last executing test programs: 7.883755446s ago: executing program 0 (id=3873): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) close_range$auto(0x2, 0x8, 0x0) lseek$auto(0xffffffffffffffff, 0x0, 0x2) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto(0x3, 0x8208ae63, 0x38) read$auto_ctl_device_fops_user(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r3, &(0x7f0000000680)={0x0, 0x40200}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20440, 0x0) ioctl$auto(0x3, 0x40045436, 0x2) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) arch_prctl$auto(0x1021, 0x3) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20440, 0x0) pread64$auto(r4, 0x0, 0xa0, 0xf86) ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0xfffffffffffffffc) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0) 6.379843481s ago: executing program 0 (id=3880): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socket(0xa, 0x5, 0x0) getsockopt$auto(0x3, 0x200000000001, 0x31, 0x0, 0x0) mmap$auto(0x8, 0x81, 0x1, 0x16, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty36\x00', 0x101e81, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0x0, 0x0) read$auto(r1, &(0x7f0000000000)='%\x00', 0x1) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyu6\x00', 0xa0302, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14858f", @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r0, 0x0, 0xfffffdef) 5.84363134s ago: executing program 0 (id=3885): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram11\x00', 0x14f642, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/damon_reclaim/parameters/enabled\x00', 0x1eb842, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) write$auto(0x3, 0x0, 0x4) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) 5.572356199s ago: executing program 0 (id=3887): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r3, 0x0, 0x2fb) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="3e57700dd0d80b648d22000000000015b6d75a95bbb3df250200ed329f23549f59", @ANYRES32=r4, @ANYBLOB="08000a01020a0000"], 0x24}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) 4.585523458s ago: executing program 3 (id=3893): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) lseek$auto(0xffffffffffffffff, 0x0, 0x2) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto(0x3, 0x8208ae63, 0x38) fcntl$auto(r0, 0x80000000, 0x1) read$auto_ctl_device_fops_user(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r3, &(0x7f0000000680)={0x0, 0x40200}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20440, 0x0) ioctl$auto(0x3, 0x40045436, 0x2) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) arch_prctl$auto(0x1021, 0x3) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20440, 0x0) pread64$auto(r4, 0x0, 0xa0, 0xf86) ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8) ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0xfffffffffffffffc) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0) 3.5970559s ago: executing program 2 (id=3895): r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x80302, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x2, 0x0) move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40000, 0x0) r2 = fcntl$auto_F_UNLCK(r1, 0x2, 0x2) mknod$auto(0x0, 0x8001, 0x80000001) execveat$auto(r1, &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f0000000500)=0x0, 0x5) ioctl$auto_UDMABUF_CREATE(r2, 0x40187542, 0x0) semctl$auto_SEM_STAT(0x2, 0x8001, 0x12, 0x17fffffd) getsid$auto(0x0) socket(0x1d, 0x2, 0x6) socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101080, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_CREATE_VM(r3, 0x4048aecb, 0x0) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/options/blk_cgroup\x00', 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = ioctl$auto_SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000080)=0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) waitid$auto(0x9, r5, &(0x7f0000000100)={@_si_pad}, 0x5, &(0x7f0000000180)={{0x8000000000000000, 0x2}, {0x10000, 0x100000001}, 0x2e64, 0x5, 0x800000000000008, 0x8, 0x1, 0x8, 0x9, 0xdba, 0x1, 0x7, 0xff, 0x100000001, 0x1, 0x2}) 3.568992346s ago: executing program 1 (id=3896): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) io_uring_setup$auto(0x6, 0x0) (async) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) (async) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10b402, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/13/smp_affinity\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)="785c2020027e0dc0023af10e9bfa1babfa2037", 0x13) (async) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)="785c2020027e0dc0023af10e9bfa1babfa2037", 0x13) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x0, 0x0) ioctl$auto(r2, 0x901064b2, 0x2) socket(0xf, 0x3, 0x2) (async) socket(0xf, 0x3, 0x2) setsockopt$auto(r0, 0x8, 0x7, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x8) r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) fallocate$auto(r3, 0x0, 0x11, 0x22) mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/3/smp_affinity_list\x00', 0x8f3b7a51b8162d21, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_ehash_entries\x00', 0x40100, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r4, 0x0, 0x0) (async) read$auto_proc_sys_file_operations_proc_sysctl(r4, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x0, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x0, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) (async) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) (async) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000280)="e9") 3.24400538s ago: executing program 1 (id=3897): pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\xfc^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) 3.205269506s ago: executing program 2 (id=3898): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.12/usb34/34-0:1.0/ep_81/type\x00', 0x12d442, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x113dc6, 0x0) mmap$auto(0x0, 0x8, 0x7, 0xeb1, 0xfffffffffffffffa, 0x10000) prctl$auto(0x7fff, 0x80000001, 0x0, 0x4, 0x203) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = memfd_create$auto(0x0, 0x9) socket(0x10, 0x2, 0x6) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x51) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0xb0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008) write$auto(0xffffffffffffffff, &(0x7f0000000040)='\xce*+#\x00', 0x80) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0) sendfile$auto(r2, r2, 0x0, 0x2) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) capset$auto(0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00'}) bpf$auto(0x0, 0x0, 0xf) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000100000", @ANYRES16], 0x240}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3c, 0x1, 0x0, 0x1, 0x0) 3.115201251s ago: executing program 1 (id=3899): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ieee80211/phy2/address_mask\x00', 0x88100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) mincore$auto(0x1000, 0x8001, 0x0) 3.08247363s ago: executing program 3 (id=3900): mseal$auto(0x0, 0x7dda, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x7) statmount$auto(0x0, &(0x7f0000000180)={0xfffffffb, 0xd, 0x9, 0x3, 0x400026, 0x940, 0x1ffdb, 0x3, 0x40006, 0x7ff, 0xfffffefa, 0x9, 0xfff, 0xfffffffffffffffc, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000, 0x100002, 0x8001, 0x1, 0x0, 0x0, [0x0, 0x0, 0xf73, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x75f77342, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0, 0x4]}, 0xfffff7fffffffffa, 0x8000081) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x9}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x24000802) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) socket(0x1d, 0x2, 0x7) connect$auto(0x3, &(0x7f00000018c0)=@can, 0x18) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) 2.643673165s ago: executing program 0 (id=3901): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) (async) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async) r1 = socket(0x1e, 0x6, 0x0) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x35d85347a3178ca0}, 0x9010) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) (async, rerun: 64) msync$auto(0x7f, 0x6, 0x0) (async, rerun: 64) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'team_slave_0\x00'}) (async) r4 = socket(0x10, 0x2, 0x4) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/blkio.bfq.weight\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000003480)=""/247, 0xf7) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r4, &(0x7f0000000000)='-\x00', 0x2fb) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="04000000", @ANYRES16=0x0, @ANYBLOB="13002cbd7000dddbdf250200000008000300", @ANYRES32=r6, @ANYBLOB="08000a01020a0000"], 0x24}, 0x1, 0x0, 0x0, 0x2400c800}, 0x20040894) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000480), r4) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r3, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r7, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_PHY_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) (async) sendmsg$auto_NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000426bd7000fedbdf25320000000500920006000000585a397ab0c761da0b41a01a780159860700be023ad6e35f56bf5ebd4aea46ac000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20080000) unshare$auto(0x40000080) (async) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) 2.525609277s ago: executing program 3 (id=3902): mmap$auto(0x0, 0x2020009, 0x808003, 0xebe, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) fcntl$auto_F_SETOWN_EX(0xffffffffffffffff, 0xf, 0x5a5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) sendfile$auto(r0, r0, 0x0, 0x7fffe000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) write$auto(0x3, 0x0, 0x100082) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000380)=""/11, 0xb) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) lstat$auto(0x0, 0x0) mseal$auto(0x0, 0x7dda, 0x2) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x40383d03, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x1, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x5, 0x9) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe800000000000fe"}, 0x1c) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) 2.455768625s ago: executing program 2 (id=3903): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) select$auto(0xc, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x4, 0x5, 0x8fd6, 0x948b, 0x1000, 0x15f4da0a, 0x3, 0x5, 0x62, 0x5, 0x20000005, 0x5, 0x800, 0x1, 0x1]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_FBIOGETCMAP(r1, 0x4604, &(0x7f0000000180)="a7d14305d8f5e24e1e3c2c10aac52a59cdad57ad5ff21b2f16f88728c2f9742dc5ac8192e4f8f1e3922e45aef1cca1e264a3f23dfcd542c3987003a0154ee1ce56d9bf3c4760cf47329448e7bf68121c05bf112e6924e704d6145c5060df7e142aac3fe295bfc5c86d3d18") select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') (async) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) (async) select$auto(0xc, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x4, 0x5, 0x8fd6, 0x948b, 0x1000, 0x15f4da0a, 0x3, 0x5, 0x62, 0x5, 0x20000005, 0x5, 0x800, 0x1, 0x1]}, 0x0) (async) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) ioctl$auto_FBIOGETCMAP(r1, 0x4604, &(0x7f0000000180)="a7d14305d8f5e24e1e3c2c10aac52a59cdad57ad5ff21b2f16f88728c2f9742dc5ac8192e4f8f1e3922e45aef1cca1e264a3f23dfcd542c3987003a0154ee1ce56d9bf3c4760cf47329448e7bf68121c05bf112e6924e704d6145c5060df7e142aac3fe295bfc5c86d3d18") (async) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) (async) 2.173845822s ago: executing program 1 (id=3904): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="810b25bd7000ffdbdf251100000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0xf0ffffffffffff, 0x20000084}, 0x0) 2.00168381s ago: executing program 3 (id=3905): mmap$auto(0x1, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x4, @empty}, 0x54) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0x2, 0x1, 0x948b, 0x3, 0x5f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0xffc, 0x6d3e, 0x9, 0x800000000002, 0x8]}, 0x0) (async) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0x2, 0x1, 0x948b, 0x3, 0x5f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0xffc, 0x6d3e, 0x9, 0x800000000002, 0x8]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) (async) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) (async) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) (async) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) fstatfs$auto(0x3, 0x0) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r2, 0x7ab, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) msync$auto(0x2, 0x9, 0x40) select$auto(0x1, &(0x7f00000000c0)={[0xeeda, 0x7, 0x2, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10401]}, 0x0, 0x0, &(0x7f0000000280)={0x2, 0xcb}) (async) select$auto(0x1, &(0x7f00000000c0)={[0xeeda, 0x7, 0x2, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10401]}, 0x0, 0x0, &(0x7f0000000280)={0x2, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) socket(0x10, 0x2, 0xc) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) 1.981268036s ago: executing program 1 (id=3906): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) syz_genetlink_get_family_id$auto_ovs_vport(0x0, r0) write$auto(0x3, 0x0, 0xfffffdf2) (async) connect$auto(0x3, 0x0, 0x55) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x4, 0x8000) io_uring_setup$auto(0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x55) socket(0x1d, 0x2, 0x2) (async) mmap$auto(0x0, 0x7fff, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000008000) (async) connect$auto(0x3, 0x0, 0x55) (async) socket(0x10, 0x3, 0x6) socketpair$auto(0xfffffffd, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) (async) socket(0xa, 0x3, 0x2f) (async) socketpair$auto(0x1e, 0x4, 0xfffffffc, 0x0) (async) write$auto(0x3, 0x0, 0x5c8) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) (async) socket(0xa, 0x2, 0x0) (async) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) (async) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) (async) madvise$auto(0x0, 0xffffffffffff0004, 0x19) 1.635886639s ago: executing program 3 (id=3907): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) close_range$auto(0x2, 0x8, 0x0) lseek$auto(0xffffffffffffffff, 0x0, 0x2) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto(0x3, 0x8208ae63, 0x38) read$auto_ctl_device_fops_user(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r3, &(0x7f0000000680)={0x0, 0x40200}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20440, 0x0) ioctl$auto(0x3, 0x40045436, 0x2) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) arch_prctl$auto(0x1021, 0x3) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20440, 0x0) pread64$auto(r4, 0x0, 0xa0, 0xf86) ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0xfffffffffffffffc) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0) 1.304960954s ago: executing program 2 (id=3908): pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x80\xfe^B\xb8\xe4j\t3\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\xfb\xba\xb2.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/250, 0xfdf3, 0x39) 1.072356338s ago: executing program 2 (id=3909): sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000fedbdf250c0000001d000280d2f7abf5204c1c01107d33d6d37bc50e476301cfa9375e0781"], 0x34}, 0x1, 0x0, 0x0, 0x20004014}, 0x4014) pwrite64$auto(0xc8, &(0x7f0000000300)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x00\x10\x00\x00\x00\x00\x00\x00\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\x01\x01\x00\x00\x00\x00\x00\x00&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbd\xa2\x19\x99\x000\xae\x83S\xdd\xe0S\xbc%y\xe8\xb8\x82\xae\xf0Q?\xdf\xd8P\xeai\x0f\xe6\xb2G\xf4NkR\x12\xa8)*\xdf\xb9\x8b=Ae3\xc0\x9e\xafG\x96\b|\xf3\x8e5\xb0\xcc\xbeR', 0xfdf2, 0x81) r0 = fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SOUND_PCM_READ_BITS(r0, 0x80045005, &(0x7f0000000080)="bfad3901a072736c082a3750d468da630b1e8932512e3284880ae24f4832f612d902e5b592fa07b062e2ddb8a0d7d6ea76247840c32279bddda795a23bdb153e58bff9fed9f621683879ed7baae28ee7ebb2b6e8192f2bba") mmap$auto(0x7, 0x400008, 0x4, 0x9b72, 0x2, 0x8000000008000) semctl$auto(0x201, 0x2, 0x13, 0x1) r1 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_l2cap_debugfs_fops_(r1, &(0x7f0000000240)=""/177, 0xb1) mmap$auto(0x0, 0x400010020009, 0xd66, 0xeb1, 0x1, 0x9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r2 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r2, 0x29, 0x4c, 0x0, 0x4) clone$auto(0x100000000021, 0x8000002000000000, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = memfd_create$auto(0x0, 0xe) fcntl$auto(0xff80000000000000, 0x409, 0x13) fallocate$auto(r3, 0x3, 0x2, 0x4) unshare$auto(0x40000080) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) kexec_load$auto(0x8, 0xa8, &(0x7f0000000040)={@buf=&(0x7f0000000140)="58548e44cb3c06f1c5a8038f5b3b59293f6200a9353540c572a3e9e0693f54b81f6ca136cb6fafbca1ac093193c557995042099030abec70fabb8bd92404a6e3d527b756ec13da9739ddf8347ca26e1042307d004d8f0f26878199f854b0b35ff5792f3efc85b97b6a4bab423ec42e5b7284ee64c15cedaf035db8b2b4750b5d3a70ab37171c9a7a49769721df2d1c81fb2634369d3bb326e6ba9fb1b5a3896500f6fca1aefb5eada6d3f5168ffb20e34d632d55f4d631774286ed2e3f68505f6638ab68", 0x5806, 0x800, 0x7}, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$auto(0xffffffffffffffff, 0xc0585611, 0xffffffffffffffff) io_uring_setup$auto(0x6, 0x0) 951.881109ms ago: executing program 1 (id=3910): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="3e57700dd0d80b648d22000000000015b6d75a95bbb3df250200ed329f23549f59", @ANYRES32, @ANYBLOB="08000a01020a0000"], 0x24}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) 504.89194ms ago: executing program 2 (id=3911): mseal$auto(0x0, 0x7dda, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x7) statmount$auto(0x0, &(0x7f0000000180)={0xfffffffb, 0xd, 0x9, 0x3, 0x400026, 0x940, 0x1ffdb, 0x3, 0x40006, 0x7ff, 0xfffffefa, 0x9, 0xfff, 0xfffffffffffffffc, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000, 0x100002, 0x8001, 0x1, 0x0, 0x0, [0x0, 0x0, 0xf73, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x75f77342, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0, 0x4]}, 0xfffff7fffffffffa, 0x8000081) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x9}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x24000802) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) connect$auto(0x3, &(0x7f00000018c0)=@can, 0x18) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) 229.462863ms ago: executing program 3 (id=3912): socket(0xa, 0x3, 0x3a) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd10/queue/nr_requests\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r2, 0x29, 0x32, 0x0, 0x113) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\v\xba\x8av\xf0\x85\x9e`\x1fN$\xd4\x1c\xe0\xa6\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x89\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI', 0x100000a3db) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x23, 0x5, 0x2009, 0x0, 0x0) r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/numa_maps\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty42\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) ioctl$auto(r1, 0x8926, r4) read$auto_proc_sessionid_operations_base(r3, &(0x7f00000000c0)=""/4096, 0x1001) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0xfffffffffffffffd, 0x2003f0, 0xffffff04) madvise$auto(0x0, 0x200007, 0x19) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000006980)=ANY=[@ANYRES16=r5, @ANYBLOB="010029bd7000ffdbdf250300000038121c8084100580801000802400048008000200070000000c00030005000000000000000400050004000500040005004700010015498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f800040004800800048004000500041001001fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958"], 0x124c}, 0x1, 0x0, 0x0, 0x20000041}, 0x800) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram4/queue/physical_block_size\x00', 0xa00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000010c0)=""/205, 0xcd) syz_open_procfs$namespace(0x0, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x401) modify_ldt$auto(0x40, 0x0, 0x7ff) 0s ago: executing program 0 (id=3913): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) read$auto(r0, 0x0, 0x7) statmount$auto(0x0, &(0x7f0000000180)={0xfffffffb, 0xd, 0x9, 0x3, 0x400026, 0x940, 0x1ffdb, 0x3, 0x40006, 0x7ff, 0xfffffefa, 0x9, 0xfff, 0xfffffffffffffffc, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000, 0x100002, 0x8001, 0x1, 0x0, 0x0, [0x0, 0x0, 0xf73, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x75f77342, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0, 0x4]}, 0xfffff7fffffffffa, 0x8000081) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x9}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x24000802) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) socket(0x1d, 0x2, 0x7) r4 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r5 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r6}, 0x18) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010027bd7000ffdbdf25100000000c00018008000100", @ANYRES32=r9, @ANYBLOB="080006"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'gretap0\x00'}) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) socket(0x10, 0x2, 0x0) kernel console output (not intermixed with test programs): 1042][T21261] RBP: 00007f1d00210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1148.831063][T21261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1148.831082][T21261] R13: 0000000000000000 R14: 00007f1d003b5fa0 R15: 00007ffc58e48018 [ 1148.831123][T21261] [ 1149.739480][T21281] FAULT_INJECTION: forcing a failure. [ 1149.739480][T21281] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1149.786458][T21281] CPU: 1 UID: 0 PID: 21281 Comm: syz.0.3343 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1149.786514][T21281] Tainted: [U]=USER [ 1149.786527][T21281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1149.786548][T21281] Call Trace: [ 1149.786560][T21281] [ 1149.786575][T21281] dump_stack_lvl+0x16c/0x1f0 [ 1149.786634][T21281] should_fail_ex+0x512/0x640 [ 1149.786691][T21281] should_fail_alloc_page+0xe7/0x130 [ 1149.786728][T21281] prepare_alloc_pages+0x3c2/0x610 [ 1149.786778][T21281] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1149.786850][T21281] ? rcu_is_watching+0x12/0xc0 [ 1149.786886][T21281] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1149.786940][T21281] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 1149.787010][T21281] ? __lock_acquire+0x622/0x1c90 [ 1149.787057][T21281] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1149.787112][T21281] ? policy_nodemask+0xea/0x4e0 [ 1149.787148][T21281] alloc_pages_mpol+0x1fb/0x550 [ 1149.787183][T21281] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1149.787219][T21281] ? filemap_get_entry+0x1a7/0x3b0 [ 1149.787258][T21281] folio_alloc_noprof+0x20/0x2d0 [ 1149.787297][T21281] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1149.787350][T21281] ? ___kmalloc_large_node+0x183/0x1e0 [ 1149.787389][T21281] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1149.787443][T21281] ? rcu_is_watching+0x12/0xc0 [ 1149.787484][T21281] __filemap_get_folio+0x5e1/0xc30 [ 1149.787524][T21281] ioctx_alloc+0x761/0x2120 [ 1149.787578][T21281] ? __pfx_ioctx_alloc+0x10/0x10 [ 1149.787612][T21281] ? __might_fault+0x13b/0x190 [ 1149.787663][T21281] __x64_sys_io_setup+0xc9/0x210 [ 1149.787707][T21281] do_syscall_64+0xcd/0x490 [ 1149.787780][T21281] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1149.787817][T21281] RIP: 0033:0x7f849d58e929 [ 1149.787846][T21281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1149.787881][T21281] RSP: 002b:00007f849e3c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1149.787915][T21281] RAX: ffffffffffffffda RBX: 00007f849d7b5fa0 RCX: 00007f849d58e929 [ 1149.787939][T21281] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1149.787960][T21281] RBP: 00007f849d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1149.787980][T21281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1149.788001][T21281] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1149.788044][T21281] [ 1152.111593][T21323] FAULT_INJECTION: forcing a failure. [ 1152.111593][T21323] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1152.125056][T21323] CPU: 1 UID: 0 PID: 21323 Comm: syz.2.3350 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1152.125095][T21323] Tainted: [U]=USER [ 1152.125103][T21323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1152.125118][T21323] Call Trace: [ 1152.125127][T21323] [ 1152.125137][T21323] dump_stack_lvl+0x16c/0x1f0 [ 1152.125184][T21323] should_fail_ex+0x512/0x640 [ 1152.125226][T21323] should_fail_alloc_page+0xe7/0x130 [ 1152.125253][T21323] prepare_alloc_pages+0x3c2/0x610 [ 1152.125288][T21323] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1152.125342][T21323] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1152.125395][T21323] ? __pfx___might_resched+0x10/0x10 [ 1152.125421][T21323] ? rcu_is_watching+0x12/0xc0 [ 1152.125448][T21323] ? lockdep_init_map_type+0x5c/0x280 [ 1152.125484][T21323] ? lockdep_init_map_type+0x5c/0x280 [ 1152.125522][T21323] ? lockdep_init_map_type+0x5c/0x280 [ 1152.125560][T21323] ? ioctx_alloc+0x1679/0x2120 [ 1152.125591][T21323] __alloc_pages_noprof+0xb/0x1b0 [ 1152.125628][T21323] ___kmalloc_large_node+0x84/0x1e0 [ 1152.125661][T21323] ? ioctx_alloc+0x1679/0x2120 [ 1152.125691][T21323] __kmalloc_large_node_noprof+0x1c/0x70 [ 1152.125724][T21323] __kmalloc_noprof.cold+0xc/0x61 [ 1152.125768][T21323] ioctx_alloc+0x1679/0x2120 [ 1152.125810][T21323] ? find_held_lock+0x2b/0x80 [ 1152.125836][T21323] ? __pfx_ioctx_alloc+0x10/0x10 [ 1152.125866][T21323] ? __might_fault+0x13b/0x190 [ 1152.125911][T21323] __x64_sys_io_setup+0xc9/0x210 [ 1152.125946][T21323] do_syscall_64+0xcd/0x490 [ 1152.125987][T21323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1152.126012][T21323] RIP: 0033:0x7f6208b8e929 [ 1152.126031][T21323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1152.126067][T21323] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1152.126087][T21323] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1152.126101][T21323] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1152.126126][T21323] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1152.126137][T21323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1152.126149][T21323] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1152.126180][T21323] [ 1152.874330][T21339] FAULT_INJECTION: forcing a failure. [ 1152.874330][T21339] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1152.903753][T21339] CPU: 0 UID: 0 PID: 21339 Comm: syz.0.3353 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1152.903804][T21339] Tainted: [U]=USER [ 1152.903816][T21339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1152.903836][T21339] Call Trace: [ 1152.903846][T21339] [ 1152.903868][T21339] dump_stack_lvl+0x16c/0x1f0 [ 1152.903920][T21339] should_fail_ex+0x512/0x640 [ 1152.903973][T21339] should_fail_alloc_page+0xe7/0x130 [ 1152.904006][T21339] prepare_alloc_pages+0x3c2/0x610 [ 1152.904050][T21339] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1152.904117][T21339] ? rcu_is_watching+0x12/0xc0 [ 1152.904152][T21339] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1152.904203][T21339] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 1152.904268][T21339] ? __lock_acquire+0x622/0x1c90 [ 1152.904311][T21339] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1152.904362][T21339] ? policy_nodemask+0xea/0x4e0 [ 1152.904394][T21339] alloc_pages_mpol+0x1fb/0x550 [ 1152.904426][T21339] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1152.904458][T21339] ? filemap_get_entry+0x1a7/0x3b0 [ 1152.904493][T21339] folio_alloc_noprof+0x20/0x2d0 [ 1152.904530][T21339] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1152.904570][T21339] ? ___kmalloc_large_node+0x183/0x1e0 [ 1152.904609][T21339] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1152.904653][T21339] ? rcu_is_watching+0x12/0xc0 [ 1152.904693][T21339] __filemap_get_folio+0x5e1/0xc30 [ 1152.904733][T21339] ioctx_alloc+0x761/0x2120 [ 1152.904793][T21339] ? __pfx_ioctx_alloc+0x10/0x10 [ 1152.904832][T21339] ? __might_fault+0x13b/0x190 [ 1152.904898][T21339] __x64_sys_io_setup+0xc9/0x210 [ 1152.904962][T21339] do_syscall_64+0xcd/0x490 [ 1152.905015][T21339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1152.905052][T21339] RIP: 0033:0x7f849d58e929 [ 1152.905081][T21339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1152.905116][T21339] RSP: 002b:00007f849e3c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1152.905150][T21339] RAX: ffffffffffffffda RBX: 00007f849d7b5fa0 RCX: 00007f849d58e929 [ 1152.905173][T21339] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1152.905195][T21339] RBP: 00007f849d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1152.905217][T21339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1152.905238][T21339] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1152.905282][T21339] [ 1153.346108][T21349] FAULT_INJECTION: forcing a failure. [ 1153.346108][T21349] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1153.385145][T21349] CPU: 1 UID: 0 PID: 21349 Comm: syz.3.3354 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1153.385186][T21349] Tainted: [U]=USER [ 1153.385194][T21349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1153.385207][T21349] Call Trace: [ 1153.385215][T21349] [ 1153.385224][T21349] dump_stack_lvl+0x16c/0x1f0 [ 1153.385265][T21349] should_fail_ex+0x512/0x640 [ 1153.385303][T21349] _copy_from_user+0x2e/0xd0 [ 1153.385340][T21349] copy_msghdr_from_user+0x98/0x160 [ 1153.385375][T21349] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1153.385424][T21349] ___sys_sendmsg+0xfe/0x1d0 [ 1153.385459][T21349] ? __pfx____sys_sendmsg+0x10/0x10 [ 1153.385491][T21349] ? __lock_acquire+0x622/0x1c90 [ 1153.385557][T21349] __sys_sendmsg+0x16d/0x220 [ 1153.385592][T21349] ? __pfx___sys_sendmsg+0x10/0x10 [ 1153.385644][T21349] do_syscall_64+0xcd/0x490 [ 1153.385681][T21349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.385705][T21349] RIP: 0033:0x7f1d0018e929 [ 1153.385723][T21349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1153.385746][T21349] RSP: 002b:00007f1cfdff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1153.385768][T21349] RAX: ffffffffffffffda RBX: 00007f1d003b5fa0 RCX: 00007f1d0018e929 [ 1153.385784][T21349] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 1153.385799][T21349] RBP: 00007f1cfdff6090 R08: 0000000000000000 R09: 0000000000000000 [ 1153.385813][T21349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1153.385827][T21349] R13: 0000000000000000 R14: 00007f1d003b5fa0 R15: 00007ffc58e48018 [ 1153.385856][T21349] [ 1154.596573][T21371] ptrace attach of "./syz-executor exec"[17333] was attempted by "./syz-executor exec"[21371] [ 1155.774045][T21391] device-mapper: ioctl: Unable to rename non-existent device,  to [ 1156.657263][T21407] FAULT_INJECTION: forcing a failure. [ 1156.657263][T21407] name failslab, interval 1, probability 0, space 0, times 0 [ 1156.689937][T21407] CPU: 0 UID: 0 PID: 21407 Comm: syz.2.3364 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1156.689988][T21407] Tainted: [U]=USER [ 1156.689999][T21407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1156.690028][T21407] Call Trace: [ 1156.690039][T21407] [ 1156.690050][T21407] dump_stack_lvl+0x16c/0x1f0 [ 1156.690097][T21407] should_fail_ex+0x512/0x640 [ 1156.690137][T21407] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1156.690186][T21407] should_failslab+0xc2/0x120 [ 1156.690214][T21407] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1156.690257][T21407] ? __alloc_skb+0x2b2/0x380 [ 1156.690303][T21407] __alloc_skb+0x2b2/0x380 [ 1156.690343][T21407] ? __pfx___alloc_skb+0x10/0x10 [ 1156.690386][T21407] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1156.690425][T21407] netlink_alloc_large_skb+0x69/0x130 [ 1156.690457][T21407] netlink_sendmsg+0x6a1/0xdd0 [ 1156.690493][T21407] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1156.690536][T21407] ____sys_sendmsg+0xa98/0xc70 [ 1156.690570][T21407] ? copy_msghdr_from_user+0x10a/0x160 [ 1156.690612][T21407] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1156.690662][T21407] ___sys_sendmsg+0x134/0x1d0 [ 1156.690712][T21407] ? __pfx____sys_sendmsg+0x10/0x10 [ 1156.690760][T21407] ? __lock_acquire+0x622/0x1c90 [ 1156.690849][T21407] __sys_sendmsg+0x16d/0x220 [ 1156.690893][T21407] ? __pfx___sys_sendmsg+0x10/0x10 [ 1156.690958][T21407] do_syscall_64+0xcd/0x490 [ 1156.691003][T21407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.691031][T21407] RIP: 0033:0x7f6208b8e929 [ 1156.691053][T21407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1156.691081][T21407] RSP: 002b:00007f62069d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1156.691107][T21407] RAX: ffffffffffffffda RBX: 00007f6208db6080 RCX: 00007f6208b8e929 [ 1156.691126][T21407] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 1156.691144][T21407] RBP: 00007f62069d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1156.691163][T21407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1156.691179][T21407] R13: 0000000000000001 R14: 00007f6208db6080 R15: 00007fff31c03e98 [ 1156.691216][T21407] [ 1158.704040][ T12] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:0: bg 2: bad block bitmap checksum [ 1158.748039][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 913 with max blocks 11 with error 74 [ 1158.762292][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1158.762292][ T12] [ 1160.665874][T21452] FAULT_INJECTION: forcing a failure. [ 1160.665874][T21452] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1160.713900][T21452] CPU: 0 UID: 0 PID: 21452 Comm: syz.0.3374 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1160.713950][T21452] Tainted: [U]=USER [ 1160.713961][T21452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1160.713979][T21452] Call Trace: [ 1160.713990][T21452] [ 1160.714019][T21452] dump_stack_lvl+0x16c/0x1f0 [ 1160.714071][T21452] should_fail_ex+0x512/0x640 [ 1160.714123][T21452] should_fail_alloc_page+0xe7/0x130 [ 1160.714168][T21452] prepare_alloc_pages+0x3c2/0x610 [ 1160.714214][T21452] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1160.714282][T21452] ? rcu_is_watching+0x12/0xc0 [ 1160.714328][T21452] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1160.714377][T21452] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 1160.714439][T21452] ? __lock_acquire+0x622/0x1c90 [ 1160.714481][T21452] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1160.714550][T21452] ? policy_nodemask+0xea/0x4e0 [ 1160.714595][T21452] alloc_pages_mpol+0x1fb/0x550 [ 1160.714627][T21452] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1160.714658][T21452] ? filemap_get_entry+0x1a7/0x3b0 [ 1160.714692][T21452] folio_alloc_noprof+0x20/0x2d0 [ 1160.714728][T21452] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1160.714766][T21452] ? ___kmalloc_large_node+0x183/0x1e0 [ 1160.714804][T21452] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1160.714845][T21452] ? rcu_is_watching+0x12/0xc0 [ 1160.714888][T21452] __filemap_get_folio+0x5e1/0xc30 [ 1160.714946][T21452] ioctx_alloc+0x761/0x2120 [ 1160.715030][T21452] ? __pfx_ioctx_alloc+0x10/0x10 [ 1160.715074][T21452] ? __might_fault+0x13b/0x190 [ 1160.715144][T21452] __x64_sys_io_setup+0xc9/0x210 [ 1160.715195][T21452] do_syscall_64+0xcd/0x490 [ 1160.715250][T21452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1160.715286][T21452] RIP: 0033:0x7f849d58e929 [ 1160.715315][T21452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1160.715348][T21452] RSP: 002b:00007f849e3c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1160.715382][T21452] RAX: ffffffffffffffda RBX: 00007f849d7b5fa0 RCX: 00007f849d58e929 [ 1160.715406][T21452] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1160.715428][T21452] RBP: 00007f849d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1160.715450][T21452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1160.715471][T21452] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1160.715516][T21452] [ 1161.600993][T21455] random: crng reseeded on system resumption [ 1161.698351][T21455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1161.712596][T21455] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1176.670770][T21678] FAULT_INJECTION: forcing a failure. [ 1176.670770][T21678] name failslab, interval 1, probability 0, space 0, times 0 [ 1176.742039][T21678] CPU: 0 UID: 0 PID: 21678 Comm: syz.1.3426 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1176.742085][T21678] Tainted: [U]=USER [ 1176.742093][T21678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1176.742108][T21678] Call Trace: [ 1176.742116][T21678] [ 1176.742126][T21678] dump_stack_lvl+0x16c/0x1f0 [ 1176.742167][T21678] should_fail_ex+0x512/0x640 [ 1176.742202][T21678] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1176.742242][T21678] should_failslab+0xc2/0x120 [ 1176.742265][T21678] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1176.742301][T21678] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 1176.742334][T21678] ? alloc_inode+0xc3/0x240 [ 1176.742362][T21678] alloc_inode+0xc3/0x240 [ 1176.742386][T21678] alloc_anon_inode+0x28/0x3e0 [ 1176.742421][T21678] ioctx_alloc+0x4ad/0x2120 [ 1176.742466][T21678] ? find_held_lock+0x2b/0x80 [ 1176.742492][T21678] ? __pfx_ioctx_alloc+0x10/0x10 [ 1176.742520][T21678] ? __might_fault+0x13b/0x190 [ 1176.742563][T21678] __x64_sys_io_setup+0xc9/0x210 [ 1176.742596][T21678] do_syscall_64+0xcd/0x490 [ 1176.742636][T21678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1176.742660][T21678] RIP: 0033:0x7f7d6b18e929 [ 1176.742679][T21678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1176.742702][T21678] RSP: 002b:00007f7d6c044038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1176.742724][T21678] RAX: ffffffffffffffda RBX: 00007f7d6b3b5fa0 RCX: 00007f7d6b18e929 [ 1176.742739][T21678] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1176.742754][T21678] RBP: 00007f7d6b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1176.742769][T21678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1176.742783][T21678] R13: 0000000000000000 R14: 00007f7d6b3b5fa0 R15: 00007ffd008239e8 [ 1176.742812][T21678] [ 1177.652097][T21694] FAULT_INJECTION: forcing a failure. [ 1177.652097][T21694] name failslab, interval 1, probability 0, space 0, times 0 [ 1177.722472][T21694] CPU: 1 UID: 0 PID: 21694 Comm: syz.2.3431 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1177.722528][T21694] Tainted: [U]=USER [ 1177.722539][T21694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1177.722558][T21694] Call Trace: [ 1177.722576][T21694] [ 1177.722590][T21694] dump_stack_lvl+0x16c/0x1f0 [ 1177.722645][T21694] should_fail_ex+0x512/0x640 [ 1177.722693][T21694] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1177.722744][T21694] should_failslab+0xc2/0x120 [ 1177.722776][T21694] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1177.722822][T21694] ? genl_start+0x1e8/0x980 [ 1177.722868][T21694] genl_start+0x1e8/0x980 [ 1177.722913][T21694] __netlink_dump_start+0x60b/0x990 [ 1177.722953][T21694] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 1177.722998][T21694] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 1177.723040][T21694] ? genl_op_from_small+0x25/0x440 [ 1177.723087][T21694] ? __pfx_genl_get_cmd+0x10/0x10 [ 1177.723122][T21694] ? __pfx_genl_start+0x10/0x10 [ 1177.723158][T21694] ? __pfx_genl_dumpit+0x10/0x10 [ 1177.723196][T21694] ? __pfx_genl_done+0x10/0x10 [ 1177.723241][T21694] ? __radix_tree_lookup+0x21f/0x2c0 [ 1177.723294][T21694] genl_rcv_msg+0x46e/0x800 [ 1177.723339][T21694] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1177.723382][T21694] ? __pfx_nl80211_dump_station+0x10/0x10 [ 1177.723456][T21694] netlink_rcv_skb+0x158/0x420 [ 1177.723489][T21694] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1177.723529][T21694] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1177.723591][T21694] ? netlink_deliver_tap+0x1ae/0xd30 [ 1177.723652][T21694] genl_rcv+0x28/0x40 [ 1177.723687][T21694] netlink_unicast+0x58a/0x850 [ 1177.723729][T21694] ? __pfx_netlink_unicast+0x10/0x10 [ 1177.723776][T21694] netlink_sendmsg+0x8d1/0xdd0 [ 1177.723819][T21694] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1177.723871][T21694] ____sys_sendmsg+0xa98/0xc70 [ 1177.723911][T21694] ? copy_msghdr_from_user+0x10a/0x160 [ 1177.723961][T21694] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1177.724020][T21694] ___sys_sendmsg+0x134/0x1d0 [ 1177.724071][T21694] ? __pfx____sys_sendmsg+0x10/0x10 [ 1177.724118][T21694] ? __lock_acquire+0x622/0x1c90 [ 1177.724218][T21694] __sys_sendmsg+0x16d/0x220 [ 1177.724271][T21694] ? __pfx___sys_sendmsg+0x10/0x10 [ 1177.724348][T21694] do_syscall_64+0xcd/0x490 [ 1177.724404][T21694] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1177.724438][T21694] RIP: 0033:0x7f6208b8e929 [ 1177.724465][T21694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1177.724498][T21694] RSP: 002b:00007f62069d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1177.724529][T21694] RAX: ffffffffffffffda RBX: 00007f6208db6080 RCX: 00007f6208b8e929 [ 1177.724552][T21694] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 1177.724580][T21694] RBP: 00007f62069d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1177.724601][T21694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1177.724621][T21694] R13: 0000000000000001 R14: 00007f6208db6080 R15: 00007fff31c03e98 [ 1177.724666][T21694] [ 1180.026875][T21727] FAULT_INJECTION: forcing a failure. [ 1180.026875][T21727] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.043846][T21727] CPU: 1 UID: 0 PID: 21727 Comm: syz.3.3438 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1180.043892][T21727] Tainted: [U]=USER [ 1180.043900][T21727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1180.043915][T21727] Call Trace: [ 1180.043925][T21727] [ 1180.043938][T21727] dump_stack_lvl+0x16c/0x1f0 [ 1180.043986][T21727] should_fail_ex+0x512/0x640 [ 1180.044028][T21727] ? fs_reclaim_acquire+0xae/0x150 [ 1180.044060][T21727] should_failslab+0xc2/0x120 [ 1180.044084][T21727] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1180.044124][T21727] ? security_inode_alloc+0x3b/0x2b0 [ 1180.044157][T21727] security_inode_alloc+0x3b/0x2b0 [ 1180.044185][T21727] inode_init_always_gfp+0xce4/0x1030 [ 1180.044228][T21727] alloc_inode+0x86/0x240 [ 1180.044260][T21727] alloc_anon_inode+0x28/0x3e0 [ 1180.044302][T21727] ioctx_alloc+0x4ad/0x2120 [ 1180.044355][T21727] ? find_held_lock+0x2b/0x80 [ 1180.044387][T21727] ? __pfx_ioctx_alloc+0x10/0x10 [ 1180.044424][T21727] ? __might_fault+0x13b/0x190 [ 1180.044476][T21727] __x64_sys_io_setup+0xc9/0x210 [ 1180.044515][T21727] do_syscall_64+0xcd/0x490 [ 1180.044570][T21727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1180.044599][T21727] RIP: 0033:0x7f1d0018e929 [ 1180.044623][T21727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1180.044652][T21727] RSP: 002b:00007f1cfdff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1180.044679][T21727] RAX: ffffffffffffffda RBX: 00007f1d003b5fa0 RCX: 00007f1d0018e929 [ 1180.044698][T21727] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1180.044716][T21727] RBP: 00007f1d00210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1180.044734][T21727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1180.044752][T21727] R13: 0000000000000000 R14: 00007f1d003b5fa0 R15: 00007ffc58e48018 [ 1180.044790][T21727] [ 1181.224483][T21737] ima: policy update failed [ 1181.229642][ T30] audit: type=1802 audit(4294967767.700:49): pid=21737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3441" res=0 errno=0 [ 1181.633218][T21756] FAULT_INJECTION: forcing a failure. [ 1181.633218][T21756] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.657343][T21756] CPU: 1 UID: 0 PID: 21756 Comm: syz.2.3444 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1181.657388][T21756] Tainted: [U]=USER [ 1181.657396][T21756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1181.657410][T21756] Call Trace: [ 1181.657418][T21756] [ 1181.657426][T21756] dump_stack_lvl+0x16c/0x1f0 [ 1181.657461][T21756] should_fail_ex+0x512/0x640 [ 1181.657491][T21756] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1181.657522][T21756] should_failslab+0xc2/0x120 [ 1181.657542][T21756] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1181.657570][T21756] ? pkcs7_parse_message+0x98/0x720 [ 1181.657604][T21756] pkcs7_parse_message+0x98/0x720 [ 1181.657637][T21756] verify_pkcs7_signature+0x30/0xa0 [ 1181.657661][T21756] valid_regdb+0x215/0x590 [ 1181.657682][T21756] ? __pfx___mutex_lock+0x10/0x10 [ 1181.657715][T21756] ? __pfx_valid_regdb+0x10/0x10 [ 1181.657741][T21756] reg_reload_regdb+0x11e/0x460 [ 1181.657765][T21756] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1181.657790][T21756] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1181.657820][T21756] ? nl80211_pre_doit+0x1b0/0xb10 [ 1181.657853][T21756] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1181.657881][T21756] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1181.657905][T21756] ? rcu_is_watching+0x12/0xc0 [ 1181.657936][T21756] ? bpf_lsm_capable+0x9/0x10 [ 1181.657961][T21756] ? security_capable+0x7e/0x260 [ 1181.657986][T21756] genl_rcv_msg+0x55c/0x800 [ 1181.658014][T21756] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1181.658038][T21756] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1181.658068][T21756] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1181.658089][T21756] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1181.658128][T21756] netlink_rcv_skb+0x158/0x420 [ 1181.658149][T21756] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1181.658183][T21756] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1181.658214][T21756] ? netlink_deliver_tap+0x1ae/0xd30 [ 1181.658252][T21756] genl_rcv+0x28/0x40 [ 1181.658274][T21756] netlink_unicast+0x58a/0x850 [ 1181.658298][T21756] ? __pfx_netlink_unicast+0x10/0x10 [ 1181.658328][T21756] netlink_sendmsg+0x8d1/0xdd0 [ 1181.658353][T21756] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1181.658384][T21756] ____sys_sendmsg+0xa98/0xc70 [ 1181.658408][T21756] ? copy_msghdr_from_user+0x10a/0x160 [ 1181.658439][T21756] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1181.658467][T21756] ? try_to_wake_up+0xa2f/0x1680 [ 1181.658492][T21756] ___sys_sendmsg+0x134/0x1d0 [ 1181.658524][T21756] ? __pfx____sys_sendmsg+0x10/0x10 [ 1181.658553][T21756] ? __lock_acquire+0x622/0x1c90 [ 1181.658612][T21756] __sys_sendmsg+0x16d/0x220 [ 1181.658643][T21756] ? __pfx___sys_sendmsg+0x10/0x10 [ 1181.658673][T21756] ? __x64_sys_futex+0x1e0/0x4c0 [ 1181.658714][T21756] do_syscall_64+0xcd/0x490 [ 1181.658747][T21756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1181.658768][T21756] RIP: 0033:0x7f6208b8e929 [ 1181.658784][T21756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1181.658804][T21756] RSP: 002b:00007f62069d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1181.658823][T21756] RAX: ffffffffffffffda RBX: 00007f6208db6080 RCX: 00007f6208b8e929 [ 1181.658837][T21756] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 1181.658850][T21756] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1181.658862][T21756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1181.658875][T21756] R13: 0000000000000000 R14: 00007f6208db6080 R15: 00007fff31c03e98 [ 1181.658900][T21756] [ 1182.117153][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1182.127756][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1183.886034][T21788] FAULT_INJECTION: forcing a failure. [ 1183.886034][T21788] name failslab, interval 1, probability 0, space 0, times 0 [ 1183.920307][T21788] CPU: 0 UID: 0 PID: 21788 Comm: syz.2.3455 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1183.920361][T21788] Tainted: [U]=USER [ 1183.920373][T21788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1183.920402][T21788] Call Trace: [ 1183.920411][T21788] [ 1183.920423][T21788] dump_stack_lvl+0x16c/0x1f0 [ 1183.920474][T21788] should_fail_ex+0x512/0x640 [ 1183.920518][T21788] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1183.920569][T21788] should_failslab+0xc2/0x120 [ 1183.920599][T21788] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1183.920646][T21788] ? __kernfs_new_node+0xd2/0x8e0 [ 1183.920695][T21788] __kernfs_new_node+0xd2/0x8e0 [ 1183.920742][T21788] ? __pfx___kernfs_new_node+0x10/0x10 [ 1183.920794][T21788] ? find_held_lock+0x2b/0x80 [ 1183.920827][T21788] ? kernfs_root+0xee/0x2a0 [ 1183.920876][T21788] kernfs_new_node+0x13c/0x1e0 [ 1183.920928][T21788] __kernfs_create_file+0x53/0x350 [ 1183.920973][T21788] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1183.921008][T21788] internal_create_group+0x578/0xf30 [ 1183.921044][T21788] ? __pfx_internal_create_group+0x10/0x10 [ 1183.921080][T21788] ? kernfs_create_link+0x1bd/0x240 [ 1183.921107][T21788] internal_create_groups+0x9d/0x150 [ 1183.921140][T21788] device_add+0xf30/0x1a70 [ 1183.921164][T21788] ? __pfx_device_add+0x10/0x10 [ 1183.921186][T21788] ? lockdep_init_map_type+0x5c/0x280 [ 1183.921216][T21788] ? __init_waitqueue_head+0xca/0x150 [ 1183.921243][T21788] netdev_register_kobject+0x182/0x3a0 [ 1183.921268][T21788] register_netdevice+0x13dc/0x2270 [ 1183.921293][T21788] ? __pfx_register_netdevice+0x10/0x10 [ 1183.921323][T21788] ? __pfx_loopback_net_init+0x10/0x10 [ 1183.921348][T21788] register_netdev+0x34/0x50 [ 1183.921367][T21788] loopback_net_init+0x7a/0x170 [ 1183.921391][T21788] ? __pfx_loopback_net_init+0x10/0x10 [ 1183.921415][T21788] ops_init+0x1df/0x5f0 [ 1183.921449][T21788] setup_net+0x1ff/0x510 [ 1183.921480][T21788] ? lockdep_init_map_type+0x5c/0x280 [ 1183.921510][T21788] ? __pfx_setup_net+0x10/0x10 [ 1183.921544][T21788] ? debug_mutex_init+0x37/0x70 [ 1183.921568][T21788] copy_net_ns+0x2a6/0x5f0 [ 1183.921591][T21788] create_new_namespaces+0x3ea/0xa90 [ 1183.921621][T21788] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1183.921665][T21788] ksys_unshare+0x45b/0xa40 [ 1183.921696][T21788] ? __pfx_ksys_unshare+0x10/0x10 [ 1183.921728][T21788] ? xfd_validate_state+0x61/0x180 [ 1183.921766][T21788] __x64_sys_unshare+0x31/0x40 [ 1183.921806][T21788] do_syscall_64+0xcd/0x490 [ 1183.921840][T21788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1183.921861][T21788] RIP: 0033:0x7f6208b8e929 [ 1183.921877][T21788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1183.921898][T21788] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1183.921917][T21788] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1183.921931][T21788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1183.921949][T21788] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1183.921962][T21788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1183.921975][T21788] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1183.922001][T21788] [ 1184.534501][T21788] random: crng reseeded on system resumption [ 1186.066808][T21830] FAULT_INJECTION: forcing a failure. [ 1186.066808][T21830] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.103725][T21830] CPU: 1 UID: 0 PID: 21830 Comm: syz.2.3463 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1186.103797][T21830] Tainted: [U]=USER [ 1186.103808][T21830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1186.103826][T21830] Call Trace: [ 1186.103838][T21830] [ 1186.103850][T21830] dump_stack_lvl+0x16c/0x1f0 [ 1186.103899][T21830] should_fail_ex+0x512/0x640 [ 1186.103944][T21830] ? fs_reclaim_acquire+0xae/0x150 [ 1186.103983][T21830] should_failslab+0xc2/0x120 [ 1186.104017][T21830] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1186.104065][T21830] ? security_inode_alloc+0x3b/0x2b0 [ 1186.104106][T21830] security_inode_alloc+0x3b/0x2b0 [ 1186.104142][T21830] inode_init_always_gfp+0xce4/0x1030 [ 1186.104193][T21830] alloc_inode+0x86/0x240 [ 1186.104226][T21830] alloc_anon_inode+0x28/0x3e0 [ 1186.104273][T21830] ioctx_alloc+0x4ad/0x2120 [ 1186.104328][T21830] ? find_held_lock+0x2b/0x80 [ 1186.104362][T21830] ? __pfx_ioctx_alloc+0x10/0x10 [ 1186.104399][T21830] ? __might_fault+0x13b/0x190 [ 1186.104455][T21830] __x64_sys_io_setup+0xc9/0x210 [ 1186.104500][T21830] do_syscall_64+0xcd/0x490 [ 1186.104550][T21830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1186.104582][T21830] RIP: 0033:0x7f6208b8e929 [ 1186.104606][T21830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1186.104639][T21830] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1186.104669][T21830] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1186.104690][T21830] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1186.104710][T21830] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1186.104730][T21830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1186.104749][T21830] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1186.104798][T21830] [ 1186.711190][T21835] FAULT_INJECTION: forcing a failure. [ 1186.711190][T21835] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.753612][T21835] CPU: 0 UID: 0 PID: 21835 Comm: syz.2.3473 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1186.753665][T21835] Tainted: [U]=USER [ 1186.753677][T21835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1186.753696][T21835] Call Trace: [ 1186.753707][T21835] [ 1186.753720][T21835] dump_stack_lvl+0x16c/0x1f0 [ 1186.753773][T21835] should_fail_ex+0x512/0x640 [ 1186.753815][T21835] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1186.753868][T21835] should_failslab+0xc2/0x120 [ 1186.753897][T21835] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1186.753945][T21835] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 1186.753996][T21835] ? alloc_inode+0xc3/0x240 [ 1186.754035][T21835] alloc_inode+0xc3/0x240 [ 1186.754067][T21835] alloc_anon_inode+0x28/0x3e0 [ 1186.754114][T21835] ioctx_alloc+0x4ad/0x2120 [ 1186.754167][T21835] ? find_held_lock+0x2b/0x80 [ 1186.754199][T21835] ? __pfx_ioctx_alloc+0x10/0x10 [ 1186.754237][T21835] ? __might_fault+0x13b/0x190 [ 1186.754293][T21835] __x64_sys_io_setup+0xc9/0x210 [ 1186.754336][T21835] do_syscall_64+0xcd/0x490 [ 1186.754385][T21835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1186.754416][T21835] RIP: 0033:0x7f6208b8e929 [ 1186.754441][T21835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1186.754472][T21835] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1186.754502][T21835] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1186.754524][T21835] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1186.754545][T21835] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1186.754564][T21835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1186.754583][T21835] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1186.754623][T21835] [ 1187.561020][T21851] FAULT_INJECTION: forcing a failure. [ 1187.561020][T21851] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1187.584220][T21851] CPU: 0 UID: 0 PID: 21851 Comm: syz.1.3467 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1187.584263][T21851] Tainted: [U]=USER [ 1187.584272][T21851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1187.584287][T21851] Call Trace: [ 1187.584295][T21851] [ 1187.584305][T21851] dump_stack_lvl+0x16c/0x1f0 [ 1187.584350][T21851] should_fail_ex+0x512/0x640 [ 1187.584389][T21851] _copy_from_user+0x2e/0xd0 [ 1187.584427][T21851] copy_msghdr_from_user+0x98/0x160 [ 1187.584463][T21851] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1187.584504][T21851] ? __pfx__kstrtoull+0x10/0x10 [ 1187.584537][T21851] ___sys_sendmsg+0xfe/0x1d0 [ 1187.584573][T21851] ? __pfx____sys_sendmsg+0x10/0x10 [ 1187.584621][T21851] ? find_held_lock+0x2b/0x80 [ 1187.584663][T21851] __sys_sendmmsg+0x200/0x420 [ 1187.584709][T21851] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1187.584753][T21851] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1187.584803][T21851] ? fput+0x70/0xf0 [ 1187.584825][T21851] ? ksys_write+0x1ac/0x250 [ 1187.584858][T21851] ? __pfx_ksys_write+0x10/0x10 [ 1187.584899][T21851] __x64_sys_sendmmsg+0x9c/0x100 [ 1187.584953][T21851] ? lockdep_hardirqs_on+0x7c/0x110 [ 1187.584992][T21851] do_syscall_64+0xcd/0x490 [ 1187.585036][T21851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1187.585063][T21851] RIP: 0033:0x7f7d6b18e929 [ 1187.585085][T21851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1187.585113][T21851] RSP: 002b:00007f7d6c023038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1187.585139][T21851] RAX: ffffffffffffffda RBX: 00007f7d6b3b6080 RCX: 00007f7d6b18e929 [ 1187.585158][T21851] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1187.585174][T21851] RBP: 00007f7d6c023090 R08: 0000000000000000 R09: 0000000000000000 [ 1187.585191][T21851] R10: 0000000000000140 R11: 0000000000000246 R12: 0000000000000001 [ 1187.585208][T21851] R13: 0000000000000000 R14: 00007f7d6b3b6080 R15: 00007ffd008239e8 [ 1187.585244][T21851] [ 1189.437097][T21893] FAULT_INJECTION: forcing a failure. [ 1189.437097][T21893] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.449873][T21893] CPU: 1 UID: 0 PID: 21893 Comm: syz.1.3476 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1189.449919][T21893] Tainted: [U]=USER [ 1189.449930][T21893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1189.449948][T21893] Call Trace: [ 1189.449959][T21893] [ 1189.449970][T21893] dump_stack_lvl+0x16c/0x1f0 [ 1189.450019][T21893] should_fail_ex+0x512/0x640 [ 1189.450059][T21893] ? fs_reclaim_acquire+0xae/0x150 [ 1189.450096][T21893] should_failslab+0xc2/0x120 [ 1189.450124][T21893] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1189.450167][T21893] ? security_inode_alloc+0x3b/0x2b0 [ 1189.450203][T21893] security_inode_alloc+0x3b/0x2b0 [ 1189.450244][T21893] inode_init_always_gfp+0xce4/0x1030 [ 1189.450286][T21893] alloc_inode+0x86/0x240 [ 1189.450313][T21893] alloc_anon_inode+0x28/0x3e0 [ 1189.450351][T21893] ioctx_alloc+0x4ad/0x2120 [ 1189.450395][T21893] ? find_held_lock+0x2b/0x80 [ 1189.450423][T21893] ? __pfx_ioctx_alloc+0x10/0x10 [ 1189.450464][T21893] ? __might_fault+0x13b/0x190 [ 1189.450510][T21893] __x64_sys_io_setup+0xc9/0x210 [ 1189.450547][T21893] do_syscall_64+0xcd/0x490 [ 1189.450608][T21893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1189.450636][T21893] RIP: 0033:0x7f7d6b18e929 [ 1189.450658][T21893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1189.450716][T21893] RSP: 002b:00007f7d6c044038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1189.450744][T21893] RAX: ffffffffffffffda RBX: 00007f7d6b3b5fa0 RCX: 00007f7d6b18e929 [ 1189.450763][T21893] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1189.450782][T21893] RBP: 00007f7d6b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1189.450800][T21893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1189.450818][T21893] R13: 0000000000000000 R14: 00007f7d6b3b5fa0 R15: 00007ffd008239e8 [ 1189.450854][T21893] [ 1189.742601][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1375 with max blocks 6 with error 117 [ 1189.755792][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1189.755792][ T12] [ 1190.261362][T21907] Invalid ELF header magic: != ELF [ 1190.638246][T21926] FAULT_INJECTION: forcing a failure. [ 1190.638246][T21926] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1190.651530][T21926] CPU: 0 UID: 0 PID: 21926 Comm: syz.0.3484 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1190.651575][T21926] Tainted: [U]=USER [ 1190.651586][T21926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1190.651603][T21926] Call Trace: [ 1190.651614][T21926] [ 1190.651625][T21926] dump_stack_lvl+0x16c/0x1f0 [ 1190.651674][T21926] should_fail_ex+0x512/0x640 [ 1190.651723][T21926] _copy_from_user+0x2e/0xd0 [ 1190.651779][T21926] move_addr_to_kernel+0x65/0x170 [ 1190.651815][T21926] __copy_msghdr+0x386/0x470 [ 1190.651855][T21926] copy_msghdr_from_user+0xc1/0x160 [ 1190.651897][T21926] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1190.651946][T21926] ? __pfx__kstrtoull+0x10/0x10 [ 1190.651986][T21926] ___sys_sendmsg+0xfe/0x1d0 [ 1190.652029][T21926] ? __pfx____sys_sendmsg+0x10/0x10 [ 1190.652088][T21926] ? find_held_lock+0x2b/0x80 [ 1190.652139][T21926] __sys_sendmmsg+0x200/0x420 [ 1190.652185][T21926] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1190.652237][T21926] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1190.652294][T21926] ? fput+0x70/0xf0 [ 1190.652329][T21926] ? ksys_write+0x1ac/0x250 [ 1190.652369][T21926] ? __pfx_ksys_write+0x10/0x10 [ 1190.652419][T21926] __x64_sys_sendmmsg+0x9c/0x100 [ 1190.652460][T21926] ? lockdep_hardirqs_on+0x7c/0x110 [ 1190.652499][T21926] do_syscall_64+0xcd/0x490 [ 1190.652544][T21926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.652573][T21926] RIP: 0033:0x7f849d58e929 [ 1190.652596][T21926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1190.652623][T21926] RSP: 002b:00007f849e3a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1190.652649][T21926] RAX: ffffffffffffffda RBX: 00007f849d7b6080 RCX: 00007f849d58e929 [ 1190.652668][T21926] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1190.652686][T21926] RBP: 00007f849e3a3090 R08: 0000000000000000 R09: 0000000000000000 [ 1190.652704][T21926] R10: 0000000000000140 R11: 0000000000000246 R12: 0000000000000001 [ 1190.652721][T21926] R13: 0000000000000000 R14: 00007f849d7b6080 R15: 00007ffc7c24c498 [ 1190.652757][T21926] [ 1190.908744][T21916] FAULT_INJECTION: forcing a failure. [ 1190.908744][T21916] name failslab, interval 1, probability 0, space 0, times 0 [ 1190.923615][T21916] CPU: 1 UID: 0 PID: 21916 Comm: syz.3.3482 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1190.923668][T21916] Tainted: [U]=USER [ 1190.923692][T21916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1190.923711][T21916] Call Trace: [ 1190.923721][T21916] [ 1190.923734][T21916] dump_stack_lvl+0x16c/0x1f0 [ 1190.923784][T21916] should_fail_ex+0x512/0x640 [ 1190.923828][T21916] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1190.923873][T21916] should_failslab+0xc2/0x120 [ 1190.923902][T21916] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1190.923944][T21916] ? mpi_alloc+0x46/0x230 [ 1190.923980][T21916] ? mpi_normalize+0xc9/0x100 [ 1190.924016][T21916] mpi_alloc+0x46/0x230 [ 1190.924051][T21916] rsa_check_payload+0x3b/0xc0 [ 1190.924097][T21916] rsa_enc+0x198/0x3b0 [ 1190.924145][T21916] ? __pfx_rsa_enc+0x10/0x10 [ 1190.924191][T21916] ? __virt_addr_valid+0x81/0x610 [ 1190.924224][T21916] ? __phys_addr+0xe8/0x180 [ 1190.924255][T21916] ? sg_init_one+0xf5/0x1b0 [ 1190.924298][T21916] rsassa_pkcs1_verify+0x502/0xb60 [ 1190.924354][T21916] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1190.924406][T21916] ? rsa_max_size+0xd/0x70 [ 1190.924447][T21916] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1190.924482][T21916] public_key_verify_signature+0x66f/0x970 [ 1190.924524][T21916] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1190.924572][T21916] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1190.924629][T21916] pkcs7_verify+0x32f/0x1b20 [ 1190.924685][T21916] verify_pkcs7_message_sig+0xdd/0x250 [ 1190.924719][T21916] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1190.924753][T21916] ? kfree+0x2b4/0x4d0 [ 1190.924786][T21916] ? public_key_signature_free+0xda/0x110 [ 1190.924828][T21916] ? pkcs7_parse_message+0x536/0x720 [ 1190.924873][T21916] verify_pkcs7_signature+0x6d/0xa0 [ 1190.924909][T21916] valid_regdb+0x215/0x590 [ 1190.924959][T21916] ? __pfx___mutex_lock+0x10/0x10 [ 1190.925031][T21916] ? __pfx_valid_regdb+0x10/0x10 [ 1190.925076][T21916] reg_reload_regdb+0x11e/0x460 [ 1190.925118][T21916] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1190.925161][T21916] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1190.925209][T21916] ? nl80211_pre_doit+0x1b0/0xb10 [ 1190.925265][T21916] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1190.925311][T21916] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1190.925352][T21916] ? rcu_is_watching+0x12/0xc0 [ 1190.925403][T21916] ? bpf_lsm_capable+0x9/0x10 [ 1190.925445][T21916] ? security_capable+0x7e/0x260 [ 1190.925486][T21916] genl_rcv_msg+0x55c/0x800 [ 1190.925532][T21916] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1190.925583][T21916] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1190.925631][T21916] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1190.925668][T21916] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1190.925734][T21916] netlink_rcv_skb+0x158/0x420 [ 1190.925770][T21916] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1190.925814][T21916] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1190.925867][T21916] ? netlink_deliver_tap+0x1ae/0xd30 [ 1190.925931][T21916] genl_rcv+0x28/0x40 [ 1190.925967][T21916] netlink_unicast+0x58a/0x850 [ 1190.926007][T21916] ? __pfx_netlink_unicast+0x10/0x10 [ 1190.926067][T21916] netlink_sendmsg+0x8d1/0xdd0 [ 1190.926119][T21916] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1190.926166][T21916] ____sys_sendmsg+0xa98/0xc70 [ 1190.926201][T21916] ? copy_msghdr_from_user+0x10a/0x160 [ 1190.926246][T21916] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1190.926288][T21916] ? try_to_wake_up+0xa2f/0x1680 [ 1190.926326][T21916] ___sys_sendmsg+0x134/0x1d0 [ 1190.926374][T21916] ? __pfx____sys_sendmsg+0x10/0x10 [ 1190.926417][T21916] ? __lock_acquire+0x622/0x1c90 [ 1190.926506][T21916] __sys_sendmsg+0x16d/0x220 [ 1190.926579][T21916] ? __pfx___sys_sendmsg+0x10/0x10 [ 1190.926628][T21916] ? __x64_sys_futex+0x1e0/0x4c0 [ 1190.926696][T21916] do_syscall_64+0xcd/0x490 [ 1190.926748][T21916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1190.926780][T21916] RIP: 0033:0x7f1d0018e929 [ 1190.926806][T21916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1190.926839][T21916] RSP: 002b:00007f1cfdff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1190.926870][T21916] RAX: ffffffffffffffda RBX: 00007f1d003b5fa0 RCX: 00007f1d0018e929 [ 1190.926893][T21916] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 1190.926913][T21916] RBP: 00007f1d00210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1190.926934][T21916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1190.926954][T21916] R13: 0000000000000000 R14: 00007f1d003b5fa0 R15: 00007ffc58e48018 [ 1190.926997][T21916] [ 1191.665832][T21938] FAULT_INJECTION: forcing a failure. [ 1191.665832][T21938] name failslab, interval 1, probability 0, space 0, times 0 [ 1191.680072][T21938] CPU: 1 UID: 0 PID: 21938 Comm: syz.1.3488 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1191.680124][T21938] Tainted: [U]=USER [ 1191.680135][T21938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1191.680155][T21938] Call Trace: [ 1191.680165][T21938] [ 1191.680178][T21938] dump_stack_lvl+0x16c/0x1f0 [ 1191.680234][T21938] should_fail_ex+0x512/0x640 [ 1191.680292][T21938] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1191.680347][T21938] should_failslab+0xc2/0x120 [ 1191.680379][T21938] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1191.680430][T21938] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 1191.680474][T21938] ? alloc_inode+0xc3/0x240 [ 1191.680513][T21938] alloc_inode+0xc3/0x240 [ 1191.680547][T21938] alloc_anon_inode+0x28/0x3e0 [ 1191.680596][T21938] ioctx_alloc+0x4ad/0x2120 [ 1191.680653][T21938] ? find_held_lock+0x2b/0x80 [ 1191.680689][T21938] ? __pfx_ioctx_alloc+0x10/0x10 [ 1191.680729][T21938] ? __might_fault+0x13b/0x190 [ 1191.680789][T21938] __x64_sys_io_setup+0xc9/0x210 [ 1191.680837][T21938] do_syscall_64+0xcd/0x490 [ 1191.680891][T21938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1191.680925][T21938] RIP: 0033:0x7f7d6b18e929 [ 1191.680951][T21938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1191.680984][T21938] RSP: 002b:00007f7d6c044038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1191.681015][T21938] RAX: ffffffffffffffda RBX: 00007f7d6b3b5fa0 RCX: 00007f7d6b18e929 [ 1191.681038][T21938] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1191.681061][T21938] RBP: 00007f7d6b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1191.681082][T21938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1191.681103][T21938] R13: 0000000000000000 R14: 00007f7d6b3b5fa0 R15: 00007ffd008239e8 [ 1191.681148][T21938] [ 1193.599928][T21982] FAULT_INJECTION: forcing a failure. [ 1193.599928][T21982] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.662667][T21982] CPU: 1 UID: 0 PID: 21982 Comm: syz.1.3496 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1193.662714][T21982] Tainted: [U]=USER [ 1193.662724][T21982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1193.662740][T21982] Call Trace: [ 1193.662749][T21982] [ 1193.662760][T21982] dump_stack_lvl+0x16c/0x1f0 [ 1193.662805][T21982] should_fail_ex+0x512/0x640 [ 1193.662843][T21982] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1193.662885][T21982] should_failslab+0xc2/0x120 [ 1193.662916][T21982] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1193.662959][T21982] ? mpi_alloc+0x46/0x230 [ 1193.662994][T21982] ? mpi_normalize+0xc9/0x100 [ 1193.663040][T21982] mpi_alloc+0x46/0x230 [ 1193.663071][T21982] rsa_check_payload+0x3b/0xc0 [ 1193.663113][T21982] rsa_enc+0x198/0x3b0 [ 1193.663153][T21982] ? __pfx_rsa_enc+0x10/0x10 [ 1193.663191][T21982] ? __virt_addr_valid+0x81/0x610 [ 1193.663219][T21982] ? __phys_addr+0xe8/0x180 [ 1193.663246][T21982] ? sg_init_one+0xf5/0x1b0 [ 1193.663282][T21982] rsassa_pkcs1_verify+0x502/0xb60 [ 1193.663328][T21982] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1193.663379][T21982] ? rsa_max_size+0xd/0x70 [ 1193.663423][T21982] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1193.663461][T21982] public_key_verify_signature+0x66f/0x970 [ 1193.663507][T21982] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1193.663549][T21982] ? crypto_destroy_tfm+0x14d/0x2b0 [ 1193.663609][T21982] pkcs7_verify+0x32f/0x1b20 [ 1193.663668][T21982] verify_pkcs7_message_sig+0xdd/0x250 [ 1193.663703][T21982] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 1193.663737][T21982] ? kfree+0x2b4/0x4d0 [ 1193.663772][T21982] ? public_key_signature_free+0xda/0x110 [ 1193.663818][T21982] ? pkcs7_parse_message+0x536/0x720 [ 1193.663864][T21982] verify_pkcs7_signature+0x6d/0xa0 [ 1193.663902][T21982] valid_regdb+0x215/0x590 [ 1193.663934][T21982] ? __pfx___mutex_lock+0x10/0x10 [ 1193.663982][T21982] ? __pfx_valid_regdb+0x10/0x10 [ 1193.664021][T21982] reg_reload_regdb+0x11e/0x460 [ 1193.664063][T21982] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1193.664100][T21982] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1193.664143][T21982] ? nl80211_pre_doit+0x1b0/0xb10 [ 1193.664193][T21982] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1193.664234][T21982] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1193.664270][T21982] ? rcu_is_watching+0x12/0xc0 [ 1193.664315][T21982] ? bpf_lsm_capable+0x9/0x10 [ 1193.664353][T21982] ? security_capable+0x7e/0x260 [ 1193.664390][T21982] genl_rcv_msg+0x55c/0x800 [ 1193.664431][T21982] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1193.664468][T21982] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1193.664512][T21982] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1193.664545][T21982] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1193.664604][T21982] netlink_rcv_skb+0x158/0x420 [ 1193.664636][T21982] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1193.664675][T21982] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1193.664722][T21982] ? netlink_deliver_tap+0x1ae/0xd30 [ 1193.664777][T21982] genl_rcv+0x28/0x40 [ 1193.664807][T21982] netlink_unicast+0x58a/0x850 [ 1193.664844][T21982] ? __pfx_netlink_unicast+0x10/0x10 [ 1193.664888][T21982] netlink_sendmsg+0x8d1/0xdd0 [ 1193.664944][T21982] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1193.665014][T21982] ____sys_sendmsg+0xa98/0xc70 [ 1193.665057][T21982] ? copy_msghdr_from_user+0x10a/0x160 [ 1193.665100][T21982] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1193.665140][T21982] ? __pfx_futex_wake_mark+0x10/0x10 [ 1193.665187][T21982] ___sys_sendmsg+0x134/0x1d0 [ 1193.665231][T21982] ? __pfx____sys_sendmsg+0x10/0x10 [ 1193.665277][T21982] ? __lock_acquire+0x622/0x1c90 [ 1193.665374][T21982] __sys_sendmsg+0x16d/0x220 [ 1193.665425][T21982] ? __pfx___sys_sendmsg+0x10/0x10 [ 1193.665475][T21982] ? __x64_sys_futex+0x1e0/0x4c0 [ 1193.665543][T21982] do_syscall_64+0xcd/0x490 [ 1193.665598][T21982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1193.665633][T21982] RIP: 0033:0x7f7d6b18e929 [ 1193.665660][T21982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1193.665697][T21982] RSP: 002b:00007f7d6c044038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1193.665724][T21982] RAX: ffffffffffffffda RBX: 00007f7d6b3b5fa0 RCX: 00007f7d6b18e929 [ 1193.665744][T21982] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 1193.665763][T21982] RBP: 00007f7d6b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1193.665781][T21982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1193.665799][T21982] R13: 0000000000000000 R14: 00007f7d6b3b5fa0 R15: 00007ffd008239e8 [ 1193.665835][T21982] [ 1194.192436][T21993] FAULT_INJECTION: forcing a failure. [ 1194.192436][T21993] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.247190][T21993] CPU: 0 UID: 0 PID: 21993 Comm: syz.0.3498 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1194.247243][T21993] Tainted: [U]=USER [ 1194.247255][T21993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1194.247274][T21993] Call Trace: [ 1194.247284][T21993] [ 1194.247297][T21993] dump_stack_lvl+0x16c/0x1f0 [ 1194.247349][T21993] should_fail_ex+0x512/0x640 [ 1194.247395][T21993] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1194.247450][T21993] should_failslab+0xc2/0x120 [ 1194.247480][T21993] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1194.247526][T21993] ? look_up_lock_class+0x6b/0x150 [ 1194.247568][T21993] ? __alloc_skb+0x2b2/0x380 [ 1194.247612][T21993] ? register_lock_class+0x41/0x4c0 [ 1194.247664][T21993] __alloc_skb+0x2b2/0x380 [ 1194.247708][T21993] ? __pfx___alloc_skb+0x10/0x10 [ 1194.247752][T21993] ? __lock_acquire+0xb8a/0x1c90 [ 1194.247808][T21993] alloc_skb_with_frags+0xe0/0x860 [ 1194.247867][T21993] sock_alloc_send_pskb+0x7fb/0x990 [ 1194.247934][T21993] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 1194.248001][T21993] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1194.248048][T21993] ? find_held_lock+0x2b/0x80 [ 1194.248084][T21993] ? dev_get_by_index+0x17c/0x380 [ 1194.248144][T21993] packet_sendmsg+0x1fb0/0x5880 [ 1194.248215][T21993] ? __pfx___might_resched+0x10/0x10 [ 1194.248254][T21993] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1194.248315][T21993] ? __pfx_packet_sendmsg+0x10/0x10 [ 1194.248357][T21993] ? iovec_from_user+0xbb/0x140 [ 1194.248389][T21993] ? aa_remount+0x1f0/0x2c0 [ 1194.248441][T21993] ____sys_sendmsg+0xa98/0xc70 [ 1194.248480][T21993] ? copy_msghdr_from_user+0x10a/0x160 [ 1194.248530][T21993] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1194.248573][T21993] ? __pfx__kstrtoull+0x10/0x10 [ 1194.248622][T21993] ___sys_sendmsg+0x134/0x1d0 [ 1194.248674][T21993] ? __pfx____sys_sendmsg+0x10/0x10 [ 1194.248743][T21993] ? find_held_lock+0x2b/0x80 [ 1194.248803][T21993] __sys_sendmmsg+0x200/0x420 [ 1194.248858][T21993] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1194.248921][T21993] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1194.248998][T21993] ? fput+0x70/0xf0 [ 1194.249031][T21993] ? ksys_write+0x1ac/0x250 [ 1194.249078][T21993] ? __pfx_ksys_write+0x10/0x10 [ 1194.249143][T21993] __x64_sys_sendmmsg+0x9c/0x100 [ 1194.249190][T21993] ? lockdep_hardirqs_on+0x7c/0x110 [ 1194.249234][T21993] do_syscall_64+0xcd/0x490 [ 1194.249284][T21993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1194.249315][T21993] RIP: 0033:0x7f849d58e929 [ 1194.249341][T21993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1194.249372][T21993] RSP: 002b:00007f849e3a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1194.249400][T21993] RAX: ffffffffffffffda RBX: 00007f849d7b6080 RCX: 00007f849d58e929 [ 1194.249420][T21993] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1194.249439][T21993] RBP: 00007f849e3a3090 R08: 0000000000000000 R09: 0000000000000000 [ 1194.249458][T21993] R10: 0000000000000140 R11: 0000000000000246 R12: 0000000000000001 [ 1194.249478][T21993] R13: 0000000000000000 R14: 00007f849d7b6080 R15: 00007ffc7c24c498 [ 1194.249518][T21993] [ 1195.950442][T22027] FAULT_INJECTION: forcing a failure. [ 1195.950442][T22027] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1195.980472][T22027] CPU: 0 UID: 0 PID: 22027 Comm: syz.0.3509 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1195.980517][T22027] Tainted: [U]=USER [ 1195.980525][T22027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1195.980537][T22027] Call Trace: [ 1195.980544][T22027] [ 1195.980553][T22027] dump_stack_lvl+0x16c/0x1f0 [ 1195.980589][T22027] should_fail_ex+0x512/0x640 [ 1195.980624][T22027] _copy_to_user+0x32/0xd0 [ 1195.980659][T22027] simple_read_from_buffer+0xcb/0x170 [ 1195.980688][T22027] proc_fail_nth_read+0x197/0x270 [ 1195.980714][T22027] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1195.980741][T22027] ? rw_verify_area+0xcf/0x680 [ 1195.980768][T22027] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1195.980793][T22027] vfs_read+0x1e4/0xc60 [ 1195.980833][T22027] ? __pfx___mutex_lock+0x10/0x10 [ 1195.980877][T22027] ? __pfx_vfs_read+0x10/0x10 [ 1195.980912][T22027] ? __fget_files+0x20e/0x3c0 [ 1195.980947][T22027] ksys_read+0x12a/0x250 [ 1195.980975][T22027] ? __pfx_ksys_read+0x10/0x10 [ 1195.981010][T22027] do_syscall_64+0xcd/0x490 [ 1195.981046][T22027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1195.981085][T22027] RIP: 0033:0x7f849d58d33c [ 1195.981102][T22027] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1195.981123][T22027] RSP: 002b:00007f849e3c4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1195.981143][T22027] RAX: ffffffffffffffda RBX: 00007f849d7b5fa0 RCX: 00007f849d58d33c [ 1195.981157][T22027] RDX: 000000000000000f RSI: 00007f849e3c40a0 RDI: 0000000000000005 [ 1195.981171][T22027] RBP: 00007f849e3c4090 R08: 0000000000000000 R09: 0000000000000000 [ 1195.981184][T22027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1195.981197][T22027] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1195.981223][T22027] [ 1197.637112][T22048] program syz.3.3512 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1199.055744][T22050] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1199.072757][T22050] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1199.413265][T22050] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1199.464299][T22050] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1199.514844][T22050] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1199.551325][T22050] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1199.575776][T22089] FAULT_INJECTION: forcing a failure. [ 1199.575776][T22089] name failslab, interval 1, probability 0, space 0, times 0 [ 1199.636139][T22089] CPU: 1 UID: 0 PID: 22089 Comm: syz.2.3516 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1199.636191][T22089] Tainted: [U]=USER [ 1199.636198][T22089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1199.636213][T22089] Call Trace: [ 1199.636220][T22089] [ 1199.636230][T22089] dump_stack_lvl+0x16c/0x1f0 [ 1199.636269][T22089] should_fail_ex+0x512/0x640 [ 1199.636303][T22089] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1199.636343][T22089] should_failslab+0xc2/0x120 [ 1199.636367][T22089] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1199.636403][T22089] ? pcpu_alloc_noprof+0x1f5/0x1470 [ 1199.636436][T22089] ? alloc_inode+0xc3/0x240 [ 1199.636465][T22089] alloc_inode+0xc3/0x240 [ 1199.636497][T22089] alloc_anon_inode+0x28/0x3e0 [ 1199.636532][T22089] ioctx_alloc+0x4ad/0x2120 [ 1199.636585][T22089] ? find_held_lock+0x2b/0x80 [ 1199.636627][T22089] ? __pfx_ioctx_alloc+0x10/0x10 [ 1199.636668][T22089] ? __might_fault+0x13b/0x190 [ 1199.636708][T22089] __x64_sys_io_setup+0xc9/0x210 [ 1199.636759][T22089] do_syscall_64+0xcd/0x490 [ 1199.636797][T22089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1199.636821][T22089] RIP: 0033:0x7f6208b8e929 [ 1199.636839][T22089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1199.636863][T22089] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1199.636885][T22089] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1199.636901][T22089] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1199.636916][T22089] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1199.636930][T22089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1199.636944][T22089] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1199.636972][T22089] [ 1199.829166][T22050] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1199.835323][T22050] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1200.637933][T14015] Bluetooth: hci4: command 0x0406 tx timeout [ 1201.267904][T22117] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48 [ 1201.437162][T14015] Bluetooth: hci1: command 0x0406 tx timeout [ 1201.523917][T14015] Bluetooth: hci3: command 0x0406 tx timeout [ 1201.916979][T14015] Bluetooth: hci2: command 0x0406 tx timeout [ 1202.746691][T14015] Bluetooth: hci4: command 0x0406 tx timeout [ 1203.516529][T14015] Bluetooth: hci1: command 0x0406 tx timeout [ 1203.596726][T14015] Bluetooth: hci3: command 0x0406 tx timeout [ 1204.007758][T14015] Bluetooth: hci2: command 0x0406 tx timeout [ 1209.935254][T22284] raw_sendmsg: syz.0.3563 forgot to set AF_INET. Fix it! [ 1210.306257][T22295] FAULT_INJECTION: forcing a failure. [ 1210.306257][T22295] name failslab, interval 1, probability 0, space 0, times 0 [ 1210.379964][T22295] CPU: 1 UID: 0 PID: 22295 Comm: syz.2.3565 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1210.380047][T22295] Tainted: [U]=USER [ 1210.380057][T22295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1210.380075][T22295] Call Trace: [ 1210.380085][T22295] [ 1210.380096][T22295] dump_stack_lvl+0x16c/0x1f0 [ 1210.380144][T22295] should_fail_ex+0x512/0x640 [ 1210.380187][T22295] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1210.380238][T22295] should_failslab+0xc2/0x120 [ 1210.380268][T22295] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1210.380310][T22295] ? unwind_get_return_address+0x59/0xa0 [ 1210.380355][T22295] ? __d_alloc+0x31/0xaa0 [ 1210.380403][T22295] __d_alloc+0x31/0xaa0 [ 1210.380452][T22295] d_alloc+0x4a/0x1e0 [ 1210.380500][T22295] d_alloc_parallel+0xe3/0x12e0 [ 1210.380534][T22295] ? stack_trace_save+0x8e/0xc0 [ 1210.380593][T22295] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1210.380633][T22295] ? lockdep_init_map_type+0x5c/0x280 [ 1210.380698][T22295] ? lockdep_init_map_type+0x5c/0x280 [ 1210.380754][T22295] __lookup_slow+0x193/0x460 [ 1210.380794][T22295] ? __pfx___lookup_slow+0x10/0x10 [ 1210.380858][T22295] ? lookup_fast+0x156/0x610 [ 1210.380906][T22295] walk_component+0x353/0x5b0 [ 1210.380953][T22295] link_path_walk+0x627/0xe20 [ 1210.381011][T22295] path_openat+0x1b0/0x2cb0 [ 1210.381056][T22295] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1210.381107][T22295] ? __pfx_path_openat+0x10/0x10 [ 1210.381155][T22295] ? __lock_acquire+0xb8a/0x1c90 [ 1210.381207][T22295] do_filp_open+0x20b/0x470 [ 1210.381257][T22295] ? __pfx_do_filp_open+0x10/0x10 [ 1210.381336][T22295] ? alloc_fd+0x471/0x7d0 [ 1210.381391][T22295] do_sys_openat2+0x11b/0x1d0 [ 1210.381429][T22295] ? __pfx_do_sys_openat2+0x10/0x10 [ 1210.381484][T22295] __x64_sys_openat+0x174/0x210 [ 1210.381522][T22295] ? __pfx___x64_sys_openat+0x10/0x10 [ 1210.381592][T22295] do_syscall_64+0xcd/0x490 [ 1210.381646][T22295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1210.381680][T22295] RIP: 0033:0x7f6208b8e929 [ 1210.381707][T22295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1210.381740][T22295] RSP: 002b:00007f62069b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1210.381772][T22295] RAX: ffffffffffffffda RBX: 00007f6208db6160 RCX: 00007f6208b8e929 [ 1210.381794][T22295] RDX: 0000000000048041 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1210.381818][T22295] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1210.381838][T22295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1210.381858][T22295] R13: 0000000000000000 R14: 00007f6208db6160 R15: 00007fff31c03e98 [ 1210.381900][T22295] [ 1210.729847][T14015] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1210.729890][T14015] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 1210.744894][T14015] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1211.405724][T22319] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1216.091938][T22389] FAULT_INJECTION: forcing a failure. [ 1216.091938][T22389] name failslab, interval 1, probability 0, space 0, times 0 [ 1216.239196][T22389] CPU: 0 UID: 0 PID: 22389 Comm: syz.0.3585 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1216.239249][T22389] Tainted: [U]=USER [ 1216.239260][T22389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1216.239279][T22389] Call Trace: [ 1216.239290][T22389] [ 1216.239302][T22389] dump_stack_lvl+0x16c/0x1f0 [ 1216.239353][T22389] should_fail_ex+0x512/0x640 [ 1216.239402][T22389] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1216.239453][T22389] should_failslab+0xc2/0x120 [ 1216.239485][T22389] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1216.239529][T22389] ? d_instantiate+0x77/0x90 [ 1216.239557][T22389] ? alloc_empty_file+0x55/0x1e0 [ 1216.239596][T22389] alloc_empty_file+0x55/0x1e0 [ 1216.239631][T22389] alloc_file_pseudo+0x13a/0x230 [ 1216.239680][T22389] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1216.239712][T22389] ? alloc_fd+0x471/0x7d0 [ 1216.239759][T22389] sock_alloc_file+0x50/0x210 [ 1216.239807][T22389] __sys_socket+0x1c0/0x260 [ 1216.239861][T22389] ? __pfx___sys_socket+0x10/0x10 [ 1216.239909][T22389] ? xfd_validate_state+0x61/0x180 [ 1216.239952][T22389] ? __pfx_do_writev+0x10/0x10 [ 1216.240003][T22389] __x64_sys_socket+0x72/0xb0 [ 1216.240038][T22389] ? lockdep_hardirqs_on+0x7c/0x110 [ 1216.240082][T22389] do_syscall_64+0xcd/0x490 [ 1216.240132][T22389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1216.240164][T22389] RIP: 0033:0x7f849d58e929 [ 1216.240190][T22389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1216.240222][T22389] RSP: 002b:00007f849e3a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1216.240252][T22389] RAX: ffffffffffffffda RBX: 00007f849d7b6080 RCX: 00007f849d58e929 [ 1216.240274][T22389] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000018 [ 1216.240294][T22389] RBP: 00007f849d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1216.240314][T22389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1216.240334][T22389] R13: 0000000000000000 R14: 00007f849d7b6080 R15: 00007ffc7c24c498 [ 1216.240373][T22389] [ 1217.211439][T22408] FAULT_INJECTION: forcing a failure. [ 1217.211439][T22408] name failslab, interval 1, probability 0, space 0, times 0 [ 1217.261167][T22408] CPU: 1 UID: 0 PID: 22408 Comm: syz.2.3590 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1217.261212][T22408] Tainted: [U]=USER [ 1217.261222][T22408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1217.261239][T22408] Call Trace: [ 1217.261248][T22408] [ 1217.261260][T22408] dump_stack_lvl+0x16c/0x1f0 [ 1217.261307][T22408] should_fail_ex+0x512/0x640 [ 1217.261346][T22408] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1217.261387][T22408] should_failslab+0xc2/0x120 [ 1217.261415][T22408] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1217.261451][T22408] ? __lock_acquire+0xb8a/0x1c90 [ 1217.261488][T22408] ? snd_timer_instance_new+0x47/0x2e0 [ 1217.261537][T22408] snd_timer_instance_new+0x47/0x2e0 [ 1217.261583][T22408] snd_seq_timer_open+0x1cc/0x5e0 [ 1217.261623][T22408] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 1217.261664][T22408] ? find_held_lock+0x2b/0x80 [ 1217.261698][T22408] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1217.261734][T22408] ? lockdep_hardirqs_on+0x7c/0x110 [ 1217.261773][T22408] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1217.261821][T22408] queue_use+0xe3/0x250 [ 1217.261853][T22408] snd_seq_queue_alloc+0x2e5/0x550 [ 1217.261892][T22408] snd_seq_ioctl_create_queue+0xa9/0x380 [ 1217.261936][T22408] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 1217.261969][T22408] alloc_seq_queue+0xda/0x180 [ 1217.261994][T22408] ? __pfx_alloc_seq_queue+0x10/0x10 [ 1217.262041][T22408] ? mark_held_locks+0x49/0x80 [ 1217.262077][T22408] ? _raw_spin_unlock_irq+0x23/0x50 [ 1217.262117][T22408] snd_seq_oss_open+0x38c/0xa20 [ 1217.262151][T22408] odev_open+0x6f/0x90 [ 1217.262191][T22408] ? __pfx_odev_open+0x10/0x10 [ 1217.262232][T22408] soundcore_open+0x40c/0x580 [ 1217.262277][T22408] ? __pfx_soundcore_open+0x10/0x10 [ 1217.262319][T22408] chrdev_open+0x231/0x6a0 [ 1217.262360][T22408] ? __pfx_apparmor_file_open+0x10/0x10 [ 1217.262395][T22408] ? __pfx_chrdev_open+0x10/0x10 [ 1217.262441][T22408] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1217.262486][T22408] do_dentry_open+0x744/0x1c10 [ 1217.262527][T22408] ? __pfx_chrdev_open+0x10/0x10 [ 1217.262578][T22408] vfs_open+0x82/0x3f0 [ 1217.262612][T22408] path_openat+0x1de4/0x2cb0 [ 1217.262665][T22408] ? __pfx_path_openat+0x10/0x10 [ 1217.262712][T22408] ? __lock_acquire+0xb8a/0x1c90 [ 1217.262753][T22408] do_filp_open+0x20b/0x470 [ 1217.262795][T22408] ? __pfx_do_filp_open+0x10/0x10 [ 1217.262870][T22408] ? alloc_fd+0x471/0x7d0 [ 1217.262917][T22408] do_sys_openat2+0x11b/0x1d0 [ 1217.262948][T22408] ? __pfx_do_sys_openat2+0x10/0x10 [ 1217.262993][T22408] __x64_sys_openat+0x174/0x210 [ 1217.263025][T22408] ? __pfx___x64_sys_openat+0x10/0x10 [ 1217.263072][T22408] do_syscall_64+0xcd/0x490 [ 1217.263117][T22408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1217.263145][T22408] RIP: 0033:0x7f6208b8e929 [ 1217.263167][T22408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1217.263194][T22408] RSP: 002b:00007f62069d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1217.263220][T22408] RAX: ffffffffffffffda RBX: 00007f6208db6080 RCX: 00007f6208b8e929 [ 1217.263240][T22408] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 1217.263258][T22408] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1217.263276][T22408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1217.263293][T22408] R13: 0000000000000000 R14: 00007f6208db6080 R15: 00007fff31c03e98 [ 1217.263329][T22408] [ 1217.608839][ C1] vkms_vblank_simulate: vblank timer overrun [ 1218.437217][T22428] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 1218.736955][T22429] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3593'. [ 1220.308268][ T60] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1375 with max blocks 6 with error 117 [ 1220.347702][ T60] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1220.347702][ T60] [ 1220.420795][T22431] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1227.244722][T22573] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3623'. [ 1228.106991][T22584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 1228.247298][T22584] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1228.257174][T22584] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1228.266483][T22584] page_type: f5(slab) [ 1228.270533][T22584] raw: 00fff00000000040 ffff88801b842280 dead000000000122 0000000000000000 [ 1228.279780][T22584] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 1228.288791][T22584] head: 00fff00000000040 ffff88801b842280 dead000000000122 0000000000000000 [ 1228.343710][T22584] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 1228.393706][T22584] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 1228.402565][T22584] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1228.411437][T22584] page dumped because: unmovable page [ 1228.417621][T22584] page_owner tracks the page as allocated [ 1228.425059][T22584] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 22414, tgid 22413 (syz.1.3592), ts 1217742503685, free_ts 1217740977155 [ 1228.445437][T22584] post_alloc_hook+0x1c0/0x230 [ 1228.450280][T22584] get_page_from_freelist+0x1321/0x3890 [ 1228.456042][T22584] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1228.462109][T22584] alloc_pages_mpol+0x1fb/0x550 [ 1228.468588][T22584] new_slab+0x23b/0x330 [ 1228.474039][T22584] ___slab_alloc+0xd9c/0x1940 [ 1228.479795][T22584] __slab_alloc.constprop.0+0x56/0xb0 [ 1228.485382][T22584] __kvmalloc_node_noprof+0x3b1/0x620 [ 1228.494235][T22584] proc_sys_call_handler+0x2a6/0x5c0 [ 1228.504450][T22584] copy_splice_read+0x615/0xba0 [ 1228.509889][T22584] do_splice_read+0x285/0x370 [ 1228.514734][T22584] splice_direct_to_actor+0x2a1/0xa30 [ 1228.520147][T22584] do_splice_direct+0x174/0x240 [ 1228.526318][T22584] do_sendfile+0xb06/0xe50 [ 1228.530765][T22584] __x64_sys_sendfile64+0x1d8/0x220 [ 1228.536178][T22584] do_syscall_64+0xcd/0x490 [ 1228.540730][T22584] page last free pid 22414 tgid 22413 stack trace: [ 1228.564443][T22584] __free_frozen_pages+0x7fe/0x1180 [ 1228.571005][T22584] __put_partials+0x16d/0x1c0 [ 1228.605382][T22584] qlist_free_all+0x4d/0x120 [ 1228.610022][T22584] kasan_quarantine_reduce+0x195/0x1e0 [ 1228.636028][T22584] __kasan_slab_alloc+0x69/0x90 [ 1228.640945][T22584] __kmalloc_noprof+0x1d4/0x510 [ 1228.706064][T22584] copy_splice_read+0x1a8/0xba0 [ 1228.723979][T22584] do_splice_read+0x285/0x370 [ 1228.728724][T22584] splice_direct_to_actor+0x2a1/0xa30 [ 1228.734656][T22584] do_splice_direct+0x174/0x240 [ 1228.734880][T22592] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51 [ 1228.749410][T22584] do_sendfile+0xb06/0xe50 [ 1228.753956][T22584] __x64_sys_sendfile64+0x1d8/0x220 [ 1228.759353][T22584] do_syscall_64+0xcd/0x490 [ 1228.785603][T22584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1229.666593][T22595] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52 [ 1230.763238][T22613] FAULT_INJECTION: forcing a failure. [ 1230.763238][T22613] name failslab, interval 1, probability 0, space 0, times 0 [ 1230.782991][T22613] CPU: 0 UID: 0 PID: 22613 Comm: syz.2.3632 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1230.783041][T22613] Tainted: [U]=USER [ 1230.783052][T22613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1230.783070][T22613] Call Trace: [ 1230.783080][T22613] [ 1230.783092][T22613] dump_stack_lvl+0x16c/0x1f0 [ 1230.783141][T22613] should_fail_ex+0x512/0x640 [ 1230.783181][T22613] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1230.783230][T22613] should_failslab+0xc2/0x120 [ 1230.783261][T22613] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1230.783306][T22613] ? find_held_lock+0x2b/0x80 [ 1230.783335][T22613] ? alloc_vfsmnt+0x23/0x730 [ 1230.783369][T22613] alloc_vfsmnt+0x23/0x730 [ 1230.783402][T22613] clone_mnt+0x6d/0xff0 [ 1230.783436][T22613] ? copy_tree+0x50d/0xa20 [ 1230.783476][T22613] ? copy_mnt_ns+0x1ac/0xac0 [ 1230.783528][T22613] copy_tree+0x38d/0xa20 [ 1230.783583][T22613] copy_mnt_ns+0x1ac/0xac0 [ 1230.783627][T22613] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1230.783669][T22613] ? trace_cap_capable+0x18d/0x200 [ 1230.783698][T22613] ? create_new_namespaces+0x30/0xa90 [ 1230.783739][T22613] create_new_namespaces+0xd3/0xa90 [ 1230.783771][T22613] ? bpf_lsm_capable+0x9/0x10 [ 1230.783807][T22613] ? security_capable+0x7e/0x260 [ 1230.783841][T22613] copy_namespaces+0x468/0x560 [ 1230.783877][T22613] copy_process+0x2822/0x7650 [ 1230.783915][T22613] ? preempt_schedule_thunk+0x16/0x30 [ 1230.783970][T22613] ? __pfx_copy_process+0x10/0x10 [ 1230.784009][T22613] ? find_held_lock+0x2b/0x80 [ 1230.784046][T22613] ? wake_up_q+0xb0/0x160 [ 1230.784075][T22613] ? do_raw_spin_unlock+0x172/0x230 [ 1230.784109][T22613] kernel_clone+0xfc/0x960 [ 1230.784150][T22613] ? __pfx_futex_wake+0x10/0x10 [ 1230.784193][T22613] ? __pfx_kernel_clone+0x10/0x10 [ 1230.784230][T22613] ? __pfx_vfs_writev+0x10/0x10 [ 1230.784292][T22613] __do_sys_clone+0xce/0x120 [ 1230.784348][T22613] ? __pfx___do_sys_clone+0x10/0x10 [ 1230.784425][T22613] ? xfd_validate_state+0x61/0x180 [ 1230.784469][T22613] ? __pfx_do_writev+0x10/0x10 [ 1230.784543][T22613] do_syscall_64+0xcd/0x490 [ 1230.784598][T22613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1230.784634][T22613] RIP: 0033:0x7f6208b8e929 [ 1230.784670][T22613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1230.784703][T22613] RSP: 002b:00007f62069f5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1230.784735][T22613] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1230.784756][T22613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1230.784778][T22613] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1230.784798][T22613] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1230.784818][T22613] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1230.784861][T22613] [ 1231.709604][T22627] program syz.2.3637 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1232.380222][T22637] sp0: Synchronizing with TNC [ 1234.123655][T22676] db_root: cannot open: Y [ 1234.560198][T22695] FAULT_INJECTION: forcing a failure. [ 1234.560198][T22695] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1234.590537][T22695] CPU: 0 UID: 0 PID: 22695 Comm: syz.2.3651 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1234.590593][T22695] Tainted: [U]=USER [ 1234.590604][T22695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1234.590627][T22695] Call Trace: [ 1234.590639][T22695] [ 1234.590653][T22695] dump_stack_lvl+0x16c/0x1f0 [ 1234.590709][T22695] should_fail_ex+0x512/0x640 [ 1234.590765][T22695] should_fail_alloc_page+0xe7/0x130 [ 1234.590802][T22695] prepare_alloc_pages+0x3c2/0x610 [ 1234.590849][T22695] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1234.590922][T22695] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1234.590993][T22695] ? __pfx___might_resched+0x10/0x10 [ 1234.591029][T22695] ? rcu_is_watching+0x12/0xc0 [ 1234.591066][T22695] ? lockdep_init_map_type+0x5c/0x280 [ 1234.591114][T22695] ? lockdep_init_map_type+0x5c/0x280 [ 1234.591166][T22695] ? lockdep_init_map_type+0x5c/0x280 [ 1234.591240][T22695] ? ioctx_alloc+0x1679/0x2120 [ 1234.591282][T22695] __alloc_pages_noprof+0xb/0x1b0 [ 1234.591332][T22695] ___kmalloc_large_node+0x84/0x1e0 [ 1234.591378][T22695] ? ioctx_alloc+0x1679/0x2120 [ 1234.591418][T22695] __kmalloc_large_node_noprof+0x1c/0x70 [ 1234.591462][T22695] __kmalloc_noprof.cold+0xc/0x61 [ 1234.591521][T22695] ioctx_alloc+0x1679/0x2120 [ 1234.591583][T22695] ? find_held_lock+0x2b/0x80 [ 1234.591620][T22695] ? __pfx_ioctx_alloc+0x10/0x10 [ 1234.591661][T22695] ? __might_fault+0x13b/0x190 [ 1234.591723][T22695] __x64_sys_io_setup+0xc9/0x210 [ 1234.591771][T22695] do_syscall_64+0xcd/0x490 [ 1234.591836][T22695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1234.591867][T22695] RIP: 0033:0x7f6208b8e929 [ 1234.591891][T22695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1234.591920][T22695] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1234.591949][T22695] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1234.591989][T22695] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1234.592010][T22695] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1234.592031][T22695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1234.592051][T22695] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1234.592094][T22695] [ 1235.739468][T22719] ovs_: entered promiscuous mode [ 1236.740581][T22739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'. [ 1236.928609][T22739] netlink: set zone limit has 8 unknown bytes [ 1239.303321][T22776] Invalid ELF header magic: != ELF [ 1242.585532][T22828] FAULT_INJECTION: forcing a failure. [ 1242.585532][T22828] name failslab, interval 1, probability 0, space 0, times 0 [ 1242.607111][T22828] CPU: 0 UID: 0 PID: 22828 Comm: syz.3.3676 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1242.607160][T22828] Tainted: [U]=USER [ 1242.607169][T22828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1242.607188][T22828] Call Trace: [ 1242.607198][T22828] [ 1242.607210][T22828] dump_stack_lvl+0x16c/0x1f0 [ 1242.607258][T22828] should_fail_ex+0x512/0x640 [ 1242.607300][T22828] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1242.607361][T22828] should_failslab+0xc2/0x120 [ 1242.607391][T22828] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1242.607433][T22828] ? pkcs7_parse_message+0x98/0x720 [ 1242.607494][T22828] pkcs7_parse_message+0x98/0x720 [ 1242.607544][T22828] verify_pkcs7_signature+0x30/0xa0 [ 1242.607582][T22828] valid_regdb+0x215/0x590 [ 1242.607613][T22828] ? __pfx___mutex_lock+0x10/0x10 [ 1242.607663][T22828] ? __pfx_valid_regdb+0x10/0x10 [ 1242.607702][T22828] reg_reload_regdb+0x11e/0x460 [ 1242.607740][T22828] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1242.607777][T22828] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1242.607821][T22828] ? nl80211_pre_doit+0x1b0/0xb10 [ 1242.607872][T22828] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1242.607914][T22828] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1242.607952][T22828] ? rcu_is_watching+0x12/0xc0 [ 1242.607996][T22828] ? bpf_lsm_capable+0x9/0x10 [ 1242.608033][T22828] ? security_capable+0x7e/0x260 [ 1242.608071][T22828] genl_rcv_msg+0x55c/0x800 [ 1242.608111][T22828] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1242.608149][T22828] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1242.608192][T22828] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1242.608225][T22828] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1242.608284][T22828] netlink_rcv_skb+0x158/0x420 [ 1242.608314][T22828] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1242.608353][T22828] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1242.608399][T22828] ? netlink_deliver_tap+0x1ae/0xd30 [ 1242.608463][T22828] genl_rcv+0x28/0x40 [ 1242.608494][T22828] netlink_unicast+0x58a/0x850 [ 1242.608534][T22828] ? __pfx_netlink_unicast+0x10/0x10 [ 1242.608577][T22828] netlink_sendmsg+0x8d1/0xdd0 [ 1242.608614][T22828] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1242.608659][T22828] ____sys_sendmsg+0xa98/0xc70 [ 1242.608694][T22828] ? copy_msghdr_from_user+0x10a/0x160 [ 1242.608738][T22828] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1242.608780][T22828] ? __pfx_futex_wake_mark+0x10/0x10 [ 1242.608829][T22828] ___sys_sendmsg+0x134/0x1d0 [ 1242.608874][T22828] ? __pfx____sys_sendmsg+0x10/0x10 [ 1242.608916][T22828] ? __lock_acquire+0x622/0x1c90 [ 1242.609002][T22828] __sys_sendmsg+0x16d/0x220 [ 1242.609048][T22828] ? __pfx___sys_sendmsg+0x10/0x10 [ 1242.609093][T22828] ? __x64_sys_futex+0x1e0/0x4c0 [ 1242.609157][T22828] do_syscall_64+0xcd/0x490 [ 1242.609206][T22828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1242.609238][T22828] RIP: 0033:0x7f1d0018e929 [ 1242.609263][T22828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1242.609293][T22828] RSP: 002b:00007f1cfdff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1242.609323][T22828] RAX: ffffffffffffffda RBX: 00007f1d003b5fa0 RCX: 00007f1d0018e929 [ 1242.609345][T22828] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 1242.609364][T22828] RBP: 00007f1d00210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1242.609403][T22828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1242.609424][T22828] R13: 0000000000000000 R14: 00007f1d003b5fa0 R15: 00007ffc58e48018 [ 1242.609473][T22828] [ 1243.085476][T22831] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3677'. [ 1243.221547][T22821] FAULT_INJECTION: forcing a failure. [ 1243.221547][T22821] name failslab, interval 1, probability 0, space 0, times 0 [ 1243.234287][T22821] CPU: 0 UID: 0 PID: 22821 Comm: syz.0.3674 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1243.234326][T22821] Tainted: [U]=USER [ 1243.234335][T22821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1243.234350][T22821] Call Trace: [ 1243.234359][T22821] [ 1243.234369][T22821] dump_stack_lvl+0x16c/0x1f0 [ 1243.234410][T22821] should_fail_ex+0x512/0x640 [ 1243.234444][T22821] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1243.234485][T22821] should_failslab+0xc2/0x120 [ 1243.234508][T22821] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1243.234545][T22821] ? getname_flags.part.0+0x4c/0x550 [ 1243.234577][T22821] getname_flags.part.0+0x4c/0x550 [ 1243.234608][T22821] getname_flags+0x93/0xf0 [ 1243.234646][T22821] do_sys_openat2+0xb8/0x1d0 [ 1243.234674][T22821] ? __pfx_do_sys_openat2+0x10/0x10 [ 1243.234700][T22821] ? find_held_lock+0x2b/0x80 [ 1243.234727][T22821] ? handle_mm_fault+0x2ab/0xd10 [ 1243.234765][T22821] __x64_sys_openat+0x174/0x210 [ 1243.234794][T22821] ? __pfx___x64_sys_openat+0x10/0x10 [ 1243.234825][T22821] ? do_user_addr_fault+0x843/0x1370 [ 1243.234867][T22821] do_syscall_64+0xcd/0x490 [ 1243.234908][T22821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1243.234933][T22821] RIP: 0033:0x7f849d58d290 [ 1243.234952][T22821] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 1243.234976][T22821] RSP: 002b:00007f849e3c3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1243.234998][T22821] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f849d58d290 [ 1243.235014][T22821] RDX: 0000000000000002 RSI: 00007f849e3c3fa0 RDI: 00000000ffffff9c [ 1243.235029][T22821] RBP: 00007f849e3c3fa0 R08: 0000000000000000 R09: 00007f849e3c3cd4 [ 1243.235044][T22821] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1243.235059][T22821] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1243.235089][T22821] [ 1243.526226][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1243.532614][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1246.026291][T22891] FAULT_INJECTION: forcing a failure. [ 1246.026291][T22891] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1246.103723][T22891] CPU: 1 UID: 0 PID: 22891 Comm: syz.1.3695 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1246.103781][T22891] Tainted: [U]=USER [ 1246.103793][T22891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1246.103823][T22891] Call Trace: [ 1246.103834][T22891] [ 1246.103847][T22891] dump_stack_lvl+0x16c/0x1f0 [ 1246.103898][T22891] should_fail_ex+0x512/0x640 [ 1246.103938][T22891] should_fail_alloc_page+0xe7/0x130 [ 1246.103964][T22891] prepare_alloc_pages+0x3c2/0x610 [ 1246.103998][T22891] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1246.104042][T22891] ? __lock_acquire+0x622/0x1c90 [ 1246.104079][T22891] ? xas_create+0x1d7/0x1460 [ 1246.104102][T22891] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1246.104161][T22891] ? lock_acquire+0x179/0x350 [ 1246.104205][T22891] ? rcu_is_watching+0x12/0xc0 [ 1246.104236][T22891] ? __lock_acquire+0x622/0x1c90 [ 1246.104264][T22891] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1246.104298][T22891] ? policy_nodemask+0xea/0x4e0 [ 1246.104320][T22891] alloc_pages_mpol+0x1fb/0x550 [ 1246.104342][T22891] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1246.104364][T22891] ? filemap_get_entry+0x1a7/0x3b0 [ 1246.104388][T22891] folio_alloc_noprof+0x20/0x2d0 [ 1246.104412][T22891] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1246.104442][T22891] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1246.104470][T22891] ? rcu_is_watching+0x12/0xc0 [ 1246.104496][T22891] __filemap_get_folio+0x5e1/0xc30 [ 1246.104522][T22891] ioctx_alloc+0x761/0x2120 [ 1246.104560][T22891] ? __pfx_ioctx_alloc+0x10/0x10 [ 1246.104585][T22891] ? __might_fault+0x13b/0x190 [ 1246.104622][T22891] __x64_sys_io_setup+0xc9/0x210 [ 1246.104657][T22891] do_syscall_64+0xcd/0x490 [ 1246.104708][T22891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1246.104729][T22891] RIP: 0033:0x7f7d6b18e929 [ 1246.104745][T22891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1246.104767][T22891] RSP: 002b:00007f7d6c044038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1246.104786][T22891] RAX: ffffffffffffffda RBX: 00007f7d6b3b5fa0 RCX: 00007f7d6b18e929 [ 1246.104799][T22891] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1246.104812][T22891] RBP: 00007f7d6b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1246.104825][T22891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1246.104837][T22891] R13: 0000000000000000 R14: 00007f7d6b3b5fa0 R15: 00007ffd008239e8 [ 1246.104863][T22891] [ 1248.905416][T22940] FAULT_INJECTION: forcing a failure. [ 1248.905416][T22940] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1248.919887][T22940] CPU: 0 UID: 0 PID: 22940 Comm: syz.2.3705 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1248.919940][T22940] Tainted: [U]=USER [ 1248.919952][T22940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1248.919971][T22940] Call Trace: [ 1248.919981][T22940] [ 1248.919994][T22940] dump_stack_lvl+0x16c/0x1f0 [ 1248.920046][T22940] should_fail_ex+0x512/0x640 [ 1248.920098][T22940] should_fail_alloc_page+0xe7/0x130 [ 1248.920132][T22940] prepare_alloc_pages+0x3c2/0x610 [ 1248.920176][T22940] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1248.920233][T22940] ? __lock_acquire+0x622/0x1c90 [ 1248.920280][T22940] ? xas_create+0x1d7/0x1460 [ 1248.920310][T22940] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1248.920363][T22940] ? lock_acquire+0x179/0x350 [ 1248.920405][T22940] ? rcu_is_watching+0x12/0xc0 [ 1248.920450][T22940] ? __lock_acquire+0x622/0x1c90 [ 1248.920489][T22940] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1248.920545][T22940] ? policy_nodemask+0xea/0x4e0 [ 1248.920578][T22940] alloc_pages_mpol+0x1fb/0x550 [ 1248.920610][T22940] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1248.920643][T22940] ? filemap_get_entry+0x1a7/0x3b0 [ 1248.920679][T22940] folio_alloc_noprof+0x20/0x2d0 [ 1248.920715][T22940] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1248.920759][T22940] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1248.920801][T22940] ? rcu_is_watching+0x12/0xc0 [ 1248.920840][T22940] __filemap_get_folio+0x5e1/0xc30 [ 1248.920911][T22940] ioctx_alloc+0x761/0x2120 [ 1248.920970][T22940] ? __pfx_ioctx_alloc+0x10/0x10 [ 1248.921026][T22940] ? __might_fault+0x13b/0x190 [ 1248.921105][T22940] __x64_sys_io_setup+0xc9/0x210 [ 1248.921204][T22940] do_syscall_64+0xcd/0x490 [ 1248.921264][T22940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1248.921300][T22940] RIP: 0033:0x7f6208b8e929 [ 1248.921328][T22940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1248.921364][T22940] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1248.921409][T22940] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1248.921433][T22940] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1248.921455][T22940] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1248.921477][T22940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1248.921498][T22940] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1248.921541][T22940] [ 1250.711055][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1358 with max blocks 17 with error 117 [ 1250.752469][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1250.752469][ T36] [ 1255.246639][T23058] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1255.265533][T23058] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1255.283648][T23058] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1255.300800][T23058] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1255.345130][T23068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 1255.380160][T23068] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1255.420806][T23068] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1255.428441][T23068] page_type: f5(slab) [ 1255.460877][T23068] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 1255.475865][T23068] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 1255.485739][T23068] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 1255.504454][T23068] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 1255.516404][T23068] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 1255.538103][T23068] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1255.557297][T23068] page dumped because: unmovable page [ 1255.600056][T23068] page_owner tracks the page as allocated [ 1255.630890][T23068] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 49, tgid 49 (kworker/u8:3), ts 1251755211607, free_ts 1251430130761 [ 1255.727795][T23068] post_alloc_hook+0x1c0/0x230 [ 1255.784329][T23068] get_page_from_freelist+0x1321/0x3890 [ 1255.797217][T23068] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1255.806069][T23068] alloc_pages_mpol+0x1fb/0x550 [ 1255.812152][T23068] new_slab+0x23b/0x330 [ 1255.816533][T23068] ___slab_alloc+0xd9c/0x1940 [ 1255.821704][T23068] __slab_alloc.constprop.0+0x56/0xb0 [ 1255.858163][T23068] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 1255.887437][T23068] kmalloc_reserve+0xef/0x2c0 [ 1255.909894][T23068] __alloc_skb+0x166/0x380 [ 1255.914422][T23068] nsim_dev_trap_report_work+0x2b1/0xcf0 [ 1255.961100][T23068] process_one_work+0x9cf/0x1b70 [ 1256.024408][T23068] worker_thread+0x6c8/0xf10 [ 1256.037900][T23068] kthread+0x3c2/0x780 [ 1256.064157][T23068] ret_from_fork+0x5d7/0x6f0 [ 1256.089127][T23068] ret_from_fork_asm+0x1a/0x30 [ 1256.112225][T23068] page last free pid 22990 tgid 22990 stack trace: [ 1256.145162][T23068] __free_frozen_pages+0x7fe/0x1180 [ 1256.168398][T23068] __put_partials+0x16d/0x1c0 [ 1256.200569][T23068] qlist_free_all+0x4d/0x120 [ 1256.221037][T23068] kasan_quarantine_reduce+0x195/0x1e0 [ 1256.265222][T23068] __kasan_slab_alloc+0x69/0x90 [ 1256.297376][T23068] __kmalloc_noprof+0x1d4/0x510 [ 1256.308787][T23068] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1256.314901][T23068] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1256.330439][T23068] tomoyo_file_open+0x6b/0x90 [ 1256.335236][T23068] security_file_open+0x84/0x1e0 [ 1256.340306][T23068] do_dentry_open+0x596/0x1c10 [ 1256.345158][T23068] vfs_open+0x82/0x3f0 [ 1256.349298][T23068] path_openat+0x1de4/0x2cb0 [ 1256.354103][T23068] do_filp_open+0x20b/0x470 [ 1256.358686][T23068] do_sys_openat2+0x11b/0x1d0 [ 1256.364391][T23068] __x64_sys_openat+0x174/0x210 [ 1257.090214][T14015] Bluetooth: hci4: command 0x0406 tx timeout [ 1257.167548][T23093] cougar: G6 mapped to space [ 1257.336359][T14015] Bluetooth: hci2: command 0x0406 tx timeout [ 1257.345607][T14015] Bluetooth: hci3: command 0x0406 tx timeout [ 1257.350541][ T5856] Bluetooth: hci1: command 0x0406 tx timeout [ 1257.423720][T23105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3736'. [ 1257.587189][T23104] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3735'. [ 1259.972556][T23150] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3746'. [ 1261.000227][T23183] netlink: 'syz.1.3755': attribute type 11 has an invalid length. [ 1261.150389][T23187] FAULT_INJECTION: forcing a failure. [ 1261.150389][T23187] name failslab, interval 1, probability 0, space 0, times 0 [ 1261.163419][T23187] CPU: 1 UID: 0 PID: 23187 Comm: syz.0.3756 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1261.163468][T23187] Tainted: [U]=USER [ 1261.163478][T23187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1261.163496][T23187] Call Trace: [ 1261.163508][T23187] [ 1261.163520][T23187] dump_stack_lvl+0x16c/0x1f0 [ 1261.163568][T23187] should_fail_ex+0x512/0x640 [ 1261.163615][T23187] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1261.163660][T23187] should_failslab+0xc2/0x120 [ 1261.163689][T23187] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1261.163729][T23187] ? percpu_ref_init+0xec/0x410 [ 1261.163769][T23187] ? __pfx_free_ioctx_reqs+0x10/0x10 [ 1261.163805][T23187] percpu_ref_init+0xec/0x410 [ 1261.163839][T23187] ? __init_waitqueue_head+0xca/0x150 [ 1261.163873][T23187] ioctx_alloc+0x3bc/0x2120 [ 1261.163925][T23187] ? find_held_lock+0x2b/0x80 [ 1261.163974][T23187] ? __pfx_ioctx_alloc+0x10/0x10 [ 1261.164012][T23187] ? __might_fault+0x13b/0x190 [ 1261.164063][T23187] __x64_sys_io_setup+0xc9/0x210 [ 1261.164105][T23187] do_syscall_64+0xcd/0x490 [ 1261.164154][T23187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1261.164183][T23187] RIP: 0033:0x7f849d58e929 [ 1261.164208][T23187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1261.164239][T23187] RSP: 002b:00007f849e3c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1261.164268][T23187] RAX: ffffffffffffffda RBX: 00007f849d7b5fa0 RCX: 00007f849d58e929 [ 1261.164288][T23187] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1261.164307][T23187] RBP: 00007f849d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1261.164326][T23187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1261.164345][T23187] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1261.164383][T23187] [ 1261.440358][T23192] FAULT_INJECTION: forcing a failure. [ 1261.440358][T23192] name failslab, interval 1, probability 0, space 0, times 0 [ 1261.453078][T23192] CPU: 0 UID: 0 PID: 23192 Comm: syz.0.3758 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1261.453135][T23192] Tainted: [U]=USER [ 1261.453142][T23192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1261.453155][T23192] Call Trace: [ 1261.453162][T23192] [ 1261.453170][T23192] dump_stack_lvl+0x16c/0x1f0 [ 1261.453206][T23192] should_fail_ex+0x512/0x640 [ 1261.453237][T23192] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1261.453272][T23192] should_failslab+0xc2/0x120 [ 1261.453292][T23192] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1261.453325][T23192] ? alloc_empty_file+0x55/0x1e0 [ 1261.453351][T23192] alloc_empty_file+0x55/0x1e0 [ 1261.453375][T23192] path_openat+0xda/0x2cb0 [ 1261.453404][T23192] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1261.453435][T23192] ? __pfx_path_openat+0x10/0x10 [ 1261.453486][T23192] ? __lock_acquire+0xb8a/0x1c90 [ 1261.453521][T23192] do_filp_open+0x20b/0x470 [ 1261.453562][T23192] ? __pfx_do_filp_open+0x10/0x10 [ 1261.453638][T23192] ? alloc_fd+0x471/0x7d0 [ 1261.453694][T23192] do_sys_openat2+0x11b/0x1d0 [ 1261.453720][T23192] ? __pfx_do_sys_openat2+0x10/0x10 [ 1261.453757][T23192] __x64_sys_openat+0x174/0x210 [ 1261.453795][T23192] ? __pfx___x64_sys_openat+0x10/0x10 [ 1261.453831][T23192] do_syscall_64+0xcd/0x490 [ 1261.453864][T23192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1261.453886][T23192] RIP: 0033:0x7f849d58d290 [ 1261.453902][T23192] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 1261.453925][T23192] RSP: 002b:00007f849e3c3fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1261.453944][T23192] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f849d58d290 [ 1261.453958][T23192] RDX: 0000000000000002 RSI: 00007f849d610e1e RDI: 00000000ffffff9c [ 1261.453971][T23192] RBP: 00007f849d610e1e R08: 0000000000000000 R09: 00007f849e3c5000 [ 1261.453985][T23192] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1261.453997][T23192] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1261.454023][T23192] [ 1262.005271][T23201] FAULT_INJECTION: forcing a failure. [ 1262.005271][T23201] name failslab, interval 1, probability 0, space 0, times 0 [ 1262.029096][T23201] CPU: 1 UID: 0 PID: 23201 Comm: syz.0.3760 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1262.029150][T23201] Tainted: [U]=USER [ 1262.029161][T23201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1262.029180][T23201] Call Trace: [ 1262.029191][T23201] [ 1262.029204][T23201] dump_stack_lvl+0x16c/0x1f0 [ 1262.029267][T23201] should_fail_ex+0x512/0x640 [ 1262.029307][T23201] ? fs_reclaim_acquire+0xae/0x150 [ 1262.029344][T23201] should_failslab+0xc2/0x120 [ 1262.029373][T23201] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1262.029419][T23201] ? security_inode_alloc+0x3b/0x2b0 [ 1262.029457][T23201] security_inode_alloc+0x3b/0x2b0 [ 1262.029490][T23201] inode_init_always_gfp+0xce4/0x1030 [ 1262.029537][T23201] alloc_inode+0x86/0x240 [ 1262.029568][T23201] sock_alloc+0x40/0x280 [ 1262.029596][T23201] __sock_create+0xc1/0x8d0 [ 1262.029636][T23201] __sys_socket+0x14d/0x260 [ 1262.029671][T23201] ? __pfx___sys_socket+0x10/0x10 [ 1262.029707][T23201] ? do_user_addr_fault+0x843/0x1370 [ 1262.029757][T23201] __x64_sys_socket+0x72/0xb0 [ 1262.029789][T23201] ? lockdep_hardirqs_on+0x7c/0x110 [ 1262.029828][T23201] do_syscall_64+0xcd/0x490 [ 1262.029880][T23201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1262.029910][T23201] RIP: 0033:0x7f849d590847 [ 1262.029934][T23201] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1262.029964][T23201] RSP: 002b:00007f849e3c2fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 1262.029992][T23201] RAX: ffffffffffffffda RBX: 00007f849d7b5fa0 RCX: 00007f849d590847 [ 1262.030011][T23201] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1262.030029][T23201] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 1262.030047][T23201] R10: 0000200000000080 R11: 0000000000000286 R12: 0000000000000000 [ 1262.030066][T23201] R13: 0000000000000000 R14: 00007f849d7b5fa0 R15: 00007ffc7c24c498 [ 1262.030102][T23201] [ 1262.030134][T23201] socket: no more sockets [ 1263.719607][T23232] random: crng reseeded on system resumption [ 1263.888216][T23235] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3767'. [ 1263.939191][T23236] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3767'. [ 1264.565779][T23246] netlink: 280 bytes leftover after parsing attributes in process `syz.3.3768'. [ 1264.754980][T23252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3771'. [ 1266.191594][T23296] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3778'. [ 1268.494274][T23326] FAULT_INJECTION: forcing a failure. [ 1268.494274][T23326] name failslab, interval 1, probability 0, space 0, times 0 [ 1268.564407][T23326] CPU: 0 UID: 0 PID: 23326 Comm: syz.1.3786 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1268.564444][T23326] Tainted: [U]=USER [ 1268.564452][T23326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1268.564464][T23326] Call Trace: [ 1268.564472][T23326] [ 1268.564481][T23326] dump_stack_lvl+0x16c/0x1f0 [ 1268.564518][T23326] should_fail_ex+0x512/0x640 [ 1268.564553][T23326] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1268.564590][T23326] should_failslab+0xc2/0x120 [ 1268.564612][T23326] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1268.564644][T23326] ? __proc_create+0xc3/0x8c0 [ 1268.564679][T23326] ? __proc_create+0x2ce/0x8c0 [ 1268.564717][T23326] __proc_create+0x2ce/0x8c0 [ 1268.564752][T23326] ? __pfx___proc_create+0x10/0x10 [ 1268.564791][T23326] ? _raw_write_unlock+0x28/0x50 [ 1268.564821][T23326] ? proc_register+0x314/0x5f0 [ 1268.564843][T23326] proc_create_reg+0x7d/0x180 [ 1268.564864][T23326] ? __pfx_snmp_seq_show+0x10/0x10 [ 1268.564894][T23326] proc_create_net_single+0x86/0x170 [ 1268.564917][T23326] ? __pfx_proc_create_net_single+0x10/0x10 [ 1268.564939][T23326] ? __pfx_proc_create_net_data+0x10/0x10 [ 1268.564985][T23326] ? __pfx_ip_proc_init_net+0x10/0x10 [ 1268.565025][T23326] ip_proc_init_net+0xe8/0x1a0 [ 1268.565057][T23326] ops_init+0x1df/0x5f0 [ 1268.565099][T23326] setup_net+0x1ff/0x510 [ 1268.565135][T23326] ? lockdep_init_map_type+0x5c/0x280 [ 1268.565171][T23326] ? __pfx_setup_net+0x10/0x10 [ 1268.565212][T23326] ? debug_mutex_init+0x37/0x70 [ 1268.565240][T23326] copy_net_ns+0x2a6/0x5f0 [ 1268.565267][T23326] create_new_namespaces+0x3ea/0xa90 [ 1268.565302][T23326] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1268.565333][T23326] ksys_unshare+0x45b/0xa40 [ 1268.565367][T23326] ? __pfx_ksys_unshare+0x10/0x10 [ 1268.565401][T23326] ? xfd_validate_state+0x61/0x180 [ 1268.565443][T23326] __x64_sys_unshare+0x31/0x40 [ 1268.565477][T23326] do_syscall_64+0xcd/0x490 [ 1268.565515][T23326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1268.565540][T23326] RIP: 0033:0x7f7d6b18e929 [ 1268.565559][T23326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1268.565582][T23326] RSP: 002b:00007f7d6c044038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1268.565604][T23326] RAX: ffffffffffffffda RBX: 00007f7d6b3b5fa0 RCX: 00007f7d6b18e929 [ 1268.565621][T23326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1268.565635][T23326] RBP: 00007f7d6b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1268.565650][T23326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1268.565664][T23326] R13: 0000000000000000 R14: 00007f7d6b3b5fa0 R15: 00007ffd008239e8 [ 1268.565695][T23326] [ 1269.064805][T23327] FAULT_INJECTION: forcing a failure. [ 1269.064805][T23327] name failslab, interval 1, probability 0, space 0, times 0 [ 1269.081794][T23327] CPU: 1 UID: 0 PID: 23327 Comm: syz.2.3785 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1269.081852][T23327] Tainted: [U]=USER [ 1269.081866][T23327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1269.081887][T23327] Call Trace: [ 1269.081900][T23327] [ 1269.081913][T23327] dump_stack_lvl+0x16c/0x1f0 [ 1269.081969][T23327] should_fail_ex+0x512/0x640 [ 1269.082032][T23327] ? fs_reclaim_acquire+0xae/0x150 [ 1269.082086][T23327] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1269.082130][T23327] should_failslab+0xc2/0x120 [ 1269.082161][T23327] __kmalloc_noprof+0xd2/0x510 [ 1269.082218][T23327] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1269.082282][T23327] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1269.082323][T23327] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1269.082362][T23327] ? proc_sys_lookup+0x2ee/0x410 [ 1269.082448][T23327] ? find_held_lock+0x2b/0x80 [ 1269.082492][T23327] tomoyo_file_open+0x6b/0x90 [ 1269.082544][T23327] security_file_open+0x84/0x1e0 [ 1269.082586][T23327] do_dentry_open+0x596/0x1c10 [ 1269.082644][T23327] vfs_open+0x82/0x3f0 [ 1269.082683][T23327] path_openat+0x1de4/0x2cb0 [ 1269.082779][T23327] ? __pfx_path_openat+0x10/0x10 [ 1269.082831][T23327] ? __lock_acquire+0xb8a/0x1c90 [ 1269.082885][T23327] do_filp_open+0x20b/0x470 [ 1269.082935][T23327] ? __pfx_do_filp_open+0x10/0x10 [ 1269.083025][T23327] ? alloc_fd+0x471/0x7d0 [ 1269.083087][T23327] do_sys_openat2+0x11b/0x1d0 [ 1269.083126][T23327] ? __pfx_do_sys_openat2+0x10/0x10 [ 1269.083185][T23327] __x64_sys_openat+0x174/0x210 [ 1269.083226][T23327] ? __pfx___x64_sys_openat+0x10/0x10 [ 1269.083294][T23327] do_syscall_64+0xcd/0x490 [ 1269.083359][T23327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1269.083395][T23327] RIP: 0033:0x7f6208b8e929 [ 1269.083423][T23327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1269.083459][T23327] RSP: 002b:00007f62069d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1269.083492][T23327] RAX: ffffffffffffffda RBX: 00007f6208db6080 RCX: 00007f6208b8e929 [ 1269.083517][T23327] RDX: 0000000000040001 RSI: 0000200000000300 RDI: ffffffffffffff9c [ 1269.083539][T23327] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1269.083561][T23327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1269.083581][T23327] R13: 0000000000000000 R14: 00007f6208db6080 R15: 00007fff31c03e98 [ 1269.083624][T23327] [ 1269.486765][T23327] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1270.688405][T23375] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 1272.136409][T23379] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55 [ 1275.002499][T23408] FAULT_INJECTION: forcing a failure. [ 1275.002499][T23408] name failslab, interval 1, probability 0, space 0, times 0 [ 1275.020390][T23408] CPU: 1 UID: 0 PID: 23408 Comm: syz.2.3800 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1275.020447][T23408] Tainted: [U]=USER [ 1275.020460][T23408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1275.020481][T23408] Call Trace: [ 1275.020493][T23408] [ 1275.020507][T23408] dump_stack_lvl+0x16c/0x1f0 [ 1275.020565][T23408] should_fail_ex+0x512/0x640 [ 1275.020614][T23408] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1275.020679][T23408] should_failslab+0xc2/0x120 [ 1275.020713][T23408] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1275.020765][T23408] ? d_instantiate+0x77/0x90 [ 1275.020793][T23408] ? alloc_empty_file+0x55/0x1e0 [ 1275.020835][T23408] alloc_empty_file+0x55/0x1e0 [ 1275.020874][T23408] alloc_file_pseudo+0x13a/0x230 [ 1275.020913][T23408] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1275.020963][T23408] ioctx_alloc+0x5ab/0x2120 [ 1275.021025][T23408] ? find_held_lock+0x2b/0x80 [ 1275.021061][T23408] ? __pfx_ioctx_alloc+0x10/0x10 [ 1275.021102][T23408] ? __might_fault+0x13b/0x190 [ 1275.021163][T23408] __x64_sys_io_setup+0xc9/0x210 [ 1275.021211][T23408] do_syscall_64+0xcd/0x490 [ 1275.021268][T23408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1275.021303][T23408] RIP: 0033:0x7f6208b8e929 [ 1275.021331][T23408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1275.021366][T23408] RSP: 002b:00007f62069f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1275.021398][T23408] RAX: ffffffffffffffda RBX: 00007f6208db5fa0 RCX: 00007f6208b8e929 [ 1275.021433][T23408] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1275.021454][T23408] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1275.021473][T23408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1275.021503][T23408] R13: 0000000000000000 R14: 00007f6208db5fa0 R15: 00007fff31c03e98 [ 1275.021541][T23408] [ 1275.861349][T23424] tipc: Started in network mode [ 1275.899979][T23424] tipc: Node identity ee00, cluster identity 4711 [ 1275.907796][T23424] tipc: Node number set to 60928 [ 1281.038881][T23516] ubi0: attaching mtd0 [ 1281.112165][T23516] ubi0: scanning is finished [ 1281.116896][T23516] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1281.503012][T23516] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1281.737366][T17734] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1365 with max blocks 16 with error 117 [ 1281.796968][T17734] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1281.796968][T17734] [ 1283.455822][T23571] ubi0: attaching mtd0 [ 1283.463489][T23571] ubi0: scanning is finished [ 1283.468632][T23571] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1283.827180][T23571] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1284.479026][ T5856] Bluetooth: hci1: unexpected event 0x03 length: 17 > 11 [ 1284.595347][T23597] GUP no longer grows the stack in syz.3.3834 (23597): 1000-401000 (0) [ 1284.624901][T23597] CPU: 0 UID: 0 PID: 23597 Comm: syz.3.3834 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1284.624953][T23597] Tainted: [U]=USER [ 1284.624981][T23597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1284.625002][T23597] Call Trace: [ 1284.625014][T23597] [ 1284.625027][T23597] dump_stack_lvl+0x16c/0x1f0 [ 1284.625082][T23597] gup_vma_lookup+0x1d2/0x220 [ 1284.625123][T23597] fixup_user_fault+0x26f/0x540 [ 1284.625162][T23597] ? futex_wake_op+0x944/0xd50 [ 1284.625217][T23597] fault_in_user_writeable+0x70/0xe0 [ 1284.625259][T23597] futex_wake_op+0x970/0xd50 [ 1284.625321][T23597] ? __pfx_futex_wake_op+0x10/0x10 [ 1284.625405][T23597] do_futex+0x2e9/0x350 [ 1284.625450][T23597] ? __pfx_do_futex+0x10/0x10 [ 1284.625500][T23597] ? find_held_lock+0x2b/0x80 [ 1284.625540][T23597] ? handle_mm_fault+0x2ab/0xd10 [ 1284.625591][T23597] __x64_sys_futex+0x1e0/0x4c0 [ 1284.625637][T23597] ? exc_page_fault+0x5c/0xb0 [ 1284.625685][T23597] ? __pfx___x64_sys_futex+0x10/0x10 [ 1284.625745][T23597] do_syscall_64+0xcd/0x490 [ 1284.625801][T23597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1284.625836][T23597] RIP: 0033:0x7f1d0018e929 [ 1284.625864][T23597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1284.625898][T23597] RSP: 002b:00007f1cfdfb4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1284.625929][T23597] RAX: ffffffffffffffda RBX: 00007f1d003b6160 RCX: 00007f1d0018e929 [ 1284.625952][T23597] RDX: 0000000000000002 RSI: 0000000000000085 RDI: 0000000000000000 [ 1284.625974][T23597] RBP: 00007f1d00210b39 R08: 0000000000000000 R09: 0000000000000001 [ 1284.625997][T23597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1284.626018][T23597] R13: 0000000000000001 R14: 00007f1d003b6160 R15: 00007ffc58e48018 [ 1284.626063][T23597] [ 1284.830812][T23596] tipc: Started in network mode [ 1284.845338][T23596] tipc: Node identity ee00, cluster identity 4711 [ 1284.851823][T23596] tipc: Node number set to 60928 [ 1285.262294][ T5856] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 1286.028157][T23622] random: crng reseeded on system resumption [ 1286.368698][T23633] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56 [ 1286.729840][T23636] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57 [ 1287.008686][T23647] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input58 [ 1288.113018][T23666] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3849'. [ 1288.203867][T23666] veth0_macvtap: left promiscuous mode [ 1288.243903][T23666] macvtap0: entered promiscuous mode [ 1288.256241][T23666] macvtap0: entered allmulticast mode [ 1288.795811][T23681] random: crng reseeded on system resumption [ 1289.496281][T23693] nbd: must specify a size in bytes for the device [ 1290.297135][T23707] random: crng reseeded on system resumption [ 1290.705218][T23715] FAULT_INJECTION: forcing a failure. [ 1290.705218][T23715] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.718520][T23715] CPU: 1 UID: 0 PID: 23715 Comm: syz.0.3859 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1290.718573][T23715] Tainted: [U]=USER [ 1290.718584][T23715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1290.718605][T23715] Call Trace: [ 1290.718616][T23715] [ 1290.718629][T23715] dump_stack_lvl+0x16c/0x1f0 [ 1290.718681][T23715] should_fail_ex+0x512/0x640 [ 1290.718725][T23715] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1290.718772][T23715] should_failslab+0xc2/0x120 [ 1290.718824][T23715] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1290.718886][T23715] ? snd_seq_port_connect+0x61/0x550 [ 1290.718946][T23715] snd_seq_port_connect+0x61/0x550 [ 1290.718999][T23715] ? _raw_read_unlock+0x28/0x50 [ 1290.719045][T23715] ? check_subscription_permission.isra.0+0xf5/0x240 [ 1290.719109][T23715] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 1290.719150][T23715] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 1290.719212][T23715] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 1290.719252][T23715] snd_seq_oss_midi_open+0x564/0x660 [ 1290.719295][T23715] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 1290.719351][T23715] ? rcu_is_watching+0x12/0xc0 [ 1290.719386][T23715] ? trace_contention_end+0xdd/0x130 [ 1290.719440][T23715] snd_seq_oss_synth_reset+0x437/0x880 [ 1290.719485][T23715] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 1290.719530][T23715] ? __pfx___fsnotify_parent+0x10/0x10 [ 1290.719583][T23715] snd_seq_oss_reset+0x73/0x290 [ 1290.719616][T23715] ? __pfx_odev_release+0x10/0x10 [ 1290.719665][T23715] snd_seq_oss_release+0x7c/0x180 [ 1290.719698][T23715] odev_release+0x4c/0x70 [ 1290.719741][T23715] __fput+0x3ff/0xb70 [ 1290.719785][T23715] task_work_run+0x150/0x240 [ 1290.719840][T23715] ? __pfx_task_work_run+0x10/0x10 [ 1290.719893][T23715] ? __pfx___do_sys_close_range+0x10/0x10 [ 1290.719939][T23715] ? syscall_user_dispatch+0x78/0x140 [ 1290.719978][T23715] exit_to_user_mode_loop+0xeb/0x110 [ 1290.720033][T23715] do_syscall_64+0x3f6/0x490 [ 1290.720097][T23715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1290.720131][T23715] RIP: 0033:0x7f849d58e929 [ 1290.720157][T23715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1290.720201][T23715] RSP: 002b:00007f849e3a3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1290.720232][T23715] RAX: 0000000000000000 RBX: 00007f849d7b6080 RCX: 00007f849d58e929 [ 1290.720253][T23715] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 1290.720274][T23715] RBP: 00007f849d610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1290.720306][T23715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1290.720325][T23715] R13: 0000000000000000 R14: 00007f849d7b6080 R15: 00007ffc7c24c498 [ 1290.720365][T23715] [ 1294.944606][T23773] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3868'. [ 1295.121448][T23774] FAULT_INJECTION: forcing a failure. [ 1295.121448][T23774] name failslab, interval 1, probability 0, space 0, times 0 [ 1295.173207][T23774] CPU: 0 UID: 0 PID: 23774 Comm: syz.2.3868 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1295.173258][T23774] Tainted: [U]=USER [ 1295.173268][T23774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1295.173287][T23774] Call Trace: [ 1295.173297][T23774] [ 1295.173310][T23774] dump_stack_lvl+0x16c/0x1f0 [ 1295.173359][T23774] should_fail_ex+0x512/0x640 [ 1295.173403][T23774] ? __kmalloc_noprof+0xbf/0x510 [ 1295.173451][T23774] ? lsm_blob_alloc+0x68/0x90 [ 1295.173513][T23774] should_failslab+0xc2/0x120 [ 1295.173545][T23774] __kmalloc_noprof+0xd2/0x510 [ 1295.173603][T23774] lsm_blob_alloc+0x68/0x90 [ 1295.173652][T23774] security_sk_alloc+0x30/0x270 [ 1295.173688][T23774] sk_prot_alloc+0x1c7/0x2a0 [ 1295.173724][T23774] sk_alloc+0x36/0xc20 [ 1295.173770][T23774] __netlink_create+0x5e/0x2c0 [ 1295.173829][T23774] __netlink_kernel_create+0xed/0x750 [ 1295.173863][T23774] ? __lock_acquire+0x622/0x1c90 [ 1295.173907][T23774] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1295.173949][T23774] ? __pfx_diag_net_init+0x10/0x10 [ 1295.173989][T23774] diag_net_init+0xbd/0x140 [ 1295.174029][T23774] ? __pfx_diag_net_init+0x10/0x10 [ 1295.174069][T23774] ? find_held_lock+0x2b/0x80 [ 1295.174099][T23774] ? __pfx_sock_diag_rcv+0x10/0x10 [ 1295.174138][T23774] ? __pfx_sock_diag_bind+0x10/0x10 [ 1295.174181][T23774] ? __raw_spin_lock_init+0x3a/0x110 [ 1295.174232][T23774] ? __pfx_cma_init_net+0x10/0x10 [ 1295.174278][T23774] ops_init+0x1df/0x5f0 [ 1295.174330][T23774] setup_net+0x1ff/0x510 [ 1295.174397][T23774] ? lockdep_init_map_type+0x5c/0x280 [ 1295.174445][T23774] ? __pfx_setup_net+0x10/0x10 [ 1295.174501][T23774] ? debug_mutex_init+0x37/0x70 [ 1295.174540][T23774] copy_net_ns+0x2a6/0x5f0 [ 1295.174579][T23774] create_new_namespaces+0x3ea/0xa90 [ 1295.174627][T23774] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1295.174671][T23774] ksys_unshare+0x45b/0xa40 [ 1295.174719][T23774] ? __pfx_ksys_unshare+0x10/0x10 [ 1295.174767][T23774] ? xfd_validate_state+0x61/0x180 [ 1295.174834][T23774] __x64_sys_unshare+0x31/0x40 [ 1295.174880][T23774] do_syscall_64+0xcd/0x490 [ 1295.174935][T23774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1295.174969][T23774] RIP: 0033:0x7f6208b8e929 [ 1295.174995][T23774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1295.175048][T23774] RSP: 002b:00007f62069d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1295.175081][T23774] RAX: ffffffffffffffda RBX: 00007f6208db6080 RCX: 00007f6208b8e929 [ 1295.175105][T23774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1295.175126][T23774] RBP: 00007f6208c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1295.175147][T23774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1295.175166][T23774] R13: 0000000000000000 R14: 00007f6208db6080 R15: 00007fff31c03e98 [ 1295.175210][T23774] [ 1295.698478][T23782] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3871'. [ 1296.124575][T23786] [U] [ 1296.127803][T23786] [U] [ 1296.130566][T23786] [U] [ 1296.133317][T23786] [U] [ 1296.185904][T23786] [U] [ 1296.188697][T23786] [U] [ 1296.191458][T23786] [U] [ 1296.194281][T23786] [U] [ 1296.247033][T23786] [U] [ 1296.249795][T23786] [U] [ 1296.252517][T23786] [U] [ 1296.255253][T23786] [U] [ 1296.314937][T23786] [U] [ 1296.317720][T23786] [U] [ 1296.320433][T23786] [U] [ 1296.323141][T23786] [U] [ 1296.431745][T23786] [U] [ 1296.434527][T23786] [U] [ 1296.437261][T23786] [U] [ 1296.439991][T23786] [U] [ 1296.483017][T23786] [U] [ 1296.485818][T23786] [U] [ 1296.488598][T23786] [U] [ 1296.491350][T23786] [U] [ 1296.534292][T23786] [U] [ 1296.537275][T23786] [U] [ 1296.540055][T23786] [U] [ 1296.542818][T23786] [U] [ 1296.820393][T23786] [U] [ 1297.024573][T23802] netlink: 'syz.3.3876': attribute type 2 has an invalid length. [ 1298.560789][T23844] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3888'. [ 1304.148431][T23963] [ 1304.150826][T23963] ====================================================== [ 1304.157882][T23963] WARNING: possible circular locking dependency detected [ 1304.164953][T23963] 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 Tainted: G U [ 1304.173677][T23963] ------------------------------------------------------ [ 1304.180698][T23963] syz.3.3912/23963 is trying to acquire lock: [ 1304.186867][T23963] ffff88814375a338 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 1304.196733][T23963] [ 1304.196733][T23963] but task is already holding lock: [ 1304.204154][T23963] ffff888143759e00 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 1304.215460][T23963] [ 1304.215460][T23963] which lock already depends on the new lock. [ 1304.215460][T23963] [ 1304.225887][T23963] [ 1304.225887][T23963] the existing dependency chain (in reverse order) is: [ 1304.234932][T23963] [ 1304.234932][T23963] -> #3 (&q->q_usage_counter(io)#59){++++}-{0:0}: [ 1304.243623][T23963] blk_alloc_queue+0x619/0x760 [ 1304.248957][T23963] blk_mq_alloc_queue+0x175/0x290 [ 1304.254536][T23963] __blk_mq_alloc_disk+0x29/0x120 [ 1304.260119][T23963] nbd_dev_add+0x4a0/0xbc0 [ 1304.265097][T23963] nbd_init+0x181/0x320 [ 1304.269847][T23963] do_one_initcall+0x120/0x6e0 [ 1304.275165][T23963] kernel_init_freeable+0x5c2/0x900 [ 1304.280937][T23963] kernel_init+0x1c/0x2b0 [ 1304.285827][T23963] ret_from_fork+0x5d7/0x6f0 [ 1304.290979][T23963] ret_from_fork_asm+0x1a/0x30 [ 1304.296297][T23963] [ 1304.296297][T23963] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 1304.303586][T23963] fs_reclaim_acquire+0x102/0x150 [ 1304.309168][T23963] prepare_alloc_pages+0x162/0x610 [ 1304.314834][T23963] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1304.321285][T23963] __alloc_pages_noprof+0xb/0x1b0 [ 1304.326862][T23963] pcpu_populate_chunk+0x110/0xb00 [ 1304.332518][T23963] pcpu_alloc_noprof+0x86a/0x1470 [ 1304.338099][T23963] xt_percpu_counter_alloc+0x13e/0x1b0 [ 1304.344117][T23963] find_check_entry.constprop.0+0xbc/0x9b0 [ 1304.350492][T23963] translate_table+0xc98/0x1720 [ 1304.355897][T23963] ipt_register_table+0x102/0x430 [ 1304.361477][T23963] iptable_nat_table_init+0x4b/0x250 [ 1304.367304][T23963] xt_find_table_lock+0x2e4/0x520 [ 1304.372872][T23963] xt_request_find_table_lock+0x28/0xf0 [ 1304.378983][T23963] get_info+0x190/0x610 [ 1304.383681][T23963] do_ipt_get_ctl+0x169/0xa10 [ 1304.388910][T23963] nf_getsockopt+0x79/0xe0 [ 1304.393876][T23963] ip_getsockopt+0x18c/0x1e0 [ 1304.399018][T23963] tcp_getsockopt+0xa1/0x100 [ 1304.404160][T23963] do_sock_getsockopt+0x3ff/0x800 [ 1304.409739][T23963] __sys_getsockopt+0x123/0x1b0 [ 1304.415155][T23963] __x64_sys_getsockopt+0xbd/0x160 [ 1304.420833][T23963] do_syscall_64+0xcd/0x490 [ 1304.425907][T23963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1304.432352][T23963] [ 1304.432352][T23963] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 1304.440123][T23963] __mutex_lock+0x199/0xb90 [ 1304.445186][T23963] pcpu_alloc_noprof+0xb4c/0x1470 [ 1304.450765][T23963] sbitmap_init_node+0x2fd/0x770 [ 1304.456248][T23963] sbitmap_queue_init_node+0x41/0x560 [ 1304.462172][T23963] blk_mq_init_tags+0x12d/0x2b0 [ 1304.467593][T23963] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 1304.473698][T23963] blk_mq_init_sched+0x30c/0x610 [ 1304.479179][T23963] elevator_switch+0x1e1/0x7f0 [ 1304.484497][T23963] elevator_change+0x2ac/0x400 [ 1304.489813][T23963] elevator_set_default+0x292/0x320 [ 1304.495568][T23963] blk_register_queue+0x393/0x4f0 [ 1304.501139][T23963] __add_disk+0x74a/0xf00 [ 1304.506027][T23963] add_disk_fwnode+0x13f/0x5d0 [ 1304.511351][T23963] nbd_dev_add+0x791/0xbc0 [ 1304.516332][T23963] nbd_init+0x181/0x320 [ 1304.521050][T23963] do_one_initcall+0x120/0x6e0 [ 1304.526382][T23963] kernel_init_freeable+0x5c2/0x900 [ 1304.532137][T23963] kernel_init+0x1c/0x2b0 [ 1304.537027][T23963] ret_from_fork+0x5d7/0x6f0 [ 1304.542176][T23963] ret_from_fork_asm+0x1a/0x30 [ 1304.547569][T23963] [ 1304.547569][T23963] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 1304.555427][T23963] __lock_acquire+0x126f/0x1c90 [ 1304.560841][T23963] lock_acquire+0x179/0x350 [ 1304.565912][T23963] __mutex_lock+0x199/0xb90 [ 1304.570978][T23963] queue_requests_store+0x1c7/0x310 [ 1304.576724][T23963] queue_attr_store+0x279/0x320 [ 1304.582135][T23963] sysfs_kf_write+0xef/0x150 [ 1304.587305][T23963] kernfs_fop_write_iter+0x351/0x510 [ 1304.593145][T23963] iter_file_splice_write+0x91c/0x1150 [ 1304.599160][T23963] direct_splice_actor+0x18f/0x6c0 [ 1304.604826][T23963] splice_direct_to_actor+0x345/0xa30 [ 1304.610755][T23963] do_splice_direct+0x174/0x240 [ 1304.616160][T23963] do_sendfile+0xb06/0xe50 [ 1304.621137][T23963] __x64_sys_sendfile64+0x1d8/0x220 [ 1304.626895][T23963] do_syscall_64+0xcd/0x490 [ 1304.631958][T23963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1304.638402][T23963] [ 1304.638402][T23963] other info that might help us debug this: [ 1304.638402][T23963] [ 1304.648650][T23963] Chain exists of: [ 1304.648650][T23963] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#59 [ 1304.648650][T23963] [ 1304.662437][T23963] Possible unsafe locking scenario: [ 1304.662437][T23963] [ 1304.669905][T23963] CPU0 CPU1 [ 1304.675282][T23963] ---- ---- [ 1304.680670][T23963] lock(&q->q_usage_counter(io)#59); [ 1304.686080][T23963] lock(fs_reclaim); [ 1304.692632][T23963] lock(&q->q_usage_counter(io)#59); [ 1304.700561][T23963] lock(&q->elevator_lock); [ 1304.705182][T23963] [ 1304.705182][T23963] *** DEADLOCK *** [ 1304.705182][T23963] [ 1304.713343][T23963] 5 locks held by syz.3.3912/23963: [ 1304.718562][T23963] #0: ffff8880367c8428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30 [ 1304.728668][T23963] #1: ffff88807a461c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 1304.738568][T23963] #2: ffff888140faf3c8 (kn->active#262){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 1304.748762][T23963] #3: ffff888143759e00 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 1304.760504][T23963] #4: ffff888143759e38 (&q->q_usage_counter(queue)#11){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 1304.772498][T23963] [ 1304.772498][T23963] stack backtrace: [ 1304.778407][T23963] CPU: 0 UID: 0 PID: 23963 Comm: syz.3.3912 Tainted: G U 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(full) [ 1304.778448][T23963] Tainted: [U]=USER [ 1304.778457][T23963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1304.778473][T23963] Call Trace: [ 1304.778484][T23963] [ 1304.778495][T23963] dump_stack_lvl+0x116/0x1f0 [ 1304.778536][T23963] print_circular_bug+0x275/0x350 [ 1304.778573][T23963] check_noncircular+0x14c/0x170 [ 1304.778619][T23963] __lock_acquire+0x126f/0x1c90 [ 1304.778658][T23963] ? __lock_acquire+0xb8a/0x1c90 [ 1304.778695][T23963] lock_acquire+0x179/0x350 [ 1304.778731][T23963] ? queue_requests_store+0x1c7/0x310 [ 1304.778756][T23963] ? __pfx___might_resched+0x10/0x10 [ 1304.778786][T23963] ? do_raw_spin_lock+0x12c/0x2b0 [ 1304.778830][T23963] __mutex_lock+0x199/0xb90 [ 1304.778871][T23963] ? queue_requests_store+0x1c7/0x310 [ 1304.778896][T23963] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1304.778932][T23963] ? queue_requests_store+0x1c7/0x310 [ 1304.778956][T23963] ? lockdep_hardirqs_on+0x7c/0x110 [ 1304.778995][T23963] ? __pfx___mutex_lock+0x10/0x10 [ 1304.779039][T23963] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1304.779077][T23963] ? queue_requests_store+0x1c7/0x310 [ 1304.779100][T23963] queue_requests_store+0x1c7/0x310 [ 1304.779126][T23963] ? __pfx_queue_requests_store+0x10/0x10 [ 1304.779152][T23963] ? __mutex_trylock_common+0xe9/0x250 [ 1304.779191][T23963] ? __pfx_queue_requests_store+0x10/0x10 [ 1304.779216][T23963] queue_attr_store+0x279/0x320 [ 1304.779257][T23963] ? __pfx_queue_attr_store+0x10/0x10 [ 1304.779297][T23963] ? __lock_acquire+0x622/0x1c90 [ 1304.779340][T23963] ? find_held_lock+0x2b/0x80 [ 1304.779367][T23963] ? sysfs_file_kobj+0xe4/0x290 [ 1304.779400][T23963] ? __pfx_queue_attr_store+0x10/0x10 [ 1304.779440][T23963] sysfs_kf_write+0xef/0x150 [ 1304.779473][T23963] kernfs_fop_write_iter+0x351/0x510 [ 1304.779500][T23963] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1304.779534][T23963] iter_file_splice_write+0x91c/0x1150 [ 1304.779581][T23963] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1304.779627][T23963] ? __pfx_copy_splice_read+0x10/0x10 [ 1304.779668][T23963] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1304.779705][T23963] direct_splice_actor+0x18f/0x6c0 [ 1304.779742][T23963] splice_direct_to_actor+0x345/0xa30 [ 1304.779777][T23963] ? __pfx_direct_splice_actor+0x10/0x10 [ 1304.779834][T23963] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1304.779876][T23963] do_splice_direct+0x174/0x240 [ 1304.779911][T23963] ? __pfx_do_splice_direct+0x10/0x10 [ 1304.779946][T23963] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1304.779983][T23963] ? rw_verify_area+0xcf/0x680 [ 1304.780019][T23963] do_sendfile+0xb06/0xe50 [ 1304.780059][T23963] ? __pfx_do_sendfile+0x10/0x10 [ 1304.780095][T23963] ? handle_mm_fault+0x2ab/0xd10 [ 1304.780133][T23963] ? __x64_sys_futex+0x1e0/0x4c0 [ 1304.780166][T23963] ? __x64_sys_futex+0x1e9/0x4c0 [ 1304.780201][T23963] __x64_sys_sendfile64+0x1d8/0x220 [ 1304.780228][T23963] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1304.780259][T23963] do_syscall_64+0xcd/0x490 [ 1304.780302][T23963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1304.780331][T23963] RIP: 0033:0x7f1d0018e929 [ 1304.780352][T23963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1304.780381][T23963] RSP: 002b:00007f1cfdfd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1304.780406][T23963] RAX: ffffffffffffffda RBX: 00007f1d003b6080 RCX: 00007f1d0018e929 [ 1304.780425][T23963] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 1304.780442][T23963] RBP: 00007f1d00210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1304.780460][T23963] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000 [ 1304.780478][T23963] R13: 0000000000000000 R14: 00007f1d003b6080 R15: 00007ffc58e48018 [ 1304.780504][T23963] [ 1305.157515][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1305.164227][ T1302] ieee802154 phy1 wpan1: encryption failed: -22