last executing test programs: 21m58.72346797s ago: executing program 0 (id=443): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, &(0x7f00000000c0)={0x3, 0x0, 0x7fff, @raw=0x5}, 0x8) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000040)='nsKcg>', 0x2) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) (async) mbind$auto(0x1, 0x6, 0x4e, &(0x7f00000000c0)=0x2, 0x7fffffff, 0x1) (async) mmap$auto(0x4, 0x7ff, 0x8, 0xeb1, 0x401, 0x200) (async) timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x1) socket(0xa, 0x2, 0x88) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu0/hotplug/target\x00', 0xc3100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/49, 0x31) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) get_robust_list$auto(0x0, 0x0, 0x0) (async) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000001040)={0x80, 0x6, 0xf00, 0x1, 0x101, 0x0, 0x0}) (async) r2 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) (async) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r2, @ANYRES16=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060006004000000006"], 0x6c}}, 0x10) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async) r3 = socket(0x10, 0x2, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) (async) mount$auto(0x0, &(0x7f00000002c0)='}[,&*}\x00', &(0x7f0000000180)='nfsd\x00', 0x6, &(0x7f00000001c0)="5e0842d42d") sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 21m57.912102798s ago: executing program 0 (id=444): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) pipe2$auto(0x0, 0x80) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) shutdown$auto(0x200000003, 0x2) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) shutdown$auto(0x200000003, 0x2) 21m57.400717922s ago: executing program 0 (id=445): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x0) getsockopt$auto(0x3, 0x200000000001, 0x2a, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto(r0, 0x80045438, 0xffffffffffffffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x40100, 0x0) read$auto_proc_pagemap_operations_internal(r1, &(0x7f0000001540)=""/209, 0xd1) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000100), 0xffffffffffffffff) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r2, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7a197166480ef899794cab4b61107cdae019c6139ce8761b5e", 0x5f) capget$auto(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000800020046e71d095bc1043a10c5000000079dbf245e862e0acf3800"/41, @ANYRES32=0x4, @ANYBLOB="080001004866520008000200", @ANYRES32=0x9, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x3f00000000000000, 0x20040011}, 0x20000000) r7 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r7, &(0x7f0000000240)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6\xd6z\xfa\xb8\x10hM\xe4\x15\x92R\xb9&$\x99\xb5r\xe3\xcb\\|\xff\xf8\x8d\x0f\xd1[\x19\x81\xa1\x8c\xee\xde\x9a\xe5\xbc\xcc\xec\xbdu(\xf3\xe5\x0e>u\xc9U\x8ch\xdc~\xbcg>\x06F\xc0;\xa6\x90\xe6y*\xd4\x0fT(\xd5Y\xe6B\xeaB\xab\x1b\xb0\xd1\x86h\xe0\xa6\x8c\xd7\xe3\xa0\x91\x9d\xe9)\xe1\xd0\x87V1\xb1\x9e\xd7onJ\"c\xcf\xfb\xd6\x17\x15n\xd0~~\xfd\x02Y\x9f\xb0\xc7G>fF\x89\xfc\xb54\xc6.', 0x7ff, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_enter$auto(0xffffffffffffffff, 0x6, 0xfffffffe, 0x6b80, 0x0, 0x5) 21m55.83314362s ago: executing program 0 (id=448): bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000000)=@bpf_attr_11={0x7, 0x9, 0x7fff, 0x69c4f446, 0x50, 0xfff, 0x5, 0xffffffffffffffff}, 0xea63) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000440)="671f264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4b9b4c", 0x24) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x2, 0x1, 0x0) r3 = socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r4, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000007bcd5d5d61a604ceda92aa45cac023559f1809930a62a3791fd84efb1136b34ed91b333e4cf2507e464102c42e43168abb9f79c7ad419fc78372858cb0952fb4a1da6f2d930d33fd42d47ef65d978cd7bbe3aa0452239eabe2caa05b7c8b24feb140f4a7e97190c19cb4899e418c44eade03db1c6caa43dc6bb01bd651d7b54395f6f31e98bc6211b2d75d05945df4924ad9efb0fba173a8ab1dfe67d8c98d667fd2c599cc35f20ca058b144783a524bbb0a69a95f59e44a41840279e93f0449013e6ee0ba8b4fb8811938b7d7cae532098ac56ebd19c51c5d367d98b17d026728a238cbad0ab1c3082277ace02f97f72d06", @ANYRES16=r5, @ANYBLOB="010025bd7000fddbdf2501000000100007800c00018008000180000000000c00020006000000000000000c000500f7ffffffffffffff"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x5, 0x0, 0x2, 0x0, 0xfffffffffffffffc, 0x4}, 0x7}, 0x3, 0xcad7) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0x100085) pread64$auto(r0, &(0x7f00000000c0)='\'-\x00', 0x3, 0x6) r6 = socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x2020009, 0xfffffffffffffffd, 0xb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, r6, 0x3, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x100) 21m55.049623858s ago: executing program 0 (id=452): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) (async) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) (async) write$auto(0x1, 0x0, 0x80000000) (async) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x3, 0x8, 0x5) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) msgctl$auto_IPC_RMID(0x7399, 0x0, &(0x7f0000000200)={{0x4, 0xee01, 0xee01, 0x7, 0x2, 0x1000, 0xf002}, &(0x7f0000000180)=0x2, &(0x7f00000001c0)=0x1, 0x9, 0x8, 0x62, 0x0, 0x7fffffff, 0x83, 0x6, 0x300, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff}) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x400000000005, 0xfffffffffffffffa, 0xa9, 0x4, 0x0, r0, 0x0, 0x2000000006, 0x7fffffff, 0xfffffffffffffdfe, 0x3, 0x8, 0x5, 0x100000000, 0x4, 0x1, 0x53}, 0x1) (async) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) (async) socket(0x3, 0x80000, 0x6) (async) r2 = prctl$auto(0x21, 0x0, 0x1, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xc2082, 0x0) write$auto(r3, 0x0, 0x5) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r5 = socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f0000000280)='+dEvRaut7\xd9\x9b\x00', 0x5) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) (async) lseek$auto(r4, 0x7, 0x0) munmap$auto(0x8000, 0xffffffff) pread64$auto(0xffffffffffffffff, 0x0, 0x7, 0x8001) close_range$auto(0x2, 0xa, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x2a801, 0x0) (async) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000008c0)={0x474, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_SSID={0x1b, 0x34, "76033fabece4ade3582f8a33bbd9196dd98a61442002e0"}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_MBSSID_ELEMS={0x2a0, 0x133, 0x0, 0x1, [@nested={0x78, 0x52, 0x0, 0x1, [@nested={0x4, 0x98}, @nested={0x4, 0x8}, @typed={0x14, 0xc, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}, @generic="45e39d244b9f0e0814d21e0eedcea2f0d4163cfb7c9515dc5fb3bc2559cc62fe16fe6269a19c8a2993c1fec74bf24480e98e1eb49635c38ddd0bf2631c2ebafd776ec550", @nested={0x4, 0xb2}, @typed={0x8, 0x12c, 0x0, 0x0, @fd=r2}, @nested={0x4, 0xa0}, @nested={0x4, 0x36}]}, @typed={0x4, 0x24}, @generic="c07d82d4768acc1a58c0c56ce2385682e9d87a4c10fc8f605671fb226b93195a4651ffa910d3fe322235bc8f854e2c5f45c161d124a2f76a7270e9709d18a11d2a2cf403a98ce33ae899bb9bf4f05fc3c54a5a298b5b2c2fb33bc2615b57e54fb7a64b0b25fc99cf1e8347394f646e23e0da62c453ad", @nested={0x21, 0x127, 0x0, 0x1, [@generic="f3683a6f15396f75d132e4d41581fab53ef3f2", @generic="5c705aae9a006229116a"]}, @generic="95b8d732e748b1665498ffa2538e6b5e469f435b1b5747454f3ad7fbeda051e288ad94fe81eb44376032bf47b9bc9127626cca72712b713ab0ce7c6a165a548e209b0f46494172f6342a5f8d842a1ceb235758fc0f0264eb0d853dbc8688d862122e7f2297dadbd586913fa6ba494d22ac1fcf91c0074182ae06e441fe6b9e5efd54c2380758aa642a258207dbb056482f49b05387d59fdb4d2688084712ca6b3f6e6989258c697a52d82ea8d02187237d95b19566d86fac640c46ad6eced97bc5434dc7bea9a08bc2153f7c", @typed={0x8, 0x6, 0x0, 0x0, @fd=r5}, @typed={0x8, 0x128, 0x0, 0x0, @pid=r1}, @nested={0x4, 0xf7}, @generic="222733fbb53eb0a8a2ce407ed808ddc3f9bf9e61a1ff393eacdd88f8dee42142a4eac011ddbe500f952eb25f269465b0cdaea371c4e27f6a5aa728bc747e466373058a744a8669c5d2d86f7718168a8174c5045cba8cf4c4341253c89a7de621f3e744f5149ab900147e1826e42ab3dcb682c286cd74024459ae02dcacebb9ae5e57e71bfed7870026526442018d4f47b5bbf1c470557b2e615068aed774f7dcd14df73b8723"]}, @NL80211_ATTR_STA_FLAGS2={0xc8, 0x43, "363484a758c564d598f561d05b38ecfedd24ef29f56eedae0dbec5760b12f7b605a8736748f61ad5788323cf90062465d3e111fc920f1431a53ee278f4a7ea0ea97a95f6affa1473dac4931fc911200736f4b82b1628c7d5bb045a429a944e4d49729d504cbf676fdd0655e471d865250f66fae7c78f5193e72df0658db128d8f99dac96fee74463e337c52cea0ad19e0b19ecac70932fc285f8d5abde34941bc488a63d3795634f09089ee233a46093d6e718e419feecdf914204594354aac73b683327"}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x3}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x1000}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xc7, 0xbd, "3d5f469099bbb0006da5442d8091248a884aec9df9f8b1707a77154b6b7d9ac14acf1c25b922def7797d84ff5cca5c8e946e46c9ddb6ed20531af099e267e73b0f1b7c1cec3ff448b03c43c7091ce81137c9a464725816d2ee4632c3865dbb428e1e5fb753cda6b0316e7fac97ccd4d97b791ed034f072e2ed1fbe7da1bcfc925ff0d2ee4128d50de9a482fbbdc4966840db3b3bf21ff2e0635a0915fee9b2705542f97d5d0b97aa9b76eaf7003477b1435034aea7aad8dc3a800a9eff8ce9cee931be"}]}, 0x474}, 0x1, 0x0, 0x0, 0x48801}, 0x800) pwrite64$auto(0xffffffffffffffff, &(0x7f00000000c0)='s\x9e.~\xeb{\xe2\x1f\x05\x89\xe2\xe1\xc8\x13^u\x0f', 0x1, 0x6) 21m53.891895585s ago: executing program 0 (id=454): unshare$auto(0x40000080) r0 = prctl$auto(0x23, 0xc, 0x2008, 0x9, 0x0) mmap$auto(0x5, 0x8000000003, 0x4000000000df, 0x40eb1, r0, 0x300000000000) (async, rerun: 64) r1 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x490201, 0x0) (rerun: 64) ioctl$auto_UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f0000000000)={0x9, 0x2}) (async) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async, rerun: 64) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/aqm\x00', 0x80, 0x0) (async) pread64$auto(r0, 0x0, 0xe5, 0x41) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_FLUSH(r2, &(0x7f00000024c0)={0x0, 0x0, 0x0}, 0x4000000) (async, rerun: 64) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129e01, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_STATS_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000ffdbdf25200000000c00038000000000b4030001186e310000000000000000000000000000aac2fbd38e18152f58b1d6600603b78d75eafe64e6000000000000007520a279d01de8ac42bc6c0a40c1ebd29bdfea4d10fe89b0ab9fb16c91c08e62ca1f16783af18e26b8c7b9dd327b7a00b684cbe9b57c8f788773ccaad82d5b7c1d2139332813a68f5674e64f88a4a49235"], 0x38}, 0x1, 0x0, 0x0, 0x4000844}, 0x4) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bpf$auto(0x10, &(0x7f0000000400)=@bpf_attr_7={@link_id=0x5, 0xea5, 0xf1cb, r6}, 0x92) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="020025bd7000fbdbdf25190000003c0001801400020068737230000000000000000000000000140002000000000000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300000000002800018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="1400020069703667726574617030000000000000480001800800030000000024140002000000000000000000000000000000000014000200776c616e3100000000000000000000001400020067726574617030000000000000000000"], 0xc0}, 0x1, 0x0, 0x0, 0x40002}, 0x80) (async) ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000500)={0x0, 0x0, "a68a78cddb9af7ac4c80865002a0d2e3", "213ea76652ad28e8b96ec5ed5243aea3", "25222c3aac25ccff5de7b81eefde747e7674da7f6154e6bcf81ec7dadaa3b485", "12f251f2492bb43c598ef0237d522cb86954c0763131c2f67eaa6356799448a9576c948fc3fb995daec2f1fc9170a70b4b71b44f04809f3ca99cb9b4e9d3abb67d33f3d3fe57d0289938f4ce01d60bfd", "e9e7f824968ee78f73dc2749d12c7e05", "402beaf8e2dfaba5303a6efa74256963183267b80c0b5a1f17a2c919b4c43dc3817ea4719a3e48cdb8c3e9873ecfe260f627c94bc35f96d615979b05547405d7e633a060cdb0fc80f9562c947ed257fd", "5c84948d2c357792b0c4be9a3a15ecfee836d93ae475d2bc8193e8ac53c0494bf16e9a6d85fa65416177e39fac9de9d4869f6e9602c6f01a500ba2ba3d5fef158c908f502afdfe316cf3ac63f1f4842ec3c180d103084776592ff9e4a66125f8f285cabc67891f381c9bcc345f41ee4f2d7f4bffb05d58b0377a76a50de67bb8"}) (async) r9 = getpgid(0x0) pidfd_open$auto(r9, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x80000001, "a2b8e85fc56865ba529faa0000000000000000000000692a240000008000", @raw=0x6}, 0x6, 0x5, 0x7, @inferred=r9, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d4c89bee7005c5affd5ab891b44e48364e8de3f344584996c31f9ae16c6c4f062d38f590125ed264000000000000000000000000000000000000000600", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"}) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, &(0x7f00000000c0)={@inferred=r9, 0x6, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @raw=0xa2cfa1c}) (async) prctl$auto(0x5, 0x3, r9, 0x7, 0x6) (async) ioctl$auto(r3, 0x4b52, 0x1) 21m38.575378243s ago: executing program 32 (id=454): unshare$auto(0x40000080) r0 = prctl$auto(0x23, 0xc, 0x2008, 0x9, 0x0) mmap$auto(0x5, 0x8000000003, 0x4000000000df, 0x40eb1, r0, 0x300000000000) (async, rerun: 64) r1 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x490201, 0x0) (rerun: 64) ioctl$auto_UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f0000000000)={0x9, 0x2}) (async) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async, rerun: 64) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/aqm\x00', 0x80, 0x0) (async) pread64$auto(r0, 0x0, 0xe5, 0x41) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_FLUSH(r2, &(0x7f00000024c0)={0x0, 0x0, 0x0}, 0x4000000) (async, rerun: 64) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129e01, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_STATS_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000ffdbdf25200000000c00038000000000b4030001186e310000000000000000000000000000aac2fbd38e18152f58b1d6600603b78d75eafe64e6000000000000007520a279d01de8ac42bc6c0a40c1ebd29bdfea4d10fe89b0ab9fb16c91c08e62ca1f16783af18e26b8c7b9dd327b7a00b684cbe9b57c8f788773ccaad82d5b7c1d2139332813a68f5674e64f88a4a49235"], 0x38}, 0x1, 0x0, 0x0, 0x4000844}, 0x4) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bpf$auto(0x10, &(0x7f0000000400)=@bpf_attr_7={@link_id=0x5, 0xea5, 0xf1cb, r6}, 0x92) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="020025bd7000fbdbdf25190000003c0001801400020068737230000000000000000000000000140002000000000000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300000000002800018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="1400020069703667726574617030000000000000480001800800030000000024140002000000000000000000000000000000000014000200776c616e3100000000000000000000001400020067726574617030000000000000000000"], 0xc0}, 0x1, 0x0, 0x0, 0x40002}, 0x80) (async) ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(0xffffffffffffffff, 0x81785501, &(0x7f0000000500)={0x0, 0x0, "a68a78cddb9af7ac4c80865002a0d2e3", "213ea76652ad28e8b96ec5ed5243aea3", "25222c3aac25ccff5de7b81eefde747e7674da7f6154e6bcf81ec7dadaa3b485", "12f251f2492bb43c598ef0237d522cb86954c0763131c2f67eaa6356799448a9576c948fc3fb995daec2f1fc9170a70b4b71b44f04809f3ca99cb9b4e9d3abb67d33f3d3fe57d0289938f4ce01d60bfd", "e9e7f824968ee78f73dc2749d12c7e05", "402beaf8e2dfaba5303a6efa74256963183267b80c0b5a1f17a2c919b4c43dc3817ea4719a3e48cdb8c3e9873ecfe260f627c94bc35f96d615979b05547405d7e633a060cdb0fc80f9562c947ed257fd", "5c84948d2c357792b0c4be9a3a15ecfee836d93ae475d2bc8193e8ac53c0494bf16e9a6d85fa65416177e39fac9de9d4869f6e9602c6f01a500ba2ba3d5fef158c908f502afdfe316cf3ac63f1f4842ec3c180d103084776592ff9e4a66125f8f285cabc67891f381c9bcc345f41ee4f2d7f4bffb05d58b0377a76a50de67bb8"}) (async) r9 = getpgid(0x0) pidfd_open$auto(r9, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x80000001, "a2b8e85fc56865ba529faa0000000000000000000000692a240000008000", @raw=0x6}, 0x6, 0x5, 0x7, @inferred=r9, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d4c89bee7005c5affd5ab891b44e48364e8de3f344584996c31f9ae16c6c4f062d38f590125ed264000000000000000000000000000000000000000600", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"}) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(0xffffffffffffffff, 0xc0405519, &(0x7f00000000c0)={@inferred=r9, 0x6, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @raw=0xa2cfa1c}) (async) prctl$auto(0x5, 0x3, r9, 0x7, 0x6) (async) ioctl$auto(r3, 0x4b52, 0x1) 8.771527381s ago: executing program 2 (id=3892): keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xfffffffffffffffe, 0x4000002020009, 0x2, 0x7fff, 0xfffffffffffffffa, 0x8001) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r1 = prctl$auto(0x16, 0x800000000000012, 0x0, 0x9, 0x10000) ioctl$auto_TUNGETVNETBE2(r1, 0x800454df, &(0x7f0000000040)=0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto_MADV_GUARD_INSTALL(0x3, 0x9978, 0x66) r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2a801, 0x0) pwrite64$auto(r2, &(0x7f0000000040)='/dev/vcsa\x00', 0x7b05, 0x5) 7.192935941s ago: executing program 3 (id=3895): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x11cc00000000000, 0xdf, 0xeb1, r0, 0xffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socketpair$auto(0x40a, 0xffffffff, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x73b8) mmap$auto(0x1, 0x2020009, 0x3, 0xeb1, r0, 0x2008000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x44800) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x840, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10003, 0x700, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = socket(0x2, 0x3, 0x6) bind$auto(0x3, 0x0, 0xce6) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x1, 0x0) sendmmsg$auto(r1, 0x0, 0x5, 0x7) r3 = socket(0x1f, 0x3, 0x1) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) mprotect$auto(0xfffffffffffffffe, 0x7d, 0x8) r4 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) ioctl$auto_SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000380)={0x15, 0x81}) r5 = prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) epoll_create$auto(0x4) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044850}, 0x40000) sendmsg$auto_GTP_CMD_GETPDP(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYRESHEX=r5, @ANYRESHEX, @ANYRES16=r2], 0x14}, 0x1, 0x0, 0x0, 0x240448c4}, 0x4) 7.170586354s ago: executing program 2 (id=3896): keyctl$auto(0x200000000000020, 0xee01, 0x0, 0x5, 0xffffffff) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161742, 0x100) mmap$auto(0x0, 0xe983, 0xdf, 0x40000000eb1, 0x401, 0x72) timer_create$auto(0x20006, 0x0, &(0x7f0000000140)=0x8) timer_settime$auto(0x8, 0x801, 0x0, 0x0) r1 = socket(0x1e, 0x4, 0x73) socket(0xa, 0x1, 0x400000a) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(r0, 0x0, 0x4004) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x420000, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0) epoll_create$auto(0x9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r0, 0x8004b709, &(0x7f0000000180)=0x3) rt_tgsigqueueinfo$auto(r3, r3, 0x40089, &(0x7f0000000200)={@siginfo_0_0={0x4b32, 0x3ff, 0x0, @_timer={r3, 0x85, @sival_int=0x5, 0x3}}}) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'dummy0\x00'}) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x24004840}, 0x10) link$auto(0x0, 0x0) write$auto(r1, 0x0, 0x1e8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vhci_hcd.9/usb28/28-0:1.0/usb28-port2/power/runtime_status\x00', 0xa200, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x143a03, 0x0) writev$auto(r5, &(0x7f0000000100)={0x0, 0x6}, 0x1) unshare$auto(0x8000000) 6.592615635s ago: executing program 2 (id=3898): mmap$auto(0x0, 0x1e00, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ttyS0\x00', 0xc0200, 0x0) ioctl$auto(r2, 0x540b, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB, @ANYRES32=r4, @ANYBLOB="616f6c0d5c949ccea3cca83905ca8e3497fe68"], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084) read$auto(0x3, 0x0, 0x80) read$auto(0xffffffffffffffff, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x52f7e222, 0x20007, 0x4000000000df, 0xeb1, r5, 0x2) r6 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) remap_file_pages$auto(0x1, 0xa, 0x18000000000, 0x6, 0x6) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) r7 = syz_clone(0x25342080, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) shmdt$auto(&(0x7f0000000000)=':-h!/-^@(\']@%]/\x00') mmap$auto(0x0, 0xc, 0x4000000000e1, 0x44eb2, 0x10006, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(0x0, r6) tgkill$auto(r7, 0x1, 0x5) 6.173149208s ago: executing program 1 (id=3899): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto_BPF_ITER_CREATE(0x21, &(0x7f0000000140)=@iter_create={0xffffffffffffffff, 0x7}, 0x9) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000000)="feab4dbd432130f41df0286502b37cb00e799c9bab7e2e957796ff186bc9", 0x5) socket(0x10, 0x3, 0x2) connect$auto(0x3, &(0x7f00000000c0)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x2000000}, 0x54) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0) r1 = socket(0x18, 0x800, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000024c0), r0) sendmsg$auto_SMC_NETLINK_FLUSH_UEID(r0, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002500)={0x14, r2, 0x1, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x10) 5.844692885s ago: executing program 1 (id=3900): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x1fe, 0x81) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000040)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r1 = io_uring_setup$auto(0x1, 0x0) io_uring_register$auto_IORING_REGISTER_FILE_ALLOC_RANGE(r1, 0x19, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001d40), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00'}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = socket(0x2, 0xa, 0x1) r4 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r3, 0x10000}, 0x10) mmap$auto(0x0, 0x2009, 0xfffffffffffffffa, 0x8000200008011, r4, 0x8000) clone$auto(0x7, 0x5, 0x0, 0x0, 0x2) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0xc031}, 0x44) socket$nl_generic(0x10, 0x3, 0x10) memfd_secret$auto(0x0) mmap$auto(0x0, 0x810004, 0xf78, 0x8000000008011, 0x3, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x20499d, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) 5.613968231s ago: executing program 3 (id=3901): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x29, 0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x141f02, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, 0xffffffffffffffff, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffffff, &(0x7f0000003540), 0x0) 4.985735171s ago: executing program 1 (id=3903): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pppoe\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0x100000000008, 0x8000) 4.526260991s ago: executing program 3 (id=3905): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfdf3) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)) write$auto(r0, 0x0, 0x41ec) 4.469855578s ago: executing program 1 (id=3906): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) kexec_load$auto(0x5, 0x4, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) mmap$auto(0x0, 0x80000002020009, 0x3, 0x410, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x8}, &(0x7f00000001c0)=0x6, 0x0, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, r1, 0x800000000001, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd11/queue/read_ahead_kb\x00', 0x22b42, 0x0) sendfile$auto(r2, r2, 0x0, 0x4f64a1d2) writev$auto(0xffffffffffffffff, 0x0, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0xb, 0x0, 0x0, 0x6e2d, 0xfffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) madvise$auto(0x2, 0x5c61fa2c, 0xf) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0x4020009, 0x7, 0xeb1, 0x400, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000080)={0x101, 0x5, 0x7fff, 0x6, 0x80020000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0x6, 0x7ffffffd, 0x3, 0x7, 0x9}) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) 4.347875917s ago: executing program 2 (id=3907): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x1ff, 0x7, 0x5, 0x717f, 0x1ffde, 0x7, 0x3, 0x10000000000009, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x0, 0x10006, 0x4004080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x40, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x8]}, 0x1fc, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffffffffffd0a, &(0x7f00000001c0)) 3.967043228s ago: executing program 2 (id=3908): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_UPDATE_OWE_INFO(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r2, @ANYBLOB="00012cbd7000fedbdf25870000008800d700ce663be44c2ab39c0a411e0c0f4b05dbb10589d60e416fbc3a4d1abf8f0d864fbac193f3c08aba595d8d6e517214235b5c7ceaebcfa8a83e7f198a70fa2fe46142609e753548ee63ec78a9d9418858bf8085a0bcb741abfcd02b606adb439484fdbe0a4279ca405ec02f5ccb6f1357ecedd55958d3561eb7d04fe86859784a0016ba43800500a3000000000004004600"], 0xa8}, 0x1, 0x0, 0x0, 0x1}, 0x24008054) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) unshare$auto(0x8000000) semtimedop$auto(0x7, &(0x7f0000000200)={0x3, 0x6, 0x1000}, 0x3, 0x0) unshare$auto(0x8000000) socket(0x2, 0x1, 0x0) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r6 = bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96) bpf$auto(0xffffffff, 0x0, 0xb) r7 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) preadv$auto(r7, &(0x7f0000000100)={&(0x7f0000000200), 0x82}, 0x8, 0xd62a, 0x5) socket(0x30, 0x4, 0x6) sendmsg$auto_NL80211_CMD_NEW_MPATH(r6, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8800010}, 0xc, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000425bd7000fddbdf251700000033016e8008000300e00000014aaaff237f86cb195d10dd2b2dea889d71778fabff84e7999146fb5b6866ecc551ba62b701aed2b1f94b4e38a7fea5945a853dd6bc7d103cc20563a61212fada2196d0e23ee39260c0e7ad91c5730e6e5593500111fe92b15d8ef9a949fdafbb44a39d4a3757078f2e3314bc1ac27ca8ecac8394634b8ba1db9e3a8c59e7e3535657cfec0072ba1ce4857811f32246e20b6c88369d8ef3d38934df7d08e254f47c026c18db7dec8991f308fc1be97b006a766b121bea3657f1155ed400e592210f3ed30caf1cd0920d6f8784ed77bb855109f901537dc8d2646d6146e108d92b3bf706f3e24c3d881f0d92a52e1dd5f8322a55d34be3174ac1e57e225bb0b83871e1fe038210ad08867ad020cad6aebddf2a5f36c67b8139c8a2709f6190a60800fd0001000000000800230101000000"], 0x150}, 0x1, 0x0, 0x0, 0x1b6efac7cd8fe165}, 0x8010) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) pkey_free$auto(0xfffffffd) sendmsg$auto_BATADV_CMD_TP_METER(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x30, r3, 0x77bed28568c43d3b, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}]}, 0x30}, 0x1, 0x100000001000000, 0x0, 0x2019}, 0x4c080) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) 2.740923664s ago: executing program 1 (id=3909): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x29, 0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x141f02, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) msgrcv$auto(0x0, 0x0, 0xff9, 0xfffffffffffffffc, 0xb4) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, 0x0, 0x0) r3 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000003500), 0x40002, 0x0) write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r3, &(0x7f0000003540), 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) r4 = setfsuid$auto(0xee00) r5 = setfsuid$auto(0xee01) setresuid$auto(r4, r5, r4) 2.702209558s ago: executing program 4 (id=3910): socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp6\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0x100000000008, 0x8000) 2.17487061s ago: executing program 4 (id=3911): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto_BPF_ITER_CREATE(0x21, &(0x7f0000000140)=@iter_create={0xffffffffffffffff, 0x7}, 0x9) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000000)="feab4dbd432130f41df0286502b37cb00e799c9bab7e2e957796ff186bc95aed2c5454", 0x5) socket(0x10, 0x3, 0x2) connect$auto(0x3, &(0x7f00000000c0)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x2000000}, 0x54) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0) r1 = socket(0x18, 0x800, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000024c0), r0) sendmsg$auto_SMC_NETLINK_FLUSH_UEID(r0, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002500)={0x14, r2, 0x1, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20008090}, 0x10) 1.749217882s ago: executing program 4 (id=3912): keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xfffffffffffffffe, 0x4000002020009, 0x2, 0x7fff, 0xfffffffffffffffa, 0x8001) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r1 = prctl$auto(0x16, 0x800000000000012, 0x0, 0x9, 0x10000) ioctl$auto_TUNGETVNETBE2(r1, 0x800454df, &(0x7f0000000040)=0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto_MADV_GUARD_INSTALL(0x3, 0x9978, 0x66) r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2a801, 0x0) pwrite64$auto(r2, &(0x7f0000000040)='/dev/vcsa\x00', 0x7b05, 0x5) 1.360558644s ago: executing program 1 (id=3913): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) io_uring_setup$auto(0x1, 0x0) select$auto(0x2002, &(0x7f0000000180)={[0x8, 0x4, 0x6, 0x214e, 0x3, 0x0, 0xa84, 0x5, 0xbf, 0x9, 0xceec, 0x1958, 0x7, 0x7, 0x2, 0x1]}, &(0x7f0000000280)={[0x6a, 0x4, 0x3, 0xff, 0x2, 0x7, 0xf00, 0x7, 0x7fff, 0x4, 0x3, 0x5, 0x5, 0xe98, 0x3, 0x5]}, &(0x7f0000000300)={[0xa244, 0x88ed, 0x8, 0x1, 0x8000000000000001, 0x338, 0x7fffffff, 0x3ff, 0xffffffffffff8001, 0x7ff, 0x8000000000000000, 0x10000, 0x81, 0x8, 0x40d9, 0x4800000]}, &(0x7f0000000080)={0x8}) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) ioprio_set$auto(0x2, 0x0, 0x208) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x2400, 0x0) read$auto(r1, 0x0, 0x9) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/ns_last_pid\x00', 0x68001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x3, 0x3, 0xc24) mmap$auto(0x0, 0x4020009, 0x7, 0xeb1, 0x400, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, &(0x7f0000000080)={0x101, 0x5, 0x7fff, 0x6, 0x80020000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0x6, 0x7ffffffd, 0x3, 0x7, 0x9}) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xfffffffffffffffe, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0xa, 0x5, 0x94) close_range$auto(0x2, 0x8, 0x0) 1.279311712s ago: executing program 3 (id=3914): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0x0, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0xc, 0x0, 0x4) listen$auto(0x3, 0x81) sendfile$auto(r0, r0, 0x0, 0xd) mmap$auto(0x0, 0x7f, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/030/001\x00', 0x2901, 0x0) ioctl$auto(r1, 0x40085511, r1) r2 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000000)={@_si_pad}, 0x5, &(0x7f0000000080)={{0x0, 0x7}, {0x9}, 0xff, 0x8, 0x6, 0xffffffffffffffff, 0x7fffffffffffffff, 0x2, 0xdd7, 0x2, 0x2228, 0x4, 0x8, 0x0, 0xffffffffffff8e24, 0x9}) tkill$auto_SIGCONT(r2, 0x12) 1.063981085s ago: executing program 4 (id=3915): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000100), 0x141302, 0x0) prlimit64$auto(0x0, 0x803, 0x0, 0x0) ioctl$auto_RTC_AIE_ON(r0, 0x7001, 0x0) setsockopt$auto(r0, 0x0, 0xfff, &(0x7f0000000580)='/dev/rtc0\x00', 0x5) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'pimreg1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x18c, r1, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x40}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x4}, @NL80211_ATTR_MBSSID_CONFIG={0xc, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8, 0x4, r2}]}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x2}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xd229}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x87e}, @NL80211_ATTR_MAC_ADDRS={0x13a, 0xa6, 0x0, 0x1, [@generic="46d251f6d27a818e4b66bd67a8ba0abdc9b29c8ae7cf7d3a446a9bd8c203715d0e1a8ee94a21897f99f83ba33feaf3c016b726c0d762edc0a82008a64cff", @typed={0x8, 0x9c, 0x0, 0x0, @u32=0x4}, @generic="d803a9e4", @typed={0x8, 0xfa, 0x0, 0x0, @u32=0x400}, @typed={0xde, 0x3fff, 0x0, 0x0, @binary="a0553d748819059f997d47b3a7c2ca23a6525dd1d8376cb90e7ead70920327d85a03f6e6e20b218057c40fba2fdd34deb2c1ee844db44db5f67082f53855be63c0ddd8649fb44b82f893111e816179c28620dac74ed819aa22a7914f808dd0b597a72fb81f91dcf6db812bb5657d37bb20dc15259706f7bba29cd5b681c12b40760a475ecb1c963696bd2ecf0183fe27cf8bb597acce797c89ba6421b3bf21a403d93f764ab8e5fa9f91f29f048885fbd7bfc1a78fe9b6117645b1eaa983e4a485af22b926881d0683587859ddf418ec1e7b6e636d4015765359"}, @typed={0x4, 0x14a}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x20000004}, 0x81) sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0x61}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x7}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc049}, 0x40020) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rxrpc/peers\x00', 0x101000, 0x0) pread64$auto(r3, 0x0, 0x7e, 0xc) r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f00000005c0), 0xc, &(0x7f0000001740)={&(0x7f0000000640)={0x108c, r4, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@OVS_VPORT_ATTR_NAME={0xc, 0x3, 'nl80211\x00'}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r2}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r2}, @OVS_VPORT_ATTR_NAME={0xc, 0x3, 'nl80211\x00'}, @OVS_VPORT_ATTR_UPCALL_PID={0x1004, 0x5, "28ee6f828ccd69cc7c26525a3ac47ed4cc6bf90c748079f6a6950b585573b51ec597cab1ee4dbca305f2328e2e0a33d68ee44f891ed930baa59810952beeb31a8de1f64b7eb609c63ddb80227d5e51dd72a573b3127dbc384cf6095e288b700b84c9c370750dd6a861528f5fc007bb795e9c1150d76ec8090e17fb2075e3b14bd1c3c5668e79819654d81f9d582d09a9095e990d9f65015fbd99cbed6bd274faa4fd093324301e3422359b3bf81f666a4c15912cbc10ed7a198abe7043c518e2ca89beb9b7ed2296c4ce8394434f3cbd78857ed5e91659f58769fca899a53a0dbb106b9d79147d1b309d21d14786a285af78219b8c4beef0325954a9d5ca441893e1fdec335a5a21fbbc49be9b0229bea3ae9d923cb25687d2007fcab318b997c0eae76770e2c18e6cfaee6b2e1581401232dff6ff5c54e3cf53e970e782aad52957ab4e96f905a6dd0bcf2df0911f65e7d083cff5347b0957bfb357e1a90ab430331a65589d5221666233b7ea67c04cf2657d094be90df0d7469cf7c45b2793ca5a9079e9e39e6016d529605f5db7332698e5167890ad2d6b8a1c3ed130c60ec67ffc8eb0d1125debd40eae9bac33976bb8a13dd25fd86245d48510f34aa5a778a6061de8a39eadb12a4571445bb82ae74293eb86ff8c0444de3279472ef5da79adc04422fd51fa2d63b54ebb1b87b2f5146d4de2948c910fda46c0aae21c206eac7c13f72a6e9e2e77e8b44481d9adfb37735208d1638508b949163a2d3a39323139e8ce9a0328c64cca2381c2acfb77a8cc4f161296d5f5da20c14e921ff5896e49e12c0b940ea78689af2c7a19b41355e376bf02e34baaebbc28d3cb90485457530f9d5e00f730a919ee1c5f7ed620293f8fe6d293f8b671bb892aa08685e4bc166b56078c13e309d4ca01f831b67819e3ae531a9d43f8276a554e127845151ce464cc8157ea09ebac999c230d38b33a320f0c6d095e54f53336390cb8b8602e29174ba9083ab5d5344517aec303448af7dd8bb0adadc4ad4bbb55f5a68aeeaca921640796e1dd637b8ba750d7fe3913ba60aa235d0f94f851212130152cb0ff47917e01c8aec6ab153fe0114d6936ffd83823e4a58829ece72c795d64a337b9f02a402a6828548c4d8c6576eab2beb10622fe288f8a92c3f463c8bccf670be2464664942dc77317ab6747f017cf6dab09d52d1afcc768fc2f5e797093ad96104216d01923df08f4a9572afd8933f6f1e98fc2f4e6d3f7af74cc06d6f73fc10790b072a86000f2a4dde99eabe198b8c3b216c8aaeb5c66cc79bb4caccd5b0d23677aa858c17b4ec8555be66d785f1698ecd998488aaeaabc438d43a6d73d6ccd9f8bac5e8e70c188ac1d9efa58aa1dde387400599adf8052ccf9a03f418e5ed403e1c02910c482ee0daa180d28cc23d3c321b11235016bf9a24dbb6d5e9e7e35a16b32bc8149e4a3a7eccd55c781e4523d19f156640e834cbb088986b9c50f3c1cc0dcc19157b26e5e2b8732874be6caa4762acc2fac07870695ba5b5064607ff529205022bcee4711af7f4f6ec57c782f29daf1253da1b9d856496411867ceabe01009bb92a3f50b073e0531e8ee40a634ae8339f2c99510ae3846436bc6430d9b82ac51dac1fc2d2f68fb2d16ee88d57a7c2097e56da12652b7bbea16b0701a5de225db993e2ef7ba5366661e0b0f199267c8ba46c660af0292676b5ccb66aa88938993fbb58c4ab60edc27df866ac5d865d3f5744e17d11d6be24803c6634498e7c8c6c7de8551ccef1d2f5b9a7418256fc5e6d09ebed445cbd90523de8073790a208fd3eec18933e70c9a611d8b145aed83c1bd63e17dae1f8850d28b00e6988c2f99019e4b892d3b64d8afd500719a871896f5604fd2ab3202ebd75f890ec097ec1ae0d108212ade5925a89771be0a04c7d5fb7b43f6832df947c1ec4c30aae2aa3a0ece8b7f8b96796cd47865422e1e5a524e217267d2ad144f75548d535a375505bf4b9e7de705a6f17f56d6b53d8e0b950af7013269ab25e1add502ed3bc3befd0f16e867aac1c938e0f1611d7d2f91e25218f114ef516ca14f8f1f3076a409f6bac6010621b26b0aaacbe9ffa6a7e1e6c376acd90b236e4013efff75ccf2ebe3f4ae9bf66b082a0bd3800194b123968e9d2496211697abf2d03dd0fbb2aafbddabcd141492ac935f069d6d5e1cfd82db7a7fb30a6d7e5480612df783cf10d66acdd5eea3579db512f2b06e88369e15cd8116cb0b13313f8dbe8d153e9dad1814df24511a843c149fbe048bbb19e1cb3c21a07b2d0ce1a4430d8bf1986125dcec6445b5b2c3687a716607101dcfb048eb22438a3bf813f205cdd83a315fea377fcd6507652055d5890de20ed4b6070a5fd627bbf7c99cbaad378756394732803753ff781c2a5ea202496568057aead602d72aa47dcc4112d1a0af9d512d86eb249647240852e493459f802543df09ddfcc04fe6af4e6805c6c0fdd975724309bcb8cf93dc31f650853e9cc579f1ed8ac151a5d4eeae26f230bc53aa5f86d6ff2fbccc2c50847d0dca0def4773637b6532940c7c26a70a17f02a6d37e5f196918e8106ca790949a63406dbe3dfe9a3164ab8d5a70c1f39e5b8e965f507700f64ddac166887fa30508b2822a54a9e5393f8b39e0896d65d41387e4e7804c54a719f1ae329bf14098c056098904c85e4e79a4055b353d25bc95cfc66fda8a9ff495a896dccb7776cfca1dade49c4b868713cd00d47b2972331acd886e0df6c9211eb30ee58e6c612b25344b935504e1f087ba2a7e60b4a23a663fe95a602e81514d4c152aa300435bde74a05e1bb6f77d9294618aef6b5673408aa1ce37f8b340f9d385ebdcda4e559852da7a306f37dd814b3b9f1fd8757e80e5a317a013da0ea99e83a0d8fb0676fd3321d61278f18c94148bdd11bb1e12e4d491d1fce176d722ff895129de90204b2cc045cee8dd38d64f53ddfc59c7789ca140651b0c2d5971af944cc12044945b948eafab62b168df20242377f2f963330c9091e57f59a213fb5d7a29b4379bc47d5db9c95024825fc1eddfd972d7899fd33681c6f6d5c4fa5603ef91ae1877ebc0d6aef2436cfccca614478efe8a6eaab3ef00cd771d08d50512127dbfeabc2efa164320ab137de338bac1b65d87a65cfdf464196761b0b7cc1586ab963c4950c7b0eb375b330f037185b9e9254064b8bbf743741a5a6f7a69e5d7dcf4c8af031fab8e199868593e5c4f456876a6f92910c73e0fa3983a52c042bc62c4c296a3173b246f4ec13b3c1c48ca7d9c0c3390072cf7e8eae7a4d5f886cb633f04526bddd6e60fec7f56a427fef4450f5eed8d5a0a589df2197903624990a11cbecfcc856e980539e5da6e8b0ce337a38f679f21cf34a718d2a464abe2e92bbfc2d503120007c71d36accc53c220e49955b79e6a51dc18e2b93d6b6f2d946f6d0d3aca0d92737f61273a6f88b173b1854d740582202625f23abad68d0d9dc6310392212ddd43aab3b05c930ee59c80e393fe4413e2968f75532d6e926b55b2f7f548fc6587f92c78b6da55bd274bc3d152d11916368b75d650c9b7994e50305ff40a81659f948ffaa26d3c7b3e61014f28e37d8b8db885e3b9860c4c42ddb1caa1cb2e74a41d42f0941ff57c3fa27104fe29d68c719c53f0a00f875146ebcac0f8eba8316648ade068793936837636bab345dd0cab0edec32d78292913dacf9465f73f68d53ac8d5d09ac43e026968179b3fb46f9d0eabdf488f78f12ce5df3e198d9bc1f7e1ad99a466b8ef89f3a44ad1a7a995e4fce93ef558ab56a5ecfe74baa1e45eb01fc5f51b8f8dbf4d2aed37e6a9dc0b72ad80adba98e904d57294f519a8089431cb89d75a19dafbb1848fc094379eb1bfc3c30356c357f1880f50b87e587ca2ccabe6b4f7b2ef5c7145c88980941b32e64eef023cb03158acb9fadb483e92efc429cfe1d31c6fcce1dc4ebace9ebd70666d0cac0377734f8ebb20ec0c57de93cfad6498609cbfc60df83b3970fdc922d9be85a3a14ceb0b02ea38ad4e4ef18777a8f78700a3800c0b2f110b25b0a69f75da620850e3e31f0d606aff69b764889bc5a6461c6bd4796f7b50758d8f0807a6e4dd6010235a06fb642e2bae3e56f0940c5d6c1a84abc1bca981ec72aa95c7b8e0cc943e7a5f3fbbed33a99c3c84807bf3e868949980a94beafc5d6247fbeeb74d12de6e1ef2d64fef47ac06b22f4aa377e766872823f6e70c15245db8cad7c9d9e45b7bbfc5bde4dd44529598499fb987e0f9af22171a116da8a56f1dc2cd7ee48ea0f163211cf0e1b2d5c44aa1ada566b0173cac39e3cc5e3e474f4dc0b216ea1b099baaaa7d69a70d524df0cc9bb41021bc08978659eb0e9fb3ea506ac02a5f22b7c6cf2e2a1cc0ef30816c62511b06363b7ef6091357c6bb8b7f67652713ed7f4850b83dcf5d3b8f0516a616463404d505768d5e21800faf93e3e643f14120a860cd28b817572145f241bc04ac25e8d5728005a099a86d692c5485cbc78ce8fdfd7ba2d6f2ad876a7ad71adbfb1066c1350e77b1e2b5f2a8e7ee7a48308f5ab715e0bec393841a7e6154a2b0d1287f22e278335df53fb806e3ebbb22cc594e572ff5001a4fdcc64a2fb1f879c2b9767388c233ae4fb1892715fa3f2d2e9ba2c5d5525b79bd0610e26347547b73ec43daa9307e226f47de18997ea055145a26136aaf26b10e55605357f058e1f27e9fc2762376a55c01f967a289eca28b5e7714778060880f683bc61e0b67f2376b11131a69b52ca06fe44a70c59c9e49a00b0872ecb04fb6cc51a103ca11562a51e2cf5264c0841eababf65ea4d4177cb440b0d97de9dcecdda0fbbceac17a129fa5b909fc8ceec60f925ab5f00bdedd6aaa8c76be6c11a384e11ab87b460c43708470fda1fcafe122be928f2b7dba50d6736e1118f196bf431ff1129e5202e3f536a1d381b537320ed5900cf15caa56b506e03205d339595a6de3b42142acb7d9b6bb71b4a0c1d6f95eb3bcd946c032a2850ab1032272693de532c4517ec0a922840a596fd205c4a7026d44ab424233c0fe2149c82355725e8f8b1f4cadebf88c418c9b93d31d991b6b84b110ba2faacc62fb3d35e8338a39464cfd3ad38b5b123f71c499987a9a7c11e1363bce34711bfab1057e8bd21c8122ba0ebb674a44af5022451f26931b140b99f1518ac46d156ceb6afd0f3dedc6b9fe444e706fcc8dd5fdb8700342c8fb7c54e60c5482a471c25d7fd92bb70b86ffc3db21535cfae4a0e60a6dc7806869406d9a1fe16d2030efccc0b5dfcb0c1db1c3a83641c3ee55ac78e59e771316cef2b3d5f9e14444049e966efc3acd8e5353c8d2c8f509cf3e8b786038a66de2c6c39a383aed0938a0d7b437148b926f5e63d88ad7b542d09864ba1828b405275be5cc203e9aaf5004d99aeb1732658adf2664c2e65b146bb2e3e19a7c2518952b657277da6f7a4447e471819bae23f95f669a36aa8a7de9213febbe70e438e513605b463d680227fed715c320135581aa5e74288ab64220b4f6a3e184a1fb19fb9abc39af107ca46ac3bad26bd134e87b68628a49337d420cd7e30ee1a26b3fe72e5b8830f0fccd43a24c7e18f913ab04c19b604dff8bedb585ddc63405cc27efd16f8878c09cfc05ec13d2bbbc7e4cba0b4437ab760bbe02ff42318139fe77b81410687c4dbe782f0585f5cf7b64f0b7c9af9d9673f4e4eabda892fbeb00dc20ad09b8dda7d37379ca0137cc4a49f1c4e17c167e47307abd10d45634c36db42df0f2030791061943"}, @OVS_VPORT_ATTR_NAME={0x7, 0x3, 'G{\x00'}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x3ff, 0x5, 0x10001, 0x3, 0xffffffffffffffff, 0x0, 0x40, 0x2}}]}, 0x108c}, 0x1, 0x0, 0x0, 0x8856}, 0x4001) 785.799759ms ago: executing program 2 (id=3916): mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x11, 0x80000, 0xfff) setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) io_uring_setup$auto(0x1, 0x0) (async) io_uring_setup$auto(0x1, 0x0) mkdir$auto(&(0x7f0000000040)='./cgroup/../file0\x00', 0x1) connect$auto(0x3, 0x0, 0x55) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x2}, 0x400) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0) pread64$auto(r1, 0x0, 0x10001, 0x830) write$auto(r0, 0x0, 0x100) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/asound/card0/pcm0c/sub0/status\x00', 0x100, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/asound/card0/pcm0c/sub0/status\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000100), 0xa8003, 0x0) (async) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000100), 0xa8003, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x400003, 0x7) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) fanotify_init$auto(0x602, 0x1) (async) fanotify_init$auto(0x602, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/addr_prefs\x00', 0x102, 0x0) (async) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/addr_prefs\x00', 0x102, 0x0) writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x3) (async) writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x11, 0x3, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) (async) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) 720.282235ms ago: executing program 3 (id=3917): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x40000, 0x0) setsockopt$auto_SO_INCOMING_CPU(r0, 0x6, 0x31, &(0x7f0000000040)='\xf4.\x00', 0x5923) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/ocfs2/max_locking_protocol\x00', 0xa2500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/106, 0x6a) 591.365782ms ago: executing program 4 (id=3918): keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xfffffffffffffffe, 0x4000002020009, 0x2, 0x7fff, 0xfffffffffffffffa, 0x8001) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto_MADV_GUARD_INSTALL(0x3, 0x9978, 0x66) r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2a801, 0x0) pwrite64$auto(r1, &(0x7f0000000040)='/dev/vcsa\x00', 0x7b05, 0x5) 413.704672ms ago: executing program 3 (id=3919): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0x2, 0x10000000000002a, 0x0) socket(0x27, 0x800, 0xa5) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS2\x00', 0x0, 0x0) ioctl$auto(r0, 0x4b72, r0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r2, 0x27fff) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) socket(0x15, 0xa, 0x5) syz_clone(0x40000000, 0x0, 0x25, 0x0, 0x0, 0x0) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace\x00', 0x169481, 0x0) writev$auto(r3, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) 0s ago: executing program 4 (id=3920): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) sysfs$auto(0x2, 0x10000000000002a, 0x0) socket(0x27, 0x800, 0xa5) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS2\x00', 0x0, 0x0) ioctl$auto(r0, 0x4b72, r0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r2, 0x27fff) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) socket(0x15, 0xa, 0x5) syz_clone(0x40000000, 0x0, 0x25, 0x0, 0x0, 0x0) ioperm$auto(0x3, 0x8001, 0x2000000000000149) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace\x00', 0x169481, 0x0) writev$auto(r3, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) kernel console output (not intermixed with test programs): rcu_is_watching+0x12/0xc0 [ 1240.154617][T20112] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1240.154652][T20112] ? filemap_map_pages+0xf6f/0x1680 [ 1240.154689][T20112] shmem_fault+0x1fe/0xa30 [ 1240.154726][T20112] ? __pfx_shmem_fault+0x10/0x10 [ 1240.154760][T20112] ? rcu_is_watching+0x12/0xc0 [ 1240.154782][T20112] ? __pfx_filemap_map_pages+0x10/0x10 [ 1240.154822][T20112] __do_fault+0x10d/0x490 [ 1240.154858][T20112] __handle_mm_fault+0x3c2a/0x5490 [ 1240.154892][T20112] ? __pfx___handle_mm_fault+0x10/0x10 [ 1240.154922][T20112] ? __pfx_mt_find+0x10/0x10 [ 1240.154941][T20112] ? up_write+0x1b2/0x520 [ 1240.154981][T20112] ? find_vma+0xbf/0x140 [ 1240.155003][T20112] ? __pfx_find_vma+0x10/0x10 [ 1240.155027][T20112] handle_mm_fault+0x589/0xd10 [ 1240.155058][T20112] ? __pkru_allows_pkey+0x41/0xb0 [ 1240.155089][T20112] do_user_addr_fault+0x7a6/0x1370 [ 1240.155122][T20112] ? rcu_is_watching+0x12/0xc0 [ 1240.155146][T20112] exc_page_fault+0x5c/0xb0 [ 1240.155179][T20112] asm_exc_page_fault+0x26/0x30 [ 1240.155202][T20112] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1240.155231][T20112] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 [ 1240.155254][T20112] RSP: 0018:ffffc900046df9d0 EFLAGS: 00050202 [ 1240.155273][T20112] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 1240.155288][T20112] RDX: fffff520008dbf4c RSI: 0000000000000000 RDI: ffffc900046dfa58 [ 1240.155303][T20112] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff520008dbf4b [ 1240.155317][T20112] R10: ffffc900046dfa5e R11: 0000000000000000 R12: 0000000000000000 [ 1240.155337][T20112] R13: ffffc900046dfa58 R14: 1ffff920008dbf45 R15: ffffc900046dfd8c [ 1240.155360][T20112] _copy_from_user+0x98/0xd0 [ 1240.155396][T20112] ____sys_sendmsg+0x607/0xc70 [ 1240.155424][T20112] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1240.155452][T20112] ? __pfx__kstrtoull+0x10/0x10 [ 1240.155478][T20112] ? aa_file_perm+0x4c7/0xfb0 [ 1240.155522][T20112] ___sys_sendmsg+0x134/0x1d0 [ 1240.155556][T20112] ? __pfx____sys_sendmsg+0x10/0x10 [ 1240.155593][T20112] ? rcu_is_watching+0x12/0xc0 [ 1240.155623][T20112] __sys_sendmmsg+0x200/0x420 [ 1240.155657][T20112] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1240.155689][T20112] ? lock_release+0x201/0x2f0 [ 1240.155721][T20112] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1240.155761][T20112] ? fput+0x70/0xf0 [ 1240.155780][T20112] ? ksys_write+0x1ac/0x250 [ 1240.155810][T20112] ? __pfx_ksys_write+0x10/0x10 [ 1240.155843][T20112] __x64_sys_sendmmsg+0x9c/0x100 [ 1240.155876][T20112] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1240.155910][T20112] do_syscall_64+0xcd/0x490 [ 1240.155944][T20112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1240.155966][T20112] RIP: 0033:0x7fb7f378e929 [ 1240.155981][T20112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1240.156002][T20112] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1240.156022][T20112] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1240.156037][T20112] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 1240.156050][T20112] RBP: 00007fb7f460a090 R08: 0000000000000000 R09: 0000000000000000 [ 1240.156064][T20112] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 1240.156077][T20112] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1240.156117][T20112] [ 1241.715179][T20120] lo: entered allmulticast mode [ 1241.723994][T20113] FAULT_INJECTION: forcing a failure. [ 1241.723994][T20113] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1241.839706][T20116] lo: left allmulticast mode [ 1241.933670][T20113] CPU: 0 UID: 0 PID: 20113 Comm: syz.2.2669 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1241.933711][T20113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1241.933727][T20113] Call Trace: [ 1241.933735][T20113] [ 1241.933744][T20113] dump_stack_lvl+0x16c/0x1f0 [ 1241.933785][T20113] should_fail_ex+0x512/0x640 [ 1241.933823][T20113] get_futex_key+0x1d0/0x1540 [ 1241.933853][T20113] ? __pfx_get_futex_key+0x10/0x10 [ 1241.933885][T20113] futex_wake+0xea/0x530 [ 1241.933920][T20113] ? __pfx_futex_wake+0x10/0x10 [ 1241.933954][T20113] ? lockdep_init_map_type+0x5c/0x280 [ 1241.933990][T20113] ? percpu_counter_add_batch+0xb8/0x1f0 [ 1241.934022][T20113] ? errseq_sample+0x53/0x70 [ 1241.934058][T20113] ? file_init_path+0x4fe/0x760 [ 1241.934085][T20113] do_futex+0x1e3/0x350 [ 1241.934114][T20113] ? __pfx_do_futex+0x10/0x10 [ 1241.934142][T20113] ? fd_install+0x225/0x750 [ 1241.934174][T20113] ? lock_release+0x201/0x2f0 [ 1241.934207][T20113] __x64_sys_futex+0x1e0/0x4c0 [ 1241.934245][T20113] ? __sys_socket+0xac/0x260 [ 1241.934274][T20113] ? __x64_sys_rt_sigprocmask+0x1fd/0x290 [ 1241.934298][T20113] ? __pfx___x64_sys_futex+0x10/0x10 [ 1241.934329][T20113] ? xfd_validate_state+0x61/0x180 [ 1241.934360][T20113] ? __pfx_do_writev+0x10/0x10 [ 1241.934396][T20113] do_syscall_64+0xcd/0x490 [ 1241.934435][T20113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1241.934460][T20113] RIP: 0033:0x7f0d85d8e929 [ 1241.934478][T20113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1241.934503][T20113] RSP: 002b:00007f0d83bf60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1241.934526][T20113] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa8 RCX: 00007f0d85d8e929 [ 1241.934542][T20113] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0d85fb5fac [ 1241.934558][T20113] RBP: 00007f0d85fb5fa0 R08: 00007f0d86af9000 R09: 0000000000000000 [ 1241.934574][T20113] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f0d85fb5fac [ 1241.934589][T20113] R13: 0000000000000000 R14: 00007fff40b18f10 R15: 00007fff40b18ff8 [ 1241.934613][T20113] [ 1246.699427][T20161] FAULT_INJECTION: forcing a failure. [ 1246.699427][T20161] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1246.963873][T20161] CPU: 0 UID: 0 PID: 20161 Comm: syz.1.2679 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1246.963911][T20161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1246.963927][T20161] Call Trace: [ 1246.963935][T20161] [ 1246.963944][T20161] dump_stack_lvl+0x16c/0x1f0 [ 1246.963985][T20161] should_fail_ex+0x512/0x640 [ 1246.964021][T20161] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1246.964071][T20161] get_futex_key+0x1d0/0x1540 [ 1246.964101][T20161] ? __pfx_get_futex_key+0x10/0x10 [ 1246.964128][T20161] ? futex_wake+0x456/0x530 [ 1246.964166][T20161] futex_wake+0xea/0x530 [ 1246.964199][T20161] ? futex_wait+0x120/0x380 [ 1246.964233][T20161] ? __pfx_futex_wait+0x10/0x10 [ 1246.964269][T20161] ? __pfx_futex_wake+0x10/0x10 [ 1246.964306][T20161] ? do_raw_spin_lock+0x12c/0x2b0 [ 1246.964347][T20161] do_futex+0x1e3/0x350 [ 1246.964376][T20161] ? __pfx_do_futex+0x10/0x10 [ 1246.964409][T20161] __x64_sys_futex+0x1e0/0x4c0 [ 1246.964440][T20161] ? rcu_is_watching+0x12/0xc0 [ 1246.964464][T20161] ? __pfx___x64_sys_futex+0x10/0x10 [ 1246.964494][T20161] ? __task_pid_nr_ns+0x17c/0x500 [ 1246.964526][T20161] ? lock_release+0x201/0x2f0 [ 1246.964561][T20161] do_syscall_64+0xcd/0x490 [ 1246.964611][T20161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1246.964634][T20161] RIP: 0033:0x7f3dcd58e929 [ 1246.964651][T20161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1246.964673][T20161] RSP: 002b:00007f3dce3300e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1246.964694][T20161] RAX: ffffffffffffffda RBX: 00007f3dcd7b6168 RCX: 00007f3dcd58e929 [ 1246.964710][T20161] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3dcd7b616c [ 1246.964724][T20161] RBP: 00007f3dcd7b6160 R08: 00007f3dce373000 R09: 0000000000000000 [ 1246.964739][T20161] R10: 0000000000000156 R11: 0000000000000246 R12: 00007f3dcd7b616c [ 1246.964753][T20161] R13: 0000000000000000 R14: 00007ffc5081ed50 R15: 00007ffc5081ee38 [ 1246.964775][T20161] [ 1248.303003][ T30] audit: type=1806 audit(4294967397.510:22): xattr="" res=-22 [ 1249.079385][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1249.086284][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1250.383019][T20206] zswap: compressor 000 not available [ 1250.394005][T20209] ieee80211 phy164: Selected rate control algorithm 'minstrel_ht' [ 1250.886681][T20224] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2697'. [ 1251.000772][T20227] zram0: detected capacity change from 8 to 0 [ 1251.140155][T20233] blktrace: Concurrent blktraces are not allowed on loop2 [ 1251.169786][T20224] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1251.268368][T20224] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1251.335026][T20227] zram: Removed device: zram0 [ 1251.631376][T20224] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1251.792759][T20224] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1253.289983][T20263] zswap: compressor 000 not available [ 1253.315501][T20268] ieee80211 phy165: Selected rate control algorithm 'minstrel_ht' [ 1253.445817][T20281] FAULT_INJECTION: forcing a failure. [ 1253.445817][T20281] name failslab, interval 1, probability 0, space 0, times 0 [ 1253.531868][T20281] CPU: 0 UID: 0 PID: 20281 Comm: syz.3.2710 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1253.531905][T20281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1253.531920][T20281] Call Trace: [ 1253.531927][T20281] [ 1253.531936][T20281] dump_stack_lvl+0x16c/0x1f0 [ 1253.531977][T20281] should_fail_ex+0x512/0x640 [ 1253.532015][T20281] should_failslab+0xc2/0x120 [ 1253.532038][T20281] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1253.532075][T20281] ? security_inode_alloc+0x3b/0x2b0 [ 1253.532103][T20281] security_inode_alloc+0x3b/0x2b0 [ 1253.532129][T20281] inode_init_always_gfp+0xce4/0x1030 [ 1253.532167][T20281] alloc_inode+0x86/0x240 [ 1253.532191][T20281] sock_alloc+0x40/0x280 [ 1253.532213][T20281] __sock_create+0xc1/0x8d0 [ 1253.532243][T20281] __sys_socket+0x14d/0x260 [ 1253.532271][T20281] ? __pfx___sys_socket+0x10/0x10 [ 1253.532300][T20281] ? xfd_validate_state+0x61/0x180 [ 1253.532343][T20281] ? __pfx_do_writev+0x10/0x10 [ 1253.532379][T20281] __x64_sys_socket+0x72/0xb0 [ 1253.532409][T20281] do_syscall_64+0xcd/0x490 [ 1253.532448][T20281] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1253.532484][T20281] RIP: 0033:0x7fb7f378e929 [ 1253.532502][T20281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1253.532525][T20281] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1253.532547][T20281] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1253.532563][T20281] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 1253.532578][T20281] RBP: 00007fb7f3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1253.532593][T20281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1253.532607][T20281] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1253.532629][T20281] [ 1253.532649][T20281] socket: no more sockets [ 1254.924910][T20303] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2715'. [ 1254.969024][T20303] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1255.037353][T20303] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1255.305568][T20303] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1255.506213][T20303] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1256.007984][T20314] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 1256.119929][T20320] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2717'. [ 1256.928409][T20337] FAULT_INJECTION: forcing a failure. [ 1256.928409][T20337] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1257.106757][T20333] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2722'. [ 1257.191564][T20337] CPU: 0 UID: 0 PID: 20337 Comm: syz.1.2722 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1257.191601][T20337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1257.191616][T20337] Call Trace: [ 1257.191624][T20337] [ 1257.191633][T20337] dump_stack_lvl+0x16c/0x1f0 [ 1257.191675][T20337] should_fail_ex+0x512/0x640 [ 1257.191712][T20337] get_futex_key+0x1d0/0x1540 [ 1257.191741][T20337] ? rcu_is_watching+0x12/0xc0 [ 1257.191765][T20337] ? __pfx_get_futex_key+0x10/0x10 [ 1257.191793][T20337] ? pick_eevdf+0x3be/0x5b0 [ 1257.191821][T20337] ? psi_group_change+0x6dc/0xd20 [ 1257.191854][T20337] futex_wait_setup+0x9d/0x550 [ 1257.191894][T20337] __futex_wait+0x194/0x2f0 [ 1257.191930][T20337] ? __pfx___futex_wait+0x10/0x10 [ 1257.191982][T20337] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1257.192022][T20337] ? __pfx_futex_wake_mark+0x10/0x10 [ 1257.192058][T20337] ? futex_wake+0x456/0x530 [ 1257.192094][T20337] futex_wait+0xe8/0x380 [ 1257.192127][T20337] ? __pfx_futex_wait+0x10/0x10 [ 1257.192165][T20337] ? do_raw_spin_lock+0x12c/0x2b0 [ 1257.192204][T20337] do_futex+0x229/0x350 [ 1257.192231][T20337] ? __pfx_do_futex+0x10/0x10 [ 1257.192259][T20337] ? rcu_is_watching+0x12/0xc0 [ 1257.192285][T20337] __x64_sys_futex+0x1e0/0x4c0 [ 1257.192314][T20337] ? rcu_is_watching+0x12/0xc0 [ 1257.192337][T20337] ? __pfx___x64_sys_futex+0x10/0x10 [ 1257.192365][T20337] ? __task_pid_nr_ns+0x17c/0x500 [ 1257.192397][T20337] ? lock_release+0x201/0x2f0 [ 1257.192431][T20337] do_syscall_64+0xcd/0x490 [ 1257.192468][T20337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1257.192493][T20337] RIP: 0033:0x7f3dcd58e929 [ 1257.192511][T20337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1257.192535][T20337] RSP: 002b:00007f3dce3510e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1257.192558][T20337] RAX: ffffffffffffffda RBX: 00007f3dcd7b6088 RCX: 00007f3dcd58e929 [ 1257.192574][T20337] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3dcd7b6088 [ 1257.192589][T20337] RBP: 00007f3dcd7b6080 R08: 0000000000000000 R09: 0000000000000000 [ 1257.192604][T20337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3dcd7b608c [ 1257.192622][T20337] R13: 0000000000000000 R14: 00007ffc5081ed50 R15: 00007ffc5081ee38 [ 1257.192644][T20337] [ 1258.283704][T20352] can: request_module (can-proto-0) failed. [ 1259.159649][T20368] FAULT_INJECTION: forcing a failure. [ 1259.159649][T20368] name failslab, interval 1, probability 0, space 0, times 0 [ 1259.337542][T20368] CPU: 0 UID: 0 PID: 20368 Comm: syz.3.2729 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1259.337580][T20368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1259.337595][T20368] Call Trace: [ 1259.337602][T20368] [ 1259.337611][T20368] dump_stack_lvl+0x16c/0x1f0 [ 1259.337656][T20368] should_fail_ex+0x512/0x640 [ 1259.337694][T20368] should_failslab+0xc2/0x120 [ 1259.337717][T20368] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1259.337751][T20368] ? mqueue_init_fs_context+0x4b/0x480 [ 1259.337777][T20368] ? __pfx_mqueue_init_fs_context+0x10/0x10 [ 1259.337800][T20368] mqueue_init_fs_context+0x4b/0x480 [ 1259.337823][T20368] ? __pfx_mqueue_init_fs_context+0x10/0x10 [ 1259.337847][T20368] alloc_fs_context+0x54a/0x9c0 [ 1259.337891][T20368] mq_init_ns+0x172/0x620 [ 1259.337917][T20368] copy_ipcs+0x383/0x610 [ 1259.337941][T20368] ? copy_utsname+0xab/0x470 [ 1259.337976][T20368] create_new_namespaces+0x20a/0xa90 [ 1259.338002][T20368] ? security_capable+0x7e/0x260 [ 1259.338043][T20368] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1259.338072][T20368] ksys_unshare+0x45b/0xa40 [ 1259.338103][T20368] ? __pfx_ksys_unshare+0x10/0x10 [ 1259.338136][T20368] ? xfd_validate_state+0x61/0x180 [ 1259.338172][T20368] __x64_sys_unshare+0x31/0x40 [ 1259.338203][T20368] do_syscall_64+0xcd/0x490 [ 1259.338242][T20368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1259.338268][T20368] RIP: 0033:0x7fb7f378e929 [ 1259.338286][T20368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1259.338310][T20368] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1259.338333][T20368] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1259.338350][T20368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1259.338365][T20368] RBP: 00007fb7f3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1259.338381][T20368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1259.338396][T20368] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1259.338419][T20368] [ 1261.568039][T20381] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2730'. [ 1261.995016][T20381] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1262.002489][T20381] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1262.515997][T20381] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1262.523488][T20381] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1265.585805][T20425] FAULT_INJECTION: forcing a failure. [ 1265.585805][T20425] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.793652][T20425] CPU: 0 UID: 0 PID: 20425 Comm: syz.1.2740 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1265.793689][T20425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1265.793704][T20425] Call Trace: [ 1265.793712][T20425] [ 1265.793721][T20425] dump_stack_lvl+0x16c/0x1f0 [ 1265.793763][T20425] should_fail_ex+0x512/0x640 [ 1265.793801][T20425] should_failslab+0xc2/0x120 [ 1265.793824][T20425] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1265.793858][T20425] ? mqueue_init_fs_context+0x4b/0x480 [ 1265.793884][T20425] ? __pfx_mqueue_init_fs_context+0x10/0x10 [ 1265.793907][T20425] mqueue_init_fs_context+0x4b/0x480 [ 1265.793929][T20425] ? __pfx_mqueue_init_fs_context+0x10/0x10 [ 1265.793953][T20425] alloc_fs_context+0x54a/0x9c0 [ 1265.793992][T20425] mq_init_ns+0x172/0x620 [ 1265.794019][T20425] copy_ipcs+0x383/0x610 [ 1265.794042][T20425] ? copy_utsname+0xab/0x470 [ 1265.794077][T20425] create_new_namespaces+0x20a/0xa90 [ 1265.794103][T20425] ? security_capable+0x7e/0x260 [ 1265.794144][T20425] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1265.794172][T20425] ksys_unshare+0x45b/0xa40 [ 1265.794204][T20425] ? __pfx_ksys_unshare+0x10/0x10 [ 1265.794236][T20425] ? xfd_validate_state+0x61/0x180 [ 1265.794272][T20425] __x64_sys_unshare+0x31/0x40 [ 1265.794310][T20425] do_syscall_64+0xcd/0x490 [ 1265.794349][T20425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1265.794375][T20425] RIP: 0033:0x7f3dcd58e929 [ 1265.794393][T20425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1265.794418][T20425] RSP: 002b:00007f3dce372038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1265.794441][T20425] RAX: ffffffffffffffda RBX: 00007f3dcd7b5fa0 RCX: 00007f3dcd58e929 [ 1265.794458][T20425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1265.794473][T20425] RBP: 00007f3dcd610b39 R08: 0000000000000000 R09: 0000000000000000 [ 1265.794488][T20425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1265.794503][T20425] R13: 0000000000000000 R14: 00007f3dcd7b5fa0 R15: 00007ffc5081ee38 [ 1265.794526][T20425] [ 1267.444049][T20433] zswap: compressor 000 not available [ 1267.474077][T20434] ieee80211 phy166: Selected rate control algorithm 'minstrel_ht' [ 1268.618423][T20448] can: request_module (can-proto-0) failed. [ 1268.901615][T20451] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input33 [ 1270.399017][T20482] nbd: must specify an index to disconnect [ 1270.567495][T20482] FAULT_INJECTION: forcing a failure. [ 1270.567495][T20482] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.808569][T20482] CPU: 0 UID: 0 PID: 20482 Comm: syz.3.2749 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1270.808606][T20482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1270.808621][T20482] Call Trace: [ 1270.808628][T20482] [ 1270.808637][T20482] dump_stack_lvl+0x16c/0x1f0 [ 1270.808676][T20482] should_fail_ex+0x512/0x640 [ 1270.808713][T20482] should_failslab+0xc2/0x120 [ 1270.808735][T20482] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1270.808783][T20482] ? security_file_alloc+0x34/0x2b0 [ 1270.808838][T20482] security_file_alloc+0x34/0x2b0 [ 1270.808869][T20482] init_file+0x93/0x4c0 [ 1270.808892][T20482] alloc_empty_file+0x73/0x1e0 [ 1270.808916][T20482] path_openat+0xda/0x2cb0 [ 1270.808949][T20482] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.808978][T20482] ? __pfx_path_openat+0x10/0x10 [ 1270.809016][T20482] do_filp_open+0x20b/0x470 [ 1270.809050][T20482] ? __pfx_do_filp_open+0x10/0x10 [ 1270.809093][T20482] ? alloc_fd+0x471/0x7d0 [ 1270.809127][T20482] do_sys_openat2+0x11b/0x1d0 [ 1270.809153][T20482] ? __pfx_do_sys_openat2+0x10/0x10 [ 1270.809184][T20482] __x64_sys_openat+0x174/0x210 [ 1270.809210][T20482] ? __pfx___x64_sys_openat+0x10/0x10 [ 1270.809243][T20482] do_syscall_64+0xcd/0x490 [ 1270.809282][T20482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.809306][T20482] RIP: 0033:0x7fb7f378e929 [ 1270.809324][T20482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1270.809348][T20482] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1270.809370][T20482] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1270.809386][T20482] RDX: 0000000000060442 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1270.809401][T20482] RBP: 00007fb7f3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1270.809417][T20482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1270.809431][T20482] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1270.809453][T20482] [ 1271.683776][T20487] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 1271.696952][T14293] Bluetooth: hci1: command 0x0406 tx timeout [ 1271.752413][T20502] FAULT_INJECTION: forcing a failure. [ 1271.752413][T20502] name failslab, interval 1, probability 0, space 0, times 0 [ 1271.913988][T20502] CPU: 0 UID: 0 PID: 20502 Comm: syz.1.2752 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1271.914023][T20502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1271.914038][T20502] Call Trace: [ 1271.914045][T20502] [ 1271.914054][T20502] dump_stack_lvl+0x16c/0x1f0 [ 1271.914093][T20502] should_fail_ex+0x512/0x640 [ 1271.914130][T20502] should_failslab+0xc2/0x120 [ 1271.914153][T20502] __kvmalloc_node_noprof+0x137/0x620 [ 1271.914187][T20502] ? __pfx___mutex_lock+0x10/0x10 [ 1271.914223][T20502] ? traverse.part.0.constprop.0+0x392/0x640 [ 1271.914258][T20502] ? traverse.part.0.constprop.0+0x392/0x640 [ 1271.914288][T20502] traverse.part.0.constprop.0+0x392/0x640 [ 1271.914320][T20502] ? rcu_is_watching+0x12/0xc0 [ 1271.914347][T20502] seq_read_iter+0x932/0x12c0 [ 1271.914376][T20502] ? aa_file_perm+0x4d6/0xfb0 [ 1271.914408][T20502] ? __pfx_kstrtouint+0x10/0x10 [ 1271.914437][T20502] seq_read+0x39e/0x4e0 [ 1271.914466][T20502] ? __pfx_seq_read+0x10/0x10 [ 1271.914494][T20502] ? rcu_is_watching+0x12/0xc0 [ 1271.914517][T20502] ? rcu_is_watching+0x12/0xc0 [ 1271.914540][T20502] ? lock_release+0x201/0x2f0 [ 1271.914574][T20502] ? apparmor_file_permission+0x251/0x400 [ 1271.914601][T20502] ? __pfx_seq_read+0x10/0x10 [ 1271.914630][T20502] proc_reg_read+0x23d/0x330 [ 1271.914665][T20502] ? __pfx_proc_reg_read+0x10/0x10 [ 1271.914700][T20502] vfs_read+0x1e4/0xc60 [ 1271.914732][T20502] ? lock_release+0x201/0x2f0 [ 1271.914763][T20502] ? __pfx_vfs_read+0x10/0x10 [ 1271.914801][T20502] ? __fget_files+0x204/0x3c0 [ 1271.914832][T20502] ? rcu_is_watching+0x12/0xc0 [ 1271.914855][T20502] ? lock_release+0x201/0x2f0 [ 1271.914887][T20502] ? __fget_files+0x20e/0x3c0 [ 1271.914918][T20502] ? __fget_files+0x190/0x3c0 [ 1271.914953][T20502] __x64_sys_pread64+0x1eb/0x250 [ 1271.914989][T20502] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1271.915032][T20502] do_syscall_64+0xcd/0x490 [ 1271.915069][T20502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.915094][T20502] RIP: 0033:0x7f3dcd58e929 [ 1271.915112][T20502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1271.915136][T20502] RSP: 002b:00007f3dce372038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1271.915159][T20502] RAX: ffffffffffffffda RBX: 00007f3dcd7b5fa0 RCX: 00007f3dcd58e929 [ 1271.915175][T20502] RDX: 000000000000007e RSI: 0000000000000000 RDI: 0000000000000003 [ 1271.915190][T20502] RBP: 00007f3dce372090 R08: 0000000000000000 R09: 0000000000000000 [ 1271.915218][T20502] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001 [ 1271.915233][T20502] R13: 0000000000000000 R14: 00007f3dcd7b5fa0 R15: 00007ffc5081ee38 [ 1271.915255][T20502] [ 1272.643035][T20508] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2753'. [ 1273.375064][T20525] sd 0:0:1:0: PR command failed: 1026 [ 1273.472233][T20525] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1273.612206][T20525] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1274.210543][T20532] zswap: compressor 000 not available [ 1274.403413][T20519] ieee80211 phy167: Selected rate control algorithm 'minstrel_ht' [ 1276.886122][T20578] FAULT_INJECTION: forcing a failure. [ 1276.886122][T20578] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1276.959567][T20578] CPU: 0 UID: 0 PID: 20578 Comm: syz.3.2762 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1276.959602][T20578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1276.959618][T20578] Call Trace: [ 1276.959626][T20578] [ 1276.959635][T20578] dump_stack_lvl+0x16c/0x1f0 [ 1276.959674][T20578] should_fail_ex+0x512/0x640 [ 1276.959711][T20578] _copy_to_iter+0x463/0x16f0 [ 1276.959749][T20578] ? rcu_is_watching+0x12/0xc0 [ 1276.959773][T20578] ? lock_release+0x201/0x2f0 [ 1276.959804][T20578] ? __pfx__copy_to_iter+0x10/0x10 [ 1276.959842][T20578] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 1276.959879][T20578] seq_read_iter+0x719/0x12c0 [ 1276.959908][T20578] ? aa_file_perm+0x4d6/0xfb0 [ 1276.959941][T20578] ? __pfx_kstrtouint+0x10/0x10 [ 1276.959969][T20578] seq_read+0x39e/0x4e0 [ 1276.959997][T20578] ? __pfx_seq_read+0x10/0x10 [ 1276.960026][T20578] ? rcu_is_watching+0x12/0xc0 [ 1276.960049][T20578] ? rcu_is_watching+0x12/0xc0 [ 1276.960072][T20578] ? lock_release+0x201/0x2f0 [ 1276.960105][T20578] ? apparmor_file_permission+0x251/0x400 [ 1276.960132][T20578] ? __pfx_seq_read+0x10/0x10 [ 1276.960160][T20578] proc_reg_read+0x23d/0x330 [ 1276.960195][T20578] ? __pfx_proc_reg_read+0x10/0x10 [ 1276.960230][T20578] vfs_read+0x1e4/0xc60 [ 1276.960263][T20578] ? lock_release+0x201/0x2f0 [ 1276.960294][T20578] ? __pfx_vfs_read+0x10/0x10 [ 1276.960325][T20578] ? __fget_files+0x204/0x3c0 [ 1276.960362][T20578] ? rcu_is_watching+0x12/0xc0 [ 1276.960386][T20578] ? lock_release+0x201/0x2f0 [ 1276.960418][T20578] ? __fget_files+0x20e/0x3c0 [ 1276.960465][T20578] ? __fget_files+0x190/0x3c0 [ 1276.960499][T20578] __x64_sys_pread64+0x1eb/0x250 [ 1276.960547][T20578] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1276.960583][T20578] do_syscall_64+0xcd/0x490 [ 1276.960618][T20578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1276.960645][T20578] RIP: 0033:0x7fb7f378e929 [ 1276.960661][T20578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1276.960682][T20578] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1276.960703][T20578] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1276.960718][T20578] RDX: 000000000000007e RSI: 0000000000000000 RDI: 0000000000000003 [ 1276.960732][T20578] RBP: 00007fb7f460a090 R08: 0000000000000000 R09: 0000000000000000 [ 1276.960745][T20578] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001 [ 1276.960759][T20578] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1276.960779][T20578] [ 1277.703859][T20581] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2765'. [ 1278.252502][T20592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2767'. [ 1279.194142][T20599] zswap: compressor 000 not available [ 1279.280437][T20600] ieee80211 phy168: Selected rate control algorithm 'minstrel_ht' [ 1279.381676][T20583] kexec: Could not allocate control_code_buffer [ 1280.456467][T20624] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2775'. [ 1388.340288][T22476] Process accounting paused [ 1388.398161][T22486] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3095'. [ 1388.697154][T22488] zswap: compressor 000 not available [ 1388.725317][T22484] ieee80211 phy184: Selected rate control algorithm 'minstrel_ht' [ 1389.357181][T22508] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967293.4294967295.4294967293), cmd(2) [ 1389.442531][T14293] Bluetooth: hci0: command 0x0406 tx timeout [ 1389.866940][T22507] zswap: compressor 000 not available [ 1389.983831][T22511] ieee80211 phy185: Selected rate control algorithm 'minstrel_ht' [ 1390.082697][T14293] Bluetooth: hci2: command 0x0c1a tx timeout [ 1390.088771][T13302] Bluetooth: hci5: command 0x0c1a tx timeout [ 1390.162888][T14293] Bluetooth: hci3: command 0x0c1a tx timeout [ 1390.169023][T13302] Bluetooth: hci1: command 0x0406 tx timeout [ 1392.460166][T14293] Bluetooth: hci5: Unable to find connection for big 0xd2 [ 1393.807022][T22579] vcan0: tx drop: invalid da for name 0x000000000000003f [ 1394.426653][T22582] FAULT_INJECTION: forcing a failure. [ 1394.426653][T22582] name failslab, interval 1, probability 0, space 0, times 0 [ 1394.803468][T22587] zswap: compressor 000 not available [ 1394.836953][T22582] CPU: 0 UID: 0 PID: 22582 Comm: syz.4.3111 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1394.836995][T22582] Tainted: [U]=USER [ 1394.837003][T22582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1394.837018][T22582] Call Trace: [ 1394.837026][T22582] [ 1394.837035][T22582] dump_stack_lvl+0x16c/0x1f0 [ 1394.837075][T22582] should_fail_ex+0x512/0x640 [ 1394.837111][T22582] should_failslab+0xc2/0x120 [ 1394.837134][T22582] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1394.837170][T22582] ? skb_clone+0x190/0x3f0 [ 1394.837208][T22582] skb_clone+0x190/0x3f0 [ 1394.837245][T22582] netlink_deliver_tap+0xabd/0xd30 [ 1394.837270][T22582] netlink_unicast+0x5df/0x7f0 [ 1394.837296][T22582] ? __pfx_netlink_unicast+0x10/0x10 [ 1394.837325][T22582] netlink_sendmsg+0x8d1/0xdd0 [ 1394.837351][T22582] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1394.837381][T22582] ____sys_sendmsg+0xa98/0xc70 [ 1394.837407][T22582] ? copy_msghdr_from_user+0x10a/0x160 [ 1394.837443][T22582] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1394.837468][T22582] ? __pfx_kstrtouint+0x10/0x10 [ 1394.837498][T22582] ? kstrtouint_from_user+0x13c/0x1d0 [ 1394.837528][T22582] ___sys_sendmsg+0x134/0x1d0 [ 1394.837565][T22582] ? __pfx____sys_sendmsg+0x10/0x10 [ 1394.837606][T22582] ? rcu_is_watching+0x12/0xc0 [ 1394.837640][T22582] __sys_sendmsg+0x16d/0x220 [ 1394.837676][T22582] ? __pfx___sys_sendmsg+0x10/0x10 [ 1394.837726][T22582] do_syscall_64+0xcd/0x490 [ 1394.837764][T22582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1394.837788][T22582] RIP: 0033:0x7f03fd98e929 [ 1394.837806][T22582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1394.837830][T22582] RSP: 002b:00007f03fe870038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1394.837852][T22582] RAX: ffffffffffffffda RBX: 00007f03fdbb5fa0 RCX: 00007f03fd98e929 [ 1394.837869][T22582] RDX: 00000000000000c0 RSI: 0000200000001e00 RDI: 0000000000000006 [ 1394.837884][T22582] RBP: 00007f03fe870090 R08: 0000000000000000 R09: 0000000000000000 [ 1394.837900][T22582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1394.837915][T22582] R13: 0000000000000000 R14: 00007f03fdbb5fa0 R15: 00007ffe07eb9498 [ 1394.837938][T22582] [ 1395.067581][ C0] vkms_vblank_simulate: vblank timer overrun [ 1395.341919][T22582] ieee80211 phy186: Selected rate control algorithm 'minstrel_ht' [ 1396.184345][T22609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1397.255162][T22614] zswap: compressor 000 not available [ 1397.344292][T22622] ieee80211 phy187: Selected rate control algorithm 'minstrel_ht' [ 1399.289822][T22655] FAULT_INJECTION: forcing a failure. [ 1399.289822][T22655] name failslab, interval 1, probability 0, space 0, times 0 [ 1399.407632][T22655] CPU: 0 UID: 0 PID: 22655 Comm: syz.3.3125 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1399.407672][T22655] Tainted: [U]=USER [ 1399.407680][T22655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1399.407694][T22655] Call Trace: [ 1399.407702][T22655] [ 1399.407711][T22655] dump_stack_lvl+0x16c/0x1f0 [ 1399.407750][T22655] should_fail_ex+0x512/0x640 [ 1399.407786][T22655] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1399.407820][T22655] should_failslab+0xc2/0x120 [ 1399.407844][T22655] __kmalloc_noprof+0xd2/0x510 [ 1399.407886][T22655] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1399.407920][T22655] ? tomoyo_profile+0x47/0x60 [ 1399.407958][T22655] tomoyo_path_number_perm+0x245/0x580 [ 1399.407985][T22655] ? tomoyo_path_number_perm+0x237/0x580 [ 1399.408013][T22655] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1399.408046][T22655] ? preempt_count_add+0x76/0x150 [ 1399.408090][T22655] ? rcu_is_watching+0x12/0xc0 [ 1399.408114][T22655] ? __fget_files+0x204/0x3c0 [ 1399.408145][T22655] ? hook_file_ioctl_common+0x145/0x410 [ 1399.408171][T22655] ? lock_release+0x201/0x2f0 [ 1399.408203][T22655] ? __fget_files+0x20e/0x3c0 [ 1399.408237][T22655] security_file_ioctl+0x9b/0x240 [ 1399.408269][T22655] __x64_sys_ioctl+0xb7/0x210 [ 1399.408298][T22655] do_syscall_64+0xcd/0x490 [ 1399.408341][T22655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1399.408366][T22655] RIP: 0033:0x7fb7f378e929 [ 1399.408384][T22655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1399.408408][T22655] RSP: 002b:00007fb7f45e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1399.408431][T22655] RAX: ffffffffffffffda RBX: 00007fb7f39b6080 RCX: 00007fb7f378e929 [ 1399.408447][T22655] RDX: 0000200000000100 RSI: 00000000c0045005 RDI: 0000000000000003 [ 1399.408462][T22655] RBP: 00007fb7f45e9090 R08: 0000000000000000 R09: 0000000000000000 [ 1399.408478][T22655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1399.408493][T22655] R13: 0000000000000001 R14: 00007fb7f39b6080 R15: 00007fff67efab18 [ 1399.408516][T22655] [ 1399.408525][T22655] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1400.431655][T22665] zswap: compressor 000 not available [ 1400.448105][T22662] ieee80211 phy188: Selected rate control algorithm 'minstrel_ht' [ 1402.287448][T22684] zswap: compressor 000 not available [ 1402.360058][T22690] ieee80211 phy189: Selected rate control algorithm 'minstrel_ht' [ 1404.292653][T22719] zswap: compressor 000 not available [ 1404.353196][T22715] ieee80211 phy190: Selected rate control algorithm 'minstrel_ht' [ 1405.624433][T22750] base_sock_release(ffff8880373d8c00) sk=ffff888076f68000 [ 1405.753993][T22750] base_sock_release(ffff8880428b9800) sk=ffff88805b502000 [ 1406.743573][T22762] zswap: compressor 000 not available [ 1406.767414][T22775] ieee80211 phy191: Selected rate control algorithm 'minstrel_ht' [ 1409.422336][T22841] zswap: compressor 000 not available [ 1409.438333][T22838] ieee80211 phy192: Selected rate control algorithm 'minstrel_ht' [ 1411.094663][T22884] could not allocate digest TFM handle [ 1411.609565][T22903] FAULT_INJECTION: forcing a failure. [ 1411.609565][T22903] name failslab, interval 1, probability 0, space 0, times 0 [ 1411.712393][T22903] CPU: 0 UID: 2054 PID: 22903 Comm: syz.3.3173 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1411.712436][T22903] Tainted: [U]=USER [ 1411.712444][T22903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1411.712459][T22903] Call Trace: [ 1411.712467][T22903] [ 1411.712476][T22903] dump_stack_lvl+0x16c/0x1f0 [ 1411.712516][T22903] should_fail_ex+0x512/0x640 [ 1411.712553][T22903] should_failslab+0xc2/0x120 [ 1411.712576][T22903] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1411.712616][T22903] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1411.712640][T22903] ? key_alloc+0x43e/0x1330 [ 1411.712670][T22903] kmemdup_noprof+0x29/0x60 [ 1411.712705][T22903] key_alloc+0x43e/0x1330 [ 1411.712739][T22903] ? __pfx_key_alloc+0x10/0x10 [ 1411.712767][T22903] ? __pfx_key_default_cmp+0x10/0x10 [ 1411.712800][T22903] ? __pfx_keyring_search_iterator+0x10/0x10 [ 1411.712836][T22903] keyring_alloc+0x44/0xc0 [ 1411.712870][T22903] look_up_user_keyrings+0x510/0x760 [ 1411.712897][T22903] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1411.712924][T22903] ? __pfx_futex_wake+0x10/0x10 [ 1411.712957][T22903] ? lock_release+0x201/0x2f0 [ 1411.712991][T22903] lookup_user_key+0x1a3/0x1300 [ 1411.713018][T22903] ? __pfx_lookup_user_key+0x10/0x10 [ 1411.713044][T22903] ? do_futex+0x122/0x350 [ 1411.713075][T22903] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1411.713105][T22903] ? fput+0x70/0xf0 [ 1411.713125][T22903] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 1411.713157][T22903] keyctl_keyring_clear+0x24/0x1a0 [ 1411.713196][T22903] __do_sys_keyctl+0x355/0x590 [ 1411.713221][T22903] do_syscall_64+0xcd/0x490 [ 1411.713258][T22903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1411.713283][T22903] RIP: 0033:0x7fb7f378e929 [ 1411.713300][T22903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1411.713324][T22903] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1411.713347][T22903] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1411.713367][T22903] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 1411.713387][T22903] RBP: 00007fb7f3810b39 R08: 0000000000000008 R09: 0000000000000000 [ 1411.713401][T22903] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1411.713415][T22903] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1411.713437][T22903] [ 1412.675457][T22904] zswap: compressor 000 not available [ 1412.710323][T22906] ieee80211 phy193: Selected rate control algorithm 'minstrel_ht' [ 1413.094751][T22924] caif:caif_disconnect_client(): nothing to disconnect [ 1414.081308][T22954] FAULT_INJECTION: forcing a failure. [ 1414.081308][T22954] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1414.156998][T22954] CPU: 0 UID: 0 PID: 22954 Comm: syz.4.3182 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1414.157038][T22954] Tainted: [U]=USER [ 1414.157047][T22954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1414.157062][T22954] Call Trace: [ 1414.157069][T22954] [ 1414.157078][T22954] dump_stack_lvl+0x16c/0x1f0 [ 1414.157119][T22954] should_fail_ex+0x512/0x640 [ 1414.157156][T22954] _copy_from_user+0x2e/0xd0 [ 1414.157192][T22954] copy_msghdr_from_user+0x98/0x160 [ 1414.157238][T22954] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1414.157276][T22954] ? __pfx__kstrtoull+0x10/0x10 [ 1414.157304][T22954] ? aa_file_perm+0x4c7/0xfb0 [ 1414.157338][T22954] ___sys_sendmsg+0xfe/0x1d0 [ 1414.157374][T22954] ? __pfx____sys_sendmsg+0x10/0x10 [ 1414.157415][T22954] ? rcu_is_watching+0x12/0xc0 [ 1414.157449][T22954] __sys_sendmmsg+0x200/0x420 [ 1414.157487][T22954] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1414.157522][T22954] ? lock_release+0x201/0x2f0 [ 1414.157557][T22954] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1414.157602][T22954] ? fput+0x70/0xf0 [ 1414.157624][T22954] ? ksys_write+0x1ac/0x250 [ 1414.157658][T22954] ? __pfx_ksys_write+0x10/0x10 [ 1414.157694][T22954] __x64_sys_sendmmsg+0x9c/0x100 [ 1414.157730][T22954] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1414.157768][T22954] do_syscall_64+0xcd/0x490 [ 1414.157805][T22954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1414.157830][T22954] RIP: 0033:0x7f03fd98e929 [ 1414.157848][T22954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1414.157870][T22954] RSP: 002b:00007f03fe870038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1414.157893][T22954] RAX: ffffffffffffffda RBX: 00007f03fdbb5fa0 RCX: 00007f03fd98e929 [ 1414.157910][T22954] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1414.157925][T22954] RBP: 00007f03fe870090 R08: 0000000000000000 R09: 0000000000000000 [ 1414.157940][T22954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1414.157955][T22954] R13: 0000000000000000 R14: 00007f03fdbb5fa0 R15: 00007ffe07eb9498 [ 1414.157993][T22954] [ 1415.278258][T22963] FAULT_INJECTION: forcing a failure. [ 1415.278258][T22963] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1415.361704][T22963] CPU: 0 UID: 0 PID: 22963 Comm: syz.1.3185 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1415.361743][T22963] Tainted: [U]=USER [ 1415.361769][T22963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1415.361783][T22963] Call Trace: [ 1415.361791][T22963] [ 1415.361800][T22963] dump_stack_lvl+0x16c/0x1f0 [ 1415.361840][T22963] should_fail_ex+0x512/0x640 [ 1415.361876][T22963] _copy_to_user+0x32/0xd0 [ 1415.361911][T22963] simple_read_from_buffer+0xcb/0x170 [ 1415.361942][T22963] proc_fail_nth_read+0x197/0x270 [ 1415.361969][T22963] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1415.361995][T22963] ? security_file_permission+0x71/0x210 [ 1415.362032][T22963] ? rw_verify_area+0xcf/0x680 [ 1415.362062][T22963] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1415.362090][T22963] vfs_read+0x1e4/0xc60 [ 1415.362124][T22963] ? __pfx___mutex_lock+0x10/0x10 [ 1415.362161][T22963] ? __pfx_vfs_read+0x10/0x10 [ 1415.362194][T22963] ? __fget_files+0x204/0x3c0 [ 1415.362226][T22963] ? rcu_is_watching+0x12/0xc0 [ 1415.362253][T22963] ? __fget_files+0x20e/0x3c0 [ 1415.362288][T22963] ksys_read+0x12a/0x250 [ 1415.362321][T22963] ? __pfx_ksys_read+0x10/0x10 [ 1415.362355][T22963] ? fput+0x70/0xf0 [ 1415.362378][T22963] do_syscall_64+0xcd/0x490 [ 1415.362416][T22963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1415.362441][T22963] RIP: 0033:0x7f3dcd58d33c [ 1415.362460][T22963] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1415.362485][T22963] RSP: 002b:00007f3dce372030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1415.362507][T22963] RAX: ffffffffffffffda RBX: 00007f3dcd7b5fa0 RCX: 00007f3dcd58d33c [ 1415.362524][T22963] RDX: 000000000000000f RSI: 00007f3dce3720a0 RDI: 0000000000000006 [ 1415.362539][T22963] RBP: 00007f3dce372090 R08: 0000000000000000 R09: 0000000000000000 [ 1415.362553][T22963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1415.362568][T22963] R13: 0000000000000000 R14: 00007f3dcd7b5fa0 R15: 00007ffc5081ee38 [ 1415.362591][T22963] [ 1416.394266][T22988] openvswitch: netlink: Message has 20 unknown bytes. [ 1416.426035][T22989] FAULT_INJECTION: forcing a failure. [ 1416.426035][T22989] name failslab, interval 1, probability 0, space 0, times 0 [ 1416.480695][T22989] CPU: 0 UID: 0 PID: 22989 Comm: syz.2.3193 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1416.480735][T22989] Tainted: [U]=USER [ 1416.480744][T22989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1416.480758][T22989] Call Trace: [ 1416.480766][T22989] [ 1416.480774][T22989] dump_stack_lvl+0x16c/0x1f0 [ 1416.480815][T22989] should_fail_ex+0x512/0x640 [ 1416.480851][T22989] should_failslab+0xc2/0x120 [ 1416.480873][T22989] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1416.480910][T22989] ? __alloc_skb+0x2b2/0x380 [ 1416.480953][T22989] __alloc_skb+0x2b2/0x380 [ 1416.480986][T22989] ? __pfx___alloc_skb+0x10/0x10 [ 1416.481021][T22989] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1416.481049][T22989] netlink_alloc_large_skb+0x69/0x130 [ 1416.481074][T22989] netlink_sendmsg+0x6a1/0xdd0 [ 1416.481101][T22989] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1416.481131][T22989] ____sys_sendmsg+0xa98/0xc70 [ 1416.481157][T22989] ? copy_msghdr_from_user+0x10a/0x160 [ 1416.481194][T22989] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1416.481222][T22989] ? __pfx__kstrtoull+0x10/0x10 [ 1416.481249][T22989] ? aa_file_perm+0x4c7/0xfb0 [ 1416.481283][T22989] ___sys_sendmsg+0x134/0x1d0 [ 1416.481318][T22989] ? __pfx____sys_sendmsg+0x10/0x10 [ 1416.481360][T22989] ? rcu_is_watching+0x12/0xc0 [ 1416.481407][T22989] __sys_sendmmsg+0x200/0x420 [ 1416.481443][T22989] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1416.481478][T22989] ? lock_release+0x201/0x2f0 [ 1416.481512][T22989] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1416.481556][T22989] ? fput+0x70/0xf0 [ 1416.481576][T22989] ? ksys_write+0x1ac/0x250 [ 1416.481609][T22989] ? __pfx_ksys_write+0x10/0x10 [ 1416.481644][T22989] __x64_sys_sendmmsg+0x9c/0x100 [ 1416.481679][T22989] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1416.481717][T22989] do_syscall_64+0xcd/0x490 [ 1416.481754][T22989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1416.481777][T22989] RIP: 0033:0x7f0d85d8e929 [ 1416.481795][T22989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1416.481817][T22989] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1416.481839][T22989] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1416.481855][T22989] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1416.481870][T22989] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1416.481884][T22989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1416.481899][T22989] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1416.481921][T22989] [ 1417.293099][T22997] ieee80211 phy194: Selected rate control algorithm 'minstrel_ht' [ 1419.007931][T23021] Process accounting resumed [ 1419.331343][T23042] FAULT_INJECTION: forcing a failure. [ 1419.331343][T23042] name failslab, interval 1, probability 0, space 0, times 0 [ 1419.420210][T23042] CPU: 0 UID: 0 PID: 23042 Comm: syz.3.3206 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1419.420253][T23042] Tainted: [U]=USER [ 1419.420262][T23042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1419.420277][T23042] Call Trace: [ 1419.420284][T23042] [ 1419.420293][T23042] dump_stack_lvl+0x16c/0x1f0 [ 1419.420334][T23042] should_fail_ex+0x512/0x640 [ 1419.420372][T23042] should_failslab+0xc2/0x120 [ 1419.420394][T23042] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1419.420432][T23042] ? security_file_alloc+0x34/0x2b0 [ 1419.420466][T23042] security_file_alloc+0x34/0x2b0 [ 1419.420498][T23042] init_file+0x93/0x4c0 [ 1419.420521][T23042] alloc_empty_file+0x73/0x1e0 [ 1419.420547][T23042] alloc_file_pseudo+0x13a/0x230 [ 1419.420573][T23042] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1419.420599][T23042] ? alloc_fd+0x471/0x7d0 [ 1419.420634][T23042] sock_alloc_file+0x50/0x210 [ 1419.420657][T23042] __sys_socket+0x1c0/0x260 [ 1419.420685][T23042] ? __pfx___sys_socket+0x10/0x10 [ 1419.420723][T23042] ? xfd_validate_state+0x61/0x180 [ 1419.420760][T23042] __x64_sys_socket+0x72/0xb0 [ 1419.420790][T23042] do_syscall_64+0xcd/0x490 [ 1419.420828][T23042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1419.420854][T23042] RIP: 0033:0x7fb7f378e929 [ 1419.420872][T23042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1419.420897][T23042] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1419.420920][T23042] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1419.420937][T23042] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 1419.420953][T23042] RBP: 00007fb7f3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1419.420968][T23042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1419.420983][T23042] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1419.421006][T23042] [ 1420.579971][T23053] zswap: compressor 000 not available [ 1420.598638][T23055] ieee80211 phy195: Selected rate control algorithm 'minstrel_ht' [ 1421.030765][T23067] random: crng reseeded on system resumption [ 1421.091548][T23067] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff] [ 1421.171239][T23067] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff] [ 1421.203167][T23067] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff] [ 1421.268838][T23067] PM: hibernation: Basic memory bitmaps created [ 1421.524707][T23079] FAULT_INJECTION: forcing a failure. [ 1421.524707][T23079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1421.598480][T23079] CPU: 0 UID: 0 PID: 23079 Comm: syz.2.3213 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1421.598520][T23079] Tainted: [U]=USER [ 1421.598536][T23079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1421.598550][T23079] Call Trace: [ 1421.598557][T23079] [ 1421.598566][T23079] dump_stack_lvl+0x16c/0x1f0 [ 1421.598604][T23079] should_fail_ex+0x512/0x640 [ 1421.598640][T23079] _copy_from_iter+0x29f/0x16f0 [ 1421.598676][T23079] ? __alloc_skb+0x200/0x380 [ 1421.598709][T23079] ? __pfx__copy_from_iter+0x10/0x10 [ 1421.598746][T23079] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1421.598775][T23079] netlink_sendmsg+0x829/0xdd0 [ 1421.598801][T23079] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1421.598829][T23079] ____sys_sendmsg+0xa98/0xc70 [ 1421.598855][T23079] ? copy_msghdr_from_user+0x10a/0x160 [ 1421.598890][T23079] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1421.598918][T23079] ? __pfx__kstrtoull+0x10/0x10 [ 1421.598944][T23079] ? aa_file_perm+0x4c7/0xfb0 [ 1421.598976][T23079] ___sys_sendmsg+0x134/0x1d0 [ 1421.599011][T23079] ? __pfx____sys_sendmsg+0x10/0x10 [ 1421.599050][T23079] ? rcu_is_watching+0x12/0xc0 [ 1421.599083][T23079] __sys_sendmmsg+0x200/0x420 [ 1421.599120][T23079] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1421.599153][T23079] ? lock_release+0x201/0x2f0 [ 1421.599186][T23079] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1421.599229][T23079] ? fput+0x70/0xf0 [ 1421.599249][T23079] ? ksys_write+0x1ac/0x250 [ 1421.599281][T23079] ? __pfx_ksys_write+0x10/0x10 [ 1421.599316][T23079] __x64_sys_sendmmsg+0x9c/0x100 [ 1421.599351][T23079] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1421.599406][T23079] do_syscall_64+0xcd/0x490 [ 1421.599444][T23079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1421.599469][T23079] RIP: 0033:0x7f0d85d8e929 [ 1421.599487][T23079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1421.599511][T23079] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1421.599538][T23079] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1421.599555][T23079] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1421.599570][T23079] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1421.599585][T23079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1421.599599][T23079] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1421.599623][T23079] [ 1422.275451][T23066] PM: hibernation: Basic memory bitmaps freed [ 1422.955094][T23085] zswap: compressor 000 not available [ 1422.983203][T23094] ieee80211 phy196: Selected rate control algorithm 'minstrel_ht' [ 1423.505297][T23104] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3219'. [ 1424.351613][T23118] ieee80211 phy197: Selected rate control algorithm 'minstrel_ht' [ 1425.603598][T23126] Invalid ELF header magic: != ELF [ 1427.152511][T23154] zswap: compressor 000 not available [ 1427.173288][T23151] ieee80211 phy198: Selected rate control algorithm 'minstrel_ht' [ 1429.319187][T23206] ieee80211 phy199: Selected rate control algorithm 'minstrel_ht' [ 1430.321244][T23245] Invalid ELF header magic: != ELF [ 1430.398852][T23247] zswap: compressor 000 not available [ 1430.433479][T23251] ieee80211 phy200: Selected rate control algorithm 'minstrel_ht' [ 1431.936634][T23268] zswap: compressor 000 not available [ 1431.953074][T23263] ieee80211 phy201: Selected rate control algorithm 'minstrel_ht' [ 1433.467736][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1433.475650][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1435.509007][T23327] Invalid ELF header magic: != ELF [ 1436.766150][T23336] zswap: compressor 000 not available [ 1436.797477][T23340] ieee80211 phy202: Selected rate control algorithm 'minstrel_ht' [ 1437.285098][T23353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3257'. [ 1437.332582][T23352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3257'. [ 1437.531565][T23359] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3260'. [ 1438.335171][T23374] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3264'. [ 1438.427636][T23369] zswap: compressor 000 not available [ 1438.458587][T23366] ieee80211 phy203: Selected rate control algorithm 'minstrel_ht' [ 1441.033601][T23402] ima: policy update failed [ 1441.042336][ T30] audit: type=1802 audit(4294968621.182:25): pid=23402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3272" res=0 errno=0 [ 1441.570110][T23422] FAULT_INJECTION: forcing a failure. [ 1441.570110][T23422] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1441.606232][T23416] FAULT_INJECTION: forcing a failure. [ 1441.606232][T23416] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1441.677642][T23422] CPU: 0 UID: 0 PID: 23422 Comm: syz.2.3276 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1441.677684][T23422] Tainted: [U]=USER [ 1441.677692][T23422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1441.677707][T23422] Call Trace: [ 1441.677714][T23422] [ 1441.677723][T23422] dump_stack_lvl+0x16c/0x1f0 [ 1441.677764][T23422] should_fail_ex+0x512/0x640 [ 1441.677802][T23422] should_fail_alloc_page+0xe7/0x130 [ 1441.677827][T23422] prepare_alloc_pages+0x3c2/0x610 [ 1441.677855][T23422] ? stack_trace_save+0x8e/0xc0 [ 1441.677883][T23422] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1441.677928][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.677953][T23422] ? __update_page_owner_handle+0x395/0x550 [ 1441.677990][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678013][T23422] ? lock_release+0x201/0x2f0 [ 1441.678044][T23422] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1441.678081][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678105][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678132][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678155][T23422] ? is_bpf_text_address+0x8a/0x1a0 [ 1441.678189][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678211][T23422] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1441.678249][T23422] ? policy_nodemask+0xea/0x4e0 [ 1441.678289][T23422] alloc_pages_mpol+0x1fb/0x550 [ 1441.678311][T23422] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1441.678336][T23422] ? arch_stack_walk+0xa6/0x100 [ 1441.678378][T23422] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1441.678405][T23422] shmem_alloc_folio+0x135/0x160 [ 1441.678435][T23422] shmem_alloc_and_add_folio+0x499/0xc20 [ 1441.678472][T23422] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1441.678508][T23422] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1441.678545][T23422] shmem_get_folio_gfp+0x67f/0x1600 [ 1441.678581][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678605][T23422] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1441.678641][T23422] ? filemap_map_pages+0xf6f/0x1680 [ 1441.678679][T23422] shmem_fault+0x1fe/0xa30 [ 1441.678713][T23422] ? __pfx_shmem_fault+0x10/0x10 [ 1441.678748][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.678783][T23422] ? __pfx_filemap_map_pages+0x10/0x10 [ 1441.678822][T23422] __do_fault+0x10d/0x490 [ 1441.678858][T23422] __handle_mm_fault+0x3c2a/0x5490 [ 1441.678893][T23422] ? __pfx___handle_mm_fault+0x10/0x10 [ 1441.678928][T23422] ? __pfx_mt_find+0x10/0x10 [ 1441.678955][T23422] ? find_vma+0xbf/0x140 [ 1441.678977][T23422] ? __pfx_find_vma+0x10/0x10 [ 1441.679001][T23422] handle_mm_fault+0x589/0xd10 [ 1441.679032][T23422] ? __pkru_allows_pkey+0x41/0xb0 [ 1441.679063][T23422] do_user_addr_fault+0x7a6/0x1370 [ 1441.679096][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.679120][T23422] exc_page_fault+0x5c/0xb0 [ 1441.679153][T23422] asm_exc_page_fault+0x26/0x30 [ 1441.679175][T23422] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 1441.679205][T23422] Code: 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f 10 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 1441.679228][T23422] RSP: 0018:ffffc9000491f7d0 EFLAGS: 00050206 [ 1441.679247][T23422] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4 [ 1441.679261][T23422] RDX: ffffed100bbf6e99 RSI: 0000000000000000 RDI: ffff88805dfb7400 [ 1441.679277][T23422] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100bbf6e98 [ 1441.679291][T23422] R10: ffff88805dfb74c3 R11: 0000000000000000 R12: ffffc9000491fd60 [ 1441.679306][T23422] R13: 00000000000000c4 R14: ffff88805dfb7400 R15: 00007ffffffff000 [ 1441.679329][T23422] _copy_from_iter+0x383/0x16f0 [ 1441.679371][T23422] ? __alloc_skb+0x200/0x380 [ 1441.679423][T23422] ? __pfx__copy_from_iter+0x10/0x10 [ 1441.679461][T23422] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1441.679491][T23422] netlink_sendmsg+0x829/0xdd0 [ 1441.679518][T23422] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1441.679548][T23422] ____sys_sendmsg+0xa98/0xc70 [ 1441.679575][T23422] ? copy_msghdr_from_user+0x10a/0x160 [ 1441.679611][T23422] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1441.679640][T23422] ? __pfx__kstrtoull+0x10/0x10 [ 1441.679667][T23422] ? aa_file_perm+0x4c7/0xfb0 [ 1441.679701][T23422] ___sys_sendmsg+0x134/0x1d0 [ 1441.679749][T23422] ? __pfx____sys_sendmsg+0x10/0x10 [ 1441.679789][T23422] ? rcu_is_watching+0x12/0xc0 [ 1441.679820][T23422] __sys_sendmmsg+0x200/0x420 [ 1441.679857][T23422] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1441.679892][T23422] ? lock_release+0x201/0x2f0 [ 1441.679929][T23422] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1441.679972][T23422] ? fput+0x70/0xf0 [ 1441.679992][T23422] ? ksys_write+0x1ac/0x250 [ 1441.680025][T23422] ? __pfx_ksys_write+0x10/0x10 [ 1441.680060][T23422] __x64_sys_sendmmsg+0x9c/0x100 [ 1441.680095][T23422] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1441.680132][T23422] do_syscall_64+0xcd/0x490 [ 1441.680168][T23422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1441.680191][T23422] RIP: 0033:0x7f0d85d8e929 [ 1441.680208][T23422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1441.680231][T23422] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1441.680252][T23422] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1441.680268][T23422] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1441.680283][T23422] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1441.680297][T23422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1441.680312][T23422] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1441.680333][T23422] [ 1442.477484][T23416] CPU: 0 UID: 0 PID: 23416 Comm: syz.3.3273 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1442.477526][T23416] Tainted: [U]=USER [ 1442.477535][T23416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1442.477550][T23416] Call Trace: [ 1442.477558][T23416] [ 1442.477566][T23416] dump_stack_lvl+0x16c/0x1f0 [ 1442.477607][T23416] should_fail_ex+0x512/0x640 [ 1442.477644][T23416] get_futex_key+0x1d0/0x1540 [ 1442.477672][T23416] ? rcu_is_watching+0x12/0xc0 [ 1442.477696][T23416] ? __pfx_get_futex_key+0x10/0x10 [ 1442.477723][T23416] ? pick_eevdf+0x3be/0x5b0 [ 1442.477749][T23416] ? psi_group_change+0x6dc/0xd20 [ 1442.477782][T23416] futex_wait_setup+0x9d/0x550 [ 1442.477828][T23416] __futex_wait+0x194/0x2f0 [ 1442.477863][T23416] ? __pfx___futex_wait+0x10/0x10 [ 1442.477916][T23416] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1442.477957][T23416] ? __pfx_futex_wake_mark+0x10/0x10 [ 1442.477995][T23416] ? futex_wake+0x456/0x530 [ 1442.478032][T23416] futex_wait+0xe8/0x380 [ 1442.478067][T23416] ? __pfx_futex_wait+0x10/0x10 [ 1442.478106][T23416] ? percpu_counter_add_batch+0xb8/0x1f0 [ 1442.478138][T23416] ? errseq_sample+0x53/0x70 [ 1442.478175][T23416] ? file_init_path+0x4fe/0x760 [ 1442.478201][T23416] do_futex+0x229/0x350 [ 1442.478230][T23416] ? __pfx_do_futex+0x10/0x10 [ 1442.478257][T23416] ? fd_install+0x225/0x750 [ 1442.478289][T23416] ? lock_release+0x201/0x2f0 [ 1442.478323][T23416] __x64_sys_futex+0x1e0/0x4c0 [ 1442.478353][T23416] ? __sys_socket+0xac/0x260 [ 1442.478381][T23416] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1442.478408][T23416] ? __pfx___x64_sys_futex+0x10/0x10 [ 1442.478439][T23416] ? xfd_validate_state+0x61/0x180 [ 1442.478475][T23416] do_syscall_64+0xcd/0x490 [ 1442.478518][T23416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1442.478543][T23416] RIP: 0033:0x7fb7f378e929 [ 1442.478562][T23416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1442.478587][T23416] RSP: 002b:00007fb7f45e90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1442.478611][T23416] RAX: ffffffffffffffda RBX: 00007fb7f39b6088 RCX: 00007fb7f378e929 [ 1442.478628][T23416] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb7f39b6088 [ 1442.478643][T23416] RBP: 00007fb7f39b6080 R08: 0000000000000000 R09: 0000000000000000 [ 1442.478658][T23416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb7f39b608c [ 1442.478674][T23416] R13: 0000000000000000 R14: 00007fff67efaa30 R15: 00007fff67efab18 [ 1442.478697][T23416] [ 1445.675049][T23468] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 1446.047979][T23469] openvswitch: netlink: Missing valid actions attribute. [ 1446.529953][T23463] zswap: compressor 000 not available [ 1446.691399][T23472] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3285'. [ 1446.911850][T23466] ieee80211 phy204: Selected rate control algorithm 'minstrel_ht' [ 1448.252293][T23472] bridge_slave_1: left allmulticast mode [ 1448.274893][T23472] bridge_slave_1: left promiscuous mode [ 1448.314767][T23472] bridge0: port 2(bridge_slave_1) entered disabled state [ 1448.403370][T23472] bridge_slave_0: left allmulticast mode [ 1448.439569][T23472] bridge_slave_0: left promiscuous mode [ 1448.471992][T23472] bridge0: port 1(bridge_slave_0) entered disabled state [ 1449.577796][T23483] zswap: compressor 000 not available [ 1449.652766][T23488] ieee80211 phy205: Selected rate control algorithm 'minstrel_ht' [ 1450.109666][T23480] Process accounting paused [ 1450.758978][T23506] netlink: 'syz.1.3291': attribute type 4 has an invalid length. [ 1450.770563][T23505] FAULT_INJECTION: forcing a failure. [ 1450.770563][T23505] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1450.835730][T23505] CPU: 0 UID: 0 PID: 23505 Comm: syz.4.3289 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1450.835771][T23505] Tainted: [U]=USER [ 1450.835779][T23505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1450.835795][T23505] Call Trace: [ 1450.835803][T23505] [ 1450.835812][T23505] dump_stack_lvl+0x16c/0x1f0 [ 1450.835853][T23505] should_fail_ex+0x512/0x640 [ 1450.835891][T23505] get_futex_key+0x1d0/0x1540 [ 1450.835920][T23505] ? stack_depot_save_flags+0x28/0xa40 [ 1450.835956][T23505] ? __pfx_get_futex_key+0x10/0x10 [ 1450.835985][T23505] ? kasan_save_stack+0x42/0x60 [ 1450.836021][T23505] ? kasan_save_stack+0x33/0x60 [ 1450.836056][T23505] ? kasan_save_track+0x14/0x30 [ 1450.836093][T23505] futex_wait_setup+0x9d/0x550 [ 1450.836132][T23505] __futex_wait+0x194/0x2f0 [ 1450.836180][T23505] ? __pfx___futex_wait+0x10/0x10 [ 1450.836218][T23505] ? __pfx_futex_wake_mark+0x10/0x10 [ 1450.836264][T23505] ? rcu_is_watching+0x12/0xc0 [ 1450.836285][T23505] ? lock_release+0x201/0x2f0 [ 1450.836317][T23505] futex_wait+0xe8/0x380 [ 1450.836346][T23505] ? __pfx_futex_wait+0x10/0x10 [ 1450.836379][T23505] ? percpu_counter_add_batch+0xb8/0x1f0 [ 1450.836408][T23505] ? errseq_sample+0x53/0x70 [ 1450.836440][T23505] ? file_init_path+0x4fe/0x760 [ 1450.836464][T23505] do_futex+0x229/0x350 [ 1450.836489][T23505] ? __pfx_do_futex+0x10/0x10 [ 1450.836513][T23505] ? fd_install+0x225/0x750 [ 1450.836541][T23505] ? lock_release+0x201/0x2f0 [ 1450.836570][T23505] __x64_sys_futex+0x1e0/0x4c0 [ 1450.836597][T23505] ? __sys_socket+0xac/0x260 [ 1450.836622][T23505] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1450.836647][T23505] ? __pfx___x64_sys_futex+0x10/0x10 [ 1450.836673][T23505] ? xfd_validate_state+0x61/0x180 [ 1450.836705][T23505] do_syscall_64+0xcd/0x490 [ 1450.836740][T23505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1450.836762][T23505] RIP: 0033:0x7f03fd98e929 [ 1450.836779][T23505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1450.836801][T23505] RSP: 002b:00007f03fe84f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1450.836822][T23505] RAX: ffffffffffffffda RBX: 00007f03fdbb6088 RCX: 00007f03fd98e929 [ 1450.836837][T23505] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f03fdbb6088 [ 1450.836850][T23505] RBP: 00007f03fdbb6080 R08: 0000000000000000 R09: 0000000000000000 [ 1450.836864][T23505] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f03fdbb608c [ 1450.836877][T23505] R13: 0000000000000000 R14: 00007ffe07eb93b0 R15: 00007ffe07eb9498 [ 1450.836897][T23505] [ 1451.097299][ C0] vkms_vblank_simulate: vblank timer overrun [ 1451.405452][T23504] zswap: compressor 000 not available [ 1451.423323][T23511] ieee80211 phy206: Selected rate control algorithm 'minstrel_ht' [ 1452.568567][T23530] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3294'. [ 1452.711416][T23537] openvswitch: netlink: Missing valid actions attribute. [ 1452.826808][T23537] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3298'. [ 1452.863120][T23537] bridge_slave_1: left allmulticast mode [ 1452.901663][T23537] bridge_slave_1: left promiscuous mode [ 1452.985459][T23537] bridge0: port 2(bridge_slave_1) entered disabled state [ 1453.055317][T23537] bridge_slave_0: left allmulticast mode [ 1453.061116][T23537] bridge_slave_0: left promiscuous mode [ 1453.112252][T23537] bridge0: port 1(bridge_slave_0) entered disabled state [ 1454.858286][T23547] zswap: compressor 000 not available [ 1455.175322][T19685] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:11: bg 4: bad block bitmap checksum [ 1455.247351][T19685] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 74 [ 1455.313421][T19685] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1455.313421][T19685] [ 1455.363199][T23545] zswap: compressor 000 not available [ 1455.419806][T23551] ieee80211 phy207: Selected rate control algorithm 'minstrel_ht' [ 1456.212805][T23569] zswap: compressor 000 not available [ 1456.312117][T23570] ieee80211 phy208: Selected rate control algorithm 'minstrel_ht' [ 1457.128296][T23582] zswap: compressor 000 not available [ 1457.160033][T23583] ieee80211 phy209: Selected rate control algorithm 'minstrel_ht' [ 1458.138911][T23595] zswap: compressor 000 not available [ 1458.174967][T23597] ieee80211 phy210: Selected rate control algorithm 'minstrel_ht' [ 1460.890721][T23653] netlink: 'syz.4.3315': attribute type 4 has an invalid length. [ 1462.156557][T23676] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3329'. [ 1462.337938][T23672] zswap: compressor 000 not available [ 1462.379742][T23673] ieee80211 phy211: Selected rate control algorithm 'minstrel_ht' [ 1463.257761][T23709] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3320'. [ 1463.535096][T23708] zswap: compressor 000 not available [ 1463.583236][T23710] ieee80211 phy212: Selected rate control algorithm 'minstrel_ht' [ 1464.705657][T23729] zswap: compressor 000 not available [ 1464.724592][T23725] ieee80211 phy213: Selected rate control algorithm 'minstrel_ht' [ 1466.112332][T23744] netlink: 'syz.2.3328': attribute type 4 has an invalid length. [ 1470.851494][T23828] zswap: compressor 000 not available [ 1470.881546][T23824] ieee80211 phy214: Selected rate control algorithm 'minstrel_ht' [ 1471.912730][T23846] zswap: compressor 000 not available [ 1472.002725][T23843] ieee80211 phy215: Selected rate control algorithm 'minstrel_ht' [ 1472.014060][T23840] binder: 23839:23840 ioctl c00c620f 200000000340 returned -22 [ 1475.979023][T23906] binder: 23900:23906 ioctl c00c620f 200000000340 returned -22 [ 1476.853900][T23929] zswap: compressor 000 not available [ 1476.916934][T23927] ieee80211 phy216: Selected rate control algorithm 'minstrel_ht' [ 1479.575911][T23988] binder: 23973:23988 ioctl c00c620f 200000000340 returned -22 [ 1479.712626][T23981] zswap: compressor 000 not available [ 1479.740034][T23982] ieee80211 phy217: Selected rate control algorithm 'minstrel_ht' [ 1479.974348][T23991] can: request_module (can-proto-0) failed. [ 1480.528868][T24005] ieee80211 phy218: Selected rate control algorithm 'minstrel_ht' [ 1480.738436][T24018] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 1480.844118][T24018] ep_00: uevent: failed to send synthetic uevent: -22 [ 1481.820965][T23995] Process accounting resumed [ 1482.655209][T24040] zswap: compressor 000 not available [ 1482.705338][T24046] ieee80211 phy219: Selected rate control algorithm 'minstrel_ht' [ 1483.025149][T24049] zswap: compressor 000 not available [ 1483.170120][T24072] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3409'. [ 1483.283449][T24072] : renamed from vlan0 (while UP) [ 1483.471971][T24073] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 1483.891154][T24071] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1483.910347][T24092] ieee80211 phy220: Selected rate control algorithm 'minstrel_ht' [ 1483.918653][T24071] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1483.943714][T24071] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1483.957803][T24071] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1483.978575][T24071] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1484.816247][T24106] zswap: compressor 000 not available [ 1484.854829][T24103] ieee80211 phy221: Selected rate control algorithm 'minstrel_ht' [ 1485.172654][T14293] Bluetooth: hci0: command 0x0406 tx timeout [ 1485.711056][T11471] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 1485.777273][T11471] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1485.777273][T11471] [ 1485.971776][T14293] Bluetooth: hci1: command 0x0406 tx timeout [ 1485.989800][T14293] Bluetooth: hci2: command 0x0c1a tx timeout [ 1485.996118][T14293] Bluetooth: hci5: command 0x0c1a tx timeout [ 1486.051107][T24143] Bluetooth: hci3: command 0x0c1a tx timeout [ 1486.155120][T24137] zswap: compressor 000 not available [ 1486.165654][T24134] ieee80211 phy222: Selected rate control algorithm 'minstrel_ht' [ 1486.354178][T24139] zswap: compressor 000 not available [ 1487.818599][T24176] zswap: compressor 000 not available [ 1487.858597][T24183] ieee80211 phy223: Selected rate control algorithm 'minstrel_ht' [ 1488.503491][T24201] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3438'. [ 1488.670986][T24201] ›: renamed from hsr0 (while UP) [ 1490.065708][T24219] zswap: compressor 000 not available [ 1490.093753][T24215] ieee80211 phy224: Selected rate control algorithm 'minstrel_ht' [ 1490.697234][T24229] zswap: compressor 000 not available [ 1490.734522][T24231] ieee80211 phy225: Selected rate control algorithm 'minstrel_ht' [ 1492.345946][ T30] audit: type=1800 audit(4294968672.456:26): pid=24253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3450" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1492.810101][T24264] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 1492.954106][T24264] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1492.954106][T24264] [ 1494.115797][T24285] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3457'. [ 1494.364826][T24281] zswap: compressor 000 not available [ 1494.461176][T24278] ieee80211 phy226: Selected rate control algorithm 'minstrel_ht' [ 1494.708883][T24290] zswap: compressor 000 not available [ 1494.943895][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1494.950850][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1495.260768][T24143] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18 [ 1496.223829][T24328] hub 3-0:1.0: USB hub found [ 1496.225958][T24328] hub 3-0:1.0: 1 port detected [ 1496.274614][T24328] usb usb3: authorized to connect [ 1497.903939][T24353] FAULT_INJECTION: forcing a failure. [ 1497.903939][T24353] name failslab, interval 1, probability 0, space 0, times 0 [ 1498.015847][T24353] CPU: 0 UID: 0 PID: 24353 Comm: syz.3.3472 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1498.015889][T24353] Tainted: [U]=USER [ 1498.015897][T24353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1498.015912][T24353] Call Trace: [ 1498.015920][T24353] [ 1498.015928][T24353] dump_stack_lvl+0x16c/0x1f0 [ 1498.015969][T24353] should_fail_ex+0x512/0x640 [ 1498.016006][T24353] should_failslab+0xc2/0x120 [ 1498.016031][T24353] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1498.016067][T24353] ? lock_release+0x201/0x2f0 [ 1498.016098][T24353] ? __proc_create+0x2ce/0x8c0 [ 1498.016136][T24353] __proc_create+0x2ce/0x8c0 [ 1498.016174][T24353] ? __pfx___proc_create+0x10/0x10 [ 1498.016212][T24353] ? proc_register+0x314/0x5f0 [ 1498.016252][T24353] proc_create_reg+0x7d/0x180 [ 1498.016281][T24353] proc_create_net_data+0x8e/0x1b0 [ 1498.016319][T24353] ? __pfx_proc_create_net_data+0x10/0x10 [ 1498.016355][T24353] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1498.016382][T24353] ? __pfx_dev_mc_net_init+0x10/0x10 [ 1498.016413][T24353] dev_mc_net_init+0x50/0x70 [ 1498.016441][T24353] ops_init+0x1df/0x5f0 [ 1498.016478][T24353] setup_net+0x1ff/0x510 [ 1498.016496][T24353] ? lockdep_init_map_type+0x5c/0x280 [ 1498.016527][T24353] ? __pfx_setup_net+0x10/0x10 [ 1498.016547][T24353] ? __raw_spin_lock_init+0x3a/0x110 [ 1498.016582][T24353] ? debug_mutex_init+0x37/0x70 [ 1498.016605][T24353] copy_net_ns+0x2a6/0x5f0 [ 1498.016628][T24353] create_new_namespaces+0x3ea/0xa90 [ 1498.016656][T24353] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1498.016682][T24353] ksys_unshare+0x45b/0xa40 [ 1498.016711][T24353] ? __pfx_ksys_unshare+0x10/0x10 [ 1498.016741][T24353] ? xfd_validate_state+0x61/0x180 [ 1498.016775][T24353] __x64_sys_unshare+0x31/0x40 [ 1498.016804][T24353] do_syscall_64+0xcd/0x490 [ 1498.016840][T24353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1498.016864][T24353] RIP: 0033:0x7fb7f378e929 [ 1498.016882][T24353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1498.016906][T24353] RSP: 002b:00007fb7f45e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1498.016929][T24353] RAX: ffffffffffffffda RBX: 00007fb7f39b6080 RCX: 00007fb7f378e929 [ 1498.016945][T24353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1498.016960][T24353] RBP: 00007fb7f3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1498.016975][T24353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1498.016989][T24353] R13: 0000000000000000 R14: 00007fb7f39b6080 R15: 00007fff67efab18 [ 1498.017011][T24353] [ 1499.020284][T24357] zswap: compressor 000 not available [ 1499.025919][T24358] ieee80211 phy227: Selected rate control algorithm 'minstrel_ht' [ 1499.663272][T24381] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 1499.832996][T24384] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3478'. [ 1499.882355][T24381] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1499.882355][T24381] [ 1501.330212][T24397] zswap: compressor 000 not available [ 1501.373214][T24401] ieee80211 phy228: Selected rate control algorithm 'minstrel_ht' [ 1501.490394][ T30] audit: type=1800 audit(4294968681.592:27): pid=24399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3485" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1501.747645][T24413] EXT4-fs error (device sda1): ext4_discard_preallocations:5601: comm syz.3.3487: Error -117 reading block bitmap for 4 [ 1503.161124][T24436] FAULT_INJECTION: forcing a failure. [ 1503.161124][T24436] name failslab, interval 1, probability 0, space 0, times 0 [ 1503.214116][T24436] CPU: 0 UID: 0 PID: 24436 Comm: syz.4.3492 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1503.214158][T24436] Tainted: [U]=USER [ 1503.214166][T24436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1503.214181][T24436] Call Trace: [ 1503.214188][T24436] [ 1503.214197][T24436] dump_stack_lvl+0x16c/0x1f0 [ 1503.214238][T24436] should_fail_ex+0x512/0x640 [ 1503.214274][T24436] should_failslab+0xc2/0x120 [ 1503.214297][T24436] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1503.214333][T24436] ? lock_release+0x201/0x2f0 [ 1503.214363][T24436] ? __proc_create+0x2ce/0x8c0 [ 1503.214402][T24436] __proc_create+0x2ce/0x8c0 [ 1503.214439][T24436] ? __pfx___proc_create+0x10/0x10 [ 1503.214476][T24436] ? lock_release+0x201/0x2f0 [ 1503.214508][T24436] ? _raw_write_unlock+0x28/0x50 [ 1503.214541][T24436] ? proc_register+0x314/0x5f0 [ 1503.214580][T24436] proc_create_reg+0x7d/0x180 [ 1503.214603][T24436] proc_create_seq_private+0x8e/0x1d0 [ 1503.214626][T24436] ? __pfx_proc_create_seq_private+0x10/0x10 [ 1503.214650][T24436] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1503.214675][T24436] ? __pfx_genl_release+0x10/0x10 [ 1503.214705][T24436] ? __pfx_dev_proc_net_init+0x10/0x10 [ 1503.214736][T24436] dev_proc_net_init+0xa8/0x220 [ 1503.214767][T24436] ops_init+0x1df/0x5f0 [ 1503.214806][T24436] setup_net+0x1ff/0x510 [ 1503.214825][T24436] ? lockdep_init_map_type+0x5c/0x280 [ 1503.214867][T24436] ? __pfx_setup_net+0x10/0x10 [ 1503.214888][T24436] ? __raw_spin_lock_init+0x3a/0x110 [ 1503.214925][T24436] ? debug_mutex_init+0x37/0x70 [ 1503.214948][T24436] copy_net_ns+0x2a6/0x5f0 [ 1503.214973][T24436] create_new_namespaces+0x3ea/0xa90 [ 1503.215001][T24436] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1503.215028][T24436] ksys_unshare+0x45b/0xa40 [ 1503.215059][T24436] ? __pfx_ksys_unshare+0x10/0x10 [ 1503.215091][T24436] ? xfd_validate_state+0x61/0x180 [ 1503.215125][T24436] __x64_sys_unshare+0x31/0x40 [ 1503.215160][T24436] do_syscall_64+0xcd/0x490 [ 1503.215199][T24436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1503.215224][T24436] RIP: 0033:0x7f03fd98e929 [ 1503.215242][T24436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1503.215265][T24436] RSP: 002b:00007f03fe84f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1503.215287][T24436] RAX: ffffffffffffffda RBX: 00007f03fdbb6080 RCX: 00007f03fd98e929 [ 1503.215304][T24436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1503.215319][T24436] RBP: 00007f03fda10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1503.215334][T24436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1503.215349][T24436] R13: 0000000000000000 R14: 00007f03fdbb6080 R15: 00007ffe07eb9498 [ 1503.215371][T24436] [ 1503.866103][T24449] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3494'. [ 1505.079525][T24468] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1506.124719][T24479] zswap: compressor 000 not available [ 1506.213311][T24483] ieee80211 phy229: Selected rate control algorithm 'minstrel_ht' [ 1508.230676][T24513] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3511'. [ 1511.582399][T24568] zswap: compressor 000 not available [ 1511.616404][T24570] ieee80211 phy230: Selected rate control algorithm 'minstrel_ht' [ 1512.565638][T24557] Process accounting paused [ 1512.621240][T24583] zswap: compressor 000 not available [ 1512.671026][T24585] ieee80211 phy231: Selected rate control algorithm 'minstrel_ht' [ 1514.322447][T24611] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3533'. [ 1515.323383][T24618] ieee80211 phy232: Selected rate control algorithm 'minstrel_ht' [ 1516.355187][T24630] zswap: compressor 000 not available [ 1516.396515][T24635] ieee80211 phy233: Selected rate control algorithm 'minstrel_ht' [ 1518.354795][T24672] zswap: compressor 000 not available [ 1518.380943][T24676] ieee80211 phy234: Selected rate control algorithm 'minstrel_ht' [ 1518.837138][T24687] FAULT_INJECTION: forcing a failure. [ 1518.837138][T24687] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.986822][T24687] CPU: 0 UID: 0 PID: 24687 Comm: syz.4.3550 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1518.986862][T24687] Tainted: [U]=USER [ 1518.986871][T24687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1518.986886][T24687] Call Trace: [ 1518.986893][T24687] [ 1518.986901][T24687] dump_stack_lvl+0x16c/0x1f0 [ 1518.986945][T24687] should_fail_ex+0x512/0x640 [ 1518.986981][T24687] ? lsm_blob_alloc+0x68/0x90 [ 1518.987015][T24687] should_failslab+0xc2/0x120 [ 1518.987037][T24687] __kmalloc_noprof+0xd2/0x510 [ 1518.987075][T24687] lsm_blob_alloc+0x68/0x90 [ 1518.987122][T24687] security_prepare_creds+0x30/0x270 [ 1518.987155][T24687] prepare_creds+0x56f/0x7d0 [ 1518.987190][T24687] __do_sys_capset+0x26c/0x460 [ 1518.987213][T24687] ? __pfx___do_sys_capset+0x10/0x10 [ 1518.987236][T24687] ? __x64_sys_futex+0x1e0/0x4c0 [ 1518.987266][T24687] ? __x64_sys_openat+0x174/0x210 [ 1518.987312][T24687] ? xfd_validate_state+0x61/0x180 [ 1518.987347][T24687] ? rcu_is_watching+0x12/0xc0 [ 1518.987372][T24687] do_syscall_64+0xcd/0x490 [ 1518.987410][T24687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1518.987435][T24687] RIP: 0033:0x7f03fd98e929 [ 1518.987453][T24687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1518.987477][T24687] RSP: 002b:00007f03fe82e038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e [ 1518.987499][T24687] RAX: ffffffffffffffda RBX: 00007f03fdbb6160 RCX: 00007f03fd98e929 [ 1518.987516][T24687] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1518.987530][T24687] RBP: 00007f03fda10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1518.987545][T24687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1518.987560][T24687] R13: 0000000000000000 R14: 00007f03fdbb6160 R15: 00007ffe07eb9498 [ 1518.987588][T24687] [ 1521.139880][T24717] zswap: compressor 000 not available [ 1521.176120][T24726] ieee80211 phy235: Selected rate control algorithm 'minstrel_ht' [ 1524.121145][T24780] zswap: compressor 000 not available [ 1524.188089][T24783] ieee80211 phy236: Selected rate control algorithm 'minstrel_ht' [ 1525.663142][T24822] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 1525.893598][T24818] zswap: compressor 000 not available [ 1525.923486][T24813] ieee80211 phy237: Selected rate control algorithm 'minstrel_ht' [ 1526.449340][T24839] FAULT_INJECTION: forcing a failure. [ 1526.449340][T24839] name failslab, interval 1, probability 0, space 0, times 0 [ 1526.549831][T24839] CPU: 0 UID: 0 PID: 24839 Comm: syz.1.3586 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1526.549872][T24839] Tainted: [U]=USER [ 1526.549880][T24839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1526.549894][T24839] Call Trace: [ 1526.549902][T24839] [ 1526.549911][T24839] dump_stack_lvl+0x16c/0x1f0 [ 1526.549950][T24839] should_fail_ex+0x512/0x640 [ 1526.549995][T24839] should_failslab+0xc2/0x120 [ 1526.550018][T24839] __kvmalloc_node_noprof+0x137/0x620 [ 1526.550065][T24839] ? seq_read_iter+0x826/0x12c0 [ 1526.550096][T24839] ? seq_read_iter+0x826/0x12c0 [ 1526.550123][T24839] seq_read_iter+0x826/0x12c0 [ 1526.550172][T24839] ? aa_file_perm+0x4d6/0xfb0 [ 1526.550208][T24839] seq_read+0x39e/0x4e0 [ 1526.550236][T24839] ? __pfx_seq_read+0x10/0x10 [ 1526.550264][T24839] ? rcu_is_watching+0x12/0xc0 [ 1526.550290][T24839] ? lock_release+0x201/0x2f0 [ 1526.550324][T24839] ? apparmor_file_permission+0x251/0x400 [ 1526.550351][T24839] ? __pfx_seq_read+0x10/0x10 [ 1526.550379][T24839] proc_reg_read+0x23d/0x330 [ 1526.550422][T24839] ? __pfx_proc_reg_read+0x10/0x10 [ 1526.550458][T24839] vfs_read+0x1e4/0xc60 [ 1526.550492][T24839] ? __pfx___mutex_lock+0x10/0x10 [ 1526.550531][T24839] ? __pfx_vfs_read+0x10/0x10 [ 1526.550575][T24839] ? __fget_files+0x204/0x3c0 [ 1526.550605][T24839] ? rcu_is_watching+0x12/0xc0 [ 1526.550630][T24839] ? __fget_files+0x20e/0x3c0 [ 1526.550664][T24839] ksys_read+0x12a/0x250 [ 1526.550696][T24839] ? __pfx_ksys_read+0x10/0x10 [ 1526.550732][T24839] do_syscall_64+0xcd/0x490 [ 1526.550772][T24839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1526.550796][T24839] RIP: 0033:0x7f3dcd58e929 [ 1526.550813][T24839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1526.550836][T24839] RSP: 002b:00007f3dce372038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1526.550858][T24839] RAX: ffffffffffffffda RBX: 00007f3dcd7b5fa0 RCX: 00007f3dcd58e929 [ 1526.550874][T24839] RDX: 0000000000001000 RSI: 0000200000000140 RDI: 0000000000000003 [ 1526.550889][T24839] RBP: 00007f3dce372090 R08: 0000000000000000 R09: 0000000000000000 [ 1526.550904][T24839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1526.550918][T24839] R13: 0000000000000000 R14: 00007f3dcd7b5fa0 R15: 00007ffc5081ee38 [ 1526.550939][T24839] [ 1527.167974][T24844] netlink: set zone limit has 8 unknown bytes [ 1528.935820][T24891] FAULT_INJECTION: forcing a failure. [ 1528.935820][T24891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1528.979924][T24880] zswap: compressor 000 not available [ 1529.019548][T24891] CPU: 0 UID: 0 PID: 24891 Comm: syz.2.3598 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1529.019588][T24891] Tainted: [U]=USER [ 1529.019595][T24891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1529.019610][T24891] Call Trace: [ 1529.019617][T24891] [ 1529.019626][T24891] dump_stack_lvl+0x16c/0x1f0 [ 1529.019665][T24891] should_fail_ex+0x512/0x640 [ 1529.019702][T24891] _copy_from_user+0x2e/0xd0 [ 1529.019739][T24891] move_addr_to_kernel+0x65/0x170 [ 1529.019772][T24891] __sys_bind+0x11b/0x260 [ 1529.019800][T24891] ? __pfx___sys_bind+0x10/0x10 [ 1529.019827][T24891] ? __fget_files+0x20e/0x3c0 [ 1529.019871][T24891] ? __pfx_ksys_write+0x10/0x10 [ 1529.019908][T24891] __x64_sys_bind+0x72/0xb0 [ 1529.019937][T24891] do_syscall_64+0xcd/0x490 [ 1529.019974][T24891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1529.019999][T24891] RIP: 0033:0x7f0d85d8e929 [ 1529.020016][T24891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1529.020040][T24891] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 1529.020063][T24891] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1529.020079][T24891] RDX: 0000000000000068 RSI: 0000200000000000 RDI: 0000000000000003 [ 1529.020095][T24891] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1529.020110][T24891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1529.020125][T24891] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1529.020147][T24891] [ 1529.921191][T24877] ieee80211 phy238: Selected rate control algorithm 'minstrel_ht' [ 1530.692322][T24925] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 1531.936815][T24959] sd 0:0:1:0: PR command failed: 1026 [ 1531.972571][T24959] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1532.012078][T24959] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1539.463729][T25077] zswap: compressor 000 not available [ 1539.470942][T25078] ieee80211 phy239: Selected rate control algorithm 'minstrel_ht' [ 1542.865284][T25121] kexec: Could not allocate control_code_buffer [ 1543.024290][T13302] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 1543.499050][T25131] Process accounting resumed [ 1544.257089][T25164] zswap: compressor 000 not available [ 1544.313927][T25163] ieee80211 phy240: Selected rate control algorithm 'minstrel_ht' [ 1545.634113][T25191] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3667'. [ 1546.491305][T13302] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 1549.674443][T25258] vcan0: tx drop: invalid da for name 0x000000000000003f [ 1552.791474][T25318] vcan0: tx drop: invalid da for name 0x000000000000003f [ 1552.981678][T25311] zswap: compressor 000 not available [ 1553.011062][T25316] ieee80211 phy241: Selected rate control algorithm 'minstrel_ht' [ 1554.165563][T25336] zswap: compressor 000 not available [ 1554.213291][T25338] ieee80211 phy242: Selected rate control algorithm 'minstrel_ht' [ 1556.412664][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1556.420620][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1556.490467][T19681] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:7: bg 2: bad block bitmap checksum [ 1556.555065][T19681] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 24 with max blocks 65 with error 74 [ 1556.644614][T19681] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1556.644614][T19681] [ 1557.737746][T25393] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 1559.215581][T25428] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 1560.842299][T25453] zswap: compressor 000 not available [ 1560.866725][T25454] ieee80211 phy243: Selected rate control algorithm 'minstrel_ht' [ 1561.551862][T25475] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 1565.380951][T25529] zswap: compressor 000 not available [ 1565.414082][T25539] Invalid ELF header magic: != ELF [ 1565.470876][T25524] ieee80211 phy244: Selected rate control algorithm 'minstrel_ht' [ 1566.545912][T25560] FAULT_INJECTION: forcing a failure. [ 1566.545912][T25560] name failslab, interval 1, probability 0, space 0, times 0 [ 1566.631312][T25560] CPU: 0 UID: 2054 PID: 25560 Comm: syz.1.3750 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1566.631355][T25560] Tainted: [U]=USER [ 1566.631364][T25560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1566.631379][T25560] Call Trace: [ 1566.631387][T25560] [ 1566.631396][T25560] dump_stack_lvl+0x16c/0x1f0 [ 1566.631439][T25560] should_fail_ex+0x512/0x640 [ 1566.631477][T25560] should_failslab+0xc2/0x120 [ 1566.631500][T25560] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1566.631533][T25560] ? __mutex_trylock_common+0xe9/0x250 [ 1566.631567][T25560] ? assoc_array_insert+0x10c/0x3970 [ 1566.631607][T25560] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1566.631643][T25560] assoc_array_insert+0x10c/0x3970 [ 1566.631682][T25560] ? rcu_is_watching+0x12/0xc0 [ 1566.631714][T25560] ? trace_contention_end+0xdd/0x130 [ 1566.631748][T25560] ? __mutex_lock+0x1ca/0xb90 [ 1566.631790][T25560] ? __pfx_assoc_array_insert+0x10/0x10 [ 1566.631834][T25560] ? down_write+0x14d/0x200 [ 1566.631855][T25560] ? __pfx_down_write+0x10/0x10 [ 1566.631879][T25560] __key_link_begin+0xf5/0x260 [ 1566.631917][T25560] key_link+0x103/0x310 [ 1566.631953][T25560] ? __pfx_key_link+0x10/0x10 [ 1566.631991][T25560] ? keyring_alloc+0x8e/0xc0 [ 1566.632025][T25560] look_up_user_keyrings+0x566/0x760 [ 1566.632054][T25560] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1566.632086][T25560] lookup_user_key+0x1a3/0x1300 [ 1566.632115][T25560] ? __pfx_lookup_user_key+0x10/0x10 [ 1566.632142][T25560] ? do_futex+0x122/0x350 [ 1566.632174][T25560] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1566.632205][T25560] ? fput+0x70/0xf0 [ 1566.632227][T25560] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 1566.632259][T25560] keyctl_keyring_clear+0x24/0x1a0 [ 1566.632305][T25560] __do_sys_keyctl+0x355/0x590 [ 1566.632330][T25560] do_syscall_64+0xcd/0x490 [ 1566.632368][T25560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1566.632394][T25560] RIP: 0033:0x7f3dcd58e929 [ 1566.632412][T25560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1566.632437][T25560] RSP: 002b:00007f3dce372038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1566.632461][T25560] RAX: ffffffffffffffda RBX: 00007f3dcd7b5fa0 RCX: 00007f3dcd58e929 [ 1566.632478][T25560] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 1566.632493][T25560] RBP: 00007f3dcd610b39 R08: 0000000000000008 R09: 0000000000000000 [ 1566.632509][T25560] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1566.632524][T25560] R13: 0000000000000000 R14: 00007f3dcd7b5fa0 R15: 00007ffc5081ee38 [ 1566.632547][T25560] [ 1569.463484][T25598] zswap: compressor 000 not available [ 1569.587557][T25601] ieee80211 phy245: Selected rate control algorithm 'minstrel_ht' [ 1570.561074][T25620] zswap: compressor 000 not available [ 1570.577691][T25622] ieee80211 phy246: Selected rate control algorithm 'minstrel_ht' [ 1570.647198][T25642] FAULT_INJECTION: forcing a failure. [ 1570.647198][T25642] name failslab, interval 1, probability 0, space 0, times 0 [ 1570.717411][T25642] CPU: 0 UID: 0 PID: 25642 Comm: syz.3.3771 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1570.717451][T25642] Tainted: [U]=USER [ 1570.717458][T25642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1570.717472][T25642] Call Trace: [ 1570.717480][T25642] [ 1570.717489][T25642] dump_stack_lvl+0x16c/0x1f0 [ 1570.717527][T25642] should_fail_ex+0x512/0x640 [ 1570.717561][T25642] should_failslab+0xc2/0x120 [ 1570.717581][T25642] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1570.717610][T25642] ? rcu_is_watching+0x12/0xc0 [ 1570.717632][T25642] ? alloc_pipe_info+0x10e/0x590 [ 1570.717667][T25642] alloc_pipe_info+0x10e/0x590 [ 1570.717702][T25642] splice_direct_to_actor+0x77d/0xa30 [ 1570.717731][T25642] ? __pfx_direct_splice_actor+0x10/0x10 [ 1570.717760][T25642] ? __pfx_aa_file_perm+0x10/0x10 [ 1570.717790][T25642] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1570.717818][T25642] ? lock_release+0x201/0x2f0 [ 1570.717861][T25642] do_splice_direct+0x174/0x240 [ 1570.717888][T25642] ? __pfx_do_splice_direct+0x10/0x10 [ 1570.717915][T25642] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1570.717943][T25642] ? bpf_lsm_file_permission+0x9/0x10 [ 1570.717966][T25642] ? security_file_permission+0x71/0x210 [ 1570.717995][T25642] ? rw_verify_area+0xcf/0x680 [ 1570.718024][T25642] do_sendfile+0xb06/0xe50 [ 1570.718055][T25642] ? __pfx_do_sendfile+0x10/0x10 [ 1570.718084][T25642] ? __fget_files+0x20e/0x3c0 [ 1570.718116][T25642] __x64_sys_sendfile64+0x1d8/0x220 [ 1570.718138][T25642] ? ksys_write+0x1ac/0x250 [ 1570.718168][T25642] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1570.718193][T25642] do_syscall_64+0xcd/0x490 [ 1570.718227][T25642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1570.718250][T25642] RIP: 0033:0x7fb7f378e929 [ 1570.718266][T25642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1570.718289][T25642] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1570.718310][T25642] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1570.718324][T25642] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1570.718338][T25642] RBP: 00007fb7f460a090 R08: 0000000000000000 R09: 0000000000000000 [ 1570.718352][T25642] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 1570.718366][T25642] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1570.718392][T25642] [ 1570.963908][ C0] vkms_vblank_simulate: vblank timer overrun [ 1571.741440][T25654] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3774'. [ 1572.075206][T25658] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.4.3775: bg 5: bad block bitmap checksum [ 1572.174196][T25649] FAULT_INJECTION: forcing a failure. [ 1572.174196][T25649] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1572.225151][T25649] CPU: 0 UID: 0 PID: 25649 Comm: syz.3.3773 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1572.225191][T25649] Tainted: [U]=USER [ 1572.225199][T25649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1572.225214][T25649] Call Trace: [ 1572.225221][T25649] [ 1572.225229][T25649] dump_stack_lvl+0x16c/0x1f0 [ 1572.225267][T25649] should_fail_ex+0x512/0x640 [ 1572.225301][T25649] get_futex_key+0x1d0/0x1540 [ 1572.225335][T25649] ? __pfx_get_futex_key+0x10/0x10 [ 1572.225361][T25649] ? __mutex_trylock_common+0xe9/0x250 [ 1572.225393][T25649] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1572.225427][T25649] futex_wake+0xea/0x530 [ 1572.225458][T25649] ? rcu_is_watching+0x12/0xc0 [ 1572.225481][T25649] ? trace_contention_end+0xdd/0x130 [ 1572.225513][T25649] ? __pfx_futex_wake+0x10/0x10 [ 1572.225544][T25649] ? rcu_is_watching+0x12/0xc0 [ 1572.225567][T25649] ? rcu_is_watching+0x12/0xc0 [ 1572.225590][T25649] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1572.225629][T25649] do_futex+0x1e3/0x350 [ 1572.225657][T25649] ? __pfx_do_futex+0x10/0x10 [ 1572.225683][T25649] ? lock_release+0x201/0x2f0 [ 1572.225715][T25649] mm_release+0x24e/0x300 [ 1572.225740][T25649] do_exit+0x68b/0x2bd0 [ 1572.225772][T25649] ? __pfx_do_exit+0x10/0x10 [ 1572.225802][T25649] ? do_raw_spin_lock+0x12c/0x2b0 [ 1572.225837][T25649] ? get_signal+0x8f5/0x26d0 [ 1572.225861][T25649] ? rcu_is_watching+0x12/0xc0 [ 1572.225885][T25649] do_group_exit+0xd3/0x2a0 [ 1572.225917][T25649] get_signal+0x2673/0x26d0 [ 1572.225944][T25649] ? poll_select_finish+0x377/0x6b0 [ 1572.225976][T25649] ? __pfx_get_signal+0x10/0x10 [ 1572.226002][T25649] ? __pfx_do_futex+0x10/0x10 [ 1572.226031][T25649] arch_do_signal_or_restart+0x8f/0x790 [ 1572.226058][T25649] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1572.226088][T25649] ? xfd_validate_state+0x61/0x180 [ 1572.226121][T25649] exit_to_user_mode_loop+0x84/0x110 [ 1572.226158][T25649] do_syscall_64+0x3f6/0x490 [ 1572.226195][T25649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1572.226219][T25649] RIP: 0033:0x7fb7f378e929 [ 1572.226236][T25649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1572.226260][T25649] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1572.226282][T25649] RAX: fffffffffffffdfe RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1572.226297][T25649] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 1572.226312][T25649] RBP: 00007fb7f3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1572.226336][T25649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1572.226350][T25649] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1572.226372][T25649] [ 1572.504888][ C0] vkms_vblank_simulate: vblank timer overrun [ 1572.847046][T25658] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 74 [ 1572.924883][T25658] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1572.924883][T25658] [ 1572.989221][T25670] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3778'. [ 1574.036670][T25665] Process accounting paused [ 1574.986981][T25710] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3788'. [ 1575.057077][T25710] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1575.064550][T25710] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1575.293335][T25737] FAULT_INJECTION: forcing a failure. [ 1575.293335][T25737] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1575.313626][T25710] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1575.323215][T25740] FAULT_INJECTION: forcing a failure. [ 1575.323215][T25740] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1575.405754][T25740] CPU: 0 UID: 0 PID: 25740 Comm: syz.1.3791 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1575.405796][T25740] Tainted: [U]=USER [ 1575.405804][T25740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1575.405819][T25740] Call Trace: [ 1575.405827][T25740] [ 1575.405836][T25740] dump_stack_lvl+0x16c/0x1f0 [ 1575.405875][T25740] should_fail_ex+0x512/0x640 [ 1575.405910][T25740] _copy_to_user+0x32/0xd0 [ 1575.405945][T25740] simple_read_from_buffer+0xcb/0x170 [ 1575.405975][T25740] proc_fail_nth_read+0x197/0x270 [ 1575.406024][T25740] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1575.406050][T25740] ? security_file_permission+0x71/0x210 [ 1575.406081][T25740] ? rw_verify_area+0xcf/0x680 [ 1575.406110][T25740] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1575.406136][T25740] vfs_read+0x1e4/0xc60 [ 1575.406169][T25740] ? __pfx___mutex_lock+0x10/0x10 [ 1575.406205][T25740] ? __pfx_vfs_read+0x10/0x10 [ 1575.406236][T25740] ? __fget_files+0x204/0x3c0 [ 1575.406266][T25740] ? rcu_is_watching+0x12/0xc0 [ 1575.406293][T25740] ? __fget_files+0x20e/0x3c0 [ 1575.406327][T25740] ksys_read+0x12a/0x250 [ 1575.406358][T25740] ? __pfx_ksys_read+0x10/0x10 [ 1575.406394][T25740] do_syscall_64+0xcd/0x490 [ 1575.406431][T25740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1575.406455][T25740] RIP: 0033:0x7f3dcd58d33c [ 1575.406473][T25740] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1575.406496][T25740] RSP: 002b:00007f3dce372030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1575.406518][T25740] RAX: ffffffffffffffda RBX: 00007f3dcd7b5fa0 RCX: 00007f3dcd58d33c [ 1575.406534][T25740] RDX: 000000000000000f RSI: 00007f3dce3720a0 RDI: 0000000000000004 [ 1575.406548][T25740] RBP: 00007f3dce372090 R08: 0000000000000000 R09: 0000000000000000 [ 1575.406563][T25740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1575.406577][T25740] R13: 0000000000000000 R14: 00007f3dcd7b5fa0 R15: 00007ffc5081ee38 [ 1575.406599][T25740] [ 1575.860266][T25710] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1575.870056][T25737] CPU: 0 UID: 0 PID: 25737 Comm: syz.2.3789 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1575.870098][T25737] Tainted: [U]=USER [ 1575.870106][T25737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1575.870120][T25737] Call Trace: [ 1575.870128][T25737] [ 1575.870136][T25737] dump_stack_lvl+0x16c/0x1f0 [ 1575.870175][T25737] should_fail_ex+0x512/0x640 [ 1575.870212][T25737] _copy_to_user+0x32/0xd0 [ 1575.870249][T25737] simple_read_from_buffer+0xcb/0x170 [ 1575.870280][T25737] proc_fail_nth_read+0x197/0x270 [ 1575.870307][T25737] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1575.870334][T25737] ? security_file_permission+0x71/0x210 [ 1575.870366][T25737] ? rw_verify_area+0xcf/0x680 [ 1575.870397][T25737] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1575.870424][T25737] vfs_read+0x1e4/0xc60 [ 1575.870458][T25737] ? __pfx___mutex_lock+0x10/0x10 [ 1575.870495][T25737] ? __pfx_vfs_read+0x10/0x10 [ 1575.870526][T25737] ? __fget_files+0x204/0x3c0 [ 1575.870558][T25737] ? rcu_is_watching+0x12/0xc0 [ 1575.870585][T25737] ? __fget_files+0x20e/0x3c0 [ 1575.870621][T25737] ksys_read+0x12a/0x250 [ 1575.870654][T25737] ? __pfx_ksys_read+0x10/0x10 [ 1575.870690][T25737] do_syscall_64+0xcd/0x490 [ 1575.870727][T25737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1575.870752][T25737] RIP: 0033:0x7f0d85d8d33c [ 1575.870770][T25737] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1575.870794][T25737] RSP: 002b:00007f0d83bf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1575.870829][T25737] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8d33c [ 1575.870846][T25737] RDX: 000000000000000f RSI: 00007f0d83bf60a0 RDI: 0000000000000004 [ 1575.870860][T25737] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1575.870874][T25737] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001 [ 1575.870888][T25737] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1575.870910][T25737] [ 1577.011249][T25754] Process accounting resumed [ 1577.277366][ T30] audit: type=1800 audit(4294968757.334:28): pid=25761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3795" name="lu_gp_id" dev="configfs" ino=99825 res=0 errno=0 [ 1577.684374][T25762] zswap: compressor 000 not available [ 1577.809066][T25756] ieee80211 phy247: Selected rate control algorithm 'minstrel_ht' [ 1579.132399][T25787] EXT4-fs error (device sda1): ext4_discard_preallocations:5601: comm syz.4.3798: Error -117 reading block bitmap for 5 [ 1579.273221][T25792] FAULT_INJECTION: forcing a failure. [ 1579.273221][T25792] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.358727][T25792] CPU: 0 UID: 0 PID: 25792 Comm: syz.2.3802 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1579.358766][T25792] Tainted: [U]=USER [ 1579.358774][T25792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1579.358789][T25792] Call Trace: [ 1579.358796][T25792] [ 1579.358804][T25792] dump_stack_lvl+0x16c/0x1f0 [ 1579.358843][T25792] should_fail_ex+0x512/0x640 [ 1579.358878][T25792] ? alloc_pipe_info+0x1ec/0x590 [ 1579.358913][T25792] should_failslab+0xc2/0x120 [ 1579.358935][T25792] __kmalloc_noprof+0xd2/0x510 [ 1579.358971][T25792] alloc_pipe_info+0x1ec/0x590 [ 1579.359007][T25792] splice_direct_to_actor+0x77d/0xa30 [ 1579.359038][T25792] ? __pfx_direct_splice_actor+0x10/0x10 [ 1579.359070][T25792] ? __pfx_aa_file_perm+0x10/0x10 [ 1579.359102][T25792] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1579.359132][T25792] ? lock_release+0x201/0x2f0 [ 1579.359165][T25792] do_splice_direct+0x174/0x240 [ 1579.359194][T25792] ? __pfx_do_splice_direct+0x10/0x10 [ 1579.359224][T25792] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1579.359253][T25792] ? bpf_lsm_file_permission+0x9/0x10 [ 1579.359278][T25792] ? security_file_permission+0x71/0x210 [ 1579.359309][T25792] ? rw_verify_area+0xcf/0x680 [ 1579.359339][T25792] do_sendfile+0xb06/0xe50 [ 1579.359372][T25792] ? __pfx_do_sendfile+0x10/0x10 [ 1579.359406][T25792] ? __fget_files+0x20e/0x3c0 [ 1579.359440][T25792] __x64_sys_sendfile64+0x1d8/0x220 [ 1579.359462][T25792] ? ksys_write+0x1ac/0x250 [ 1579.359493][T25792] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1579.359518][T25792] do_syscall_64+0xcd/0x490 [ 1579.359555][T25792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1579.359579][T25792] RIP: 0033:0x7f0d85d8e929 [ 1579.359596][T25792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1579.359619][T25792] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1579.359645][T25792] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1579.359661][T25792] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1579.359675][T25792] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1579.359690][T25792] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 1579.359704][T25792] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1579.359725][T25792] [ 1580.579696][T25799] zswap: compressor 000 not available [ 1580.606011][T25797] ieee80211 phy248: Selected rate control algorithm 'minstrel_ht' [ 1582.208781][T25817] zswap: compressor 000 not available [ 1582.296816][T25818] ieee80211 phy249: Selected rate control algorithm 'minstrel_ht' [ 1584.730792][T25862] Invalid ELF header magic: != ELF [ 1584.942657][T25862] netlink: zone id is out of range [ 1584.947825][T25862] netlink: zone id is out of range [ 1585.136921][T25862] netlink: zone id is out of range [ 1585.248973][T25862] netlink: zone id is out of range [ 1585.265151][T25862] netlink: zone id is out of range [ 1586.836547][T25893] FAULT_INJECTION: forcing a failure. [ 1586.836547][T25893] name failslab, interval 1, probability 0, space 0, times 0 [ 1587.011392][T25893] CPU: 0 UID: 0 PID: 25893 Comm: syz.2.3822 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1587.011433][T25893] Tainted: [U]=USER [ 1587.011441][T25893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1587.011456][T25893] Call Trace: [ 1587.011463][T25893] [ 1587.011472][T25893] dump_stack_lvl+0x16c/0x1f0 [ 1587.011510][T25893] should_fail_ex+0x512/0x640 [ 1587.011544][T25893] ? copy_splice_read+0x1a8/0xba0 [ 1587.011570][T25893] should_failslab+0xc2/0x120 [ 1587.011591][T25893] __kmalloc_noprof+0xd2/0x510 [ 1587.011627][T25893] copy_splice_read+0x1a8/0xba0 [ 1587.011657][T25893] ? __pfx_copy_splice_read+0x10/0x10 [ 1587.011686][T25893] ? look_up_lock_class+0x59/0x150 [ 1587.011720][T25893] ? lockdep_init_map_type+0x5c/0x280 [ 1587.011752][T25893] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1587.011784][T25893] ? __pfx_copy_splice_read+0x10/0x10 [ 1587.011811][T25893] do_splice_read+0x282/0x370 [ 1587.011839][T25893] splice_direct_to_actor+0x2a1/0xa30 [ 1587.011868][T25893] ? __pfx_direct_splice_actor+0x10/0x10 [ 1587.011900][T25893] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1587.011932][T25893] do_splice_direct+0x174/0x240 [ 1587.011960][T25893] ? __pfx_do_splice_direct+0x10/0x10 [ 1587.011989][T25893] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1587.012017][T25893] ? bpf_lsm_file_permission+0x9/0x10 [ 1587.012041][T25893] ? security_file_permission+0x71/0x210 [ 1587.012077][T25893] ? rw_verify_area+0xcf/0x680 [ 1587.012108][T25893] do_sendfile+0xb06/0xe50 [ 1587.012141][T25893] ? __pfx_do_sendfile+0x10/0x10 [ 1587.012172][T25893] ? __fget_files+0x20e/0x3c0 [ 1587.012207][T25893] __x64_sys_sendfile64+0x1d8/0x220 [ 1587.012227][T25893] ? ksys_write+0x1ac/0x250 [ 1587.012259][T25893] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1587.012286][T25893] do_syscall_64+0xcd/0x490 [ 1587.012322][T25893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1587.012346][T25893] RIP: 0033:0x7f0d85d8e929 [ 1587.012363][T25893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1587.012386][T25893] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1587.012408][T25893] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1587.012426][T25893] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1587.012441][T25893] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1587.012455][T25893] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 1587.012470][T25893] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1587.012492][T25893] [ 1588.211668][T25901] zswap: compressor 000 not available [ 1588.262183][T25902] ieee80211 phy250: Selected rate control algorithm 'minstrel_ht' [ 1588.999904][T25918] netlink: 'syz.1.3829': attribute type 11 has an invalid length. [ 1589.427962][T25927] can: request_module (can-proto-4) failed. [ 1589.583416][T25936] FAULT_INJECTION: forcing a failure. [ 1589.583416][T25936] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.733823][T25936] CPU: 0 UID: 0 PID: 25936 Comm: syz.2.3833 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1589.733864][T25936] Tainted: [U]=USER [ 1589.733873][T25936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1589.733888][T25936] Call Trace: [ 1589.733895][T25936] [ 1589.733905][T25936] dump_stack_lvl+0x16c/0x1f0 [ 1589.733945][T25936] should_fail_ex+0x512/0x640 [ 1589.733982][T25936] should_failslab+0xc2/0x120 [ 1589.734004][T25936] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1589.734040][T25936] ? lockdep_init_map_type+0x5c/0x280 [ 1589.734073][T25936] ? seq_open+0x55/0x170 [ 1589.734098][T25936] seq_open+0x55/0x170 [ 1589.734122][T25936] kernfs_fop_open+0x59f/0xda0 [ 1589.734147][T25936] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1589.734182][T25936] do_dentry_open+0x744/0x1c10 [ 1589.734218][T25936] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1589.734245][T25936] vfs_open+0x82/0x3f0 [ 1589.734271][T25936] path_openat+0x1de4/0x2cb0 [ 1589.734310][T25936] ? __pfx_path_openat+0x10/0x10 [ 1589.734347][T25936] do_filp_open+0x20b/0x470 [ 1589.734381][T25936] ? __pfx_do_filp_open+0x10/0x10 [ 1589.734425][T25936] ? alloc_fd+0x471/0x7d0 [ 1589.734459][T25936] do_sys_openat2+0x11b/0x1d0 [ 1589.734485][T25936] ? __pfx_do_sys_openat2+0x10/0x10 [ 1589.734517][T25936] __x64_sys_openat+0x174/0x210 [ 1589.734544][T25936] ? __pfx___x64_sys_openat+0x10/0x10 [ 1589.734576][T25936] do_syscall_64+0xcd/0x490 [ 1589.734614][T25936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1589.734639][T25936] RIP: 0033:0x7f0d85d8e929 [ 1589.734657][T25936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1589.734681][T25936] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1589.734705][T25936] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1589.734721][T25936] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1589.734737][T25936] RBP: 00007f0d85e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1589.734751][T25936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1589.734766][T25936] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1589.734788][T25936] [ 1590.663922][T25945] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3834'. [ 1591.923358][T25968] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3848'. [ 1593.445963][T26006] FAULT_INJECTION: forcing a failure. [ 1593.445963][T26006] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1593.500136][T26006] CPU: 0 UID: 0 PID: 26006 Comm: syz.3.3847 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1593.500176][T26006] Tainted: [U]=USER [ 1593.500183][T26006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1593.500201][T26006] Call Trace: [ 1593.500209][T26006] [ 1593.500221][T26006] dump_stack_lvl+0x16c/0x1f0 [ 1593.500258][T26006] should_fail_ex+0x512/0x640 [ 1593.500328][T26006] should_fail_alloc_page+0xe7/0x130 [ 1593.500350][T26006] prepare_alloc_pages+0x3c2/0x610 [ 1593.500378][T26006] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1593.500433][T26006] ? copy_splice_read+0x1a8/0xba0 [ 1593.500463][T26006] ? stack_trace_save+0x8e/0xc0 [ 1593.500495][T26006] ? __pfx_stack_trace_save+0x10/0x10 [ 1593.500521][T26006] ? stack_depot_save_flags+0x28/0xa40 [ 1593.500557][T26006] ? lock_release+0x201/0x2f0 [ 1593.500598][T26006] ? bpf_ksym_find+0x124/0x1c0 [ 1593.500624][T26006] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1593.500659][T26006] ? kasan_save_stack+0x33/0x60 [ 1593.500693][T26006] ? __kasan_kmalloc+0xaa/0xb0 [ 1593.500725][T26006] ? copy_splice_read+0x1a8/0xba0 [ 1593.500752][T26006] ? do_splice_read+0x282/0x370 [ 1593.500779][T26006] ? splice_direct_to_actor+0x2a1/0xa30 [ 1593.500807][T26006] ? do_splice_direct+0x174/0x240 [ 1593.500835][T26006] ? do_sendfile+0xb06/0xe50 [ 1593.500865][T26006] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1593.500886][T26006] ? do_syscall_64+0xcd/0x490 [ 1593.500931][T26006] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1593.500971][T26006] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1593.501022][T26006] ? trace_kmalloc+0x2b/0xd0 [ 1593.501041][T26006] ? __kmalloc_noprof+0x242/0x510 [ 1593.501073][T26006] copy_splice_read+0x1e1/0xba0 [ 1593.501100][T26006] ? __pfx_copy_splice_read+0x10/0x10 [ 1593.501125][T26006] ? look_up_lock_class+0x59/0x150 [ 1593.501155][T26006] ? lockdep_init_map_type+0x5c/0x280 [ 1593.501182][T26006] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1593.501230][T26006] ? __pfx_copy_splice_read+0x10/0x10 [ 1593.501259][T26006] do_splice_read+0x282/0x370 [ 1593.501288][T26006] splice_direct_to_actor+0x2a1/0xa30 [ 1593.501318][T26006] ? __pfx_direct_splice_actor+0x10/0x10 [ 1593.501351][T26006] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1593.501385][T26006] do_splice_direct+0x174/0x240 [ 1593.501414][T26006] ? __pfx_do_splice_direct+0x10/0x10 [ 1593.501443][T26006] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1593.501473][T26006] ? bpf_lsm_file_permission+0x9/0x10 [ 1593.501515][T26006] ? security_file_permission+0x71/0x210 [ 1593.501543][T26006] ? rw_verify_area+0xcf/0x680 [ 1593.501570][T26006] do_sendfile+0xb06/0xe50 [ 1593.501600][T26006] ? __pfx_do_sendfile+0x10/0x10 [ 1593.501629][T26006] ? __fget_files+0x20e/0x3c0 [ 1593.501662][T26006] __x64_sys_sendfile64+0x1d8/0x220 [ 1593.501681][T26006] ? ksys_write+0x1ac/0x250 [ 1593.501711][T26006] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1593.501735][T26006] do_syscall_64+0xcd/0x490 [ 1593.501770][T26006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1593.501793][T26006] RIP: 0033:0x7fb7f378e929 [ 1593.501808][T26006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1593.501829][T26006] RSP: 002b:00007fb7f460a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1593.501850][T26006] RAX: ffffffffffffffda RBX: 00007fb7f39b5fa0 RCX: 00007fb7f378e929 [ 1593.501865][T26006] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1593.501878][T26006] RBP: 00007fb7f460a090 R08: 0000000000000000 R09: 0000000000000000 [ 1593.501892][T26006] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 1593.501905][T26006] R13: 0000000000000000 R14: 00007fb7f39b5fa0 R15: 00007fff67efab18 [ 1593.501925][T26006] [ 1593.865401][ C0] vkms_vblank_simulate: vblank timer overrun [ 1594.491836][T26008] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3849'. [ 1596.799456][T26051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3863'. [ 1597.815113][T26061] zswap: compressor 000 not available [ 1597.894631][T26072] FAULT_INJECTION: forcing a failure. [ 1597.894631][T26072] name failslab, interval 1, probability 0, space 0, times 0 [ 1597.938318][T26055] ieee80211 phy251: Selected rate control algorithm 'minstrel_ht' [ 1598.098959][T26072] CPU: 0 UID: 0 PID: 26072 Comm: syz.2.3868 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1598.098996][T26072] Tainted: [U]=USER [ 1598.099004][T26072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1598.099017][T26072] Call Trace: [ 1598.099024][T26072] [ 1598.099032][T26072] dump_stack_lvl+0x16c/0x1f0 [ 1598.099071][T26072] should_fail_ex+0x512/0x640 [ 1598.099105][T26072] should_failslab+0xc2/0x120 [ 1598.099132][T26072] __kvmalloc_node_noprof+0x137/0x620 [ 1598.099167][T26072] ? __pfx_net_ctl_permissions+0x10/0x10 [ 1598.099189][T26072] ? proc_sys_call_handler+0x2a6/0x5c0 [ 1598.099225][T26072] ? ns_capable_noaudit+0xda/0x110 [ 1598.099251][T26072] ? proc_sys_call_handler+0x2a6/0x5c0 [ 1598.099287][T26072] proc_sys_call_handler+0x2a6/0x5c0 [ 1598.099323][T26072] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 1598.099360][T26072] ? trace_kmalloc+0x2b/0xd0 [ 1598.099387][T26072] copy_splice_read+0x618/0xba0 [ 1598.099422][T26072] ? __pfx_copy_splice_read+0x10/0x10 [ 1598.099451][T26072] ? look_up_lock_class+0x59/0x150 [ 1598.099505][T26072] ? lockdep_init_map_type+0x5c/0x280 [ 1598.099537][T26072] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1598.099569][T26072] ? __pfx_copy_splice_read+0x10/0x10 [ 1598.099596][T26072] do_splice_read+0x282/0x370 [ 1598.099624][T26072] splice_direct_to_actor+0x2a1/0xa30 [ 1598.099653][T26072] ? __pfx_direct_splice_actor+0x10/0x10 [ 1598.099684][T26072] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1598.099717][T26072] do_splice_direct+0x174/0x240 [ 1598.099745][T26072] ? __pfx_do_splice_direct+0x10/0x10 [ 1598.099774][T26072] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1598.099803][T26072] ? bpf_lsm_file_permission+0x9/0x10 [ 1598.099827][T26072] ? security_file_permission+0x71/0x210 [ 1598.099857][T26072] ? rw_verify_area+0xcf/0x680 [ 1598.099887][T26072] do_sendfile+0xb06/0xe50 [ 1598.099919][T26072] ? __pfx_do_sendfile+0x10/0x10 [ 1598.099949][T26072] ? __fget_files+0x20e/0x3c0 [ 1598.099997][T26072] __x64_sys_sendfile64+0x1d8/0x220 [ 1598.100022][T26072] ? ksys_write+0x1ac/0x250 [ 1598.100053][T26072] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1598.100080][T26072] do_syscall_64+0xcd/0x490 [ 1598.100119][T26072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1598.100143][T26072] RIP: 0033:0x7f0d85d8e929 [ 1598.100159][T26072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1598.100182][T26072] RSP: 002b:00007f0d83bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1598.100204][T26072] RAX: ffffffffffffffda RBX: 00007f0d85fb5fa0 RCX: 00007f0d85d8e929 [ 1598.100220][T26072] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1598.100234][T26072] RBP: 00007f0d83bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1598.100248][T26072] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 1598.100262][T26072] R13: 0000000000000000 R14: 00007f0d85fb5fa0 R15: 00007fff40b18ff8 [ 1598.100284][T26072] [ 1602.471115][T26110] kexec: Could not allocate control_code_buffer [ 1603.852551][T26106] random: crng reseeded on system resumption [ 1603.944584][T26106] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff] [ 1604.105676][T26106] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff] [ 1604.298007][T26106] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff] [ 1604.447676][T26106] PM: hibernation: Basic memory bitmaps created [ 1604.778124][T26106] PM: hibernation: Basic memory bitmaps freed [ 1605.790700][ T30] audit: type=1800 audit(4294968785.840:29): pid=26161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3888" name="features" dev="configfs" ino=101868 res=0 errno=0 [ 1609.081206][T26189] random: crng reseeded on system resumption [ 1609.184402][T26189] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff] [ 1609.304759][T26189] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff] [ 1609.391375][T26189] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff] [ 1609.399543][T26189] PM: hibernation: Basic memory bitmaps created [ 1609.538360][T26183] PM: hibernation: Basic memory bitmaps freed [ 1609.610584][T26206] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3900'. [ 1612.045557][T26190] kexec: Could not allocate control_code_buffer [ 1615.991840][T26276] ================================================================== [ 1615.999961][T26276] BUG: KASAN: slab-out-of-bounds in afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1616.008657][T26276] Read of size 1 at addr ffff8880352efc67 by task syz.2.3916/26276 [ 1616.016559][T26276] [ 1616.018898][T26276] CPU: 0 UID: 0 PID: 26276 Comm: syz.2.3916 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1616.018934][T26276] Tainted: [U]=USER [ 1616.018942][T26276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1616.018956][T26276] Call Trace: [ 1616.018965][T26276] [ 1616.018974][T26276] dump_stack_lvl+0x116/0x1f0 [ 1616.019012][T26276] print_report+0xcd/0x680 [ 1616.019049][T26276] ? __virt_addr_valid+0x81/0x610 [ 1616.019073][T26276] ? __phys_addr+0xe8/0x180 [ 1616.019097][T26276] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1616.019122][T26276] kasan_report+0xe0/0x110 [ 1616.019143][T26276] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1616.019172][T26276] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1616.019203][T26276] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 1616.019230][T26276] ? rcu_is_watching+0x12/0xc0 [ 1616.019253][T26276] ? __might_fault+0xe3/0x190 [ 1616.019286][T26276] ? __might_fault+0x13b/0x190 [ 1616.019319][T26276] ? rcu_is_watching+0x12/0xc0 [ 1616.019341][T26276] ? __might_fault+0xe3/0x190 [ 1616.019373][T26276] ? lock_release+0x201/0x2f0 [ 1616.019409][T26276] ? proc_simple_write+0x114/0x1b0 [ 1616.019431][T26276] proc_simple_write+0x114/0x1b0 [ 1616.019452][T26276] ? __pfx_proc_simple_write+0x10/0x10 [ 1616.019475][T26276] proc_reg_write+0x23d/0x330 [ 1616.019508][T26276] ? __pfx_proc_reg_write+0x10/0x10 [ 1616.019539][T26276] vfs_writev+0x5dc/0xde0 [ 1616.019567][T26276] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1616.019601][T26276] ? __pfx_vfs_writev+0x10/0x10 [ 1616.019629][T26276] ? __mutex_lock+0x1ca/0xb90 [ 1616.019666][T26276] ? kmem_cache_free+0x2d1/0x4d0 [ 1616.019702][T26276] ? __pfx___mutex_lock+0x10/0x10 [ 1616.019742][T26276] ? __fget_files+0x20e/0x3c0 [ 1616.019777][T26276] ? do_writev+0x132/0x340 [ 1616.019806][T26276] do_writev+0x132/0x340 [ 1616.019836][T26276] ? __pfx_do_writev+0x10/0x10 [ 1616.019871][T26276] do_syscall_64+0xcd/0x490 [ 1616.019908][T26276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1616.019932][T26276] RIP: 0033:0x7f0d85d8e929 [ 1616.019949][T26276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1616.019973][T26276] RSP: 002b:00007f0d83b93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1616.019994][T26276] RAX: ffffffffffffffda RBX: 00007f0d85fb6240 RCX: 00007f0d85d8e929 [ 1616.020011][T26276] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000011 [ 1616.020026][T26276] RBP: 00007f0d85e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1616.020041][T26276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1616.020056][T26276] R13: 0000000000000000 R14: 00007f0d85fb6240 R15: 00007fff40b18ff8 [ 1616.020078][T26276] [ 1616.020086][T26276] [ 1616.290072][T26276] Allocated by task 26276: [ 1616.294602][T26276] kasan_save_stack+0x33/0x60 [ 1616.299335][T26276] kasan_save_track+0x14/0x30 [ 1616.304038][T26276] __kasan_kmalloc+0xaa/0xb0 [ 1616.308678][T26276] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 1616.315216][T26276] memdup_user_nul+0x2b/0x120 [ 1616.319908][T26276] proc_simple_write+0xc7/0x1b0 [ 1616.324771][T26276] proc_reg_write+0x23d/0x330 [ 1616.329485][T26276] vfs_writev+0x5dc/0xde0 [ 1616.333832][T26276] do_writev+0x132/0x340 [ 1616.338093][T26276] do_syscall_64+0xcd/0x490 [ 1616.342629][T26276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1616.348552][T26276] [ 1616.350880][T26276] The buggy address belongs to the object at ffff8880352efc60 [ 1616.350880][T26276] which belongs to the cache kmalloc-8 of size 8 [ 1616.364619][T26276] The buggy address is located 0 bytes to the right of [ 1616.364619][T26276] allocated 7-byte region [ffff8880352efc60, ffff8880352efc67) [ 1616.379026][T26276] [ 1616.381363][T26276] The buggy address belongs to the physical page: [ 1616.387793][T26276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x352ef [ 1616.396580][T26276] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1616.404138][T26276] page_type: f5(slab) [ 1616.408142][T26276] raw: 00fff00000000000 ffff88801b841500 0000000000000000 dead000000000001 [ 1616.416742][T26276] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 1616.425425][T26276] page dumped because: kasan: bad access detected [ 1616.431850][T26276] page_owner tracks the page as allocated [ 1616.437591][T26276] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8080, tgid 8073 (syz.2.385), ts 279440466828, free_ts 279431090186 [ 1616.456801][T26276] post_alloc_hook+0x1c0/0x230 [ 1616.461603][T26276] get_page_from_freelist+0x1321/0x3890 [ 1616.467179][T26276] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1616.473098][T26276] alloc_pages_mpol+0x1fb/0x550 [ 1616.477968][T26276] new_slab+0x23b/0x330 [ 1616.482143][T26276] ___slab_alloc+0xd9c/0x1940 [ 1616.486855][T26276] __slab_alloc.constprop.0+0x56/0xb0 [ 1616.492250][T26276] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 1616.498697][T26276] kstrdup+0x53/0x100 [ 1616.502727][T26276] kstrdup_const+0x63/0x80 [ 1616.507171][T26276] __kernfs_new_node+0x9b/0x8e0 [ 1616.512048][T26276] kernfs_new_node+0x13c/0x1e0 [ 1616.516835][T26276] kernfs_create_dir_ns+0x4c/0x1a0 [ 1616.521977][T26276] sysfs_create_dir_ns+0x13a/0x2b0 [ 1616.527112][T26276] kobject_add_internal+0x2c4/0x9b0 [ 1616.532324][T26276] kobject_init_and_add+0x11b/0x190 [ 1616.537542][T26276] page last free pid 8044 tgid 8038 stack trace: [ 1616.543882][T26276] __free_frozen_pages+0x7fe/0x1180 [ 1616.549107][T26276] tlb_finish_mmu+0x237/0x7c0 [ 1616.553807][T26276] exit_mmap+0x403/0xb90 [ 1616.558075][T26276] __mmput+0x12a/0x410 [ 1616.562162][T26276] mmput+0x62/0x70 [ 1616.565902][T26276] do_exit+0x7c4/0x2bd0 [ 1616.570081][T26276] do_group_exit+0xd3/0x2a0 [ 1616.574605][T26276] get_signal+0x2673/0x26d0 [ 1616.579121][T26276] arch_do_signal_or_restart+0x8f/0x790 [ 1616.584683][T26276] exit_to_user_mode_loop+0x84/0x110 [ 1616.590084][T26276] do_syscall_64+0x3f6/0x490 [ 1616.594718][T26276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1616.600643][T26276] [ 1616.602982][T26276] Memory state around the buggy address: [ 1616.608623][T26276] ffff8880352efb00: 06 fc fc fc 05 fc fc fc 05 fc fc fc 00 fc fc fc [ 1616.616694][T26276] ffff8880352efb80: 05 fc fc fc 07 fc fc fc 05 fc fc fc fa fc fc fc [ 1616.624769][T26276] >ffff8880352efc00: fa fc fc fc 02 fc fc fc 07 fc fc fc 07 fc fc fc [ 1616.632838][T26276] ^ [ 1616.640129][T26276] ffff8880352efc80: 07 fc fc fc 07 fc fc fc fa fc fc fc fa fc fc fc [ 1616.648204][T26276] ffff8880352efd00: 05 fc fc fc 05 fc fc fc 05 fc fc fc fa fc fc fc [ 1616.656278][T26276] ================================================================== [ 1617.941101][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1617.947453][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1619.234596][T26288] kexec: Could not allocate control_code_buffer [ 1621.407540][T26276] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1621.414811][T26276] CPU: 0 UID: 0 PID: 26276 Comm: syz.2.3916 Tainted: G U 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) [ 1621.428475][T26276] Tainted: [U]=USER [ 1621.432302][T26276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1621.442370][T26276] Call Trace: [ 1621.445658][T26276] [ 1621.448600][T26276] dump_stack_lvl+0x3d/0x1f0 [ 1621.453230][T26276] panic+0x71c/0x800 [ 1621.457244][T26276] ? __pfx_panic+0x10/0x10 [ 1621.461698][T26276] ? rcu_is_watching+0x12/0xc0 [ 1621.466495][T26276] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1621.472529][T26276] ? preempt_schedule_thunk+0x16/0x30 [ 1621.477941][T26276] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1621.483962][T26276] ? preempt_schedule_common+0x44/0xc0 [ 1621.489449][T26276] ? check_panic_on_warn+0x1f/0xb0 [ 1621.494651][T26276] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1621.500660][T26276] check_panic_on_warn+0xab/0xb0 [ 1621.505622][T26276] end_report+0x107/0x170 [ 1621.509983][T26276] kasan_report+0xee/0x110 [ 1621.514408][T26276] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1621.520410][T26276] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 1621.526271][T26276] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 1621.532450][T26276] ? rcu_is_watching+0x12/0xc0 [ 1621.537234][T26276] ? __might_fault+0xe3/0x190 [ 1621.541949][T26276] ? __might_fault+0x13b/0x190 [ 1621.546763][T26276] ? rcu_is_watching+0x12/0xc0 [ 1621.551544][T26276] ? __might_fault+0xe3/0x190 [ 1621.556241][T26276] ? lock_release+0x201/0x2f0 [ 1621.560946][T26276] ? proc_simple_write+0x114/0x1b0 [ 1621.566071][T26276] proc_simple_write+0x114/0x1b0 [ 1621.571019][T26276] ? __pfx_proc_simple_write+0x10/0x10 [ 1621.576488][T26276] proc_reg_write+0x23d/0x330 [ 1621.581188][T26276] ? __pfx_proc_reg_write+0x10/0x10 [ 1621.586424][T26276] vfs_writev+0x5dc/0xde0 [ 1621.590802][T26276] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1621.596760][T26276] ? __pfx_vfs_writev+0x10/0x10 [ 1621.601636][T26276] ? __mutex_lock+0x1ca/0xb90 [ 1621.606342][T26276] ? kmem_cache_free+0x2d1/0x4d0 [ 1621.611310][T26276] ? __pfx___mutex_lock+0x10/0x10 [ 1621.616368][T26276] ? __fget_files+0x20e/0x3c0 [ 1621.621079][T26276] ? do_writev+0x132/0x340 [ 1621.625519][T26276] do_writev+0x132/0x340 [ 1621.629781][T26276] ? __pfx_do_writev+0x10/0x10 [ 1621.634568][T26276] do_syscall_64+0xcd/0x490 [ 1621.639097][T26276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1621.645005][T26276] RIP: 0033:0x7f0d85d8e929 [ 1621.649437][T26276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1621.669078][T26276] RSP: 002b:00007f0d83b93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1621.677509][T26276] RAX: ffffffffffffffda RBX: 00007f0d85fb6240 RCX: 00007f0d85d8e929 [ 1621.685493][T26276] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000011 [ 1621.693471][T26276] RBP: 00007f0d85e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1621.701453][T26276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1621.709438][T26276] R13: 0000000000000000 R14: 00007f0d85fb6240 R15: 00007fff40b18ff8 [ 1621.717427][T26276] [ 1621.720529][T26276] Kernel Offset: disabled [ 1621.724868][T26276] Rebooting in 86400 seconds..