 0x9, 0x4, 0x6e08, 0x10, 0x4, 0x3, 0x81, 0xd977, @raw=0x2, @inferred=0xffffffffffffffff}) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) listen$auto(0xffffffffffffffff, 0x1f64b57d) unshare$auto(0x40000080) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r0 = socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x890b, r0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000280), 0x440, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) io_uring_setup$auto(0x9, 0x0) socket(0xa, 0x1, 0x84) 626.97727ms ago: executing program 4 (id=3162): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r1, 0x301, 0x4070bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) socket(0x2, 0x1, 0x106) r2 = getpgid$auto(0xffffffffffffffff) prctl$auto(0xfb, 0x8, r2, 0x5, 0x7) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 207.240775ms ago: executing program 1 (id=3163): mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) r0 = signalfd$auto(0x4, 0x0, 0x8) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xc08) write$auto(0x3, 0x0, 0x5c8) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0xb0, r2, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_HE_6GHZ_CAPABILITY={0x1e, 0x125, "29484b29ac3219199fe0a5a5f1f608dcdcffa890f098b7a44609"}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xfffffffffffff92e}, @NL80211_ATTR_MAC_HINT={0x45, 0xc8, "28d39012ae25adcebf841be1375674f33943aa00c2f6df1572e4976ac2e866f98d588ad340ed915d3865fb7652cf1482c6860e5084e14435c50e1ddc6cea2fdf44"}, @NL80211_ATTR_FILS_CACHE_ID={0x19, 0xfd, "37a49e0bbc887be85f625e83fa33d6930a7821f57b"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xab}]}, 0xb0}}, 0x0) 206.822544ms ago: executing program 5 (id=3165): prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x7, 0x2, 0x0, 0xb380, 0x1) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_STAT(0x0, 0xb, &(0x7f0000000140)={{0x4, 0xee00, 0xee00, 0x800080, 0x4, 0x7, 0x9}, &(0x7f00000000c0)=0xc7, 0x0, 0x9, 0x4, 0x6e08, 0x10, 0x4, 0x3, 0x81, 0xd977, @raw=0x2, @inferred=0xffffffffffffffff}) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) listen$auto(0xffffffffffffffff, 0x1f64b57d) unshare$auto(0x40000080) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r0 = socket(0x2, 0x1, 0x106) ioctl$auto(r0, 0x890b, r0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000280), 0x440, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) io_uring_setup$auto(0x9, 0x0) r2 = socket(0xa, 0x1, 0x84) getsockopt$auto(r2, 0x0, 0x487, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4, @loopback}, 0x54) 184.406037ms ago: executing program 0 (id=3172): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) socket(0x9, 0x4, 0xfffffffc) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x10a00, 0x0) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) pread64$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa4\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0xe) inotify_rm_watch$auto(r1, 0x8001) getpid() prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x2, 0x80, 0x1) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) signalfd$auto(r4, &(0x7f0000000040)={0x6}, 0xfffffffffffffff8) ioctl$auto_SG_GET_NUM_WAITING(r2, 0x227d, &(0x7f0000000180)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) 0s ago: executing program 4 (id=3166): r0 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x28080, 0x0) read$auto_fops_blob_file(r0, 0x0, 0x0) ioctl$auto_FS_IOC_GETFSSYSFSPATH(r0, 0x80811501, 0x9) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x20342, 0x0) readv$auto(r1, &(0x7f0000000240)={&(0x7f0000000140), 0x9}, 0x3) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)={0x20, 0x0, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty49\x00', 0x2800, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) io_uring_register$auto(0x2, 0x1e, &(0x7f0000000000), 0x1) msgsnd$auto(0x1, 0x0, 0x2000, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x93f, 0x1fee0, 0x3, 0x6, 0xfffffffffffffffe, 0x9, 0x5, 0x8005, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x8, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x7fffffffffff, 0x9, 0x0, 0x0, 0x10]}, 0x1fe, 0x82) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): 11322][T21692] ? __pfx_walk_pgd_range+0x10/0x10 [ 985.511342][T21692] ? folios_put_refs+0x5ce/0x740 [ 985.511361][T21692] __walk_page_range+0x163/0x820 [ 985.511380][T21692] ? find_vma+0xbf/0x140 [ 985.511399][T21692] ? __pfx_find_vma+0x10/0x10 [ 985.511424][T21692] ? walk_page_test+0x9b/0x180 [ 985.511442][T21692] walk_page_range_mm+0x54d/0x8a0 [ 985.511462][T21692] ? __pfx_walk_page_range_mm+0x10/0x10 [ 985.511483][T21692] ? find_held_lock+0x2b/0x80 [ 985.511496][T21692] ? mlock_drain_local+0x22d/0x4f0 [ 985.511514][T21692] walk_page_range+0x63/0x90 [ 985.511533][T21692] madvise_pageout+0x254/0x540 [ 985.511554][T21692] ? __pfx_madvise_pageout+0x10/0x10 [ 985.511582][T21692] ? mtree_range_walk+0x718/0xc00 [ 985.511601][T21692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 985.511625][T21692] madvise_vma_behavior+0x460/0x2420 [ 985.511644][T21692] ? mas_prev_setup.constprop.0+0x81/0x830 [ 985.511668][T21692] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 985.511688][T21692] ? __pfx_mas_prev+0x10/0x10 [ 985.511706][T21692] ? find_vma_prev+0xda/0x160 [ 985.511726][T21692] ? __pfx_find_vma_prev+0x10/0x10 [ 985.511757][T21692] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 985.511783][T21692] madvise_walk_vmas+0x1d1/0x2c0 [ 985.511803][T21692] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 985.511827][T21692] madvise_do_behavior+0x15d/0x3f0 [ 985.511848][T21692] ? __pfx_madvise_do_behavior+0x10/0x10 [ 985.511879][T21692] do_madvise+0x161/0x230 [ 985.511899][T21692] ? __pfx_do_madvise+0x10/0x10 [ 985.511927][T21692] ? ksys_write+0x1ac/0x250 [ 985.511941][T21692] ? __pfx_ksys_write+0x10/0x10 [ 985.511959][T21692] __x64_sys_madvise+0xa9/0x110 [ 985.511979][T21692] ? lockdep_hardirqs_on+0x7c/0x110 [ 985.512000][T21692] do_syscall_64+0xcd/0x490 [ 985.512015][T21692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.512029][T21692] RIP: 0033:0x7f24af98eb69 [ 985.512042][T21692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.512055][T21692] RSP: 002b:00007f24b075c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 985.512069][T21692] RAX: ffffffffffffffda RBX: 00007f24afbb6080 RCX: 00007f24af98eb69 [ 985.512079][T21692] RDX: 0000000000000015 RSI: 000000000000f663 RDI: 0000000000000000 [ 985.512087][T21692] RBP: 00007f24b075c090 R08: 0000000000000000 R09: 0000000000000000 [ 985.512096][T21692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 985.512104][T21692] R13: 0000000000000000 R14: 00007f24afbb6080 R15: 00007ffca3cd2f08 [ 985.512123][T21692] [ 985.513136][T21690] CPU: 0 UID: 0 PID: 21690 Comm: syz.5.2788 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 985.513157][T21690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 985.513166][T21690] Call Trace: [ 985.513172][T21690] [ 985.513178][T21690] dump_stack_lvl+0x16c/0x1f0 [ 985.513193][T21690] should_fail_ex+0x512/0x640 [ 985.513214][T21690] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 985.513235][T21690] should_failslab+0xc2/0x120 [ 985.513254][T21690] __kmalloc_cache_noprof+0x6a/0x3e0 [ 985.513270][T21690] ? ima_calc_file_hash_tfm+0x231/0x350 [ 985.513293][T21690] ima_calc_file_hash_tfm+0x231/0x350 [ 985.513312][T21690] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 985.513351][T21690] ? stack_trace_save+0x8e/0xc0 [ 985.513368][T21690] ? ima_alloc_tfm+0x21a/0x2e0 [ 985.513384][T21690] ? generic_fillattr+0x6bf/0x940 [ 985.513404][T21690] ima_calc_file_hash+0x1ba/0x490 [ 985.513424][T21690] ima_collect_measurement+0x899/0xa40 [ 985.513449][T21690] ? __pfx_ima_collect_measurement+0x10/0x10 [ 985.513480][T21690] ? __mutex_lock+0x1c2/0x1070 [ 985.513494][T21690] ? is_bad_inode+0xd/0x40 [ 985.513514][T21690] ? xattr_resolve_name+0x27b/0x3f0 [ 985.513539][T21690] ? vfs_getxattr_alloc+0xec/0x340 [ 985.513557][T21690] ? ima_get_hash_algo+0x27c/0x400 [ 985.513572][T21690] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 985.513591][T21690] ? process_measurement+0x11fa/0x23e0 [ 985.513607][T21690] process_measurement+0x11fa/0x23e0 [ 985.513630][T21690] ? __pfx_process_measurement+0x10/0x10 [ 985.513645][T21690] ? __lock_acquire+0xb8a/0x1c90 [ 985.513688][T21690] ? __configfs_open_file+0x79a/0x9c0 [ 985.513706][T21690] ? inode_to_bdi+0x9e/0x160 [ 985.513727][T21690] ima_file_check+0xc5/0x110 [ 985.513744][T21690] ? __pfx_ima_file_check+0x10/0x10 [ 985.513775][T21690] security_file_post_open+0x8e/0x210 [ 985.513800][T21690] path_openat+0x1404/0x2cb0 [ 985.513823][T21690] ? __pfx_path_openat+0x10/0x10 [ 985.513839][T21690] ? __lock_acquire+0xb8a/0x1c90 [ 985.513858][T21690] do_filp_open+0x20b/0x470 [ 985.513874][T21690] ? __pfx_do_filp_open+0x10/0x10 [ 985.513903][T21690] ? alloc_fd+0x471/0x7d0 [ 985.513921][T21690] do_sys_openat2+0x11b/0x1d0 [ 985.513941][T21690] ? __pfx_do_sys_openat2+0x10/0x10 [ 985.513969][T21690] __x64_sys_openat+0x174/0x210 [ 985.513989][T21690] ? __pfx___x64_sys_openat+0x10/0x10 [ 985.514017][T21690] do_syscall_64+0xcd/0x490 [ 985.514032][T21690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.514047][T21690] RIP: 0033:0x7f75cf58eb69 [ 985.514058][T21690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.514073][T21690] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 985.514087][T21690] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 985.514096][T21690] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 985.514106][T21690] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 985.514114][T21690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 985.514123][T21690] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 985.514141][T21690] [ 985.541504][ T30] audit: type=1800 audit(6138071991.177:34): pid=21690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2788" name="dbroot" dev="configfs" ino=63758 res=0 errno=0 [ 986.658710][T21710] FAULT_INJECTION: forcing a failure. [ 986.658710][T21710] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 986.658753][T21710] CPU: 0 UID: 0 PID: 21710 Comm: syz.4.2791 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 986.658771][T21710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 986.658780][T21710] Call Trace: [ 986.658785][T21710] [ 986.658791][T21710] dump_stack_lvl+0x16c/0x1f0 [ 986.658809][T21710] should_fail_ex+0x512/0x640 [ 986.658833][T21710] _copy_from_user+0x2e/0xd0 [ 986.658848][T21710] snd_pcm_oss_write2+0x1c2/0x410 [ 986.658867][T21710] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 986.658883][T21710] ? snd_pcm_kernel_ioctl+0x267/0x2e0 [ 986.658907][T21710] snd_pcm_oss_write+0x711/0xa10 [ 986.658926][T21710] ? security_file_permission+0x71/0x210 [ 986.658944][T21710] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 986.658967][T21710] vfs_write+0x2a0/0x1150 [ 986.658986][T21710] ? __pfx_vfs_write+0x10/0x10 [ 986.658999][T21710] ? find_held_lock+0x2b/0x80 [ 986.659013][T21710] ? __fget_files+0x204/0x3c0 [ 986.659030][T21710] ? __fget_files+0x20e/0x3c0 [ 986.659049][T21710] ksys_write+0x12a/0x250 [ 986.659063][T21710] ? __pfx_ksys_write+0x10/0x10 [ 986.659083][T21710] do_syscall_64+0xcd/0x490 [ 986.659099][T21710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.659114][T21710] RIP: 0033:0x7f24af98eb69 [ 986.659126][T21710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.659141][T21710] RSP: 002b:00007f24b071a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 986.659155][T21710] RAX: ffffffffffffffda RBX: 00007f24afbb6240 RCX: 00007f24af98eb69 [ 986.659164][T21710] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 986.659173][T21710] RBP: 00007f24b071a090 R08: 0000000000000000 R09: 0000000000000000 [ 986.659182][T21710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 986.659190][T21710] R13: 0000000000000000 R14: 00007f24afbb6240 R15: 00007ffca3cd2f08 [ 986.659209][T21710] [ 988.142104][T21695] tty tty12: ldisc open failed (-12), clearing slot 11 [ 988.156843][T21709] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 988.789101][T21731] FAULT_INJECTION: forcing a failure. [ 988.789101][T21731] name failslab, interval 1, probability 0, space 0, times 0 [ 988.868578][T21731] CPU: 0 UID: 0 PID: 21731 Comm: syz.4.2798 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 988.868602][T21731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 988.868611][T21731] Call Trace: [ 988.868617][T21731] [ 988.868624][T21731] dump_stack_lvl+0x16c/0x1f0 [ 988.868643][T21731] should_fail_ex+0x512/0x640 [ 988.868665][T21731] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 988.868684][T21731] should_failslab+0xc2/0x120 [ 988.868703][T21731] __kmalloc_cache_noprof+0x6a/0x3e0 [ 988.868719][T21731] ? ima_calc_file_hash_tfm+0x231/0x350 [ 988.868755][T21731] ima_calc_file_hash_tfm+0x231/0x350 [ 988.868774][T21731] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 988.868816][T21731] ? stack_trace_save+0x8e/0xc0 [ 988.868834][T21731] ? ima_alloc_tfm+0x21a/0x2e0 [ 988.868850][T21731] ? generic_fillattr+0x6bf/0x940 [ 988.868871][T21731] ima_calc_file_hash+0x1ba/0x490 [ 988.868891][T21731] ima_collect_measurement+0x899/0xa40 [ 988.868915][T21731] ? __pfx_ima_collect_measurement+0x10/0x10 [ 988.868946][T21731] ? __mutex_lock+0x1c2/0x1070 [ 988.868960][T21731] ? is_bad_inode+0xd/0x40 [ 988.868981][T21731] ? xattr_resolve_name+0x27b/0x3f0 [ 988.869006][T21731] ? vfs_getxattr_alloc+0xec/0x340 [ 988.869024][T21731] ? ima_get_hash_algo+0x27c/0x400 [ 988.869039][T21731] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 988.869058][T21731] ? process_measurement+0x11fa/0x23e0 [ 988.869074][T21731] process_measurement+0x11fa/0x23e0 [ 988.869097][T21731] ? __pfx_process_measurement+0x10/0x10 [ 988.869112][T21731] ? __lock_acquire+0xb8a/0x1c90 [ 988.869155][T21731] ? __configfs_open_file+0x79a/0x9c0 [ 988.869174][T21731] ? inode_to_bdi+0x9e/0x160 [ 988.869195][T21731] ima_file_check+0xc5/0x110 [ 988.869211][T21731] ? __pfx_ima_file_check+0x10/0x10 [ 988.869232][T21731] security_file_post_open+0x8e/0x210 [ 988.869256][T21731] path_openat+0x1404/0x2cb0 [ 988.869277][T21731] ? __pfx_path_openat+0x10/0x10 [ 988.869294][T21731] ? __lock_acquire+0xb8a/0x1c90 [ 988.869313][T21731] do_filp_open+0x20b/0x470 [ 988.869329][T21731] ? __pfx_do_filp_open+0x10/0x10 [ 988.869358][T21731] ? alloc_fd+0x471/0x7d0 [ 988.869376][T21731] do_sys_openat2+0x11b/0x1d0 [ 988.869397][T21731] ? __pfx_do_sys_openat2+0x10/0x10 [ 988.869424][T21731] __x64_sys_openat+0x174/0x210 [ 988.869444][T21731] ? __pfx___x64_sys_openat+0x10/0x10 [ 988.869472][T21731] do_syscall_64+0xcd/0x490 [ 988.869488][T21731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 988.869503][T21731] RIP: 0033:0x7f24af98eb69 [ 988.869516][T21731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 988.869530][T21731] RSP: 002b:00007f24b077d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 988.869544][T21731] RAX: ffffffffffffffda RBX: 00007f24afbb5fa0 RCX: 00007f24af98eb69 [ 988.869554][T21731] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 988.869563][T21731] RBP: 00007f24afa11df1 R08: 0000000000000000 R09: 0000000000000000 [ 988.869572][T21731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 988.869581][T21731] R13: 0000000000000000 R14: 00007f24afbb5fa0 R15: 00007ffca3cd2f08 [ 988.869601][T21731] [ 988.869713][ T30] audit: type=1800 audit(6138071994.507:35): pid=21731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2798" name="dbroot" dev="configfs" ino=63943 res=0 errno=0 [ 990.006501][T21750] HfR: entered promiscuous mode [ 990.068151][T21750] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2801'. [ 990.126571][ T5848] Bluetooth: hci0: command 0x0406 tx timeout [ 990.134056][T21750] HfR: left promiscuous mode [ 991.171932][T21764] FAULT_INJECTION: forcing a failure. [ 991.171932][T21764] name failslab, interval 1, probability 0, space 0, times 0 [ 991.225932][T21764] CPU: 0 UID: 0 PID: 21764 Comm: syz.4.2806 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 991.225958][T21764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 991.225967][T21764] Call Trace: [ 991.225972][T21764] [ 991.225979][T21764] dump_stack_lvl+0x16c/0x1f0 [ 991.225997][T21764] should_fail_ex+0x512/0x640 [ 991.226019][T21764] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 991.226038][T21764] should_failslab+0xc2/0x120 [ 991.226058][T21764] __kmalloc_cache_noprof+0x6a/0x3e0 [ 991.226073][T21764] ? ima_calc_file_hash_tfm+0x231/0x350 [ 991.226094][T21764] ima_calc_file_hash_tfm+0x231/0x350 [ 991.226114][T21764] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 991.226153][T21764] ? stack_trace_save+0x8e/0xc0 [ 991.226170][T21764] ? ima_alloc_tfm+0x21a/0x2e0 [ 991.226185][T21764] ? generic_fillattr+0x6bf/0x940 [ 991.226206][T21764] ima_calc_file_hash+0x1ba/0x490 [ 991.226235][T21764] ima_collect_measurement+0x899/0xa40 [ 991.226261][T21764] ? __pfx_ima_collect_measurement+0x10/0x10 [ 991.226294][T21764] ? __mutex_lock+0x1c2/0x1070 [ 991.226309][T21764] ? is_bad_inode+0xd/0x40 [ 991.226330][T21764] ? xattr_resolve_name+0x27b/0x3f0 [ 991.226356][T21764] ? vfs_getxattr_alloc+0xec/0x340 [ 991.226374][T21764] ? ima_get_hash_algo+0x27c/0x400 [ 991.226389][T21764] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 991.226408][T21764] ? process_measurement+0x11fa/0x23e0 [ 991.226423][T21764] process_measurement+0x11fa/0x23e0 [ 991.226446][T21764] ? __pfx_process_measurement+0x10/0x10 [ 991.226462][T21764] ? __lock_acquire+0xb8a/0x1c90 [ 991.226530][T21764] ? __configfs_open_file+0x79a/0x9c0 [ 991.226552][T21764] ? inode_to_bdi+0x9e/0x160 [ 991.226574][T21764] ima_file_check+0xc5/0x110 [ 991.226592][T21764] ? __pfx_ima_file_check+0x10/0x10 [ 991.226614][T21764] security_file_post_open+0x8e/0x210 [ 991.226637][T21764] path_openat+0x1404/0x2cb0 [ 991.226660][T21764] ? __pfx_path_openat+0x10/0x10 [ 991.226676][T21764] ? __lock_acquire+0xb8a/0x1c90 [ 991.226696][T21764] do_filp_open+0x20b/0x470 [ 991.226712][T21764] ? __pfx_do_filp_open+0x10/0x10 [ 991.226741][T21764] ? alloc_fd+0x471/0x7d0 [ 991.226760][T21764] do_sys_openat2+0x11b/0x1d0 [ 991.226781][T21764] ? __pfx_do_sys_openat2+0x10/0x10 [ 991.226809][T21764] __x64_sys_openat+0x174/0x210 [ 991.226829][T21764] ? __pfx___x64_sys_openat+0x10/0x10 [ 991.226857][T21764] do_syscall_64+0xcd/0x490 [ 991.226873][T21764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.226888][T21764] RIP: 0033:0x7f24af98eb69 [ 991.226904][T21764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 991.226918][T21764] RSP: 002b:00007f24b077d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 991.226934][T21764] RAX: ffffffffffffffda RBX: 00007f24afbb5fa0 RCX: 00007f24af98eb69 [ 991.226944][T21764] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 991.226954][T21764] RBP: 00007f24afa11df1 R08: 0000000000000000 R09: 0000000000000000 [ 991.226963][T21764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 991.226973][T21764] R13: 0000000000000000 R14: 00007f24afbb5fa0 R15: 00007ffca3cd2f08 [ 991.226993][T21764] [ 991.581922][ T30] audit: type=1800 audit(6138071996.867:36): pid=21764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2806" name="dbroot" dev="configfs" ino=64092 res=0 errno=0 [ 992.638690][T21775] FAULT_INJECTION: forcing a failure. [ 992.638690][T21775] name failslab, interval 1, probability 0, space 0, times 0 [ 992.697162][T21775] CPU: 0 UID: 0 PID: 21775 Comm: syz.5.2810 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 992.697185][T21775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 992.697195][T21775] Call Trace: [ 992.697201][T21775] [ 992.697207][T21775] dump_stack_lvl+0x16c/0x1f0 [ 992.697227][T21775] should_fail_ex+0x512/0x640 [ 992.697249][T21775] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 992.697271][T21775] should_failslab+0xc2/0x120 [ 992.697291][T21775] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 992.697309][T21775] ? __alloc_skb+0x2b2/0x380 [ 992.697333][T21775] __alloc_skb+0x2b2/0x380 [ 992.697354][T21775] ? __pfx___alloc_skb+0x10/0x10 [ 992.697375][T21775] ? rcu_is_watching+0x12/0xc0 [ 992.697391][T21775] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 992.697409][T21775] ? audit_log_start+0x2c5/0x7f0 [ 992.697429][T21775] audit_log_start+0x2ea/0x7f0 [ 992.697448][T21775] ? __pfx_audit_log_start+0x10/0x10 [ 992.697465][T21775] ? __lock_acquire+0xb8a/0x1c90 [ 992.697493][T21775] integrity_audit_message+0x10c/0x580 [ 992.697509][T21775] ? take_dentry_name_snapshot+0x314/0x7d0 [ 992.697528][T21775] ? __pfx_integrity_audit_message+0x10/0x10 [ 992.697544][T21775] ? take_dentry_name_snapshot+0x319/0x7d0 [ 992.697566][T21775] integrity_audit_msg+0x41/0x60 [ 992.697583][T21775] ima_collect_measurement+0x786/0xa40 [ 992.697608][T21775] ? __pfx_ima_collect_measurement+0x10/0x10 [ 992.697640][T21775] ? __mutex_lock+0x1c2/0x1070 [ 992.697654][T21775] ? is_bad_inode+0xd/0x40 [ 992.697673][T21775] ? xattr_resolve_name+0x27b/0x3f0 [ 992.697699][T21775] ? vfs_getxattr_alloc+0xec/0x340 [ 992.697717][T21775] ? ima_get_hash_algo+0x27c/0x400 [ 992.697732][T21775] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 992.697751][T21775] ? process_measurement+0x11fa/0x23e0 [ 992.697767][T21775] process_measurement+0x11fa/0x23e0 [ 992.697789][T21775] ? __pfx_process_measurement+0x10/0x10 [ 992.697804][T21775] ? __lock_acquire+0xb8a/0x1c90 [ 992.697846][T21775] ? __configfs_open_file+0x79a/0x9c0 [ 992.697865][T21775] ? inode_to_bdi+0x9e/0x160 [ 992.697886][T21775] ima_file_check+0xc5/0x110 [ 992.697902][T21775] ? __pfx_ima_file_check+0x10/0x10 [ 992.697924][T21775] security_file_post_open+0x8e/0x210 [ 992.697946][T21775] path_openat+0x1404/0x2cb0 [ 992.697968][T21775] ? __pfx_path_openat+0x10/0x10 [ 992.697985][T21775] ? __lock_acquire+0xb8a/0x1c90 [ 992.698005][T21775] do_filp_open+0x20b/0x470 [ 992.698028][T21775] ? __pfx_do_filp_open+0x10/0x10 [ 992.698059][T21775] ? alloc_fd+0x471/0x7d0 [ 992.698079][T21775] do_sys_openat2+0x11b/0x1d0 [ 992.698100][T21775] ? __pfx_do_sys_openat2+0x10/0x10 [ 992.698128][T21775] __x64_sys_openat+0x174/0x210 [ 992.698148][T21775] ? __pfx___x64_sys_openat+0x10/0x10 [ 992.698176][T21775] do_syscall_64+0xcd/0x490 [ 992.698192][T21775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.698207][T21775] RIP: 0033:0x7f75cf58eb69 [ 992.698222][T21775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 992.698239][T21775] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 992.698254][T21775] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 992.698264][T21775] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 992.698274][T21775] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 992.698284][T21775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 992.698293][T21775] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 992.698313][T21775] [ 992.698338][T21775] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 993.270199][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.278715][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.842159][T21775] audit: out of memory in audit_log_start [ 993.876278][T21778] FAULT_INJECTION: forcing a failure. [ 993.876278][T21778] name fail_futex, interval 1, probability 0, space 0, times 0 [ 993.919975][T21778] CPU: 0 UID: 0 PID: 21778 Comm: syz.0.2809 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 993.919998][T21778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 993.920008][T21778] Call Trace: [ 993.920013][T21778] [ 993.920019][T21778] dump_stack_lvl+0x16c/0x1f0 [ 993.920039][T21778] should_fail_ex+0x512/0x640 [ 993.920063][T21778] get_futex_key+0xf36/0x1540 [ 993.920081][T21778] ? find_held_lock+0x2b/0x80 [ 993.920095][T21778] ? __pfx_get_futex_key+0x10/0x10 [ 993.920111][T21778] ? __mutex_trylock_common+0xe9/0x250 [ 993.920134][T21778] futex_wake+0xea/0x530 [ 993.920155][T21778] ? __pfx_futex_wake+0x10/0x10 [ 993.920173][T21778] ? __lock_acquire+0xb8a/0x1c90 [ 993.920198][T21778] do_futex+0x1e3/0x350 [ 993.920215][T21778] ? __pfx_do_futex+0x10/0x10 [ 993.920230][T21778] ? __might_fault+0xe3/0x190 [ 993.920252][T21778] mm_release+0x24e/0x300 [ 993.920268][T21778] do_exit+0x68e/0x2bf0 [ 993.920290][T21778] ? __pfx_do_exit+0x10/0x10 [ 993.920308][T21778] ? do_raw_spin_lock+0x12c/0x2b0 [ 993.920326][T21778] ? find_held_lock+0x2b/0x80 [ 993.920342][T21778] do_group_exit+0xd3/0x2a0 [ 993.920361][T21778] get_signal+0x2673/0x26d0 [ 993.920379][T21778] ? kmem_cache_free+0x2d1/0x4d0 [ 993.920394][T21778] ? fd_install+0x225/0x750 [ 993.920410][T21778] ? __pfx_get_signal+0x10/0x10 [ 993.920425][T21778] ? do_futex+0x122/0x350 [ 993.920442][T21778] ? __pfx_do_futex+0x10/0x10 [ 993.920460][T21778] arch_do_signal_or_restart+0x8f/0x790 [ 993.920479][T21778] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 993.920501][T21778] ? xfd_validate_state+0x61/0x180 [ 993.920531][T21778] exit_to_user_mode_loop+0x84/0x110 [ 993.920552][T21778] do_syscall_64+0x3f6/0x490 [ 993.920568][T21778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.920586][T21778] RIP: 0033:0x7f213578eb69 [ 993.920598][T21778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.920612][T21778] RSP: 002b:00007f21366350e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 993.920626][T21778] RAX: fffffffffffffe00 RBX: 00007f21359b5fa8 RCX: 00007f213578eb69 [ 993.920636][T21778] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f21359b5fa8 [ 993.920644][T21778] RBP: 00007f21359b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 993.920654][T21778] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f21359b5fac [ 993.920662][T21778] R13: 0000000000000000 R14: 00007ffcea902350 R15: 00007ffcea902438 [ 993.920681][T21778] [ 994.189151][T21783] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2811'. [ 994.201335][T21783] netlink: 306 bytes leftover after parsing attributes in process `syz.4.2811'. [ 996.234864][T21820] FAULT_INJECTION: forcing a failure. [ 996.234864][T21820] name failslab, interval 1, probability 0, space 0, times 0 [ 996.347490][T21820] CPU: 0 UID: 0 PID: 21820 Comm: syz.5.2820 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 996.347515][T21820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 996.347525][T21820] Call Trace: [ 996.347531][T21820] [ 996.347538][T21820] dump_stack_lvl+0x16c/0x1f0 [ 996.347557][T21820] should_fail_ex+0x512/0x640 [ 996.347579][T21820] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 996.347600][T21820] should_failslab+0xc2/0x120 [ 996.347620][T21820] __kmalloc_cache_noprof+0x6a/0x3e0 [ 996.347636][T21820] ? ima_calc_file_hash_tfm+0x231/0x350 [ 996.347657][T21820] ima_calc_file_hash_tfm+0x231/0x350 [ 996.347676][T21820] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 996.347715][T21820] ? stack_trace_save+0x8e/0xc0 [ 996.347732][T21820] ? ima_alloc_tfm+0x21a/0x2e0 [ 996.347748][T21820] ? generic_fillattr+0x6bf/0x940 [ 996.347769][T21820] ima_calc_file_hash+0x1ba/0x490 [ 996.347789][T21820] ima_collect_measurement+0x899/0xa40 [ 996.347813][T21820] ? __pfx_ima_collect_measurement+0x10/0x10 [ 996.347844][T21820] ? __mutex_lock+0x1c2/0x1070 [ 996.347857][T21820] ? is_bad_inode+0xd/0x40 [ 996.347877][T21820] ? xattr_resolve_name+0x27b/0x3f0 [ 996.347902][T21820] ? vfs_getxattr_alloc+0xec/0x340 [ 996.347920][T21820] ? ima_get_hash_algo+0x27c/0x400 [ 996.347935][T21820] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 996.347954][T21820] ? process_measurement+0x11fa/0x23e0 [ 996.347970][T21820] process_measurement+0x11fa/0x23e0 [ 996.347992][T21820] ? __pfx_process_measurement+0x10/0x10 [ 996.348007][T21820] ? __lock_acquire+0xb8a/0x1c90 [ 996.348060][T21820] ? __configfs_open_file+0x79a/0x9c0 [ 996.348080][T21820] ? inode_to_bdi+0x9e/0x160 [ 996.348102][T21820] ima_file_check+0xc5/0x110 [ 996.348119][T21820] ? __pfx_ima_file_check+0x10/0x10 [ 996.348140][T21820] security_file_post_open+0x8e/0x210 [ 996.348164][T21820] path_openat+0x1404/0x2cb0 [ 996.348186][T21820] ? __pfx_path_openat+0x10/0x10 [ 996.348202][T21820] ? __lock_acquire+0xb8a/0x1c90 [ 996.348221][T21820] do_filp_open+0x20b/0x470 [ 996.348237][T21820] ? __pfx_do_filp_open+0x10/0x10 [ 996.348266][T21820] ? alloc_fd+0x471/0x7d0 [ 996.348285][T21820] do_sys_openat2+0x11b/0x1d0 [ 996.348305][T21820] ? __pfx_do_sys_openat2+0x10/0x10 [ 996.348332][T21820] __x64_sys_openat+0x174/0x210 [ 996.348353][T21820] ? __pfx___x64_sys_openat+0x10/0x10 [ 996.348384][T21820] do_syscall_64+0xcd/0x490 [ 996.348400][T21820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.348416][T21820] RIP: 0033:0x7f75cf58eb69 [ 996.348430][T21820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 996.348445][T21820] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 996.348459][T21820] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 996.348469][T21820] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 996.348479][T21820] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 996.348489][T21820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 996.348498][T21820] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 996.348518][T21820] [ 996.348669][ T30] audit: type=1800 audit(6138072001.987:37): pid=21820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2820" name="dbroot" dev="configfs" ino=64469 res=0 errno=0 [ 997.189113][T21837] FAULT_INJECTION: forcing a failure. [ 997.189113][T21837] name failslab, interval 1, probability 0, space 0, times 0 [ 997.189163][T21837] CPU: 0 UID: 0 PID: 21837 Comm: syz.1.2822 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 997.189182][T21837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 997.189191][T21837] Call Trace: [ 997.189196][T21837] [ 997.189202][T21837] dump_stack_lvl+0x16c/0x1f0 [ 997.189221][T21837] should_fail_ex+0x512/0x640 [ 997.189243][T21837] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 997.189262][T21837] should_failslab+0xc2/0x120 [ 997.189282][T21837] __kmalloc_cache_noprof+0x6a/0x3e0 [ 997.189297][T21837] ? ima_calc_file_hash_tfm+0x231/0x350 [ 997.189318][T21837] ima_calc_file_hash_tfm+0x231/0x350 [ 997.189337][T21837] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 997.189376][T21837] ? stack_trace_save+0x8e/0xc0 [ 997.189393][T21837] ? ima_alloc_tfm+0x21a/0x2e0 [ 997.189409][T21837] ? generic_fillattr+0x6bf/0x940 [ 997.189430][T21837] ima_calc_file_hash+0x1ba/0x490 [ 997.189449][T21837] ima_collect_measurement+0x899/0xa40 [ 997.189473][T21837] ? __pfx_ima_collect_measurement+0x10/0x10 [ 997.189505][T21837] ? __mutex_lock+0x1c2/0x1070 [ 997.189519][T21837] ? is_bad_inode+0xd/0x40 [ 997.189538][T21837] ? xattr_resolve_name+0x27b/0x3f0 [ 997.189563][T21837] ? vfs_getxattr_alloc+0xec/0x340 [ 997.189581][T21837] ? ima_get_hash_algo+0x27c/0x400 [ 997.189600][T21837] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 997.189628][T21837] ? process_measurement+0x11fa/0x23e0 [ 997.189645][T21837] process_measurement+0x11fa/0x23e0 [ 997.189668][T21837] ? __pfx_process_measurement+0x10/0x10 [ 997.189684][T21837] ? __lock_acquire+0xb8a/0x1c90 [ 997.189729][T21837] ? __configfs_open_file+0x79a/0x9c0 [ 997.189748][T21837] ? inode_to_bdi+0x9e/0x160 [ 997.189769][T21837] ima_file_check+0xc5/0x110 [ 997.189785][T21837] ? __pfx_ima_file_check+0x10/0x10 [ 997.189807][T21837] security_file_post_open+0x8e/0x210 [ 997.189830][T21837] path_openat+0x1404/0x2cb0 [ 997.189852][T21837] ? __pfx_path_openat+0x10/0x10 [ 997.189869][T21837] ? __lock_acquire+0xb8a/0x1c90 [ 997.189888][T21837] do_filp_open+0x20b/0x470 [ 997.189904][T21837] ? __pfx_do_filp_open+0x10/0x10 [ 997.189933][T21837] ? alloc_fd+0x471/0x7d0 [ 997.189952][T21837] do_sys_openat2+0x11b/0x1d0 [ 997.189972][T21837] ? __pfx_do_sys_openat2+0x10/0x10 [ 997.189999][T21837] __x64_sys_openat+0x174/0x210 [ 997.190019][T21837] ? __pfx___x64_sys_openat+0x10/0x10 [ 997.190047][T21837] do_syscall_64+0xcd/0x490 [ 997.190063][T21837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.190078][T21837] RIP: 0033:0x7fec0898eb69 [ 997.190090][T21837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.190105][T21837] RSP: 002b:00007fec0973f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 997.190120][T21837] RAX: ffffffffffffffda RBX: 00007fec08bb5fa0 RCX: 00007fec0898eb69 [ 997.190130][T21837] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 997.190140][T21837] RBP: 00007fec08a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 997.190150][T21837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 997.190160][T21837] R13: 0000000000000000 R14: 00007fec08bb5fa0 R15: 00007fffd75d5e68 [ 997.190179][T21837] [ 998.146853][ T30] audit: type=1800 audit(6138072002.827:38): pid=21837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2822" name="dbroot" dev="configfs" ino=64553 res=0 errno=0 [ 999.772011][T21835] tty tty48: ldisc open failed (-12), clearing slot 47 [ 1000.284984][T21876] block nbd9: NBD_DISCONNECT [ 1001.216319][T21894] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2834'. [ 1003.795737][T19212] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 1004.270313][T21912] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1005.003786][T21920] FAULT_INJECTION: forcing a failure. [ 1005.003786][T21920] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1005.003823][T21920] CPU: 0 UID: 0 PID: 21920 Comm: syz.0.2844 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1005.003841][T21920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1005.003850][T21920] Call Trace: [ 1005.003856][T21920] [ 1005.003862][T21920] dump_stack_lvl+0x16c/0x1f0 [ 1005.003880][T21920] should_fail_ex+0x512/0x640 [ 1005.003906][T21920] should_fail_alloc_page+0xe7/0x130 [ 1005.003928][T21920] prepare_alloc_pages+0x3c2/0x610 [ 1005.003951][T21920] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1005.003971][T21920] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1005.003990][T21920] ? arch_stack_walk+0xa6/0x100 [ 1005.004013][T21920] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1005.004030][T21920] ? stack_trace_save+0x8e/0xc0 [ 1005.004053][T21920] ? __lock_acquire+0xb8a/0x1c90 [ 1005.004073][T21920] ? fb_var_to_videomode+0x4c9/0x690 [ 1005.004094][T21920] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1005.004116][T21920] ? policy_nodemask+0xea/0x4e0 [ 1005.004137][T21920] alloc_pages_mpol+0x1fb/0x550 [ 1005.004157][T21920] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1005.004184][T21920] ? lockdep_hardirqs_on+0x7c/0x110 [ 1005.004212][T21920] ? vc_allocate+0x489/0x880 [ 1005.004230][T21920] ___kmalloc_large_node+0xed/0x160 [ 1005.004252][T21920] ? con_is_visible+0x65/0x150 [ 1005.004267][T21920] ? vc_allocate+0x489/0x880 [ 1005.004284][T21920] __kmalloc_large_node_noprof+0x1c/0x70 [ 1005.004308][T21920] __kmalloc_noprof.cold+0xc/0x61 [ 1005.004334][T21920] vc_allocate+0x489/0x880 [ 1005.004353][T21920] ? __pfx_vc_allocate+0x10/0x10 [ 1005.004377][T21920] con_install+0xa1/0x600 [ 1005.004397][T21920] ? __pfx_con_install+0x10/0x10 [ 1005.004419][T21920] ? __pfx_con_install+0x10/0x10 [ 1005.004439][T21920] tty_init_dev.part.0+0x99/0x500 [ 1005.004461][T21920] tty_open+0xa50/0xf90 [ 1005.004485][T21920] ? __pfx_tty_open+0x10/0x10 [ 1005.004505][T21920] ? chrdev_open+0x58c/0x6a0 [ 1005.004525][T21920] ? __pfx_tty_open+0x10/0x10 [ 1005.004544][T21920] chrdev_open+0x234/0x6a0 [ 1005.004562][T21920] ? __pfx_chrdev_open+0x10/0x10 [ 1005.004580][T21920] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1005.004599][T21920] do_dentry_open+0x744/0x1c10 [ 1005.004616][T21920] ? __pfx_chrdev_open+0x10/0x10 [ 1005.004636][T21920] vfs_open+0x82/0x3f0 [ 1005.004658][T21920] path_openat+0x1de4/0x2cb0 [ 1005.004680][T21920] ? __pfx_path_openat+0x10/0x10 [ 1005.004697][T21920] ? __lock_acquire+0xb8a/0x1c90 [ 1005.004717][T21920] do_filp_open+0x20b/0x470 [ 1005.004732][T21920] ? __pfx_do_filp_open+0x10/0x10 [ 1005.004762][T21920] ? alloc_fd+0x471/0x7d0 [ 1005.004781][T21920] do_sys_openat2+0x11b/0x1d0 [ 1005.004801][T21920] ? __pfx_do_sys_openat2+0x10/0x10 [ 1005.004828][T21920] __x64_sys_openat+0x174/0x210 [ 1005.004849][T21920] ? __pfx___x64_sys_openat+0x10/0x10 [ 1005.004877][T21920] do_syscall_64+0xcd/0x490 [ 1005.004893][T21920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.004908][T21920] RIP: 0033:0x7f213578eb69 [ 1005.004921][T21920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.004936][T21920] RSP: 002b:00007f2136614038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1005.004950][T21920] RAX: ffffffffffffffda RBX: 00007f21359b6080 RCX: 00007f213578eb69 [ 1005.004962][T21920] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1005.004971][T21920] RBP: 00007f2135811df1 R08: 0000000000000000 R09: 0000000000000000 [ 1005.004981][T21920] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 1005.004990][T21920] R13: 0000000000000000 R14: 00007f21359b6080 R15: 00007ffcea902438 [ 1005.005010][T21920] [ 1007.001249][T21928] FAULT_INJECTION: forcing a failure. [ 1007.001249][T21928] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.001276][T21928] CPU: 0 UID: 0 PID: 21928 Comm: syz.1.2853 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1007.001296][T21928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1007.001305][T21928] Call Trace: [ 1007.001311][T21928] [ 1007.001317][T21928] dump_stack_lvl+0x16c/0x1f0 [ 1007.001335][T21928] should_fail_ex+0x512/0x640 [ 1007.001358][T21928] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1007.001376][T21928] should_failslab+0xc2/0x120 [ 1007.001396][T21928] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1007.001412][T21928] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1007.001433][T21928] ima_calc_file_hash_tfm+0x231/0x350 [ 1007.001453][T21928] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1007.001493][T21928] ? stack_trace_save+0x8e/0xc0 [ 1007.001509][T21928] ? ima_alloc_tfm+0x21a/0x2e0 [ 1007.001525][T21928] ? generic_fillattr+0x6bf/0x940 [ 1007.001546][T21928] ima_calc_file_hash+0x1ba/0x490 [ 1007.001565][T21928] ima_collect_measurement+0x899/0xa40 [ 1007.001589][T21928] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1007.001621][T21928] ? __mutex_lock+0x1c2/0x1070 [ 1007.001635][T21928] ? is_bad_inode+0xd/0x40 [ 1007.001655][T21928] ? xattr_resolve_name+0x27b/0x3f0 [ 1007.001691][T21928] ? vfs_getxattr_alloc+0xec/0x340 [ 1007.001710][T21928] ? ima_get_hash_algo+0x27c/0x400 [ 1007.001725][T21928] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1007.001745][T21928] ? process_measurement+0x11fa/0x23e0 [ 1007.001762][T21928] process_measurement+0x11fa/0x23e0 [ 1007.001785][T21928] ? __pfx_process_measurement+0x10/0x10 [ 1007.001801][T21928] ? __lock_acquire+0xb8a/0x1c90 [ 1007.001844][T21928] ? __configfs_open_file+0x79a/0x9c0 [ 1007.001864][T21928] ? inode_to_bdi+0x9e/0x160 [ 1007.001885][T21928] ima_file_check+0xc5/0x110 [ 1007.001902][T21928] ? __pfx_ima_file_check+0x10/0x10 [ 1007.001923][T21928] security_file_post_open+0x8e/0x210 [ 1007.001946][T21928] path_openat+0x1404/0x2cb0 [ 1007.001968][T21928] ? __pfx_path_openat+0x10/0x10 [ 1007.001984][T21928] ? __lock_acquire+0xb8a/0x1c90 [ 1007.002003][T21928] do_filp_open+0x20b/0x470 [ 1007.002018][T21928] ? __pfx_do_filp_open+0x10/0x10 [ 1007.002047][T21928] ? alloc_fd+0x471/0x7d0 [ 1007.002066][T21928] do_sys_openat2+0x11b/0x1d0 [ 1007.002086][T21928] ? __pfx_do_sys_openat2+0x10/0x10 [ 1007.002113][T21928] __x64_sys_openat+0x174/0x210 [ 1007.002133][T21928] ? __pfx___x64_sys_openat+0x10/0x10 [ 1007.002161][T21928] do_syscall_64+0xcd/0x490 [ 1007.002177][T21928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.002192][T21928] RIP: 0033:0x7fec0898eb69 [ 1007.002205][T21928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1007.002219][T21928] RSP: 002b:00007fec0973f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1007.002233][T21928] RAX: ffffffffffffffda RBX: 00007fec08bb5fa0 RCX: 00007fec0898eb69 [ 1007.002244][T21928] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1007.002253][T21928] RBP: 00007fec08a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1007.002263][T21928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1007.002272][T21928] R13: 0000000000000000 R14: 00007fec08bb5fa0 R15: 00007fffd75d5e68 [ 1007.002293][T21928] [ 1007.002412][ T30] audit: type=1800 audit(6138072012.637:39): pid=21928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2853" name="dbroot" dev="configfs" ino=64980 res=0 errno=0 [ 1007.305266][T21929] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2845'. [ 1007.357072][T21927] ima: policy update failed [ 1007.357544][ T30] audit: type=1802 audit(6138072012.997:40): pid=21927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2845" res=0 errno=0 [ 1009.190336][T21943] tty tty12: ldisc open failed (-12), clearing slot 11 [ 1009.880388][ T5848] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 1010.119018][ T30] audit: type=1400 audit(6138072015.757:41): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=21970 comm="syz.0.2855" [ 1010.481135][T21977] FAULT_INJECTION: forcing a failure. [ 1010.481135][T21977] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.555840][T21977] CPU: 0 UID: 0 PID: 21977 Comm: syz.4.2857 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1010.555864][T21977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1010.555874][T21977] Call Trace: [ 1010.555881][T21977] [ 1010.555888][T21977] dump_stack_lvl+0x16c/0x1f0 [ 1010.555908][T21977] should_fail_ex+0x512/0x640 [ 1010.555931][T21977] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1010.555950][T21977] should_failslab+0xc2/0x120 [ 1010.555971][T21977] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1010.555986][T21977] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1010.556008][T21977] ima_calc_file_hash_tfm+0x231/0x350 [ 1010.556041][T21977] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1010.556083][T21977] ? stack_trace_save+0x8e/0xc0 [ 1010.556102][T21977] ? ima_alloc_tfm+0x21a/0x2e0 [ 1010.556119][T21977] ? generic_fillattr+0x6bf/0x940 [ 1010.556140][T21977] ima_calc_file_hash+0x1ba/0x490 [ 1010.556160][T21977] ima_collect_measurement+0x899/0xa40 [ 1010.556185][T21977] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1010.556217][T21977] ? __mutex_lock+0x1c2/0x1070 [ 1010.556232][T21977] ? is_bad_inode+0xd/0x40 [ 1010.556252][T21977] ? xattr_resolve_name+0x27b/0x3f0 [ 1010.556278][T21977] ? vfs_getxattr_alloc+0xec/0x340 [ 1010.556296][T21977] ? ima_get_hash_algo+0x27c/0x400 [ 1010.556370][T21977] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1010.556393][T21977] ? process_measurement+0x11fa/0x23e0 [ 1010.556410][T21977] process_measurement+0x11fa/0x23e0 [ 1010.556435][T21977] ? __pfx_process_measurement+0x10/0x10 [ 1010.556451][T21977] ? __lock_acquire+0xb8a/0x1c90 [ 1010.556496][T21977] ? __configfs_open_file+0x79a/0x9c0 [ 1010.556517][T21977] ? inode_to_bdi+0x9e/0x160 [ 1010.556538][T21977] ima_file_check+0xc5/0x110 [ 1010.556555][T21977] ? __pfx_ima_file_check+0x10/0x10 [ 1010.556581][T21977] security_file_post_open+0x8e/0x210 [ 1010.556605][T21977] path_openat+0x1404/0x2cb0 [ 1010.556627][T21977] ? __pfx_path_openat+0x10/0x10 [ 1010.556644][T21977] ? __lock_acquire+0xb8a/0x1c90 [ 1010.556664][T21977] do_filp_open+0x20b/0x470 [ 1010.556680][T21977] ? __pfx_do_filp_open+0x10/0x10 [ 1010.556711][T21977] ? alloc_fd+0x471/0x7d0 [ 1010.556730][T21977] do_sys_openat2+0x11b/0x1d0 [ 1010.556751][T21977] ? __pfx_do_sys_openat2+0x10/0x10 [ 1010.556779][T21977] __x64_sys_openat+0x174/0x210 [ 1010.556800][T21977] ? __pfx___x64_sys_openat+0x10/0x10 [ 1010.556832][T21977] do_syscall_64+0xcd/0x490 [ 1010.556849][T21977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.556865][T21977] RIP: 0033:0x7f24af98eb69 [ 1010.556878][T21977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1010.556892][T21977] RSP: 002b:00007f24b077d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1010.556907][T21977] RAX: ffffffffffffffda RBX: 00007f24afbb5fa0 RCX: 00007f24af98eb69 [ 1010.556917][T21977] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1010.556928][T21977] RBP: 00007f24afa11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1010.556940][T21977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1010.556949][T21977] R13: 0000000000000000 R14: 00007f24afbb5fa0 R15: 00007ffca3cd2f08 [ 1010.556970][T21977] [ 1010.557171][ T30] audit: type=1800 audit(6138072016.197:42): pid=21977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2857" name="dbroot" dev="configfs" ino=65262 res=0 errno=0 [ 1011.664651][T19212] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 1013.252782][ T30] audit: type=1804 audit(6138072018.887:43): pid=22012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2865" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1014.684686][T22028] FAULT_INJECTION: forcing a failure. [ 1014.684686][T22028] name failslab, interval 1, probability 0, space 0, times 0 [ 1014.751580][ T30] audit: type=1400 audit(6138072020.377:44): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=22029 comm="syz.4.2868" [ 1014.794834][T22028] CPU: 0 UID: 0 PID: 22028 Comm: syz.0.2869 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1014.794857][T22028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1014.794865][T22028] Call Trace: [ 1014.794871][T22028] [ 1014.794877][T22028] dump_stack_lvl+0x16c/0x1f0 [ 1014.794901][T22028] should_fail_ex+0x512/0x640 [ 1014.794921][T22028] ? __kmalloc_noprof+0xbf/0x510 [ 1014.794942][T22028] ? memcg_list_lru_alloc+0x4e9/0x740 [ 1014.794959][T22028] should_failslab+0xc2/0x120 [ 1014.794978][T22028] __kmalloc_noprof+0xd2/0x510 [ 1014.794994][T22028] ? __lock_acquire+0x622/0x1c90 [ 1014.795016][T22028] memcg_list_lru_alloc+0x4e9/0x740 [ 1014.795041][T22028] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 1014.795063][T22028] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 1014.795081][T22028] __memcg_slab_post_alloc_hook+0x133/0x960 [ 1014.795104][T22028] ? kasan_save_track+0x14/0x30 [ 1014.795122][T22028] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 1014.795140][T22028] ? mqueue_alloc_inode+0x25/0x50 [ 1014.795160][T22028] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1014.795176][T22028] ? __pfx_mqueue_alloc_inode+0x10/0x10 [ 1014.795193][T22028] mqueue_alloc_inode+0x25/0x50 [ 1014.795209][T22028] alloc_inode+0x61/0x240 [ 1014.795229][T22028] new_inode+0x22/0x1c0 [ 1014.795250][T22028] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1014.795266][T22028] mqueue_get_inode+0x2e/0xdd0 [ 1014.795283][T22028] ? sget_fc+0x808/0xc20 [ 1014.795298][T22028] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1014.795314][T22028] mqueue_fill_super+0x14d/0x260 [ 1014.795331][T22028] get_tree_nodev+0xda/0x190 [ 1014.795347][T22028] mqueue_get_tree+0xf1/0x130 [ 1014.795363][T22028] vfs_get_tree+0x8b/0x340 [ 1014.795384][T22028] fc_mount_longterm+0x18/0x160 [ 1014.795405][T22028] mq_init_ns+0x426/0x620 [ 1014.795428][T22028] copy_ipcs+0x383/0x610 [ 1014.795446][T22028] ? copy_utsname+0xab/0x470 [ 1014.795467][T22028] create_new_namespaces+0x20a/0xa90 [ 1014.795483][T22028] ? security_capable+0x7e/0x260 [ 1014.795504][T22028] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1014.795522][T22028] ksys_unshare+0x45b/0xa40 [ 1014.795541][T22028] ? __pfx_ksys_unshare+0x10/0x10 [ 1014.795561][T22028] ? syscall_user_dispatch+0x78/0x140 [ 1014.795587][T22028] __x64_sys_unshare+0x31/0x40 [ 1014.795604][T22028] do_syscall_64+0xcd/0x490 [ 1014.795620][T22028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1014.795637][T22028] RIP: 0033:0x7f213578eb69 [ 1014.795649][T22028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1014.795663][T22028] RSP: 002b:00007f2136635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1014.795677][T22028] RAX: ffffffffffffffda RBX: 00007f21359b5fa0 RCX: 00007f213578eb69 [ 1014.795686][T22028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1014.795695][T22028] RBP: 00007f2136635090 R08: 0000000000000000 R09: 0000000000000000 [ 1014.795704][T22028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1014.795712][T22028] R13: 0000000000000000 R14: 00007f21359b5fa0 R15: 00007ffcea902438 [ 1014.795731][T22028] [ 1016.161374][T22037] FAULT_INJECTION: forcing a failure. [ 1016.161374][T22037] name failslab, interval 1, probability 0, space 0, times 0 [ 1016.294278][T22037] CPU: 0 UID: 0 PID: 22037 Comm: syz.5.2870 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1016.294302][T22037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1016.294312][T22037] Call Trace: [ 1016.294319][T22037] [ 1016.294326][T22037] dump_stack_lvl+0x16c/0x1f0 [ 1016.294346][T22037] should_fail_ex+0x512/0x640 [ 1016.294369][T22037] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1016.294390][T22037] should_failslab+0xc2/0x120 [ 1016.294410][T22037] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1016.294428][T22037] ? __kernfs_new_node+0xd2/0x8e0 [ 1016.294448][T22037] __kernfs_new_node+0xd2/0x8e0 [ 1016.294467][T22037] ? __pfx___kernfs_new_node+0x10/0x10 [ 1016.294488][T22037] ? find_held_lock+0x2b/0x80 [ 1016.294503][T22037] ? kernfs_root+0xee/0x2a0 [ 1016.294522][T22037] kernfs_new_node+0x13c/0x1e0 [ 1016.294544][T22037] __kernfs_create_file+0x53/0x350 [ 1016.294569][T22037] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1016.294589][T22037] internal_create_group+0x578/0xf30 [ 1016.294611][T22037] ? __pfx_internal_create_group+0x10/0x10 [ 1016.294630][T22037] ? kernfs_create_link+0x1bd/0x240 [ 1016.294654][T22037] internal_create_groups+0x9d/0x150 [ 1016.294673][T22037] device_add+0x77f/0x1a70 [ 1016.294697][T22037] ? __pfx_device_add+0x10/0x10 [ 1016.294718][T22037] ? lockdep_init_map_type+0x5c/0x280 [ 1016.294737][T22037] ? __init_waitqueue_head+0xca/0x150 [ 1016.294763][T22037] netdev_register_kobject+0x1a9/0x3d0 [ 1016.294784][T22037] register_netdevice+0x13dc/0x2270 [ 1016.294804][T22037] ? __pfx_register_netdevice+0x10/0x10 [ 1016.294826][T22037] ppp_dev_configure+0xa1e/0xd40 [ 1016.294859][T22037] ppp_ioctl+0x17e0/0x2660 [ 1016.294879][T22037] ? find_held_lock+0x2b/0x80 [ 1016.294892][T22037] ? __pfx_ppp_ioctl+0x10/0x10 [ 1016.294914][T22037] ? __fget_files+0x20e/0x3c0 [ 1016.294932][T22037] ? __pfx_ppp_ioctl+0x10/0x10 [ 1016.294950][T22037] __x64_sys_ioctl+0x18e/0x210 [ 1016.294972][T22037] do_syscall_64+0xcd/0x490 [ 1016.294988][T22037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1016.295004][T22037] RIP: 0033:0x7f75cf58eb69 [ 1016.295017][T22037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1016.295032][T22037] RSP: 002b:00007f75d030f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1016.295046][T22037] RAX: ffffffffffffffda RBX: 00007f75cf7b6160 RCX: 00007f75cf58eb69 [ 1016.295056][T22037] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 000000000000000c [ 1016.295065][T22037] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1016.295074][T22037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1016.295083][T22037] R13: 0000000000000000 R14: 00007f75cf7b6160 R15: 00007ffe366a5ef8 [ 1016.295102][T22037] [ 1018.455389][ T30] audit: type=1804 audit(6138072024.087:45): pid=22064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2876" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1018.572537][T22060] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1020.875807][ T30] audit: type=1400 audit(6138072026.517:46): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=22110 comm="syz.5.2886" [ 1021.515318][ T30] audit: type=1804 audit(6138072027.147:47): pid=22121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2890" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1022.196658][T22128] FAULT_INJECTION: forcing a failure. [ 1022.196658][T22128] name failslab, interval 1, probability 0, space 0, times 0 [ 1022.467214][T22128] CPU: 0 UID: 0 PID: 22128 Comm: syz.1.2888 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1022.467239][T22128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1022.467249][T22128] Call Trace: [ 1022.467255][T22128] [ 1022.467262][T22128] dump_stack_lvl+0x16c/0x1f0 [ 1022.467280][T22128] should_fail_ex+0x512/0x640 [ 1022.467302][T22128] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1022.467323][T22128] should_failslab+0xc2/0x120 [ 1022.467343][T22128] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1022.467360][T22128] ? __kernfs_new_node+0xd2/0x8e0 [ 1022.467379][T22128] __kernfs_new_node+0xd2/0x8e0 [ 1022.467396][T22128] ? kernfs_add_one+0x37d/0x840 [ 1022.467414][T22128] ? __pfx___kernfs_new_node+0x10/0x10 [ 1022.467438][T22128] ? find_held_lock+0x2b/0x80 [ 1022.467452][T22128] ? kernfs_root+0xee/0x2a0 [ 1022.467472][T22128] kernfs_new_node+0x13c/0x1e0 [ 1022.467490][T22128] ? net_ns_get_ownership+0xf8/0x1b0 [ 1022.467507][T22128] kernfs_create_dir_ns+0x4c/0x1a0 [ 1022.467529][T22128] internal_create_group+0x34d/0xf30 [ 1022.467550][T22128] ? __pfx_internal_create_group+0x10/0x10 [ 1022.467568][T22128] ? __pfx_internal_create_group+0x10/0x10 [ 1022.467587][T22128] ? __pfx_dev_add_physical_location+0x10/0x10 [ 1022.467608][T22128] ? bus_to_subsys+0x131/0x160 [ 1022.467625][T22128] dpm_sysfs_add+0x80/0x280 [ 1022.467646][T22128] device_add+0x9a6/0x1a70 [ 1022.467669][T22128] ? __pfx_device_add+0x10/0x10 [ 1022.467689][T22128] ? lockdep_init_map_type+0x5c/0x280 [ 1022.467709][T22128] ? __init_waitqueue_head+0xca/0x150 [ 1022.467735][T22128] netdev_register_kobject+0x1a9/0x3d0 [ 1022.467755][T22128] register_netdevice+0x13dc/0x2270 [ 1022.467775][T22128] ? __pfx_register_netdevice+0x10/0x10 [ 1022.467796][T22128] ppp_dev_configure+0xa1e/0xd40 [ 1022.467819][T22128] ppp_ioctl+0x17e0/0x2660 [ 1022.467838][T22128] ? find_held_lock+0x2b/0x80 [ 1022.467851][T22128] ? __pfx_ppp_ioctl+0x10/0x10 [ 1022.467872][T22128] ? __fget_files+0x20e/0x3c0 [ 1022.467889][T22128] ? __pfx_ppp_ioctl+0x10/0x10 [ 1022.467907][T22128] __x64_sys_ioctl+0x18e/0x210 [ 1022.467929][T22128] do_syscall_64+0xcd/0x490 [ 1022.467945][T22128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1022.467961][T22128] RIP: 0033:0x7fec0898eb69 [ 1022.467974][T22128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1022.467988][T22128] RSP: 002b:00007fec067f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1022.468012][T22128] RAX: ffffffffffffffda RBX: 00007fec08bb6160 RCX: 00007fec0898eb69 [ 1022.468023][T22128] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 000000000000000c [ 1022.468032][T22128] RBP: 00007fec08a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1022.468042][T22128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1022.468052][T22128] R13: 0000000000000000 R14: 00007fec08bb6160 R15: 00007fffd75d5e68 [ 1022.468071][T22128] [ 1027.320772][T22194] FAULT_INJECTION: forcing a failure. [ 1027.320772][T22194] name failslab, interval 1, probability 0, space 0, times 0 [ 1027.445755][T22194] CPU: 0 UID: 0 PID: 22194 Comm: syz.0.2904 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1027.445781][T22194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1027.445790][T22194] Call Trace: [ 1027.445796][T22194] [ 1027.445802][T22194] dump_stack_lvl+0x16c/0x1f0 [ 1027.445821][T22194] should_fail_ex+0x512/0x640 [ 1027.445845][T22194] should_failslab+0xc2/0x120 [ 1027.445865][T22194] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1027.445884][T22194] ? skb_clone+0x190/0x3f0 [ 1027.445901][T22194] skb_clone+0x190/0x3f0 [ 1027.445916][T22194] netlink_deliver_tap+0xabd/0xd30 [ 1027.445942][T22194] netlink_unicast+0x64c/0x870 [ 1027.445959][T22194] ? __pfx_netlink_unicast+0x10/0x10 [ 1027.445981][T22194] netlink_sendmsg+0x8d1/0xdd0 [ 1027.445998][T22194] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1027.446026][T22194] ____sys_sendmsg+0xa98/0xc70 [ 1027.446045][T22194] ? copy_msghdr_from_user+0x10a/0x160 [ 1027.446063][T22194] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1027.446083][T22194] ? kfree+0x24f/0x4d0 [ 1027.446095][T22194] ? __pfx__kstrtoull+0x10/0x10 [ 1027.446117][T22194] ___sys_sendmsg+0x134/0x1d0 [ 1027.446132][T22194] ? __pfx____sys_sendmsg+0x10/0x10 [ 1027.446163][T22194] ? __pfx___might_resched+0x10/0x10 [ 1027.446181][T22194] __sys_sendmmsg+0x200/0x420 [ 1027.446197][T22194] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1027.446217][T22194] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1027.446239][T22194] ? fput+0x70/0xf0 [ 1027.446257][T22194] ? ksys_write+0x1ac/0x250 [ 1027.446271][T22194] ? __pfx_ksys_write+0x10/0x10 [ 1027.446289][T22194] __x64_sys_sendmmsg+0x9c/0x100 [ 1027.446302][T22194] ? lockdep_hardirqs_on+0x7c/0x110 [ 1027.446324][T22194] do_syscall_64+0xcd/0x490 [ 1027.446339][T22194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1027.446354][T22194] RIP: 0033:0x7f213578eb69 [ 1027.446365][T22194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1027.446379][T22194] RSP: 002b:00007f2136635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1027.446393][T22194] RAX: ffffffffffffffda RBX: 00007f21359b5fa0 RCX: 00007f213578eb69 [ 1027.446402][T22194] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 1027.446411][T22194] RBP: 00007f2136635090 R08: 0000000000000000 R09: 0000000000000000 [ 1027.446419][T22194] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 1027.446428][T22194] R13: 0000000000000000 R14: 00007f21359b5fa0 R15: 00007ffcea902438 [ 1027.446446][T22194] [ 1027.446473][T22194] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2904'. [ 1028.029871][T22200] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1028.303766][T22210] FAULT_INJECTION: forcing a failure. [ 1028.303766][T22210] name failslab, interval 1, probability 0, space 0, times 0 [ 1028.348277][T22210] CPU: 0 UID: 0 PID: 22210 Comm: syz.5.2910 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1028.348302][T22210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1028.348312][T22210] Call Trace: [ 1028.348318][T22210] [ 1028.348324][T22210] dump_stack_lvl+0x16c/0x1f0 [ 1028.348344][T22210] should_fail_ex+0x512/0x640 [ 1028.348370][T22210] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1028.348388][T22210] should_failslab+0xc2/0x120 [ 1028.348409][T22210] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1028.348425][T22210] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1028.348452][T22210] ima_calc_file_hash_tfm+0x231/0x350 [ 1028.348473][T22210] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1028.348513][T22210] ? stack_trace_save+0x8e/0xc0 [ 1028.348530][T22210] ? ima_alloc_tfm+0x21a/0x2e0 [ 1028.348546][T22210] ? generic_fillattr+0x6bf/0x940 [ 1028.348566][T22210] ima_calc_file_hash+0x1ba/0x490 [ 1028.348586][T22210] ima_collect_measurement+0x899/0xa40 [ 1028.348612][T22210] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1028.348651][T22210] ? __mutex_lock+0x1c2/0x1070 [ 1028.348666][T22210] ? is_bad_inode+0xd/0x40 [ 1028.348687][T22210] ? xattr_resolve_name+0x27b/0x3f0 [ 1028.348718][T22210] ? vfs_getxattr_alloc+0xec/0x340 [ 1028.348738][T22210] ? ima_get_hash_algo+0x27c/0x400 [ 1028.348753][T22210] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1028.348772][T22210] ? process_measurement+0x11fa/0x23e0 [ 1028.348788][T22210] process_measurement+0x11fa/0x23e0 [ 1028.348811][T22210] ? __pfx_process_measurement+0x10/0x10 [ 1028.348827][T22210] ? __lock_acquire+0xb8a/0x1c90 [ 1028.348870][T22210] ? __configfs_open_file+0x79a/0x9c0 [ 1028.348890][T22210] ? inode_to_bdi+0x9e/0x160 [ 1028.348911][T22210] ima_file_check+0xc5/0x110 [ 1028.348928][T22210] ? __pfx_ima_file_check+0x10/0x10 [ 1028.348950][T22210] security_file_post_open+0x8e/0x210 [ 1028.348973][T22210] path_openat+0x1404/0x2cb0 [ 1028.348996][T22210] ? __pfx_path_openat+0x10/0x10 [ 1028.349012][T22210] ? __lock_acquire+0xb8a/0x1c90 [ 1028.349032][T22210] do_filp_open+0x20b/0x470 [ 1028.349047][T22210] ? __pfx_do_filp_open+0x10/0x10 [ 1028.349076][T22210] ? alloc_fd+0x471/0x7d0 [ 1028.349095][T22210] do_sys_openat2+0x11b/0x1d0 [ 1028.349114][T22210] ? __pfx_do_sys_openat2+0x10/0x10 [ 1028.349142][T22210] __x64_sys_openat+0x174/0x210 [ 1028.349162][T22210] ? __pfx___x64_sys_openat+0x10/0x10 [ 1028.349191][T22210] do_syscall_64+0xcd/0x490 [ 1028.349206][T22210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1028.349222][T22210] RIP: 0033:0x7f75cf58eb69 [ 1028.349234][T22210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1028.349248][T22210] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1028.349262][T22210] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 1028.349273][T22210] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1028.349283][T22210] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1028.349293][T22210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1028.349302][T22210] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 1028.349321][T22210] [ 1028.351827][ T30] audit: type=1800 audit(6138072033.987:48): pid=22210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2910" name="dbroot" dev="configfs" ino=66680 res=0 errno=0 [ 1031.217998][T22256] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1031.230446][T22261] FAULT_INJECTION: forcing a failure. [ 1031.230446][T22261] name failslab, interval 1, probability 0, space 0, times 0 [ 1031.285068][T22261] CPU: 0 UID: 0 PID: 22261 Comm: syz.0.2921 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1031.285092][T22261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1031.285102][T22261] Call Trace: [ 1031.285108][T22261] [ 1031.285114][T22261] dump_stack_lvl+0x16c/0x1f0 [ 1031.285134][T22261] should_fail_ex+0x512/0x640 [ 1031.285157][T22261] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1031.285175][T22261] should_failslab+0xc2/0x120 [ 1031.285196][T22261] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1031.285211][T22261] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1031.285235][T22261] ima_calc_file_hash_tfm+0x231/0x350 [ 1031.285253][T22261] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1031.285301][T22261] ? stack_trace_save+0x8e/0xc0 [ 1031.285320][T22261] ? ima_alloc_tfm+0x21a/0x2e0 [ 1031.285336][T22261] ? generic_fillattr+0x6bf/0x940 [ 1031.285358][T22261] ima_calc_file_hash+0x1ba/0x490 [ 1031.285380][T22261] ima_collect_measurement+0x899/0xa40 [ 1031.285406][T22261] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1031.285440][T22261] ? __mutex_lock+0x1c2/0x1070 [ 1031.285454][T22261] ? is_bad_inode+0xd/0x40 [ 1031.285475][T22261] ? xattr_resolve_name+0x27b/0x3f0 [ 1031.285500][T22261] ? vfs_getxattr_alloc+0xec/0x340 [ 1031.285518][T22261] ? ima_get_hash_algo+0x27c/0x400 [ 1031.285533][T22261] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1031.285553][T22261] ? process_measurement+0x11fa/0x23e0 [ 1031.285569][T22261] process_measurement+0x11fa/0x23e0 [ 1031.285591][T22261] ? __pfx_process_measurement+0x10/0x10 [ 1031.285610][T22261] ? __lock_acquire+0xb8a/0x1c90 [ 1031.285657][T22261] ? __configfs_open_file+0x79a/0x9c0 [ 1031.285677][T22261] ? inode_to_bdi+0x9e/0x160 [ 1031.285699][T22261] ima_file_check+0xc5/0x110 [ 1031.285716][T22261] ? __pfx_ima_file_check+0x10/0x10 [ 1031.285738][T22261] security_file_post_open+0x8e/0x210 [ 1031.285764][T22261] path_openat+0x1404/0x2cb0 [ 1031.285789][T22261] ? __pfx_path_openat+0x10/0x10 [ 1031.285808][T22261] ? __lock_acquire+0xb8a/0x1c90 [ 1031.285829][T22261] do_filp_open+0x20b/0x470 [ 1031.285845][T22261] ? __pfx_do_filp_open+0x10/0x10 [ 1031.285874][T22261] ? alloc_fd+0x471/0x7d0 [ 1031.285892][T22261] do_sys_openat2+0x11b/0x1d0 [ 1031.285912][T22261] ? __pfx_do_sys_openat2+0x10/0x10 [ 1031.285939][T22261] __x64_sys_openat+0x174/0x210 [ 1031.285958][T22261] ? __pfx___x64_sys_openat+0x10/0x10 [ 1031.285986][T22261] do_syscall_64+0xcd/0x490 [ 1031.286002][T22261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1031.286017][T22261] RIP: 0033:0x7f213578eb69 [ 1031.286030][T22261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1031.286045][T22261] RSP: 002b:00007f2136635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1031.286061][T22261] RAX: ffffffffffffffda RBX: 00007f21359b5fa0 RCX: 00007f213578eb69 [ 1031.286071][T22261] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1031.286082][T22261] RBP: 00007f2135811df1 R08: 0000000000000000 R09: 0000000000000000 [ 1031.286091][T22261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1031.286100][T22261] R13: 0000000000000000 R14: 00007f21359b5fa0 R15: 00007ffcea902438 [ 1031.286120][T22261] [ 1032.331679][ T30] audit: type=1800 audit(6138072037.967:49): pid=22261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2921" name="dbroot" dev="configfs" ino=66921 res=0 errno=0 [ 1032.412262][T22269] Invalid ELF header magic: != ELF [ 1034.670122][T22301] FAULT_INJECTION: forcing a failure. [ 1034.670122][T22301] name failslab, interval 1, probability 0, space 0, times 0 [ 1034.741798][T22301] CPU: 0 UID: 0 PID: 22301 Comm: syz.5.2932 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1034.741821][T22301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1034.741831][T22301] Call Trace: [ 1034.741836][T22301] [ 1034.741842][T22301] dump_stack_lvl+0x16c/0x1f0 [ 1034.741861][T22301] should_fail_ex+0x512/0x640 [ 1034.741881][T22301] ? fs_reclaim_acquire+0xae/0x150 [ 1034.741905][T22301] ? security_inode_init_security+0x13f/0x390 [ 1034.741923][T22301] should_failslab+0xc2/0x120 [ 1034.741943][T22301] __kmalloc_noprof+0xd2/0x510 [ 1034.741965][T22301] security_inode_init_security+0x13f/0x390 [ 1034.741993][T22301] ? __pfx_shmem_initxattrs+0x10/0x10 [ 1034.742014][T22301] ? __pfx_security_inode_init_security+0x10/0x10 [ 1034.742032][T22301] ? shmem_get_inode+0x73a/0xfb0 [ 1034.742056][T22301] shmem_symlink+0x135/0x9f0 [ 1034.742082][T22301] ? __pfx_shmem_symlink+0x10/0x10 [ 1034.742098][T22301] ? bpf_lsm_inode_permission+0x9/0x10 [ 1034.742116][T22301] ? security_inode_permission+0xbf/0x260 [ 1034.742138][T22301] ? inode_permission+0x156/0x630 [ 1034.742160][T22301] vfs_symlink+0x403/0x680 [ 1034.742183][T22301] do_symlinkat+0x261/0x310 [ 1034.742201][T22301] ? __pfx_do_symlinkat+0x10/0x10 [ 1034.742218][T22301] ? getname_flags.part.0+0x1c5/0x550 [ 1034.742241][T22301] __x64_sys_symlink+0x75/0x90 [ 1034.742258][T22301] do_syscall_64+0xcd/0x490 [ 1034.742274][T22301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1034.742288][T22301] RIP: 0033:0x7f75cf58eb69 [ 1034.742301][T22301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1034.742315][T22301] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1034.742329][T22301] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 1034.742338][T22301] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000200000000140 [ 1034.742347][T22301] RBP: 00007f75d0351090 R08: 0000000000000000 R09: 0000000000000000 [ 1034.742356][T22301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1034.742365][T22301] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 1034.742384][T22301] [ 1034.965644][ C0] vkms_vblank_simulate: vblank timer overrun [ 1035.066351][T22304] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1039.067859][T22317] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2937'. [ 1039.174143][T22310] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1039.599836][T22327] FAULT_INJECTION: forcing a failure. [ 1039.599836][T22327] name failslab, interval 1, probability 0, space 0, times 0 [ 1039.686856][T22327] CPU: 0 UID: 0 PID: 22327 Comm: syz.5.2943 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1039.686881][T22327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1039.686890][T22327] Call Trace: [ 1039.686896][T22327] [ 1039.686902][T22327] dump_stack_lvl+0x16c/0x1f0 [ 1039.686921][T22327] should_fail_ex+0x512/0x640 [ 1039.686943][T22327] ? fs_reclaim_acquire+0xae/0x150 [ 1039.686967][T22327] ? tomoyo_encode2+0x100/0x3e0 [ 1039.686982][T22327] should_failslab+0xc2/0x120 [ 1039.687001][T22327] __kmalloc_noprof+0xd2/0x510 [ 1039.687022][T22327] tomoyo_encode2+0x100/0x3e0 [ 1039.687039][T22327] tomoyo_encode+0x29/0x50 [ 1039.687053][T22327] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1039.687074][T22327] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1039.687096][T22327] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1039.687137][T22327] ? find_held_lock+0x2b/0x80 [ 1039.687156][T22327] tomoyo_file_open+0x6b/0x90 [ 1039.687174][T22327] security_file_open+0x84/0x1e0 [ 1039.687189][T22327] do_dentry_open+0x596/0x1c10 [ 1039.687212][T22327] vfs_open+0x82/0x3f0 [ 1039.687234][T22327] path_openat+0x1de4/0x2cb0 [ 1039.687256][T22327] ? __pfx_path_openat+0x10/0x10 [ 1039.687272][T22327] ? __lock_acquire+0xb8a/0x1c90 [ 1039.687292][T22327] do_filp_open+0x20b/0x470 [ 1039.687307][T22327] ? __pfx_do_filp_open+0x10/0x10 [ 1039.687336][T22327] ? alloc_fd+0x471/0x7d0 [ 1039.687355][T22327] do_sys_openat2+0x11b/0x1d0 [ 1039.687375][T22327] ? __pfx_do_sys_openat2+0x10/0x10 [ 1039.687401][T22327] __x64_sys_openat+0x174/0x210 [ 1039.687422][T22327] ? __pfx___x64_sys_openat+0x10/0x10 [ 1039.687450][T22327] do_syscall_64+0xcd/0x490 [ 1039.687466][T22327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1039.687481][T22327] RIP: 0033:0x7f75cf58eb69 [ 1039.687494][T22327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1039.687508][T22327] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1039.687523][T22327] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 1039.687533][T22327] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1039.687543][T22327] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1039.687551][T22327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1039.687560][T22327] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 1039.687579][T22327] [ 1039.687598][T22327] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1040.690971][T22328] zswap: compressor not available [ 1040.968834][ T30] audit: type=1800 audit(6138072046.607:50): pid=22327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2943" name="dbroot" dev="configfs" ino=67155 res=0 errno=0 [ 1041.339903][T22357] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2948'. [ 1042.599595][T22378] FAULT_INJECTION: forcing a failure. [ 1042.599595][T22378] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1042.851757][T22378] CPU: 0 UID: 0 PID: 22378 Comm: syz.0.2955 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1042.851781][T22378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1042.851790][T22378] Call Trace: [ 1042.851796][T22378] [ 1042.851802][T22378] dump_stack_lvl+0x16c/0x1f0 [ 1042.851821][T22378] should_fail_ex+0x512/0x640 [ 1042.851845][T22378] should_fail_alloc_page+0xe7/0x130 [ 1042.851866][T22378] prepare_alloc_pages+0x3c2/0x610 [ 1042.851888][T22378] ? rcu_is_watching+0x12/0xc0 [ 1042.851904][T22378] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1042.851926][T22378] ? __lock_acquire+0x622/0x1c90 [ 1042.851944][T22378] ? perf_trace_prq_report+0x164/0x860 [ 1042.851962][T22378] ? __vmf_anon_prepare+0x11c/0x240 [ 1042.851985][T22378] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1042.852001][T22378] ? __lock_acquire+0x622/0x1c90 [ 1042.852018][T22378] ? perf_trace_prq_report+0x164/0x860 [ 1042.852037][T22378] ? __lock_acquire+0x622/0x1c90 [ 1042.852055][T22378] ? __lock_acquire+0x622/0x1c90 [ 1042.852071][T22378] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1042.852094][T22378] ? policy_nodemask+0xea/0x4e0 [ 1042.852114][T22378] alloc_pages_mpol+0x1fb/0x550 [ 1042.852133][T22378] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1042.852157][T22378] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1042.852179][T22378] vma_alloc_folio_noprof+0xed/0x1e0 [ 1042.852200][T22378] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1042.852220][T22378] ? find_held_lock+0x2b/0x80 [ 1042.852234][T22378] ? __handle_mm_fault+0x1092/0x5390 [ 1042.852252][T22378] __handle_mm_fault+0x2f21/0x5390 [ 1042.852277][T22378] ? __pfx___handle_mm_fault+0x10/0x10 [ 1042.852292][T22378] ? __pte_offset_map_lock+0x174/0x310 [ 1042.852312][T22378] ? find_held_lock+0x2b/0x80 [ 1042.852324][T22378] ? find_held_lock+0x2b/0x80 [ 1042.852342][T22378] ? follow_page_pte+0x3af/0x14c0 [ 1042.852368][T22378] handle_mm_fault+0x589/0xd10 [ 1042.852386][T22378] __get_user_pages+0x589/0x3b80 [ 1042.852413][T22378] ? __pfx_mt_find+0x10/0x10 [ 1042.852428][T22378] ? __pfx___get_user_pages+0x10/0x10 [ 1042.852456][T22378] populate_vma_page_range+0x278/0x3a0 [ 1042.852479][T22378] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1042.852505][T22378] ? __pfx_find_vma_intersection+0x10/0x10 [ 1042.852527][T22378] ? do_mmap+0x69c/0x1210 [ 1042.852550][T22378] __mm_populate+0x1d8/0x380 [ 1042.852564][T22378] ? __pfx___mm_populate+0x10/0x10 [ 1042.852579][T22378] ? up_write+0x1b2/0x520 [ 1042.852600][T22378] vm_mmap_pgoff+0x362/0x450 [ 1042.852622][T22378] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1042.852643][T22378] ? __fget_files+0x20e/0x3c0 [ 1042.852663][T22378] ksys_mmap_pgoff+0x7d/0x5c0 [ 1042.852683][T22378] ? __pfx_ksys_write+0x10/0x10 [ 1042.852700][T22378] __x64_sys_mmap+0x125/0x190 [ 1042.852724][T22378] do_syscall_64+0xcd/0x490 [ 1042.852739][T22378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1042.852754][T22378] RIP: 0033:0x7f213578eb69 [ 1042.852767][T22378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1042.852781][T22378] RSP: 002b:00007f2136635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1042.852795][T22378] RAX: ffffffffffffffda RBX: 00007f21359b5fa0 RCX: 00007f213578eb69 [ 1042.852805][T22378] RDX: 000000007fffffff RSI: 0000000000040009 RDI: 0000000000000000 [ 1042.852814][T22378] RBP: 00007f2136635090 R08: ffffffffffffffff R09: 0100000000028000 [ 1042.852823][T22378] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 1042.852832][T22378] R13: 0000000000000000 R14: 00007f21359b5fa0 R15: 00007ffcea902438 [ 1042.852850][T22378] [ 1043.204505][ C0] vkms_vblank_simulate: vblank timer overrun [ 1043.837204][T22386] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1045.699873][T22414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2964'. [ 1047.172487][T22435] ptrace attach of "./syz-executor exec"[19560] was attempted by "./syz-executor exec"[22435] [ 1048.151403][T22448] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1049.443970][T22467] FAULT_INJECTION: forcing a failure. [ 1049.443970][T22467] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.538228][T22467] CPU: 0 UID: 0 PID: 22467 Comm: syz.0.2977 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1049.538252][T22467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1049.538262][T22467] Call Trace: [ 1049.538267][T22467] [ 1049.538274][T22467] dump_stack_lvl+0x16c/0x1f0 [ 1049.538293][T22467] should_fail_ex+0x512/0x640 [ 1049.538316][T22467] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1049.538334][T22467] should_failslab+0xc2/0x120 [ 1049.538354][T22467] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1049.538377][T22467] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1049.538419][T22467] ima_calc_file_hash_tfm+0x231/0x350 [ 1049.538438][T22467] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1049.538479][T22467] ? stack_trace_save+0x8e/0xc0 [ 1049.538498][T22467] ? ima_alloc_tfm+0x21a/0x2e0 [ 1049.538513][T22467] ? generic_fillattr+0x6bf/0x940 [ 1049.538534][T22467] ima_calc_file_hash+0x1ba/0x490 [ 1049.538560][T22467] ima_collect_measurement+0x899/0xa40 [ 1049.538585][T22467] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1049.538619][T22467] ? __mutex_lock+0x1c2/0x1070 [ 1049.538634][T22467] ? is_bad_inode+0xd/0x40 [ 1049.538654][T22467] ? xattr_resolve_name+0x27b/0x3f0 [ 1049.538679][T22467] ? vfs_getxattr_alloc+0xec/0x340 [ 1049.538698][T22467] ? ima_get_hash_algo+0x27c/0x400 [ 1049.538713][T22467] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1049.538732][T22467] ? process_measurement+0x11fa/0x23e0 [ 1049.538748][T22467] process_measurement+0x11fa/0x23e0 [ 1049.538770][T22467] ? __pfx_process_measurement+0x10/0x10 [ 1049.538786][T22467] ? __lock_acquire+0xb8a/0x1c90 [ 1049.538829][T22467] ? __configfs_open_file+0x79a/0x9c0 [ 1049.538848][T22467] ? inode_to_bdi+0x9e/0x160 [ 1049.538870][T22467] ima_file_check+0xc5/0x110 [ 1049.538886][T22467] ? __pfx_ima_file_check+0x10/0x10 [ 1049.538907][T22467] security_file_post_open+0x8e/0x210 [ 1049.538931][T22467] path_openat+0x1404/0x2cb0 [ 1049.538952][T22467] ? __pfx_path_openat+0x10/0x10 [ 1049.538969][T22467] ? __lock_acquire+0xb8a/0x1c90 [ 1049.538988][T22467] do_filp_open+0x20b/0x470 [ 1049.539004][T22467] ? __pfx_do_filp_open+0x10/0x10 [ 1049.539039][T22467] ? alloc_fd+0x471/0x7d0 [ 1049.539059][T22467] do_sys_openat2+0x11b/0x1d0 [ 1049.539080][T22467] ? __pfx_do_sys_openat2+0x10/0x10 [ 1049.539109][T22467] __x64_sys_openat+0x174/0x210 [ 1049.539130][T22467] ? __pfx___x64_sys_openat+0x10/0x10 [ 1049.539159][T22467] do_syscall_64+0xcd/0x490 [ 1049.539175][T22467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.539190][T22467] RIP: 0033:0x7f213578eb69 [ 1049.539203][T22467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1049.539217][T22467] RSP: 002b:00007f2136635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1049.539231][T22467] RAX: ffffffffffffffda RBX: 00007f21359b5fa0 RCX: 00007f213578eb69 [ 1049.539241][T22467] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1049.539252][T22467] RBP: 00007f2135811df1 R08: 0000000000000000 R09: 0000000000000000 [ 1049.539261][T22467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1049.539270][T22467] R13: 0000000000000000 R14: 00007f21359b5fa0 R15: 00007ffcea902438 [ 1049.539289][T22467] [ 1049.859564][ C0] vkms_vblank_simulate: vblank timer overrun [ 1049.866955][ T30] audit: type=1800 audit(6138072055.177:51): pid=22467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2977" name="dbroot" dev="configfs" ino=67781 res=0 errno=0 [ 1049.887327][ C0] vkms_vblank_simulate: vblank timer overrun [ 1050.999736][T22482] FAULT_INJECTION: forcing a failure. [ 1050.999736][T22482] name failslab, interval 1, probability 0, space 0, times 0 [ 1051.079644][T22482] CPU: 0 UID: 0 PID: 22482 Comm: syz.5.2982 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1051.079668][T22482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1051.079677][T22482] Call Trace: [ 1051.079683][T22482] [ 1051.079690][T22482] dump_stack_lvl+0x16c/0x1f0 [ 1051.079709][T22482] should_fail_ex+0x512/0x640 [ 1051.079731][T22482] ? fs_reclaim_acquire+0xae/0x150 [ 1051.079756][T22482] ? tomoyo_get_condition+0xf4b/0x1ca0 [ 1051.079775][T22482] should_failslab+0xc2/0x120 [ 1051.079794][T22482] __kmalloc_noprof+0xd2/0x510 [ 1051.079812][T22482] ? find_held_lock+0x2b/0x80 [ 1051.079829][T22482] tomoyo_get_condition+0xf4b/0x1ca0 [ 1051.079856][T22482] ? __pfx_tomoyo_get_condition+0x10/0x10 [ 1051.079876][T22482] ? tomoyo_fill_path_info+0x233/0x420 [ 1051.079898][T22482] tomoyo_update_domain+0x484/0x870 [ 1051.079917][T22482] ? __pfx_tomoyo_same_path_acl+0x10/0x10 [ 1051.079938][T22482] ? __pfx_tomoyo_merge_path_acl+0x10/0x10 [ 1051.079961][T22482] tomoyo_write_file+0x4fa/0x8e0 [ 1051.079983][T22482] ? __pfx_tomoyo_write_file+0x10/0x10 [ 1051.080009][T22482] ? vsnprintf+0x318/0x1160 [ 1051.080034][T22482] ? __pfx_vsnprintf+0x10/0x10 [ 1051.080063][T22482] tomoyo_write_domain2+0x128/0x1e0 [ 1051.080079][T22482] ? __pfx_tomoyo_write_domain2+0x10/0x10 [ 1051.080096][T22482] ? __kmalloc_noprof+0x242/0x510 [ 1051.080111][T22482] ? tomoyo_profile+0x47/0x60 [ 1051.080132][T22482] tomoyo_supervisor+0x7dd/0x13b0 [ 1051.080153][T22482] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1051.080183][T22482] ? rcu_is_watching+0x12/0xc0 [ 1051.080196][T22482] ? tomoyo_check_path_acl+0xad/0x210 [ 1051.080218][T22482] ? tomoyo_check_acl+0x1f7/0x410 [ 1051.080240][T22482] tomoyo_path_permission+0x270/0x3b0 [ 1051.080267][T22482] tomoyo_path_perm+0x3d4/0x460 [ 1051.080289][T22482] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1051.080318][T22482] ? do_raw_spin_lock+0x12c/0x2b0 [ 1051.080343][T22482] ? find_held_lock+0x2b/0x80 [ 1051.080366][T22482] ? __pfx_current_check_access_path+0x10/0x10 [ 1051.080390][T22482] ? simple_lookup+0x105/0x1d0 [ 1051.080413][T22482] ? lookup_one_qstr_excl+0xb3/0x250 [ 1051.080437][T22482] tomoyo_path_symlink+0x97/0xe0 [ 1051.080455][T22482] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1051.080472][T22482] ? find_held_lock+0x2b/0x80 [ 1051.080486][T22482] ? __might_fault+0xe3/0x190 [ 1051.080506][T22482] security_path_symlink+0x152/0x2e0 [ 1051.080527][T22482] do_symlinkat+0x10d/0x310 [ 1051.080546][T22482] ? __pfx_do_symlinkat+0x10/0x10 [ 1051.080562][T22482] ? getname_flags.part.0+0x1c5/0x550 [ 1051.080581][T22482] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 1051.080601][T22482] __x64_sys_symlinkat+0x93/0xc0 [ 1051.080619][T22482] do_syscall_64+0xcd/0x490 [ 1051.080635][T22482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1051.080650][T22482] RIP: 0033:0x7f75cf58eb69 [ 1051.080663][T22482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1051.080677][T22482] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a [ 1051.080692][T22482] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 1051.080702][T22482] RDX: 0000200000000040 RSI: ffffffffffffff9c RDI: 0000200000000000 [ 1051.080713][T22482] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1051.080723][T22482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1051.080731][T22482] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 1051.080751][T22482] [ 1053.527430][T22506] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2987'. [ 1054.598856][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.605505][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.784349][T22529] FAULT_INJECTION: forcing a failure. [ 1054.784349][T22529] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1055.006619][T22529] CPU: 0 UID: 0 PID: 22529 Comm: syz.4.2993 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1055.006643][T22529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1055.006653][T22529] Call Trace: [ 1055.006660][T22529] [ 1055.006666][T22529] dump_stack_lvl+0x16c/0x1f0 [ 1055.006685][T22529] should_fail_ex+0x512/0x640 [ 1055.006710][T22529] get_futex_key+0x1d0/0x1540 [ 1055.006731][T22529] ? __pfx_get_futex_key+0x10/0x10 [ 1055.006753][T22529] futex_wake+0xea/0x530 [ 1055.006773][T22529] ? rcu_is_watching+0x12/0xc0 [ 1055.006793][T22529] ? __pfx_futex_wake+0x10/0x10 [ 1055.006814][T22529] ? kmem_cache_free+0x2d1/0x4d0 [ 1055.006831][T22529] ? fd_install+0x225/0x750 [ 1055.006844][T22529] ? putname+0x154/0x1a0 [ 1055.006866][T22529] do_futex+0x1e3/0x350 [ 1055.006884][T22529] ? __pfx_do_futex+0x10/0x10 [ 1055.006906][T22529] __x64_sys_futex+0x1e0/0x4c0 [ 1055.006924][T22529] ? __x64_sys_openat+0x174/0x210 [ 1055.006944][T22529] ? __pfx___x64_sys_futex+0x10/0x10 [ 1055.006968][T22529] do_syscall_64+0xcd/0x490 [ 1055.006983][T22529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.007006][T22529] RIP: 0033:0x7f24af98eb69 [ 1055.007019][T22529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1055.007034][T22529] RSP: 002b:00007f24acff20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1055.007049][T22529] RAX: ffffffffffffffda RBX: 00007f24afbb6328 RCX: 00007f24af98eb69 [ 1055.007059][T22529] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f24afbb632c [ 1055.007068][T22529] RBP: 00007f24afbb6320 R08: 00007f24b077e000 R09: 0000000000000000 [ 1055.007077][T22529] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f24afbb632c [ 1055.007086][T22529] R13: 0000000000000000 R14: 00007ffca3cd2e20 R15: 00007ffca3cd2f08 [ 1055.007104][T22529] [ 1056.544470][T22546] FAULT_INJECTION: forcing a failure. [ 1056.544470][T22546] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.613691][T22546] CPU: 0 UID: 0 PID: 22546 Comm: syz.1.2997 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1056.613715][T22546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1056.613724][T22546] Call Trace: [ 1056.613730][T22546] [ 1056.613737][T22546] dump_stack_lvl+0x16c/0x1f0 [ 1056.613756][T22546] should_fail_ex+0x512/0x640 [ 1056.613778][T22546] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1056.613796][T22546] should_failslab+0xc2/0x120 [ 1056.613817][T22546] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1056.613832][T22546] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1056.613853][T22546] ima_calc_file_hash_tfm+0x231/0x350 [ 1056.613872][T22546] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1056.613912][T22546] ? stack_trace_save+0x8e/0xc0 [ 1056.613929][T22546] ? ima_alloc_tfm+0x21a/0x2e0 [ 1056.613982][T22546] ? generic_fillattr+0x6bf/0x940 [ 1056.614004][T22546] ima_calc_file_hash+0x1ba/0x490 [ 1056.614026][T22546] ima_collect_measurement+0x899/0xa40 [ 1056.614051][T22546] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1056.614084][T22546] ? __mutex_lock+0x1c2/0x1070 [ 1056.614098][T22546] ? is_bad_inode+0xd/0x40 [ 1056.614118][T22546] ? xattr_resolve_name+0x27b/0x3f0 [ 1056.614143][T22546] ? vfs_getxattr_alloc+0xec/0x340 [ 1056.614161][T22546] ? ima_get_hash_algo+0x27c/0x400 [ 1056.614176][T22546] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1056.614197][T22546] ? process_measurement+0x11fa/0x23e0 [ 1056.614213][T22546] process_measurement+0x11fa/0x23e0 [ 1056.614235][T22546] ? __pfx_process_measurement+0x10/0x10 [ 1056.614250][T22546] ? __lock_acquire+0xb8a/0x1c90 [ 1056.614293][T22546] ? __configfs_open_file+0x79a/0x9c0 [ 1056.614312][T22546] ? inode_to_bdi+0x9e/0x160 [ 1056.614334][T22546] ima_file_check+0xc5/0x110 [ 1056.614350][T22546] ? __pfx_ima_file_check+0x10/0x10 [ 1056.614372][T22546] security_file_post_open+0x8e/0x210 [ 1056.614395][T22546] path_openat+0x1404/0x2cb0 [ 1056.614417][T22546] ? __pfx_path_openat+0x10/0x10 [ 1056.614434][T22546] ? __lock_acquire+0xb8a/0x1c90 [ 1056.614453][T22546] do_filp_open+0x20b/0x470 [ 1056.614469][T22546] ? __pfx_do_filp_open+0x10/0x10 [ 1056.614498][T22546] ? alloc_fd+0x471/0x7d0 [ 1056.614517][T22546] do_sys_openat2+0x11b/0x1d0 [ 1056.614538][T22546] ? __pfx_do_sys_openat2+0x10/0x10 [ 1056.614565][T22546] __x64_sys_openat+0x174/0x210 [ 1056.614585][T22546] ? __pfx___x64_sys_openat+0x10/0x10 [ 1056.614613][T22546] do_syscall_64+0xcd/0x490 [ 1056.614628][T22546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1056.614643][T22546] RIP: 0033:0x7fec0898eb69 [ 1056.614656][T22546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1056.614671][T22546] RSP: 002b:00007fec0973f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1056.614686][T22546] RAX: ffffffffffffffda RBX: 00007fec08bb5fa0 RCX: 00007fec0898eb69 [ 1056.614695][T22546] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1056.614705][T22546] RBP: 00007fec08a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1056.614714][T22546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1056.614723][T22546] R13: 0000000000000000 R14: 00007fec08bb5fa0 R15: 00007fffd75d5e68 [ 1056.614742][T22546] [ 1056.614866][ T30] audit: type=1800 audit(6138072062.247:52): pid=22546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2997" name="dbroot" dev="configfs" ino=68215 res=0 errno=0 [ 1057.282365][T22555] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1058.330076][ T30] audit: type=1800 audit(6138072063.957:53): pid=22574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3002" name="dbroot" dev="configfs" ino=68343 res=0 errno=0 [ 1062.706558][T22617] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 1063.402430][T22630] FAULT_INJECTION: forcing a failure. [ 1063.402430][T22630] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.469332][T22630] CPU: 0 UID: 0 PID: 22630 Comm: syz.1.3015 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1063.469371][T22630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1063.469388][T22630] Call Trace: [ 1063.469397][T22630] [ 1063.469408][T22630] dump_stack_lvl+0x16c/0x1f0 [ 1063.469440][T22630] should_fail_ex+0x512/0x640 [ 1063.469483][T22630] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1063.469503][T22630] should_failslab+0xc2/0x120 [ 1063.469522][T22630] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1063.469538][T22630] ? d_instantiate+0x77/0x90 [ 1063.469554][T22630] ? alloc_empty_file+0x55/0x1e0 [ 1063.469576][T22630] alloc_empty_file+0x55/0x1e0 [ 1063.469596][T22630] alloc_file_pseudo+0x13a/0x230 [ 1063.469615][T22630] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1063.469640][T22630] __shmem_file_setup+0x1a3/0x330 [ 1063.469656][T22630] shmem_zero_setup+0x93/0x1a0 [ 1063.469674][T22630] __mmap_region+0x1ece/0x25e0 [ 1063.469695][T22630] ? __pfx___mmap_region+0x10/0x10 [ 1063.469716][T22630] ? is_bpf_text_address+0x8a/0x1a0 [ 1063.469734][T22630] ? bpf_ksym_find+0x124/0x1c0 [ 1063.469748][T22630] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1063.469765][T22630] ? is_bpf_text_address+0x94/0x1a0 [ 1063.469782][T22630] ? kernel_text_address+0x8d/0x100 [ 1063.469804][T22630] ? __kernel_text_address+0xd/0x40 [ 1063.469855][T22630] ? trace_cap_capable+0x18d/0x200 [ 1063.469880][T22630] mmap_region+0x1ab/0x3f0 [ 1063.469897][T22630] ? __get_unmapped_area+0x267/0x440 [ 1063.469920][T22630] do_mmap+0xa3e/0x1210 [ 1063.469944][T22630] ? __pfx_do_mmap+0x10/0x10 [ 1063.469965][T22630] ? __pfx_down_write_killable+0x10/0x10 [ 1063.469985][T22630] vm_mmap_pgoff+0x281/0x450 [ 1063.470008][T22630] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1063.470029][T22630] ? __fget_files+0x20e/0x3c0 [ 1063.470049][T22630] ksys_mmap_pgoff+0x7d/0x5c0 [ 1063.470069][T22630] ? __pfx_ksys_write+0x10/0x10 [ 1063.470086][T22630] __x64_sys_mmap+0x125/0x190 [ 1063.470110][T22630] do_syscall_64+0xcd/0x490 [ 1063.470125][T22630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.470139][T22630] RIP: 0033:0x7fec0898eb69 [ 1063.470151][T22630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1063.470165][T22630] RSP: 002b:00007fec067f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1063.470179][T22630] RAX: ffffffffffffffda RBX: 00007fec08bb6160 RCX: 00007fec0898eb69 [ 1063.470189][T22630] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 1063.470198][T22630] RBP: 00007fec067f6090 R08: 0000000000000401 R09: 0000000000008000 [ 1063.470206][T22630] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000002 [ 1063.470215][T22630] R13: 0000000000000000 R14: 00007fec08bb6160 R15: 00007fffd75d5e68 [ 1063.470233][T22630] [ 1063.750377][ C0] vkms_vblank_simulate: vblank timer overrun [ 1064.661503][T22647] FAULT_INJECTION: forcing a failure. [ 1064.661503][T22647] name failslab, interval 1, probability 0, space 0, times 0 [ 1064.817479][T22647] CPU: 0 UID: 0 PID: 22647 Comm: syz.5.3018 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1064.817503][T22647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1064.817513][T22647] Call Trace: [ 1064.817519][T22647] [ 1064.817526][T22647] dump_stack_lvl+0x16c/0x1f0 [ 1064.817545][T22647] should_fail_ex+0x512/0x640 [ 1064.817567][T22647] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1064.817585][T22647] should_failslab+0xc2/0x120 [ 1064.817605][T22647] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1064.817621][T22647] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1064.817642][T22647] ima_calc_file_hash_tfm+0x231/0x350 [ 1064.817661][T22647] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1064.817700][T22647] ? stack_trace_save+0x8e/0xc0 [ 1064.817717][T22647] ? ima_alloc_tfm+0x21a/0x2e0 [ 1064.817734][T22647] ? generic_fillattr+0x6bf/0x940 [ 1064.817755][T22647] ima_calc_file_hash+0x1ba/0x490 [ 1064.817775][T22647] ima_collect_measurement+0x899/0xa40 [ 1064.817799][T22647] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1064.817831][T22647] ? __mutex_lock+0x1c2/0x1070 [ 1064.817845][T22647] ? is_bad_inode+0xd/0x40 [ 1064.817865][T22647] ? xattr_resolve_name+0x27b/0x3f0 [ 1064.817891][T22647] ? vfs_getxattr_alloc+0xec/0x340 [ 1064.817909][T22647] ? ima_get_hash_algo+0x27c/0x400 [ 1064.817924][T22647] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1064.817943][T22647] ? process_measurement+0x11fa/0x23e0 [ 1064.817959][T22647] process_measurement+0x11fa/0x23e0 [ 1064.817981][T22647] ? __pfx_process_measurement+0x10/0x10 [ 1064.817996][T22647] ? __lock_acquire+0xb8a/0x1c90 [ 1064.818040][T22647] ? __configfs_open_file+0x79a/0x9c0 [ 1064.818059][T22647] ? inode_to_bdi+0x9e/0x160 [ 1064.818080][T22647] ima_file_check+0xc5/0x110 [ 1064.818096][T22647] ? __pfx_ima_file_check+0x10/0x10 [ 1064.818117][T22647] security_file_post_open+0x8e/0x210 [ 1064.818147][T22647] path_openat+0x1404/0x2cb0 [ 1064.818171][T22647] ? __pfx_path_openat+0x10/0x10 [ 1064.818188][T22647] ? __lock_acquire+0xb8a/0x1c90 [ 1064.818209][T22647] do_filp_open+0x20b/0x470 [ 1064.818225][T22647] ? __pfx_do_filp_open+0x10/0x10 [ 1064.818255][T22647] ? alloc_fd+0x471/0x7d0 [ 1064.818274][T22647] do_sys_openat2+0x11b/0x1d0 [ 1064.818294][T22647] ? __pfx_do_sys_openat2+0x10/0x10 [ 1064.818322][T22647] __x64_sys_openat+0x174/0x210 [ 1064.818342][T22647] ? __pfx___x64_sys_openat+0x10/0x10 [ 1064.818369][T22647] do_syscall_64+0xcd/0x490 [ 1064.818386][T22647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.818401][T22647] RIP: 0033:0x7f75cf58eb69 [ 1064.818413][T22647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1064.818428][T22647] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1064.818442][T22647] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 1064.818453][T22647] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1064.818463][T22647] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1064.818472][T22647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1064.818481][T22647] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 1064.818500][T22647] [ 1065.479382][T22634] FAULT_INJECTION: forcing a failure. [ 1065.479382][T22634] name failslab, interval 1, probability 0, space 0, times 0 [ 1065.506565][ T30] audit: type=1800 audit(6138072070.457:54): pid=22647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3018" name="dbroot" dev="configfs" ino=68781 res=0 errno=0 [ 1065.585728][T22634] CPU: 0 UID: 0 PID: 22634 Comm: syz.0.3013 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1065.585753][T22634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1065.585766][T22634] Call Trace: [ 1065.585773][T22634] [ 1065.585779][T22634] dump_stack_lvl+0x16c/0x1f0 [ 1065.585798][T22634] should_fail_ex+0x512/0x640 [ 1065.585823][T22634] should_failslab+0xc2/0x120 [ 1065.585844][T22634] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1065.585860][T22634] ? tipc_sub_subscribe+0x150/0x870 [ 1065.585889][T22634] tipc_sub_subscribe+0x150/0x870 [ 1065.585913][T22634] tipc_conn_rcv_sub+0x1fa/0x400 [ 1065.585936][T22634] tipc_topsrv_kern_subscr+0x20b/0x3c0 [ 1065.585958][T22634] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 1065.585988][T22634] ? net_generic+0xea/0x2a0 [ 1065.586012][T22634] tipc_group_create+0x4ab/0x660 [ 1065.586037][T22634] tipc_setsockopt+0x7f0/0xdb0 [ 1065.586055][T22634] ? __pfx_tipc_setsockopt+0x10/0x10 [ 1065.586075][T22634] ? __fget_files+0x204/0x3c0 [ 1065.586092][T22634] ? __pfx_tipc_setsockopt+0x10/0x10 [ 1065.586108][T22634] do_sock_setsockopt+0xf0/0x1d0 [ 1065.586127][T22634] __sys_setsockopt+0x120/0x1a0 [ 1065.586152][T22634] __x64_sys_setsockopt+0xbd/0x160 [ 1065.586172][T22634] ? do_syscall_64+0x91/0x490 [ 1065.586185][T22634] ? lockdep_hardirqs_on+0x7c/0x110 [ 1065.586206][T22634] do_syscall_64+0xcd/0x490 [ 1065.586221][T22634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.586237][T22634] RIP: 0033:0x7f213578eb69 [ 1065.586249][T22634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1065.586263][T22634] RSP: 002b:00007f21365f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1065.586278][T22634] RAX: ffffffffffffffda RBX: 00007f21359b6160 RCX: 00007f213578eb69 [ 1065.586288][T22634] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000004 [ 1065.586296][T22634] RBP: 00007f2135811df1 R08: 0000000000000014 R09: 0000000000000000 [ 1065.586305][T22634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1065.586314][T22634] R13: 0000000000000000 R14: 00007f21359b6160 R15: 00007ffcea902438 [ 1065.586332][T22634] [ 1065.586795][T22634] tipc: Subscription rejected, no memory [ 1066.019752][ T30] audit: type=1800 audit(6138072071.567:55): pid=22654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3020" name="dbroot" dev="configfs" ino=68797 res=0 errno=0 [ 1067.173348][T22662] netlink: 25 bytes leftover after parsing attributes in process `syz.5.3022'. [ 1067.768316][ T30] audit: type=1800 audit(6138072073.407:56): pid=22666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3025" name="trace_pipe" dev="tracefs" ino=1141 res=0 errno=0 [ 1067.788934][ C0] vkms_vblank_simulate: vblank timer overrun [ 1069.460970][ T30] audit: type=1800 audit(6138072075.097:57): pid=22698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3032" name="dbroot" dev="configfs" ino=68959 res=0 errno=0 [ 1071.290729][ T30] audit: type=1800 audit(6138072076.927:58): pid=22716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3037" name="trace_pipe" dev="tracefs" ino=1141 res=0 errno=0 [ 1071.542421][T22723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3038'. [ 1071.682311][T22724] netlink: 'syz.4.3038': attribute type 1 has an invalid length. [ 1073.080420][ T30] audit: type=1800 audit(6138072078.717:59): pid=22742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3043" name="dbroot" dev="configfs" ino=69197 res=0 errno=0 [ 1073.549386][ T30] audit: type=1800 audit(6138072079.187:60): pid=22750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3046" name="dbroot" dev="configfs" ino=69227 res=0 errno=0 [ 1073.726093][T22758] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3045'. [ 1074.171643][T22769] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3049'. [ 1074.300248][T22774] netlink: 'syz.5.3049': attribute type 1 has an invalid length. [ 1074.390771][T22775] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1074.683839][T22785] program syz.4.3052 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1074.914578][T22783] zswap: compressor 000 not available [ 1076.633450][T22808] FAULT_INJECTION: forcing a failure. [ 1076.633450][T22808] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1076.715983][T22808] CPU: 0 UID: 0 PID: 22808 Comm: syz.5.3058 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1076.716005][T22808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1076.716014][T22808] Call Trace: [ 1076.716020][T22808] [ 1076.716026][T22808] dump_stack_lvl+0x16c/0x1f0 [ 1076.716045][T22808] should_fail_ex+0x512/0x640 [ 1076.716069][T22808] should_fail_alloc_page+0xe7/0x130 [ 1076.716091][T22808] prepare_alloc_pages+0x3c2/0x610 [ 1076.716113][T22808] ? rcu_is_watching+0x12/0xc0 [ 1076.716129][T22808] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1076.716147][T22808] ? kasan_save_stack+0x42/0x60 [ 1076.716165][T22808] ? __lock_acquire+0x622/0x1c90 [ 1076.716183][T22808] ? perf_trace_prq_report+0x164/0x860 [ 1076.716198][T22808] ? __vmf_anon_prepare+0x11c/0x240 [ 1076.716221][T22808] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1076.716237][T22808] ? __lock_acquire+0x622/0x1c90 [ 1076.716254][T22808] ? perf_trace_prq_report+0x164/0x860 [ 1076.716273][T22808] ? __lock_acquire+0x622/0x1c90 [ 1076.716291][T22808] ? __lock_acquire+0x622/0x1c90 [ 1076.716307][T22808] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1076.716330][T22808] ? policy_nodemask+0xea/0x4e0 [ 1076.716350][T22808] alloc_pages_mpol+0x1fb/0x550 [ 1076.716370][T22808] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1076.716393][T22808] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1076.716416][T22808] vma_alloc_folio_noprof+0xed/0x1e0 [ 1076.716436][T22808] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1076.716456][T22808] ? find_held_lock+0x2b/0x80 [ 1076.716470][T22808] ? __handle_mm_fault+0x1092/0x5390 [ 1076.716487][T22808] __handle_mm_fault+0x2f21/0x5390 [ 1076.716507][T22808] ? __pfx___handle_mm_fault+0x10/0x10 [ 1076.716522][T22808] ? __pte_offset_map_lock+0x174/0x310 [ 1076.716543][T22808] ? find_held_lock+0x2b/0x80 [ 1076.716554][T22808] ? find_held_lock+0x2b/0x80 [ 1076.716572][T22808] ? follow_page_pte+0x3af/0x14c0 [ 1076.716598][T22808] handle_mm_fault+0x589/0xd10 [ 1076.716616][T22808] __get_user_pages+0x589/0x3b80 [ 1076.716642][T22808] ? __pfx_mt_find+0x10/0x10 [ 1076.716658][T22808] ? __pfx___get_user_pages+0x10/0x10 [ 1076.716685][T22808] populate_vma_page_range+0x278/0x3a0 [ 1076.716709][T22808] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1076.716729][T22808] ? __pfx_find_vma_intersection+0x10/0x10 [ 1076.716751][T22808] ? do_mmap+0x69c/0x1210 [ 1076.716773][T22808] __mm_populate+0x1d8/0x380 [ 1076.716787][T22808] ? __pfx___mm_populate+0x10/0x10 [ 1076.716801][T22808] ? up_write+0x1b2/0x520 [ 1076.716822][T22808] vm_mmap_pgoff+0x362/0x450 [ 1076.716844][T22808] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1076.716865][T22808] ? __fget_files+0x20e/0x3c0 [ 1076.716885][T22808] ksys_mmap_pgoff+0x7d/0x5c0 [ 1076.716905][T22808] ? __pfx_ksys_write+0x10/0x10 [ 1076.716928][T22808] __x64_sys_mmap+0x125/0x190 [ 1076.716952][T22808] do_syscall_64+0xcd/0x490 [ 1076.716971][T22808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1076.716986][T22808] RIP: 0033:0x7f75cf58eb69 [ 1076.716998][T22808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1076.717011][T22808] RSP: 002b:00007f75d0330038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1076.717025][T22808] RAX: ffffffffffffffda RBX: 00007f75cf7b6080 RCX: 00007f75cf58eb69 [ 1076.717035][T22808] RDX: 00000000000000e2 RSI: 0000000000400008 RDI: 0000000000000000 [ 1076.717043][T22808] RBP: 00007f75d0330090 R08: 0000000000000002 R09: 0000000000008000 [ 1076.717052][T22808] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 1076.717061][T22808] R13: 0000000000000000 R14: 00007f75cf7b6080 R15: 00007ffe366a5ef8 [ 1076.717079][T22808] [ 1077.081553][ C0] vkms_vblank_simulate: vblank timer overrun [ 1079.270480][T22827] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3064'. [ 1079.333669][T22833] netlink: 'syz.1.3064': attribute type 1 has an invalid length. [ 1079.801676][ T30] audit: type=1800 audit(6138072085.437:61): pid=22847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3071" name="dbroot" dev="configfs" ino=69635 res=0 errno=0 [ 1079.822178][ C0] vkms_vblank_simulate: vblank timer overrun [ 1080.148259][T22855] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3074'. [ 1080.206423][T22857] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1080.689617][T22843] vivid-003: ================= START STATUS ================= [ 1080.724024][T22843] vivid-003: Radio HW Seek Mode: Bounded [ 1080.760780][T22843] vivid-003: Radio Programmable HW Seek: false [ 1080.797112][T22843] vivid-003: RDS Rx I/O Mode: Block I/O [ 1080.837424][T22843] vivid-003: Generate RBDS Instead of RDS: false [ 1080.884913][T22843] vivid-003: RDS Reception: true [ 1080.962670][T22843] vivid-003: RDS Program Type: 0 inactive [ 1081.021704][T22843] vivid-003: RDS PS Name: inactive [ 1081.109561][T22843] vivid-003: RDS Radio Text: inactive [ 1081.217427][T22843] vivid-003: RDS Traffic Announcement: false inactive [ 1081.224235][T22843] vivid-003: RDS Traffic Program: false inactive [ 1081.457467][T22843] vivid-003: RDS Music: false inactive [ 1081.462988][T22843] vivid-003: ================== END STATUS ================== [ 1082.706916][T22884] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3090'. [ 1082.794748][T22886] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3079'. [ 1082.967039][T22892] netlink: 'syz.0.3079': attribute type 1 has an invalid length. [ 1084.324403][T22905] FAULT_INJECTION: forcing a failure. [ 1084.324403][T22905] name failslab, interval 1, probability 0, space 0, times 0 [ 1084.395843][T22905] CPU: 0 UID: 0 PID: 22905 Comm: syz.5.3086 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1084.395867][T22905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1084.395877][T22905] Call Trace: [ 1084.395882][T22905] [ 1084.395889][T22905] dump_stack_lvl+0x16c/0x1f0 [ 1084.395909][T22905] should_fail_ex+0x512/0x640 [ 1084.395931][T22905] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1084.395953][T22905] should_failslab+0xc2/0x120 [ 1084.395971][T22905] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1084.395989][T22905] ? sock_alloc_inode+0x25/0x1c0 [ 1084.396009][T22905] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1084.396025][T22905] sock_alloc_inode+0x25/0x1c0 [ 1084.396040][T22905] alloc_inode+0x61/0x240 [ 1084.396059][T22905] sock_alloc+0x40/0x280 [ 1084.396075][T22905] sock_create_lite+0x82/0x120 [ 1084.396092][T22905] __netlink_kernel_create+0xbd/0x750 [ 1084.396106][T22905] ? trace_kmalloc+0x2b/0xd0 [ 1084.396125][T22905] ? __kvmalloc_node_noprof+0x298/0x620 [ 1084.396141][T22905] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1084.396155][T22905] ? fib4_semantics_init+0x25/0x100 [ 1084.396181][T22905] fib_net_init+0x26d/0x3f0 [ 1084.396195][T22905] ? __pfx___register_sysctl_table+0x10/0x10 [ 1084.396215][T22905] ? __pfx_fib_net_init+0x10/0x10 [ 1084.396230][T22905] ? lockdep_init_map_type+0x5c/0x280 [ 1084.396249][T22905] ? __pfx_nl_fib_input+0x10/0x10 [ 1084.396275][T22905] ? devinet_init_net+0x5c2/0x910 [ 1084.396295][T22905] ? __pfx_fib_net_init+0x10/0x10 [ 1084.396310][T22905] ops_init+0x1e2/0x5f0 [ 1084.396327][T22905] setup_net+0x10f/0x380 [ 1084.396341][T22905] ? lockdep_init_map_type+0x5c/0x280 [ 1084.396361][T22905] ? __pfx_setup_net+0x10/0x10 [ 1084.396376][T22905] ? debug_mutex_init+0x37/0x70 [ 1084.396401][T22905] copy_net_ns+0x2a6/0x5f0 [ 1084.396419][T22905] create_new_namespaces+0x3ea/0xa90 [ 1084.396440][T22905] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1084.396457][T22905] ksys_unshare+0x45b/0xa40 [ 1084.396476][T22905] ? __pfx_ksys_unshare+0x10/0x10 [ 1084.396496][T22905] ? xfd_validate_state+0x61/0x180 [ 1084.396521][T22905] __x64_sys_unshare+0x31/0x40 [ 1084.396539][T22905] do_syscall_64+0xcd/0x490 [ 1084.396554][T22905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1084.396569][T22905] RIP: 0033:0x7f75cf58eb69 [ 1084.396583][T22905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1084.396597][T22905] RSP: 002b:00007f75d0330038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1084.396611][T22905] RAX: ffffffffffffffda RBX: 00007f75cf7b6080 RCX: 00007f75cf58eb69 [ 1084.396620][T22905] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1084.396629][T22905] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1084.396637][T22905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1084.396646][T22905] R13: 0000000000000000 R14: 00007f75cf7b6080 R15: 00007ffe366a5ef8 [ 1084.396673][T22905] [ 1084.697422][ C0] vkms_vblank_simulate: vblank timer overrun [ 1086.029614][ T30] audit: type=1800 audit(6138072091.667:62): pid=22944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3097" name="features" dev="configfs" ino=70123 res=0 errno=0 [ 1087.523165][T22966] vivid-003: ================= START STATUS ================= [ 1087.561450][T22966] vivid-003: Radio HW Seek Mode: Bounded [ 1087.587946][T22966] vivid-003: Radio Programmable HW Seek: false [ 1087.648368][T22966] vivid-003: RDS Rx I/O Mode: Block I/O [ 1087.685720][T22966] vivid-003: Generate RBDS Instead of RDS: false [ 1087.718812][T22966] vivid-003: RDS Reception: true [ 1087.741331][T22966] vivid-003: RDS Program Type: 0 inactive [ 1087.812187][T22966] vivid-003: RDS PS Name: inactive [ 1087.902190][T22966] vivid-003: RDS Radio Text: inactive [ 1087.962256][T22966] vivid-003: RDS Traffic Announcement: false inactive [ 1088.088016][T22966] vivid-003: RDS Traffic Program: false inactive [ 1088.173095][T22982] FAULT_INJECTION: forcing a failure. [ 1088.173095][T22982] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.207933][T22966] vivid-003: RDS Music: false inactive [ 1088.233198][T22982] CPU: 0 UID: 0 PID: 22982 Comm: syz.1.3107 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1088.233223][T22982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1088.233233][T22982] Call Trace: [ 1088.233238][T22982] [ 1088.233244][T22982] dump_stack_lvl+0x16c/0x1f0 [ 1088.233264][T22982] should_fail_ex+0x512/0x640 [ 1088.233286][T22982] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1088.233305][T22982] should_failslab+0xc2/0x120 [ 1088.233325][T22982] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1088.233340][T22982] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1088.233362][T22982] ima_calc_file_hash_tfm+0x231/0x350 [ 1088.233380][T22982] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1088.233420][T22982] ? stack_trace_save+0x8e/0xc0 [ 1088.233438][T22982] ? ima_alloc_tfm+0x21a/0x2e0 [ 1088.233455][T22982] ? generic_fillattr+0x6bf/0x940 [ 1088.233475][T22982] ima_calc_file_hash+0x1ba/0x490 [ 1088.233495][T22982] ima_collect_measurement+0x899/0xa40 [ 1088.233519][T22982] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1088.233551][T22982] ? __mutex_lock+0x1c2/0x1070 [ 1088.233564][T22982] ? is_bad_inode+0xd/0x40 [ 1088.233584][T22982] ? xattr_resolve_name+0x27b/0x3f0 [ 1088.233610][T22982] ? vfs_getxattr_alloc+0xec/0x340 [ 1088.233627][T22982] ? ima_get_hash_algo+0x27c/0x400 [ 1088.233642][T22982] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1088.233661][T22982] ? process_measurement+0x11fa/0x23e0 [ 1088.233676][T22982] process_measurement+0x11fa/0x23e0 [ 1088.233699][T22982] ? __pfx_process_measurement+0x10/0x10 [ 1088.233715][T22982] ? __lock_acquire+0xb8a/0x1c90 [ 1088.233757][T22982] ? __configfs_open_file+0x79a/0x9c0 [ 1088.233776][T22982] ? inode_to_bdi+0x9e/0x160 [ 1088.233797][T22982] ima_file_check+0xc5/0x110 [ 1088.233813][T22982] ? __pfx_ima_file_check+0x10/0x10 [ 1088.233835][T22982] security_file_post_open+0x8e/0x210 [ 1088.233858][T22982] path_openat+0x1404/0x2cb0 [ 1088.233890][T22982] ? __pfx_path_openat+0x10/0x10 [ 1088.233908][T22982] ? __lock_acquire+0xb8a/0x1c90 [ 1088.233928][T22982] do_filp_open+0x20b/0x470 [ 1088.233945][T22982] ? __pfx_do_filp_open+0x10/0x10 [ 1088.233974][T22982] ? alloc_fd+0x471/0x7d0 [ 1088.233994][T22982] do_sys_openat2+0x11b/0x1d0 [ 1088.234015][T22982] ? __pfx_do_sys_openat2+0x10/0x10 [ 1088.234042][T22982] __x64_sys_openat+0x174/0x210 [ 1088.234062][T22982] ? __pfx___x64_sys_openat+0x10/0x10 [ 1088.234090][T22982] do_syscall_64+0xcd/0x490 [ 1088.234106][T22982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1088.234122][T22982] RIP: 0033:0x7fec0898eb69 [ 1088.234134][T22982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1088.234148][T22982] RSP: 002b:00007fec0973f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1088.234162][T22982] RAX: ffffffffffffffda RBX: 00007fec08bb5fa0 RCX: 00007fec0898eb69 [ 1088.234172][T22982] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1088.234181][T22982] RBP: 00007fec08a11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1088.234190][T22982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1088.234199][T22982] R13: 0000000000000000 R14: 00007fec08bb5fa0 R15: 00007fffd75d5e68 [ 1088.234218][T22982] [ 1088.234338][ T30] audit: type=1800 audit(6138072093.867:63): pid=22982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3107" name="dbroot" dev="configfs" ino=70306 res=0 errno=0 [ 1088.572884][ C0] vkms_vblank_simulate: vblank timer overrun [ 1088.633148][T22966] vivid-003: ================== END STATUS ================== [ 1089.673404][T23005] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1091.291704][T23032] FAULT_INJECTION: forcing a failure. [ 1091.291704][T23032] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1091.343501][T23032] CPU: 0 UID: 0 PID: 23032 Comm: syz.4.3117 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1091.343523][T23032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1091.343532][T23032] Call Trace: [ 1091.343538][T23032] [ 1091.343544][T23032] dump_stack_lvl+0x16c/0x1f0 [ 1091.343570][T23032] should_fail_ex+0x512/0x640 [ 1091.343594][T23032] _copy_from_user+0x2e/0xd0 [ 1091.343609][T23032] get_itimerspec64+0x8b/0x2d0 [ 1091.343627][T23032] ? __pfx_get_itimerspec64+0x10/0x10 [ 1091.343645][T23032] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1091.343663][T23032] __x64_sys_timerfd_settime+0x15f/0x280 [ 1091.343684][T23032] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 1091.343704][T23032] ? ksys_write+0x1ac/0x250 [ 1091.343726][T23032] do_syscall_64+0xcd/0x490 [ 1091.343741][T23032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1091.343756][T23032] RIP: 0033:0x7f24af98eb69 [ 1091.343768][T23032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1091.343782][T23032] RSP: 002b:00007f24b077d038 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 1091.343796][T23032] RAX: ffffffffffffffda RBX: 00007f24afbb5fa0 RCX: 00007f24af98eb69 [ 1091.343806][T23032] RDX: 0000200000000000 RSI: 0000000000000001 RDI: 0000000000000003 [ 1091.343815][T23032] RBP: 00007f24b077d090 R08: 0000000000000000 R09: 0000000000000000 [ 1091.343824][T23032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1091.343832][T23032] R13: 0000000000000000 R14: 00007f24afbb5fa0 R15: 00007ffca3cd2f08 [ 1091.343850][T23032] [ 1091.506458][ C0] vkms_vblank_simulate: vblank timer overrun [ 1091.786709][T23038] FAULT_INJECTION: forcing a failure. [ 1091.786709][T23038] name failslab, interval 1, probability 0, space 0, times 0 [ 1091.832592][T23038] CPU: 0 UID: 0 PID: 23038 Comm: syz.5.3120 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1091.832617][T23038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1091.832627][T23038] Call Trace: [ 1091.832633][T23038] [ 1091.832640][T23038] dump_stack_lvl+0x16c/0x1f0 [ 1091.832659][T23038] should_fail_ex+0x512/0x640 [ 1091.832681][T23038] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1091.832700][T23038] should_failslab+0xc2/0x120 [ 1091.832719][T23038] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1091.832735][T23038] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1091.832757][T23038] ima_calc_file_hash_tfm+0x231/0x350 [ 1091.832776][T23038] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1091.832816][T23038] ? stack_trace_save+0x8e/0xc0 [ 1091.832832][T23038] ? ima_alloc_tfm+0x21a/0x2e0 [ 1091.832848][T23038] ? generic_fillattr+0x6bf/0x940 [ 1091.832869][T23038] ima_calc_file_hash+0x1ba/0x490 [ 1091.832888][T23038] ima_collect_measurement+0x899/0xa40 [ 1091.832913][T23038] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1091.832946][T23038] ? __mutex_lock+0x1c2/0x1070 [ 1091.832959][T23038] ? is_bad_inode+0xd/0x40 [ 1091.832979][T23038] ? xattr_resolve_name+0x27b/0x3f0 [ 1091.833004][T23038] ? vfs_getxattr_alloc+0xec/0x340 [ 1091.833022][T23038] ? ima_get_hash_algo+0x27c/0x400 [ 1091.833040][T23038] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1091.833059][T23038] ? process_measurement+0x11fa/0x23e0 [ 1091.833075][T23038] process_measurement+0x11fa/0x23e0 [ 1091.833098][T23038] ? __pfx_process_measurement+0x10/0x10 [ 1091.833113][T23038] ? __lock_acquire+0xb8a/0x1c90 [ 1091.833156][T23038] ? __configfs_open_file+0x79a/0x9c0 [ 1091.833175][T23038] ? inode_to_bdi+0x9e/0x160 [ 1091.833195][T23038] ima_file_check+0xc5/0x110 [ 1091.833212][T23038] ? __pfx_ima_file_check+0x10/0x10 [ 1091.833233][T23038] security_file_post_open+0x8e/0x210 [ 1091.833256][T23038] path_openat+0x1404/0x2cb0 [ 1091.833279][T23038] ? __pfx_path_openat+0x10/0x10 [ 1091.833294][T23038] ? __lock_acquire+0xb8a/0x1c90 [ 1091.833314][T23038] do_filp_open+0x20b/0x470 [ 1091.833330][T23038] ? __pfx_do_filp_open+0x10/0x10 [ 1091.833359][T23038] ? alloc_fd+0x471/0x7d0 [ 1091.833377][T23038] do_sys_openat2+0x11b/0x1d0 [ 1091.833397][T23038] ? __pfx_do_sys_openat2+0x10/0x10 [ 1091.833424][T23038] __x64_sys_openat+0x174/0x210 [ 1091.833444][T23038] ? __pfx___x64_sys_openat+0x10/0x10 [ 1091.833479][T23038] do_syscall_64+0xcd/0x490 [ 1091.833496][T23038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1091.833512][T23038] RIP: 0033:0x7f75cf58eb69 [ 1091.833525][T23038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1091.833539][T23038] RSP: 002b:00007f75d0351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1091.833560][T23038] RAX: ffffffffffffffda RBX: 00007f75cf7b5fa0 RCX: 00007f75cf58eb69 [ 1091.833569][T23038] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1091.833578][T23038] RBP: 00007f75cf611df1 R08: 0000000000000000 R09: 0000000000000000 [ 1091.833587][T23038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1091.833596][T23038] R13: 0000000000000000 R14: 00007f75cf7b5fa0 R15: 00007ffe366a5ef8 [ 1091.833614][T23038] [ 1092.155999][ C0] vkms_vblank_simulate: vblank timer overrun [ 1092.230825][ T30] audit: type=1800 audit(6138072097.467:64): pid=23038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3120" name="dbroot" dev="configfs" ino=70514 res=0 errno=0 [ 1092.865872][T23060] FAULT_INJECTION: forcing a failure. [ 1092.865872][T23060] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.993129][T23060] CPU: 0 UID: 0 PID: 23060 Comm: syz.0.3119 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1092.993153][T23060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1092.993163][T23060] Call Trace: [ 1092.993168][T23060] [ 1092.993175][T23060] dump_stack_lvl+0x16c/0x1f0 [ 1092.993194][T23060] should_fail_ex+0x512/0x640 [ 1092.993216][T23060] ? __kvmalloc_node_noprof+0x124/0x620 [ 1092.993236][T23060] should_failslab+0xc2/0x120 [ 1092.993254][T23060] __kvmalloc_node_noprof+0x137/0x620 [ 1092.993271][T23060] ? lockdep_init_map_type+0x5c/0x280 [ 1092.993289][T23060] ? __v4l2_subdev_state_alloc+0x1a7/0x400 [ 1092.993312][T23060] ? __v4l2_subdev_state_alloc+0x1a7/0x400 [ 1092.993329][T23060] __v4l2_subdev_state_alloc+0x1a7/0x400 [ 1092.993349][T23060] subdev_open+0xa6/0x560 [ 1092.993368][T23060] v4l2_open+0x222/0x490 [ 1092.993388][T23060] ? __pfx_v4l2_open+0x10/0x10 [ 1092.993408][T23060] chrdev_open+0x234/0x6a0 [ 1092.993432][T23060] ? __pfx_apparmor_file_open+0x10/0x10 [ 1092.993447][T23060] ? __pfx_chrdev_open+0x10/0x10 [ 1092.993466][T23060] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1092.993486][T23060] do_dentry_open+0x744/0x1c10 [ 1092.993503][T23060] ? __pfx_chrdev_open+0x10/0x10 [ 1092.993523][T23060] vfs_open+0x82/0x3f0 [ 1092.993544][T23060] path_openat+0x1de4/0x2cb0 [ 1092.993566][T23060] ? __pfx_path_openat+0x10/0x10 [ 1092.993582][T23060] ? __lock_acquire+0xb8a/0x1c90 [ 1092.993605][T23060] do_filp_open+0x20b/0x470 [ 1092.993620][T23060] ? __pfx_do_filp_open+0x10/0x10 [ 1092.993648][T23060] ? alloc_fd+0x471/0x7d0 [ 1092.993667][T23060] do_sys_openat2+0x11b/0x1d0 [ 1092.993686][T23060] ? __pfx_do_sys_openat2+0x10/0x10 [ 1092.993706][T23060] ? __fget_files+0x204/0x3c0 [ 1092.993726][T23060] __x64_sys_openat+0x174/0x210 [ 1092.993746][T23060] ? __pfx___x64_sys_openat+0x10/0x10 [ 1092.993773][T23060] do_syscall_64+0xcd/0x490 [ 1092.993789][T23060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1092.993805][T23060] RIP: 0033:0x7f213578eb69 [ 1092.993817][T23060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1092.993831][T23060] RSP: 002b:00007f2136614038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1092.993845][T23060] RAX: ffffffffffffffda RBX: 00007f21359b6080 RCX: 00007f213578eb69 [ 1092.993855][T23060] RDX: 0000000000080000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 1092.993863][T23060] RBP: 00007f2135811df1 R08: 0000000000000000 R09: 0000000000000000 [ 1092.993872][T23060] R10: 000000000000003f R11: 0000000000000246 R12: 0000000000000000 [ 1092.993881][T23060] R13: 0000000000000000 R14: 00007f21359b6080 R15: 00007ffcea902438 [ 1092.993899][T23060] [ 1093.265682][ C0] vkms_vblank_simulate: vblank timer overrun [ 1097.246067][T23102] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1098.132484][T23135] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 1098.921278][T23135] input: failed to attach handler evdev to device input12, error: -4 [ 1102.853037][T23205] FAULT_INJECTION: forcing a failure. [ 1102.853037][T23205] name failslab, interval 1, probability 0, space 0, times 0 [ 1102.923948][T23205] CPU: 0 UID: 0 PID: 23205 Comm: syz.0.3164 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1102.923972][T23205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1102.923981][T23205] Call Trace: [ 1102.923988][T23205] [ 1102.923994][T23205] dump_stack_lvl+0x16c/0x1f0 [ 1102.924013][T23205] should_fail_ex+0x512/0x640 [ 1102.924035][T23205] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1102.924053][T23205] should_failslab+0xc2/0x120 [ 1102.924073][T23205] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1102.924089][T23205] ? ima_calc_file_hash_tfm+0x231/0x350 [ 1102.924110][T23205] ima_calc_file_hash_tfm+0x231/0x350 [ 1102.924129][T23205] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1102.924168][T23205] ? stack_trace_save+0x8e/0xc0 [ 1102.924186][T23205] ? ima_alloc_tfm+0x21a/0x2e0 [ 1102.924201][T23205] ? generic_fillattr+0x6bf/0x940 [ 1102.924222][T23205] ima_calc_file_hash+0x1ba/0x490 [ 1102.924242][T23205] ima_collect_measurement+0x899/0xa40 [ 1102.924267][T23205] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1102.924299][T23205] ? __mutex_lock+0x1c2/0x1070 [ 1102.924312][T23205] ? is_bad_inode+0xd/0x40 [ 1102.924332][T23205] ? xattr_resolve_name+0x27b/0x3f0 [ 1102.924357][T23205] ? vfs_getxattr_alloc+0xec/0x340 [ 1102.924376][T23205] ? ima_get_hash_algo+0x27c/0x400 [ 1102.924390][T23205] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1102.924409][T23205] ? process_measurement+0x11fa/0x23e0 [ 1102.924425][T23205] process_measurement+0x11fa/0x23e0 [ 1102.924456][T23205] ? __pfx_process_measurement+0x10/0x10 [ 1102.924472][T23205] ? __lock_acquire+0xb8a/0x1c90 [ 1102.924518][T23205] ? __configfs_open_file+0x79a/0x9c0 [ 1102.924538][T23205] ? inode_to_bdi+0x9e/0x160 [ 1102.924559][T23205] ima_file_check+0xc5/0x110 [ 1102.924576][T23205] ? __pfx_ima_file_check+0x10/0x10 [ 1102.924597][T23205] security_file_post_open+0x8e/0x210 [ 1102.924621][T23205] path_openat+0x1404/0x2cb0 [ 1102.924642][T23205] ? __pfx_path_openat+0x10/0x10 [ 1102.924659][T23205] ? __lock_acquire+0xb8a/0x1c90 [ 1102.924678][T23205] do_filp_open+0x20b/0x470 [ 1102.924693][T23205] ? __pfx_do_filp_open+0x10/0x10 [ 1102.924722][T23205] ? alloc_fd+0x471/0x7d0 [ 1102.924742][T23205] do_sys_openat2+0x11b/0x1d0 [ 1102.924761][T23205] ? __pfx_do_sys_openat2+0x10/0x10 [ 1102.924789][T23205] __x64_sys_openat+0x174/0x210 [ 1102.924809][T23205] ? __pfx___x64_sys_openat+0x10/0x10 [ 1102.924837][T23205] do_syscall_64+0xcd/0x490 [ 1102.924853][T23205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1102.924868][T23205] RIP: 0033:0x7f213578eb69 [ 1102.924880][T23205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1102.924894][T23205] RSP: 002b:00007f2136635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1102.924909][T23205] RAX: ffffffffffffffda RBX: 00007f21359b5fa0 RCX: 00007f213578eb69 [ 1102.924918][T23205] RDX: 0000000000189002 RSI: 0000200000006900 RDI: ffffffffffffff9c [ 1102.924928][T23205] RBP: 00007f2135811df1 R08: 0000000000000000 R09: 0000000000000000 [ 1102.924938][T23205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1102.924947][T23205] R13: 0000000000000000 R14: 00007f21359b5fa0 R15: 00007ffcea902438 [ 1102.924966][T23205] [ 1102.925084][ T30] audit: type=1800 audit(6138072108.557:65): pid=23205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3164" name="dbroot" dev="configfs" ino=71281 res=0 errno=0 [ 1103.193689][ C0] vkms_vblank_simulate: vblank timer overrun [ 1103.359988][T23198] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1105.631293][T23250] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3166'. [ 1105.679306][T23250] netlink: 13 bytes leftover after parsing attributes in process `syz.4.3166'. [ 1105.763421][T23250] ================================================================== [ 1105.771787][T23250] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 1105.779512][T23250] Read of size 8 at addr ffff8881404f0218 by task syz.4.3166/23250 [ 1105.787771][T23250] [ 1105.790284][T23250] CPU: 0 UID: 0 PID: 23250 Comm: syz.4.3166 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1105.790307][T23250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1105.790318][T23250] Call Trace: [ 1105.790326][T23250] [ 1105.790333][T23250] dump_stack_lvl+0x116/0x1f0 [ 1105.790352][T23250] print_report+0xcd/0x630 [ 1105.790373][T23250] ? __virt_addr_valid+0x81/0x610 [ 1105.790392][T23250] ? __phys_addr+0xe8/0x180 [ 1105.790409][T23250] ? dvb_device_open+0x36a/0x3b0 [ 1105.790424][T23250] kasan_report+0xe0/0x110 [ 1105.790453][T23250] ? dvb_device_open+0x36a/0x3b0 [ 1105.790469][T23250] ? __pfx_dvb_device_open+0x10/0x10 [ 1105.790488][T23250] dvb_device_open+0x36a/0x3b0 [ 1105.790502][T23250] ? __pfx_dvb_device_open+0x10/0x10 [ 1105.790516][T23250] chrdev_open+0x234/0x6a0 [ 1105.790532][T23250] ? __pfx_apparmor_file_open+0x10/0x10 [ 1105.790547][T23250] ? __pfx_chrdev_open+0x10/0x10 [ 1105.790563][T23250] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1105.790581][T23250] do_dentry_open+0x744/0x1c10 [ 1105.790597][T23250] ? __pfx_chrdev_open+0x10/0x10 [ 1105.790615][T23250] vfs_open+0x82/0x3f0 [ 1105.790635][T23250] path_openat+0x1de4/0x2cb0 [ 1105.790652][T23250] ? __pfx_path_openat+0x10/0x10 [ 1105.790667][T23250] ? __lock_acquire+0xb8a/0x1c90 [ 1105.790686][T23250] do_filp_open+0x20b/0x470 [ 1105.790700][T23250] ? __pfx_do_filp_open+0x10/0x10 [ 1105.790722][T23250] ? alloc_fd+0x471/0x7d0 [ 1105.790737][T23250] do_sys_openat2+0x11b/0x1d0 [ 1105.790756][T23250] ? __pfx_do_sys_openat2+0x10/0x10 [ 1105.790776][T23250] ? __pfx___might_resched+0x10/0x10 [ 1105.790792][T23250] __x64_sys_openat+0x174/0x210 [ 1105.790812][T23250] ? __pfx___x64_sys_openat+0x10/0x10 [ 1105.790835][T23250] do_syscall_64+0xcd/0x490 [ 1105.790850][T23250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1105.790864][T23250] RIP: 0033:0x7f24af98eb69 [ 1105.790877][T23250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1105.790893][T23250] RSP: 002b:00007f24b075c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1105.790907][T23250] RAX: ffffffffffffffda RBX: 00007f24afbb6080 RCX: 00007f24af98eb69 [ 1105.790917][T23250] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1105.790927][T23250] RBP: 00007f24afa11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1105.790936][T23250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1105.790945][T23250] R13: 0000000000000000 R14: 00007f24afbb6080 R15: 00007ffca3cd2f08 [ 1105.790959][T23250] [ 1105.790965][T23250] [ 1106.052821][T23250] Allocated by task 21463: [ 1106.057253][T23250] kasan_save_stack+0x33/0x60 [ 1106.062026][T23250] kasan_save_track+0x14/0x30 [ 1106.066720][T23250] __kasan_kmalloc+0xaa/0xb0 [ 1106.071364][T23250] __kmalloc_noprof+0x223/0x510 [ 1106.076225][T23250] __list_lru_init+0xe8/0x4c0 [ 1106.080929][T23250] alloc_super+0x8bf/0xbd0 [ 1106.085373][T23250] sget_fc+0x116/0xc20 [ 1106.089545][T23250] get_tree_keyed+0x59/0x1d0 [ 1106.094607][T23250] vfs_get_tree+0x8b/0x340 [ 1106.099146][T23250] path_mount+0x1482/0x1fd0 [ 1106.104178][T23250] __x64_sys_mount+0x28d/0x310 [ 1106.109145][T23250] do_syscall_64+0xcd/0x490 [ 1106.113827][T23250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1106.119722][T23250] [ 1106.122255][T23250] Freed by task 19973: [ 1106.126424][T23250] kasan_save_stack+0x33/0x60 [ 1106.131377][T23250] kasan_save_track+0x14/0x30 [ 1106.136479][T23250] kasan_save_free_info+0x3b/0x60 [ 1106.141788][T23250] __kasan_slab_free+0x51/0x70 [ 1106.147275][T23250] kfree+0x2b4/0x4d0 [ 1106.151357][T23250] list_lru_destroy+0x152/0x700 [ 1106.156243][T23250] deactivate_locked_super+0xd5/0x1a0 [ 1106.161710][T23250] deactivate_super+0xde/0x100 [ 1106.166573][T23250] cleanup_mnt+0x225/0x450 [ 1106.171125][T23250] task_work_run+0x150/0x240 [ 1106.176106][T23250] exit_to_user_mode_loop+0xeb/0x110 [ 1106.181395][T23250] do_syscall_64+0x3f6/0x490 [ 1106.186113][T23250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1106.192187][T23250] [ 1106.194862][T23250] The buggy address belongs to the object at ffff8881404f0200 [ 1106.194862][T23250] which belongs to the cache kmalloc-256 of size 256 [ 1106.209303][T23250] The buggy address is located 24 bytes inside of [ 1106.209303][T23250] freed 256-byte region [ffff8881404f0200, ffff8881404f0300) [ 1106.223220][T23250] [ 1106.225532][T23250] The buggy address belongs to the physical page: [ 1106.231931][T23250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881404f0200 pfn:0x1404f0 [ 1106.242156][T23250] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1106.250652][T23250] flags: 0x57ff00000000240(workingset|head|node=1|zone=2|lastcpupid=0x7ff) [ 1106.259432][T23250] page_type: f5(slab) [ 1106.263506][T23250] raw: 057ff00000000240 ffff88801b841b40 ffff888140400708 ffffea0005013590 [ 1106.272181][T23250] raw: ffff8881404f0200 000000000010000f 00000000f5000000 0000000000000000 [ 1106.280758][T23250] head: 057ff00000000240 ffff88801b841b40 ffff888140400708 ffffea0005013590 [ 1106.289412][T23250] head: ffff8881404f0200 000000000010000f 00000000f5000000 0000000000000000 [ 1106.298185][T23250] head: 057ff00000000001 ffffea0005013c01 00000000ffffffff 00000000ffffffff [ 1106.306868][T23250] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 1106.315540][T23250] page dumped because: kasan: bad access detected [ 1106.322033][T23250] page_owner tracks the page as allocated [ 1106.327727][T23250] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19960061147, free_ts 0 [ 1106.348018][T23250] post_alloc_hook+0x1c0/0x230 [ 1106.353054][T23250] get_page_from_freelist+0x1321/0x3890 [ 1106.358882][T23250] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1106.365034][T23250] alloc_pages_mpol+0x1fb/0x550 [ 1106.370063][T23250] new_slab+0x247/0x330 [ 1106.374427][T23250] ___slab_alloc+0xd1e/0x1780 [ 1106.379132][T23250] __slab_alloc.constprop.0+0x56/0xb0 [ 1106.384607][T23250] __kmalloc_cache_noprof+0xfb/0x3e0 [ 1106.390105][T23250] bus_add_driver+0x92/0x690 [ 1106.394990][T23250] driver_register+0x15c/0x4b0 [ 1106.399760][T23250] vidtv_bridge_init+0x45/0x80 [ 1106.404600][T23250] do_one_initcall+0x120/0x6e0 [ 1106.409465][T23250] kernel_init_freeable+0x5c2/0x900 [ 1106.414692][T23250] kernel_init+0x1c/0x2b0 [ 1106.419047][T23250] ret_from_fork+0x5d7/0x6f0 [ 1106.424291][T23250] ret_from_fork_asm+0x1a/0x30 [ 1106.429686][T23250] page_owner free stack trace missing [ 1106.435169][T23250] [ 1106.438017][T23250] Memory state around the buggy address: [ 1106.443736][T23250] ffff8881404f0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1106.452917][T23250] ffff8881404f0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1106.461074][T23250] >ffff8881404f0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1106.469268][T23250] ^ [ 1106.474218][T23250] ffff8881404f0280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1106.482471][T23250] ffff8881404f0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1106.491085][T23250] ================================================================== [ 1106.499706][ C0] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1108.205675][T23250] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1108.213086][T23250] CPU: 0 UID: 0 PID: 23250 Comm: syz.4.3166 Not tainted 6.16.0-syzkaller-08685-g260f6f4fda93 #0 PREEMPT(full) [ 1108.224794][T23250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1108.234861][T23250] Call Trace: [ 1108.238134][T23250] [ 1108.241065][T23250] dump_stack_lvl+0x3d/0x1f0 [ 1108.245671][T23250] vpanic+0x6a3/0x780 [ 1108.249651][T23250] ? __pfx_vpanic+0x10/0x10 [ 1108.254139][T23250] ? __pfx_vprintk_emit+0x10/0x10 [ 1108.259232][T23250] ? dvb_device_open+0x36a/0x3b0 [ 1108.264150][T23250] panic+0xca/0xd0 [ 1108.267865][T23250] ? __pfx_panic+0x10/0x10 [ 1108.272266][T23250] ? dvb_device_open+0x36a/0x3b0 [ 1108.277197][T23250] ? preempt_schedule_common+0x44/0xc0 [ 1108.282685][T23250] ? preempt_schedule_thunk+0x16/0x30 [ 1108.288054][T23250] check_panic_on_warn+0xab/0xb0 [ 1108.293087][T23250] end_report+0x107/0x170 [ 1108.297416][T23250] kasan_report+0xee/0x110 [ 1108.301820][T23250] ? dvb_device_open+0x36a/0x3b0 [ 1108.306760][T23250] ? __pfx_dvb_device_open+0x10/0x10 [ 1108.312032][T23250] dvb_device_open+0x36a/0x3b0 [ 1108.317049][T23250] ? __pfx_dvb_device_open+0x10/0x10 [ 1108.322599][T23250] chrdev_open+0x234/0x6a0 [ 1108.327006][T23250] ? __pfx_apparmor_file_open+0x10/0x10 [ 1108.332537][T23250] ? __pfx_chrdev_open+0x10/0x10 [ 1108.337490][T23250] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1108.344270][T23250] do_dentry_open+0x744/0x1c10 [ 1108.349044][T23250] ? __pfx_chrdev_open+0x10/0x10 [ 1108.353984][T23250] vfs_open+0x82/0x3f0 [ 1108.358182][T23250] path_openat+0x1de4/0x2cb0 [ 1108.362989][T23250] ? __pfx_path_openat+0x10/0x10 [ 1108.367933][T23250] ? __lock_acquire+0xb8a/0x1c90 [ 1108.372873][T23250] do_filp_open+0x20b/0x470 [ 1108.377412][T23250] ? __pfx_do_filp_open+0x10/0x10 [ 1108.382444][T23250] ? alloc_fd+0x471/0x7d0 [ 1108.386790][T23250] do_sys_openat2+0x11b/0x1d0 [ 1108.391469][T23250] ? __pfx_do_sys_openat2+0x10/0x10 [ 1108.396715][T23250] ? __pfx___might_resched+0x10/0x10 [ 1108.402053][T23250] __x64_sys_openat+0x174/0x210 [ 1108.407035][T23250] ? __pfx___x64_sys_openat+0x10/0x10 [ 1108.412592][T23250] do_syscall_64+0xcd/0x490 [ 1108.417082][T23250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1108.423077][T23250] RIP: 0033:0x7f24af98eb69 [ 1108.427736][T23250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1108.447868][T23250] RSP: 002b:00007f24b075c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1108.456305][T23250] RAX: ffffffffffffffda RBX: 00007f24afbb6080 RCX: 00007f24af98eb69 [ 1108.464281][T23250] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1108.472353][T23250] RBP: 00007f24afa11df1 R08: 0000000000000000 R09: 0000000000000000 [ 1108.480406][T23250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1108.488631][T23250] R13: 0000000000000000 R14: 00007f24afbb6080 R15: 00007ffca3cd2f08 [ 1108.496616][T23250] [ 1108.499680][T23250] Kernel Offset: disabled [ 1108.504004][T23250] Rebooting in 86400 seconds..