last executing test programs: 16m28.699165904s ago: executing program 1 (id=803): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) 16m28.547217007s ago: executing program 1 (id=804): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 16m28.075996414s ago: executing program 1 (id=810): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) sendfile$auto(r0, r1, 0x0, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) 16m27.488782766s ago: executing program 1 (id=814): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x2) socket(0x21, 0x2, 0xa) getsockopt$auto(0x6, 0x110, 0x6, 0xffffffffffffffff, 0x0) 16m27.256109783s ago: executing program 1 (id=816): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 16m26.355545167s ago: executing program 1 (id=822): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) 16m25.905686549s ago: executing program 32 (id=822): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) 16m25.146637552s ago: executing program 0 (id=826): r0 = socket(0xa, 0x5, 0x84) bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x6, 0x4, 0xffffffffffffffff, @relative_id=0xb99, 0xd}, 0xa3) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendto$auto(r0, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 16m24.879980839s ago: executing program 0 (id=828): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x5, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x2, 0x1) setsockopt$auto(r0, 0x0, 0x81, 0x0, 0x101) 16m24.395967199s ago: executing program 0 (id=831): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x8001, 0x2) read$auto_proc_pid_maps_operations_internal(r0, &(0x7f0000000900)=""/4096, 0x1000) 16m20.067222086s ago: executing program 0 (id=842): socket(0xa, 0x2, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x4, 0x1) setsockopt$auto(0x7, 0x111, 0x100006, 0x0, 0x8) 16m19.8833686s ago: executing program 0 (id=836): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 16m18.857253382s ago: executing program 0 (id=847): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) sendto$auto(0x3, 0x0, 0x13, 0x7, &(0x7f0000000440)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24}}, 0x20) setsockopt$auto(0x3, 0x10f, 0x8a, 0x0, 0x14) 16m18.483857064s ago: executing program 33 (id=847): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) sendto$auto(0x3, 0x0, 0x13, 0x7, &(0x7f0000000440)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24}}, 0x20) setsockopt$auto(0x3, 0x10f, 0x8a, 0x0, 0x14) 11m45.112450331s ago: executing program 4 (id=3435): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='U'], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) 11m45.037832174s ago: executing program 4 (id=3437): ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x3, 0x5, 0x7fe, 0x7fb, &(0x7f0000000000)="2daaca220f327aaed5a4266883347556f619446d3bdf95a3ad70a892ec0cd4e026c1f60313c51b947890d35d1e3ee01db3297687c4bdc1c9de0aeafa534c979b3140631642cd0aeeef8d89d4063c0c9cc032c71cac2679ffe3db26c03134a42cebb98701d048ba87387b01503e7ab417431737a075cc3b8817d9adb175297372c8d2137638b00661deb6"}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xc9}) 11m44.902163421s ago: executing program 4 (id=3439): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) ioctl$auto(0x3, 0xc0585609, r0) 11m44.832702111s ago: executing program 4 (id=3441): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 11m44.716927162s ago: executing program 4 (id=3442): unshare$auto(0x4000007d) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) socketpair$auto(0x20004, 0x1, 0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) 11m44.424118656s ago: executing program 4 (id=3443): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) socketpair$auto(0x20000001, 0x2, 0x3, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) adjtimex$auto(0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0) 11m44.271344383s ago: executing program 34 (id=3443): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) socketpair$auto(0x20000001, 0x2, 0x3, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) adjtimex$auto(0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0) 11m6.482774023s ago: executing program 5 (id=3702): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) preadv$auto(0x3, 0x0, 0x3, 0xf8, 0x3ff) bind$auto(0xffffffffffffffff, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) recvfrom$auto(0x3, 0x0, 0x4, 0x8000013d, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) 11m6.332399415s ago: executing program 5 (id=3714): openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) mmap$auto(0x0, 0x899, 0x3ff, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0xf1b, 0x8, 0x0) semctl$auto_GETALL(0x0, 0x3148, 0xd, 0x101) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x4) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x3) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 11m5.759105356s ago: executing program 5 (id=3708): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r0, 0x560c, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 11m5.473702354s ago: executing program 5 (id=3710): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4400ae8f, 0x0) 11m5.16119354s ago: executing program 5 (id=3712): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 11m3.947158343s ago: executing program 5 (id=3721): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) fremovexattr$auto(r0, &(0x7f0000000000)='system.posix_acl_access\x00') io_pgetevents$auto(0x7, 0x9, 0x7ff, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x6b, 0x7, 0x0, 0x4) sendfile$auto(0x1, 0x3, 0x0, 0xd551) writev$auto(0xffffffffffffffff, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 11m3.420209611s ago: executing program 35 (id=3721): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) fremovexattr$auto(r0, &(0x7f0000000000)='system.posix_acl_access\x00') io_pgetevents$auto(0x7, 0x9, 0x7ff, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x6b, 0x7, 0x0, 0x4) sendfile$auto(0x1, 0x3, 0x0, 0xd551) writev$auto(0xffffffffffffffff, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 10m43.701648345s ago: executing program 6 (id=3865): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0xf) socket(0xa, 0x801, 0x84) socket(0x2000000000000021, 0x2, 0x10000000000002) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) pipe$auto(0x0) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0xffffffff}, 0xd) bpf$auto(0x4, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x40000, 0x4, 0x5, 0x80, 0x7, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x6, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x5, 0x10001, 0x0, 0x8001, @attach_btf_obj_fd, 0x7e, 0x4, 0x40000001, 0x5, 0x3}, 0xd) 10m43.498231191s ago: executing program 6 (id=3867): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x8, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(0xffffffffffffffff, 0x4018bc0e, 0x0) 10m42.400171722s ago: executing program 6 (id=3875): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x10000) 10m42.265065756s ago: executing program 6 (id=3876): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r0 = socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) 10m41.936204949s ago: executing program 6 (id=3879): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 10m40.490664306s ago: executing program 6 (id=3888): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0x1e, 0x805, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x5, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0) 10m40.000704641s ago: executing program 36 (id=3888): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0x1e, 0x805, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x5, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0) 7m3.403879207s ago: executing program 2 (id=5432): socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4040aea0, 0x0) 7m2.925340917s ago: executing program 2 (id=5425): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/mem\x00', 0x20401, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr0/flags\x00', 0xb02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) syz_clone3(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket$nl_generic(0x10, 0x3, 0x10) recvmsg$auto(0x4, 0x0, 0x33f) mmap$auto(0x0, 0x20009, 0x4001000000df, 0xeb1, 0x401, 0x8000) 7m2.401757088s ago: executing program 2 (id=5428): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/blkio.bfq.weight\x00', 0x8001, 0x0) write$auto(r0, &(0x7f0000000000)='0\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8) sysfs$auto(0x2, 0x6, 0x3) socket(0x11, 0x80003, 0x300) unshare$auto(0x8000000) r1 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_BTRFS_IOC_SCAN_DEV(r1, 0x50009404, &(0x7f0000000040)={@raw=0x6, "19b53510b870084f78b75a9715b5a4cbdb2bf7e66f0af5d687ee2b0edf5369e39acd69d906cdecf3e033cee6b48d1e443d7361f099de9e45e71c84447eebdb808839a14c9755f55fb8a0ce97ae118f132d468ee6f6413304e17140e191f3bdd27c80e4a6c7e6af43a0491dfb7883ad30ddce2689e696ba3fcf0f95c7963a5f4505f32d2cace2b3d9123dbae923be73229425c68e80fa29b6e8e02c9162014070d13a2fbe1e4b4cec19b45a543bbef7b6457f33d75f84a83c4c93b7bb2c0674e0f39412619040048b72aa0748b6dad0f8a32b89b1f85de82388c11fab586e0f52307e277092d966046f9b3737d71702b34b1283873c6ccab687d4d751c66981715d59ff6882b6674a0f9209b5042e45137a4b044fada75935d51b0f0eefade323857ed76213c80ed1cd1f5c32d1e826bf808704be6c29ba119ea34ec07ab2de729e77992e0110f0d1ec0322f4a1c7d74b55a79f3742b32551d5acb4f7f2a36dc400895c8f578dcef06ba24a6df47eebd60a3f21de0d71d8abe0093daa51f9fbfb5824ad059e9d45ec0120c0fe6283f35682b1963f25b942be70a9f531b33ef6438fe0448b86deba6235e30936cb689f36ece738e350cb8546758f028650c27754681e4fd7153678a07d4a38f1fa2720430582eb8f961a0927689dd4595b0e93e6b328463a52e475502b54ba30c4e73e7552bf17d8278267fc69dd8640c7699f81d34f6a9e819f2f22bf6d958a49ac8c24b761135f6c43dfd9e95f88a4277d9e7548aa1ab082a7877420f06c11f5b260f18294cee7e3b38f21a180d85d9a5c1333ab81398cf269b5118dc838198c2ec727deb024cbcdf0ea9a96663643734251f1018bb858a84a039d083044c9ad966e49f0f76fcc9a4d6455de97b029c05e6185a3731928abf964b9deafeff2376f3d396eba1446e33ce22d0986643fea3e037b8f24fe2e941a19fb5e3e40a342435123891dc73accb9e39cd376c59b2a893a1bb7d18effc9000e258f938b7b0afef354238fa8366dcf7647b01312ce2c5a6d253732af987149f31b642287f817ce31270c7ab6c7347c9b5d3058e51d3105580fb0827e3523746e81b1c331c1febe20e4010727c9232adc7cb57628c190bd8c80b9c9c3a4a071cf5183f1a73f7ef87642a0d15c130e6acb0f353f9cc47f0404916fa90561c049b7febcd8b7b0749d0f5e462f0975f8bd203ce6651afe820da02481dd19a781343bfa2ca01c3a72b855cc3c05da65ff017fd8b9183f347791baf4c7c75a8294a91f32753bc98212e61de10ca8328552660a035c2d706aa415e2dcb008e91557d40ecf302b7a0606c28958232e5b40e2ba6ceea813363347af0852ace6ac1fc89baa4e3e1de3b919155f445bd9af9b71a2acef2ecd3ddd7405f94b79d09446d4b2bc7768701275511fb0efd7ce72d451b40864c559533b360e12c00850053ca5eeded1403a8fb185d03b44f7e865ce00a9bae411b44a82837513880251de3c009cca5ac7ed6822e8b1019203a55859bea99937ef584a034d12de296ae70baff783baf663f06f61acbe79575086812de3284621db42187f1a141fe3aeb0cd8a1528dfdfa97bef63ab0f325785943d86ea610e2459b54543b8102e9e7756b65c0d86759fc9252a34e6d8823c8896ae3d3623cac0b24d9963de2519c963453425ef077898cc9447fd986c3cc08dd5d3b606416fa536666fed4858b38be4db87038be557751feddce3cab6f9f8491cb2476c2df088e6ef47a3187b9b03b874025b95d65b8b9f1ebf744cb23e68068d167883b7e0c5fdcdb0fcb3559b3f13d6fc07ef6baf67a305fd967e88319bddcf8bd1f6898ab14705d5ba3ac0ecf31685e82ecf0fce4a779c30548077ca3618ab874b0b76e37b6edabc947d56d738c4b23dcaa3b2c4fd59765162d17e39eba321ae3f2b93e1eb4e480da16604ce29d9cfbca5a152a9f8e50d04173e3af920ead67af1b4f2a59556d23c8020388fec204839ddf7b9b3921601f5c43b2e53cf6fd469c4c7d896aadf66e9aa38eb69f2e58df86f86ed21879869fe0d01ee8460f86cbb2de20f445efde693ca0b3891bd9da67d55eb413b9b4552a1e1a69e25ef91be4186040abe118d5e21547484aac1c0a39e47f08c5f66c4af715989355da8aceaf954c2a0d9b7b81089648a2e8fef70efa36d4d918610f177d3b6be3daebe6e6f16dfc15c59577ad939454686dade8289ee546ca0d7c9cf2bbfefd09a0447ccc62159d07bfffd17b479a55a7ac34306adf15bfec7ee4cec80500eb32d45ae0637878f7fab168957adb18770e33f423ca85e542e09652125def99272a248c5123e9ebc4e5c36baac2f8f888d51c3fc71c8127b8d7f4d6d83bff4253222ca939179a2f88790f1a3eb600442d61a58bdb67b83614881cef99a4fc79668b243ba7967bbdc97cd0ffdcab1e9182220d13310c6f7d056c2efeed9ed493ed93e8f1752db2c67b7fa6695518b965af2d43c9c46471b4e0d79aa8836b892082cf7c033576fe1d46abb4c11b35d13507fa3fec1ede010e85b3a39a64cff0d21d1c7ee1dc544a6aaafbc36bc7760651c0f71c9929af572a1c419d1784457bc03fb3f7f24fa35d15b825d29beb916ced86a6b9ebdbbce21b62f2c069e1cd629c65899e2c9d11d257512de8deb199c7d03634e6d5985033f77fa2e13ba8f55433010a27f1c12c87a54ddb9bbac27fb9834535e955f4bfa6d6dcc1da6ae57dd8410ff5787dba7f8141ef171fabc473f53717b095a8f45cf4346ab4b8e4b1a3cc3d6c11006fcdf65bbaff5296d1d42a8f02d9a36dc1d89350d5c2e40c5f40acec927531b40bc098bb7acc3fb5846c0166e6a77692aaf5f8cb924216b8c7c97464fd28845a3ac70b00ce226a3248aee2062cbf395e9a6c150de67c28c42e47bb26b143e0403f72ea80ef2f8a098368cdfc9185a62858cc3429a92ebeb587c0f19420bba34615a51db7c76ac832a5fd666ab3088a5003fc7997cc1e7e1c3ed6d2a70580dc7134aa7b423e35708e3bfafa53bb4f5e78853b9758a730699ef7e63ec533b41120ddcc89be200d354868d93c99a89b7ea8001a6011de7f4b5838bd8e7ea68ce58a662256c533de9cb1bbd62d182de8ac29b8e88985413e5e0bde73c974d079fc1b861c7cd5ec2f2c2d5e5f8cbc433ba005243a53db9e9b85a4b93fb3c3b63d0e3fcee5b27f25bb865fb72239a5656791617b2851b06442c1068db05b53ca08c41fcbb28028440b5130e77dd9c8925ede1035a27f4125564f59dbfd9b6b6ca7d3750630e7c2c7535d1890d9665cb8d34103714bd257964b5e78e7224d61ea356ea79d868f0aa528c5281a908a57335e0f7d0a7a16c2989f0560b6117696ed72749d958aea86ee67d33f3774b807bf0fb0c89012ab79d7f1e90af30bfbcc70c7ce4054e975f1f3a2f3d5666dfc90862ad0aa5a8d13b3da71aa4cdcbe44fcc95c8360f7b37775c9f451e733ca2a6bf55d36c15623146238269f06a37948c97da776d8b6dabae0d66f173cbd683ba9bb1560c1b3d65064459f1057c653a3cfcd4d53a1d650b1f9296a37407738e94708ec2664247e8c995be795e13524fa8aa56ae00f1beab993af8b627ccb01a5927b8a9e7d1428a6c482f8c435e28b4a1724b36f3dde2bfe2a3077ed112df67cae450015a54d9981bd85bb6fbc693dc5f8c1ea975cd419f74d23c5f0d2e4e889240950c819ad9642114cbbd19cf18f05778fc7a83a34158ae4e4f2d14e1fa817934626d11f09aa88c103172bf186f2ab694baf4ff04b7a938aa951fb6c73b0f88d5216e0170c89031f20b2587ba657f22d4c3970e64f6834eb1e92a4403a4318f80553bc875d614b3394481080be06712ffcd1de7b7bd17542a7a8b4daf19ddcf408dc200c044e236211400e0f22fc2d6f5ddc463e9e4d9480717ad77920f2ed5c5b3bf563cc3662807874c2600df5a79fc3fe668c967b43b077e89941c7623d2863518498f7a57ffac20d8730e09486860c6796249980fe82f3af1612956f478d42d4c8936822078cc5c62ca640e1ca22db434fd48b0018b7791c0b26dea2e32b60535c028525da6b9fe4dc8e83404c533cdd7093cc2dce962cadecc91acb47a7d65dd7edecb366a03b344cbd3bab03844b299bd74fe16d4024603fccdafd4f544c9ca2c13c1dc239d607dad29eb112e2c2c0be8dad9b93a837f5da731c20bf357b5bb68b60662add8a14036a51b0da067a89e1421237f8299b67875805761e203fbdaa6e8e274b4d3480b3a7e6ed6a4dcbd71c74f57a4027051515647d2f8cb39a2e7690bba1f16ef21bc7a43775ffb6a8ee9ced1733ac3c84ca5bf62a2861aced0acfbcafaaed7be716ef3ccb003bbadfea2a4b73a2864669e93a44a91c3e31ab6d394a0ae9f534220406ec76493f14daa6769ee42a2b20f6fd1693df2a28c30ef1a764430799649f0f0d404bd92d8886406267ed3ec979f70251a78038d2b7ddcb4a94bc72f2419ee0d3df5454d27c5b359bb609dadda72818457aa3b859489450ced970d19ef30b941c990a90e6114ed3f976db336ae60fc6dabfcb27e51c339ada5c13ffbce0641982cc0221983efd2385fa90eb4b1fc05b6213127944202d4b98eafc9b090b40c7691e4aa0df69cf7fade5d921b1f49f2ffd2758df7abc64bbee290df89960d96d90cbbc7f4cd8fd0b14c5f8f09d0001a66c01f7406df50a6575ea5e62674074a55b1a0c9b585e8ecb763b8e14fd95249bf1d0daa80444870ff63e899704a79667f85d30d68b9c0de1abc7879f6a66bef97d27df53958a40d01a32d546baa3a5b95d149986c9fcc1758e3def96c8015d2850c4b288f190ea1ae95a1d5d399b777e33323c06beef2f63ffe415ab05e5f0b503694eabe2254123d903d81157936d44be866c6ddb349bd43549e98989180f16baeb3bedcc56649ae68eaca59efadadc556df0077b11f9b42ea689d285d98e50d2ad9749c97e9cd50162ae079b76441d189dce15fd9f49c922e8cc59eb2d7b7084340b9a052bf67230ea03ab5b87fc6a028be87bc23d8d23399bb4a1a0d156b3d0acec7ba4c824b386752c23ce17240510cdb2c156e87efbb78822568c02a80bfd60801abb881c3929f452d9623215d833d8ce34e5d01ba384ebb8d9be19bcbbcc757ccd8a15ca8472677988fe6c7276adb4adcf1a4e78ddbd216681733f6df1bf774cfb33b6f781322de8cd12af183c652bd4ee33d17b14565d0c93a39374a1b2dc5e7a485a4c58bdfade0aef27e9f79179b27db0ccdbb7c2bd2e03325e9083e89db09530ea264348885172fe18170c56f6c459765296d702d3bd661f85fd2c73d596d2bf48ed4448eb198c2424ca5220370279c624b4388b1b4d8baec39e8997bc46276e91f018a293ba6b4ce6c188099ec4e1ab440fffe91c1d6e915b4ed729cda3cd97f5c8578f5d8b618214eae98fd2de84baa1ebbaae276067339e728628233706e1742417d6a4133b61ccca011a48116f748b07ba1f031604ddf162130f9cb838e15a8bf9cc92e4524a97774d7788e4c9968720ef4a6b5816890002de7895050bc414a3eec81b83cdc1f7e4c90bbc129559b2726dbcc042e662373b0a1d3fc3e922cad16142eff4114b4a0b7d0ef3a2da16463be820458a38719e11672f70dd47f7f19cf5fa9803e8a6e817ed9872148a81f25fb481281f19844b4077d1198fb5ea506d80311030e6f19704306ebfec55b1debcdd286e861f6224d9cdcb6ed2e4af07488d3c632ca52f1c084d10042a215bfa6625528c2d43735bfd7c73457c9"}) shmget$auto(0x0, 0xfffffffffeffffdf, 0x80) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000140)=""/122, 0x7a) 7m2.096139154s ago: executing program 2 (id=5429): set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open(&(0x7f0000000180)='./cgroup\x00', 0x78081, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) prctl$auto(0x3e, 0x0, 0x4, 0x1, 0x7fe) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(r1, 0x0, 0x40000000f42c, 0x80002) 7m0.878010557s ago: executing program 2 (id=5436): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 7m0.651318713s ago: executing program 2 (id=5439): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) memfd_create$auto(0x0, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 6m45.635772672s ago: executing program 37 (id=5439): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) memfd_create$auto(0x0, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 9.902423718s ago: executing program 3 (id=7210): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b04", 0x159) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) write$auto(r1, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) close_range$auto(0x2, 0xa, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) 6.87614209s ago: executing program 3 (id=7223): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x71f, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0xc01) ioctl$auto_TIOCGPTPEER2(0xffffffffffffffff, 0x5441, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 5.178307419s ago: executing program 7 (id=7230): mmap$auto(0x0, 0x4994, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x4840) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) 4.76683772s ago: executing program 9 (id=7232): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r1) read$auto(r1, &(0x7f0000000100)='nl80211\x00', 0xbe62) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0) r2 = getpgid$auto(0x0) timer_create$auto(0xfffffffe, &(0x7f0000000000)={@sival_int=0x4, @raw=0x2, 0x4, @_tid=r2}, &(0x7f0000000040)=0x9) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f0000000380)={0x3, @inferred=r0, @inferred=r1, 0xffff, 0x65ff, '\x00', {0x1, 0x150, 0x6, 0xee01, 0x0, 0x68, 0xab, 0x3, {0xfffffffffffffff8, 0x1f6}, {0x46, 0x1}, {0x7, 0x36}, 0x9, 0x80000000, 0x8, 0x4, 0x2, 0x0, 0x80, 0x306, 0x4, 0x4, '\x00', 0x7, 0x2, 0xf, 0x1}}) msgctl$auto_IPC_INFO(0xca, 0x3, &(0x7f0000000240)={{0x6, 0x0, 0x0, 0xfff, 0x1, 0xb6df, 0x8001}, 0x0, &(0x7f00000001c0)=0x8, 0xdb, 0x4, 0x4, 0x0, 0x3, 0x6, 0xfffb, 0x1, @inferred=0xffffffffffffffff}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x80000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.734888563s ago: executing program 8 (id=7233): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) socket(0x2, 0x801, 0x6) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8001c01, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0) close_range$auto(0x2, 0x8, 0x0) 4.524905659s ago: executing program 9 (id=7234): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, 0x0, 0x24008801) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x0, 0x2000000000009, 0x3, 0x7, 0xfffffffffffff715, 0x5, 0x7fff, 0x2000000000010006, 0x0, 0x7, 0x8, 0x2, 0x7, 0xaf, 0x9, 0x2, 0x3, 0x8001, 0x6, 0x0, 0x0, 0x40000002, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9e]}, 0x200, 0x4) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(0xffffffffffffffff, 0x0, 0x840) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 4.408943791s ago: executing program 7 (id=7235): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f00000009c0)={@inferred=r1, 0x9, 0xfffffffffffffffe, @btrfs_ioctl_vol_args_v2_3_0={0x8, &(0x7f0000000200)={0x10, 0x7, 0x7ff, 0xf, {0x6, 0xc, 0xfa, 0x2, 0xc44}, [0x1b1, 0x8001, 0x8, 0x9, 0x4, 0x4]}}, @devid=0xf10}) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) writev$auto(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)="70f9c0d7248b83810e783cefa7f8cf410bf9f41d0f6438d06c989e4dc02d467f340ac0cdb9", 0x200}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) 4.294654638s ago: executing program 9 (id=7236): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) socket(0x2a, 0x2, 0x1) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cpu/0/msr\x00', 0x80000, 0x0) socket(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) socket(0x18, 0x3, 0x2) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, 0x0, 0x8a141, 0x0) socketpair$auto(0x1, 0x4, 0x10010000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 4.242357784s ago: executing program 3 (id=7237): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) fanotify_init$auto(0x800, 0x100000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x501, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)) setsockopt$auto(0xffffffffffffffff, 0x1, 0x12, 0x0, 0xa4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000000), 0xffffffffffffffff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r0, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) 3.94733454s ago: executing program 9 (id=7238): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/block/nbd1/sched/starved\x00', 0x42000, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = setfsuid$auto(0xee00) setreuid$auto(r1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000540)='/dev/snd/midiC2D0\x00', 0x40041, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mbind$auto(0xfffffffffffff000, 0x100000004, 0xfffffffe, 0x0, 0x2000000000006, 0x1) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x3, &(0x7f0000000440)={{0x8, 0x6}, {0x8, 0xc5e}, 0x100000001, 0x8000000000000001, 0x73, 0x7, 0xfffffffffffffffc, 0x7, 0x6274, 0xa, 0x0, 0xb, 0x7, 0x439c, 0x9, 0x7}) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x6, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r3, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 3.875892705s ago: executing program 3 (id=7239): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r3 = open(0x0, 0x261c2, 0x84) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) 3.692735579s ago: executing program 3 (id=7240): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900), 0x0) getrandom$auto(0x0, 0x3, 0x80000001) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) keyctl$auto(0xe, 0x1, 0x1, 0x4, 0x6) msync$auto(0x110c230000, 0x200001, 0x6) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto_PTRACE_DETACH(0x11, r1, 0x8, 0xd) 3.225459968s ago: executing program 8 (id=7241): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) write$auto(0xffffffffffffffff, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r1, 0x0, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0) write$auto(r2, 0x0, 0xa3d9) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) madvise$auto(0x0, 0x200007, 0x8) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x30}}, 0x54) 2.807091891s ago: executing program 9 (id=7242): mmap$auto(0x0, 0x3, 0x10, 0xeb1, 0x403, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vhci_hcd.0/usb9/authorized_default\x00', 0x10b140, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) readlinkat$auto(0x1, 0x0, 0x0, 0x16a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x40) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='>'], 0x1ac}, 0x1, 0x0, 0x0, 0x40855}, 0x8092) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x7, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x7, 0x1}, 0x5}, 0x3, 0x0) 2.582059204s ago: executing program 7 (id=7243): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0) socket(0xf, 0x3, 0x2) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) getsockopt$auto(0x3, 0x200000000001, 0x1d, 0x0, 0x0) read$auto(0x3, 0x0, 0xf3c) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) prlimit64$auto(0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) socket(0x10, 0x2, 0x0) 2.244488838s ago: executing program 7 (id=7244): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) write$auto(r0, 0x0, 0x45c) unshare$auto(0x40000080) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/mem_used_max\x00', 0xa081, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x80000, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r3, 0x80045105, &(0x7f0000000200)="5719ed914183ffba4ce2eb7d18bf365aa51818da2a40f8cf07b0ea3eeefe03ccb791022d229eca747b8415a44148de5a387b97f30e8a6d797ae7a7be7631383befcf13c327c91a4d0b80012dc3570c5f02ec32980c9f7d1793c5ecec082c73ea5c923d99fa36b361f408d9e70776b351e8e79425b1ebbc60d67a311a74b3bdc4f15e37a2e8394fff0cae2ce750") r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'dummy0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd70007ddbdf250c000000040003800c00018008000100", @ANYRES32=r5, @ANYBLOB="b28105536b9d33621a171931e1b68974c8f14f83174ba0e4f099354472e07739969b91c8fe8d4a9335cc2e1b509d730838d186657e7700667e08519a7c13cc4515"], 0x24}, 0x1, 0x0, 0x0, 0x24004840}, 0x0) 2.108253847s ago: executing program 8 (id=7245): r0 = socket(0x2b, 0x1, 0x1) shmat$auto(0xbffffffd, 0x0, 0x873) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0xffffffffffffffff, r0, 0x6) close_range$auto(0x0, 0xffffffffffffffff, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x59, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x8) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x4b72, r2) 1.738515659s ago: executing program 8 (id=7246): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0x8000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4004ae99, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) 1.428712771s ago: executing program 7 (id=7247): socket(0x1e, 0x1, 0x0) socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x840000000002, 0x3, 0xff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x22, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x2, 0x1) socket(0xa, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket(0x28, 0x1, 0x0) getsockopt$auto(r0, 0x28, 0x6, 0x0, 0x0) 1.253537648s ago: executing program 7 (id=7248): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0xb) unshare$auto(0x40000080) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) read$auto(0x3, 0x0, 0x80) get_robust_list$auto(0x0, 0x0, 0x0) 1.147343559s ago: executing program 8 (id=7249): openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000080), 0x280902, 0x0) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x200, 0xffffffffffffffff, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) read$auto(r0, 0x0, 0x2) 929.543102ms ago: executing program 8 (id=7250): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyp7\x00', 0x102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) r0 = io_uring_setup$auto(0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, &(0x7f0000000100)={0xdfc9, 0xe, 0x95d7, 0x7f, 0x3, 0x1, 0x9, 0x3, 0x0, 0x7, 0xb, 0x8, 0x100, 0x2, 0x3, 0x10000, 0x400, 0x80000000, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"}) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) futex$auto(0x0, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x4000000) r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) read$auto_proc_page_owner_threshold_(r0, &(0x7f00000001c0)=""/153, 0x99) ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x403c6f2b, 0x0) read$auto(0x3, 0x0, 0x80000001) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) 528.484402ms ago: executing program 9 (id=7251): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x200009}, 0x1}, 0x2, 0x0) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) 0s ago: executing program 3 (id=7252): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, r0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) getgid() recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) kernel console output (not intermixed with test programs): 1426][T24210] bdev_alloc+0x2b/0x420 [ 917.981441][T24210] __alloc_disk_node+0x116/0x640 [ 917.981462][T24210] __blk_mq_alloc_disk+0x89/0x120 [ 917.981481][T24210] loop_add+0x490/0xb70 [ 917.981497][T24210] ? __pfx_loop_add+0x10/0x10 [ 917.981523][T24210] ? find_held_lock+0x2b/0x80 [ 917.981540][T24210] loop_control_ioctl+0x13e/0x630 [ 917.981556][T24210] ? __pfx_loop_control_ioctl+0x10/0x10 [ 917.981574][T24210] ? __pfx_loop_control_ioctl+0x10/0x10 [ 917.981591][T24210] __x64_sys_ioctl+0x18e/0x210 [ 917.981613][T24210] do_syscall_64+0xcd/0xfa0 [ 917.981632][T24210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 917.981646][T24210] RIP: 0033:0x7fb55dd8f6c9 [ 917.981659][T24210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 917.981673][T24210] RSP: 002b:00007fb55eb89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 917.981688][T24210] RAX: ffffffffffffffda RBX: 00007fb55dfe5fa0 RCX: 00007fb55dd8f6c9 [ 917.981698][T24210] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 917.981707][T24210] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 917.981715][T24210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 917.981724][T24210] R13: 00007fb55dfe6038 R14: 00007fb55dfe5fa0 R15: 00007fffd7e3ff28 [ 917.981743][T24210] [ 918.771131][ T30] audit: type=1806 audit(4294967370.382:27): xattr="." res=0 [ 919.052807][T24225] mkiss: ax0: crc mode is auto. [ 921.076619][T24253] program syz.8.6224 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 921.366247][T24255] FAULT_INJECTION: forcing a failure. [ 921.366247][T24255] name failslab, interval 1, probability 0, space 0, times 0 [ 921.456007][T24260] random: crng reseeded on system resumption [ 921.520672][T24255] CPU: 1 UID: 0 PID: 24255 Comm: syz.9.6225 Not tainted syzkaller #0 PREEMPT(full) [ 921.520696][T24255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 921.520706][T24255] Call Trace: [ 921.520712][T24255] [ 921.520719][T24255] dump_stack_lvl+0x16c/0x1f0 [ 921.520740][T24255] should_fail_ex+0x512/0x640 [ 921.520762][T24255] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 921.520793][T24255] should_failslab+0xc2/0x120 [ 921.520813][T24255] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 921.520831][T24255] ? __kthread_create_on_node+0x186/0x3f0 [ 921.520855][T24255] ? kvasprintf+0xbc/0x160 [ 921.520867][T24255] kvasprintf+0xbc/0x160 [ 921.520879][T24255] ? __pfx_kvasprintf+0x10/0x10 [ 921.520899][T24255] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 921.520912][T24255] __kthread_create_on_node+0x186/0x3f0 [ 921.520931][T24255] ? __pfx___kthread_create_on_node+0x10/0x10 [ 921.520958][T24255] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 921.520972][T24255] kthread_create_on_node+0xc7/0x100 [ 921.520990][T24255] ? __pfx_kthread_create_on_node+0x10/0x10 [ 921.521008][T24255] ? kasan_quarantine_put+0x10a/0x240 [ 921.521026][T24255] ? find_held_lock+0x2b/0x80 [ 921.521041][T24255] ? tomoyo_notify_gc+0xc6/0x470 [ 921.521057][T24255] tomoyo_notify_gc+0xea/0x470 [ 921.521070][T24255] ? ima_iint_find+0xea/0x130 [ 921.521090][T24255] ? __pfx_tomoyo_release+0x10/0x10 [ 921.521105][T24255] tomoyo_release+0x31/0x40 [ 921.521121][T24255] __fput+0x402/0xb70 [ 921.521144][T24255] task_work_run+0x150/0x240 [ 921.521166][T24255] ? __pfx_task_work_run+0x10/0x10 [ 921.521188][T24255] ? __pfx___do_sys_close_range+0x10/0x10 [ 921.521208][T24255] exit_to_user_mode_loop+0xec/0x130 [ 921.521230][T24255] do_syscall_64+0x426/0xfa0 [ 921.521248][T24255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.521263][T24255] RIP: 0033:0x7ff5da98f6c9 [ 921.521276][T24255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 921.521291][T24255] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 921.521305][T24255] RAX: 0000000000000000 RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 921.521315][T24255] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 921.521323][T24255] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 921.521332][T24255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 921.521341][T24255] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 921.521360][T24255] [ 922.788923][T24260] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.8.6227: Error -117 reading block bitmap for 5 [ 922.976615][T24260] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.8.6227: bg 2: bad block bitmap checksum [ 923.055716][T24260] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6667: Filesystem failed CRC [ 923.184188][T24257] Invalid ELF header magic: != ELF [ 923.963185][ T5149] Bluetooth: hci3: unexpected event 0x09 length: 435 > 3 [ 924.254606][T24290] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6235'. [ 924.816819][T24301] netlink: 25 bytes leftover after parsing attributes in process `syz.7.6236'. [ 925.771043][T24312] __vm_enough_memory: pid: 24312, comm: syz.7.6240, bytes: 4398046511104 not enough memory for the allocation [ 929.989314][T24365] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6259'. [ 930.075309][T24365] netlink: 25 bytes leftover after parsing attributes in process `syz.8.6259'. [ 930.193354][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 930.212502][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 930.694155][T24371] zswap: compressor not available [ 930.797874][T24377] mkiss: ax0: crc mode is auto. [ 934.540940][T24422] FAULT_INJECTION: forcing a failure. [ 934.540940][T24422] name failslab, interval 1, probability 0, space 0, times 0 [ 934.624204][T24422] CPU: 1 UID: 0 PID: 24422 Comm: syz.8.6273 Not tainted syzkaller #0 PREEMPT(full) [ 934.624228][T24422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 934.624238][T24422] Call Trace: [ 934.624244][T24422] [ 934.624250][T24422] dump_stack_lvl+0x16c/0x1f0 [ 934.624272][T24422] should_fail_ex+0x512/0x640 [ 934.624297][T24422] should_failslab+0xc2/0x120 [ 934.624317][T24422] __kmalloc_cache_noprof+0x72/0x780 [ 934.624341][T24422] ? sctp_add_bind_addr+0xae/0x3f0 [ 934.624360][T24422] ? sctp_add_bind_addr+0xae/0x3f0 [ 934.624373][T24422] sctp_add_bind_addr+0xae/0x3f0 [ 934.624390][T24422] sctp_copy_local_addr_list+0x349/0x550 [ 934.624410][T24422] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 934.624429][T24422] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 934.624448][T24422] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 934.624473][T24422] sctp_bind_addr_copy+0xe0/0x530 [ 934.624492][T24422] sctp_connect_new_asoc+0x1c9/0x770 [ 934.624518][T24422] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 934.624551][T24422] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 934.624577][T24422] sctp_sendmsg+0x1557/0x1e00 [ 934.624603][T24422] ? __pfx_sctp_sendmsg+0x10/0x10 [ 934.624622][T24422] ? __pfx___might_resched+0x10/0x10 [ 934.624644][T24422] ? aa_sk_perm+0x2f4/0xb10 [ 934.624662][T24422] ? __pfx_aa_sk_perm+0x10/0x10 [ 934.624681][T24422] ? __pfx_sctp_sendmsg+0x10/0x10 [ 934.624701][T24422] inet_sendmsg+0x11c/0x140 [ 934.624723][T24422] ____sys_sendmsg+0x973/0xc70 [ 934.624743][T24422] ? __pfx_____sys_sendmsg+0x10/0x10 [ 934.624763][T24422] ? find_held_lock+0x2b/0x80 [ 934.624778][T24422] ? futex_unqueue+0x133/0x2c0 [ 934.624799][T24422] ___sys_sendmsg+0x134/0x1d0 [ 934.624814][T24422] ? __pfx____sys_sendmsg+0x10/0x10 [ 934.624844][T24422] ? find_held_lock+0x2b/0x80 [ 934.624875][T24422] __sys_sendmmsg+0x200/0x420 [ 934.624893][T24422] ? __pfx___sys_sendmmsg+0x10/0x10 [ 934.624914][T24422] ? __pfx_do_futex+0x10/0x10 [ 934.624941][T24422] ? fdget_pos+0x2b8/0x370 [ 934.624957][T24422] ? xfd_validate_state+0x61/0x180 [ 934.624976][T24422] ? __pfx_ksys_write+0x10/0x10 [ 934.624995][T24422] __x64_sys_sendmmsg+0x9c/0x100 [ 934.625008][T24422] ? lockdep_hardirqs_on+0x7c/0x110 [ 934.625025][T24422] do_syscall_64+0xcd/0xfa0 [ 934.625044][T24422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.625058][T24422] RIP: 0033:0x7f95b178f6c9 [ 934.625071][T24422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 934.625087][T24422] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 934.625102][T24422] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 934.625112][T24422] RDX: 0000000000000008 RSI: 0000200000000140 RDI: 0000000000000004 [ 934.625121][T24422] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 934.625130][T24422] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 934.625140][T24422] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 934.625160][T24422] [ 934.928451][ C1] vkms_vblank_simulate: vblank timer overrun [ 937.146170][T24443] input: f¬ as /devices/virtual/input/input19 [ 938.771791][T24471] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 939.593393][ T5879] Process accounting resumed [ 939.779111][T24491] netlink: 'syz.9.6294': attribute type 12 has an invalid length. [ 939.849252][T24491] netlink: 306 bytes leftover after parsing attributes in process `syz.9.6294'. [ 940.178246][T24497] 0x000200000001-0xa29656a63616329 : "" [ 940.183821][T24497] mtd: partition "" is out of reach -- disabled [ 940.281135][T24497] ftl_cs: FTL header not found. [ 940.390989][T24501] netlink: 25 bytes leftover after parsing attributes in process `syz.8.6298'. [ 940.510352][T24500] ERROR: Out of memory at tomoyo_memory_ok. [ 940.783711][T24506] netlink: 'syz.9.6299': attribute type 29 has an invalid length. [ 940.842795][T24506] netlink: 'syz.9.6299': attribute type 30 has an invalid length. [ 940.850629][T24506] netlink: 'syz.9.6299': attribute type 31 has an invalid length. [ 940.966725][T24506] netlink: 'syz.9.6299': attribute type 32 has an invalid length. [ 941.051190][T24506] netlink: 'syz.9.6299': attribute type 33 has an invalid length. [ 941.107498][T24506] netlink: 'syz.9.6299': attribute type 35 has an invalid length. [ 941.156734][T24506] netlink: 'syz.9.6299': attribute type 37 has an invalid length. [ 941.225620][T24506] netlink: 18 bytes leftover after parsing attributes in process `syz.9.6299'. [ 943.411691][T24540] netlink: 62 bytes leftover after parsing attributes in process `syz.3.6311'. [ 943.678254][T24544] netlink: 'syz.7.6312': attribute type 12 has an invalid length. [ 943.740654][T24544] netlink: 306 bytes leftover after parsing attributes in process `syz.7.6312'. [ 944.397493][T24554] sp0: Synchronizing with TNC [ 944.805718][T24559] FAULT_INJECTION: forcing a failure. [ 944.805718][T24559] name failslab, interval 1, probability 0, space 0, times 0 [ 944.908298][T24559] CPU: 1 UID: 0 PID: 24559 Comm: syz.7.6318 Not tainted syzkaller #0 PREEMPT(full) [ 944.908322][T24559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 944.908332][T24559] Call Trace: [ 944.908338][T24559] [ 944.908345][T24559] dump_stack_lvl+0x16c/0x1f0 [ 944.908368][T24559] should_fail_ex+0x512/0x640 [ 944.908390][T24559] ? __kmalloc_cache_node_noprof+0x62/0x7a0 [ 944.908411][T24559] should_failslab+0xc2/0x120 [ 944.908430][T24559] __kmalloc_cache_node_noprof+0x75/0x7a0 [ 944.908448][T24559] ? blkg_alloc+0xb7/0xb60 [ 944.908473][T24559] ? blkg_alloc+0xb7/0xb60 [ 944.908493][T24559] blkg_alloc+0xb7/0xb60 [ 944.908515][T24559] ? find_held_lock+0x2b/0x80 [ 944.908532][T24559] blkcg_init_disk+0x51/0x160 [ 944.908548][T24559] __alloc_disk_node+0x299/0x640 [ 944.908569][T24559] __blk_mq_alloc_disk+0x89/0x120 [ 944.908588][T24559] loop_add+0x490/0xb70 [ 944.908604][T24559] ? __pfx_loop_add+0x10/0x10 [ 944.908631][T24559] ? find_held_lock+0x2b/0x80 [ 944.908647][T24559] loop_control_ioctl+0x13e/0x630 [ 944.908663][T24559] ? __pfx_loop_control_ioctl+0x10/0x10 [ 944.908680][T24559] ? __pfx_loop_control_ioctl+0x10/0x10 [ 944.908697][T24559] __x64_sys_ioctl+0x18e/0x210 [ 944.908719][T24559] do_syscall_64+0xcd/0xfa0 [ 944.908737][T24559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 944.908752][T24559] RIP: 0033:0x7fb55dd8f6c9 [ 944.908764][T24559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 944.908779][T24559] RSP: 002b:00007fb55eb89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 944.908793][T24559] RAX: ffffffffffffffda RBX: 00007fb55dfe5fa0 RCX: 00007fb55dd8f6c9 [ 944.908803][T24559] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 944.908813][T24559] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 944.908822][T24559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 944.908831][T24559] R13: 00007fb55dfe6038 R14: 00007fb55dfe5fa0 R15: 00007fffd7e3ff28 [ 944.908851][T24559] [ 945.209485][T24565] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6322'. [ 945.524387][T24572] FAULT_INJECTION: forcing a failure. [ 945.524387][T24572] name failslab, interval 1, probability 0, space 0, times 0 [ 945.606609][T24574] lo: entered allmulticast mode [ 945.622502][T24572] CPU: 1 UID: 0 PID: 24572 Comm: syz.9.6324 Not tainted syzkaller #0 PREEMPT(full) [ 945.622525][T24572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 945.622535][T24572] Call Trace: [ 945.622541][T24572] [ 945.622549][T24572] dump_stack_lvl+0x16c/0x1f0 [ 945.622572][T24572] should_fail_ex+0x512/0x640 [ 945.622595][T24572] ? __kmalloc_cache_noprof+0x5f/0x780 [ 945.622620][T24572] should_failslab+0xc2/0x120 [ 945.622639][T24572] __kmalloc_cache_noprof+0x72/0x780 [ 945.622662][T24572] ? drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 945.622686][T24572] ? drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 945.622705][T24572] drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 945.622734][T24572] drm_atomic_helper_commit+0xa9/0x380 [ 945.622756][T24572] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 945.622776][T24572] drm_atomic_commit+0x234/0x300 [ 945.622797][T24572] ? __pfx_drm_atomic_commit+0x10/0x10 [ 945.622816][T24572] ? __pfx___drm_printfn_info+0x10/0x10 [ 945.622834][T24572] ? drm_client_rotation+0x4da/0x6a0 [ 945.622858][T24572] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 945.622890][T24572] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 945.622912][T24572] ? rcu_is_watching+0x12/0xc0 [ 945.622948][T24572] drm_client_modeset_commit_locked+0x14d/0x580 [ 945.622973][T24572] drm_client_modeset_commit+0x4f/0x80 [ 945.622995][T24572] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 945.623017][T24572] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 945.623035][T24572] drm_fbdev_client_restore+0x2c/0x40 [ 945.623051][T24572] drm_client_dev_restore+0x1f6/0x2a0 [ 945.623075][T24572] drm_release+0x2c4/0x360 [ 945.623096][T24572] ? __pfx_drm_release+0x10/0x10 [ 945.623115][T24572] __fput+0x402/0xb70 [ 945.623139][T24572] task_work_run+0x150/0x240 [ 945.623162][T24572] ? __pfx_task_work_run+0x10/0x10 [ 945.623184][T24572] ? __pfx___do_sys_close_range+0x10/0x10 [ 945.623205][T24572] exit_to_user_mode_loop+0xec/0x130 [ 945.623227][T24572] do_syscall_64+0x426/0xfa0 [ 945.623246][T24572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 945.623262][T24572] RIP: 0033:0x7ff5da98f6c9 [ 945.623275][T24572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 945.623290][T24572] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 945.623304][T24572] RAX: 0000000000000000 RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 945.623314][T24572] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 945.623323][T24572] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 945.623340][T24572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 945.623350][T24572] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 945.623371][T24572] [ 946.129563][T24574] lo: left allmulticast mode [ 948.737380][T24606] Process accounting paused [ 951.596555][T24660] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6353'. [ 951.670048][T24660] netlink: 25 bytes leftover after parsing attributes in process `syz.7.6353'. [ 952.001428][T24665] netlink: 338 bytes leftover after parsing attributes in process `syz.7.6354'. [ 954.118828][T24684] Invalid ELF header magic: != ELF [ 955.108010][T24693] lo: entered allmulticast mode [ 955.139336][T24693] lo: left allmulticast mode [ 957.223514][T24724] sp0: Synchronizing with TNC [ 957.544902][T24728] lo: entered allmulticast mode [ 957.680149][T24728] lo: left allmulticast mode [ 959.631808][T24745] netlink: 150 bytes leftover after parsing attributes in process `syz.8.6386'. [ 960.193095][ T30] audit: type=1800 audit(4294967412.047:28): pid=24753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.6380" name="lu_gp_id" dev="configfs" ino=157907 res=0 errno=0 [ 961.230658][T24772] FAULT_INJECTION: forcing a failure. [ 961.230658][T24772] name failslab, interval 1, probability 0, space 0, times 0 [ 961.329075][T24772] CPU: 1 UID: 0 PID: 24772 Comm: syz.9.6385 Not tainted syzkaller #0 PREEMPT(full) [ 961.329100][T24772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 961.329109][T24772] Call Trace: [ 961.329116][T24772] [ 961.329122][T24772] dump_stack_lvl+0x16c/0x1f0 [ 961.329148][T24772] should_fail_ex+0x512/0x640 [ 961.329170][T24772] ? __kmalloc_cache_noprof+0x5f/0x780 [ 961.329195][T24772] should_failslab+0xc2/0x120 [ 961.329215][T24772] __kmalloc_cache_noprof+0x72/0x780 [ 961.329241][T24772] ? __kthread_create_on_node+0xce/0x3f0 [ 961.329265][T24772] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 961.329278][T24772] ? __kthread_create_on_node+0xce/0x3f0 [ 961.329296][T24772] __kthread_create_on_node+0xce/0x3f0 [ 961.329318][T24772] ? __pfx___kthread_create_on_node+0x10/0x10 [ 961.329346][T24772] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 961.329359][T24772] kthread_create_on_node+0xc7/0x100 [ 961.329381][T24772] ? __pfx_kthread_create_on_node+0x10/0x10 [ 961.329399][T24772] ? kasan_quarantine_put+0x10a/0x240 [ 961.329417][T24772] ? find_held_lock+0x2b/0x80 [ 961.329433][T24772] ? tomoyo_notify_gc+0xc6/0x470 [ 961.329449][T24772] tomoyo_notify_gc+0xea/0x470 [ 961.329462][T24772] ? ima_iint_find+0xea/0x130 [ 961.329482][T24772] ? __pfx_tomoyo_release+0x10/0x10 [ 961.329497][T24772] tomoyo_release+0x31/0x40 [ 961.329512][T24772] __fput+0x402/0xb70 [ 961.329535][T24772] task_work_run+0x150/0x240 [ 961.329557][T24772] ? __pfx_task_work_run+0x10/0x10 [ 961.329579][T24772] ? __pfx___do_sys_close_range+0x10/0x10 [ 961.329598][T24772] exit_to_user_mode_loop+0xec/0x130 [ 961.329620][T24772] do_syscall_64+0x426/0xfa0 [ 961.329639][T24772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.329653][T24772] RIP: 0033:0x7ff5da98f6c9 [ 961.329666][T24772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 961.329680][T24772] RSP: 002b:00007ff5db8a5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 961.329695][T24772] RAX: 0000000000000000 RBX: 00007ff5dabe6090 RCX: 00007ff5da98f6c9 [ 961.329704][T24772] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 961.329713][T24772] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 961.329722][T24772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 961.329731][T24772] R13: 00007ff5dabe6128 R14: 00007ff5dabe6090 R15: 00007fffa5b58cb8 [ 961.329751][T24772] [ 962.176522][T24782] netlink: 338 bytes leftover after parsing attributes in process `syz.9.6389'. [ 962.241503][T24782] netlink: 338 bytes leftover after parsing attributes in process `syz.9.6389'. [ 962.306133][T24782] netlink: 290 bytes leftover after parsing attributes in process `syz.9.6389'. [ 965.560368][T24816] netlink: 28 bytes leftover after parsing attributes in process `syz.9.6399'. [ 965.815761][T24822] FAULT_INJECTION: forcing a failure. [ 965.815761][T24822] name failslab, interval 1, probability 0, space 0, times 0 [ 966.000357][T24822] CPU: 1 UID: 0 PID: 24822 Comm: syz.7.6398 Not tainted syzkaller #0 PREEMPT(full) [ 966.000381][T24822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 966.000390][T24822] Call Trace: [ 966.000397][T24822] [ 966.000404][T24822] dump_stack_lvl+0x16c/0x1f0 [ 966.000426][T24822] should_fail_ex+0x512/0x640 [ 966.000449][T24822] ? __kmalloc_cache_noprof+0x5f/0x780 [ 966.000475][T24822] should_failslab+0xc2/0x120 [ 966.000495][T24822] __kmalloc_cache_noprof+0x72/0x780 [ 966.000517][T24822] ? __kthread_create_on_node+0xce/0x3f0 [ 966.000538][T24822] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 966.000552][T24822] ? __kthread_create_on_node+0xce/0x3f0 [ 966.000570][T24822] __kthread_create_on_node+0xce/0x3f0 [ 966.000590][T24822] ? __pfx___kthread_create_on_node+0x10/0x10 [ 966.000618][T24822] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 966.000631][T24822] kthread_create_on_node+0xc7/0x100 [ 966.000650][T24822] ? __pfx_kthread_create_on_node+0x10/0x10 [ 966.000677][T24822] ? kasan_quarantine_put+0x10a/0x240 [ 966.000696][T24822] ? find_held_lock+0x2b/0x80 [ 966.000713][T24822] ? tomoyo_notify_gc+0xc6/0x470 [ 966.000731][T24822] tomoyo_notify_gc+0xea/0x470 [ 966.000744][T24822] ? ima_iint_find+0xea/0x130 [ 966.000764][T24822] ? __pfx_tomoyo_release+0x10/0x10 [ 966.000780][T24822] tomoyo_release+0x31/0x40 [ 966.000795][T24822] __fput+0x402/0xb70 [ 966.000818][T24822] task_work_run+0x150/0x240 [ 966.000840][T24822] ? __pfx_task_work_run+0x10/0x10 [ 966.000861][T24822] ? __pfx___do_sys_close_range+0x10/0x10 [ 966.000881][T24822] exit_to_user_mode_loop+0xec/0x130 [ 966.000903][T24822] do_syscall_64+0x426/0xfa0 [ 966.000922][T24822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 966.000937][T24822] RIP: 0033:0x7fb55dd8f6c9 [ 966.000951][T24822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 966.000965][T24822] RSP: 002b:00007fb55eb68038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 966.000979][T24822] RAX: 0000000000000000 RBX: 00007fb55dfe6090 RCX: 00007fb55dd8f6c9 [ 966.000988][T24822] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 966.000997][T24822] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 966.001006][T24822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 966.001015][T24822] R13: 00007fb55dfe6128 R14: 00007fb55dfe6090 R15: 00007fffd7e3ff28 [ 966.001035][T24822] [ 968.661349][T24843] ERROR: Out of memory at tomoyo_memory_ok. [ 970.608759][T24862] netlink: zone id is out of range [ 970.613920][T24862] netlink: del zone limit has 4 unknown bytes [ 970.693537][T24860] netlink: set zone limit has 8 unknown bytes [ 972.378965][T24876] netlink: 186 bytes leftover after parsing attributes in process `syz.9.6424'. [ 972.411659][T24878] netlink: 46 bytes leftover after parsing attributes in process `syz.8.6416'. [ 972.454471][T24876] netlink: 186 bytes leftover after parsing attributes in process `syz.9.6424'. [ 972.807135][T24887] FAULT_INJECTION: forcing a failure. [ 972.807135][T24887] name failslab, interval 1, probability 0, space 0, times 0 [ 972.915073][T24887] CPU: 1 UID: 0 PID: 24887 Comm: syz.9.6420 Not tainted syzkaller #0 PREEMPT(full) [ 972.915097][T24887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 972.915106][T24887] Call Trace: [ 972.915113][T24887] [ 972.915119][T24887] dump_stack_lvl+0x16c/0x1f0 [ 972.915141][T24887] should_fail_ex+0x512/0x640 [ 972.915163][T24887] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 972.915181][T24887] should_failslab+0xc2/0x120 [ 972.915213][T24887] kmem_cache_alloc_noprof+0x75/0x6e0 [ 972.915229][T24887] ? vm_area_alloc+0x1f/0x160 [ 972.915255][T24887] ? vm_area_alloc+0x1f/0x160 [ 972.915276][T24887] vm_area_alloc+0x1f/0x160 [ 972.915297][T24887] __mmap_region+0xf85/0x27a0 [ 972.915312][T24887] ? find_held_lock+0x2b/0x80 [ 972.915327][T24887] ? __pfx___mmap_region+0x10/0x10 [ 972.915340][T24887] ? finish_task_switch.isra.0+0x21c/0xc10 [ 972.915356][T24887] ? rcu_is_watching+0x12/0xc0 [ 972.915370][T24887] ? finish_task_switch.isra.0+0x221/0xc10 [ 972.915385][T24887] ? lockdep_hardirqs_on+0x7c/0x110 [ 972.915401][T24887] ? finish_task_switch.isra.0+0x221/0xc10 [ 972.915432][T24887] ? __pfx___schedule+0x10/0x10 [ 972.915468][T24887] ? trace_cap_capable+0x18d/0x200 [ 972.915495][T24887] mmap_region+0x1ab/0x3f0 [ 972.915509][T24887] ? __get_unmapped_area+0x267/0x440 [ 972.915529][T24887] do_mmap+0xa3e/0x1210 [ 972.915550][T24887] ? __pfx_do_mmap+0x10/0x10 [ 972.915569][T24887] ? __pfx_down_write_killable+0x10/0x10 [ 972.915592][T24887] vm_mmap_pgoff+0x29e/0x470 [ 972.915614][T24887] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 972.915636][T24887] ? __x64_sys_futex+0x1e0/0x4c0 [ 972.915654][T24887] ? __x64_sys_futex+0x1e9/0x4c0 [ 972.915675][T24887] ksys_mmap_pgoff+0x7d/0x5c0 [ 972.915692][T24887] ? xfd_validate_state+0x61/0x180 [ 972.915712][T24887] ? __task_pid_nr_ns+0x1f5/0x500 [ 972.915734][T24887] __x64_sys_mmap+0x125/0x190 [ 972.915756][T24887] do_syscall_64+0xcd/0xfa0 [ 972.915774][T24887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 972.915789][T24887] RIP: 0033:0x7ff5da98f6c9 [ 972.915801][T24887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 972.915816][T24887] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 972.915830][T24887] RAX: ffffffffffffffda RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 972.915840][T24887] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 972.915849][T24887] RBP: 00007ff5daa11f91 R08: 0000000000000401 R09: 0000000000008000 [ 972.915858][T24887] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 972.915867][T24887] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 972.915891][T24887] [ 973.612209][ T5149] Bluetooth: hci2: Malformed Event: 0x02 [ 974.000615][T24896] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6425'. [ 975.007552][T24899] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 975.047790][T24912] netlink: 354 bytes leftover after parsing attributes in process `syz.9.6430'. [ 975.090837][T24899] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 975.165573][T24899] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 975.292299][T24899] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 975.326528][T24899] CPU0 is offline. [ 976.282921][T24938] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6435'. [ 976.363814][ T5827] Bluetooth: hci3: command 0x0406 tx timeout [ 976.391233][T24938] netlink: 314 bytes leftover after parsing attributes in process `syz.3.6435'. [ 976.914343][T24947] Invalid ELF header magic: != ELF [ 977.080132][ T5827] Bluetooth: hci4: command 0x0406 tx timeout [ 977.182780][T24946] warning: `syz.7.6437' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 977.238753][ T5827] Bluetooth: hci2: command 0x0406 tx timeout [ 977.315012][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout [ 978.914171][T24970] FAULT_INJECTION: forcing a failure. [ 978.914171][T24970] name failslab, interval 1, probability 0, space 0, times 0 [ 979.164096][T24970] CPU: 1 UID: 0 PID: 24970 Comm: syz.8.6443 Not tainted syzkaller #0 PREEMPT(full) [ 979.164127][T24970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 979.164137][T24970] Call Trace: [ 979.164143][T24970] [ 979.164150][T24970] dump_stack_lvl+0x16c/0x1f0 [ 979.164173][T24970] should_fail_ex+0x512/0x640 [ 979.164199][T24970] should_failslab+0xc2/0x120 [ 979.164222][T24970] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 979.164242][T24970] ? ip6_fraglist_init+0xcd/0xa90 [ 979.164267][T24970] ? kmemdup_noprof+0x29/0x60 [ 979.164282][T24970] kmemdup_noprof+0x29/0x60 [ 979.164297][T24970] ip6_fraglist_init+0xcd/0xa90 [ 979.164322][T24970] ip6_fragment+0x1e80/0x27f0 [ 979.164344][T24970] ? __pfx_ip6_finish_output2+0x10/0x10 [ 979.164371][T24970] ? __pfx_ip6_fragment+0x10/0x10 [ 979.164389][T24970] ? nf_hook+0x48d/0x780 [ 979.164407][T24970] ? nf_hook_slow+0x132/0x200 [ 979.164436][T24970] ? ip6_dst_mtu_maybe_forward.constprop.0+0x1be/0x530 [ 979.164460][T24970] __ip6_finish_output+0x369/0x1010 [ 979.164483][T24970] ip6_output+0x253/0x710 [ 979.164506][T24970] ip6_mr_output+0x233/0x11b0 [ 979.164521][T24970] ? __pfx_nf_nat_ipv6_local_fn+0x10/0x10 [ 979.164541][T24970] ? nf_nat_ipv6_local_fn+0x38a/0x530 [ 979.164562][T24970] ? __pfx_ip6_mr_output+0x10/0x10 [ 979.164576][T24970] ? __ip6_local_out+0x45b/0xa80 [ 979.164590][T24970] ? nf_hook_slow+0x132/0x200 [ 979.164613][T24970] ? __ip6_local_out+0x2f1/0xa80 [ 979.164633][T24970] ? __pfx_dst_output+0x10/0x10 [ 979.164662][T24970] ? ip6_local_out+0x2a9/0x4d0 [ 979.164676][T24970] ip6_local_out+0x2a9/0x4d0 [ 979.164694][T24970] ip6_send_skb+0x112/0x460 [ 979.164717][T24970] udp_v6_send_skb+0x96f/0x1910 [ 979.164740][T24970] udpv6_sendmsg+0x23b1/0x2d30 [ 979.164754][T24970] ? aa_label_sk_perm+0x195/0x600 [ 979.164768][T24970] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 979.164791][T24970] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 979.164809][T24970] ? __lock_acquire+0x622/0x1c90 [ 979.164836][T24970] ? __pfx___might_resched+0x10/0x10 [ 979.164865][T24970] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 979.164882][T24970] ? inet6_sendmsg+0x105/0x140 [ 979.164896][T24970] inet6_sendmsg+0x105/0x140 [ 979.164912][T24970] sock_write_iter+0x437/0x610 [ 979.164931][T24970] ? __pfx_sock_write_iter+0x10/0x10 [ 979.164955][T24970] ? bpf_lsm_file_permission+0x9/0x10 [ 979.164971][T24970] ? security_file_permission+0x71/0x210 [ 979.164987][T24970] ? rw_verify_area+0xcf/0x6c0 [ 979.165003][T24970] vfs_write+0x7d3/0x11d0 [ 979.165019][T24970] ? __pfx_sock_write_iter+0x10/0x10 [ 979.165038][T24970] ? __pfx_vfs_write+0x10/0x10 [ 979.165052][T24970] ? find_held_lock+0x2b/0x80 [ 979.165078][T24970] ksys_write+0x1f8/0x250 [ 979.165093][T24970] ? __pfx_ksys_write+0x10/0x10 [ 979.165114][T24970] do_syscall_64+0xcd/0xfa0 [ 979.165133][T24970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 979.165148][T24970] RIP: 0033:0x7f95b178f6c9 [ 979.165161][T24970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 979.165175][T24970] RSP: 002b:00007f95b25ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 979.165189][T24970] RAX: ffffffffffffffda RBX: 00007f95b19e6090 RCX: 00007f95b178f6c9 [ 979.165199][T24970] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 979.165208][T24970] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 979.165217][T24970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 979.165226][T24970] R13: 00007f95b19e6128 R14: 00007f95b19e6090 R15: 00007ffcdbcd14f8 [ 979.165246][T24970] [ 979.694547][T24962] Process accounting resumed [ 981.307199][T24968] zswap: compressor not available [ 985.666822][T25030] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 986.155360][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 986.469602][T25037] netlink: 252 bytes leftover after parsing attributes in process `syz.9.6462'. [ 986.555672][T25041] netlink: 252 bytes leftover after parsing attributes in process `syz.9.6462'. [ 987.579473][T25048] zswap: compressor 000 not available [ 988.955346][T25070] netlink: 'syz.3.6472': attribute type 27 has an invalid length. [ 989.043835][T25070] netlink: 'syz.3.6472': attribute type 28 has an invalid length. [ 989.147912][T25070] netlink: 'syz.3.6472': attribute type 29 has an invalid length. [ 989.249273][T25070] netlink: 'syz.3.6472': attribute type 30 has an invalid length. [ 989.381818][T25070] netlink: 'syz.3.6472': attribute type 31 has an invalid length. [ 989.522091][T25070] netlink: 'syz.3.6472': attribute type 32 has an invalid length. [ 989.624097][T25070] netlink: 'syz.3.6472': attribute type 33 has an invalid length. [ 989.811711][T25070] netlink: 'syz.3.6472': attribute type 35 has an invalid length. [ 989.876208][T25070] netlink: 'syz.3.6472': attribute type 37 has an invalid length. [ 989.969061][T25070] netlink: 'syz.3.6472': attribute type 39 has an invalid length. [ 990.060086][T25070] netlink: 14 bytes leftover after parsing attributes in process `syz.3.6472'. [ 991.144478][T25080] kexec: Could not allocate control_code_buffer [ 991.334952][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 991.349784][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 991.554075][T25103] FAULT_INJECTION: forcing a failure. [ 991.554075][T25103] name failslab, interval 1, probability 0, space 0, times 0 [ 991.649120][T25103] CPU: 1 UID: 0 PID: 25103 Comm: syz.9.6482 Not tainted syzkaller #0 PREEMPT(full) [ 991.649151][T25103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 991.649166][T25103] Call Trace: [ 991.649173][T25103] [ 991.649180][T25103] dump_stack_lvl+0x16c/0x1f0 [ 991.649208][T25103] should_fail_ex+0x512/0x640 [ 991.649252][T25103] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 991.649274][T25103] should_failslab+0xc2/0x120 [ 991.649296][T25103] kmem_cache_alloc_node_noprof+0x78/0x770 [ 991.649312][T25103] ? __alloc_skb+0x2b2/0x380 [ 991.649339][T25103] ? __alloc_skb+0x2b2/0x380 [ 991.649359][T25103] __alloc_skb+0x2b2/0x380 [ 991.649381][T25103] ? __pfx___alloc_skb+0x10/0x10 [ 991.649406][T25103] ? ip_frag_init+0x270/0x350 [ 991.649422][T25103] ? ima_match_policy+0x7f9/0x22e0 [ 991.649442][T25103] __ip6_append_data+0x2b74/0x4740 [ 991.649470][T25103] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 991.649494][T25103] ? __pfx___ip6_append_data+0x10/0x10 [ 991.649515][T25103] ? __pfx_ip6_mtu+0x10/0x10 [ 991.649531][T25103] ? ip6_setup_cork+0xc51/0x1530 [ 991.649552][T25103] ip6_make_skb+0x2c8/0x3f0 [ 991.649574][T25103] ? ip6_dst_check+0x343/0x950 [ 991.649591][T25103] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 991.649608][T25103] ? __pfx_ip6_make_skb+0x10/0x10 [ 991.649632][T25103] ? find_held_lock+0x2b/0x80 [ 991.649654][T25103] ? sk_dst_check+0x1da/0x540 [ 991.649683][T25103] ? udpv6_sendmsg+0x2365/0x2d30 [ 991.649698][T25103] udpv6_sendmsg+0x2365/0x2d30 [ 991.649722][T25103] ? aa_label_sk_perm+0x195/0x600 [ 991.649739][T25103] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 991.649767][T25103] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 991.649788][T25103] ? __lock_acquire+0x622/0x1c90 [ 991.649827][T25103] ? __pfx___might_resched+0x10/0x10 [ 991.649860][T25103] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 991.649879][T25103] ? inet6_sendmsg+0x105/0x140 [ 991.649893][T25103] inet6_sendmsg+0x105/0x140 [ 991.649916][T25103] sock_write_iter+0x437/0x610 [ 991.649938][T25103] ? __pfx_sock_write_iter+0x10/0x10 [ 991.649977][T25103] ? bpf_lsm_file_permission+0x9/0x10 [ 991.649998][T25103] ? security_file_permission+0x71/0x210 [ 991.650018][T25103] ? rw_verify_area+0xcf/0x6c0 [ 991.650037][T25103] vfs_write+0x7d3/0x11d0 [ 991.650056][T25103] ? __pfx_sock_write_iter+0x10/0x10 [ 991.650077][T25103] ? __pfx_vfs_write+0x10/0x10 [ 991.650093][T25103] ? find_held_lock+0x2b/0x80 [ 991.650119][T25103] ksys_write+0x1f8/0x250 [ 991.650135][T25103] ? __pfx_ksys_write+0x10/0x10 [ 991.650156][T25103] do_syscall_64+0xcd/0xfa0 [ 991.650175][T25103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.650191][T25103] RIP: 0033:0x7ff5da98f6c9 [ 991.650205][T25103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 991.650221][T25103] RSP: 002b:00007ff5db8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 991.650238][T25103] RAX: ffffffffffffffda RBX: 00007ff5dabe6090 RCX: 00007ff5da98f6c9 [ 991.650249][T25103] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 991.650260][T25103] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 991.650270][T25103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 991.650280][T25103] R13: 00007ff5dabe6128 R14: 00007ff5dabe6090 R15: 00007fffa5b58cb8 [ 991.650301][T25103] [ 995.878094][T25158] netlink: 44 bytes leftover after parsing attributes in process `syz.9.6498'. [ 996.009384][T25160] netlink: 44 bytes leftover after parsing attributes in process `syz.9.6498'. [ 996.489498][T25166] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6499'. [ 998.231995][T25184] zswap: compressor 000 not available [ 1002.449995][T25233] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 1003.333067][T25242] FAULT_INJECTION: forcing a failure. [ 1003.333067][T25242] name failslab, interval 1, probability 0, space 0, times 0 [ 1003.477515][T25242] CPU: 1 UID: 0 PID: 25242 Comm: syz.8.6526 Not tainted syzkaller #0 PREEMPT(full) [ 1003.477539][T25242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1003.477549][T25242] Call Trace: [ 1003.477555][T25242] [ 1003.477563][T25242] dump_stack_lvl+0x16c/0x1f0 [ 1003.477589][T25242] should_fail_ex+0x512/0x640 [ 1003.477612][T25242] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1003.477632][T25242] should_failslab+0xc2/0x120 [ 1003.477653][T25242] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1003.477668][T25242] ? alloc_inode+0x64/0x240 [ 1003.477691][T25242] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 1003.477713][T25242] ? alloc_inode+0x64/0x240 [ 1003.477729][T25242] alloc_inode+0x64/0x240 [ 1003.477748][T25242] new_inode+0x22/0x1c0 [ 1003.477768][T25242] debugfs_create_symlink+0xd3/0x320 [ 1003.477783][T25242] drm_debugfs_clients_add+0x195/0x200 [ 1003.477804][T25242] drm_file_alloc+0x5c6/0xb40 [ 1003.477826][T25242] drm_open_helper+0x204/0x550 [ 1003.477849][T25242] drm_open+0x1a0/0x3e0 [ 1003.477869][T25242] ? __pfx_drm_open+0x10/0x10 [ 1003.477900][T25242] drm_stub_open+0x20f/0x380 [ 1003.477921][T25242] ? __pfx_drm_stub_open+0x10/0x10 [ 1003.477942][T25242] chrdev_open+0x234/0x6a0 [ 1003.477960][T25242] ? __pfx_apparmor_file_open+0x10/0x10 [ 1003.477981][T25242] ? __pfx_chrdev_open+0x10/0x10 [ 1003.477999][T25242] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1003.478019][T25242] do_dentry_open+0x982/0x1530 [ 1003.478036][T25242] ? __pfx_chrdev_open+0x10/0x10 [ 1003.478057][T25242] vfs_open+0x82/0x3f0 [ 1003.478079][T25242] path_openat+0x1de4/0x2cb0 [ 1003.478101][T25242] ? __pfx_path_openat+0x10/0x10 [ 1003.478117][T25242] ? __lock_acquire+0xb8a/0x1c90 [ 1003.478148][T25242] do_filp_open+0x20b/0x470 [ 1003.478165][T25242] ? __pfx_do_filp_open+0x10/0x10 [ 1003.478195][T25242] ? alloc_fd+0x471/0x7d0 [ 1003.478215][T25242] do_sys_openat2+0x11b/0x1d0 [ 1003.478236][T25242] ? __pfx_do_sys_openat2+0x10/0x10 [ 1003.478265][T25242] __x64_sys_openat+0x174/0x210 [ 1003.478287][T25242] ? __pfx___x64_sys_openat+0x10/0x10 [ 1003.478316][T25242] do_syscall_64+0xcd/0xfa0 [ 1003.478335][T25242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1003.478351][T25242] RIP: 0033:0x7f95b178f6c9 [ 1003.478364][T25242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1003.478379][T25242] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1003.478394][T25242] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 1003.478404][T25242] RDX: 0000000000000500 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1003.478413][T25242] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1003.478422][T25242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1003.478431][T25242] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 1003.478451][T25242] [ 1003.478459][T25242] debugfs: out of free dentries, can not create symlink 'device' [ 1003.980628][T25247] ubi0: attaching mtd0 [ 1004.064746][T25247] ubi0 error: ubi_attach_mtd_dev: bad VID header (2) or data offsets (66) [ 1004.158837][ T3540] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1400 with max blocks 15 with error 117 [ 1004.263296][ T3540] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1004.263296][ T3540] [ 1005.868495][T25259] nvme_fcloop: unknown parameter or missing value '0' [ 1005.995584][T25259] hub 1-0:1.0: USB hub found [ 1006.043011][T25259] hub 1-0:1.0: 1 port detected [ 1006.749817][T25276] netlink: 13 bytes leftover after parsing attributes in process `syz.8.6538'. [ 1008.313383][T25292] FAULT_INJECTION: forcing a failure. [ 1008.313383][T25292] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.411710][T25292] CPU: 1 UID: 0 PID: 25292 Comm: syz.8.6550 Not tainted syzkaller #0 PREEMPT(full) [ 1008.411734][T25292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1008.411744][T25292] Call Trace: [ 1008.411750][T25292] [ 1008.411758][T25292] dump_stack_lvl+0x16c/0x1f0 [ 1008.411781][T25292] should_fail_ex+0x512/0x640 [ 1008.411803][T25292] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1008.411828][T25292] should_failslab+0xc2/0x120 [ 1008.411848][T25292] __kmalloc_cache_noprof+0x72/0x780 [ 1008.411869][T25292] ? bpf_lsm_msg_msg_alloc_security+0x9/0x10 [ 1008.411891][T25292] ? security_msg_msg_alloc+0x9c/0x230 [ 1008.411909][T25292] ? do_mq_timedsend+0x89b/0xc40 [ 1008.411932][T25292] ? do_mq_timedsend+0x89b/0xc40 [ 1008.411950][T25292] do_mq_timedsend+0x89b/0xc40 [ 1008.411971][T25292] ? __pfx_do_mq_timedsend+0x10/0x10 [ 1008.411991][T25292] ? do_futex+0x122/0x350 [ 1008.412017][T25292] ? __x64_sys_futex+0x1e0/0x4c0 [ 1008.412037][T25292] __x64_sys_mq_timedsend+0x1cd/0x260 [ 1008.412059][T25292] ? __pfx___x64_sys_mq_timedsend+0x10/0x10 [ 1008.412085][T25292] do_syscall_64+0xcd/0xfa0 [ 1008.412103][T25292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1008.412117][T25292] RIP: 0033:0x7f95b178f6c9 [ 1008.412130][T25292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1008.412144][T25292] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2 [ 1008.412158][T25292] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 1008.412168][T25292] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000004 [ 1008.412176][T25292] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1008.412185][T25292] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1008.412193][T25292] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 1008.412212][T25292] [ 1008.878895][T25294] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 1009.357152][T25307] netlink: 186 bytes leftover after parsing attributes in process `syz.8.6546'. [ 1009.787073][T25308] Process accounting paused [ 1013.533655][T25377] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6569'. [ 1013.576356][T25377] netlink: 13 bytes leftover after parsing attributes in process `syz.7.6569'. [ 1014.126887][T25381] zswap: compressor not available [ 1015.330689][T25403] netlink: 186 bytes leftover after parsing attributes in process `syz.9.6576'. [ 1016.049859][T25419] validate_nla: 1 callbacks suppressed [ 1016.049877][T25419] netlink: 'syz.3.6581': attribute type 16 has an invalid length. [ 1016.117644][T25419] netlink: 226 bytes leftover after parsing attributes in process `syz.3.6581'. [ 1016.172273][T25419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6581'. [ 1016.195933][T25421] netlink: 25 bytes leftover after parsing attributes in process `syz.8.6582'. [ 1017.631908][T25451] random: crng reseeded on system resumption [ 1018.674047][T25468] netlink: 50 bytes leftover after parsing attributes in process `syz.3.6599'. [ 1020.473131][T25507] netlink: 'syz.7.6612': attribute type 3 has an invalid length. [ 1020.503278][T25507] netlink: 306 bytes leftover after parsing attributes in process `syz.7.6612'. [ 1023.749927][T25562] netlink: 330 bytes leftover after parsing attributes in process `syz.8.6632'. [ 1024.920572][T25578] bond0: invalid ARP target specified [ 1025.187824][T25587] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6640'. [ 1025.260754][T25587] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6640'. [ 1025.345421][T25589] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 1025.805941][T25590] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 1026.216659][T25591] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1026.246097][T25591] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1026.278883][T25591] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1026.298551][T25591] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1026.335944][T25591] CPU0 is offline. [ 1026.506012][T25603] FAULT_INJECTION: forcing a failure. [ 1026.506012][T25603] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.560720][T25603] CPU: 1 UID: 0 PID: 25603 Comm: syz.7.6652 Not tainted syzkaller #0 PREEMPT(full) [ 1026.560758][T25603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1026.560769][T25603] Call Trace: [ 1026.560776][T25603] [ 1026.560782][T25603] dump_stack_lvl+0x16c/0x1f0 [ 1026.560804][T25603] should_fail_ex+0x512/0x640 [ 1026.560828][T25603] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1026.560854][T25603] should_failslab+0xc2/0x120 [ 1026.560874][T25603] __kmalloc_cache_noprof+0x72/0x780 [ 1026.560897][T25603] ? rfkill_fop_open+0x1b6/0x750 [ 1026.560914][T25603] ? rfkill_fop_open+0x1b6/0x750 [ 1026.560927][T25603] rfkill_fop_open+0x1b6/0x750 [ 1026.560943][T25603] ? __pfx_rfkill_fop_open+0x10/0x10 [ 1026.560957][T25603] misc_open+0x26d/0x450 [ 1026.560980][T25603] ? __pfx_misc_open+0x10/0x10 [ 1026.561000][T25603] chrdev_open+0x234/0x6a0 [ 1026.561017][T25603] ? __pfx_apparmor_file_open+0x10/0x10 [ 1026.561037][T25603] ? __pfx_chrdev_open+0x10/0x10 [ 1026.561055][T25603] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1026.561075][T25603] do_dentry_open+0x982/0x1530 [ 1026.561092][T25603] ? __pfx_chrdev_open+0x10/0x10 [ 1026.561113][T25603] vfs_open+0x82/0x3f0 [ 1026.561135][T25603] path_openat+0x1de4/0x2cb0 [ 1026.561157][T25603] ? __pfx_path_openat+0x10/0x10 [ 1026.561173][T25603] ? __lock_acquire+0xb8a/0x1c90 [ 1026.561195][T25603] do_filp_open+0x20b/0x470 [ 1026.561211][T25603] ? __pfx_do_filp_open+0x10/0x10 [ 1026.561253][T25603] ? alloc_fd+0x471/0x7d0 [ 1026.561273][T25603] do_sys_openat2+0x11b/0x1d0 [ 1026.561294][T25603] ? __pfx_do_sys_openat2+0x10/0x10 [ 1026.561323][T25603] __x64_sys_openat+0x174/0x210 [ 1026.561344][T25603] ? __pfx___x64_sys_openat+0x10/0x10 [ 1026.561372][T25603] do_syscall_64+0xcd/0xfa0 [ 1026.561391][T25603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1026.561406][T25603] RIP: 0033:0x7fb55dd8f6c9 [ 1026.561419][T25603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1026.561436][T25603] RSP: 002b:00007fb55eb89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1026.561451][T25603] RAX: ffffffffffffffda RBX: 00007fb55dfe5fa0 RCX: 00007fb55dd8f6c9 [ 1026.561461][T25603] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1026.561471][T25603] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1026.561481][T25603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1026.561490][T25603] R13: 00007fb55dfe6038 R14: 00007fb55dfe5fa0 R15: 00007fffd7e3ff28 [ 1026.561511][T25603] [ 1027.532183][T25313] Bluetooth: hci3: command 0x0406 tx timeout [ 1027.795677][T25614] netlink: 'syz.8.6648': attribute type 1 has an invalid length. [ 1027.837736][T25614] netlink: 13 bytes leftover after parsing attributes in process `syz.8.6648'. [ 1028.246756][T25621] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6650'. [ 1028.257108][T25313] Bluetooth: hci4: command 0x0406 tx timeout [ 1028.328267][T25313] Bluetooth: hci0: command 0x0c1a tx timeout [ 1028.334814][T25313] Bluetooth: hci2: command 0x0406 tx timeout [ 1029.160689][T25645] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6660'. [ 1029.258647][T25647] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6660'. [ 1030.011895][T25657] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 1030.510604][T25659] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 1030.855848][T25660] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1030.898605][T25660] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1030.933579][T25660] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1030.979855][T25660] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1031.004197][T25660] CPU0 is offline. [ 1032.228474][T25622] Bluetooth: hci3: command 0x0406 tx timeout [ 1032.946247][T25622] Bluetooth: hci2: command 0x0406 tx timeout [ 1032.957843][T25300] Bluetooth: hci4: command 0x0406 tx timeout [ 1033.053504][T25622] Bluetooth: hci0: command 0x0c1a tx timeout [ 1034.714118][T25299] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1404 with max blocks 11 with error 117 [ 1034.843551][T25299] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1034.843551][T25299] [ 1035.344795][T25743] FAULT_INJECTION: forcing a failure. [ 1035.344795][T25743] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.411415][T25743] CPU: 1 UID: 0 PID: 25743 Comm: syz.9.6688 Not tainted syzkaller #0 PREEMPT(full) [ 1035.411439][T25743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1035.411454][T25743] Call Trace: [ 1035.411460][T25743] [ 1035.411467][T25743] dump_stack_lvl+0x16c/0x1f0 [ 1035.411491][T25743] should_fail_ex+0x512/0x640 [ 1035.411513][T25743] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1035.411532][T25743] should_failslab+0xc2/0x120 [ 1035.411553][T25743] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1035.411568][T25743] ? __d_alloc+0x32/0xae0 [ 1035.411588][T25743] ? __d_alloc+0x32/0xae0 [ 1035.411602][T25743] __d_alloc+0x32/0xae0 [ 1035.411620][T25743] d_alloc_pseudo+0x1c/0xc0 [ 1035.411640][T25743] alloc_file_pseudo+0xcf/0x230 [ 1035.411673][T25743] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1035.411696][T25743] ? do_raw_spin_unlock+0x172/0x230 [ 1035.411722][T25743] __anon_inode_getfile+0xe8/0x280 [ 1035.411742][T25743] anon_inode_getfile_fmode+0x37/0xa0 [ 1035.411764][T25743] do_signalfd4+0x206/0x430 [ 1035.411783][T25743] __x64_sys_signalfd+0x120/0x1a0 [ 1035.411801][T25743] ? __pfx___x64_sys_signalfd+0x10/0x10 [ 1035.411824][T25743] do_syscall_64+0xcd/0xfa0 [ 1035.411843][T25743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1035.411857][T25743] RIP: 0033:0x7ff5da98f6c9 [ 1035.411871][T25743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1035.411890][T25743] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000011a [ 1035.411907][T25743] RAX: ffffffffffffffda RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 1035.411917][T25743] RDX: 0000000000000008 RSI: 0000200000000000 RDI: 00000000ffffffff [ 1035.411926][T25743] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1035.411935][T25743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1035.411944][T25743] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 1035.411964][T25743] [ 1036.914483][T25763] netlink: 13 bytes leftover after parsing attributes in process `syz.9.6695'. [ 1038.006822][T25771] sp0: Synchronizing with TNC [ 1038.587965][T25787] random: crng reseeded on system resumption [ 1039.757791][T25787] Process accounting resumed [ 1040.202854][T25809] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 2 with max blocks 1 with error 117 [ 1040.282581][T25809] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1040.282581][T25809] [ 1040.437200][T25820] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 1040.799141][T25823] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 1041.283055][T25824] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1041.304302][T25824] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1041.351941][T25824] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1041.358904][T25824] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1041.422739][T25824] CPU0 is offline. [ 1041.853181][T25837] netlink: 25 bytes leftover after parsing attributes in process `syz.8.6715'. [ 1042.733214][T25300] Bluetooth: hci3: command 0x0406 tx timeout [ 1043.372915][T25300] Bluetooth: hci0: command 0x0c1a tx timeout [ 1043.379978][T25622] Bluetooth: hci2: command 0x0406 tx timeout [ 1043.386572][T25622] Bluetooth: hci4: command 0x0406 tx timeout [ 1043.970043][T25869] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1045.242686][T25897] netlink: 62 bytes leftover after parsing attributes in process `syz.9.6733'. [ 1045.515130][T25894] sp0: Synchronizing with TNC [ 1045.542232][T25903] netlink: 330 bytes leftover after parsing attributes in process `syz.9.6735'. [ 1045.669569][T25903] net veth1_virt_wifi ›: renamed from virt_wifi0 [ 1046.224566][T25916] random: crng reseeded on system resumption [ 1046.496836][T25918] netlink: 'syz.3.6740': attribute type 10 has an invalid length. [ 1046.579845][T25918] netlink: 230 bytes leftover after parsing attributes in process `syz.3.6740'. [ 1046.754143][T25918] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 1046.818667][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1046.881157][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1046.924002][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1046.952515][T25926] netlink: 334 bytes leftover after parsing attributes in process `syz.9.6743'. [ 1046.962492][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1046.999333][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1047.046064][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1047.095076][T25924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1047.706668][T25942] FAULT_INJECTION: forcing a failure. [ 1047.706668][T25942] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.774826][T25942] CPU: 1 UID: 0 PID: 25942 Comm: syz.7.6750 Not tainted syzkaller #0 PREEMPT(full) [ 1047.774850][T25942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1047.774860][T25942] Call Trace: [ 1047.774865][T25942] [ 1047.774872][T25942] dump_stack_lvl+0x16c/0x1f0 [ 1047.774894][T25942] should_fail_ex+0x512/0x640 [ 1047.774916][T25942] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1047.774939][T25942] should_failslab+0xc2/0x120 [ 1047.774960][T25942] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1047.774976][T25942] ? __alloc_skb+0x2b2/0x380 [ 1047.775005][T25942] ? register_lock_class+0x41/0x4c0 [ 1047.775031][T25942] ? __alloc_skb+0x2b2/0x380 [ 1047.775051][T25942] __alloc_skb+0x2b2/0x380 [ 1047.775074][T25942] ? __pfx___alloc_skb+0x10/0x10 [ 1047.775097][T25942] ? __lock_acquire+0xb8a/0x1c90 [ 1047.775119][T25942] qrtr_alloc_ctrl_packet+0x21/0xf0 [ 1047.775138][T25942] qrtr_port_remove+0xdb/0x3e0 [ 1047.775156][T25942] ? __pfx_qrtr_port_remove+0x10/0x10 [ 1047.775173][T25942] ? do_raw_write_lock+0x11c/0x3a0 [ 1047.775190][T25942] ? __local_bh_enable_ip+0xa4/0x120 [ 1047.775209][T25942] qrtr_release+0x2e7/0x380 [ 1047.775228][T25942] __sock_release+0xb3/0x270 [ 1047.775244][T25942] ? __pfx_sock_close+0x10/0x10 [ 1047.775257][T25942] sock_close+0x1c/0x30 [ 1047.775270][T25942] __fput+0x402/0xb70 [ 1047.775294][T25942] task_work_run+0x150/0x240 [ 1047.775316][T25942] ? __pfx_task_work_run+0x10/0x10 [ 1047.775338][T25942] ? __pfx___do_sys_close_range+0x10/0x10 [ 1047.775358][T25942] exit_to_user_mode_loop+0xec/0x130 [ 1047.775380][T25942] do_syscall_64+0x426/0xfa0 [ 1047.775398][T25942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1047.775413][T25942] RIP: 0033:0x7fb55dd8f6c9 [ 1047.775427][T25942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1047.775443][T25942] RSP: 002b:00007fb55eb89038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1047.775457][T25942] RAX: 0000000000000000 RBX: 00007fb55dfe5fa0 RCX: 00007fb55dd8f6c9 [ 1047.775470][T25942] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1047.775479][T25942] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1047.775488][T25942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1047.775496][T25942] R13: 00007fb55dfe6038 R14: 00007fb55dfe5fa0 R15: 00007fffd7e3ff28 [ 1047.775516][T25942] [ 1048.509441][T25954] random: crng reseeded on system resumption [ 1048.572157][T25949] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6752'. [ 1048.871278][T25960] netlink: 306 bytes leftover after parsing attributes in process `syz.3.6756'. [ 1049.127832][T25966] netlink: 'syz.7.6758': attribute type 6 has an invalid length. [ 1049.177621][T25966] netlink: 13 bytes leftover after parsing attributes in process `syz.7.6758'. [ 1049.600769][T25973] netlink: 338 bytes leftover after parsing attributes in process `syz.7.6761'. [ 1049.653597][T25973] vxcan1: entered promiscuous mode [ 1049.708966][T25975] FAULT_INJECTION: forcing a failure. [ 1049.708966][T25975] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.778051][T25975] CPU: 1 UID: 0 PID: 25975 Comm: syz.8.6762 Not tainted syzkaller #0 PREEMPT(full) [ 1049.778074][T25975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1049.778088][T25975] Call Trace: [ 1049.778094][T25975] [ 1049.778101][T25975] dump_stack_lvl+0x16c/0x1f0 [ 1049.778125][T25975] should_fail_ex+0x512/0x640 [ 1049.778148][T25975] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1049.778169][T25975] should_failslab+0xc2/0x120 [ 1049.778189][T25975] __kvmalloc_node_noprof+0x141/0x9c0 [ 1049.778210][T25975] ? io_uring_setup+0x3ad/0x20e0 [ 1049.778230][T25975] ? io_uring_setup+0x3ad/0x20e0 [ 1049.778246][T25975] io_uring_setup+0x3ad/0x20e0 [ 1049.778264][T25975] ? __pfx_io_uring_setup+0x10/0x10 [ 1049.778280][T25975] ? do_futex+0x122/0x350 [ 1049.778300][T25975] ? __pfx_do_futex+0x10/0x10 [ 1049.778318][T25975] ? __fput+0x68d/0xb70 [ 1049.778337][T25975] ? __pfx___might_resched+0x10/0x10 [ 1049.778360][T25975] ? xfd_validate_state+0x61/0x180 [ 1049.778380][T25975] ? __pfx___do_sys_close_range+0x10/0x10 [ 1049.778400][T25975] __x64_sys_io_uring_setup+0xc2/0x170 [ 1049.778418][T25975] do_syscall_64+0xcd/0xfa0 [ 1049.778436][T25975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.778451][T25975] RIP: 0033:0x7f95b178f6c9 [ 1049.778463][T25975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1049.778477][T25975] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1049.778492][T25975] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 1049.778502][T25975] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1049.778510][T25975] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1049.778518][T25975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1049.778527][T25975] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 1049.778546][T25975] [ 1049.993273][ C1] vkms_vblank_simulate: vblank timer overrun [ 1050.238842][T25304] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1050.296296][T25985] netlink: 25 bytes leftover after parsing attributes in process `syz.7.6765'. [ 1050.391764][T25987] random: crng reseeded on system resumption [ 1050.767272][T25995] netlink: 'syz.9.6769': attribute type 10 has an invalid length. [ 1050.842074][T25995] netlink: 230 bytes leftover after parsing attributes in process `syz.9.6769'. [ 1050.897826][T26000] random: crng reseeded on system resumption [ 1050.915102][T25995] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 1051.469412][T26008] serio: Serial port ttyS2 [ 1052.446427][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1052.460234][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.410921][T26054] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6785'. [ 1055.007038][T26069] bond0: invalid ARP target specified [ 1055.431507][T26076] mkiss: ax0: crc mode is auto. [ 1056.487499][T26086] FAULT_INJECTION: forcing a failure. [ 1056.487499][T26086] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.600989][T26086] CPU: 1 UID: 0 PID: 26086 Comm: syz.9.6797 Not tainted syzkaller #0 PREEMPT(full) [ 1056.601015][T26086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1056.601025][T26086] Call Trace: [ 1056.601032][T26086] [ 1056.601039][T26086] dump_stack_lvl+0x16c/0x1f0 [ 1056.601064][T26086] should_fail_ex+0x512/0x640 [ 1056.601089][T26086] ? __kmalloc_noprof+0xca/0x880 [ 1056.601118][T26086] should_failslab+0xc2/0x120 [ 1056.601138][T26086] __kmalloc_noprof+0xdd/0x880 [ 1056.601163][T26086] ? snd_pcm_plugin_build+0x64/0x650 [ 1056.601188][T26086] ? snd_pcm_plugin_build+0x64/0x650 [ 1056.601207][T26086] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1056.601225][T26086] snd_pcm_plugin_build+0x64/0x650 [ 1056.601248][T26086] snd_pcm_plugin_build_linear+0x29d/0x850 [ 1056.601270][T26086] ? pm_qos_update_target+0x19f/0x4e0 [ 1056.601286][T26086] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1056.601312][T26086] ? snd_pcm_hw_params+0xcd/0x1ba0 [ 1056.601347][T26086] snd_pcm_plug_format_plugins+0x614/0x1430 [ 1056.601375][T26086] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 1056.601402][T26086] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1056.601432][T26086] snd_pcm_oss_change_params_locked+0x2df1/0x3a30 [ 1056.601464][T26086] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1056.601485][T26086] ? __pfx___mutex_lock+0x10/0x10 [ 1056.601515][T26086] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1056.601535][T26086] snd_pcm_oss_sync+0x1de/0x840 [ 1056.601557][T26086] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1056.601576][T26086] snd_pcm_oss_release+0x28b/0x310 [ 1056.601596][T26086] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1056.601614][T26086] __fput+0x402/0xb70 [ 1056.601638][T26086] task_work_run+0x150/0x240 [ 1056.601661][T26086] ? __pfx_task_work_run+0x10/0x10 [ 1056.601682][T26086] ? __pfx___do_sys_close_range+0x10/0x10 [ 1056.601702][T26086] exit_to_user_mode_loop+0xec/0x130 [ 1056.601725][T26086] do_syscall_64+0x426/0xfa0 [ 1056.601743][T26086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1056.601758][T26086] RIP: 0033:0x7ff5da98f6c9 [ 1056.601775][T26086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1056.601788][T26086] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1056.601803][T26086] RAX: 0000000000000000 RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 1056.601814][T26086] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1056.601823][T26086] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1056.601832][T26086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1056.601841][T26086] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 1056.601862][T26086] [ 1056.924812][ C1] vkms_vblank_simulate: vblank timer overrun [ 1056.939413][T26092] netlink: 13 bytes leftover after parsing attributes in process `syz.3.6798'. [ 1057.762133][T26104] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6802'. [ 1059.185799][T26121] bond0: invalid ARP target specified [ 1059.878193][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1059.927639][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1059.967969][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1060.017731][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1060.060563][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1060.112580][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1060.152892][T26130] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1060.365566][T26136] vmstat_refresh: nr_hugetlb -63488 [ 1061.130153][T26152] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input29 [ 1061.202888][T26155] usb usb24: usbfs: process 26155 (syz.3.6818) did not claim interface 0 before use [ 1062.926232][T26184] netlink: 25 bytes leftover after parsing attributes in process `syz.9.6831'. [ 1063.414206][T26198] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input30 [ 1063.438248][T26200] netlink: 86 bytes leftover after parsing attributes in process `syz.9.6835'. [ 1063.652008][T26202] usb usb24: usbfs: process 26202 (syz.7.6834) did not claim interface 0 before use [ 1065.130089][T26224] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6841'. [ 1065.176060][T26224] net veth1_virt_wifi ›: renamed from virt_wifi0 (while UP) [ 1065.627876][T26232] capability: warning: `syz.3.6843' uses deprecated v2 capabilities in a way that may be insecure [ 1066.193647][T26246] bond0: invalid ARP target specified [ 1066.240929][T26243] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6846'. [ 1066.350545][T26248] netlink: 13 bytes leftover after parsing attributes in process `syz.7.6846'. [ 1066.704186][T26250] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6847'. [ 1069.609697][T26298] zswap: compressor not available [ 1069.992780][T26302] zswap: compressor not available [ 1070.556310][T26301] Process accounting paused [ 1070.734282][T26330] netlink: 25 bytes leftover after parsing attributes in process `syz.8.6864'. [ 1070.975829][T25861] Bluetooth: hci2: unexpected event 0x20 length: 123 > 7 [ 1072.242470][T26346] FAULT_INJECTION: forcing a failure. [ 1072.242470][T26346] name failslab, interval 1, probability 0, space 0, times 0 [ 1072.338343][T26346] CPU: 1 UID: 0 PID: 26346 Comm: syz.7.6869 Not tainted syzkaller #0 PREEMPT(full) [ 1072.338368][T26346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1072.338378][T26346] Call Trace: [ 1072.338384][T26346] [ 1072.338391][T26346] dump_stack_lvl+0x16c/0x1f0 [ 1072.338413][T26346] should_fail_ex+0x512/0x640 [ 1072.338435][T26346] ? __kmalloc_noprof+0xca/0x880 [ 1072.338461][T26346] should_failslab+0xc2/0x120 [ 1072.338480][T26346] __kmalloc_noprof+0xdd/0x880 [ 1072.338509][T26346] ? rfkill_alloc+0xac/0x330 [ 1072.338538][T26346] ? rfkill_alloc+0xac/0x330 [ 1072.338557][T26346] rfkill_alloc+0xac/0x330 [ 1072.338581][T26346] wiphy_new_nm+0x136a/0x2190 [ 1072.338599][T26346] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1072.338620][T26346] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1072.338639][T26346] ieee80211_alloc_hw_nm+0x1bb5/0x22b0 [ 1072.338657][T26346] ? __local_bh_enable_ip+0xa4/0x120 [ 1072.338676][T26346] mac80211_hwsim_new_radio+0x1d3/0x50b0 [ 1072.338701][T26346] ? __asan_memset+0x23/0x50 [ 1072.338717][T26346] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1072.338739][T26346] hwsim_new_radio_nl+0xba2/0x1330 [ 1072.338756][T26346] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1072.338777][T26346] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1072.338797][T26346] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1072.338819][T26346] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1072.338838][T26346] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1072.338862][T26346] ? bpf_lsm_capable+0x9/0x10 [ 1072.338880][T26346] ? security_capable+0x7e/0x260 [ 1072.338900][T26346] ? ns_capable+0xd7/0x110 [ 1072.338917][T26346] genl_rcv_msg+0x55c/0x800 [ 1072.338937][T26346] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1072.338954][T26346] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1072.338979][T26346] netlink_rcv_skb+0x158/0x420 [ 1072.338994][T26346] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1072.339012][T26346] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1072.339047][T26346] ? netlink_deliver_tap+0x1ae/0xd30 [ 1072.339065][T26346] genl_rcv+0x28/0x40 [ 1072.339081][T26346] netlink_unicast+0x5aa/0x870 [ 1072.339100][T26346] ? __pfx_netlink_unicast+0x10/0x10 [ 1072.339123][T26346] netlink_sendmsg+0x8c8/0xdd0 [ 1072.339142][T26346] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1072.339160][T26346] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1072.339185][T26346] ____sys_sendmsg+0xa98/0xc70 [ 1072.339211][T26346] ? copy_msghdr_from_user+0x10a/0x160 [ 1072.339226][T26346] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1072.339253][T26346] ? __pfx_futex_wake_mark+0x10/0x10 [ 1072.339279][T26346] ___sys_sendmsg+0x134/0x1d0 [ 1072.339291][T26346] ? find_held_lock+0x2b/0x80 [ 1072.339308][T26346] ? __pfx____sys_sendmsg+0x10/0x10 [ 1072.339320][T26346] ? __lock_acquire+0x622/0x1c90 [ 1072.339366][T26346] __sys_sendmsg+0x16d/0x220 [ 1072.339380][T26346] ? __pfx___sys_sendmsg+0x10/0x10 [ 1072.339394][T26346] ? __x64_sys_futex+0x1e0/0x4c0 [ 1072.339424][T26346] do_syscall_64+0xcd/0xfa0 [ 1072.339443][T26346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1072.339458][T26346] RIP: 0033:0x7fb55dd8f6c9 [ 1072.339472][T26346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1072.339486][T26346] RSP: 002b:00007fb55eb89038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1072.339501][T26346] RAX: ffffffffffffffda RBX: 00007fb55dfe5fa0 RCX: 00007fb55dd8f6c9 [ 1072.339511][T26346] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1072.339521][T26346] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1072.339530][T26346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1072.339539][T26346] R13: 00007fb55dfe6038 R14: 00007fb55dfe5fa0 R15: 00007fffd7e3ff28 [ 1072.339559][T26346] [ 1073.282977][T26272] delete_channel: no stack [ 1074.753302][T26377] queue_state_write: operation too long [ 1074.790668][T26377] queue_state_write: use 'run', 'start' or 'kick' [ 1075.316574][T26389] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6885'. [ 1078.201415][T26437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6896'. [ 1079.406131][T26456] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6900'. [ 1080.075825][T26466] netlink: 252 bytes leftover after parsing attributes in process `syz.9.6903'. [ 1080.203037][T26471] netlink: 252 bytes leftover after parsing attributes in process `syz.9.6903'. [ 1081.848947][T26503] netlink: 314 bytes leftover after parsing attributes in process `syz.8.6916'. [ 1083.038559][T26517] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6919'. [ 1083.165860][T26517] mac80211_hwsim hwsim38 wlan1: entered allmulticast mode [ 1084.181485][ T30] audit: type=1800 audit(4294985880.676:29): pid=26526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.6922" name="lu_gp_id" dev="configfs" ino=180491 res=0 errno=0 [ 1084.344129][T26363] delete_channel: no stack [ 1084.423861][T26531] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6924'. [ 1085.367482][T26552] program syz.8.6929 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1085.985006][T26557] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1086.060688][T26559] cougar: G6 mapped to space [ 1086.484021][T26565] netlink: 246 bytes leftover after parsing attributes in process `syz.8.6932'. [ 1088.262325][T26596] zswap: compressor not available [ 1089.447948][T26636] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6948'. [ 1089.514858][T26637] netlink: 354 bytes leftover after parsing attributes in process `syz.3.6948'. [ 1089.687984][T26633] netlink: 'syz.8.6947': attribute type 1 has an invalid length. [ 1093.173125][T26675] FAULT_INJECTION: forcing a failure. [ 1093.173125][T26675] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.305598][T26675] CPU: 1 UID: 0 PID: 26675 Comm: syz.8.6957 Not tainted syzkaller #0 PREEMPT(full) [ 1093.305622][T26675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1093.305632][T26675] Call Trace: [ 1093.305638][T26675] [ 1093.305645][T26675] dump_stack_lvl+0x16c/0x1f0 [ 1093.305668][T26675] should_fail_ex+0x512/0x640 [ 1093.305690][T26675] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1093.305712][T26675] should_failslab+0xc2/0x120 [ 1093.305731][T26675] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1093.305757][T26675] ? kvasprintf_const+0x66/0x1a0 [ 1093.305775][T26675] ? kvasprintf+0xbc/0x160 [ 1093.305787][T26675] kvasprintf+0xbc/0x160 [ 1093.305801][T26675] ? __pfx_kvasprintf+0x10/0x10 [ 1093.305817][T26675] ? rcu_read_unlock+0x17/0x60 [ 1093.305840][T26675] kvasprintf_const+0x66/0x1a0 [ 1093.305855][T26675] kobject_set_name_vargs+0x5a/0x140 [ 1093.305876][T26675] dev_set_name+0xc7/0x100 [ 1093.305891][T26675] ? __pfx_dev_set_name+0x10/0x10 [ 1093.305906][T26675] ? trace_kmalloc+0x2b/0xd0 [ 1093.305923][T26675] ? __kmalloc_noprof.cold+0x5d/0x62 [ 1093.305944][T26675] ? stack_depot_save_flags+0x29/0x9c0 [ 1093.305965][T26675] ? __pfx_stack_trace_save+0x10/0x10 [ 1093.305981][T26675] ? wiphy_new_nm+0x701/0x2190 [ 1093.306002][T26675] wiphy_new_nm+0x811/0x2190 [ 1093.306020][T26675] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1093.306041][T26675] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1093.306060][T26675] ieee80211_alloc_hw_nm+0x1bb5/0x22b0 [ 1093.306078][T26675] ? __local_bh_enable_ip+0xa4/0x120 [ 1093.306097][T26675] mac80211_hwsim_new_radio+0x1d3/0x50b0 [ 1093.306122][T26675] ? __asan_memset+0x23/0x50 [ 1093.306138][T26675] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1093.306159][T26675] hwsim_new_radio_nl+0xba2/0x1330 [ 1093.306175][T26675] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1093.306196][T26675] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1093.306216][T26675] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1093.306238][T26675] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1093.306259][T26675] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1093.306283][T26675] ? bpf_lsm_capable+0x9/0x10 [ 1093.306301][T26675] ? security_capable+0x7e/0x260 [ 1093.306322][T26675] ? ns_capable+0xd7/0x110 [ 1093.306338][T26675] genl_rcv_msg+0x55c/0x800 [ 1093.306358][T26675] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1093.306375][T26675] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1093.306397][T26675] netlink_rcv_skb+0x158/0x420 [ 1093.306412][T26675] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1093.306430][T26675] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1093.306453][T26675] ? netlink_deliver_tap+0x1ae/0xd30 [ 1093.306469][T26675] genl_rcv+0x28/0x40 [ 1093.306484][T26675] netlink_unicast+0x5aa/0x870 [ 1093.306502][T26675] ? __pfx_netlink_unicast+0x10/0x10 [ 1093.306524][T26675] netlink_sendmsg+0x8c8/0xdd0 [ 1093.306542][T26675] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1093.306560][T26675] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1093.306584][T26675] ____sys_sendmsg+0xa98/0xc70 [ 1093.306603][T26675] ? copy_msghdr_from_user+0x10a/0x160 [ 1093.306617][T26675] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1093.306637][T26675] ? preempt_schedule_thunk+0x16/0x30 [ 1093.306662][T26675] ? try_to_wake_up+0xa67/0x1870 [ 1093.306681][T26675] ___sys_sendmsg+0x134/0x1d0 [ 1093.306695][T26675] ? find_held_lock+0x2b/0x80 [ 1093.306711][T26675] ? __pfx____sys_sendmsg+0x10/0x10 [ 1093.306722][T26675] ? __lock_acquire+0x622/0x1c90 [ 1093.306771][T26675] __sys_sendmsg+0x16d/0x220 [ 1093.306786][T26675] ? __pfx___sys_sendmsg+0x10/0x10 [ 1093.306800][T26675] ? __x64_sys_futex+0x1e0/0x4c0 [ 1093.306832][T26675] do_syscall_64+0xcd/0xfa0 [ 1093.306852][T26675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.306867][T26675] RIP: 0033:0x7f95b178f6c9 [ 1093.306880][T26675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1093.306894][T26675] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1093.306909][T26675] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 1093.306919][T26675] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1093.306928][T26675] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1093.306944][T26675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1093.306953][T26675] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 1093.306974][T26675] [ 1095.499553][T25335] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1413 with max blocks 2 with error 117 [ 1095.550781][T25335] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1095.550781][T25335] [ 1096.294086][T26704] netlink: 'syz.7.6967': attribute type 10 has an invalid length. [ 1096.373634][T26704] netlink: 330 bytes leftover after parsing attributes in process `syz.7.6967'. [ 1096.482432][T25861] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1096.482460][T25861] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 1096.499670][T25861] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 1096.499698][T25861] Bluetooth: hci3: adv larger than maximum supported [ 1096.507859][T25861] Bluetooth: hci3: adv larger than maximum supported [ 1096.514928][T25861] Bluetooth: hci3: Malformed LE Event: 0x0d [ 1097.132214][T26720] FAULT_INJECTION: forcing a failure. [ 1097.132214][T26720] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1097.209477][T26720] CPU: 1 UID: 0 PID: 26720 Comm: syz.8.6971 Not tainted syzkaller #0 PREEMPT(full) [ 1097.209508][T26720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1097.209519][T26720] Call Trace: [ 1097.209525][T26720] [ 1097.209531][T26720] dump_stack_lvl+0x16c/0x1f0 [ 1097.209554][T26720] should_fail_ex+0x512/0x640 [ 1097.209581][T26720] should_fail_alloc_page+0xe7/0x130 [ 1097.209603][T26720] prepare_alloc_pages+0x3c2/0x610 [ 1097.209622][T26720] ? rcu_is_watching+0x12/0xc0 [ 1097.209643][T26720] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1097.209660][T26720] ? __pfx_stack_trace_save+0x10/0x10 [ 1097.209681][T26720] ? __lock_acquire+0x622/0x1c90 [ 1097.209703][T26720] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1097.209726][T26720] ? __lock_acquire+0x622/0x1c90 [ 1097.209746][T26720] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1097.209771][T26720] ? policy_nodemask+0xea/0x4e0 [ 1097.209791][T26720] alloc_pages_mpol+0x1fb/0x550 [ 1097.209811][T26720] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1097.209835][T26720] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1097.209857][T26720] vma_alloc_folio_noprof+0xed/0x1e0 [ 1097.209878][T26720] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1097.209905][T26720] do_pte_missing+0x2202/0x3ba0 [ 1097.209927][T26720] ? find_held_lock+0x2b/0x80 [ 1097.209946][T26720] __handle_mm_fault+0x1556/0x2aa0 [ 1097.209973][T26720] ? __pfx___handle_mm_fault+0x10/0x10 [ 1097.209995][T26720] ? __pte_offset_map_lock+0x174/0x310 [ 1097.210013][T26720] ? find_held_lock+0x2b/0x80 [ 1097.210033][T26720] ? follow_page_pte+0x5cf/0x1390 [ 1097.210055][T26720] handle_mm_fault+0x589/0xd10 [ 1097.210081][T26720] __get_user_pages+0x54e/0x3530 [ 1097.210108][T26720] ? __pfx___get_user_pages+0x10/0x10 [ 1097.210133][T26720] faultin_page_range+0x338/0x940 [ 1097.210156][T26720] madvise_do_behavior+0x34c/0x530 [ 1097.210178][T26720] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1097.210199][T26720] ? down_read+0x13d/0x480 [ 1097.210227][T26720] do_madvise+0x176/0x240 [ 1097.210247][T26720] ? __pfx_do_madvise+0x10/0x10 [ 1097.210265][T26720] ? do_futex+0x122/0x350 [ 1097.210296][T26720] ? xfd_validate_state+0x61/0x180 [ 1097.210316][T26720] ? __pfx_ksys_write+0x10/0x10 [ 1097.210335][T26720] __x64_sys_madvise+0xa9/0x110 [ 1097.210355][T26720] ? lockdep_hardirqs_on+0x7c/0x110 [ 1097.210371][T26720] do_syscall_64+0xcd/0xfa0 [ 1097.210389][T26720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1097.210403][T26720] RIP: 0033:0x7f95b178f6c9 [ 1097.210416][T26720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1097.210431][T26720] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1097.210450][T26720] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 1097.210461][T26720] RDX: 0000000000000017 RSI: 00000000002003f0 RDI: 0000000000000000 [ 1097.210470][T26720] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1097.210480][T26720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1097.210495][T26720] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 1097.210515][T26720] [ 1098.244841][T26729] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6975'. [ 1098.317159][T26730] netlink: 'syz.7.6975': attribute type 1 has an invalid length. [ 1098.403871][T26730] netlink: 'syz.7.6975': attribute type 6 has an invalid length. [ 1100.414351][T26757] FAULT_INJECTION: forcing a failure. [ 1100.414351][T26757] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1100.508879][T26757] CPU: 1 UID: 0 PID: 26757 Comm: syz.9.6982 Not tainted syzkaller #0 PREEMPT(full) [ 1100.508904][T26757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1100.508914][T26757] Call Trace: [ 1100.508922][T26757] [ 1100.508929][T26757] dump_stack_lvl+0x16c/0x1f0 [ 1100.508953][T26757] should_fail_ex+0x512/0x640 [ 1100.508978][T26757] _copy_from_iter+0x29f/0x1720 [ 1100.509004][T26757] ? __build_skb_around+0x278/0x3b0 [ 1100.509035][T26757] ? __alloc_skb+0x200/0x380 [ 1100.509060][T26757] ? __pfx__copy_from_iter+0x10/0x10 [ 1100.509082][T26757] ? __pfx___alloc_skb+0x10/0x10 [ 1100.509108][T26757] ? __asan_memset+0x23/0x50 [ 1100.509123][T26757] ? skb_put+0x138/0x1b0 [ 1100.509142][T26757] tipc_msg_build+0x7e9/0x1150 [ 1100.509161][T26757] ? __pfx_tipc_msg_build+0x10/0x10 [ 1100.509185][T26757] tipc_send_group_bcast+0x7cc/0xa50 [ 1100.509210][T26757] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 1100.509229][T26757] ? lock_acquire+0x179/0x350 [ 1100.509248][T26757] ? find_held_lock+0x2b/0x80 [ 1100.509273][T26757] ? __pfx_woken_wake_function+0x10/0x10 [ 1100.509298][T26757] ? rcu_is_watching+0x12/0xc0 [ 1100.509323][T26757] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 1100.509339][T26757] ? __schedule+0x11a3/0x5de0 [ 1100.509358][T26757] __tipc_sendmsg+0x4ab/0x19a0 [ 1100.509381][T26757] ? __lock_acquire+0x622/0x1c90 [ 1100.509404][T26757] ? __pfx___tipc_sendmsg+0x10/0x10 [ 1100.509444][T26757] ? __local_bh_enable_ip+0xa4/0x120 [ 1100.509464][T26757] tipc_sendmsg+0x4f/0x70 [ 1100.509485][T26757] sock_write_iter+0x566/0x610 [ 1100.509504][T26757] ? __pfx_sock_write_iter+0x10/0x10 [ 1100.509528][T26757] ? bpf_lsm_file_permission+0x9/0x10 [ 1100.509544][T26757] ? security_file_permission+0x71/0x210 [ 1100.509560][T26757] ? rw_verify_area+0xcf/0x6c0 [ 1100.509576][T26757] vfs_write+0x7d3/0x11d0 [ 1100.509592][T26757] ? __pfx_sock_write_iter+0x10/0x10 [ 1100.509611][T26757] ? __pfx_vfs_write+0x10/0x10 [ 1100.509625][T26757] ? find_held_lock+0x2b/0x80 [ 1100.509651][T26757] ksys_write+0x1f8/0x250 [ 1100.509666][T26757] ? __pfx_ksys_write+0x10/0x10 [ 1100.509687][T26757] do_syscall_64+0xcd/0xfa0 [ 1100.509705][T26757] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1100.509719][T26757] RIP: 0033:0x7ff5da98f6c9 [ 1100.509732][T26757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1100.509746][T26757] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1100.509760][T26757] RAX: ffffffffffffffda RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 1100.509770][T26757] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1100.509779][T26757] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1100.509788][T26757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1100.509797][T26757] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 1100.509818][T26757] [ 1100.808023][ C1] vkms_vblank_simulate: vblank timer overrun [ 1100.857730][T26745] Process accounting resumed [ 1102.598898][T26780] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6989'. [ 1105.020899][T26817] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6999'. [ 1107.333444][T26844] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1107.333640][T26844] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1107.333788][T26844] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1107.333935][T26844] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1107.333993][T26844] CPU0 is offline. [ 1107.896607][T26851] program syz.3.7008 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1108.907682][T26865] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7014'. [ 1109.047111][T26868] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7015'. [ 1109.101023][T26865] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode [ 1109.131325][T26871] netlink: 25 bytes leftover after parsing attributes in process `syz.9.7015'. [ 1109.346993][T25313] Bluetooth: hci2: command 0x0406 tx timeout [ 1109.353073][T25300] Bluetooth: hci4: command 0x0406 tx timeout [ 1109.359749][T25300] Bluetooth: hci3: command 0x0406 tx timeout [ 1109.365863][T25861] Bluetooth: hci0: command 0x0c1a tx timeout [ 1109.818830][T26879] Bluetooth: hci4: unexpected subevent 0x03 length: 253 > 9 [ 1110.975744][T26899] FAULT_INJECTION: forcing a failure. [ 1110.975744][T26899] name failslab, interval 1, probability 0, space 0, times 0 [ 1111.080452][T26899] CPU: 1 UID: 0 PID: 26899 Comm: syz.9.7023 Not tainted syzkaller #0 PREEMPT(full) [ 1111.080477][T26899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1111.080487][T26899] Call Trace: [ 1111.080493][T26899] [ 1111.080500][T26899] dump_stack_lvl+0x16c/0x1f0 [ 1111.080522][T26899] should_fail_ex+0x512/0x640 [ 1111.080544][T26899] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1111.080569][T26899] should_failslab+0xc2/0x120 [ 1111.080589][T26899] __kmalloc_cache_noprof+0x72/0x780 [ 1111.080611][T26899] ? v4l2_fh_open+0x4c/0xa0 [ 1111.080632][T26899] ? v4l2_fh_open+0x4c/0xa0 [ 1111.080648][T26899] v4l2_fh_open+0x4c/0xa0 [ 1111.080666][T26899] v4l2_open+0x1d2/0x5e0 [ 1111.080682][T26899] ? __pfx_v4l2_open+0x10/0x10 [ 1111.080698][T26899] chrdev_open+0x234/0x6a0 [ 1111.080715][T26899] ? __pfx_apparmor_file_open+0x10/0x10 [ 1111.080736][T26899] ? __pfx_chrdev_open+0x10/0x10 [ 1111.080760][T26899] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1111.080780][T26899] do_dentry_open+0x982/0x1530 [ 1111.080797][T26899] ? __pfx_chrdev_open+0x10/0x10 [ 1111.080819][T26899] vfs_open+0x82/0x3f0 [ 1111.080840][T26899] path_openat+0x1de4/0x2cb0 [ 1111.080863][T26899] ? __pfx_path_openat+0x10/0x10 [ 1111.080879][T26899] ? __lock_acquire+0xb8a/0x1c90 [ 1111.080900][T26899] do_filp_open+0x20b/0x470 [ 1111.080916][T26899] ? __pfx_do_filp_open+0x10/0x10 [ 1111.080944][T26899] ? alloc_fd+0x471/0x7d0 [ 1111.080963][T26899] do_sys_openat2+0x11b/0x1d0 [ 1111.080983][T26899] ? __pfx_do_sys_openat2+0x10/0x10 [ 1111.081010][T26899] __x64_sys_openat+0x174/0x210 [ 1111.081030][T26899] ? __pfx___x64_sys_openat+0x10/0x10 [ 1111.081057][T26899] do_syscall_64+0xcd/0xfa0 [ 1111.081076][T26899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1111.081090][T26899] RIP: 0033:0x7ff5da98f6c9 [ 1111.081102][T26899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1111.081117][T26899] RSP: 002b:00007ff5db8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1111.081132][T26899] RAX: ffffffffffffffda RBX: 00007ff5dabe6090 RCX: 00007ff5da98f6c9 [ 1111.081142][T26899] RDX: 00000000000aaa81 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 1111.081151][T26899] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1111.081159][T26899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1111.081168][T26899] R13: 00007ff5dabe6128 R14: 00007ff5dabe6090 R15: 00007fffa5b58cb8 [ 1111.081187][T26899] [ 1111.337425][ C1] vkms_vblank_simulate: vblank timer overrun [ 1111.778966][T26911] ERROR: Out of memory at tomoyo_memory_ok. [ 1112.397755][T26916] netlink: 'syz.8.7038': attribute type 1 has an invalid length. [ 1112.420833][T26916] netlink: 210 bytes leftover after parsing attributes in process `syz.8.7038'. [ 1112.457632][T26914] ima: policy update failed [ 1112.470670][T26918] netlink: 20 bytes leftover after parsing attributes in process `syz.9.7029'. [ 1112.489787][ T30] audit: type=1802 audit(4294967300.910:30): pid=26914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.8.7038" res=0 errno=0 [ 1112.618343][T26918] mac80211_hwsim hwsim44 wlan1: entered allmulticast mode [ 1112.771284][T26879] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1113.233777][T26935] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7039'. [ 1113.576191][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1113.583819][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1113.640431][T26945] __vm_enough_memory: pid: 26945, comm: syz.3.7041, bytes: 4398046511104 not enough memory for the allocation [ 1114.013845][T26951] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7042'. [ 1114.067464][T26951] netlink: 354 bytes leftover after parsing attributes in process `syz.7.7042'. [ 1114.566121][T26961] netlink: 20 bytes leftover after parsing attributes in process `syz.7.7045'. [ 1114.691526][T26961] mac80211_hwsim hwsim33 wlan1: entered allmulticast mode [ 1114.981838][T26968] netlink: 246 bytes leftover after parsing attributes in process `syz.3.7046'. [ 1116.201971][T26993] __vm_enough_memory: pid: 26993, comm: syz.9.7055, bytes: 4398046511104 not enough memory for the allocation [ 1117.123576][T26998] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7057'. [ 1117.181670][T26998] mac80211_hwsim hwsim33 wlan1: entered promiscuous mode [ 1117.564346][T27014] netlink: 330 bytes leftover after parsing attributes in process `syz.9.7064'. [ 1117.726346][T27017] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7065'. [ 1118.058988][T27018] FAULT_INJECTION: forcing a failure. [ 1118.058988][T27018] name failslab, interval 1, probability 0, space 0, times 0 [ 1118.223699][T27018] CPU: 1 UID: 0 PID: 27018 Comm: syz.8.7060 Not tainted syzkaller #0 PREEMPT(full) [ 1118.223723][T27018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1118.223733][T27018] Call Trace: [ 1118.223739][T27018] [ 1118.223745][T27018] dump_stack_lvl+0x16c/0x1f0 [ 1118.223767][T27018] should_fail_ex+0x512/0x640 [ 1118.223790][T27018] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1118.223808][T27018] should_failslab+0xc2/0x120 [ 1118.223828][T27018] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1118.223855][T27018] ? __dquot_initialize+0x299/0xd50 [ 1118.223875][T27018] ? __d_alloc+0x32/0xae0 [ 1118.223895][T27018] ? __d_alloc+0x32/0xae0 [ 1118.223911][T27018] __d_alloc+0x32/0xae0 [ 1118.223929][T27018] d_alloc_pseudo+0x1c/0xc0 [ 1118.223949][T27018] alloc_file_pseudo+0xcf/0x230 [ 1118.223971][T27018] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1118.224002][T27018] __shmem_file_setup+0x1a3/0x330 [ 1118.224028][T27018] shmem_zero_setup+0x93/0x1a0 [ 1118.224045][T27018] __mmap_region+0x2076/0x27a0 [ 1118.224063][T27018] ? __pfx___mmap_region+0x10/0x10 [ 1118.224079][T27018] ? lock_acquire+0x179/0x350 [ 1118.224098][T27018] ? find_held_lock+0x2b/0x80 [ 1118.224120][T27018] ? rcu_is_watching+0x12/0xc0 [ 1118.224166][T27018] ? trace_cap_capable+0x18d/0x200 [ 1118.224192][T27018] mmap_region+0x1ab/0x3f0 [ 1118.224206][T27018] ? __get_unmapped_area+0x267/0x440 [ 1118.224227][T27018] do_mmap+0xa3e/0x1210 [ 1118.224253][T27018] ? __pfx_do_mmap+0x10/0x10 [ 1118.224271][T27018] ? __pfx_down_write_killable+0x10/0x10 [ 1118.224295][T27018] vm_mmap_pgoff+0x29e/0x470 [ 1118.224319][T27018] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1118.224341][T27018] ? __x64_sys_futex+0x1e0/0x4c0 [ 1118.224360][T27018] ? __x64_sys_futex+0x1e9/0x4c0 [ 1118.224381][T27018] ksys_mmap_pgoff+0x7d/0x5c0 [ 1118.224398][T27018] ? xfd_validate_state+0x61/0x180 [ 1118.224418][T27018] ? __pfx_ksys_write+0x10/0x10 [ 1118.224435][T27018] __x64_sys_mmap+0x125/0x190 [ 1118.224458][T27018] do_syscall_64+0xcd/0xfa0 [ 1118.224476][T27018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1118.224491][T27018] RIP: 0033:0x7f95b178f6c9 [ 1118.224504][T27018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1118.224517][T27018] RSP: 002b:00007f95b25ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1118.224532][T27018] RAX: ffffffffffffffda RBX: 00007f95b19e6090 RCX: 00007f95b178f6c9 [ 1118.224542][T27018] RDX: 0000000000000007 RSI: 000000000002000d RDI: 0000000000000000 [ 1118.224551][T27018] RBP: 00007f95b1811f91 R08: 0000000000000404 R09: 0000000010008000 [ 1118.224561][T27018] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1118.224570][T27018] R13: 00007f95b19e6128 R14: 00007f95b19e6090 R15: 00007ffcdbcd14f8 [ 1118.224590][T27018] [ 1119.177025][T27037] FAULT_INJECTION: forcing a failure. [ 1119.177025][T27037] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.215626][T27037] CPU: 1 UID: 0 PID: 27037 Comm: syz.9.7070 Not tainted syzkaller #0 PREEMPT(full) [ 1119.215651][T27037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1119.215660][T27037] Call Trace: [ 1119.215667][T27037] [ 1119.215673][T27037] dump_stack_lvl+0x16c/0x1f0 [ 1119.215696][T27037] should_fail_ex+0x512/0x640 [ 1119.215719][T27037] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1119.215737][T27037] should_failslab+0xc2/0x120 [ 1119.215758][T27037] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1119.215773][T27037] ? do_futex+0x122/0x350 [ 1119.215792][T27037] ? alloc_inode+0xc3/0x240 [ 1119.215815][T27037] ? alloc_inode+0xc3/0x240 [ 1119.215832][T27037] alloc_inode+0xc3/0x240 [ 1119.215851][T27037] create_pipe_files+0x4c/0x9a0 [ 1119.215872][T27037] do_pipe2+0xaf/0x1c0 [ 1119.215888][T27037] ? __pfx_do_pipe2+0x10/0x10 [ 1119.215905][T27037] ? xfd_validate_state+0x61/0x180 [ 1119.215925][T27037] ? __pfx___x64_sys_chdir+0x10/0x10 [ 1119.215948][T27037] __x64_sys_pipe+0x33/0x50 [ 1119.215965][T27037] do_syscall_64+0xcd/0xfa0 [ 1119.215983][T27037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1119.215997][T27037] RIP: 0033:0x7ff5da98f6c9 [ 1119.216010][T27037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1119.216024][T27037] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1119.216038][T27037] RAX: ffffffffffffffda RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 1119.216048][T27037] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1119.216057][T27037] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1119.216065][T27037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1119.216074][T27037] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 1119.216094][T27037] [ 1119.418478][T27038] FAULT_INJECTION: forcing a failure. [ 1119.418478][T27038] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.431303][T27038] CPU: 1 UID: 0 PID: 27038 Comm: syz.9.7070 Not tainted syzkaller #0 PREEMPT(full) [ 1119.431325][T27038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1119.431335][T27038] Call Trace: [ 1119.431341][T27038] [ 1119.431348][T27038] dump_stack_lvl+0x16c/0x1f0 [ 1119.431370][T27038] should_fail_ex+0x512/0x640 [ 1119.431393][T27038] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1119.431410][T27038] should_failslab+0xc2/0x120 [ 1119.431430][T27038] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1119.431445][T27038] ? getname_flags.part.0+0x4c/0x550 [ 1119.431469][T27038] ? getname_flags.part.0+0x4c/0x550 [ 1119.431489][T27038] getname_flags.part.0+0x4c/0x550 [ 1119.431511][T27038] getname_flags+0x93/0xf0 [ 1119.431525][T27038] do_sys_openat2+0xb8/0x1d0 [ 1119.431546][T27038] ? __pfx_do_sys_openat2+0x10/0x10 [ 1119.431573][T27038] __x64_sys_open+0x153/0x1e0 [ 1119.431593][T27038] ? __pfx___x64_sys_open+0x10/0x10 [ 1119.431618][T27038] ? rcu_is_watching+0x12/0xc0 [ 1119.431635][T27038] do_syscall_64+0xcd/0xfa0 [ 1119.431662][T27038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1119.431678][T27038] RIP: 0033:0x7ff5da98f6c9 [ 1119.431691][T27038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1119.431706][T27038] RSP: 002b:00007ff5db8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1119.431720][T27038] RAX: ffffffffffffffda RBX: 00007ff5dabe6090 RCX: 00007ff5da98f6c9 [ 1119.431730][T27038] RDX: e1d2b27bdc14aabc RSI: 0000000000004242 RDI: 0000200000000000 [ 1119.431740][T27038] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1119.431748][T27038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1119.431756][T27038] R13: 00007ff5dabe6128 R14: 00007ff5dabe6090 R15: 00007fffa5b58cb8 [ 1119.431775][T27038] [ 1121.026342][T26879] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9 [ 1121.557820][T27064] FAULT_INJECTION: forcing a failure. [ 1121.557820][T27064] name failslab, interval 1, probability 0, space 0, times 0 [ 1121.792760][T27064] CPU: 1 UID: 0 PID: 27064 Comm: syz.8.7077 Not tainted syzkaller #0 PREEMPT(full) [ 1121.792784][T27064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1121.792793][T27064] Call Trace: [ 1121.792799][T27064] [ 1121.792806][T27064] dump_stack_lvl+0x16c/0x1f0 [ 1121.792829][T27064] should_fail_ex+0x512/0x640 [ 1121.792851][T27064] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1121.792877][T27064] should_failslab+0xc2/0x120 [ 1121.792897][T27064] __kmalloc_cache_noprof+0x72/0x780 [ 1121.792919][T27064] ? rcu_is_watching+0x12/0xc0 [ 1121.792934][T27064] ? single_open+0x4d/0x1f0 [ 1121.792955][T27064] ? __pfx_smbd_receive_credit_max_proc_show+0x10/0x10 [ 1121.792978][T27064] ? single_open+0x4d/0x1f0 [ 1121.793002][T27064] single_open+0x4d/0x1f0 [ 1121.793024][T27064] ? __pfx_smbd_receive_credit_max_open+0x10/0x10 [ 1121.793049][T27064] proc_reg_open+0x2ab/0x5f0 [ 1121.793070][T27064] do_dentry_open+0x982/0x1530 [ 1121.793092][T27064] ? __pfx_proc_reg_open+0x10/0x10 [ 1121.793129][T27064] vfs_open+0x82/0x3f0 [ 1121.793153][T27064] path_openat+0x1de4/0x2cb0 [ 1121.793179][T27064] ? __pfx_path_openat+0x10/0x10 [ 1121.793200][T27064] ? __lock_acquire+0xb8a/0x1c90 [ 1121.793224][T27064] do_filp_open+0x20b/0x470 [ 1121.793241][T27064] ? __pfx_do_filp_open+0x10/0x10 [ 1121.793270][T27064] ? alloc_fd+0x471/0x7d0 [ 1121.793289][T27064] do_sys_openat2+0x11b/0x1d0 [ 1121.793309][T27064] ? __pfx_do_sys_openat2+0x10/0x10 [ 1121.793336][T27064] __x64_sys_openat+0x174/0x210 [ 1121.793357][T27064] ? __pfx___x64_sys_openat+0x10/0x10 [ 1121.793385][T27064] do_syscall_64+0xcd/0xfa0 [ 1121.793403][T27064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1121.793418][T27064] RIP: 0033:0x7f95b178f6c9 [ 1121.793431][T27064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1121.793445][T27064] RSP: 002b:00007f95b25ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1121.793460][T27064] RAX: ffffffffffffffda RBX: 00007f95b19e6090 RCX: 00007f95b178f6c9 [ 1121.793469][T27064] RDX: 0000000000000641 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1121.793486][T27064] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1121.793495][T27064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1121.793504][T27064] R13: 00007f95b19e6128 R14: 00007f95b19e6090 R15: 00007ffcdbcd14f8 [ 1121.793525][T27064] [ 1122.507524][T26879] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1122.973291][T27077] FAULT_INJECTION: forcing a failure. [ 1122.973291][T27077] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.025706][T27077] CPU: 1 UID: 0 PID: 27077 Comm: syz.9.7083 Not tainted syzkaller #0 PREEMPT(full) [ 1123.025731][T27077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1123.025741][T27077] Call Trace: [ 1123.025746][T27077] [ 1123.025753][T27077] dump_stack_lvl+0x16c/0x1f0 [ 1123.025775][T27077] should_fail_ex+0x512/0x640 [ 1123.025797][T27077] ? __kmalloc_noprof+0xca/0x880 [ 1123.025821][T27077] should_failslab+0xc2/0x120 [ 1123.025841][T27077] __kmalloc_noprof+0xdd/0x880 [ 1123.025863][T27077] ? lsm_blob_alloc+0x68/0x90 [ 1123.025884][T27077] ? lsm_blob_alloc+0x68/0x90 [ 1123.025900][T27077] lsm_blob_alloc+0x68/0x90 [ 1123.025918][T27077] security_task_alloc+0x2d/0x260 [ 1123.025935][T27077] copy_process+0x220b/0x76a0 [ 1123.025954][T27077] ? __pfx___futex_wait+0x10/0x10 [ 1123.025982][T27077] ? __pfx_copy_process+0x10/0x10 [ 1123.026003][T27077] ? futex_private_hash_put+0xd5/0x190 [ 1123.026024][T27077] kernel_clone+0xfc/0x930 [ 1123.026043][T27077] ? __pfx_kernel_clone+0x10/0x10 [ 1123.026070][T27077] __do_sys_clone+0xce/0x120 [ 1123.026087][T27077] ? __pfx___do_sys_clone+0x10/0x10 [ 1123.026115][T27077] ? xfd_validate_state+0x61/0x180 [ 1123.026142][T27077] do_syscall_64+0xcd/0xfa0 [ 1123.026160][T27077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1123.026175][T27077] RIP: 0033:0x7ff5da98f6c9 [ 1123.026188][T27077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1123.026202][T27077] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1123.026217][T27077] RAX: ffffffffffffffda RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 1123.026227][T27077] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 1123.026235][T27077] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1123.026244][T27077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1123.026252][T27077] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 1123.026271][T27077] [ 1123.862681][T27088] FAULT_INJECTION: forcing a failure. [ 1123.862681][T27088] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.907509][T27088] CPU: 1 UID: 0 PID: 27088 Comm: syz.7.7094 Not tainted syzkaller #0 PREEMPT(full) [ 1123.907532][T27088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1123.907542][T27088] Call Trace: [ 1123.907548][T27088] [ 1123.907555][T27088] dump_stack_lvl+0x16c/0x1f0 [ 1123.907584][T27088] should_fail_ex+0x512/0x640 [ 1123.907607][T27088] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1123.907626][T27088] should_failslab+0xc2/0x120 [ 1123.907646][T27088] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1123.907661][T27088] ? proc_reg_open+0x23f/0x5f0 [ 1123.907682][T27088] ? proc_reg_open+0x23f/0x5f0 [ 1123.907698][T27088] proc_reg_open+0x23f/0x5f0 [ 1123.907721][T27088] do_dentry_open+0x982/0x1530 [ 1123.907738][T27088] ? __pfx_proc_reg_open+0x10/0x10 [ 1123.907759][T27088] vfs_open+0x82/0x3f0 [ 1123.907781][T27088] path_openat+0x1de4/0x2cb0 [ 1123.907803][T27088] ? __pfx_path_openat+0x10/0x10 [ 1123.907819][T27088] ? __lock_acquire+0xb8a/0x1c90 [ 1123.907841][T27088] do_filp_open+0x20b/0x470 [ 1123.907856][T27088] ? __pfx_do_filp_open+0x10/0x10 [ 1123.907885][T27088] ? alloc_fd+0x471/0x7d0 [ 1123.907904][T27088] do_sys_openat2+0x11b/0x1d0 [ 1123.907924][T27088] ? __pfx_do_sys_openat2+0x10/0x10 [ 1123.907951][T27088] __x64_sys_openat+0x174/0x210 [ 1123.907972][T27088] ? __pfx___x64_sys_openat+0x10/0x10 [ 1123.907999][T27088] do_syscall_64+0xcd/0xfa0 [ 1123.908018][T27088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1123.908033][T27088] RIP: 0033:0x7fb55dd8f6c9 [ 1123.908045][T27088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1123.908059][T27088] RSP: 002b:00007fb55eb68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1123.908073][T27088] RAX: ffffffffffffffda RBX: 00007fb55dfe6090 RCX: 00007fb55dd8f6c9 [ 1123.908083][T27088] RDX: 0000000000000641 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1123.908092][T27088] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1123.908101][T27088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1123.908109][T27088] R13: 00007fb55dfe6128 R14: 00007fb55dfe6090 R15: 00007fffd7e3ff28 [ 1123.908129][T27088] [ 1124.631990][T25622] Bluetooth: hci0: command 0x0c1a tx timeout [ 1124.848703][T25622] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1126.314857][T27129] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7099'. [ 1126.519282][T27120] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1126.544767][T27120] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1126.587278][T27120] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1126.627521][T27120] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1126.679021][T27120] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1126.706753][T27120] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1126.729976][T27120] CPU0 is offline. [ 1127.644003][T27145] could not allocate digest TFM handle [ 1127.731303][T26879] Bluetooth: hci3: command 0x0406 tx timeout [ 1127.822467][T26879] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 1128.396370][T27165] FAULT_INJECTION: forcing a failure. [ 1128.396370][T27165] name failslab, interval 1, probability 0, space 0, times 0 [ 1128.479373][T27165] CPU: 1 UID: 0 PID: 27165 Comm: syz.9.7111 Not tainted syzkaller #0 PREEMPT(full) [ 1128.479461][T27165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1128.479473][T27165] Call Trace: [ 1128.479481][T27165] [ 1128.479488][T27165] dump_stack_lvl+0x16c/0x1f0 [ 1128.479513][T27165] should_fail_ex+0x512/0x640 [ 1128.479536][T27165] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1128.479553][T27165] should_failslab+0xc2/0x120 [ 1128.479573][T27165] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1128.479588][T27165] ? __pmd_alloc+0xbf/0x8b0 [ 1128.479610][T27165] ? __pmd_alloc+0xbf/0x8b0 [ 1128.479627][T27165] __pmd_alloc+0xbf/0x8b0 [ 1128.479648][T27165] __handle_mm_fault+0xada/0x2aa0 [ 1128.479672][T27165] ? mt_find+0x3e2/0xa20 [ 1128.479690][T27165] ? __pfx___handle_mm_fault+0x10/0x10 [ 1128.479711][T27165] ? __pfx_mt_find+0x10/0x10 [ 1128.479738][T27165] ? find_vma+0xbf/0x140 [ 1128.479754][T27165] ? __pfx_find_vma+0x10/0x10 [ 1128.479773][T27165] handle_mm_fault+0x589/0xd10 [ 1128.479795][T27165] ? __pkru_allows_pkey+0x21/0xb0 [ 1128.479822][T27165] do_user_addr_fault+0x7a6/0x1370 [ 1128.479837][T27165] ? rcu_is_watching+0x12/0xc0 [ 1128.479855][T27165] exc_page_fault+0x64/0xc0 [ 1128.479872][T27165] asm_exc_page_fault+0x26/0x30 [ 1128.479887][T27165] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1128.479909][T27165] Code: c4 10 e9 84 3c 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 [ 1128.479924][T27165] RSP: 0018:ffffc9000c0a7d60 EFLAGS: 00050202 [ 1128.479937][T27165] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 1128.479947][T27165] RDX: fffff52001814fba RSI: 0000000000000000 RDI: ffffc9000c0a7dd0 [ 1128.479956][T27165] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52001814fba [ 1128.479965][T27165] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 1128.479973][T27165] R13: ffffc9000c0a7dd0 R14: 0000000000000000 R15: 0000000000000000 [ 1128.479992][T27165] _copy_from_user+0x98/0xd0 [ 1128.480024][T27165] do_sock_getsockopt+0x3ca/0x440 [ 1128.480045][T27165] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1128.480061][T27165] ? __fget_files+0x204/0x3c0 [ 1128.480079][T27165] ? 0xffffffffff600000 [ 1128.480098][T27165] __sys_getsockopt+0x123/0x1b0 [ 1128.480145][T27165] ? 0xffffffffff600000 [ 1128.480159][T27165] __x64_sys_getsockopt+0xbd/0x160 [ 1128.480181][T27165] ? do_syscall_64+0x91/0xfa0 [ 1128.480198][T27165] ? lockdep_hardirqs_on+0x7c/0x110 [ 1128.480215][T27165] do_syscall_64+0xcd/0xfa0 [ 1128.480233][T27165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1128.480249][T27165] RIP: 0033:0x7ff5da98f6c9 [ 1128.480262][T27165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1128.480276][T27165] RSP: 002b:00007ff5db8c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1128.480290][T27165] RAX: ffffffffffffffda RBX: 00007ff5dabe5fa0 RCX: 00007ff5da98f6c9 [ 1128.480300][T27165] RDX: 0000000000000005 RSI: 0000000000000114 RDI: 0000000000000006 [ 1128.480310][T27165] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1128.480320][T27165] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000 [ 1128.480329][T27165] R13: 00007ff5dabe6038 R14: 00007ff5dabe5fa0 R15: 00007fffa5b58cb8 [ 1128.480342][T27165] ? 0xffffffffff600000 [ 1128.480360][T27165] [ 1129.326848][T25622] Bluetooth: hci2: command 0x0406 tx timeout [ 1129.333464][T25622] Bluetooth: hci4: command 0x0406 tx timeout [ 1129.340486][T25622] Bluetooth: hci0: command 0x0c1a tx timeout [ 1129.463348][T27174] netlink: 206 bytes leftover after parsing attributes in process `syz.7.7113'. [ 1130.713338][T27189] netlink: 338 bytes leftover after parsing attributes in process `syz.8.7119'. [ 1130.767640][T27189] ipvlan1: entered allmulticast mode [ 1130.773072][T27189] veth0_vlan: entered allmulticast mode [ 1130.957469][T27188] Process accounting paused [ 1131.396258][T26879] Bluetooth: hci0: command 0x0c1a tx timeout [ 1131.404290][T25622] Bluetooth: hci4: command 0x0406 tx timeout [ 1131.412064][T25861] Bluetooth: hci2: command 0x0406 tx timeout [ 1132.294216][T26879] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1132.758930][T27222] netlink: 25 bytes leftover after parsing attributes in process `syz.8.7126'. [ 1133.300648][T27231] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 1133.368816][T27232] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 1134.338278][T26879] Bluetooth: hci3: command 0x0406 tx timeout [ 1134.644486][T27257] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7138'. [ 1134.678744][T27257] netlink: 25 bytes leftover after parsing attributes in process `syz.9.7138'. [ 1135.314471][T27271] random: crng reseeded on system resumption [ 1137.222973][T27299] kAFS: unparsable volume name [ 1141.565196][T27371] FAULT_INJECTION: forcing a failure. [ 1141.565196][T27371] name failslab, interval 1, probability 0, space 0, times 0 [ 1141.707880][T27374] random: crng reseeded on system resumption [ 1141.732241][T27371] CPU: 1 UID: 0 PID: 27371 Comm: syz.8.7169 Not tainted syzkaller #0 PREEMPT(full) [ 1141.732265][T27371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1141.732274][T27371] Call Trace: [ 1141.732280][T27371] [ 1141.732286][T27371] dump_stack_lvl+0x16c/0x1f0 [ 1141.732309][T27371] should_fail_ex+0x512/0x640 [ 1141.732339][T27371] should_failslab+0xc2/0x120 [ 1141.732358][T27371] __kmalloc_cache_noprof+0x72/0x780 [ 1141.732382][T27371] ? sctp_raw_to_bind_addrs+0x241/0x2c0 [ 1141.732398][T27371] ? sctp_add_bind_addr+0xae/0x3f0 [ 1141.732415][T27371] ? sctp_add_bind_addr+0xae/0x3f0 [ 1141.732428][T27371] sctp_add_bind_addr+0xae/0x3f0 [ 1141.732445][T27371] sctp_unpack_cookie+0xba7/0xd20 [ 1141.732465][T27371] ? __pfx_sctp_unpack_cookie+0x10/0x10 [ 1141.732481][T27371] ? arch_stack_walk+0xa6/0x100 [ 1141.732504][T27371] sctp_sf_do_5_2_4_dupcook+0x2d5/0x2ed0 [ 1141.732529][T27371] ? __pfx_sctp_sf_do_5_2_4_dupcook+0x10/0x10 [ 1141.732550][T27371] ? sctp_sm_lookup_event+0x15b/0x570 [ 1141.732564][T27371] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 1141.732579][T27371] ? kmem_cache_free+0x2d4/0x6c0 [ 1141.732593][T27371] ? sctp_chunk_put+0x205/0x2c0 [ 1141.732606][T27371] ? sctp_inq_pop+0x5d7/0xf80 [ 1141.732623][T27371] ? sctp_assoc_bh_rcv+0x117/0x6f0 [ 1141.732639][T27371] ? sctp_inq_push+0x1db/0x270 [ 1141.732658][T27371] ? __pfx_sctp_cname+0x10/0x10 [ 1141.732672][T27371] sctp_do_sm+0x181/0x5c80 [ 1141.732694][T27371] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1141.732713][T27371] ? __pfx_sctp_do_sm+0x10/0x10 [ 1141.732757][T27371] ? ktime_get+0x200/0x310 [ 1141.732774][T27371] ? lockdep_hardirqs_on+0x7c/0x110 [ 1141.732795][T27371] sctp_assoc_bh_rcv+0x392/0x6f0 [ 1141.732820][T27371] sctp_inq_push+0x1db/0x270 [ 1141.732840][T27371] sctp_backlog_rcv+0x169/0x590 [ 1141.732864][T27371] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 1141.732886][T27371] __release_sock+0x3a9/0x450 [ 1141.732901][T27371] ? lockdep_hardirqs_on+0x7c/0x110 [ 1141.732921][T27371] release_sock+0x5a/0x220 [ 1141.732935][T27371] sctp_wait_for_connect+0x1c3/0x5c0 [ 1141.732955][T27371] ? __pfx_sctp_wait_for_connect+0x10/0x10 [ 1141.732973][T27371] ? skb_set_owner_w+0x31f/0x710 [ 1141.732993][T27371] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1141.733011][T27371] ? sctp_datamsg_put+0x58/0x5f0 [ 1141.733034][T27371] ? sctp_primitive_SEND+0x9f/0xd0 [ 1141.733065][T27371] sctp_sendmsg_to_asoc+0x180f/0x1bd0 [ 1141.733085][T27371] ? sctp_assoc_set_primary+0x141/0x300 [ 1141.733105][T27371] ? sctp_assoc_add_peer+0x252/0x1550 [ 1141.733129][T27371] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 1141.733147][T27371] ? sctp_connect_new_asoc+0x41e/0x770 [ 1141.733169][T27371] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1141.733191][T27371] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 1141.733212][T27371] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1141.733237][T27371] sctp_sendmsg+0xe99/0x1e00 [ 1141.733263][T27371] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1141.733281][T27371] ? __pfx___might_resched+0x10/0x10 [ 1141.733301][T27371] ? aa_sk_perm+0x2f4/0xb10 [ 1141.733318][T27371] ? __pfx_aa_sk_perm+0x10/0x10 [ 1141.733337][T27371] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1141.733358][T27371] inet_sendmsg+0x11c/0x140 [ 1141.733380][T27371] ____sys_sendmsg+0x973/0xc70 [ 1141.733400][T27371] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1141.733420][T27371] ? find_held_lock+0x2b/0x80 [ 1141.733436][T27371] ? futex_unqueue+0x133/0x2c0 [ 1141.733458][T27371] ___sys_sendmsg+0x134/0x1d0 [ 1141.733474][T27371] ? __pfx____sys_sendmsg+0x10/0x10 [ 1141.733497][T27371] ? find_held_lock+0x2b/0x80 [ 1141.733523][T27371] __sys_sendmmsg+0x200/0x420 [ 1141.733540][T27371] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1141.733559][T27371] ? __pfx_do_futex+0x10/0x10 [ 1141.733588][T27371] ? xfd_validate_state+0x61/0x180 [ 1141.733607][T27371] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1141.733627][T27371] __x64_sys_sendmmsg+0x9c/0x100 [ 1141.733640][T27371] ? lockdep_hardirqs_on+0x7c/0x110 [ 1141.733656][T27371] do_syscall_64+0xcd/0xfa0 [ 1141.733675][T27371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1141.733689][T27371] RIP: 0033:0x7f95b178f6c9 [ 1141.733702][T27371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1141.733716][T27371] RSP: 002b:00007f95b2620038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1141.733731][T27371] RAX: ffffffffffffffda RBX: 00007f95b19e5fa0 RCX: 00007f95b178f6c9 [ 1141.733741][T27371] RDX: 0000000000000008 RSI: 0000200000000140 RDI: 0000000000000003 [ 1141.733751][T27371] RBP: 00007f95b1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1141.733760][T27371] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 1141.733769][T27371] R13: 00007f95b19e6038 R14: 00007f95b19e5fa0 R15: 00007ffcdbcd14f8 [ 1141.733789][T27371] [ 1143.157433][T27377] binder: 27376:27377 ioctl 5380 2000000000c0 returned -22 [ 1143.209428][T27377] sd 0:0:1:0: PR command failed: 1026 [ 1143.258965][T27377] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1143.267146][T27380] netlink: 186 bytes leftover after parsing attributes in process `syz.9.7172'. [ 1143.299731][T27377] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1143.365718][T27385] kAFS: unparsable volume name [ 1143.448535][T27379] can: request_module (can-proto-5) failed. [ 1145.484248][T27424] FAULT_INJECTION: forcing a failure. [ 1145.484248][T27424] name failslab, interval 1, probability 0, space 0, times 0 [ 1145.548022][T27424] CPU: 1 UID: 0 PID: 27424 Comm: syz.7.7180 Not tainted syzkaller #0 PREEMPT(full) [ 1145.548064][T27424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1145.548085][T27424] Call Trace: [ 1145.548091][T27424] [ 1145.548097][T27424] dump_stack_lvl+0x16c/0x1f0 [ 1145.548119][T27424] should_fail_ex+0x512/0x640 [ 1145.548145][T27424] should_failslab+0xc2/0x120 [ 1145.548165][T27424] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1145.548181][T27424] ? __alloc_skb+0x2b2/0x380 [ 1145.548207][T27424] ? __alloc_skb+0x2b2/0x380 [ 1145.548226][T27424] __alloc_skb+0x2b2/0x380 [ 1145.548248][T27424] ? __pfx___alloc_skb+0x10/0x10 [ 1145.548279][T27424] sctp_ulpevent_make_assoc_change+0x75a/0x9c0 [ 1145.548303][T27424] sctp_sf_do_5_2_4_dupcook+0x104e/0x2ed0 [ 1145.548330][T27424] ? __pfx_sctp_sf_do_5_2_4_dupcook+0x10/0x10 [ 1145.548351][T27424] ? sctp_sm_lookup_event+0x15b/0x570 [ 1145.548365][T27424] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 1145.548380][T27424] ? kmem_cache_free+0x2d4/0x6c0 [ 1145.548394][T27424] ? sctp_chunk_put+0x205/0x2c0 [ 1145.548406][T27424] ? sctp_inq_pop+0x5d7/0xf80 [ 1145.548424][T27424] ? sctp_assoc_bh_rcv+0x117/0x6f0 [ 1145.548441][T27424] ? sctp_inq_push+0x1db/0x270 [ 1145.548460][T27424] ? __pfx_sctp_cname+0x10/0x10 [ 1145.548473][T27424] sctp_do_sm+0x181/0x5c80 [ 1145.548495][T27424] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1145.548514][T27424] ? __pfx_sctp_do_sm+0x10/0x10 [ 1145.548558][T27424] ? ktime_get+0x200/0x310 [ 1145.548575][T27424] ? lockdep_hardirqs_on+0x7c/0x110 [ 1145.548595][T27424] sctp_assoc_bh_rcv+0x392/0x6f0 [ 1145.548619][T27424] sctp_inq_push+0x1db/0x270 [ 1145.548639][T27424] sctp_backlog_rcv+0x169/0x590 [ 1145.548663][T27424] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 1145.548684][T27424] __release_sock+0x3a9/0x450 [ 1145.548699][T27424] ? lockdep_hardirqs_on+0x7c/0x110 [ 1145.548726][T27424] release_sock+0x5a/0x220 [ 1145.548742][T27424] sctp_wait_for_connect+0x1c3/0x5c0 [ 1145.548764][T27424] ? __pfx_sctp_wait_for_connect+0x10/0x10 [ 1145.548782][T27424] ? skb_set_owner_w+0x31f/0x710 [ 1145.548803][T27424] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1145.548821][T27424] ? sctp_datamsg_put+0x58/0x5f0 [ 1145.548851][T27424] ? sctp_primitive_SEND+0x9f/0xd0 [ 1145.548875][T27424] sctp_sendmsg_to_asoc+0x180f/0x1bd0 [ 1145.548894][T27424] ? sctp_assoc_set_primary+0x141/0x300 [ 1145.548914][T27424] ? sctp_assoc_add_peer+0x252/0x1550 [ 1145.548937][T27424] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 1145.548954][T27424] ? sctp_connect_new_asoc+0x41e/0x770 [ 1145.548975][T27424] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1145.548996][T27424] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 1145.549016][T27424] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1145.549042][T27424] sctp_sendmsg+0xe99/0x1e00 [ 1145.549067][T27424] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1145.549085][T27424] ? __pfx___might_resched+0x10/0x10 [ 1145.549104][T27424] ? aa_sk_perm+0x2f4/0xb10 [ 1145.549120][T27424] ? __pfx_aa_sk_perm+0x10/0x10 [ 1145.549139][T27424] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1145.549160][T27424] inet_sendmsg+0x11c/0x140 [ 1145.549182][T27424] ____sys_sendmsg+0x973/0xc70 [ 1145.549202][T27424] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1145.549221][T27424] ? find_held_lock+0x2b/0x80 [ 1145.549236][T27424] ? futex_unqueue+0x133/0x2c0 [ 1145.549258][T27424] ___sys_sendmsg+0x134/0x1d0 [ 1145.549273][T27424] ? __pfx____sys_sendmsg+0x10/0x10 [ 1145.549295][T27424] ? find_held_lock+0x2b/0x80 [ 1145.549321][T27424] __sys_sendmmsg+0x200/0x420 [ 1145.549338][T27424] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1145.549357][T27424] ? __pfx_do_futex+0x10/0x10 [ 1145.549386][T27424] ? xfd_validate_state+0x61/0x180 [ 1145.549405][T27424] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1145.549425][T27424] __x64_sys_sendmmsg+0x9c/0x100 [ 1145.549439][T27424] ? lockdep_hardirqs_on+0x7c/0x110 [ 1145.549455][T27424] do_syscall_64+0xcd/0xfa0 [ 1145.549473][T27424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1145.549488][T27424] RIP: 0033:0x7fb55dd8f6c9 [ 1145.549501][T27424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1145.549515][T27424] RSP: 002b:00007fb55eb89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1145.549530][T27424] RAX: ffffffffffffffda RBX: 00007fb55dfe5fa0 RCX: 00007fb55dd8f6c9 [ 1145.549540][T27424] RDX: 0000000000000008 RSI: 0000200000000140 RDI: 0000000000000003 [ 1145.549549][T27424] RBP: 00007fb55de11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1145.549558][T27424] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 1145.549567][T27424] R13: 00007fb55dfe6038 R14: 00007fb55dfe5fa0 R15: 00007fffd7e3ff28 [ 1145.549587][T27424] [ 1146.877717][T27432] ubi31: attaching mtd0 [ 1146.888954][T27432] ubi31: scanning is finished [ 1146.897873][T27432] ubi31 error: ubi_read_volume_table: the layout volume was not found [ 1147.231837][T27432] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1150.826910][T27487] netlink: 5 bytes leftover after parsing attributes in process `syz.7.7195'. [ 1151.893639][T27519] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3930829162 (15723316648 ns) > initial count (10539976056 ns). Using initial count to start timer. [ 1153.687536][T27554] netlink: 25 bytes leftover after parsing attributes in process `syz.8.7212'. [ 1155.647942][ T30] audit: type=1326 audit(4294967344.304:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27577 comm="syz.9.7221" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff5da98f6c9 code=0x0 [ 1155.669708][ C1] vkms_vblank_simulate: vblank timer overrun [ 1155.731655][T27582] FAULT_INJECTION: forcing a failure. [ 1155.731655][T27582] name failslab, interval 1, probability 0, space 0, times 0 [ 1155.781255][T27582] CPU: 1 UID: 0 PID: 27582 Comm: syz.9.7221 Not tainted syzkaller #0 PREEMPT(full) [ 1155.781282][T27582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1155.781292][T27582] Call Trace: [ 1155.781297][T27582] [ 1155.781303][T27582] dump_stack_lvl+0x16c/0x1f0 [ 1155.781326][T27582] should_fail_ex+0x512/0x640 [ 1155.781349][T27582] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1155.781374][T27582] should_failslab+0xc2/0x120 [ 1155.781394][T27582] __kmalloc_cache_noprof+0x72/0x780 [ 1155.781417][T27582] ? snd_pcm_oss_change_params_locked+0x211/0x3a30 [ 1155.781441][T27582] ? snd_pcm_oss_change_params_locked+0x211/0x3a30 [ 1155.781461][T27582] snd_pcm_oss_change_params_locked+0x211/0x3a30 [ 1155.781485][T27582] ? __mutex_lock+0x1c5/0x1060 [ 1155.781507][T27582] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1155.781528][T27582] ? __pfx___mutex_lock+0x10/0x10 [ 1155.781550][T27582] ? __fsnotify_parent+0x24b/0xc40 [ 1155.781571][T27582] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1155.781591][T27582] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1155.781609][T27582] snd_pcm_oss_sync+0x1de/0x840 [ 1155.781630][T27582] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1155.781648][T27582] snd_pcm_oss_release+0x28b/0x310 [ 1155.781668][T27582] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1155.781686][T27582] __fput+0x402/0xb70 [ 1155.781709][T27582] task_work_run+0x150/0x240 [ 1155.781732][T27582] ? __pfx_task_work_run+0x10/0x10 [ 1155.781754][T27582] ? __pfx___do_sys_close_range+0x10/0x10 [ 1155.781774][T27582] exit_to_user_mode_loop+0xec/0x130 [ 1155.781797][T27582] do_syscall_64+0x426/0xfa0 [ 1155.781816][T27582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1155.781830][T27582] RIP: 0033:0x7ff5da98f6c9 [ 1155.781843][T27582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1155.781857][T27582] RSP: 002b:00007ff5db8a5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1155.781872][T27582] RAX: 0000000000000000 RBX: 00007ff5dabe6090 RCX: 00007ff5da98f6c9 [ 1155.781882][T27582] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 1155.781891][T27582] RBP: 00007ff5daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1155.781899][T27582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1155.781908][T27582] R13: 00007ff5dabe6128 R14: 00007ff5dabe6090 R15: 00007fffa5b58cb8 [ 1155.781927][T27582] [ 1156.022770][ C1] vkms_vblank_simulate: vblank timer overrun [ 1158.612970][T27618] netlink: 146 bytes leftover after parsing attributes in process `syz.9.7232'. [ 1160.848913][T27656] netlink: 186 bytes leftover after parsing attributes in process `syz.7.7243'. [ 1161.111754][T27645] Process accounting resumed [ 1162.364764][T27674] zswap: compressor not available [ 1163.227138][ T31] INFO: task kworker/u10:1:25303 blocked for more than 143 seconds. [ 1163.236717][ T31] Not tainted syzkaller #0 [ 1163.241834][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1163.301364][ T31] task:kworker/u10:1 state:D stack:25992 pid:25303 tgid:25303 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1163.355775][ T31] Workqueue: netns cleanup_net [ 1163.378197][ T31] Call Trace: [ 1163.397242][ T31] [ 1163.413172][ T31] __schedule+0x1190/0x5de0 [ 1163.443921][ T31] ? __lock_acquire+0x622/0x1c90 [ 1163.469359][ T31] ? __pfx___schedule+0x10/0x10 [ 1163.509429][ T31] ? find_held_lock+0x2b/0x80 [ 1163.525146][ T31] ? schedule+0x2d7/0x3a0 [ 1163.546629][ T31] schedule+0xe7/0x3a0 [ 1163.560755][ T31] schedule_timeout+0x257/0x290 [ 1163.577969][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1163.595637][ T31] ? mark_held_locks+0x49/0x80 [ 1163.615026][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1163.658082][ T31] __wait_for_common+0x2fc/0x4e0 [ 1163.752830][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1163.804152][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1163.809683][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1163.873490][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 1163.880310][ T31] __flush_workqueue+0x3e2/0x1230 [ 1163.952934][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 1163.958550][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 1164.012507][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1164.019436][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1164.102007][ T31] rds_tcp_listen_stop+0x104/0x150 [ 1164.107227][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1164.151724][ T31] rds_tcp_exit_net+0xcb/0x810 [ 1164.156697][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1164.201418][ T31] ? __pfx___might_resched+0x10/0x10 [ 1164.206939][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1164.271220][ T31] ops_undo_list+0x2ee/0xab0 [ 1164.276130][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 1164.310214][ T31] ? cleanup_net+0x347/0x8b0 [ 1164.329319][ T31] ? idr_destroy+0x62/0x2e0 [ 1164.353111][ T31] cleanup_net+0x41b/0x8b0 [ 1164.357775][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1164.390513][ T31] ? rcu_is_watching+0x12/0xc0 [ 1164.395922][ T31] process_one_work+0x9cf/0x1b70 [ 1164.430336][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1164.438231][ T31] ? assign_work+0x1a0/0x250 [ 1164.474542][ T31] worker_thread+0x6c8/0xf10 [ 1164.491417][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1164.499691][ T31] kthread+0x3c5/0x780 [ 1164.529779][ T31] ? __pfx_kthread+0x10/0x10 [ 1164.536363][ T31] ? rcu_is_watching+0x12/0xc0 [ 1164.560103][ T31] ? __pfx_kthread+0x10/0x10 [ 1164.566690][ T31] ret_from_fork+0x675/0x7d0 [ 1164.589472][ T31] ? __pfx_kthread+0x10/0x10 [ 1164.596162][ T31] ret_from_fork_asm+0x1a/0x30 [ 1164.633363][ T31] [ 1164.643322][ T31] [ 1164.643322][ T31] Showing all locks held in the system: [ 1164.752154][ T31] 1 lock held by khungtaskd/31: [ 1164.758129][ T31] #0: ffffffff8e3c45a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1164.808564][ T31] 3 locks held by kworker/1:1/43: [ 1164.814027][ T31] #0: ffff88813ff15948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1164.859822][ T31] #1: ffffc90000b37d00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1164.892949][ T31] #2: ffff88807e001240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1b6/0x6da0 [ 1164.917764][ T31] 3 locks held by kworker/1:6/5880: [ 1164.927138][ T31] #0: ffff88813ff15948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1164.987339][ T31] #1: ffffc9000454fd00 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1165.017232][ T31] #2: ffffffff8e3cfb38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 1165.037669][ T31] 1 lock held by syz.8.4193/18094: [ 1165.044122][ T31] 2 locks held by syz.3.4248/18240: [ 1165.082432][ T31] #0: ffff88807bbd4dc8 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 1165.093912][ T31] #1: ffff88807bbd40b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0 [ 1165.106095][ T31] 2 locks held by getty/23792: [ 1165.112513][ T31] #0: ffff8880348720a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1165.126279][ T31] #1: ffffc90002f722f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1165.141129][ T31] 3 locks held by kworker/u10:1/25303: [ 1165.147841][ T31] #0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1165.159764][ T31] #1: ffffc90004aafd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1165.170669][ T31] #2: ffffffff900d4610 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0 [ 1165.186098][ T31] 3 locks held by kworker/u10:4/25335: [ 1165.192746][ T31] #0: ffff88813ff29948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1165.205170][ T31] #1: ffffc90004c5fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1165.218356][ T31] #2: ffffffff900eaa48 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 [ 1165.228376][ T31] 2 locks held by syz.9.6647/25615: [ 1165.233994][ T31] #0: ffffffff900eaa48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 1165.243822][ T31] #1: ffffffff8e3cfb38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 1165.254456][ T31] 1 lock held by syz.3.7239/27641: [ 1165.260341][ T31] #0: ffff888041aa8d88 (&sb->s_type->i_mutex_key#11){+.+.}-{4:4}, at: __sock_release+0x86/0x270 [ 1165.272687][ T31] 2 locks held by syz.7.7248/27676: [ 1165.278463][ T31] #0: ffffffff900d4610 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690 [ 1165.298176][ T31] #1: ffffffff900eaa48 (rtnl_mutex){+.+.}-{4:4}, at: cfg80211_pernet_exit+0x17/0x150 [ 1165.308354][ T31] 2 locks held by syz.9.7251/27687: [ 1165.313684][ T31] #0: ffffffff900d4610 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690 [ 1165.323602][ T31] #1: ffffffff900eaa48 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7e9/0xab0 [ 1165.382792][ T31] [ 1165.385166][ T31] ============================================= [ 1165.385166][ T31] [ 1165.437040][ T31] NMI backtrace for cpu 1 [ 1165.437057][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 1165.437075][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1165.437085][ T31] Call Trace: [ 1165.437090][ T31] [ 1165.437096][ T31] dump_stack_lvl+0x116/0x1f0 [ 1165.437117][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1165.437138][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 1165.437155][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1165.437177][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1165.437201][ T31] watchdog+0xf3f/0x1170 [ 1165.437217][ T31] ? rcu_is_watching+0x12/0xc0 [ 1165.437238][ T31] ? __pfx_watchdog+0x10/0x10 [ 1165.437250][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1165.437268][ T31] ? __kthread_parkme+0x19e/0x250 [ 1165.437287][ T31] ? __pfx_watchdog+0x10/0x10 [ 1165.437305][ T31] kthread+0x3c5/0x780 [ 1165.437325][ T31] ? __pfx_kthread+0x10/0x10 [ 1165.437346][ T31] ? rcu_is_watching+0x12/0xc0 [ 1165.437361][ T31] ? __pfx_kthread+0x10/0x10 [ 1165.437381][ T31] ret_from_fork+0x675/0x7d0 [ 1165.437402][ T31] ? __pfx_kthread+0x10/0x10 [ 1165.437422][ T31] ret_from_fork_asm+0x1a/0x30 [ 1165.437454][ T31] [ 1165.965047][T18094] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1166.014041][T27641] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1166.026764][T18094] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.8.4193: Error -117 reading block bitmap for 2 [ 1166.071850][T27641] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.3.7239: Error -117 reading block bitmap for 2 [ 1166.145421][T18094] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1166.171778][T27641] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1166.195295][T27687] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1166.233144][T27687] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.9.7251: Error -117 reading block bitmap for 2 [ 1166.307176][T27687] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1166.558683][T27676] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.7.7248: Error -117 reading block bitmap for 2