last executing test programs: 4.82851693s ago: executing program 0 (id=1487): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop0/queue/add_random\x00', 0x68282, 0x0) sendfile$auto(r2, r2, 0x0, 0xcd) write$auto(r1, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xc0V\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9\xc0\x83\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)\xb6\x90:\'\xa0\xbb\xc93\xa3Q\x01}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x8f\xb2\x0e\xf6r5\xf7]\x90\x02\x1b\xf8\xe2\xc7\x98P\x12\xc9H\xce\xcd\xb8\\\x8f\x03\xf2T\xa3\xed\xf6\xe6\x88\xb4\xd9\x1f!#4\xd1\xf2*\xd3Y\f\xca\xa1\xda3\x16\xcbg\xb7\xda\xe5bb\xc3\xc5>bH\xa8\x0f\xf4\xf55\xa7.\xcf{\a\xacg\xa9_lX;\f\xdc\x00\x0e:8W6\xbc\a\xb2\x93*\x1e\x01\x93e\xbfzvx\xca\xda\x05\x10F\xa4\xf5\xb4$\x96X\x15\xd7\xbcF\xcbm\xc9\x15/%\x8dE\x99\xa3\xa16\x19+\xbf\x83~\x80\xf5\x88\t\xf0\xde-[>\xd0\x84\x1a\r%/\xb7\x9bY\xb1\x86\xd6\v\xa0\xa1)\xae\x17M\x00\x00', 0x100000e3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab/kmalloc-64/objects\x00', 0x20000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a3842, 0x0) write$auto(r4, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4) mmap$auto(0x0, 0x40000a, 0xdd, 0x9b72, 0x2, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r6 = setfsuid$auto(0xee00) sendmsg$auto_MACSEC_CMD_ADD_TXSA(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="04170000", @ANYRES16=0x0, @ANYBLOB="000327bd7000fbdbdf2504000000b8030380ca9350accccdfffbe7bf8e7e701156b407aaec2f029d718e9901b58004002b0008000f0000000000d8da7cac98a727104cc60b3529a19153c69cd9c6e1da0b3ddb939bf6f805462a03736de30405accd48d473b76c79ab4ab360785b1ec0335e970dab9e07a4c5725a7e94caa11f8ad716081006d1478555606f284da2b29c659ce9c9328f891b168fe663e28e3382e17605fcd99ba41b6efc6c5bb7ce79b610a2973051a151adac6b3752b50dcf32b57a171bb1b0b327f0001051f0bee2231b38f17d4a0e8e582912fd20cd022a86eb19edbbc360be7500e0470898535e7ae0cf06106f37262ad4dffb5fa54e608ab0eda4dcc9dae8557daccfa5f0969ec935d10d7b155f527b0c54b34aae45d0e06bbbce8aae12d117626ed0dfccdd04001a800c000c00010000000100000079004300b3665655ba373acbea04bb6e6ac686bd918a516bb2830a608197b350d710482a52af0ce2de0b28de38c92f7bdbc460f913f31e895e2de0acac874e4e42e761bb3c8f6855b30797abe66a4367c08c69ef963ac58bbc581e77fdd818220e910af5b278056e308e7ffe086ba7cf0a684f6210a43817c30000000800ed00", @ANYRES32=0x0, @ANYBLOB="0000000c002d00000000000000000004003b0044004f001c826e145574aba2f51507983c13dc1da024e9cdeb6acc4d4c7a978dfc0902dd8e3a2d2b0a613927daa04fdfae4d427c4e7e135cd38d6718ba2128662e9b55cd4800c3800400a3800800f000ac1e010191d8ff5c9e99a2c491327da07199039a47f1fd92d2b0c54015890d4e4d408899f29052d365dc1747d336bd25df9f0e18b4a8321a0400a48008002500", @ANYRES32=0x0, @ANYBLOB="04005a80f52fd71d2eea84a595b4f85a1f2cdeeaced64157097d4c1aec888335e086b076f4127c88cb746b1a7e7553eda48b277288442432cfe290322c946a71e7a556391250dae47966ff0d2478943955dc7082a0a4c97e610525e37c9004ae36ce8bc82d35c77688b829e14ab2838367e9724aab92f61576dfc9b060de8267b08bdc1debf8d1623a8f42d5c8c61ec39d9af29a2e1b18fe3ac6d07ef0d8971e67aa90efc36c29a6365ee7d2aaa8c6db6d52c1f0ac0a86451f4d43297486157c7602f7ceda9230cc4befbb41d86fd4099da4792a41902bc9c89eb622d1836bb0f449e3f03628f3e816c6b1bdd99939c61dae73406d3958e649948fccb73614925ae8d0d5cf8cf226bf0a58f1ec8cc2fd8954ca9f16c746dc0d96c36b9814d064896daf68920d41be8f788c022137e8d2915a76d2dda6fea90e3e1a119b4fe253ce2ebcefc42753c542cbea03f1141b3e18ec3af1741a24f52fc00fe4940109809194c864ba9a0b23c216000eb4442d0d2b95c0c1ecbd3824cf0d73298ecc19a64b8a2281bfc66776bf7a8da87d42d4c5bdcc06dc8e5060541acca07880d55c46225f74ea636416b02d3d1b136de6beecc350d4426058864e0045fd94d0b0614ddc16e10e42f5c07292c785e1d08d7a0d68eb5c96fce36dade25e96f8d5a2910077ca541fede3dac3fed377e232f72bf07d892f2779efc60d5b733cfd574f2c13b2073df32d3a92219f68fc54a8e4f61e230f158c184f5c2b56c9a40aad001e8004001f00e147ccd621da17a821170d12631a2e8ab70de23f94640a951b1a3bfbc1ec9a242430b03448c358205f9fc98ae4b96903930438e1192580c50ee0e250431d400449c67602c7c1b6d9a000da3f611125c95a35e6b2d3f14b762d1a54ad5330d95e65d1c6bacd1db83e23cb140106e59aa9f73d2319249fdaa728845867f469c4e6fbc9e441a2ae34757b160001002f6465762f736e642f6d696469433244300000000400c58000000014003b800400a8800400368008009f00", @ANYRES32=r3, @ANYBLOB="080012001100000008003f00", @ANYRES32=r4, @ANYBLOB="131102801400340000000000000000000000ffff7f0000013de60c105c8004009a8004006f80062ce4064a35d3aeee1c5a40ccec51f99db3aaba47d56073e215e95bd64a7f64ce734d1637130114b1f3ad79905d47c31eda672cb83ba15a2fb960158a858b31fd381b779f05d1f3f1bdf3a6e47c2a9071d1cdc6702b7c9ba62327ef1f59e799f14087b271cffcc69a61633200894c5bc1d3e3eac0d5e2be33f84c47658fd4c302b829a8d414bdf72891014dc5cf424b4a97f1a88314416401e4b7e45be6ccaf004441bd7fb4b6c8ccab394976fea0309433fbf1f151e6e428131327fc6582b8686481b2bac6eff4c25db51c167b5e74e518221bb05a28656db84c39d2bc377379a0aab0db787cd97708db914e02a3eb5304c9556a541176ba0b43bb5364b5c3b7e583988b53e4758cd1e94fb481da78815ec437c90507e8c8d4abb0232151463dc75035cf0f11093e17bc063b47034a04b93178034853b4bc6b6b80beba953df955c81040f9197c5544c2aff3a364a9cbea78d02345fe1742fbfbc6a6585eac666e87468558341935eb90d0847694d97a8edb781f009f42f04f5733f8920b824225938efd377db447eac378160632b60a10c315d65fa33e949021e66a683a97b34f712595dc011e1c8211e9ee31193fd094ce6c6913e91dcaaf7adfd18ea7832e6d8b7eea49885e47fc67796baf7c46d96548f8488d0929e544ca5f178c19a92fa133d9c360e99b8e5d0ba654ce5848f65f851ab3822cf1661b2fb76d6e5d0c07ccf3d1c691be5470539c59c280db3af5feae0bd40a6de4cc9ec8ca4fb65cd1fec6116cc83b3d080f86d39ee89e506ae096d065ca3290e6524154a2955703ee4b156b25124b186c8be5b21a0278d94b572a3ffa228f3a5cbed5ee344122766bd6b0f1c206f7f4ed339c3cc7b2f752fb5f1128ce1be6cc162e1e47671b04db634cc8a5128b211451369ec8e7903f56295caa524bca9f92ac6da8004efea23830ef2687631aa75295fc8837066295f9ab698115e1511177a74143713043d6cb0a805746403b65d9837f2ee17a691dea695711584c53cc07bc579443cc0840727eff020e1c0d058532bbe792902e59d763402049b7ee05c5eb7f4641678c217d588d371d05ce6a4af99c9f64a6b60e9ef23f03bde422ad75e667837a98be4439439f76b068d1c4ff2f4282bbdf45ae2a41ea20e1c2c7f0a0aac15bbfa55b1f11ca0b8b47abde470b08ef2dd3a2a4384257f3156ad57924c1d378cea0057fb83c9131dbc3cb4d0605c72da824a3b51b9af7c99be7bac80ddfbcc1de4c5fe9043e8fc3b047f7dd2cef0a2eeb2483ae1e4fdf1d7d40a95bded5d0bca11e86a1257d4f7f24ba9245e41be7f12f57f3f2634c031a67f6aaa918be9591f84ede5fc141601af0c79b3a852bad93d214f6a6d7af45995bcf6640dba8cad2d661da0c749f2d8eeaa05683d0814fa61b0d5ad33bf77c8ec217e47cb0441ac2ddcefdf868f18bb3b246df93ef23e16d912f3099a5614ded5ca38619b78715a8167f35355d91cc60cb81a82dab0cbde3cefde6473a8b12a9e86ff9f6dbede5740de1d26c5e575ae31dfaa522b08c2f08cd011473b368072991a5fa2d0a3872231fe5411002454a23e6e6316637783126152863865af3318fdfe698d5baebd165f673745911ec99bddb08b0f50516ef42947d34fd3a6f1f26931511296e13414c828dbadab10d9af488a253f4744b60b56fbc21ff7b71d579be1fdd228041dabcdf64981668ce22b40b2afca19d05f231cdbf01d5b1bca07142bfe381069c59cbdb392ffa813bfb0d3e6e5b87542dde689bbef21a629efcd7e1366bf5167ceff7a66a0bfc0b6be6a21526318ccf4541a2fae33192f1145a0dc89497f10b976524dec2720764b0e1a5349cdfecf23b06438a91e8531fc7e8deb817d47535676351269b0626bab98a14b7057cff7b0da8cc069d102b44c2987b2dd4e8abe79c0c754a348d36f00cf53f469673657803d51288c69b4faef5844de1cb09dedc1ee0b5a1aee6a7c09e92a84048b75cd4ea2d5421d6b9238453d6ba9f9dd0a195b0d74a023ad8540e047aaa6d3ef4593577026e1f2532f31d0901b05f5e1c77b547c42f56753bd93b0ca2b03d896de327476e83e18319b3b15f98be9bc5f30a8159c6d07e2ca90613418050b83a9d0f7011cb45f05ee74d496158794ee7ca395d25e97f8722601898b21d2192747c5010fd6d1e4f9a5c6e480f864e99c0cf4a4b64d739f1d842f2d3522e4bd464ce1d1cb82b3838d5684ab6aa4a3c759bddbb94bd0ddda5659e5df34c56d37f0e9ba4f6850d7f5e816f421d37474d2c9c812d4495cf869a0395781ccf754bc10c68d7cfc8099ea47bcd33973efa51e2ccaf2bec8dacec92befbf9e07b5550ce8af9b4eb9901afb287f52133d3477a173a3f924ab95e3a35f342187ade36f4b445c0812ec5b8a54c17ad8cbc162d0b4f686cfe92a89b215460353538672ce79690c554f0e66ed957b9fb96cc6d9b8297d55e28cef8ad65f755dd2ba04a1c73c74cbbf821709c5b4db329e37532671466ca640c22b25e4dd2aa38995be456e11ca1db3e85bedb583ca921db896d2cdb406f96fc91eaba4d83e7b0c43d6bc3927996626c503d95a4f8f3adf4af74c3710ab8e6d5ba7584067168cfea85b2b888abd02331e87226a99b977f01fbef243709eb03b121e57cb4e96a7e7bae04d95d745e2950738538ca69cb96878d77dc3edf59fd746f34ede860178232e478e42eeec1b8a266f3d0377e7b111bc0c8590d67a3ff2e1c4eeb284bb9aeb0dbbee8ff7f9439ba9ff38665d7451f86db135a64c99cf0a71d3b3a03d9da4d9e98b25573a2c2cde40267bb23e8efafe42abdb50eb3a06fa172d19b10873e61bb345f15dcca4e313312fc4cce3bb079617f7704bc1098ee51a9f8bb9e95260738e7f0dcd5525b249a8325217d72049d55a25c94b63f3819918649ed31cd77825de72c1e6965ae52bd44006e9bd19d9b6123d52a5f576ca1e3c6170e14d0a2f9c1352fc57caba8c857e685ba746459b5194cde2b0670750a8057d1f2adcbfcb018b31910b6ab853b14af8f04cb4e45d9c78b3452731d43a874b54abe2aa2acbe69d9bbc2b1a3ad771a2c9a6c26bdc96138dd2eb55acacb7c4d6074d1759c1cd80568179bd91c0348f5b429cd49aabbfbcce7220b149c01c17e506f7921696dbe3c56505e1b713274bf7026d9df7ea70de4dd9204373f51eeba72af544de1e3e8905f7f0d8498ac555a3b74804e987d60948f7bda2d1609e17ced713682c27ec9f440b66bb801d1191d16619d08b643b2c44f14fb2c3ebf59b6431e4775dea839d6bdcf442b47058c0a78f42345ebc90e4fca83aeb63ec4d621b6f16565f1aec83cac4048f2ac1365c25462725cc7fa856ff49c432c4710b5ea0944d38d1f9cf311fea3bf47a84cb38f3e322a2f56ecd73986e0f551254282ccff69dc87b3ff0a16334ec6cc0980b0f8b14beeb71d50a06dde9d2dcd698983318fb1a0de8e8db4e7eb95b6602aedfd64bf861d6d0d1c1ed4f48c4fa5c41fb469db30deb7b42836a9d0c0807f72c55234038939e3ecfff54bb3328f3d756ea6e4f45e0f3af600daf15dc2c1f2f9f8f454ae43e6d2c8f3fea958b98d752797db71a9269ccc07462d3b52777b59c14fc4816f73d60ec8e104a4079a1a3555f1783758506577e203e24b76a4889def0ca45c1dfe422f658e8d649372def71becb872ad1049cafd6ccbb6a7ffdb1405aa834c8542afe05f780470f7e91e03bfa1166a0f48b3b0fc598a9a640ebb10010782cf326d5fd17296876baa38102bc24692bdf2956d935aff80c2dd39d82c64f8a6d94abe66a4495a0077ffc6cc6d05ae244f602eec5dae1e38ab647710bf5fbf5a1711d69ca319d97531e16ab74a26053744a701c5179c27d6356d5436b233e869bd34d2ed0542fb2bff3463f8dffc2cfc8eefc1de23349ec31b39077ec2b3db90aa69ce0775e432ebec89d27e6184cc035839b720121c8bbd764554c880b882efa1f867c1f493a9786f8d8f9b777047870212145e5e8b175a83ce15f0e8943f7c871d5af566b68b67cab1e95d322fe31ef0e8bfdd7adcc8efddc7160b724c23124e1eede3a1f677a42111e2735c629d28e4e114be890d7582e6ece45a5485811fdf5e50fe1f69fe2aa3b77a705918b74a359382825bfdb056e121ed5757a0a1efcc93af65b2bfa1040dcc552efc7150c2b4291441145b881ed799b5b732d2f75ced8c0c6e35505a319e6db8d9821b26b9df860672e0cf60e92b1ceaaf8ad845a12a55a6a4855e44738ac4ac8761e18ad540f7bab2e257673dadcc33cdd567b02b06a42310a4ef3e1e7414eb526d7ad02c3118476c35424ebc6e1d18831f3f135ab73f244cd7724778badb05dae6edc69e0d75edf3109a57c92dd968c0792e256fbdace3d5dedefedcadb7d19e2acc813e71d3d18d85a42bfa0daea6476d6c26e3f8e245829e6dd6c1e4317559f144151711f877a771161e0f7f92bb09102869e4551f338b39e2cfc547675c5830634e63238466ea1855beefa3da10cbd5d0fabb2c800a260af9ecbcfa3d3fec9986052f7c30272144a98b58ab0ca86933a6f59d47f7d8f5a08d5ff915c0b7b977d3e8616c353fbd6b8fdaf596ac28c9db8a9ef6ec4de6d7e57757cb94632d1571d16a0394c0c33afe84df0651c49dd8ec5a88641ffe5d5ffc3c58df3d7399a0d3838b008c349080bfc328e982eb24abb22cd4e73e07b5eb850eb87f9dd9d563a924775701b8043be8fe497ce60f12b80ece5783d3df62f3350cc557fd91d147bda62bb35f7f8a07097da11915b4369452065c2ca740db4671b78f1783e02c07cc3a6f7e1cb002579f2a2b4c0638faf5127433b60f78b96c3a1a8e8d9c0f2d327a57af6cf76a7d9217503d52935c5844ec70dfd5817e79cca1a3bd89a18c3842fbb8efeba4ec5d8503d3e8ca831148b139bd99544e6914c818bb4dac698e8004ccd1cfd97e5cb56203160f46e6fa1b0c3ef9f3c8c0bc335f2669ba7eac111d81e193d4d3896ecf42d596cd38ed82bb84b613c03797432675f9a089ecd3a6f2994a3c1c3d8e344072ba845a2f79f32bcb73cadf798c99a3c6d019f5c6563bc5a6c7d9e6b46e447a95bae6f7e39c8888603cefc6a2ada85d899a2d71d3419397739999a4977b8e91454b9c497223305ea7af6dd1325882902ef6479b152d0107a40e23328d44efac1089bf74fe359c644c47df9427bd41fcd9cae6a3e6270c13e0e3d912402cfd6bca0691e4bc6605cfa7609fc76d18da3f5c70152cea0a65fb82106eae50a9520bfe71cc9ecb3747d4a6af219ce8cdea6ffcf2d994cdfbf96a3af56ed4ab4cc51185df36cacd3e2498912c36b524f9b2e8ef45d2db56ae42524b708d5c174c27a74cb5e5595d59bddcf252dc4e01539495da3bc152c8752c6e550bbc423c67be656a1f85f8356729e1ff1a7e70f031aca29f5b2c4cafcc570f55ab0e8b737f04a03065cfd201551c5f0d12b28b47c99df931a7f25a6271e25c0e7934c397df6b83ce22fec496d8ed8e81a37c86e6bcd1312a3b6e5e67e9034ff21f311e0152acb9d0e30b7094f9da321e423f11d70a000e70bf3796e0c17de5d7136389f53ac422af3a5de5208ff0a1d6cbe8e14d384d8c4d8c5326eda3e149da122f429f41f94d886d9a569184987db600e421ab644fa0e01fa0b998cf420e271e259b05f6ef7dae2905e42305314b9f6ec467dc6c5712e9dca2ac8e7744ff3f83256fb306873fbc4f63dd95c6f448ef726efbea92ffd8ab41c7f3eeb11a98ad248bd6d9bedda713a51091a67b877e256d08002000"/4148, @ANYRES32=r0, @ANYBLOB="3deb9b9224ed08e22c7d781c0005801400f0000000000000000000000000000000000004008a80c0eb608cf9d74aa813dcd3f579118844fb0ab4faf80aafd469e7e68759c6f87392b79779b50e8f95181625dc99606b3cfe3661e43e3e4b171349e7a51c8dad5ebb54d2d873b2d43b3e203e0c12abdffcfa1fbeaba97ed2d89076275d43a6e50871bbfadf453d94223d2aff1abd10b0977f74465dfa95a80cf4ca044da719d7d256c16a31e18fd037dd842a2b6cac13b7b1b04abb86ced4b4156c6e2fd4af8998ad6aa00c30a0c565158d3da643be38affa472a95dd5d050017000000000000900003800800f000", @ANYRES32=r6, @ANYBLOB="08007400e0000002585a10502e454804f30661f4cd5e837ab1baf69a4f95f323b84ac3914dc32625b4279f285663c74f19047f787359075e6629d8618999cfd16e9da7cba26da6375a9ce3f191c455209a5991470c7e8488107c80ba1868b1614055dfbaa624c8e3dd0a37687d2594accec4f8c19429aff060b6eb7c2c8fd91f6fb3647c"], 0x1704}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nbd10\x00', 0x1206c2, 0x0) write$auto(r7, &(0x7f0000000180)='@/\xf2\x009`2?#\x9a\x97\xc8\xc2M\x8b\xd1\xde\x17U\x9c\xc7\x8f{\xfa\xb4\x13\xbb\xb3\aB\xda\x97x\xa4W\xe8\x92d\xd6\xba\x903iF:\x81x\xf8L\r\xa3;\x8c\xd0\xb3uF\xe9\xd7\xe9I\xd6\xc1\xb4a\x13\xe3\x11`\xab-s\x920a\xf5Sa\xf6.\xaaL\x9acl\x82\x85\xec\xea;\x85\xca\xc9\xa1\x94\x9b]n\x15\\\xd8@\xe5\xb2\xa14]\xac\xe5\xc4\xceBE\xfd\xa7\x7f\xf1\xb3\xe01\xee\xeeI\xc7\xe9n\x9b', 0x4700000) ioctl$auto_BLKRRPART(r5, 0x125f, 0x0) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffa, 0xe983, 0xdf, 0xeb1, r1, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ttyS2\x00', 0x103e81, 0x0) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r8, 0x5408, 0x0) r9 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) read$auto_i2cdev_fops_i2c_dev(r9, 0x0, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x248401, 0x0) 3.865490575s ago: executing program 3 (id=1490): sysfs$auto(0x2, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(0x3, 0x5420, 0x38) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x402c542c, 0x38) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ext4/sda1/err_ratelimit_burst\x00', 0x103841, 0x0) write$auto(r1, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) ioctl$auto(0x3, 0x402c542b, 0x38) readv$auto(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x10003}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mbind$auto(0x0, 0x2091d2, 0x0, 0x0, 0x2, 0x2) madvise$auto(0x110c230000, 0x1, 0x9) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/irq/8/affinity_hint\x00', 0x47100, 0x0) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0xa, 0x2, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) fanotify_init$auto(0x82, 0x10001) setsockopt$auto(r2, 0x29, 0x30, 0x0, 0x56b) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 3.387461365s ago: executing program 2 (id=1493): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x2080, 0x0) syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/dri/vkms/Writeback-1/vrr_range\x00', 0x640441, 0x0) mmap$auto(0xfffffffffffffff9, 0x3498, 0x101, 0xeb0, r0, 0x2380000000000000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r1, &(0x7f00000002c0)='5\x0e@\x90\a\x1b\xb3\xff\t\xe8e!\xf6\x84\x9b_c\x9dK\x02\xfa\x82\xd8\xed\x05\xda6\t\x1a\x9d\xa3[\xb6\x1e\xe3~\x02\xf50\xaf\x10so\'\xc3\x02\xfb,v\x06\xdf\xef\b_\x1cFXD(P\xb7\xe8\x8f\x14\x983\x8a\xb7\x86\x90\xc7\x8f2\x16\xc6\xa2?\x93\x18=\x87\x88\xc4\xf0q\xd6\xb3c\x89\xb8\xbcW\x94\x1d\x12\x05\xb1\xddD\x8f\xf9\xb1\x8b_\x0f\x95\xbc{\x1c\xbc\xf5-\xa6\x1c\xe4d\xc8', 0x800026) ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000240)="000004") write$auto(r1, 0x0, 0x41ec) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/comedi\x00', 0x18b202, 0x0) pread64$auto(r2, 0x0, 0x400100000001, 0x1ff) readv$auto(0x3, 0x0, 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x1e, 0x1, 0x0) listen$auto(r3, 0x9) accept$auto(r3, 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x6) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f00000000c0)='cifs\x00s \xfe\xcd\x94=\xbf\xfd\x02;\xffP\xf26\xea\x97\x95\xad\xb6\x1d\\\xd3\x89\xe0\n\x0f\xf7]\xafa\xcc\xbbgv7\x04\"\xb4\xe1\xc8#\x1b\xf0&\xc3\x15\xea\x1f\xcf0#e\x14\xe6\xf9\xc9\xec\x1d\x1d\xa7\xcd\x94\xae\x01\x00\x00\x00\x00\x00\x00\x000\xc3\xeem\x8e\xfb`\x1a[\x01\xf6Re\xad x\xbc\x00\x0f\x0f\xc6f\x82\x16\x8e\xab\xf6)^\xbe{=\xa3\xeb\xc44\f\r\xf6\x17\x87\xe8\xb0\xd9V\xfb\xc6U\xe9\xb7\xe6\xa2\xdb\xbbP\xf14S\xe6\xce|?\xa0\xf3\x8f^?5\x1bb^R\x11\xf6\xe8\xfc\v\xfa\x96\x89%\x02\xc0\xa9\xc9\xd2\xb0b\x86\xd1\x1c\xa2\xca\xc9\x90\xd7\xe1\xbf%\xdbzh\xfc\xaa4KhoD\xe7\xda\x12^\x8b\x81\xb3B5\xfd-\x83\x9f\xe7ZHh^9\x18z*\x02\xa8Fu\x80\xee\xc6\x98v\xf6\xa7\xdf\xd8\x9ans\x16\xa7\x03\xd9\xc2\xee\"\xa7\xefx\xd5,Q\xfe\xe6\va\x06\x00\x00\x00\x00\x00\x00\x00\xaa\x89!,m\x16M\x19no\x1e+ 1\xa7\x1c\x95\xa0\xd6`\xd1\xf8r\xea\x13sFn)\x05\xc8\x1e\xf8a\xf5H\x86\x9a\xc4\x81\xbf\xa1h`\xe0\xd8\xdd\xeb9k\xa4\x1fA}\x80\x9e\x8a\x031\\D@\a\x8b\xc7.\xc1\xe4Z\xd4C\x19g^\x06\x06\x82', 0x8002, &(0x7f00000001c0)) open(&(0x7f0000000000)='.\x00', 0xc00, 0x409) open(&(0x7f0000000100)='.\x00', 0x100, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim2/hwstats/l3/enable_ifindex\x00', 0x89342, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) setsockopt$auto(0x3, 0x114, 0x7, 0x0, 0xa0) 3.178204504s ago: executing program 1 (id=1494): bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000040)=@bpf_attr_7={@link_id, 0x764, 0x8, 0xffffffffffffffff}, 0x1) mmap$auto(0x0, 0x20006, 0x0, 0xeb1, r0, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, 0x0, 0x6f4) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x8402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xe, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xffffffffffffffff, 0x65, 0xa2, 0x1000, 0x6d3e, 0x9, 0x2, 0x46d]}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r4, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c020000", @ANYRES16=r5, @ANYBLOB="01822cbd7000ffdbdf250200000004000180340201802d0239801b02eb804540411dc202cca7c300098de4cfac1203a8319dc7b96f0e2a79334de3be28009e292ede89fa0308009cc5000000", @ANYRES32=0x0, @ANYBLOB="6930d90e6909e2b8e7eb7fce61b1c025380ce4702699d87c1fed3cf9f146b4ded92ce82ffe7fa2ac72640f557a845a28a0e484eab4c323b7a631c0e9ea7cd1623d365b31ac8f93d7b7ba1fe0dc38aac8423995fbf05cefbfcc2cf976cdb77a84b14a852fa07c112b31360ea6913f2214d52fd4fdc9d70f5d00ae063c4b369b11a363e0a6f5f9edfc8b527c68e2f43e321c006a2034c49e67e56ab2060bccbadae47f135e9370e4143639388d590430c25637db9a1f372b131aed9326e3db4a6bc9080db86a4649bc6bf77993ab7000e880b43e00104808a69ceefccdc7208d795692755d48b7d3eaf37da135891ae1764cf2fdac302d49af25e1cfedfa7d2ea160f99e24961c2a3f75338a77437119afaf3c16c367d73289398b08635cccbd637a44a7e458151410cb8e5e702b6c00f1ace487751a9e174acb197d6a7604002d809c00098018dd0047f071cf26f71d7c3e0953a7b809f180b71a907ce8eee916b786c12bef043849f161b88cbb4f01bf22d7564404244d4a13c3a6386f14ef3c114ccaa122e838b4e7a335dea8cbe3bcec519afde9f5c23303b82c57b41f730b3046db635a18dd6ae8e02e7eecc84472f0833c6a03b2d8ab0f34a797c4cc4a02f9775150e42001e3c49e4af528b3a416990c00f000040000000000000008005000", @ANYRES32=0x0, @ANYBLOB='\x00\b\x00-\x00', @ANYRES32, @ANYBLOB="5ecb8698ec000000"], 0x24c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000048) sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r3, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x28, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x5}, @NL80211_ATTR_HE_BSS_COLOR={0xc, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x1) 3.071631375s ago: executing program 0 (id=1495): unshare$auto(0x40000080) (async) openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) (async) socket(0x2, 0x1, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x22a0c0, 0x0) (async) socket(0x2, 0x1, 0x0) (async) pipe$auto(0x0) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) madvise$auto(0x0, 0x2000040080000004, 0xe) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) getsockopt$auto_SO_NETNS_COOKIE(r0, 0x9, 0x47, &(0x7f0000000540)='nl80211\x00', &(0x7f0000000580)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) prctl$auto(0x203a, 0x0, 0x0, 0xff, 0x4) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(r1, 0x0, 0x40000000f42c, 0x80002) r2 = io_uring_setup$auto(0x7, 0x0) epoll_ctl$auto(0x5, 0x1, r2, 0x0) (async) sendmmsg$auto(r2, &(0x7f0000000500)={{&(0x7f00000001c0)="2627efef9a08d2afc78b379e019bc12bcab3047168ec06888ece20fdb330f6d1e117652281a84d9b9d1ca87535304c2a1468842f04ae3e2bee80609e62be2fec3c3230c946ccc7e0099d12eb9930f46cc49d019eb289c86d0d9a727d92507c11814873d0227dca745c1d4e0badad3f3cd8abf907a1903aeb2693838dbd362a2234", 0x6cd1, &(0x7f00000002c0)={&(0x7f0000000380)="cfd1cd519653a074f63519f5b9daf4eb0e820b8885fe8df0dda60b761a99605e14347207d2d8bb8d1bb0b1f2a9a01f77620f41f76214078a0495e7befd7bb4e5331cca898cea750fb71442", 0x4}, 0x13f1, &(0x7f0000000400)="3b9a22c8859f1ed29b3562643fb676719585c0bf6b23b491943ae086e4f8f0043678df4695673136da204287204f836029ee56edd969d7b24db35ccf66101f6d8623a7c10e1ac79a95b4c489d367e97f6d4581b8e471c18a87e015fb8b775b2f020b7106c89837697b509f0a10f3ff249a1caf224ff07e82b6111e29074a6421507628e31631fcef425df5b8ff04a34982db37b86a6757850787ee922a535d6128adf75fb986c03e247b72d4acaa550fefef1cf9dbc28d60cc90d34c5079ad78d5944cbf38900d037658f7efb69d9387910a03b878df1b5024b1c697e2284668d29e", 0xd, 0x7}, 0x10}, 0x5, 0xfff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) (async) madvise$auto(0x0, 0x200007, 0x19) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xf, 0x3, 0x2) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/security/tomoyo/stat\x00', 0x40802, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 2.3279571s ago: executing program 3 (id=1496): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) 2.18933815s ago: executing program 2 (id=1497): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) (fail_nth: 8) 2.006152528s ago: executing program 3 (id=1498): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x1, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xbff) 1.926477816s ago: executing program 1 (id=1499): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20001, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="8c66381957a4f7888c094143a0c718e5e4d04a0030448293116b01bb6fe18e8345aef2917b9c680544a343ba8e006cd4f6434ab1a5e700778e9fc7ba9af47487ca1f9d52939c66c96da4ce5a4f25feef3efd5b8c7733") 1.804020052s ago: executing program 0 (id=1500): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresgid$auto(0x81, 0x800000a0, 0x8) mmap$auto(0x0, 0x20009, 0x4000004000df, 0xeb1, 0x401, 0x8000) keyctl$auto(0x5, 0xffffeffffffffffe, 0x107, 0x803, 0x800000000000c) setresuid$auto(0x2, 0x7, 0x8080) keyctl$auto(0x6, 0xfffffbfffffffffe, 0x2, 0x32, 0xfff) pread64$auto(r0, 0x0, 0x8, 0x8) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) mremap$auto(0x1000000000000000, 0x4, 0x7fffffffffffffff, 0x1000000000000007, 0x100000004) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x2, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x7, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x28, 0x5, 0x0) sendmsg$auto_NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000129bd70e7fbdbdf25250000b605983f2fef83160eda2ebdecf7471c0024002680080002000100000008000200"], 0x38}, 0x1, 0x0, 0x0, 0x200680c0}, 0x881) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x800) r1 = getpid() process_vm_readv$auto(r1, 0x0, 0x1, 0x0, 0x6, 0x0) connect$auto(0x3, 0x0, 0x54) setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd700000dcdf250200000004000800200001801c001080060009"], 0x38}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) 1.803842386s ago: executing program 2 (id=1501): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x1, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100000000f40100"}, 0x58) socketpair$auto(0x3, 0x80001, 0x7d, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) chown$auto(&(0x7f0000000040)='./file0\x00', 0xee01, 0xee00) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000140), r1) mq_timedreceive$auto(r0, &(0x7f0000000080)='-()),{@\x00', 0x7f, &(0x7f00000000c0)=0x31a2029, &(0x7f0000000100)={0x8, 0x2}) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) 1.647687122s ago: executing program 3 (id=1502): connect$auto(0x3, 0x0, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x700, 0x0) unshare$auto(0x200) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/mnt\x00') setns(r0, 0x0) r1 = prctl$auto(0x1, 0x1, 0x0, 0x0, 0x6) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x107000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x8, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x5, 0x1, 0x2, 0x80000001, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x3, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd7f, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r2) sendmsg$auto_SMC_NETLINK_GET_LGR_SMCD(r1, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xa8, r3, 0x200, 0x70bd27, 0x25dfdbfe, {}, "7e74247cc110ed6eefc2507b4ea70a41660110a50f76f60ec82ea59cba8a71f4e5b8fa72ef0257cc86a05fa57d48e800c2c079f7a6e2e6779e31d7bfb65e680d029dfddc5ecd6df61ec98afbf2e10bbf429ae3ab8393fe022434163caf763db3a765ebba8d58ed0affa8dcf7b5dc9b12ef56c35505930077cc041fe9c18d33f7e326eea9f2a4ca0ba53dd87263910fac6984d991"}, 0xa8}, 0x1, 0x0, 0x0, 0x8001}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.632308116s ago: executing program 1 (id=1503): mmap$auto(0x0, 0x20009, 0xdf, 0xeb0, 0x401, 0x8000) r0 = socket(0x2, 0x3, 0x100) sendto$auto(r0, 0x0, 0xe31b, 0xb950, 0x0, 0x80001d) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80002, 0x73) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000300), r1) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x21398000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r4, 0x400, 0x70bd0d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004021}, 0x404c081) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r5], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) sendmsg$auto_NL80211_CMD_ASSOCIATE(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x170, r2, 0x400, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_MLD_ADDR={0x66, 0x13a, "9bd0253fe0a85f6df369d6bdc4b87ac70f8ef587f7ab2b10982f2c84ee816a1accde3002a5c13f4907d978aae6adf4044d8a15c778e7668d3276504c4aca2d7f4c7c55c02ddacc63c55273cf058ed5cb63bc1c53a0951e96642dda9af42bb5dce0e8"}, @NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_PMKR0_NAME={0xe3, 0x102, "be8ff661707f0784309dbf5ae1f485c34127da340b5577aecf6f79e6f5da0269dce279e47d8058a895c7256c3da245dac2decdd43798c9afdb684521ea5ae576bc8f6353b84be4bddbc66a1fa5eb739e06bf19f88fc561d125539c2fcc053d7c9c8d9ae0f7dfac9e360c3ca48a0d9c4c8c12415262c3fddcbbdd19409fb3841d08f95f1de419d3e5d69fe2c14d7da97883bfb8b6935350653313792e54f7933184bfb63ddce692bd00f22b39bd895c3988a7feb00f0398eded2faf213b80af0188585349ee2690f799aeed70ab59bf9973d815b5a0177f988d50170708c448"}]}, 0x170}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r6, 0x0, 0x400018) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xc2082, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r8, 0x0, 0x20) write$auto(r7, 0x0, 0x5) ioctl$auto(0x3, 0x4020565a, 0x38) 1.455666811s ago: executing program 2 (id=1504): close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x20a02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 1.239788378s ago: executing program 2 (id=1505): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r0 = socket(0x1e, 0x1, 0x80) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x2, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) writev$auto(0xca, 0x0, 0x7e) r2 = gettid() kill$auto(r2, 0x11) ioctl$auto_PPPIOCSCOMPRESS(r1, 0x4010744d, &(0x7f00000001c0)={0x0, 0x8, 0x80}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0xd, &(0x7f0000000000)={0xfff7, 0x8, 0x6, @raw=0x3}}) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch12\x00', 0x80382, 0x0) ioctl$auto(r3, 0xc0045627, r0) socket(0x10, 0x4, 0x300) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x160080a4) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r4) sendmsg$auto_NFSD_CMD_VERSION_SET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x24, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x10, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_ENABLED={0x4}, @NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x2}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000001}, 0x844) mmap$auto(0x0, 0x10402000b, 0xdf, 0xeb1, 0x200000000000404, 0x100000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0xffffffffffffffff, 0x5608, 0xffffffffffffffff) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1b, 0x0, 0x1) mmap$auto(0x0, 0x4020009, 0x8, 0xeb4, 0x401, 0x1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x0) r6 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000000)=0x200000000) read$auto(r6, 0x0, 0x3ff) 1.05674323s ago: executing program 0 (id=1506): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x1, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xbff) 864.289412ms ago: executing program 0 (id=1507): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="08009e"], 0x24}}, 0x4000000) 745.184119ms ago: executing program 1 (id=1508): r0 = socket(0x2, 0x3, 0xfd) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r3 = socket(0xa, 0x3, 0x87) setsockopt$auto(r3, 0x29, 0x42, 0x0, 0x3) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x40, r2, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x14, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4788, 0x33}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590820806"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00'}) 702.137205ms ago: executing program 3 (id=1509): socket(0x10, 0x2, 0xc) (async) r0 = socket(0x10, 0x2, 0xc) timer_create$auto(0x2, 0x0, &(0x7f0000000140)=0x6) timer_delete$auto(0x0) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) (async) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000180)=ANY=[@ANYBLOB='*', @ANYRES16, @ANYBLOB="010029bd"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x4004) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bond_slave_1\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bond_slave_1\x00'}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f0000003a00)={0x0, 0x0, &(0x7f00000039c0)={&(0x7f0000002600)={0x2c, r3, 0x221, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000011}, 0x40) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="ed03667ddcd6d026df250a00000a00000200252f00e2a85c41e75a02715b2d0000001000df"], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="ed03667ddcd6d026df250a00000a00000200252f00e2a85c41e75a02715b2d0000001000df"], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) vmsplice$auto(r5, &(0x7f0000000040)={&(0x7f0000000300)="bc1ee1a6910bd90e2f395f512213ac633832299c5374891e429a78446c587fca6d64ddfea0d5668528a1fa5362e2eca195e389c1622ebdf01ffea0ba2e1c798fb4b525e6820034ebecb1dff7b9f803da8139fa33a0fe9d95dbf3a9344a1ddda780b0448511b4d665a25a57186086da38b5afc8127dd18bc02e299877a60c05f13503c34f78cb70bd9c83e0bcaa928f13ac1f38eb6e17b9c323499af77baed4fa86ef97a0a1a1b6d35801a630b7fd658ac8be339ee14c5f73a558e6d9006f4c8de4f4516557c7f04f", 0x4}, 0x1000, 0x8a0) 620.23161ms ago: executing program 0 (id=1510): fchdir$auto(0xffffffffffffffff) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) getpid() unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000300)="64074c974bc700bf3e0ea3cb2a0e6fb39becec71e3a4d0a56fd330f661933ddee8f7e24e910a635beff3ee8ee14b1c06ea42210c954dbb2646ec4926a181e72e60e162246177fab5b4ca997754a8c9cddab6d3c54cbfb66c3783772d50cc1e5778975d5b19cb2cf6de8f594e2311768d1b3d94adef00"/136, 0x40200}, 0x3) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x20000084}, 0x44098) socket(0x18, 0x3, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004) r1 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x0, 0x4000000df, 0x9b72, 0x2, 0x8000) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r2, 0x40085507, &(0x7f0000000080)={0x1, 0x0, 0x9}) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x7e, 0x0, 0x7) fsmount$auto(r3, 0xfff, 0x7) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) setsockopt$auto(r1, 0x10000000084, 0x23, 0x0, 0x8) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, 0x0, 0x4000000) mbind$auto(0x2000, 0x800000100000004, 0x100000000, 0x0, 0x1003, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) open(&(0x7f0000000080)='./cgroup\x00', 0x101000, 0x0) socket(0x1d, 0x3, 0x1) 536.014706ms ago: executing program 1 (id=1511): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20001, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="8c66381957a4f7888c094143a0c718e5e4d04a0030448293116b01bb6fe18e8345aef2917b9c680544a343ba8e006cd4f6434ab1a5e700778e9fc7ba9af47487ca1f9d52939c66c96da4ce5a4f25feef3efd5b8c7733") 331.266623ms ago: executing program 1 (id=1512): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x8, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x18, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_KEY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x101, 0x103) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) read$auto_mon_fops_text_t_mon_text(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) listmount$auto(&(0x7f0000000040)={0x7, @inferred=r0, 0x4, 0x3}, &(0x7f0000000100)=0x47, 0x10000, 0x1) io_uring_setup$auto(0x6, 0x0) 47.519176ms ago: executing program 2 (id=1513): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = socket(0x11, 0x80003, 0x300) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x0, 0x0) ppoll$auto(&(0x7f0000000040)={r2, 0x4, 0xa7}, 0x1c, 0x0, 0x0, 0x8) read$auto_drm_debugfs_entry_fops_drm_debugfs(r3, 0x0, 0x0) sendmsg$auto_NL80211_CMD_ADD_LINK(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYRES16=r1, @ANYRES16=0x0, @ANYBLOB], 0x194}, 0x1, 0x0, 0x0, 0x20008000}, 0x44011) epoll_wait$auto(r1, &(0x7f0000000400)={0x1, 0xa}, 0x17a285d3, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x440, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r4 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0x1, 0x0, 0x8004) r5 = socket(0x10, 0x2, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000) write$auto(r5, &(0x7f0000000000)='-\x00', 0x2fb) pkey_mprotect$auto(0x6, 0x8001, 0x8, 0x2) 0s ago: executing program 3 (id=1514): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0) sendfile$auto(r1, r0, 0x0, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB='r'], 0x1ac}, 0x1, 0x0, 0x0, 0xc0}, 0x200440c0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f00000001c0)="4023323b52a998fc53754442197547d986396e4ac2f991ce93879e2fbeea07fa975eb48bee358e775e6a6cb2e54acee2ef0183bef6b6e7f1890e3a4c066c8369918de3254172611a83c7b6aeb53a353babee4c2ad6f12b337831bbbaf52c5983650e99a42abaacfdb9f4d6a04de3be3a512d187885106cdfcc4c1689a5595c49bd441bc56a53eb770a52e744177964638bf33f56ce4a91dcc003a9223d9747abc414590b71854d97f54ae2c7bb520a969491a5b1f005c566eac9d76e18d704e44e4c9fdffc06ca1b360105327259906d669347745a04d428b2a5c2da5e23f85ef2d02da6022bf9bbb4292b4b82bcb077f237", 0x7, 0x0, 0x7, &(0x7f00000003c0)="36d426922608a1214940a348067f49ef5a4d2096455f61a11dd81b0c0527ec1674ba4f30dbe32e7da22234e8cb9c6fe2169af82540e2e52f7391e8cc3662de9bd60f64967569142153cfe766dfc79b00e70cbf2ced9db314dd2c7ccb9c52d29ada52e587c23b324fb9a0939378550faad663c872f3cf571cf7e1a437eea1d673edc290a12a2d941d2e6e9b26840bf8423611d93270b74696a8d31d18442926c0be6dd278204adc60c01f", 0x0, 0x9}, 0x8}, 0x4, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x300) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\x88\xa8\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) read$auto(0x3, 0x0, 0x80) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ip6gre0\x00'}) sendmsg$auto_OVS_DP_CMD_NEW(r3, 0x0, 0x2000000) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, &(0x7f00000004c0)={0x0, 0xe, 0x95d7, 0x7f, 0x3, 0xfffffff2, 0x9, 0x3, 0x0, 0x7, 0xb, 0x8, 0x7, 0x2, 0x3, 0x1ff, 0x400, 0x80000000, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"}) adjtimex$auto(0x0) unshare$auto(0x40000080) r4 = socket(0x23, 0x5, 0x0) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000002bc0)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2fafc1, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 5842] block nbd3: Receive control failed (result -107) [ 182.487310][ T7043] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 182.652254][ T7046] netlink: 186 bytes leftover after parsing attributes in process `syz.3.235'. [ 184.544099][ T7077] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 187.920979][ T5842] block nbd4: Receive control failed (result -107) [ 189.063895][ T7154] ptp ptp0: only physical clock in use now syzkaller syzkaller login: [ 194.295288][ T7242] FAULT_INJECTION: forcing a failure. [ 194.295288][ T7242] name failslab, interval 1, probability 0, space 0, times 0 [ 194.328343][ T7242] CPU: 1 UID: 0 PID: 7242 Comm: syz.2.285 Not tainted syzkaller #0 PREEMPT(full) [ 194.328385][ T7242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 194.328403][ T7242] Call Trace: [ 194.328413][ T7242] [ 194.328424][ T7242] dump_stack_lvl+0x16c/0x1f0 [ 194.328474][ T7242] should_fail_ex+0x512/0x640 [ 194.328512][ T7242] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 194.328549][ T7242] should_failslab+0xc2/0x120 [ 194.328591][ T7242] kmem_cache_alloc_noprof+0x75/0x6e0 [ 194.328624][ T7242] ? __pmd_alloc+0xbf/0x8b0 [ 194.328675][ T7242] ? __pmd_alloc+0xbf/0x8b0 [ 194.328716][ T7242] __pmd_alloc+0xbf/0x8b0 [ 194.328763][ T7242] walk_pgd_range+0x88b/0x1f50 [ 194.328816][ T7242] ? mt_find+0x749/0xa20 [ 194.328858][ T7242] ? __pfx_guard_install_set_pte+0x10/0x10 [ 194.328902][ T7242] ? mt_find+0x3e2/0xa20 [ 194.328937][ T7242] ? __pfx_guard_install_set_pte+0x10/0x10 [ 194.328979][ T7242] ? __pfx_guard_install_set_pte+0x10/0x10 [ 194.329021][ T7242] ? __pfx_walk_pgd_range+0x10/0x10 [ 194.329066][ T7242] __walk_page_range+0x163/0x820 [ 194.329104][ T7242] ? find_vma+0xbf/0x140 [ 194.329138][ T7242] ? __pfx_find_vma+0x10/0x10 [ 194.329177][ T7242] ? walk_page_test+0x9b/0x180 [ 194.329212][ T7242] walk_page_range_mm+0x461/0xb40 [ 194.329254][ T7242] ? __pfx_walk_page_range_mm+0x10/0x10 [ 194.329300][ T7242] ? __anon_vma_prepare+0x2e2/0x5e0 [ 194.329356][ T7242] madvise_vma_behavior+0xa54/0x2d50 [ 194.329406][ T7242] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 194.329442][ T7242] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 194.329495][ T7242] ? mas_prev+0x9b/0xf0 [ 194.329530][ T7242] ? __pfx_mas_prev+0x10/0x10 [ 194.329576][ T7242] ? find_vma_prev+0xd3/0x150 [ 194.329629][ T7242] ? find_held_lock+0x2b/0x80 [ 194.329661][ T7242] ? __pfx_find_vma_prev+0x10/0x10 [ 194.329717][ T7242] ? __futex_wait+0x24b/0x2f0 [ 194.329775][ T7242] madvise_walk_vmas+0x31f/0x9c0 [ 194.329829][ T7242] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 194.329889][ T7242] madvise_do_behavior+0x1e2/0x530 [ 194.329933][ T7242] ? futex_private_hash_put+0x18a/0x300 [ 194.329978][ T7242] ? __pfx_madvise_do_behavior+0x10/0x10 [ 194.330027][ T7242] ? down_read+0x13d/0x480 [ 194.330090][ T7242] do_madvise+0x176/0x240 [ 194.330134][ T7242] ? __pfx_do_madvise+0x10/0x10 [ 194.330190][ T7242] ? do_futex+0x122/0x350 [ 194.330262][ T7242] ? xfd_validate_state+0x61/0x180 [ 194.330304][ T7242] ? __pfx_ksys_write+0x10/0x10 [ 194.330345][ T7242] __x64_sys_madvise+0xa9/0x110 [ 194.330388][ T7242] ? lockdep_hardirqs_on+0x7c/0x110 [ 194.330421][ T7242] do_syscall_64+0xcd/0xfa0 [ 194.330490][ T7242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.330519][ T7242] RIP: 0033:0x7f081a78eec9 [ 194.330544][ T7242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.330572][ T7242] RSP: 002b:00007f081b707038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 194.330600][ T7242] RAX: ffffffffffffffda RBX: 00007f081a9e5fa0 RCX: 00007f081a78eec9 [ 194.330621][ T7242] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 194.330640][ T7242] RBP: 00007f081a811f91 R08: 0000000000000000 R09: 0000000000000000 [ 194.330660][ T7242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.330678][ T7242] R13: 00007f081a9e6038 R14: 00007f081a9e5fa0 R15: 00007ffde5864f68 [ 194.330723][ T7242] [ 194.814021][ T7247] netlink: 334 bytes leftover after parsing attributes in process `syz.2.285'. [ 196.528176][ T7286] ptp ptp0: only physical clock in use now [ 198.440928][ T7323] netlink: 668 bytes leftover after parsing attributes in process `syz.1.302'. [ 198.460739][ T7323] net_ratelimit: 35 callbacks suppressed [ 198.460762][ T7323] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 199.089120][ T7320] netlink: 12 bytes leftover after parsing attributes in process `syz.0.300'. [ 199.880033][ T7324] kexec: Could not allocate control_code_buffer [ 199.965279][ T7331] sp0: Synchronizing with TNC syzkaller syzkaller login: [ 201.616047][ T7354] sp0: Synchronizing with TNC [ 201.803033][ T5842] block nbd5: Receive control failed (result -107) [ 201.993411][ T7382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.314'. syzkaller syzkaller login: [ 203.578389][ T7399] netlink: 5 bytes leftover after parsing attributes in process `syz.1.317'. [ 204.031467][ T7417] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 204.076509][ T7417] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 syzkaller syzkaller login: [ 204.744903][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.759419][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.956430][ T7426] FAULT_INJECTION: forcing a failure. [ 204.956430][ T7426] name failslab, interval 1, probability 0, space 0, times 0 [ 204.978115][ T7426] CPU: 0 UID: 0 PID: 7426 Comm: syz.0.322 Not tainted syzkaller #0 PREEMPT(full) [ 204.978160][ T7426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 204.978181][ T7426] Call Trace: [ 204.978192][ T7426] [ 204.978204][ T7426] dump_stack_lvl+0x16c/0x1f0 [ 204.978250][ T7426] should_fail_ex+0x512/0x640 [ 204.978292][ T7426] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 204.978331][ T7426] should_failslab+0xc2/0x120 [ 204.978376][ T7426] kmem_cache_alloc_noprof+0x75/0x6e0 [ 204.978411][ T7426] ? alloc_empty_file+0x55/0x1e0 [ 204.978467][ T7426] ? alloc_empty_file+0x55/0x1e0 [ 204.978512][ T7426] alloc_empty_file+0x55/0x1e0 [ 204.978562][ T7426] alloc_file_pseudo+0x13a/0x230 [ 204.978614][ T7426] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 204.978664][ T7426] ? alloc_fd+0x471/0x7d0 [ 204.978713][ T7426] sock_alloc_file+0x50/0x210 [ 204.978759][ T7426] __sys_socket+0x1c0/0x260 [ 204.978813][ T7426] ? __pfx___sys_socket+0x10/0x10 [ 204.978866][ T7426] ? xfd_validate_state+0x61/0x180 [ 204.978913][ T7426] ? __pfx_do_writev+0x10/0x10 [ 204.978955][ T7426] __x64_sys_socket+0x72/0xb0 [ 204.979006][ T7426] ? lockdep_hardirqs_on+0x7c/0x110 [ 204.979044][ T7426] do_syscall_64+0xcd/0xfa0 [ 204.979086][ T7426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.979120][ T7426] RIP: 0033:0x7fca1478eec9 [ 204.979147][ T7426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.979185][ T7426] RSP: 002b:00007fca15622038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 204.979217][ T7426] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478eec9 [ 204.979239][ T7426] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 204.979259][ T7426] RBP: 00007fca14811f91 R08: 0000000000000000 R09: 0000000000000000 [ 204.979280][ T7426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.979299][ T7426] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 204.979345][ T7426] syzkaller syzkaller login: [ 207.897495][ T7463] sp0: Synchronizing with TNC [ 208.164079][ T7478] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 208.253567][ T7478] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 208.271233][ T7478] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 208.340022][ T7478] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 syzkaller syzkaller login: [ 209.940852][ T5842] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 211.554857][ T116] smpboot: CPU 1 is now offline [ 211.873486][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.342'. [ 211.929069][ T7515] netlink: 25 bytes leftover after parsing attributes in process `syz.3.342'. [ 212.991562][ T7558] ptp ptp0: only physical clock in use now [ 213.723656][ T5842] block nbd6: Receive control failed (result -107) [ 214.879075][ T7587] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 syzkaller syzkaller login: [ 215.598175][ T7598] random: crng reseeded on system resumption [ 215.667153][ T7584] __vm_enough_memory: pid: 7584, comm: syz.2.351, bytes: 4398046511104 not enough memory for the allocation [ 216.573317][ T7613] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 216.913191][ T7609] netlink: 28 bytes leftover after parsing attributes in process `syz.2.359'. [ 217.241246][ T7609] ipvlan0: entered promiscuous mode [ 217.247903][ T7609] ipvlan0: entered allmulticast mode [ 217.370001][ T7609] veth0_vlan: entered allmulticast mode [ 218.881272][ T7647] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 219.727865][ T7659] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 syzkaller syzkaller login: [ 220.605124][ T7671] netlink: 8 bytes leftover after parsing attributes in process `syz.0.373'. [ 222.978063][ T7700] ptp ptp0: only physical clock in use now [ 224.204620][ T7714] random: crng reseeded on system resumption syzkaller syzkaller login: [ 225.623586][ T7747] netlink: 8 bytes leftover after parsing attributes in process `syz.2.387'. [ 226.181052][ T7754] sd 0:0:1:0: PR command failed: 1026 [ 226.252869][ T7754] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 226.401333][ T7754] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 227.414909][ T7780] netlink: 'syz.3.392': attribute type 1 has an invalid length. [ 228.266996][ T7789] netlink: 8 bytes leftover after parsing attributes in process `syz.3.394'. [ 228.582350][ T7764] Bluetooth: hci3: command 0x0406 tx timeout [ 229.357109][ T7815] netlink: 8 bytes leftover after parsing attributes in process `syz.3.399'. [ 229.693086][ T7821] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 230.926797][ T7838] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 232.409750][ T7860] netlink: zone id is out of range [ 232.424929][ T7830] Bluetooth: hci0: command 0x0406 tx timeout [ 232.431989][ T7829] Bluetooth: hci2: command 0x0406 tx timeout [ 232.438026][ T7829] Bluetooth: hci1: command 0x0406 tx timeout [ 232.558579][ T7860] netlink: zone id is out of range [ 232.650201][ T7860] netlink: zone id is out of range [ 232.650226][ T7860] netlink: zone id is out of range [ 232.650235][ T7860] netlink: zone id is out of range [ 232.650243][ T7860] netlink: zone id is out of range [ 232.650252][ T7860] netlink: zone id is out of range [ 232.650260][ T7860] netlink: zone id is out of range [ 232.650269][ T7860] netlink: zone id is out of range [ 232.650277][ T7860] netlink: zone id is out of range [ 233.581217][ T7877] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 234.980412][ T7902] netlink: 64 bytes leftover after parsing attributes in process `syz.0.417'. [ 238.859281][ T7940] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 239.160704][ T7932] zswap: compressor not available [ 242.515510][ T7977] mkiss: ax0: crc mode is auto. [ 243.247167][ T7985] could not allocate digest TFM handle [ 246.745526][ T30] audit: type=1804 audit(1760202871.475:6): pid=8049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.445" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1065 res=1 errno=0 [ 246.781283][ T8050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'. [ 246.813526][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.445'. [ 246.966871][ T30] audit: type=1804 audit(1760202871.705:7): pid=8037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.442" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1065 res=1 errno=0 [ 249.432031][ T8078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.450'. [ 249.962443][ T8077] netlink: 28 bytes leftover after parsing attributes in process `syz.2.449'. [ 250.905370][ T8077] team0 (unregistering): Port device team_slave_0 removed [ 250.944479][ T8077] team0 (unregistering): Port device team_slave_1 removed [ 251.013934][ T7746] block nbd7: Receive control failed (result -107) [ 252.735355][ T8128] ptp ptp0: only physical clock in use now [ 254.068886][ T8148] ceph: Failed to parse sending metrics switch value 'P^' [ 254.685393][ T8156] net_ratelimit: 80 callbacks suppressed [ 254.685412][ T8156] netlink: zone id is out of range [ 254.778145][ T8159] netlink: 342 bytes leftover after parsing attributes in process `syz.3.470'. [ 254.845675][ T8159] netlink: 342 bytes leftover after parsing attributes in process `syz.3.470'. [ 254.856013][ T8156] netlink: zone id is out of range [ 254.913326][ T8156] netlink: zone id is out of range [ 255.005150][ T8156] netlink: zone id is out of range [ 255.120600][ T8156] netlink: zone id is out of range [ 255.300425][ T8156] netlink: zone id is out of range [ 255.330967][ T8156] netlink: zone id is out of range [ 255.387920][ T8156] netlink: zone id is out of range [ 255.470857][ T8156] netlink: zone id is out of range [ 255.549082][ T8156] netlink: zone id is out of range syzkaller syzkaller login: [ 258.023655][ T8196] netlink: 4 bytes leftover after parsing attributes in process `syz.2.482'. [ 260.161525][ T8226] FAULT_INJECTION: forcing a failure. [ 260.161525][ T8226] name failslab, interval 1, probability 0, space 0, times 0 [ 260.216208][ T8226] CPU: 0 UID: 0 PID: 8226 Comm: syz.2.491 Not tainted syzkaller #0 PREEMPT(full) [ 260.216239][ T8226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 260.216253][ T8226] Call Trace: [ 260.216260][ T8226] [ 260.216269][ T8226] dump_stack_lvl+0x16c/0x1f0 [ 260.216302][ T8226] should_fail_ex+0x512/0x640 [ 260.216331][ T8226] ? __kmalloc_noprof+0xca/0x880 [ 260.216373][ T8226] should_failslab+0xc2/0x120 [ 260.216413][ T8226] __kmalloc_noprof+0xdd/0x880 [ 260.216451][ T8226] ? __register_sysctl_table+0xb3/0x1900 [ 260.216493][ T8226] ? __register_sysctl_table+0xb3/0x1900 [ 260.216528][ T8226] __register_sysctl_table+0xb3/0x1900 [ 260.216564][ T8226] ? is_module_address+0x5f/0xf0 [ 260.216603][ T8226] ? __pfx___register_sysctl_table+0x10/0x10 [ 260.216638][ T8226] ? is_module_address+0x69/0xf0 [ 260.216670][ T8226] ? register_net_sysctl_sz+0x228/0x3e0 [ 260.216706][ T8226] ? __asan_memcpy+0x3c/0x60 [ 260.216733][ T8226] xfrm4_net_init+0xf0/0x1c0 [ 260.216772][ T8226] ? __pfx_xfrm4_net_init+0x10/0x10 [ 260.216809][ T8226] ops_init+0x1e2/0x5f0 [ 260.216842][ T8226] setup_net+0x100/0x390 [ 260.216871][ T8226] ? __pfx_setup_net+0x10/0x10 [ 260.216901][ T8226] ? debug_mutex_init+0x37/0x70 [ 260.216929][ T8226] copy_net_ns+0x2f8/0x690 [ 260.216964][ T8226] create_new_namespaces+0x3ea/0xa90 [ 260.216999][ T8226] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 260.217029][ T8226] ksys_unshare+0x45b/0xa40 [ 260.217061][ T8226] ? __pfx_ksys_unshare+0x10/0x10 [ 260.217095][ T8226] ? xfd_validate_state+0x61/0x180 [ 260.217138][ T8226] __x64_sys_unshare+0x31/0x40 [ 260.217169][ T8226] do_syscall_64+0xcd/0xfa0 [ 260.217198][ T8226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.217222][ T8226] RIP: 0033:0x7f081a78eec9 [ 260.217241][ T8226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.217263][ T8226] RSP: 002b:00007f081b6e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 260.217285][ T8226] RAX: ffffffffffffffda RBX: 00007f081a9e6090 RCX: 00007f081a78eec9 [ 260.217300][ T8226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 260.217314][ T8226] RBP: 00007f081a811f91 R08: 0000000000000000 R09: 0000000000000000 [ 260.217328][ T8226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.217342][ T8226] R13: 00007f081a9e6128 R14: 00007f081a9e6090 R15: 00007ffde5864f68 [ 260.217374][ T8226] [ 260.460430][ C0] vkms_vblank_simulate: vblank timer overrun [ 262.264201][ T8247] net_ratelimit: 35 callbacks suppressed [ 262.264220][ T8247] netlink: zone id is out of range [ 262.328687][ T8247] netlink: zone id is out of range [ 262.371327][ T8247] netlink: zone id is out of range [ 262.377733][ T8247] netlink: zone id is out of range [ 262.471703][ T8247] netlink: zone id is out of range [ 262.554791][ T8254] netlink: 342 bytes leftover after parsing attributes in process `syz.2.499'. [ 262.564345][ T8247] netlink: zone id is out of range [ 262.609316][ T8247] netlink: zone id is out of range [ 262.614930][ T8254] netlink: 342 bytes leftover after parsing attributes in process `syz.2.499'. [ 262.635130][ T8247] netlink: zone id is out of range [ 262.650639][ T8247] netlink: zone id is out of range [ 262.656709][ T8247] netlink: zone id is out of range [ 263.294656][ T8264] queue_state_write: unsupported operation '' [ 263.320159][ T8264] queue_state_write: use 'run', 'start' or 'kick' [ 264.311797][ T8278] ptp ptp0: only physical clock in use now [ 264.994346][ T8293] FAULT_INJECTION: forcing a failure. [ 264.994346][ T8293] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 265.076933][ T8293] CPU: 0 UID: 0 PID: 8293 Comm: syz.0.509 Not tainted syzkaller #0 PREEMPT(full) [ 265.076964][ T8293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 265.076977][ T8293] Call Trace: [ 265.076984][ T8293] [ 265.076993][ T8293] dump_stack_lvl+0x16c/0x1f0 [ 265.077023][ T8293] should_fail_ex+0x512/0x640 [ 265.077057][ T8293] _copy_to_iter+0x29f/0x1710 [ 265.077103][ T8293] ? __pfx__copy_to_iter+0x10/0x10 [ 265.077135][ T8293] ? __lock_acquire+0xb97/0x1ce0 [ 265.077178][ T8293] signalfd_copyinfo+0x1b4/0x770 [ 265.077207][ T8293] ? __pfx_signalfd_copyinfo+0x10/0x10 [ 265.077248][ T8293] ? rcu_is_watching+0x12/0xc0 [ 265.077272][ T8293] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 265.077300][ T8293] signalfd_read_iter+0x371/0x7c0 [ 265.077336][ T8293] ? __pfx_signalfd_read_iter+0x10/0x10 [ 265.077368][ T8293] ? __pfx_default_wake_function+0x10/0x10 [ 265.077401][ T8293] ? bpf_lsm_file_permission+0x9/0x10 [ 265.077428][ T8293] ? security_file_permission+0x71/0x210 [ 265.077452][ T8293] ? rw_verify_area+0xcf/0x6c0 [ 265.077476][ T8293] vfs_read+0x8bc/0xcf0 [ 265.077506][ T8293] ? __pfx_vfs_read+0x10/0x10 [ 265.077527][ T8293] ? find_held_lock+0x2b/0x80 [ 265.077570][ T8293] ksys_read+0x12a/0x250 [ 265.077594][ T8293] ? __pfx_ksys_read+0x10/0x10 [ 265.077627][ T8293] do_syscall_64+0xcd/0xfa0 [ 265.077656][ T8293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.077679][ T8293] RIP: 0033:0x7fca1478eec9 [ 265.077697][ T8293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.077719][ T8293] RSP: 002b:00007fca15622038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 265.077740][ T8293] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478eec9 [ 265.077755][ T8293] RDX: 0000080000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 265.077768][ T8293] RBP: 00007fca15622090 R08: 0000000000000000 R09: 0000000000000000 [ 265.077782][ T8293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.077795][ T8293] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 265.077826][ T8293] [ 265.291267][ C0] vkms_vblank_simulate: vblank timer overrun [ 265.549320][ T8282] sp0: Synchronizing with TNC [ 266.185407][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.192948][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.775998][ T8321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.512'. [ 266.812736][ T8323] ptp ptp0: only physical clock in use now [ 267.122266][ T8328] FAULT_INJECTION: forcing a failure. [ 267.122266][ T8328] name failslab, interval 1, probability 0, space 0, times 0 [ 267.165441][ T8328] CPU: 0 UID: 0 PID: 8328 Comm: syz.2.515 Not tainted syzkaller #0 PREEMPT(full) [ 267.165472][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 267.165485][ T8328] Call Trace: [ 267.165492][ T8328] [ 267.165501][ T8328] dump_stack_lvl+0x16c/0x1f0 [ 267.165532][ T8328] should_fail_ex+0x512/0x640 [ 267.165561][ T8328] ? __kmalloc_noprof+0xca/0x880 [ 267.165600][ T8328] should_failslab+0xc2/0x120 [ 267.165631][ T8328] __kmalloc_noprof+0xdd/0x880 [ 267.165668][ T8328] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 267.165711][ T8328] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 267.165748][ T8328] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 267.165791][ T8328] genl_start+0x18f/0x980 [ 267.165827][ T8328] __netlink_dump_start+0x60e/0x990 [ 267.165871][ T8328] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 267.165907][ T8328] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 267.165951][ T8328] ? __pfx_genl_get_cmd+0x10/0x10 [ 267.165979][ T8328] ? __pfx_genl_start+0x10/0x10 [ 267.166008][ T8328] ? __pfx_genl_dumpit+0x10/0x10 [ 267.166038][ T8328] ? __pfx_genl_done+0x10/0x10 [ 267.166075][ T8328] ? __radix_tree_lookup+0x21f/0x2c0 [ 267.166102][ T8328] genl_rcv_msg+0x46e/0x800 [ 267.166139][ T8328] ? __pfx_genl_rcv_msg+0x10/0x10 [ 267.166173][ T8328] ? __pfx_tipc_udp_nl_dump_remoteip+0x10/0x10 [ 267.166215][ T8328] netlink_rcv_skb+0x158/0x420 [ 267.166244][ T8328] ? __pfx_genl_rcv_msg+0x10/0x10 [ 267.166279][ T8328] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 267.166321][ T8328] ? netlink_deliver_tap+0x1ae/0xd30 [ 267.166353][ T8328] genl_rcv+0x28/0x40 [ 267.166382][ T8328] netlink_unicast+0x5a7/0x870 [ 267.166416][ T8328] ? __pfx_netlink_unicast+0x10/0x10 [ 267.166461][ T8328] netlink_sendmsg+0x8c8/0xdd0 [ 267.166496][ T8328] ? __pfx_netlink_sendmsg+0x10/0x10 [ 267.166529][ T8328] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 267.166568][ T8328] ____sys_sendmsg+0xa95/0xc70 [ 267.166604][ T8328] ? copy_msghdr_from_user+0x10a/0x160 [ 267.166631][ T8328] ? __pfx_____sys_sendmsg+0x10/0x10 [ 267.166680][ T8328] ___sys_sendmsg+0x134/0x1d0 [ 267.166709][ T8328] ? __pfx____sys_sendmsg+0x10/0x10 [ 267.166776][ T8328] __sys_sendmsg+0x16d/0x220 [ 267.166803][ T8328] ? __pfx___sys_sendmsg+0x10/0x10 [ 267.166856][ T8328] do_syscall_64+0xcd/0xfa0 [ 267.166886][ T8328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.166909][ T8328] RIP: 0033:0x7f081a78eec9 [ 267.166927][ T8328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.166949][ T8328] RSP: 002b:00007f081b707038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 267.166970][ T8328] RAX: ffffffffffffffda RBX: 00007f081a9e5fa0 RCX: 00007f081a78eec9 [ 267.166985][ T8328] RDX: 0000000020000080 RSI: 0000200000002540 RDI: 0000000000000003 [ 267.166999][ T8328] RBP: 00007f081b707090 R08: 0000000000000000 R09: 0000000000000000 [ 267.167012][ T8328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 267.167026][ T8328] R13: 00007f081a9e6038 R14: 00007f081a9e5fa0 R15: 00007ffde5864f68 [ 267.167057][ T8328] [ 267.640541][ T8331] FAULT_INJECTION: forcing a failure. [ 267.640541][ T8331] name fail_futex, interval 1, probability 0, space 0, times 1 [ 267.653509][ T8331] CPU: 0 UID: 0 PID: 8331 Comm: syz.3.517 Not tainted syzkaller #0 PREEMPT(full) [ 267.653540][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 267.653554][ T8331] Call Trace: [ 267.653562][ T8331] [ 267.653571][ T8331] dump_stack_lvl+0x16c/0x1f0 [ 267.653602][ T8331] should_fail_ex+0x512/0x640 [ 267.653637][ T8331] get_futex_key+0x1d0/0x1560 [ 267.653672][ T8331] ? __pfx_get_futex_key+0x10/0x10 [ 267.653705][ T8331] ? __lock_acquire+0x62e/0x1ce0 [ 267.653744][ T8331] futex_wake+0xea/0x530 [ 267.653779][ T8331] ? futex_wait+0x120/0x380 [ 267.653819][ T8331] ? __pfx_futex_wake+0x10/0x10 [ 267.653866][ T8331] ? __fget_files+0x204/0x3c0 [ 267.653897][ T8331] do_futex+0x1e3/0x350 [ 267.653930][ T8331] ? __pfx_do_futex+0x10/0x10 [ 267.653962][ T8331] ? fdget+0x187/0x210 [ 267.653989][ T8331] ? __sys_sendmsg+0x18c/0x220 [ 267.654020][ T8331] __x64_sys_futex+0x1e0/0x4c0 [ 267.654057][ T8331] ? __pfx___x64_sys_futex+0x10/0x10 [ 267.654102][ T8331] do_syscall_64+0xcd/0xfa0 [ 267.654133][ T8331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.654156][ T8331] RIP: 0033:0x7f6356d8eec9 [ 267.654174][ T8331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.654197][ T8331] RSP: 002b:00007f6357c220e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 267.654219][ T8331] RAX: ffffffffffffffda RBX: 00007f6356fe5fa8 RCX: 00007f6356d8eec9 [ 267.654234][ T8331] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6356fe5fac [ 267.654248][ T8331] RBP: 00007f6356fe5fa0 R08: 00007f6357c23000 R09: 0000000000000000 [ 267.654262][ T8331] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 267.654276][ T8331] R13: 00007f6356fe6038 R14: 00007ffc914b9d90 R15: 00007ffc914b9e78 [ 267.654308][ T8331] [ 268.874233][ T8351] net_ratelimit: 80 callbacks suppressed [ 268.874251][ T8351] netlink: zone id is out of range [ 268.944079][ T8351] netlink: zone id is out of range [ 268.998403][ T8351] netlink: zone id is out of range [ 269.049574][ T8351] netlink: zone id is out of range [ 269.079226][ T8351] netlink: zone id is out of range [ 269.120869][ T8351] netlink: zone id is out of range [ 269.152166][ T8351] netlink: zone id is out of range [ 269.186768][ T8351] netlink: zone id is out of range [ 269.225561][ T8351] netlink: zone id is out of range [ 269.283781][ T8351] netlink: zone id is out of range [ 269.290129][ T8357] netlink: 342 bytes leftover after parsing attributes in process `syz.2.524'. [ 269.332212][ T8357] netlink: 342 bytes leftover after parsing attributes in process `syz.2.524'. [ 269.516104][ T8362] FAULT_INJECTION: forcing a failure. [ 269.516104][ T8362] name failslab, interval 1, probability 0, space 0, times 0 [ 269.568543][ T8362] CPU: 0 UID: 0 PID: 8362 Comm: syz.0.526 Not tainted syzkaller #0 PREEMPT(full) [ 269.568576][ T8362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 269.568589][ T8362] Call Trace: [ 269.568597][ T8362] [ 269.568605][ T8362] dump_stack_lvl+0x16c/0x1f0 [ 269.568637][ T8362] should_fail_ex+0x512/0x640 [ 269.568704][ T8362] ? __kmalloc_cache_noprof+0x5f/0x780 [ 269.568747][ T8362] should_failslab+0xc2/0x120 [ 269.568779][ T8362] __kmalloc_cache_noprof+0x72/0x780 [ 269.568819][ T8362] ? trace_pid_list_alloc+0x27c/0x3f0 [ 269.568859][ T8362] ? trace_pid_list_alloc+0x27c/0x3f0 [ 269.568893][ T8362] trace_pid_list_alloc+0x27c/0x3f0 [ 269.568933][ T8362] trace_pid_write+0x10c/0x4b0 [ 269.568959][ T8362] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 269.568990][ T8362] ? __pfx_trace_pid_write+0x10/0x10 [ 269.569013][ T8362] ? __pfx___mutex_lock+0x10/0x10 [ 269.569041][ T8362] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 269.569072][ T8362] ? update_last_data+0xb3/0x510 [ 269.569119][ T8362] event_pid_write.isra.0+0x3f7/0x7f0 [ 269.569159][ T8362] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 269.569206][ T8362] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 269.569242][ T8362] vfs_writev+0x5dc/0xde0 [ 269.569274][ T8362] ? __pfx_vfs_writev+0x10/0x10 [ 269.569295][ T8362] ? __mutex_lock+0x1c5/0x1060 [ 269.569333][ T8362] ? __pfx___mutex_lock+0x10/0x10 [ 269.569373][ T8362] ? __fget_files+0x20e/0x3c0 [ 269.569404][ T8362] ? do_writev+0x132/0x340 [ 269.569425][ T8362] do_writev+0x132/0x340 [ 269.569447][ T8362] ? __pfx_do_writev+0x10/0x10 [ 269.569480][ T8362] do_syscall_64+0xcd/0xfa0 [ 269.569514][ T8362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.569537][ T8362] RIP: 0033:0x7fca1478eec9 [ 269.569555][ T8362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.569578][ T8362] RSP: 002b:00007fca15622038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 269.569599][ T8362] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478eec9 [ 269.569614][ T8362] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 269.569628][ T8362] RBP: 00007fca14811f91 R08: 0000000000000000 R09: 0000000000000000 [ 269.569642][ T8362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.569660][ T8362] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 269.569693][ T8362] [ 269.946549][ T8366] FAULT_INJECTION: forcing a failure. [ 269.946549][ T8366] name failslab, interval 1, probability 0, space 0, times 0 [ 269.959365][ T8366] CPU: 0 UID: 0 PID: 8366 Comm: syz.1.528 Not tainted syzkaller #0 PREEMPT(full) [ 269.959393][ T8366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 269.959406][ T8366] Call Trace: [ 269.959414][ T8366] [ 269.959422][ T8366] dump_stack_lvl+0x16c/0x1f0 [ 269.959453][ T8366] should_fail_ex+0x512/0x640 [ 269.959479][ T8366] ? __kmalloc_cache_noprof+0x5f/0x780 [ 269.959519][ T8366] should_failslab+0xc2/0x120 [ 269.959550][ T8366] __kmalloc_cache_noprof+0x72/0x780 [ 269.959588][ T8366] ? genl_start+0x1e8/0x980 [ 269.959626][ T8366] ? genl_start+0x1e8/0x980 [ 269.959655][ T8366] genl_start+0x1e8/0x980 [ 269.959691][ T8366] __netlink_dump_start+0x60e/0x990 [ 269.959729][ T8366] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 269.959766][ T8366] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 269.959809][ T8366] ? __pfx_genl_get_cmd+0x10/0x10 [ 269.959837][ T8366] ? __pfx_genl_start+0x10/0x10 [ 269.959866][ T8366] ? __pfx_genl_dumpit+0x10/0x10 [ 269.959896][ T8366] ? __pfx_genl_done+0x10/0x10 [ 269.959932][ T8366] ? __radix_tree_lookup+0x21f/0x2c0 [ 269.959959][ T8366] genl_rcv_msg+0x46e/0x800 [ 269.959996][ T8366] ? __pfx_genl_rcv_msg+0x10/0x10 [ 269.960031][ T8366] ? __pfx_tipc_udp_nl_dump_remoteip+0x10/0x10 [ 269.960072][ T8366] netlink_rcv_skb+0x158/0x420 [ 269.960101][ T8366] ? __pfx_genl_rcv_msg+0x10/0x10 [ 269.960135][ T8366] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 269.960178][ T8366] ? netlink_deliver_tap+0x1ae/0xd30 [ 269.960210][ T8366] genl_rcv+0x28/0x40 [ 269.960238][ T8366] netlink_unicast+0x5a7/0x870 [ 269.960272][ T8366] ? __pfx_netlink_unicast+0x10/0x10 [ 269.960313][ T8366] netlink_sendmsg+0x8c8/0xdd0 [ 269.960347][ T8366] ? __pfx_netlink_sendmsg+0x10/0x10 [ 269.960380][ T8366] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 269.960418][ T8366] ____sys_sendmsg+0xa95/0xc70 [ 269.960466][ T8366] ? copy_msghdr_from_user+0x10a/0x160 [ 269.960493][ T8366] ? __pfx_____sys_sendmsg+0x10/0x10 [ 269.960543][ T8366] ___sys_sendmsg+0x134/0x1d0 [ 269.960571][ T8366] ? __pfx____sys_sendmsg+0x10/0x10 [ 269.960638][ T8366] __sys_sendmsg+0x16d/0x220 [ 269.960665][ T8366] ? __pfx___sys_sendmsg+0x10/0x10 [ 269.960724][ T8366] do_syscall_64+0xcd/0xfa0 [ 269.960753][ T8366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.960776][ T8366] RIP: 0033:0x7ff6f678eec9 [ 269.960794][ T8366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.960816][ T8366] RSP: 002b:00007ff6f7550038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 269.960837][ T8366] RAX: ffffffffffffffda RBX: 00007ff6f69e5fa0 RCX: 00007ff6f678eec9 [ 269.960851][ T8366] RDX: 0000000020000080 RSI: 0000200000002540 RDI: 0000000000000003 [ 269.960865][ T8366] RBP: 00007ff6f7550090 R08: 0000000000000000 R09: 0000000000000000 [ 269.960879][ T8366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.960892][ T8366] R13: 00007ff6f69e6038 R14: 00007ff6f69e5fa0 R15: 00007ffe9b57c0b8 [ 269.960923][ T8366] [ 270.341074][ T8369] ptp ptp0: only physical clock in use now [ 270.558646][ T8379] futex_wake_op: syz.2.531 tries to shift op by -2048; fix this program [ 271.426067][ T8393] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 272.222328][ T8391] sp0: Synchronizing with TNC [ 272.623280][ T8412] FAULT_INJECTION: forcing a failure. [ 272.623280][ T8412] name failslab, interval 1, probability 0, space 0, times 0 [ 272.711407][ T8412] CPU: 0 UID: 0 PID: 8412 Comm: syz.3.537 Not tainted syzkaller #0 PREEMPT(full) [ 272.711444][ T8412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 272.711457][ T8412] Call Trace: [ 272.711465][ T8412] [ 272.711473][ T8412] dump_stack_lvl+0x16c/0x1f0 [ 272.711504][ T8412] should_fail_ex+0x512/0x640 [ 272.711532][ T8412] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 272.711558][ T8412] should_failslab+0xc2/0x120 [ 272.711589][ T8412] kmem_cache_alloc_noprof+0x75/0x6e0 [ 272.711612][ T8412] ? security_file_alloc+0x34/0x2b0 [ 272.711640][ T8412] ? security_file_alloc+0x34/0x2b0 [ 272.711661][ T8412] security_file_alloc+0x34/0x2b0 [ 272.711683][ T8412] init_file+0x93/0x4c0 [ 272.711715][ T8412] alloc_empty_file+0x73/0x1e0 [ 272.711749][ T8412] path_openat+0xda/0x2cb0 [ 272.711783][ T8412] ? __pfx_path_openat+0x10/0x10 [ 272.711816][ T8412] do_filp_open+0x20b/0x470 [ 272.711842][ T8412] ? __pfx_do_filp_open+0x10/0x10 [ 272.711888][ T8412] ? alloc_fd+0x471/0x7d0 [ 272.711919][ T8412] do_sys_openat2+0x11b/0x1d0 [ 272.711953][ T8412] ? __pfx_do_sys_openat2+0x10/0x10 [ 272.711990][ T8412] ? __fget_files+0x20e/0x3c0 [ 272.712018][ T8412] __x64_sys_openat+0x174/0x210 [ 272.712052][ T8412] ? __pfx___x64_sys_openat+0x10/0x10 [ 272.712085][ T8412] ? ksys_write+0x1ac/0x250 [ 272.712120][ T8412] do_syscall_64+0xcd/0xfa0 [ 272.712148][ T8412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.712171][ T8412] RIP: 0033:0x7f6356d8eec9 [ 272.712189][ T8412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.712211][ T8412] RSP: 002b:00007f6357bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 272.712232][ T8412] RAX: ffffffffffffffda RBX: 00007f6356fe6270 RCX: 00007f6356d8eec9 [ 272.712247][ T8412] RDX: 00000000000a0241 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 272.712261][ T8412] RBP: 00007f6357bbf090 R08: 0000000000000000 R09: 0000000000000000 [ 272.712274][ T8412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.712287][ T8412] R13: 00007f6356fe6308 R14: 00007f6356fe6270 R15: 00007ffc914b9e78 [ 272.712318][ T8412] [ 272.933310][ C0] vkms_vblank_simulate: vblank timer overrun [ 273.170644][ T8408] sp0: Synchronizing with TNC [ 274.662504][ T8438] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 275.063007][ T8449] ptp ptp0: only physical clock in use now syzkaller syzkaller login: [ 276.541065][ T8474] FAULT_INJECTION: forcing a failure. [ 276.541065][ T8474] name failslab, interval 1, probability 0, space 0, times 0 [ 276.637932][ T8474] CPU: 0 UID: 0 PID: 8474 Comm: syz.1.555 Not tainted syzkaller #0 PREEMPT(full) [ 276.637963][ T8474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 276.637977][ T8474] Call Trace: [ 276.637984][ T8474] [ 276.637993][ T8474] dump_stack_lvl+0x16c/0x1f0 [ 276.638025][ T8474] should_fail_ex+0x512/0x640 [ 276.638053][ T8474] ? __kmalloc_noprof+0xca/0x880 [ 276.638092][ T8474] should_failslab+0xc2/0x120 [ 276.638123][ T8474] __kmalloc_noprof+0xdd/0x880 [ 276.638168][ T8474] ? alloc_pipe_info+0x1ec/0x590 [ 276.638200][ T8474] ? alloc_pipe_info+0x1ec/0x590 [ 276.638225][ T8474] alloc_pipe_info+0x1ec/0x590 [ 276.638255][ T8474] splice_direct_to_actor+0x77d/0xa30 [ 276.638297][ T8474] ? __lock_acquire+0x62e/0x1ce0 [ 276.638327][ T8474] ? __pfx_direct_splice_actor+0x10/0x10 [ 276.638350][ T8474] ? __pfx_aa_file_perm+0x10/0x10 [ 276.638377][ T8474] ? find_held_lock+0x2b/0x80 [ 276.638400][ T8474] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 276.638437][ T8474] ? get_pid_task+0xfc/0x250 [ 276.638477][ T8474] do_splice_direct+0x174/0x240 [ 276.638499][ T8474] ? __pfx_do_splice_direct+0x10/0x10 [ 276.638522][ T8474] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 276.638565][ T8474] ? rw_verify_area+0xcf/0x6c0 [ 276.638589][ T8474] do_sendfile+0xb06/0xe50 [ 276.638617][ T8474] ? __pfx_do_sendfile+0x10/0x10 [ 276.638641][ T8474] ? __fget_files+0x20e/0x3c0 [ 276.638671][ T8474] __x64_sys_sendfile64+0x1d8/0x220 [ 276.638700][ T8474] ? ksys_write+0x1ac/0x250 [ 276.638724][ T8474] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 276.638764][ T8474] do_syscall_64+0xcd/0xfa0 [ 276.638793][ T8474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.638816][ T8474] RIP: 0033:0x7ff6f678eec9 [ 276.638835][ T8474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.638857][ T8474] RSP: 002b:00007ff6f7550038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 276.638878][ T8474] RAX: ffffffffffffffda RBX: 00007ff6f69e5fa0 RCX: 00007ff6f678eec9 [ 276.638892][ T8474] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 276.638905][ T8474] RBP: 00007ff6f7550090 R08: 0000000000000000 R09: 0000000000000000 [ 276.638919][ T8474] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001 [ 276.638932][ T8474] R13: 00007ff6f69e6038 R14: 00007ff6f69e5fa0 R15: 00007ffe9b57c0b8 [ 276.638963][ T8474] [ 277.260986][ T8477] FAULT_INJECTION: forcing a failure. [ 277.260986][ T8477] name failslab, interval 1, probability 0, space 0, times 0 [ 277.320560][ T8477] CPU: 0 UID: 0 PID: 8477 Comm: syz.2.557 Not tainted syzkaller #0 PREEMPT(full) [ 277.320590][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 277.320602][ T8477] Call Trace: [ 277.320610][ T8477] [ 277.320619][ T8477] dump_stack_lvl+0x16c/0x1f0 [ 277.320651][ T8477] should_fail_ex+0x512/0x640 [ 277.320679][ T8477] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 277.320708][ T8477] should_failslab+0xc2/0x120 [ 277.320740][ T8477] __kvmalloc_node_noprof+0x141/0x9c0 [ 277.320769][ T8477] ? traverse.part.0.constprop.0+0x397/0x650 [ 277.320814][ T8477] ? traverse.part.0.constprop.0+0x397/0x650 [ 277.320849][ T8477] traverse.part.0.constprop.0+0x397/0x650 [ 277.320895][ T8477] seq_read_iter+0x93c/0x12d0 [ 277.320944][ T8477] seq_read+0x3a3/0x570 [ 277.320979][ T8477] ? __pfx_seq_read+0x10/0x10 [ 277.321021][ T8477] ? get_pid_task+0xfc/0x250 [ 277.321065][ T8477] ? __pfx_seq_read+0x10/0x10 [ 277.321099][ T8477] proc_reg_read+0x23d/0x330 [ 277.321131][ T8477] ? __pfx_proc_reg_read+0x10/0x10 [ 277.321169][ T8477] vfs_read+0x1e1/0xcf0 [ 277.321199][ T8477] ? __pfx_vfs_read+0x10/0x10 [ 277.321221][ T8477] ? find_held_lock+0x2b/0x80 [ 277.321245][ T8477] ? __fget_files+0x204/0x3c0 [ 277.321273][ T8477] ? __fget_files+0x20e/0x3c0 [ 277.321292][ T8477] ? __fget_files+0x170/0x3c0 [ 277.321322][ T8477] __x64_sys_pread64+0x1eb/0x250 [ 277.321349][ T8477] ? __pfx___x64_sys_pread64+0x10/0x10 [ 277.321385][ T8477] do_syscall_64+0xcd/0xfa0 [ 277.321414][ T8477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.321437][ T8477] RIP: 0033:0x7f081a78eec9 [ 277.321455][ T8477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.321476][ T8477] RSP: 002b:00007f081b707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 277.321498][ T8477] RAX: ffffffffffffffda RBX: 00007f081a9e5fa0 RCX: 00007f081a78eec9 [ 277.321513][ T8477] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000003 [ 277.321526][ T8477] RBP: 00007f081b707090 R08: 0000000000000000 R09: 0000000000000000 [ 277.321539][ T8477] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 277.321552][ T8477] R13: 00007f081a9e6038 R14: 00007f081a9e5fa0 R15: 00007ffde5864f68 [ 277.321584][ T8477] [ 278.506694][ T8488] sp0: Synchronizing with TNC [ 278.681260][ T8499] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 syzkaller syzkaller login: [ 280.753107][ T8524] FAULT_INJECTION: forcing a failure. [ 280.753107][ T8524] name failslab, interval 1, probability 0, space 0, times 0 [ 280.835872][ T8524] CPU: 0 UID: 0 PID: 8524 Comm: syz.0.568 Not tainted syzkaller #0 PREEMPT(full) [ 280.835910][ T8524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 280.835923][ T8524] Call Trace: [ 280.835930][ T8524] [ 280.835938][ T8524] dump_stack_lvl+0x16c/0x1f0 [ 280.835970][ T8524] should_fail_ex+0x512/0x640 [ 280.835998][ T8524] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 280.836029][ T8524] should_failslab+0xc2/0x120 [ 280.836059][ T8524] __kmalloc_node_noprof+0xe0/0x8a0 [ 280.836084][ T8524] ? lockdep_init_map_type+0x5c/0x280 [ 280.836117][ T8524] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 280.836148][ T8524] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 280.836172][ T8524] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 280.836198][ T8524] ? __pfx_idr_alloc+0x10/0x10 [ 280.836229][ T8524] loop_add+0x3b2/0xb70 [ 280.836283][ T8524] ? __pfx_loop_add+0x10/0x10 [ 280.836337][ T8524] ? find_held_lock+0x2b/0x80 [ 280.836365][ T8524] loop_control_ioctl+0x13e/0x630 [ 280.836400][ T8524] ? __pfx_loop_control_ioctl+0x10/0x10 [ 280.836439][ T8524] ? __pfx_loop_control_ioctl+0x10/0x10 [ 280.836475][ T8524] __x64_sys_ioctl+0x18b/0x210 [ 280.836513][ T8524] do_syscall_64+0xcd/0xfa0 [ 280.836542][ T8524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.836565][ T8524] RIP: 0033:0x7fca1478eec9 [ 280.836583][ T8524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.836605][ T8524] RSP: 002b:00007fca15622038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 280.836627][ T8524] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478eec9 [ 280.836642][ T8524] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 280.836656][ T8524] RBP: 00007fca14811f91 R08: 0000000000000000 R09: 0000000000000000 [ 280.836670][ T8524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.836684][ T8524] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 280.836715][ T8524] [ 281.037011][ C0] vkms_vblank_simulate: vblank timer overrun [ 281.704755][ T8540] ptp ptp0: only physical clock in use now [ 281.711779][ T8541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.572'. [ 281.854086][ T8543] FAULT_INJECTION: forcing a failure. [ 281.854086][ T8543] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 282.003370][ T8543] CPU: 0 UID: 0 PID: 8543 Comm: syz.0.571 Not tainted syzkaller #0 PREEMPT(full) [ 282.003401][ T8543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 282.003415][ T8543] Call Trace: [ 282.003422][ T8543] [ 282.003430][ T8543] dump_stack_lvl+0x16c/0x1f0 [ 282.003462][ T8543] should_fail_ex+0x512/0x640 [ 282.003494][ T8543] _copy_to_user+0x32/0xd0 [ 282.003528][ T8543] simple_read_from_buffer+0xcb/0x170 [ 282.003568][ T8543] proc_fail_nth_read+0x197/0x240 [ 282.003594][ T8543] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 282.003620][ T8543] ? rw_verify_area+0xcf/0x6c0 [ 282.003641][ T8543] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 282.003665][ T8543] vfs_read+0x1e1/0xcf0 [ 282.003694][ T8543] ? __pfx___mutex_lock+0x10/0x10 [ 282.003722][ T8543] ? __pfx_vfs_read+0x10/0x10 [ 282.003755][ T8543] ? __fget_files+0x20e/0x3c0 [ 282.003796][ T8543] ksys_read+0x12a/0x250 [ 282.003820][ T8543] ? __pfx_ksys_read+0x10/0x10 [ 282.003853][ T8543] do_syscall_64+0xcd/0xfa0 [ 282.003882][ T8543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.003905][ T8543] RIP: 0033:0x7fca1478d8dc [ 282.003923][ T8543] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 282.003945][ T8543] RSP: 002b:00007fca155bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 282.003965][ T8543] RAX: ffffffffffffffda RBX: 00007fca149e6270 RCX: 00007fca1478d8dc [ 282.003981][ T8543] RDX: 000000000000000f RSI: 00007fca155bf0a0 RDI: 000000000000000c [ 282.003994][ T8543] RBP: 00007fca155bf090 R08: 0000000000000000 R09: 0000000000000000 [ 282.004007][ T8543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 282.004020][ T8543] R13: 00007fca149e6308 R14: 00007fca149e6270 R15: 00007ffc3f4de778 [ 282.004052][ T8543] [ 282.189497][ C0] vkms_vblank_simulate: vblank timer overrun [ 282.936077][ T8551] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 285.739728][ T8580] WARNING! power/level is deprecated; use power/control instead [ 285.897058][ T8585] net_ratelimit: 35 callbacks suppressed [ 285.897076][ T8585] netlink: zone id is out of range [ 285.984163][ T8585] netlink: zone id is out of range [ 286.024706][ T8585] netlink: zone id is out of range [ 286.060727][ T8585] netlink: zone id is out of range [ 286.120930][ T8585] netlink: zone id is out of range [ 286.161340][ T8585] netlink: zone id is out of range [ 286.170981][ T8585] netlink: zone id is out of range [ 286.210745][ T8585] netlink: zone id is out of range [ 286.216070][ T8585] netlink: zone id is out of range [ 286.243834][ T8585] netlink: zone id is out of range [ 286.385632][ T8591] netlink: 8 bytes leftover after parsing attributes in process `syz.2.587'. [ 287.382755][ T8604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.590'. [ 290.480827][ T8626] sp0: Synchronizing with TNC syzkaller syzkaller login: [ 292.158705][ T8656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.599'. syzkaller syzkaller login: [ 296.625870][ T8734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.615'. [ 296.934974][ T8741] ptp ptp0: only physical clock in use now [ 298.687105][ T8762] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 299.434070][ T8772] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 299.936616][ T8777] net_ratelimit: 35 callbacks suppressed [ 299.936635][ T8777] netlink: zone id is out of range [ 300.000257][ T8777] netlink: zone id is out of range [ 300.030771][ T8777] netlink: zone id is out of range [ 300.056739][ T8777] netlink: zone id is out of range [ 300.092912][ T8777] netlink: zone id is out of range [ 300.153397][ T8777] netlink: zone id is out of range [ 300.187208][ T8777] netlink: zone id is out of range [ 300.228943][ T8777] netlink: zone id is out of range [ 300.254350][ T8777] netlink: zone id is out of range [ 300.268023][ T8785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'. [ 300.283253][ T8777] netlink: zone id is out of range [ 301.721325][ T8806] netlink: 8 bytes leftover after parsing attributes in process `syz.0.637'. [ 303.549989][ T8822] FAULT_INJECTION: forcing a failure. [ 303.549989][ T8822] name failslab, interval 1, probability 0, space 0, times 0 [ 303.649197][ T8822] CPU: 0 UID: 0 PID: 8822 Comm: syz.2.640 Not tainted syzkaller #0 PREEMPT(full) [ 303.649236][ T8822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 303.649249][ T8822] Call Trace: [ 303.649258][ T8822] [ 303.649269][ T8822] dump_stack_lvl+0x16c/0x1f0 [ 303.649328][ T8822] should_fail_ex+0x512/0x640 [ 303.649373][ T8822] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 303.649400][ T8822] should_failslab+0xc2/0x120 [ 303.649432][ T8822] kmem_cache_alloc_noprof+0x75/0x6e0 [ 303.649456][ T8822] ? mas_dup_build+0x6f9/0x1e80 [ 303.649490][ T8822] ? mas_dup_build+0x6f9/0x1e80 [ 303.649515][ T8822] mas_dup_build+0x6f9/0x1e80 [ 303.649548][ T8822] ? __lock_acquire+0xb97/0x1ce0 [ 303.649587][ T8822] __mt_dup+0xeb/0x1f0 [ 303.649614][ T8822] ? __pfx___mt_dup+0x10/0x10 [ 303.649674][ T8822] dup_mmap+0x36c/0x2280 [ 303.649722][ T8822] ? __pfx_dup_mmap+0x10/0x10 [ 303.649780][ T8822] copy_process+0x3f0c/0x76a0 [ 303.649826][ T8822] ? __pfx_copy_process+0x10/0x10 [ 303.649860][ T8822] ? futex_private_hash_put+0x176/0x300 [ 303.649898][ T8822] ? futex_private_hash_put+0x18a/0x300 [ 303.649938][ T8822] kernel_clone+0xfc/0x930 [ 303.649969][ T8822] ? __pfx_futex_wake+0x10/0x10 [ 303.650007][ T8822] ? __pfx_kernel_clone+0x10/0x10 [ 303.650038][ T8822] ? __pfx_vfs_writev+0x10/0x10 [ 303.650083][ T8822] __do_sys_clone+0xce/0x120 [ 303.650113][ T8822] ? __pfx___do_sys_clone+0x10/0x10 [ 303.650158][ T8822] ? xfd_validate_state+0x61/0x180 [ 303.650199][ T8822] ? __pfx_do_writev+0x10/0x10 [ 303.650237][ T8822] do_syscall_64+0xcd/0xfa0 [ 303.650267][ T8822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.650291][ T8822] RIP: 0033:0x7f081a78eec9 [ 303.650310][ T8822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.650333][ T8822] RSP: 002b:00007f081b707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 303.650355][ T8822] RAX: ffffffffffffffda RBX: 00007f081a9e5fa0 RCX: 00007f081a78eec9 [ 303.650370][ T8822] RDX: 0000000000000000 RSI: 0000000100000000 RDI: 0000000000000007 [ 303.650384][ T8822] RBP: 00007f081a811f91 R08: 0000000000000006 R09: 0000000000000000 [ 303.650398][ T8822] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 303.650412][ T8822] R13: 00007f081a9e6038 R14: 00007f081a9e5fa0 R15: 00007ffde5864f68 [ 303.650444][ T8822] [ 304.728110][ T8827] zswap: compressor not available [ 304.831006][ T8826] ALSA: mixer_oss: invalid OSS volume 'f' [ 304.869962][ T8826] ALSA: mixer_oss: invalid OSS volume 'fe80000000000000000000000000003' [ 304.889025][ T8826] ALSA: mixer_oss: invalid OSS volume 'fe800000000000005855a0fffe93786' [ 304.907134][ T8826] ALSA: mixer_oss: invalid OSS volume 'fe800000000000005855a0fffe93786' [ 304.947543][ T8826] ALSA: mixer_oss: invalid OSS volume 'fe80000000000000000000000000004' [ 304.984323][ T8826] ALSA: mixer_oss: invalid OSS volume 'fe800000000000000' [ 306.321147][ T8865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.649'. [ 306.545783][ T8867] ima: policy update failed [ 306.601480][ T30] audit: type=1802 audit(4294967301.770:8): pid=8867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.650" res=0 errno=0 [ 308.654191][ T7746] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 308.662759][ T7746] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0' [ 308.673237][ T7746] CPU: 0 UID: 0 PID: 7746 Comm: kworker/u11:1 Not tainted syzkaller #0 PREEMPT(full) [ 308.673267][ T7746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 308.673283][ T7746] Workqueue: hci0 hci_rx_work [ 308.673313][ T7746] Call Trace: [ 308.673320][ T7746] [ 308.673329][ T7746] dump_stack_lvl+0x16c/0x1f0 [ 308.673358][ T7746] sysfs_warn_dup+0x7f/0xa0 [ 308.673388][ T7746] sysfs_create_dir_ns+0x24b/0x2b0 [ 308.673417][ T7746] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 308.673446][ T7746] ? find_held_lock+0x2b/0x80 [ 308.673476][ T7746] ? do_raw_spin_unlock+0x172/0x230 [ 308.673517][ T7746] kobject_add_internal+0x2c4/0x9b0 [ 308.673554][ T7746] kobject_add+0x16e/0x240 [ 308.673585][ T7746] ? __pfx_kobject_add+0x10/0x10 [ 308.673619][ T7746] ? do_raw_spin_unlock+0x172/0x230 [ 308.673658][ T7746] ? kobject_put+0xab/0x5a0 [ 308.673697][ T7746] device_add+0x288/0x1aa0 [ 308.673728][ T7746] ? __pfx_dev_set_name+0x10/0x10 [ 308.673762][ T7746] ? __pfx_device_add+0x10/0x10 [ 308.673793][ T7746] ? mgmt_send_event_skb+0x2fb/0x460 [ 308.673863][ T7746] hci_conn_add_sysfs+0x17e/0x230 [ 308.673893][ T7746] le_conn_complete_evt+0x1260/0x2150 [ 308.673929][ T7746] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 308.673952][ T7746] ? bt_warn+0xe4/0x120 [ 308.673972][ T7746] ? __pfx_bt_warn+0x10/0x10 [ 308.674001][ T7746] hci_le_conn_complete_evt+0x23c/0x370 [ 308.674033][ T7746] hci_le_meta_evt+0x354/0x5e0 [ 308.674059][ T7746] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 308.674088][ T7746] hci_event_packet+0x682/0x11c0 [ 308.674112][ T7746] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 308.674141][ T7746] ? __pfx_hci_event_packet+0x10/0x10 [ 308.674168][ T7746] ? kcov_remote_start+0x3c9/0x6d0 [ 308.674189][ T7746] ? lockdep_hardirqs_on+0x7c/0x110 [ 308.674223][ T7746] hci_rx_work+0x2c5/0x16b0 [ 308.674251][ T7746] ? rcu_is_watching+0x12/0xc0 [ 308.674280][ T7746] process_one_work+0x9cf/0x1b70 [ 308.674329][ T7746] ? __pfx_process_one_work+0x10/0x10 [ 308.674375][ T7746] ? assign_work+0x1a0/0x250 [ 308.674413][ T7746] worker_thread+0x6c8/0xf10 [ 308.674459][ T7746] ? __kthread_parkme+0x19e/0x250 [ 308.674489][ T7746] ? __pfx_worker_thread+0x10/0x10 [ 308.674526][ T7746] kthread+0x3c2/0x780 [ 308.674561][ T7746] ? __pfx_kthread+0x10/0x10 [ 308.674597][ T7746] ? rcu_is_watching+0x12/0xc0 [ 308.674621][ T7746] ? __pfx_kthread+0x10/0x10 [ 308.674657][ T7746] ret_from_fork+0x675/0x7d0 [ 308.674690][ T7746] ? __pfx_kthread+0x10/0x10 [ 308.674725][ T7746] ret_from_fork_asm+0x1a/0x30 [ 308.674765][ T7746] [ 308.674820][ T7746] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 308.961892][ T7746] Bluetooth: hci0: failed to register connection device [ 309.269195][ T8904] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 310.066330][ T8903] netlink: 268 bytes leftover after parsing attributes in process `syz.1.658'. [ 310.172953][ T8903] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 310.350256][ T8903] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 310.469925][ T8903] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 310.593296][ T8918] Invalid ELF header magic: != ELF [ 310.635201][ T8903] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 310.742566][ T8903] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 310.798593][ T8903] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 314.963432][ T8971] random: crng reseeded on system resumption [ 318.799438][ T9025] ptp ptp0: only physical clock in use now [ 319.925752][ T9035] netlink: 8 bytes leftover after parsing attributes in process `syz.0.691'. syzkaller syzkaller login: [ 322.058942][ T9052] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 322.157536][ T9052] netlink: 342 bytes leftover after parsing attributes in process `syz.2.693'. [ 323.184422][ T9066] synth uevent: /module/l2tp_ip6: unknown uevent action string [ 323.685180][ T9077] syz.0.699 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 325.023045][ T9097] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 327.470272][ T9140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.717'. [ 327.551305][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.559733][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.839221][ T9146] net_ratelimit: 35 callbacks suppressed [ 327.839240][ T9146] netlink: zone id is out of range [ 327.912062][ T9148] netlink: 28 bytes leftover after parsing attributes in process `syz.1.721'. [ 327.921606][ T9146] netlink: zone id is out of range [ 327.969544][ T9146] netlink: zone id is out of range [ 328.015159][ T9146] netlink: zone id is out of range [ 328.066665][ T9146] netlink: zone id is out of range [ 328.115972][ T9146] netlink: zone id is out of range [ 328.156319][ T9146] netlink: zone id is out of range [ 328.195067][ T9146] netlink: zone id is out of range [ 328.223405][ T9153] netlink: 28 bytes leftover after parsing attributes in process `syz.1.722'. [ 328.234921][ T9146] netlink: zone id is out of range [ 328.272577][ T9146] netlink: zone id is out of range [ 329.119519][ T9171] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 330.384739][ T9167] netlink: 28 bytes leftover after parsing attributes in process `syz.0.725'. [ 331.094124][ T9204] FAULT_INJECTION: forcing a failure. [ 331.094124][ T9204] name failslab, interval 1, probability 0, space 0, times 0 [ 331.166901][ T9204] CPU: 0 UID: 0 PID: 9204 Comm: syz.2.733 Not tainted syzkaller #0 PREEMPT(full) [ 331.166930][ T9204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 331.166944][ T9204] Call Trace: [ 331.166951][ T9204] [ 331.166960][ T9204] dump_stack_lvl+0x16c/0x1f0 [ 331.166990][ T9204] should_fail_ex+0x512/0x640 [ 331.167019][ T9204] ? fs_reclaim_acquire+0xae/0x150 [ 331.167052][ T9204] should_failslab+0xc2/0x120 [ 331.167083][ T9204] __kmalloc_noprof+0xdd/0x880 [ 331.167121][ T9204] ? tomoyo_encode2+0x100/0x3e0 [ 331.167149][ T9204] ? tomoyo_encode2+0x100/0x3e0 [ 331.167170][ T9204] tomoyo_encode2+0x100/0x3e0 [ 331.167197][ T9204] tomoyo_encode+0x29/0x50 [ 331.167220][ T9204] tomoyo_realpath_from_path+0x18f/0x6e0 [ 331.167253][ T9204] tomoyo_mkdev_perm+0x22b/0x570 [ 331.167287][ T9204] ? tomoyo_mkdev_perm+0x217/0x570 [ 331.167323][ T9204] ? __pfx_tomoyo_mkdev_perm+0x10/0x10 [ 331.167360][ T9204] ? do_raw_spin_lock+0x12c/0x2b0 [ 331.167412][ T9204] ? do_raw_spin_unlock+0x172/0x230 [ 331.167465][ T9204] ? __pfx_current_check_access_path+0x10/0x10 [ 331.167493][ T9204] ? simple_lookup+0x105/0x1d0 [ 331.167520][ T9204] tomoyo_path_mknod+0x12a/0x190 [ 331.167549][ T9204] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 331.167580][ T9204] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 331.167623][ T9204] security_path_mknod+0x161/0x310 [ 331.167661][ T9204] do_mknodat+0x239/0x5d0 [ 331.167688][ T9204] ? __pfx_do_mknodat+0x10/0x10 [ 331.167710][ T9204] ? getname_flags.part.0+0x1c5/0x550 [ 331.167750][ T9204] __x64_sys_mknod+0x87/0xb0 [ 331.167779][ T9204] do_syscall_64+0xcd/0xfa0 [ 331.167808][ T9204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.167831][ T9204] RIP: 0033:0x7f081a78eec9 [ 331.167849][ T9204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.167870][ T9204] RSP: 002b:00007f081b6e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 331.167891][ T9204] RAX: ffffffffffffffda RBX: 00007f081a9e6090 RCX: 00007f081a78eec9 [ 331.167906][ T9204] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 331.167919][ T9204] RBP: 00007f081a811f91 R08: 0000000000000000 R09: 0000000000000000 [ 331.167932][ T9204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.167945][ T9204] R13: 00007f081a9e6128 R14: 00007f081a9e6090 R15: 00007ffde5864f68 [ 331.167985][ T9204] [ 332.224845][ T9204] ERROR: Out of memory at tomoyo_realpath_from_path. [ 333.579764][ T9237] FAULT_INJECTION: forcing a failure. [ 333.579764][ T9237] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 333.660784][ T9237] CPU: 0 UID: 0 PID: 9237 Comm: syz.1.743 Not tainted syzkaller #0 PREEMPT(full) [ 333.660816][ T9237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 333.660829][ T9237] Call Trace: [ 333.660836][ T9237] [ 333.660845][ T9237] dump_stack_lvl+0x16c/0x1f0 [ 333.660876][ T9237] should_fail_ex+0x512/0x640 [ 333.660908][ T9237] _copy_to_iter+0x29f/0x1710 [ 333.660941][ T9237] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 333.660975][ T9237] ? __pfx__copy_to_iter+0x10/0x10 [ 333.661006][ T9237] ? kernfs_seq_stop+0xcd/0x120 [ 333.661048][ T9237] ? kernfs_put_active+0x86/0xe0 [ 333.661085][ T9237] seq_read_iter+0xd02/0x12d0 [ 333.661134][ T9237] kernfs_fop_read_iter+0x46c/0x610 [ 333.661157][ T9237] ? rw_verify_area+0xcf/0x6c0 [ 333.661181][ T9237] vfs_read+0x8bc/0xcf0 [ 333.661209][ T9237] ? __pfx___mutex_lock+0x10/0x10 [ 333.661237][ T9237] ? __pfx_vfs_read+0x10/0x10 [ 333.661290][ T9237] ksys_read+0x12a/0x250 [ 333.661314][ T9237] ? __pfx_ksys_read+0x10/0x10 [ 333.661347][ T9237] do_syscall_64+0xcd/0xfa0 [ 333.661377][ T9237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.661400][ T9237] RIP: 0033:0x7ff6f678eec9 [ 333.661417][ T9237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.661439][ T9237] RSP: 002b:00007ff6f7550038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 333.661460][ T9237] RAX: ffffffffffffffda RBX: 00007ff6f69e5fa0 RCX: 00007ff6f678eec9 [ 333.661475][ T9237] RDX: 0000000000000012 RSI: 0000200000000000 RDI: 0000000000000005 [ 333.661489][ T9237] RBP: 00007ff6f7550090 R08: 0000000000000000 R09: 0000000000000000 [ 333.661502][ T9237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.661515][ T9237] R13: 00007ff6f69e6038 R14: 00007ff6f69e5fa0 R15: 00007ffe9b57c0b8 [ 333.661547][ T9237] [ 334.233990][ T9245] FAULT_INJECTION: forcing a failure. [ 334.233990][ T9245] name failslab, interval 1, probability 0, space 0, times 0 [ 334.269506][ T9245] CPU: 0 UID: 0 PID: 9245 Comm: syz.1.747 Not tainted syzkaller #0 PREEMPT(full) [ 334.269535][ T9245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 334.269548][ T9245] Call Trace: [ 334.269555][ T9245] [ 334.269563][ T9245] dump_stack_lvl+0x16c/0x1f0 [ 334.269594][ T9245] should_fail_ex+0x512/0x640 [ 334.269622][ T9245] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 334.269647][ T9245] should_failslab+0xc2/0x120 [ 334.269676][ T9245] kmem_cache_alloc_noprof+0x75/0x6e0 [ 334.269698][ T9245] ? alloc_empty_file+0x55/0x1e0 [ 334.269735][ T9245] ? alloc_empty_file+0x55/0x1e0 [ 334.269764][ T9245] ? _raw_spin_unlock+0x28/0x50 [ 334.269784][ T9245] alloc_empty_file+0x55/0x1e0 [ 334.269816][ T9245] alloc_file_pseudo+0x13a/0x230 [ 334.269849][ T9245] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 334.269884][ T9245] ? do_raw_spin_unlock+0x172/0x230 [ 334.269954][ T9245] __anon_inode_getfile+0xe8/0x280 [ 334.269991][ T9245] anon_inode_getfile_fmode+0x37/0xa0 [ 334.270021][ T9245] do_eventfd+0x19b/0x2c0 [ 334.270055][ T9245] __x64_sys_eventfd2+0x53/0x80 [ 334.270089][ T9245] do_syscall_64+0xcd/0xfa0 [ 334.270118][ T9245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.270141][ T9245] RIP: 0033:0x7ff6f678eec9 [ 334.270159][ T9245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.270180][ T9245] RSP: 002b:00007ff6f7550038 EFLAGS: 00000246 ORIG_RAX: 0000000000000122 [ 334.270202][ T9245] RAX: ffffffffffffffda RBX: 00007ff6f69e5fa0 RCX: 00007ff6f678eec9 [ 334.270217][ T9245] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000a0 [ 334.270230][ T9245] RBP: 00007ff6f7550090 R08: 0000000000000000 R09: 0000000000000000 [ 334.270243][ T9245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 334.270256][ T9245] R13: 00007ff6f69e6038 R14: 00007ff6f69e5fa0 R15: 00007ffe9b57c0b8 [ 334.270287][ T9245] [ 335.485117][ T9264] net_ratelimit: 35 callbacks suppressed [ 335.485135][ T9264] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 335.497487][ T9264] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 335.883059][ T9274] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 336.172497][ T9278] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 338.215761][ T9311] Console: switching to colour VGA+ 80x25 [ 339.629115][ T9335] netlink: 'syz.2.772': attribute type 4 has an invalid length. [ 339.666821][ T9332] netlink: 'syz.2.772': attribute type 4 has an invalid length. [ 339.720505][ T9332] netlink: 314 bytes leftover after parsing attributes in process `syz.2.772'. [ 339.744151][ T9334] netlink: 28 bytes leftover after parsing attributes in process `syz.3.770'. [ 339.756169][ T9335] netlink: 314 bytes leftover after parsing attributes in process `syz.2.772'. [ 339.786946][ T9334] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.798966][ T9334] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 339.815558][ T9340] snd_aloop snd_aloop.0: control 7:-2147483391:4::2 is already present [ 351.179667][ T9494] netlink: zone id is out of range [ 351.235797][ T9494] netlink: zone id is out of range [ 351.240951][ T9494] netlink: zone id is out of range [ 351.338669][ T9494] netlink: zone id is out of range [ 351.381150][ T9494] netlink: zone id is out of range [ 351.430495][ T9494] netlink: zone id is out of range [ 351.475665][ T9494] netlink: zone id is out of range [ 351.519048][ T9494] netlink: zone id is out of range [ 351.556152][ T9494] netlink: zone id is out of range [ 351.598524][ T9494] netlink: zone id is out of range [ 353.939163][ T9538] netlink: 8 bytes leftover after parsing attributes in process `syz.1.823'. [ 354.919853][ T9549] [U]  [ 354.922881][ T9549] [U] [ 354.925593][ T9549] [U] [ 354.928298][ T9549] [U] [ 354.968314][ T9550] FAULT_INJECTION: forcing a failure. [ 354.968314][ T9550] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 355.002093][ T9549] [U] [ 355.004851][ T9549] [U] [ 355.007563][ T9549] [U] [ 355.010267][ T9549] [U] [ 355.020979][ T9550] CPU: 0 UID: 0 PID: 9550 Comm: syz.0.827 Not tainted syzkaller #0 PREEMPT(full) [ 355.021006][ T9550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 355.021019][ T9550] Call Trace: [ 355.021026][ T9550] [ 355.021034][ T9550] dump_stack_lvl+0x16c/0x1f0 [ 355.021066][ T9550] should_fail_ex+0x512/0x640 [ 355.021098][ T9550] _copy_to_user+0x32/0xd0 [ 355.021129][ T9550] simple_read_from_buffer+0xcb/0x170 [ 355.021168][ T9550] proc_fail_nth_read+0x197/0x240 [ 355.021193][ T9550] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 355.021218][ T9550] ? rw_verify_area+0xcf/0x6c0 [ 355.021238][ T9550] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 355.021261][ T9550] vfs_read+0x1e1/0xcf0 [ 355.021289][ T9550] ? __pfx___mutex_lock+0x10/0x10 [ 355.021316][ T9550] ? __pfx_vfs_read+0x10/0x10 [ 355.021348][ T9550] ? __fget_files+0x20e/0x3c0 [ 355.021384][ T9550] ksys_read+0x12a/0x250 [ 355.021407][ T9550] ? __pfx_ksys_read+0x10/0x10 [ 355.021439][ T9550] do_syscall_64+0xcd/0xfa0 [ 355.021468][ T9550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.021490][ T9550] RIP: 0033:0x7fca1478d8dc [ 355.021507][ T9550] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 355.021528][ T9550] RSP: 002b:00007fca15622030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 355.021548][ T9550] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478d8dc [ 355.021563][ T9550] RDX: 000000000000000f RSI: 00007fca156220a0 RDI: 0000000000000005 [ 355.021576][ T9550] RBP: 00007fca15622090 R08: 0000000000000000 R09: 0000000000000000 [ 355.021589][ T9550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 355.021601][ T9550] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 355.021631][ T9550] [ 355.208080][ T9549] [U] [ 355.210822][ T9549] [U] [ 355.213528][ T9549] [U] [ 355.216235][ T9549] [U] [ 355.219245][ T9549] [U] [ 355.221958][ T9549] [U] [ 355.224664][ T9549] [U] [ 355.227375][ T9549] [U] [ 355.230430][ T9549] [U] [ 355.233159][ T9549] [U] [ 355.235864][ T9549] [U] [ 355.238567][ T9549] [U] [ 355.241538][ T9549] [U] [ 355.244252][ T9549] [U] [ 355.246962][ T9549] [U] [ 355.249680][ T9549] [U] [ 355.252748][ T9549] [U] [ 355.255462][ T9549] [U] [ 355.258171][ T9549] [U] [ 355.260880][ T9549] [U] [ 355.263862][ T9549] [U] [ 355.266579][ T9549] [U] [ 355.269286][ T9549] [U] [ 355.271994][ T9549] [U] [ 355.275528][ T9549] [U] [ 355.278245][ T9549] [U] [ 355.280953][ T9549] [U] [ 355.283656][ T9549] [U] [ 355.287163][ T9549] [U] [ 355.289878][ T9549] [U] [ 355.292603][ T9549] [U] [ 355.295309][ T9549] [U] [ 355.298821][ T9549] [U] [ 355.301534][ T9549] [U] [ 355.304240][ T9549] [U] [ 355.306942][ T9549] [U] [ 355.310220][ T9549] [U] [ 355.312942][ T9549] [U] [ 355.315650][ T9549] [U] [ 355.318365][ T9549] [U] [ 355.321451][ T9549] [U] [ 355.324170][ T9549] [U] [ 355.326878][ T9549] [U] [ 355.329584][ T9549] [U] [ 355.332596][ T9549] [U] [ 355.335324][ T9549] [U] [ 355.338032][ T9549] [U] [ 355.340736][ T9549] [U] [ 355.343780][ T9549] [U] [ 355.346493][ T9549] [U] [ 355.349196][ T9549] [U] [ 355.351901][ T9549] [U] [ 355.354877][ T9549] [U] [ 355.357583][ T9549] [U] [ 355.360324][ T9549] [U] [ 355.363056][ T9549] [U] [ 355.366172][ T9549] [U] [ 355.368895][ T9549] [U] [ 355.371607][ T9549] [U] [ 355.374343][ T9549] [U] [ 355.377779][ T9549] [U] [ 355.380500][ T9549] [U] [ 355.383211][ T9549] [U] [ 355.385922][ T9549] [U] [ 355.399639][ T9549] [U] [ 355.402397][ T9549] [U] [ 355.405103][ T9549] [U] [ 355.407805][ T9549] [U] [ 355.441887][ T9549] [U] [ 355.444720][ T9549] [U] [ 355.447433][ T9549] [U] [ 355.450163][ T9549] [U] [ 355.471177][ T9549] [U] [ 355.473945][ T9549] [U] [ 355.476661][ T9549] [U] [ 355.479376][ T9549] [U] [ 355.491637][ T9549] [U] [ 355.494377][ T9549] [U] [ 355.497085][ T9549] [U] [ 355.499795][ T9549] [U] [ 355.541540][ T9549] [U] [ 355.544295][ T9549] [U] [ 355.547004][ T9549] [U] [ 355.549704][ T9549] [U] [ 355.571614][ T9549] [U] [ 355.574363][ T9549] [U] [ 355.577068][ T9549] [U] [ 355.579779][ T9549] [U] [ 355.619812][ T9549] [U] [ 357.481826][ T9576] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 357.764690][ T9580] ptp ptp0: only physical clock in use now [ 359.976193][ T9618] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 360.008774][ T9619] netlink: 24 bytes leftover after parsing attributes in process `syz.2.846'. [ 361.130245][ T30] audit: type=1400 audit(4294969404.537:9): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=9632 comm="syz.3.850" [ 362.019638][ T9650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.856'. syzkaller syzkaller login: [ 365.110841][ T9699] net_ratelimit: 80 callbacks suppressed [ 365.110861][ T9699] netlink: zone id is out of range [ 365.269790][ T9699] netlink: zone id is out of range [ 365.340502][ T9699] netlink: zone id is out of range [ 365.413888][ T9699] netlink: zone id is out of range [ 365.505517][ T9699] netlink: zone id is out of range [ 365.561546][ T9699] netlink: zone id is out of range [ 365.957928][ T9699] netlink: zone id is out of range [ 366.004109][ T9699] netlink: zone id is out of range [ 366.034655][ T9699] netlink: zone id is out of range [ 366.058656][ T9699] netlink: zone id is out of range [ 366.622500][ T9719] netlink: 28 bytes leftover after parsing attributes in process `syz.1.876'. [ 366.927423][ T9724] ptp ptp0: only physical clock in use now [ 367.142792][ T9728] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 367.421572][ T9736] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 syzkaller syzkaller login: [ 370.766627][ T9782] ptp ptp0: only physical clock in use now syzkaller syzkaller login: [ 372.957112][ T9811] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 373.450444][ T9822] netlink: 8 bytes leftover after parsing attributes in process `syz.0.899'. [ 373.522436][ T9822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.899'. [ 376.288283][ T9861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.910'. [ 377.027939][ T9874] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 377.821194][ T9885] Console: switching to colour frame buffer device 4x6 [ 378.082757][ T9892] ptp ptp0: only physical clock in use now [ 380.050271][ T9921] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 380.711187][ T9932] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 381.363435][ T9946] ptp ptp0: only physical clock in use now [ 382.524708][ T9967] ======================================================= [ 382.524708][ T9967] WARNING: The mand mount option has been deprecated and [ 382.524708][ T9967] and is ignored by this kernel. Remove the mand [ 382.524708][ T9967] option from the mount to silence this warning. [ 382.524708][ T9967] ======================================================= [ 383.215130][ T9975] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 383.900214][ T9977] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 385.018446][ T9997] net_ratelimit: 35 callbacks suppressed [ 385.018464][ T9997] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 385.030587][ T9997] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 388.091377][T10045] netlink: zone id is out of range [ 388.202310][T10045] netlink: zone id is out of range [ 388.243836][T10045] netlink: zone id is out of range [ 388.258218][T10045] netlink: zone id is out of range [ 388.299321][T10045] netlink: zone id is out of range [ 388.349774][T10045] netlink: zone id is out of range [ 388.380130][T10045] netlink: zone id is out of range [ 388.440053][T10045] netlink: zone id is out of range [ 388.466682][T10051] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 388.674028][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.681285][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.211455][T10039] mkiss: ax0: crc mode is auto. [ 389.404215][T10040] mkiss: ax0: crc mode is auto. [ 390.076106][T10064] ceph: Failed to parse sending metrics switch value 'P^' [ 392.357600][T10104] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 392.642198][T10107] vivid-007: ================= START STATUS ================= [ 392.679863][T10107] vivid-007: Generate PTS: true [ 392.706222][T10107] vivid-007: Generate SCR: true [ 392.720469][T10107] tpg source WxH: 320x240 (Y'CbCr) [ 392.742146][T10107] tpg field: 1 [ 392.754324][T10107] tpg crop: (0,0)/320x240 [ 392.769518][T10107] tpg compose: (0,0)/320x240 [ 392.786344][T10107] tpg colorspace: 8 [ 392.810469][T10107] tpg transfer function: 0/0 [ 392.846046][T10107] tpg Y'CbCr encoding: 0/0 [ 392.938854][T10107] tpg quantization: 0/0 [ 393.018789][T10107] tpg RGB range: 0/2 [ 393.064507][T10107] vivid-007: ================== END STATUS ================== [ 393.124364][T10116] input: jJ-9%vlQ J86 as /devices/virtual/input/input11 [ 393.216642][T10116] net_ratelimit: 37 callbacks suppressed [ 393.216661][T10116] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 394.113536][T10133] ptp ptp0: only physical clock in use now [ 395.544952][T10158] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 395.797854][T10157] FAULT_INJECTION: forcing a failure. [ 395.797854][T10157] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 395.934102][T10157] CPU: 0 UID: 0 PID: 10157 Comm: syz.2.978 Not tainted syzkaller #0 PREEMPT(full) [ 395.934131][T10157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 395.934144][T10157] Call Trace: [ 395.934151][T10157] [ 395.934159][T10157] dump_stack_lvl+0x16c/0x1f0 [ 395.934191][T10157] should_fail_ex+0x512/0x640 [ 395.934223][T10157] _copy_from_user+0x2e/0xd0 [ 395.934256][T10157] __x64_sys_setrlimit+0xc6/0x160 [ 395.934293][T10157] ? __pfx___x64_sys_setrlimit+0x10/0x10 [ 395.934335][T10157] do_syscall_64+0xcd/0xfa0 [ 395.934362][T10157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.934391][T10157] RIP: 0033:0x7f081a78eec9 [ 395.934408][T10157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.934430][T10157] RSP: 002b:00007f081b6c5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0 [ 395.934450][T10157] RAX: ffffffffffffffda RBX: 00007f081a9e6180 RCX: 00007f081a78eec9 [ 395.934465][T10157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 395.934478][T10157] RBP: 00007f081b6c5090 R08: 0000000000000000 R09: 0000000000000000 [ 395.934491][T10157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.934503][T10157] R13: 00007f081a9e6218 R14: 00007f081a9e6180 R15: 00007ffde5864f68 [ 395.934533][T10157] [ 396.274685][T10163] netlink: 338 bytes leftover after parsing attributes in process `syz.2.983'. [ 396.284457][T10164] netlink: 338 bytes leftover after parsing attributes in process `syz.2.983'. [ 396.909230][T10170] netlink: 16 bytes leftover after parsing attributes in process `syz.0.986'. [ 397.038645][T10171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.985'. [ 397.442688][T10163] kexec: Could not allocate control_code_buffer [ 398.215262][T10193] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 401.100405][T10071] mkiss: ax0: crc mode is auto. [ 401.585515][T10259] ptp ptp0: only physical clock in use now [ 403.496672][T10282] netlink: 226 bytes leftover after parsing attributes in process `syz.0.1009'. [ 403.566578][T10282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1009'. [ 403.604194][T10282] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 404.671467][T10296] random: crng reseeded on system resumption [ 405.116817][T10301] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 405.238893][T10304] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 406.205520][T10314] netlink: zone id is out of range [ 406.238074][T10314] netlink: del zone limit has 4 unknown bytes [ 406.383191][T10314] HfR: entered promiscuous mode [ 406.984643][T10330] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1021'. [ 407.073526][T10330] nbd: must specify a device to reconfigure [ 408.672661][T10353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1028'. [ 408.711075][T10355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1029'. [ 412.628152][T10270] mkiss: ax0: crc mode is auto. [ 413.014967][T10420] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 413.178647][T10422] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 414.489656][T10441] netlink: zone id is out of range [ 414.517811][T10441] netlink: zone id is out of range [ 414.560833][T10441] netlink: zone id is out of range [ 414.604377][T10441] netlink: zone id is out of range [ 414.645606][T10441] netlink: zone id is out of range [ 414.682685][T10441] netlink: zone id is out of range [ 414.723629][T10441] netlink: zone id is out of range [ 414.774672][T10441] netlink: zone id is out of range [ 414.824317][T10441] netlink: zone id is out of range [ 414.847212][T10441] netlink: zone id is out of range [ 417.278895][T10483] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 417.352127][T10484] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 418.725746][T10513] queue_state_write: operation too long [ 418.731332][T10513] queue_state_write: use 'run', 'start' or 'kick' [ 418.975821][ T30] audit: type=1806 audit(4294969462.678:10): xattr="." res=0 [ 419.392361][T10528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1070'. [ 419.402647][T10531] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1071'. [ 419.752827][T10540] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 420.013684][T10522] kexec: Could not allocate control_code_buffer [ 421.999426][T10575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1081'. [ 422.770465][T10588] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 423.013449][T10580] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1083'. [ 423.419632][T10595] sp0: Synchronizing with TNC [ 423.630044][T10591] sp0: Synchronizing with TNC [ 423.635052][T10604] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1088'. [ 424.095787][T10612] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1091'. [ 424.466311][T10608] FAULT_INJECTION: forcing a failure. [ 424.466311][T10608] name failslab, interval 1, probability 0, space 0, times 0 [ 424.530193][T10608] CPU: 0 UID: 0 PID: 10608 Comm: syz.0.1089 Not tainted syzkaller #0 PREEMPT(full) [ 424.530225][T10608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 424.530238][T10608] Call Trace: [ 424.530245][T10608] [ 424.530253][T10608] dump_stack_lvl+0x16c/0x1f0 [ 424.530284][T10608] should_fail_ex+0x512/0x640 [ 424.530334][T10608] should_failslab+0xc2/0x120 [ 424.530365][T10608] __kmalloc_cache_noprof+0x72/0x780 [ 424.530404][T10608] ? sctp_add_bind_addr+0xae/0x3f0 [ 424.530432][T10608] ? sctp_add_bind_addr+0xae/0x3f0 [ 424.530454][T10608] sctp_add_bind_addr+0xae/0x3f0 [ 424.530481][T10608] sctp_copy_local_addr_list+0x349/0x550 [ 424.530513][T10608] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 424.530545][T10608] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 424.530577][T10608] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.530619][T10608] sctp_bind_addr_copy+0xe0/0x530 [ 424.530650][T10608] sctp_connect_new_asoc+0x1c9/0x770 [ 424.530686][T10608] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 424.530724][T10608] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.530769][T10608] __sctp_connect+0x3f3/0xc60 [ 424.530806][T10608] ? do_raw_spin_lock+0x12c/0x2b0 [ 424.530844][T10608] ? __pfx___sctp_connect+0x10/0x10 [ 424.530880][T10608] ? __pfx_sctp_inet_connect+0x10/0x10 [ 424.530915][T10608] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.530956][T10608] ? __pfx_sctp_inet_connect+0x10/0x10 [ 424.530988][T10608] sctp_inet_connect+0x15f/0x200 [ 424.531023][T10608] __sys_connect_file+0x13e/0x1a0 [ 424.531049][T10608] __sys_connect+0x13b/0x160 [ 424.531070][T10608] ? __pfx___sys_connect+0x10/0x10 [ 424.531103][T10608] ? xfd_validate_state+0x61/0x180 [ 424.531144][T10608] __x64_sys_connect+0x72/0xb0 [ 424.531164][T10608] ? lockdep_hardirqs_on+0x7c/0x110 [ 424.531191][T10608] do_syscall_64+0xcd/0xfa0 [ 424.531219][T10608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.531242][T10608] RIP: 0033:0x7fca1478eec9 [ 424.531259][T10608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.531281][T10608] RSP: 002b:00007fca15622038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 424.531307][T10608] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478eec9 [ 424.531321][T10608] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000002 [ 424.531335][T10608] RBP: 00007fca14811f91 R08: 0000000000000000 R09: 0000000000000000 [ 424.531348][T10608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.531362][T10608] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 424.531393][T10608] [ 424.789438][ C0] vkms_vblank_simulate: vblank timer overrun [ 425.735776][T10636] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1097'. [ 425.916603][T10643] vivid-007: ================= START STATUS ================= [ 425.924322][T10643] vivid-007: Generate PTS: true [ 425.990614][T10643] vivid-007: Generate SCR: true [ 426.019178][T10643] tpg source WxH: 320x240 (Y'CbCr) [ 426.045956][T10643] tpg field: 1 [ 426.049379][T10643] tpg crop: (0,0)/320x240 [ 426.106478][T10643] tpg compose: (0,0)/320x240 [ 426.111185][T10643] tpg colorspace: 8 [ 426.170227][T10643] tpg transfer function: 0/0 [ 426.179994][T10643] tpg Y'CbCr encoding: 0/0 [ 426.214879][T10643] tpg quantization: 0/0 [ 426.219095][T10643] tpg RGB range: 0/2 [ 426.223011][T10643] vivid-007: ================== END STATUS ================== [ 426.255488][T10650] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1101'. syzkaller syzkaller login: [ 427.349214][T10674] lo: entered allmulticast mode [ 427.648629][T10674] lo: left allmulticast mode [ 427.881555][T10689] ptp ptp0: only physical clock in use now [ 429.109582][T10703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1114'. [ 429.677802][T10715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1118'. [ 429.712713][T10715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1118'. [ 429.854883][T10719] netlink: 214 bytes leftover after parsing attributes in process `syz.2.1119'. [ 429.939788][T10719] netlink: 274 bytes leftover after parsing attributes in process `syz.2.1119'. [ 430.378517][T10731] ptp ptp0: only physical clock in use now [ 430.842560][T10742] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 431.631435][T10752] net_ratelimit: 35 callbacks suppressed [ 431.631454][T10752] netlink: zone id is out of range [ 431.667476][T10752] netlink: zone id is out of range [ 431.723794][T10752] netlink: zone id is out of range [ 431.778053][T10752] netlink: zone id is out of range [ 431.813058][T10752] netlink: zone id is out of range [ 431.867524][T10752] netlink: zone id is out of range [ 431.878277][T10752] netlink: zone id is out of range [ 431.921307][T10752] netlink: zone id is out of range [ 431.957211][T10752] netlink: zone id is out of range [ 432.015039][T10752] netlink: zone id is out of range [ 432.225979][T10760] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(424206980.290643515.64131978), cmd(3) [ 432.314175][ T5914] Process accounting resumed [ 432.551724][T10765] FAULT_INJECTION: forcing a failure. [ 432.551724][T10765] name failslab, interval 1, probability 0, space 0, times 0 [ 432.655709][T10765] CPU: 0 UID: 0 PID: 10765 Comm: syz.0.1131 Not tainted syzkaller #0 PREEMPT(full) [ 432.655742][T10765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 432.655757][T10765] Call Trace: [ 432.655764][T10765] [ 432.655773][T10765] dump_stack_lvl+0x16c/0x1f0 [ 432.655805][T10765] should_fail_ex+0x512/0x640 [ 432.655835][T10765] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 432.655869][T10765] should_failslab+0xc2/0x120 [ 432.655901][T10765] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 432.655932][T10765] ? kstrdup_const+0x63/0x80 [ 432.655962][T10765] ? kstrdup+0x53/0x100 [ 432.655985][T10765] kstrdup+0x53/0x100 [ 432.656010][T10765] kstrdup_const+0x63/0x80 [ 432.656034][T10765] kvasprintf_const+0x10f/0x1a0 [ 432.656069][T10765] kobject_set_name_vargs+0x5a/0x140 [ 432.656103][T10765] kobject_init_and_add+0xe7/0x190 [ 432.656136][T10765] ? __pfx_kobject_init_and_add+0x10/0x10 [ 432.656176][T10765] ? up_write+0x1b2/0x520 [ 432.656220][T10765] sysfs_slab_add+0x194/0x1f0 [ 432.656246][T10765] do_kmem_cache_create+0x5bb/0x740 [ 432.656281][T10765] __kmem_cache_create_args+0x202/0x3c0 [ 432.656324][T10765] mon_text_open+0x333/0x510 [ 432.656360][T10765] ? __pfx_mon_text_open+0x10/0x10 [ 432.656397][T10765] ? __pfx_mon_text_ctor+0x10/0x10 [ 432.656431][T10765] ? __pfx_apparmor_file_open+0x10/0x10 [ 432.656465][T10765] ? lockdown_is_locked_down+0x3f/0x130 [ 432.656495][T10765] ? bpf_lsm_locked_down+0x9/0x10 [ 432.656531][T10765] ? __pfx_mon_text_open+0x10/0x10 [ 432.656562][T10765] full_proxy_open_regular+0x1b6/0x360 [ 432.656600][T10765] do_dentry_open+0x982/0x1530 [ 432.656627][T10765] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 432.656694][T10765] vfs_open+0x82/0x3f0 [ 432.656732][T10765] path_openat+0x1de4/0x2cb0 [ 432.656769][T10765] ? __pfx_path_openat+0x10/0x10 [ 432.656803][T10765] do_filp_open+0x20b/0x470 [ 432.656829][T10765] ? __pfx_do_filp_open+0x10/0x10 [ 432.656878][T10765] ? alloc_fd+0x471/0x7d0 [ 432.656910][T10765] do_sys_openat2+0x11b/0x1d0 [ 432.656944][T10765] ? __pfx_do_sys_openat2+0x10/0x10 [ 432.656992][T10765] __x64_sys_openat+0x174/0x210 [ 432.657028][T10765] ? __pfx___x64_sys_openat+0x10/0x10 [ 432.657077][T10765] do_syscall_64+0xcd/0xfa0 [ 432.657106][T10765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.657129][T10765] RIP: 0033:0x7fca1478eec9 [ 432.657148][T10765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.657170][T10765] RSP: 002b:00007fca15601038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 432.657192][T10765] RAX: ffffffffffffffda RBX: 00007fca149e6090 RCX: 00007fca1478eec9 [ 432.657207][T10765] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 432.657221][T10765] RBP: 00007fca14811f91 R08: 0000000000000000 R09: 0000000000000000 [ 432.657235][T10765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.657249][T10765] R13: 00007fca149e6128 R14: 00007fca149e6090 R15: 00007ffc3f4de778 [ 432.657281][T10765] [ 432.963699][T10765] kobject: can not set name properly! [ 432.969245][T10765] SLUB: Unable to add cache mon_text_ffff888028ec3c00 to sysfs [ 433.100669][T10779] ptp ptp0: only physical clock in use now [ 433.196355][T10777] __vm_enough_memory: pid: 10777, comm: syz.3.1134, bytes: 4398046511104 not enough memory for the allocation [ 433.513708][T10785] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 433.746341][T10788] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 435.874910][T10817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1145'. [ 435.926717][T10817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1145'. [ 435.940821][T10819] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1146'. [ 436.047400][T10822] ptp ptp0: only physical clock in use now [ 436.304947][T10829] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 436.523966][T10833] nbd: must specify a device to reconfigure [ 437.444105][T10840] FAULT_INJECTION: forcing a failure. [ 437.444105][T10840] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 437.624023][T10840] CPU: 0 UID: 0 PID: 10840 Comm: syz.2.1154 Not tainted syzkaller #0 PREEMPT(full) [ 437.624054][T10840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 437.624069][T10840] Call Trace: [ 437.624076][T10840] [ 437.624085][T10840] dump_stack_lvl+0x16c/0x1f0 [ 437.624115][T10840] should_fail_ex+0x512/0x640 [ 437.624149][T10840] should_fail_alloc_page+0xe7/0x130 [ 437.624189][T10840] prepare_alloc_pages+0x3c2/0x610 [ 437.624225][T10840] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 437.624250][T10840] ? __pfx_try_to_migrate_one+0x10/0x10 [ 437.624294][T10840] ? __up_read+0x1f8/0x750 [ 437.624338][T10840] ? __pfx___up_read+0x10/0x10 [ 437.624373][T10840] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 437.624395][T10840] ? rmap_walk_anon+0x503/0x710 [ 437.624455][T10840] __folio_alloc_noprof+0x11/0x220 [ 437.624478][T10840] alloc_migration_target+0x24a/0x660 [ 437.624514][T10840] migrate_pages_batch+0x3b9/0x3bb0 [ 437.624553][T10840] ? __pfx_alloc_migration_target+0x10/0x10 [ 437.624598][T10840] ? __pfx_migrate_pages_batch+0x10/0x10 [ 437.624639][T10840] ? __pfx_walk_pgd_range+0x10/0x10 [ 437.624666][T10840] migrate_pages_sync+0x12d/0x8a0 [ 437.624702][T10840] ? __pfx_alloc_migration_target+0x10/0x10 [ 437.624741][T10840] ? queue_pages_test_walk+0x279/0x410 [ 437.624776][T10840] ? __pfx_migrate_pages_sync+0x10/0x10 [ 437.624812][T10840] ? walk_page_test+0x9b/0x180 [ 437.624837][T10840] ? walk_page_range_mm+0x235/0xb40 [ 437.624868][T10840] migrate_pages+0x1b5f/0x23a0 [ 437.624906][T10840] ? __pfx_alloc_migration_target+0x10/0x10 [ 437.624948][T10840] ? __pfx_migrate_pages+0x10/0x10 [ 437.624983][T10840] ? queue_pages_range+0x11e/0x180 [ 437.625016][T10840] ? __pfx___up_read+0x10/0x10 [ 437.625051][T10840] ? do_migrate_pages+0x458/0x750 [ 437.625088][T10840] do_migrate_pages+0x48e/0x750 [ 437.625127][T10840] ? __pfx_do_migrate_pages+0x10/0x10 [ 437.625160][T10840] ? rcu_is_watching+0x12/0xc0 [ 437.625189][T10840] ? cap_capable+0xb3/0x250 [ 437.625218][T10840] ? get_task_mm+0xc2/0xf0 [ 437.625242][T10840] ? security_capable+0x250/0x260 [ 437.625276][T10840] kernel_migrate_pages+0x55b/0x700 [ 437.625314][T10840] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 437.625348][T10840] ? __pfx_do_writev+0x10/0x10 [ 437.625376][T10840] __x64_sys_migrate_pages+0x96/0x100 [ 437.625408][T10840] ? lockdep_hardirqs_on+0x7c/0x110 [ 437.625434][T10840] do_syscall_64+0xcd/0xfa0 [ 437.625463][T10840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.625486][T10840] RIP: 0033:0x7f081a78eec9 [ 437.625504][T10840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.625526][T10840] RSP: 002b:00007f081b707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 437.625547][T10840] RAX: ffffffffffffffda RBX: 00007f081a9e5fa0 RCX: 00007f081a78eec9 [ 437.625562][T10840] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 437.625576][T10840] RBP: 00007f081a811f91 R08: 0000000000000000 R09: 0000000000000000 [ 437.625590][T10840] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 437.625609][T10840] R13: 00007f081a9e6038 R14: 00007f081a9e5fa0 R15: 00007ffde5864f68 [ 437.625640][T10840] [ 439.753556][T10883] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1164'. [ 440.500176][T10893] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 441.621896][T10910] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1170'. [ 441.676171][T10911] net_ratelimit: 35 callbacks suppressed [ 441.676190][T10911] openvswitch: netlink: IP tunnel dst address not specified [ 441.835516][T10910] bond0: (slave bond_slave_0): Releasing backup interface getty: ttyS0: read error: Resource temporarily unavailable syzkaller syzkaller login: [ 443.938963][T10940] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 444.782384][T10955] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 446.933268][T10987] sd 0:0:1:0: PR command failed: 1026 [ 447.069467][T10987] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 447.185026][T10987] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 447.280635][T10992] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 448.250778][T11001] FAULT_INJECTION: forcing a failure. [ 448.250778][T11001] name failslab, interval 1, probability 0, space 0, times 0 [ 448.455737][T11001] CPU: 0 UID: 0 PID: 11001 Comm: syz.0.1192 Not tainted syzkaller #0 PREEMPT(full) [ 448.455776][T11001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 448.455790][T11001] Call Trace: [ 448.455797][T11001] [ 448.455806][T11001] dump_stack_lvl+0x16c/0x1f0 [ 448.455837][T11001] should_fail_ex+0x512/0x640 [ 448.455866][T11001] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 448.455894][T11001] should_failslab+0xc2/0x120 [ 448.455926][T11001] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 448.455951][T11001] ? shmem_alloc_inode+0x25/0x50 [ 448.455985][T11001] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 448.456013][T11001] ? shmem_alloc_inode+0x25/0x50 [ 448.456040][T11001] shmem_alloc_inode+0x25/0x50 [ 448.456068][T11001] alloc_inode+0x61/0x240 [ 448.456099][T11001] new_inode+0x22/0x1c0 [ 448.456127][T11001] ? trace_cap_capable+0x18d/0x200 [ 448.456161][T11001] shmem_get_inode+0x19a/0xfb0 [ 448.456194][T11001] ? __vm_enough_memory+0x184/0x3f0 [ 448.456226][T11001] __shmem_file_setup+0x279/0x330 [ 448.456265][T11001] shmem_zero_setup+0x93/0x1a0 [ 448.456291][T11001] __mmap_region+0x2076/0x27a0 [ 448.456318][T11001] ? __pfx___mmap_region+0x10/0x10 [ 448.456338][T11001] ? finish_task_switch.isra.0+0x21c/0xc10 [ 448.456365][T11001] ? rcu_is_watching+0x12/0xc0 [ 448.456389][T11001] ? finish_task_switch.isra.0+0x221/0xc10 [ 448.456413][T11001] ? lockdep_hardirqs_on+0x7c/0x110 [ 448.456438][T11001] ? finish_task_switch.isra.0+0x221/0xc10 [ 448.456489][T11001] ? __pfx___schedule+0x10/0x10 [ 448.456548][T11001] ? trace_cap_capable+0x18d/0x200 [ 448.456589][T11001] mmap_region+0x1ab/0x3f0 [ 448.456611][T11001] ? __get_unmapped_area+0x267/0x440 [ 448.456645][T11001] do_mmap+0xa3e/0x1210 [ 448.456679][T11001] ? __pfx_do_mmap+0x10/0x10 [ 448.456709][T11001] ? __pfx_down_write_killable+0x10/0x10 [ 448.456759][T11001] vm_mmap_pgoff+0x29e/0x470 [ 448.456795][T11001] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 448.456832][T11001] ? __x64_sys_futex+0x1e0/0x4c0 [ 448.456862][T11001] ? __x64_sys_futex+0x1e9/0x4c0 [ 448.456898][T11001] ksys_mmap_pgoff+0x7d/0x5c0 [ 448.456926][T11001] ? xfd_validate_state+0x61/0x180 [ 448.456958][T11001] ? __pfx_ksys_write+0x10/0x10 [ 448.456986][T11001] __x64_sys_mmap+0x125/0x190 [ 448.457024][T11001] do_syscall_64+0xcd/0xfa0 [ 448.457053][T11001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.457076][T11001] RIP: 0033:0x7fca1478eec9 [ 448.457095][T11001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.457118][T11001] RSP: 002b:00007fca15601038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 448.457139][T11001] RAX: ffffffffffffffda RBX: 00007fca149e6090 RCX: 00007fca1478eec9 [ 448.457154][T11001] RDX: 00000000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 448.457170][T11001] RBP: 00007fca14811f91 R08: 0000000000000401 R09: 0000000000008000 [ 448.457184][T11001] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 448.457198][T11001] R13: 00007fca149e6128 R14: 00007fca149e6090 R15: 00007ffc3f4de778 [ 448.457230][T11001] [ 449.795176][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.803611][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 451.505925][T11037] zswap: compressor not available [ 452.013178][T11055] Process accounting resumed [ 452.383074][T11065] ptp ptp0: only physical clock in use now [ 452.439952][T11056] zswap: compressor not available [ 452.455373][T11058] Setting dangerous option i915.mitigations - tainting kernel [ 452.833713][T11074] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 455.489043][T11119] netlink: zone id is out of range [ 455.534635][T11119] netlink: zone id is out of range [ 455.565945][T11119] netlink: zone id is out of range [ 455.622022][T11119] netlink: zone id is out of range [ 455.668040][T11119] netlink: zone id is out of range [ 455.703297][T11124] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 455.712779][T11119] netlink: zone id is out of range [ 455.741132][T11119] netlink: zone id is out of range [ 455.779008][T11119] netlink: zone id is out of range [ 455.819342][T11119] netlink: zone id is out of range [ 455.858884][T11119] netlink: zone id is out of range [ 457.643203][T11150] FAULT_INJECTION: forcing a failure. [ 457.643203][T11150] name failslab, interval 1, probability 0, space 0, times 0 [ 458.487973][T11150] CPU: 0 UID: 0 PID: 11150 Comm: syz.2.1229 Tainted: G U syzkaller #0 PREEMPT(full) [ 458.488010][T11150] Tainted: [U]=USER [ 458.488017][T11150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 458.488031][T11150] Call Trace: [ 458.488039][T11150] [ 458.488047][T11150] dump_stack_lvl+0x16c/0x1f0 [ 458.488078][T11150] should_fail_ex+0x512/0x640 [ 458.488107][T11150] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 458.488138][T11150] should_failslab+0xc2/0x120 [ 458.488170][T11150] kmem_cache_alloc_noprof+0x75/0x6e0 [ 458.488193][T11150] ? __kernfs_new_node+0xd2/0x8e0 [ 458.488228][T11150] ? __kernfs_new_node+0xd2/0x8e0 [ 458.488256][T11150] __kernfs_new_node+0xd2/0x8e0 [ 458.488289][T11150] ? __pfx___kernfs_new_node+0x10/0x10 [ 458.488326][T11150] ? find_held_lock+0x2b/0x80 [ 458.488351][T11150] ? kernfs_root+0xee/0x2a0 [ 458.488386][T11150] kernfs_new_node+0x13c/0x1e0 [ 458.488425][T11150] __kernfs_create_file+0x53/0x350 [ 458.488451][T11150] sysfs_add_file_mode_ns+0x207/0x3c0 [ 458.488487][T11150] sysfs_merge_group+0x1aa/0x340 [ 458.488518][T11150] ? __pfx_sysfs_merge_group+0x10/0x10 [ 458.488554][T11150] ? __pfx_dev_add_physical_location+0x10/0x10 [ 458.488584][T11150] ? bus_to_subsys+0x131/0x160 [ 458.488620][T11150] dpm_sysfs_add+0x237/0x280 [ 458.488649][T11150] device_add+0x9a6/0x1aa0 [ 458.488682][T11150] ? __pfx_device_add+0x10/0x10 [ 458.488710][T11150] ? lockdep_init_map_type+0x5c/0x280 [ 458.488744][T11150] ? __init_waitqueue_head+0xca/0x150 [ 458.488789][T11150] rfkill_register+0x1ad/0xb40 [ 458.488841][T11150] nfc_register_device+0x11f/0x3c0 [ 458.488872][T11150] nci_register_device+0x7f1/0xb80 [ 458.488911][T11150] ? __pfx_nci_register_device+0x10/0x10 [ 458.488953][T11150] ? lockdep_init_map_type+0x5c/0x280 [ 458.488991][T11150] virtual_ncidev_open+0x141/0x220 [ 458.489026][T11150] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 458.489061][T11150] misc_open+0x26a/0x450 [ 458.489089][T11150] ? __pfx_misc_open+0x10/0x10 [ 458.489116][T11150] chrdev_open+0x234/0x6a0 [ 458.489143][T11150] ? __pfx_apparmor_file_open+0x10/0x10 [ 458.489176][T11150] ? __pfx_chrdev_open+0x10/0x10 [ 458.489205][T11150] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 458.489237][T11150] do_dentry_open+0x982/0x1530 [ 458.489264][T11150] ? __pfx_chrdev_open+0x10/0x10 [ 458.489297][T11150] vfs_open+0x82/0x3f0 [ 458.489334][T11150] path_openat+0x1de4/0x2cb0 [ 458.489369][T11150] ? __pfx_path_openat+0x10/0x10 [ 458.489402][T11150] do_filp_open+0x20b/0x470 [ 458.489428][T11150] ? __pfx_do_filp_open+0x10/0x10 [ 458.489476][T11150] ? alloc_fd+0x471/0x7d0 [ 458.489507][T11150] do_sys_openat2+0x11b/0x1d0 [ 458.489541][T11150] ? __pfx_do_sys_openat2+0x10/0x10 [ 458.489587][T11150] __x64_sys_openat+0x174/0x210 [ 458.489622][T11150] ? __pfx___x64_sys_openat+0x10/0x10 [ 458.489670][T11150] do_syscall_64+0xcd/0xfa0 [ 458.489699][T11150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.489722][T11150] RIP: 0033:0x7f081a78eec9 [ 458.489740][T11150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.489763][T11150] RSP: 002b:00007f081b6e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 458.489784][T11150] RAX: ffffffffffffffda RBX: 00007f081a9e6090 RCX: 00007f081a78eec9 [ 458.489799][T11150] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 458.489818][T11150] RBP: 00007f081a811f91 R08: 0000000000000000 R09: 0000000000000000 [ 458.489833][T11150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.489847][T11150] R13: 00007f081a9e6128 R14: 00007f081a9e6090 R15: 00007ffde5864f68 [ 458.489879][T11150] [ 458.910359][T11104] kexec: Could not allocate control_code_buffer [ 459.718785][T11174] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1235'. [ 461.384708][T11203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1245'. [ 462.480739][T11222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1251'. [ 462.527854][T11224] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1252'. [ 462.539801][T11222] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1251'. [ 462.584935][T11226] qrtr: Invalid version 0 [ 465.231089][T11263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1262'. [ 465.272958][T11263] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1262'. [ 465.542959][T11268] random: crng reseeded on system resumption [ 465.824407][T11260] sp0: Synchronizing with TNC [ 466.177816][T11281] ptp ptp0: only physical clock in use now [ 466.918396][ T7746] Bluetooth: hci3: unexpected event 0x04 length: 64 > 10 [ 466.918657][ T7746] Bluetooth: hci3: connection err: -111 syzkaller syzkaller login: [ 470.123743][T11349] net_ratelimit: 35 callbacks suppressed [ 470.123763][T11349] netlink: zone id is out of range [ 470.228292][T11349] netlink: zone id is out of range [ 470.279529][T11349] netlink: zone id is out of range [ 470.328213][T11349] netlink: zone id is out of range [ 470.383972][T11349] netlink: zone id is out of range [ 470.431066][T11349] netlink: zone id is out of range [ 470.480067][T11349] netlink: zone id is out of range [ 470.535797][T11349] netlink: zone id is out of range [ 470.564558][T11349] netlink: zone id is out of range [ 470.614262][T11349] netlink: zone id is out of range [ 471.203383][T11361] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1283'. [ 471.594425][T11368] ptp ptp0: only physical clock in use now [ 476.931034][T11446] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 477.066569][T11450] net_ratelimit: 35 callbacks suppressed [ 477.066589][T11450] netlink: zone id is out of range [ 477.208889][T11450] netlink: zone id is out of range [ 477.261587][T11450] netlink: zone id is out of range [ 477.309370][T11450] netlink: zone id is out of range [ 477.366206][T11450] netlink: zone id is out of range [ 477.396907][T11450] netlink: zone id is out of range [ 477.437082][T11450] netlink: zone id is out of range [ 477.477791][T11450] netlink: zone id is out of range [ 477.506952][T11450] netlink: zone id is out of range [ 477.549549][T11450] netlink: zone id is out of range [ 477.776962][T11460] FAULT_INJECTION: forcing a failure. [ 477.776962][T11460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 477.834455][T11460] CPU: 0 UID: 0 PID: 11460 Comm: syz.0.1306 Tainted: G U syzkaller #0 PREEMPT(full) [ 477.834492][T11460] Tainted: [U]=USER [ 477.834500][T11460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 477.834514][T11460] Call Trace: [ 477.834534][T11460] [ 477.834542][T11460] dump_stack_lvl+0x16c/0x1f0 [ 477.834572][T11460] should_fail_ex+0x512/0x640 [ 477.834605][T11460] _copy_to_user+0x32/0xd0 [ 477.834636][T11460] simple_read_from_buffer+0xcb/0x170 [ 477.834676][T11460] proc_fail_nth_read+0x197/0x240 [ 477.834700][T11460] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 477.834726][T11460] ? rw_verify_area+0xcf/0x6c0 [ 477.834746][T11460] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 477.834770][T11460] vfs_read+0x1e1/0xcf0 [ 477.834797][T11460] ? __pfx___mutex_lock+0x10/0x10 [ 477.834825][T11460] ? __pfx_vfs_read+0x10/0x10 [ 477.834856][T11460] ? __fget_files+0x20e/0x3c0 [ 477.834887][T11460] ksys_read+0x12a/0x250 [ 477.834910][T11460] ? __pfx_ksys_read+0x10/0x10 [ 477.834942][T11460] do_syscall_64+0xcd/0xfa0 [ 477.834971][T11460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.834993][T11460] RIP: 0033:0x7fca1478d8dc [ 477.835011][T11460] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 477.835033][T11460] RSP: 002b:00007fca15622030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 477.835054][T11460] RAX: ffffffffffffffda RBX: 00007fca149e5fa0 RCX: 00007fca1478d8dc [ 477.835071][T11460] RDX: 000000000000000f RSI: 00007fca156220a0 RDI: 0000000000000004 [ 477.835085][T11460] RBP: 00007fca15622090 R08: 0000000000000000 R09: 0000000000000000 [ 477.835098][T11460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 477.835112][T11460] R13: 00007fca149e6038 R14: 00007fca149e5fa0 R15: 00007ffc3f4de778 [ 477.835142][T11460] [ 479.660019][T11484] ptp ptp0: only physical clock in use now [ 479.682881][T11483] FAULT_INJECTION: forcing a failure. [ 479.682881][T11483] name failslab, interval 1, probability 0, space 0, times 0 [ 479.776162][T11483] CPU: 0 UID: 0 PID: 11483 Comm: syz.3.1313 Tainted: G U syzkaller #0 PREEMPT(full) [ 479.776206][T11483] Tainted: [U]=USER [ 479.776214][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 479.776226][T11483] Call Trace: [ 479.776233][T11483] [ 479.776242][T11483] dump_stack_lvl+0x16c/0x1f0 [ 479.776272][T11483] should_fail_ex+0x512/0x640 [ 479.776299][T11483] ? fs_reclaim_acquire+0xae/0x150 [ 479.776331][T11483] should_failslab+0xc2/0x120 [ 479.776362][T11483] __kmalloc_noprof+0xdd/0x880 [ 479.776398][T11483] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 479.776428][T11483] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 479.776451][T11483] tomoyo_realpath_from_path+0xc2/0x6e0 [ 479.776477][T11483] ? tomoyo_profile+0x47/0x60 [ 479.776507][T11483] tomoyo_path_number_perm+0x245/0x580 [ 479.776540][T11483] ? tomoyo_path_number_perm+0x237/0x580 [ 479.776577][T11483] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 479.776613][T11483] ? find_held_lock+0x2b/0x80 [ 479.776682][T11483] ? find_held_lock+0x2b/0x80 [ 479.776704][T11483] ? hook_file_ioctl_common+0x145/0x410 [ 479.776749][T11483] ? __fget_files+0x20e/0x3c0 [ 479.776777][T11483] security_file_ioctl+0x9b/0x240 [ 479.776816][T11483] __x64_sys_ioctl+0xb7/0x210 [ 479.776853][T11483] do_syscall_64+0xcd/0xfa0 [ 479.776894][T11483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.776916][T11483] RIP: 0033:0x7f6356d8eec9 [ 479.776933][T11483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.776955][T11483] RSP: 002b:00007f6357c22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 479.776996][T11483] RAX: ffffffffffffffda RBX: 00007f6356fe5fa0 RCX: 00007f6356d8eec9 [ 479.777011][T11483] RDX: 0000000000000003 RSI: 000000008004510b RDI: 0000000000000007 [ 479.777025][T11483] RBP: 00007f6357c22090 R08: 0000000000000000 R09: 0000000000000000 [ 479.777039][T11483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 479.777052][T11483] R13: 00007f6356fe6038 R14: 00007f6356fe5fa0 R15: 00007ffc914b9e78 [ 479.777084][T11483] [ 479.777092][T11483] ERROR: Out of memory at tomoyo_realpath_from_path. [ 480.670582][T11489] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1314'. [ 480.773022][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1315'. [ 480.808845][T11492] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1315'. [ 480.824810][T11493] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1314'. [ 481.126866][T11501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1318'. [ 482.551880][T11526] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1326'. [ 482.589757][T11526] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1326'. [ 483.358702][T11541] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 483.835514][T11540] Process accounting resumed [ 486.286473][T11586] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 486.500741][ T30] audit: type=1400 audit(4294969530.559:11): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=11587 comm="syz.1.1346" [ 487.585670][T11606] net_ratelimit: 35 callbacks suppressed [ 487.585688][T11606] openvswitch: netlink: IP tunnel dst address not specified [ 488.927854][T11633] netlink: 'syz.2.1356': attribute type 1 has an invalid length. [ 489.109006][ T7746] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 489.183276][T11640] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1359'. [ 489.353657][T11643] snd_aloop snd_aloop.0: control 7:-2147483391:4::2 is already present [ 489.909909][T11654] openvswitch: netlink: IP tunnel dst address not specified [ 491.605420][T11687] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 491.784069][T11692] openvswitch: netlink: IP tunnel dst address not specified syzkaller syzkaller login: [ 494.766280][T11740] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 495.057787][T11743] can: request_module (can-proto-5) failed. [ 496.029152][T11751] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 496.473583][T11751] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1382'. [ 497.703918][T11782] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 498.241607][T11780] serio: Serial port pty6 [ 498.747558][T11790] writing to auto_msgmni has no effect [ 498.811318][T11792] usb usb15: usbfs: process 11792 (syz.1.1393) did not claim interface 0 before use [ 500.887764][T11824] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1405'. [ 500.996513][T11829] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1405'. [ 501.698130][T11842] netlink: zone id is out of range [ 501.741797][T11842] netlink: zone id is out of range [ 501.840528][T11842] netlink: zone id is out of range [ 501.928550][T11842] netlink: zone id is out of range [ 502.005162][T11842] netlink: zone id is out of range [ 502.093186][T11842] netlink: zone id is out of range [ 502.172536][T11842] netlink: zone id is out of range [ 502.243533][T11842] netlink: zone id is out of range [ 502.328996][T11842] netlink: zone id is out of range [ 502.378359][T11842] netlink: zone id is out of range [ 502.917504][T11866] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1416'. [ 503.158862][T11864] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 503.276174][T11864] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 503.360346][T11864] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 503.460221][T11864] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 503.538378][T11864] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 503.593156][T11864] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 505.737093][ T30] audit: type=1400 audit(4294969549.899:12): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=11910 comm="syz.2.1428" [ 505.850370][T11913] device-mapper: ioctl: Invalid ioctl structure: name , dev 400007f00010006 [ 506.567426][T11928] syz.0.1430 (11928): /proc/11924/oom_adj is deprecated, please use /proc/11924/oom_score_adj instead. [ 508.685756][T11961] nbd0: detected capacity change from 0 to 31 [ 508.710065][ T5833] block nbd0: Dead connection, failed to find a fallback [ 508.761150][ T5833] block nbd0: shutting down sockets [ 508.798533][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 508.880192][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 508.929210][ T5833] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 508.986026][ T5833] Buffer I/O error on dev nbd0, logical block 1, async page read [ 509.042711][ T5833] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.093922][ T5833] Buffer I/O error on dev nbd0, logical block 2, async page read [ 509.101878][ T5833] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.210591][ T5833] Buffer I/O error on dev nbd0, logical block 3, async page read [ 509.259827][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.307465][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 509.338747][T11974] usb usb36: usbfs: process 11974 (syz.0.1446) did not claim interface 0 before use [ 509.353938][ T5833] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.403063][ T5833] Buffer I/O error on dev nbd0, logical block 1, async page read [ 509.452517][ T5833] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.517405][ T5833] Buffer I/O error on dev nbd0, logical block 2, async page read [ 509.579630][ T5833] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.650815][ T5833] Buffer I/O error on dev nbd0, logical block 3, async page read [ 509.658748][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.778848][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 509.832144][ T5833] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 509.892920][ T5833] Buffer I/O error on dev nbd0, logical block 1, async page read [ 509.961394][ T5833] ldm_validate_partition_table(): Disk read failed. [ 510.023862][ T5833] Dev nbd0: unable to read RDB block 0 [ 510.071832][ T5833] nbd0: unable to read partition table [ 510.110842][ T5833] nbd0: partition table beyond EOD, truncated [ 510.179163][ T5833] ldm_validate_partition_table(): Disk read failed. [ 510.247484][ T5833] Dev nbd0: unable to read RDB block 0 [ 510.254266][ T5833] nbd0: unable to read partition table [ 510.326629][ T5833] nbd0: partition table beyond EOD, truncated [ 510.917099][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 510.923543][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.152624][ T7746] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 511.939918][T11997] random: crng reseeded on system resumption [ 512.250093][T12013] nbd0: detected capacity change from 31 to 79 [ 512.326020][ T5833] ldm_validate_partition_table(): Disk read failed. [ 512.374901][ T5833] Dev nbd0: unable to read RDB block 0 [ 512.411828][ T5833] nbd0: unable to read partition table [ 512.484569][ T5833] ldm_validate_partition_table(): Disk read failed. [ 512.567679][ T5833] Dev nbd0: unable to read RDB block 0 [ 512.625550][ T5833] nbd0: unable to read partition table [ 513.062356][T12023] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 514.233711][T12029] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 514.277471][T12038] ptp ptp0: only physical clock in use now [ 515.247490][T12025] Process accounting paused [ 516.507313][T12063] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 517.521760][T12086] FAULT_INJECTION: forcing a failure. [ 517.521760][T12086] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 517.579133][T12086] CPU: 0 UID: 0 PID: 12086 Comm: syz.3.1478 Tainted: G U syzkaller #0 PREEMPT(full) [ 517.579170][T12086] Tainted: [U]=USER [ 517.579177][T12086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 517.579191][T12086] Call Trace: [ 517.579199][T12086] [ 517.579208][T12086] dump_stack_lvl+0x16c/0x1f0 [ 517.579239][T12086] should_fail_ex+0x512/0x640 [ 517.579272][T12086] _copy_to_iter+0x29f/0x1710 [ 517.579305][T12086] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 517.579332][T12086] ? __lock_acquire+0xb97/0x1ce0 [ 517.579364][T12086] ? __pfx__copy_to_iter+0x10/0x10 [ 517.579397][T12086] ? __skb_recv_datagram+0x1b2/0x220 [ 517.579423][T12086] ? __pfx___skb_recv_datagram+0x10/0x10 [ 517.579455][T12086] simple_copy_to_iter+0x46/0x90 [ 517.579493][T12086] __skb_datagram_iter+0x129/0x900 [ 517.579530][T12086] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 517.579569][T12086] ? skb_recv_datagram+0x88/0xc0 [ 517.579596][T12086] skb_copy_datagram_iter+0x40/0x50 [ 517.579636][T12086] netlink_recvmsg+0x27e/0xa90 [ 517.579667][T12086] ? __pfx_netlink_recvmsg+0x10/0x10 [ 517.579699][T12086] ? import_ubuf+0x1b6/0x220 [ 517.579733][T12086] ____sys_recvmsg+0x5f6/0x6b0 [ 517.579773][T12086] ? __pfx_____sys_recvmsg+0x10/0x10 [ 517.579818][T12086] ? kfree+0x252/0x6d0 [ 517.579852][T12086] ? __lock_acquire+0x62e/0x1ce0 [ 517.579889][T12086] ___sys_recvmsg+0x114/0x1a0 [ 517.579917][T12086] ? __pfx____sys_recvmsg+0x10/0x10 [ 517.579962][T12086] ? __pfx___might_resched+0x10/0x10 [ 517.579993][T12086] do_recvmmsg+0x2fe/0x750 [ 517.580029][T12086] ? __pfx_do_recvmmsg+0x10/0x10 [ 517.580063][T12086] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 517.580102][T12086] ? __fget_files+0x20e/0x3c0 [ 517.580132][T12086] __x64_sys_recvmmsg+0x22a/0x280 [ 517.580166][T12086] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 517.580205][T12086] do_syscall_64+0xcd/0xfa0 [ 517.580233][T12086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.580256][T12086] RIP: 0033:0x7f6356d8eec9 [ 517.580274][T12086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 517.580297][T12086] RSP: 002b:00007f6357c22038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 517.580319][T12086] RAX: ffffffffffffffda RBX: 00007f6356fe5fa0 RCX: 00007f6356d8eec9 [ 517.580335][T12086] RDX: 000000000000010a RSI: 0000200000000180 RDI: 0000000000000003 [ 517.580349][T12086] RBP: 00007f6357c22090 R08: 0000000000000000 R09: 0000000000000000 [ 517.580363][T12086] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 517.580376][T12086] R13: 00007f6356fe6038 R14: 00007f6356fe5fa0 R15: 00007ffc914b9e78 [ 517.580407][T12086] [ 517.931802][T12092] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 518.499349][T12097] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 519.340534][T12094] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 520.175703][T12117] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 520.526965][T12126] ptp ptp0: only physical clock in use now [ 521.469496][T12137] nbd0: detected capacity change from 79 to 768 [ 521.520154][ T5833] blk_print_req_error: 278 callbacks suppressed [ 521.520179][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 521.631670][ T5833] buffer_io_error: 278 callbacks suppressed [ 521.631688][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 521.697258][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 521.786665][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 521.794619][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 521.908340][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 521.931924][T12143] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 521.981573][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.061342][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.132243][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.217209][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.229676][T12150] net_ratelimit: 81 callbacks suppressed [ 522.229694][T12150] netlink: zone id is out of range [ 522.270846][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.306374][T12150] netlink: zone id is out of range [ 522.347097][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.393614][T12143] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 522.404463][T12150] netlink: zone id is out of range [ 522.412254][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.457588][T12150] netlink: zone id is out of range [ 522.464358][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.484740][T12150] netlink: zone id is out of range [ 522.510859][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.522847][T12150] netlink: zone id is out of range [ 522.554437][T12150] netlink: zone id is out of range [ 522.579848][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.596481][T12150] netlink: zone id is out of range [ 522.632263][ T5833] ldm_validate_partition_table(): Disk read failed. [ 522.638971][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.649800][T12150] netlink: zone id is out of range [ 522.681044][T12150] netlink: zone id is out of range [ 522.757345][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.815851][ T5833] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 522.901847][ T5833] Buffer I/O error on dev nbd0, logical block 0, async page read [ 522.957129][ T5833] Dev nbd0: unable to read RDB block 0 [ 522.989961][ T5833] nbd0: unable to read partition table [ 523.070614][ T5833] ldm_validate_partition_table(): Disk read failed. [ 523.140017][ T5833] Dev nbd0: unable to read RDB block 0 [ 523.171989][ T5833] nbd0: unable to read partition table [ 523.609638][T12175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1502'. [ 523.620377][T12176] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1503'. [ 523.680329][T12179] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1502'. [ 523.913189][T12185] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 523.944721][T12179] bridge_slave_1: left allmulticast mode [ 523.958989][T12179] bridge_slave_1: left promiscuous mode [ 523.979651][T12179] bridge0: port 2(bridge_slave_1) entered disabled state [ 524.031796][T12179] bridge_slave_0: left allmulticast mode [ 524.051803][T12179] bridge_slave_0: left promiscuous mode [ 524.074946][T12179] bridge0: port 1(bridge_slave_0) entered disabled state [ 524.678297][T12208] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1509'. [ 524.726035][T12205] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1509'. [ 524.784624][T12198] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1509'. [ 524.825941][T12210] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1512'. [ 525.073719][T12210] bridge_slave_1: left allmulticast mode [ 525.144323][T12212] [ 525.146687][T12212] ====================================================== [ 525.153699][T12212] WARNING: possible circular locking dependency detected [ 525.160714][T12212] syzkaller #0 Tainted: G U [ 525.166691][T12212] ------------------------------------------------------ [ 525.173710][T12212] syz.1.1512/12212 is trying to acquire lock: [ 525.179772][T12212] ffff88805cf884e8 (&resv_map->rw_sema){++++}-{4:4}, at: hugetlb_vma_lock_read+0xff/0x130 [ 525.189717][T12212] [ 525.189717][T12212] but task is already holding lock: [ 525.197073][T12212] ffff8881436ba188 (&hugetlb_fault_mutex_table[i]){+.+.}-{4:4}, at: hugetlb_fault+0x302/0x2f40 [ 525.207434][T12212] [ 525.207434][T12212] which lock already depends on the new lock. [ 525.207434][T12212] [ 525.217830][T12212] [ 525.217830][T12212] the existing dependency chain (in reverse order) is: [ 525.226842][T12212] [ 525.226842][T12212] -> #8 (&hugetlb_fault_mutex_table[i]){+.+.}-{4:4}: [ 525.235715][T12212] __mutex_lock+0x193/0x1060 [ 525.240845][T12212] hugetlb_fault+0x302/0x2f40 [ 525.246147][T12212] handle_mm_fault+0xbfa/0xd10 [ 525.251448][T12212] do_user_addr_fault+0x7a6/0x1370 [ 525.257079][T12212] exc_page_fault+0x64/0xc0 [ 525.262109][T12212] asm_exc_page_fault+0x26/0x30 [ 525.267484][T12212] rep_movs_alternative+0x4a/0x90 [ 525.273047][T12212] _copy_from_iter+0x383/0x1720 [ 525.278441][T12212] tcp_sendmsg_locked+0x2900/0x42e0 [ 525.284174][T12212] tcp_sendmsg+0x2e/0x50 [ 525.288951][T12212] inet_sendmsg+0xb9/0x140 [ 525.293895][T12212] ____sys_sendmsg+0x973/0xc70 [ 525.299194][T12212] ___sys_sendmsg+0x134/0x1d0 [ 525.304394][T12212] __sys_sendmmsg+0x200/0x420 [ 525.309595][T12212] __x64_sys_sendmmsg+0x9c/0x100 [ 525.315058][T12212] do_syscall_64+0xcd/0xfa0 [ 525.320111][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.326526][T12212] [ 525.326526][T12212] -> #7 (sk_lock-AF_INET){+.+.}-{0:0}: [ 525.334199][T12212] lock_sock_nested+0x41/0xf0 [ 525.339420][T12212] inet_shutdown+0x67/0x440 [ 525.344463][T12212] nbd_mark_nsock_dead+0xae/0x5d0 [ 525.350022][T12212] recv_work+0x671/0xa80 [ 525.354793][T12212] process_one_work+0x9cf/0x1b70 [ 525.360289][T12212] worker_thread+0x6c8/0xf10 [ 525.365438][T12212] kthread+0x3c2/0x780 [ 525.370059][T12212] ret_from_fork+0x675/0x7d0 [ 525.375184][T12212] ret_from_fork_asm+0x1a/0x30 [ 525.380472][T12212] [ 525.380472][T12212] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 525.388144][T12212] __mutex_lock+0x193/0x1060 [ 525.393284][T12212] nbd_queue_rq+0x423/0x12d0 [ 525.398401][T12212] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 525.404471][T12212] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 525.411335][T12212] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 525.417848][T12212] blk_mq_run_hw_queue+0x239/0x670 [ 525.423520][T12212] blk_mq_dispatch_list+0x514/0x1310 [ 525.429343][T12212] blk_mq_flush_plug_list+0x130/0x600 [ 525.435266][T12212] __blk_flush_plug+0x2c4/0x4b0 [ 525.440661][T12212] __submit_bio+0x545/0x690 [ 525.445696][T12212] submit_bio_noacct_nocheck+0x53d/0xc10 [ 525.451882][T12212] submit_bio_noacct+0xbbb/0x1f60 [ 525.457434][T12212] block_read_full_folio+0x34e/0x850 [ 525.463251][T12212] filemap_read_folio+0xc5/0x2a0 [ 525.468709][T12212] do_read_cache_folio+0x263/0x5c0 [ 525.474338][T12212] read_part_sector+0xd4/0x370 [ 525.479633][T12212] adfspart_check_ICS+0x93/0x940 [ 525.485123][T12212] bdev_disk_changed+0x720/0x1520 [ 525.490698][T12212] blkdev_get_whole+0x187/0x290 [ 525.496094][T12212] bdev_open+0x2c7/0xe40 [ 525.500866][T12212] blkdev_open+0x34e/0x4f0 [ 525.505802][T12212] do_dentry_open+0x982/0x1530 [ 525.511094][T12212] vfs_open+0x82/0x3f0 [ 525.515693][T12212] path_openat+0x1de4/0x2cb0 [ 525.520808][T12212] do_filp_open+0x20b/0x470 [ 525.525837][T12212] do_sys_openat2+0x11b/0x1d0 [ 525.531041][T12212] __x64_sys_openat+0x174/0x210 [ 525.536420][T12212] do_syscall_64+0xcd/0xfa0 [ 525.541444][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.547862][T12212] [ 525.547862][T12212] -> #5 (&cmd->lock){+.+.}-{4:4}: [ 525.555100][T12212] __mutex_lock+0x193/0x1060 [ 525.560219][T12212] nbd_queue_rq+0xbd/0x12d0 [ 525.565248][T12212] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 525.571321][T12212] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 525.578187][T12212] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 525.584702][T12212] blk_mq_run_hw_queue+0x239/0x670 [ 525.590363][T12212] blk_mq_dispatch_list+0x514/0x1310 [ 525.596175][T12212] blk_mq_flush_plug_list+0x130/0x600 [ 525.602075][T12212] __blk_flush_plug+0x2c4/0x4b0 [ 525.607481][T12212] __submit_bio+0x545/0x690 [ 525.612507][T12212] submit_bio_noacct_nocheck+0x53d/0xc10 [ 525.618663][T12212] submit_bio_noacct+0xbbb/0x1f60 [ 525.624209][T12212] block_read_full_folio+0x34e/0x850 [ 525.630027][T12212] filemap_read_folio+0xc5/0x2a0 [ 525.635501][T12212] do_read_cache_folio+0x263/0x5c0 [ 525.641140][T12212] read_part_sector+0xd4/0x370 [ 525.646447][T12212] adfspart_check_ICS+0x93/0x940 [ 525.651917][T12212] bdev_disk_changed+0x720/0x1520 [ 525.657478][T12212] blkdev_get_whole+0x187/0x290 [ 525.662861][T12212] bdev_open+0x2c7/0xe40 [ 525.667626][T12212] blkdev_open+0x34e/0x4f0 [ 525.672565][T12212] do_dentry_open+0x982/0x1530 [ 525.677855][T12212] vfs_open+0x82/0x3f0 [ 525.682448][T12212] path_openat+0x1de4/0x2cb0 [ 525.687564][T12212] do_filp_open+0x20b/0x470 [ 525.692591][T12212] do_sys_openat2+0x11b/0x1d0 [ 525.697799][T12212] __x64_sys_openat+0x174/0x210 [ 525.703180][T12212] do_syscall_64+0xcd/0xfa0 [ 525.708204][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.714639][T12212] [ 525.714639][T12212] -> #4 (set->srcu){.+.+}-{0:0}: [ 525.721783][T12212] __synchronize_srcu+0xa1/0x290 [ 525.727291][T12212] blk_mq_quiesce_queue+0x149/0x1b0 [ 525.733034][T12212] elevator_switch+0x17d/0x810 [ 525.738329][T12212] elevator_change+0x391/0x5d0 [ 525.743624][T12212] elevator_set_default+0x2e9/0x380 [ 525.749355][T12212] blk_register_queue+0x384/0x4e0 [ 525.754907][T12212] __add_disk+0x74a/0xf00 [ 525.759758][T12212] add_disk_fwnode+0x13f/0x5d0 [ 525.765040][T12212] nbd_dev_add+0x783/0xbb0 [ 525.769977][T12212] nbd_init+0x181/0x320 [ 525.774657][T12212] do_one_initcall+0x120/0x6e0 [ 525.779940][T12212] kernel_init_freeable+0x5c2/0x910 [ 525.785678][T12212] kernel_init+0x1c/0x2b0 [ 525.790536][T12212] ret_from_fork+0x675/0x7d0 [ 525.795656][T12212] ret_from_fork_asm+0x1a/0x30 [ 525.800945][T12212] [ 525.800945][T12212] -> #3 (&q->elevator_lock){+.+.}-{4:4}: [ 525.808763][T12212] __mutex_lock+0x193/0x1060 [ 525.813878][T12212] elevator_change+0x17d/0x5d0 [ 525.819172][T12212] elv_iosched_store+0x315/0x3c0 [ 525.824639][T12212] queue_attr_store+0x26b/0x310 [ 525.830030][T12212] sysfs_kf_write+0xf2/0x150 [ 525.835146][T12212] kernfs_fop_write_iter+0x3af/0x570 [ 525.840966][T12212] iter_file_splice_write+0xa21/0x12e0 [ 525.846945][T12212] direct_splice_actor+0x18f/0x6c0 [ 525.852598][T12212] splice_direct_to_actor+0x342/0xa30 [ 525.858507][T12212] do_splice_direct+0x174/0x240 [ 525.863888][T12212] do_sendfile+0xb06/0xe50 [ 525.868827][T12212] __x64_sys_sendfile64+0x1d8/0x220 [ 525.874570][T12212] do_syscall_64+0xcd/0xfa0 [ 525.879601][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.886072][T12212] [ 525.886072][T12212] -> #2 (&q->q_usage_counter(io)#64){++++}-{0:0}: [ 525.894687][T12212] blk_alloc_queue+0x619/0x760 [ 525.899999][T12212] blk_mq_alloc_queue+0x172/0x280 [ 525.905546][T12212] __blk_mq_alloc_disk+0x29/0x120 [ 525.911174][T12212] nbd_dev_add+0x492/0xbb0 [ 525.916146][T12212] nbd_init+0x181/0x320 [ 525.920837][T12212] do_one_initcall+0x120/0x6e0 [ 525.926146][T12212] kernel_init_freeable+0x5c2/0x910 [ 525.931903][T12212] kernel_init+0x1c/0x2b0 [ 525.936848][T12212] ret_from_fork+0x675/0x7d0 [ 525.941975][T12212] ret_from_fork_asm+0x1a/0x30 [ 525.947280][T12212] [ 525.947280][T12212] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 525.954495][T12212] fs_reclaim_acquire+0x102/0x150 [ 525.960046][T12212] prepare_alloc_pages+0x162/0x610 [ 525.965685][T12212] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 525.972113][T12212] alloc_pages_mpol+0x1fb/0x550 [ 525.977512][T12212] alloc_pages_noprof+0x131/0x390 [ 525.983073][T12212] __pmd_alloc+0x3b/0x8b0 [ 525.987942][T12212] huge_pte_alloc+0x41d/0x5b0 [ 525.993156][T12212] hugetlb_fault+0x373/0x2f40 [ 525.998350][T12212] handle_mm_fault+0xbfa/0xd10 [ 526.003644][T12212] do_user_addr_fault+0x7a6/0x1370 [ 526.009284][T12212] exc_page_fault+0x64/0xc0 [ 526.014338][T12212] asm_exc_page_fault+0x26/0x30 [ 526.019726][T12212] __get_user_8+0x14/0x30 [ 526.024591][T12212] __x64_sys_io_setup+0x73/0x210 [ 526.030066][T12212] do_syscall_64+0xcd/0xfa0 [ 526.035101][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.041574][T12212] [ 526.041574][T12212] -> #0 (&resv_map->rw_sema){++++}-{4:4}: [ 526.049511][T12212] __lock_acquire+0x12a6/0x1ce0 [ 526.054897][T12212] lock_acquire+0x179/0x350 [ 526.059937][T12212] down_read+0x9b/0x480 [ 526.064624][T12212] hugetlb_vma_lock_read+0xff/0x130 [ 526.070358][T12212] hugetlb_fault+0x30a/0x2f40 [ 526.075562][T12212] handle_mm_fault+0xbfa/0xd10 [ 526.080877][T12212] do_user_addr_fault+0x7a6/0x1370 [ 526.086509][T12212] exc_page_fault+0x64/0xc0 [ 526.091547][T12212] asm_exc_page_fault+0x26/0x30 [ 526.097016][T12212] rep_movs_alternative+0x4a/0x90 [ 526.102579][T12212] _copy_to_user+0xbb/0xd0 [ 526.107617][T12212] mon_text_copy_to_user+0xce/0x1a0 [ 526.113360][T12212] mon_text_read_t+0x48a/0x600 [ 526.118665][T12212] full_proxy_read+0x131/0x1a0 [ 526.123957][T12212] vfs_read+0x1e1/0xcf0 [ 526.128761][T12212] __x64_sys_pread64+0x1eb/0x250 [ 526.134237][T12212] do_syscall_64+0xcd/0xfa0 [ 526.139267][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.145697][T12212] [ 526.145697][T12212] other info that might help us debug this: [ 526.145697][T12212] [ 526.155936][T12212] Chain exists of: [ 526.155936][T12212] &resv_map->rw_sema --> sk_lock-AF_INET --> &hugetlb_fault_mutex_table[i] [ 526.155936][T12212] [ 526.170489][T12212] Possible unsafe locking scenario: [ 526.170489][T12212] [ 526.177933][T12212] CPU0 CPU1 [ 526.183290][T12212] ---- ---- [ 526.188646][T12212] lock(&hugetlb_fault_mutex_table[i]); [ 526.194283][T12212] lock(sk_lock-AF_INET); [ 526.201215][T12212] lock(&hugetlb_fault_mutex_table[i]); [ 526.209364][T12212] rlock(&resv_map->rw_sema); [ 526.214122][T12212] [ 526.214122][T12212] *** DEADLOCK *** [ 526.214122][T12212] [ 526.222259][T12212] 3 locks held by syz.1.1512/12212: [ 526.227452][T12212] #0: ffff88805c542130 (&rp->printf_lock){+.+.}-{4:4}, at: mon_text_read_t+0xbd/0x600 [ 526.237127][T12212] #1: ffff88804ed92ce0 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x35/0x6e0 [ 526.247070][T12212] #2: ffff8881436ba188 (&hugetlb_fault_mutex_table[i]){+.+.}-{4:4}, at: hugetlb_fault+0x302/0x2f40 [ 526.257864][T12212] [ 526.257864][T12212] stack backtrace: [ 526.263757][T12212] CPU: 0 UID: 0 PID: 12212 Comm: syz.1.1512 Tainted: G U syzkaller #0 PREEMPT(full) [ 526.263789][T12212] Tainted: [U]=USER [ 526.263800][T12212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 526.263814][T12212] Call Trace: [ 526.263823][T12212] [ 526.263832][T12212] dump_stack_lvl+0x116/0x1f0 [ 526.263859][T12212] print_circular_bug+0x275/0x350 [ 526.263890][T12212] check_noncircular+0x14c/0x170 [ 526.263924][T12212] __lock_acquire+0x12a6/0x1ce0 [ 526.263959][T12212] lock_acquire+0x179/0x350 [ 526.263989][T12212] ? hugetlb_vma_lock_read+0xff/0x130 [ 526.264021][T12212] ? __pfx___might_resched+0x10/0x10 [ 526.264047][T12212] down_read+0x9b/0x480 [ 526.264076][T12212] ? hugetlb_vma_lock_read+0xff/0x130 [ 526.264106][T12212] ? __pfx_down_read+0x10/0x10 [ 526.264136][T12212] ? find_held_lock+0x2b/0x80 [ 526.264158][T12212] ? mt_find+0x749/0xa20 [ 526.264186][T12212] hugetlb_vma_lock_read+0xff/0x130 [ 526.264216][T12212] hugetlb_fault+0x30a/0x2f40 [ 526.264239][T12212] ? __pfx_hugetlb_fault+0x10/0x10 [ 526.264265][T12212] ? find_vma+0xbf/0x140 [ 526.264304][T12212] ? __pfx_find_vma+0x10/0x10 [ 526.264329][T12212] handle_mm_fault+0xbfa/0xd10 [ 526.264361][T12212] ? __pkru_allows_pkey+0x11/0xb0 [ 526.264395][T12212] do_user_addr_fault+0x7a6/0x1370 [ 526.264415][T12212] ? rcu_is_watching+0x12/0xc0 [ 526.264438][T12212] exc_page_fault+0x64/0xc0 [ 526.264461][T12212] asm_exc_page_fault+0x26/0x30 [ 526.264481][T12212] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 526.264514][T12212] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 7f 3e 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 526.264535][T12212] RSP: 0018:ffffc9000ac27b80 EFLAGS: 00050202 [ 526.264551][T12212] RAX: 0000000000000001 RBX: 0000000000000042 RCX: 0000000000000042 [ 526.264564][T12212] RDX: ffffed100ef1a689 RSI: ffff8880778d3400 RDI: 0000000000000000 [ 526.264577][T12212] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100ef1a688 [ 526.264590][T12212] R10: ffff8880778d3441 R11: 0000000000000001 R12: ffff8880778d3400 [ 526.264604][T12212] R13: 0000000000000042 R14: 00007ffffffff000 R15: 0000000000000000 [ 526.264623][T12212] _copy_to_user+0xbb/0xd0 [ 526.264652][T12212] mon_text_copy_to_user+0xce/0x1a0 [ 526.264684][T12212] mon_text_read_t+0x48a/0x600 [ 526.264715][T12212] ? __debugfs_file_get+0x1fe/0x840 [ 526.264742][T12212] ? __pfx_mon_text_read_t+0x10/0x10 [ 526.264776][T12212] full_proxy_read+0x131/0x1a0 [ 526.264806][T12212] ? __pfx_full_proxy_read+0x10/0x10 [ 526.264833][T12212] vfs_read+0x1e1/0xcf0 [ 526.264858][T12212] ? __pfx_vfs_read+0x10/0x10 [ 526.264877][T12212] ? find_held_lock+0x2b/0x80 [ 526.264897][T12212] ? __fget_files+0x204/0x3c0 [ 526.264919][T12212] ? __fget_files+0x20e/0x3c0 [ 526.264942][T12212] __x64_sys_pread64+0x1eb/0x250 [ 526.264965][T12212] ? __pfx___x64_sys_pread64+0x10/0x10 [ 526.264990][T12212] do_syscall_64+0xcd/0xfa0 [ 526.265014][T12212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.265033][T12212] RIP: 0033:0x7ff6f678eec9 [ 526.265050][T12212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 526.265070][T12212] RSP: 002b:00007ff6f49f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 526.265089][T12212] RAX: ffffffffffffffda RBX: 00007ff6f69e6090 RCX: 00007ff6f678eec9 [ 526.265102][T12212] RDX: 0000000000000101 RSI: 0000000000000000 RDI: 0000000000000002 [ 526.265115][T12212] RBP: 00007ff6f6811f91 R08: 0000000000000000 R09: 0000000000000000 [ 526.265128][T12212] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000000 [ 526.265140][T12212] R13: 00007ff6f69e6128 R14: 00007ff6f69e6090 R15: 00007ffe9b57c0b8 [ 526.265160][T12212] [ 526.785754][T12210] bridge_slave_1: left promiscuous mode [ 526.792196][T12210] bridge0: port 2(bridge_slave_1) entered disabled state [ 526.801077][T12210] bridge_slave_0: left allmulticast mode [ 526.841566][T12210] bridge_slave_0: left promiscuous mode [ 526.847906][T12210] bridge0: port 1(bridge_slave_0) entered disabled state