last executing test programs: 2m11.809725254s ago: executing program 3 (id=2302): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x100000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = socket(0x3, 0x6, 0xe) r2 = epoll_create$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0x2, 0x801, 0x6) connect$auto(0x3, 0x0, 0x54) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x9) sendfile$auto(r2, r0, 0x0, 0x7ffff000) lstat$auto(0x0, &(0x7f0000000180)={0x7fffffff, 0x39, 0x100000001, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x10001, 0x7, 0x400, 0x7ffffffb, 0x6, 0xffffffff80000000, 0x5, 0x61, 0x103}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000200), r1) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) fcntl$auto(0x3, 0x4, 0xa553) read$auto(r0, &(0x7f00000001c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0xc) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0) pread64$auto(r3, 0x0, 0x8, 0x8000) readv$auto(0x3, 0x0, 0x1) 2m10.158713064s ago: executing program 3 (id=2295): mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) clock_gettime$auto(0xfffffffffffffff0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x2) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xc00, 0x2c, 0x2c, 0x3, 0x2}) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000180)="f1deefed5ddf77c3086ac06f73353a35cf09d9cab432b2fc686eb8cfacf3f7e0d79f194523549539694c019cd8888a64ce8254fcad00cefceaacc388d3d6026741a73d418b2b2889bafbde9253eae9e1a923ccb8e4611a719df32b7bc8da316f997dff56244f08a89d0a3dcd65375d665dc289dc262fa628f4a4bc39e981d0133c0dda393a", 0x85) sysfs$auto(0x2, 0x0, 0x0) syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r1) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r3 = socket(0xa, 0x1, 0x84) getsockopt$auto(r3, 0x84, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0) socket(0x2, 0x1, 0x106) shutdown$auto(0x200000003, 0x2) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram3/trace/end_lba\x00', 0x2062, 0x0) write$auto(r4, 0x0, 0x98c7) recvmmsg$auto(0x3, 0x0, 0x10000, 0x3ff, 0x0) 2m7.574823605s ago: executing program 3 (id=2299): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/rose8/address\x00', 0x752502, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd0\x00', 0xc0c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = io_uring_setup$auto(0x4, 0x0) close_range$auto(0x2, r0, 0x0) arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x40, 0x0) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000002c0)=""/286, 0x11e) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r2, 0x80044dfe, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2m4.414725529s ago: executing program 3 (id=2308): writev$auto(0xffffffffffffffff, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x4, 0xa, 0x48}) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0xffd8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c05, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 2m0.685157089s ago: executing program 3 (id=2316): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0x4}, @BATADV_ATTR_NEIGH_ADDRESS={0xa, 0x18, @remote}]}, 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000000}, 0x20000800) socket(0x2c, 0x3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0) mmap$auto(0x0, 0xe980, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) getsockopt$auto(0x3, 0x200000000001, 0x7, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0x800eb0, 0x401, 0x9) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000001040)={0x80, 0x6, 0xf00, 0x1, 0x101, 0x0, 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1fe, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) socket(0xa, 0x3, 0x6) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf25030000000600070008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000100000000000000000006000600400000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) capset$auto(0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1m58.341784859s ago: executing program 3 (id=2320): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2, 0x1, 0x0, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x8, 0x9, 0x1, 0xeb3, 0xfffefffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r1, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) unshare$auto(0x40) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 1m43.059219982s ago: executing program 32 (id=2320): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2, 0x1, 0x0, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x8, 0x9, 0x1, 0xeb3, 0xfffefffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r1, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) unshare$auto(0x40) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 12.582324204s ago: executing program 0 (id=2537): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = fanotify_init$auto(0x5, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0xa, 0x3, 0x3a) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_MEMGETBADBLOCK(r0, 0x40084d0b, &(0x7f0000000000)=0x2) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff05, 0x0) setsockopt$auto(r1, 0x29, 0x15, 0x0, 0x56b) socket(0x1d, 0x1, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fanotify_mark$auto(r0, 0x5, 0x100000009, 0x4, 0x0) syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r2, 0x402, 0x8000007fffffdf) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) 11.776572697s ago: executing program 0 (id=2538): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x20000a, 0x4) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x1) 11.150989702s ago: executing program 2 (id=2539): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syslog$auto(0x0, &(0x7f0000000280)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) prctl$auto(0x443, 0x17, 0x0, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x5, 0x6, 0x80000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1ff, 0x6, 0xbc, 0x80000001, 0x4, 0x0, 0x53}, 0x1) msync$auto(0x1fffeffc, 0x180000000000000, 0x400000004) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x40, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x200008000) ioperm$auto(0x2, 0x8000000000031c, 0x4) close_range$auto(0x2, 0x8, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram15\x00', 0x4082, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c0a, 0x0) io_uring_setup$auto(0x6, 0x0) 11.098658359s ago: executing program 4 (id=2540): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4d9dfa483199ecfeaba8e2fd120ec26c871c73a3b1608fa2baf9a633ac9e5e266e8ef9535721c0f4ac3d3e7e11a860b2fdc66d5ff6b7c1376f50b6db11112d97b62d2db91e44bf5b5fc0b5ea93c5cd6931ff6f91cb05ec8b6ade3a893fef", @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090) mmap$auto(0x0, 0x80000002020009, 0x3, 0x410, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x8}, &(0x7f00000001c0)=0x6, 0x0, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, r1, 0x800000000001, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0xb, 0x0, 0x0, 0x6e2d, 0xfffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) 10.414840663s ago: executing program 1 (id=2541): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioperm$auto(0x400, 0x7f, 0xd) semctl$auto(0x0, 0xe3, 0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r1, 0x8000) 9.182626772s ago: executing program 2 (id=2542): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) 8.382452527s ago: executing program 0 (id=2543): r0 = open(0x0, 0xd02, 0xc3) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x668, 0x0, 0x20, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_FRAME={0x639, 0x33, "afa6e0335f4a2c0c9b03ed037529ed1f8c19df0534c0c618363857d371dfe3575f074ed09281c32a0f2392027bee6d0506bdc9f52f16c9cddce2ee2bf411b5c37071c69297cbc252870e10ae089076ebd6ce5e42336573f7457224fb6e4d5cbc4b2847351ae8b9723b261b5876aa693b1f99786a8aff10d220aadda3c7f68a53903dbf2891b524fb9d9f1935f6873af22229e32a71276fac61cfbb99a0e9896735a111f46a73d9141b874444d253c3bcc98c2eddc451cb222af5ff8bdf0222e89524e44e1550d57f65061818b2e64ed23cbadd4cd35c4e675a6c76c93487649d5e120e876eef7d33bda62ec8ff4194ac957e81ef9aea0f96d44b4d7d28d0a90f3f3f1ab2302188a33eba4baeb8a36328ff04c2f77de5f5c1a202b358ced0d7ea41158c3745dc867e377ecadeccfcd5b8b519bef4dabe08dc5d923fb1a0bcfb63eb4c8e2143c4d2132e5e9c82712afab78723dc43d092eeb8a1bf619dd7d7c27b9785b953d4506d0d5207f3e8b76284b7749045ca2b5f062013c53f35be3e4489a1b8e3232314c86fbe18a58751f0b58219c53c1907daa47745badd8947431a66134913519262c65969aae0a78e040810ad130354b65c729754e9af226114904d39c5b24eaf02702067fdae7ae01c7fb58aa834b3d815caabb1761ba0d83cf8d53502a268b63fc3501fb67ded5c1b1482367ee4f5214303dc652abe046ce1abf20a3f49e1036026d77c132d332e98878ea17bd994e882becd6fc52d9fd91260ef25c204390f2c88c9e8cccd2d3f51bb9a93f0765f02dd8422bd3715b1205811f72ef91397fd5ab58f60cd10542ef3fa257e6cb0c311287b1af50dac0fb5614eaa5e67563c8efd9e89bb8fc2d7c6c4f64e95768bed149a69a345aadb64c89bb9e4bec361d74bef891543a5c8ba242c434b476bad123aece2a552ad43999907b425f4df57d3e4ca2c2b865568e619be2ef134718b47b6055a0bcc8ea64ff4ebc05339f5481e3c6fceadbd6f4126ccca4fb0e6b2303c4ec0d591cb45a076706a700ff34ad1c569fd11674bcbab1228132f1bfe192d138f25ec2520da501ed6e583492447734f69fa581e64a96f90582f9d757e391c0d33ce8250cc7c9e0d3651801cb285c9eee5bd0224d388dddf8527e49ca9030fd7955e93e3365f9602b4a4ef1aaca177e44e7f1142c8ec0015f2b505a775afe9ae820df18adaad4b3924d8033965991fe1e59acbbad440bc64b3198a4eae215fd32283be418b6ee791a89eaf386422aed1ca9a18a0220f88a7609d536ffd7db73c9654cbe7a7835668771f8f2f98d58cf1d60cff1004ee2fb4c394bf3b48d0232866d382ceeae8f340bddb3ac677edc560982312ac13bf765db179a235e47ec0747d428fe273fda500641154f168cad55351172f93a970ccf26626ec89d52f64d89f0d7456212854f35542794264126abf75567f56cf0081de22def6305d279b2aabdb91ac0813ccd0a4e87dd63b3188cc10a3eee94e7af67e2ab5070bc5e639a204af69b49aef29b61c7efd1a9f4b6bc51659aeb399b34cf21dc827259991979828515c776d86f06cf69ea710e6be91ec0ea9e46e9d08e07ad2ab67a4b43e2d0763a4673a8002df95761309b011b25a6effab4da60e599c27e263394328da81b0af4ebcd6d838c1a9ff729482681115b4964be42bb4b8d8855c71450e9c48999e195227f41eb0fde516123e1da39f0db125045c3e5dadbfba05b329cf3d02dbd9fa01c75856ee233ef96b5e61f845560c640758d3883bb7ca2da85c9c5c15dc0f4033bc8140ec0965f91a4be0692c0348a3cc38fbac8a0e6db18433aeb3f05921c5cf614be4754f76c9e3323026a646d89a7a894e1b493a999af49864886b6ed68ce635ba2eeff167e99ac5fa5696aca29f1517b47f460151ca4b9afb34cc5ffbeb037ece8de9d223d8a1124b6c0ce000928070c021dc17499c9313264903ccc5ba90f9b0eb3c1617cb53c8192a7e2d12c566c83ac35ee265bd5bafb2b3208af0cc938e8306a45b50ccd17ee5e59fbfcf30c09185c2d84db35e05190a3251c097c288d5bfd800f2fc5e60aaaaa7bb297e39e40dfc35da14b1ffa060ed3f02722f35e345e7ad453e6758b5ec8ef2ebd3a57413a1ea68df9684dc4dda5bdeaf81ec602fee0057dfa42fe9bcd7f571e906b31c4044c07070a0cdfab85594b18c54691b269a23e39fcbcb48eb4aab9b7950f145d87c750a5bd301ef6c1816aee61ac31b"}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x8}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0xe, 0x9}}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x7}]}, 0x668}, 0x1, 0x0, 0x0, 0x48010}, 0x20000800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x400002, 0x4, 0x0, &(0x7f00000001c0)=0x2) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) pwrite64$auto(r1, &(0x7f0000000040)='.\'*&\x04!\x00', 0x1, 0x8) 8.38235892s ago: executing program 1 (id=2544): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) mmap$auto(0x0, 0x4000005, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) clock_settime$auto(0xffffff80, &(0x7f0000000040)={0x7, 0x3615}) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) write$auto(r0, &(0x7f0000000040)='!\x00', 0xffff) read$auto(0xffffffffffffffff, 0x0, 0x1ff) write$auto(0x3, 0x0, 0x7) r1 = socket(0x2, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(0x3, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0) syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff) getpid() sendmsg$auto_TASKSTATS_CMD_GET(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44001}, 0x20004000) syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1}, 0x58) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 7.375591232s ago: executing program 4 (id=2545): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ppoll$auto(0x0, 0x2f9638f3, &(0x7f0000000080)={0x66e2, 0x512d}, &(0x7f0000000100)={0x3ff}, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1a, 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x810c5701, &(0x7f0000000340)={0x3, 0x1, 0x200, 0x10000, 0x2, "748987108c83c529e6e0e17d26156a70e2ae0200fe62d001c338115fef2fbd8b976aa4fbce454ad4063328e150b0abc105c79352189449ed57bb590643e87a9b", "c35d68b707f12e350124ce3c56384271520fe78cbd7cb2f5587ebbe76f0069619790130fd5b9b9cc3d10fce15d823e8e57d245b1bf025ba127790e258cecdc081b38425936a306e206bf69ccdc6b9978", "dee0c06ea301f4ecca5d8d48eca013e7a853234160c3d8d65d185c1bd6f8fbce", 0x1, 0x75a3, 0x200000, "096e8465a8a3029f90cbf3e37d2bafa231150560322e6642c9d0dd7f29c51d775c494d9b7d6dc7efc90faaed56664139afbbeb0bc6e486d0ae2b0b41"}) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0xff, 0x800, 0x10) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) 6.745598249s ago: executing program 1 (id=2546): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000300)={0x28020000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) mmap$auto(0x7, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto_force_wakeup_fops_hci_vhci(0xffffffffffffffff, &(0x7f0000000080)="305b0a8f34915766fca3fb72133618de834c1d0cbb0bcd7ff19baad4ec1b020bc78d852189f51aafd33a851c1e6de42e41b662cd9d878702c7", 0x39) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) write$auto(0xc8, 0x0, 0x4040f6) r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) rseq$auto(&(0x7f0000000000)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xffffffffffffff66) fsopen$auto(0x0, 0x1) kcmp$auto(0x1, 0x1, 0x0, 0x100000004, 0x100000001) fspick$auto(0xffffffffffffffff, 0x0, 0x3) sendmsg$auto_WG_CMD_SET_DEVICE(r1, 0x0, 0x4000010) 5.479828315s ago: executing program 2 (id=2547): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) r1 = open(0x0, 0x111280, 0x18) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/286, 0x11e) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20342, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0) lseek$auto(r1, 0x7fffffffffffffff, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r3, 0x80044dfe, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) listen$auto(0x3, 0x3) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) getrandom$auto(0x0, 0x6000000, 0x3) r4 = socket(0x15, 0x1, 0x0) setsockopt$auto(r4, 0x114, 0x1d, 0x0, 0x4) 5.478999162s ago: executing program 0 (id=2555): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x20000a, 0x4) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x1) 5.071320629s ago: executing program 4 (id=2548): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioperm$auto(0x400, 0x7f, 0xd) semctl$auto(0x0, 0xe3, 0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) 3.470998391s ago: executing program 4 (id=2549): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = fanotify_init$auto(0x5, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0xa, 0x3, 0x3a) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_MEMGETBADBLOCK(r0, 0x40084d0b, &(0x7f0000000000)=0x2) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff05, 0x0) setsockopt$auto(r1, 0x29, 0x15, 0x0, 0x56b) socket(0x1d, 0x1, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fanotify_mark$auto(r0, 0x5, 0x100000009, 0x4, 0x0) syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r2, 0x402, 0x8000007fffffdf) close_range$auto(0x2, 0x8, 0x0) 2.752951408s ago: executing program 2 (id=2550): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) 2.707487418s ago: executing program 1 (id=2551): openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) 2.28741913s ago: executing program 4 (id=2552): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) 2.059097598s ago: executing program 0 (id=2553): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x226902, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) msync$auto(0x2, 0x9, 0x40) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000022, 0x400, 0x9}]}) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) 2.008112796s ago: executing program 1 (id=2554): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x226902, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) msync$auto(0x2, 0x9, 0x40) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000022, 0x400, 0x9}]}) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) 1.91831443s ago: executing program 2 (id=2556): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = socket(0x1e, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) getpid() mlockall$auto(0x5) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000000080), r1) sendmsg$auto_NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x158, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@NET_DM_ATTR_QUEUE_LEN={0x8, 0xb, 0xb}, @NET_DM_ATTR_TRUNC_LEN={0x8, 0x9, 0x7ff}, @NET_DM_ATTR_QUEUE_LEN={0x8, 0xb, 0x3}, @NET_DM_ATTR_HW_DROPS={0x4}, @NET_DM_ATTR_UNSPEC={0xb1, 0x0, "3686d0ed497017d6669b3183b4f236a59f8027a3e5e01dd6f6a965bab8ec8b88b5b3a04f0205cbd8d61bed3097dd76affaaecd40f8ecf27578d318e1cc20ab085c270dd766b1e26ddb2d9b1a7f3fc7f696cb6762fc7eb64fd253d3f8ed96ca4b760dcd6bc403a2da9714d54a51ab6c3b24b5e8ac467fa99d948abacffb99fa2d22fdf5fcd1e9f38360410910b8368258410ede29786df464f080b39988fff62239a835109d73b2e15efbc75e2d"}, @NET_DM_ATTR_SW_DROPS={0x4}, @NET_DM_ATTR_UNSPEC={0x6d, 0x0, "da65c1f7b06b1907ef67447c564b052266e5af3ad1d5fd7de90abb75256daa255cc2e1c30f8d6ef9682f5ac3fef8ddf86015f1ee1c3b79eebdf0e9463dc14b390aa3017792782e0a9344f531eb3f8c8a2647e4a1a6dd6c85c51039bb9e9b32d6bf040fabba6976378c"}]}, 0x158}, 0x1, 0x0, 0x0, 0x1}, 0x20000001) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r3 = socket(0x11, 0xa, 0x300) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/async_depth\x00', 0x40800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) sendmmsg$auto(0x3, 0x0, 0xfffe, 0x4009ff) read$auto(r3, &(0x7f00000002c0)=')M:\\\x00', 0x60) close_range$auto(0x2, 0x8, 0x0) 1.905911797s ago: executing program 4 (id=2557): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syslog$auto(0x0, &(0x7f0000000280)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) prctl$auto(0x443, 0x17, 0x0, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x5, 0x6, 0x80000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1ff, 0x6, 0xbc, 0x80000001, 0x4, 0x0, 0x53}, 0x1) msync$auto(0x1fffeffc, 0x180000000000000, 0x400000004) write$auto(0x3, 0x0, 0x100082) ioperm$auto(0x2, 0x8000000000031c, 0x4) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram15\x00', 0x4082, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c0a, 0x0) io_uring_setup$auto(0x6, 0x0) 611.341032ms ago: executing program 1 (id=2558): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioperm$auto(0x400, 0x7f, 0xd) semctl$auto(0x0, 0xe3, 0x0, 0x5) socket$nl_generic(0x10, 0x3, 0x10) lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r1, 0x8000) 544.73696ms ago: executing program 0 (id=2559): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) 0s ago: executing program 2 (id=2560): keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40002, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xfffffffffffffffe, 0x4000002020009, 0x2, 0x7fff, 0xfffffffffffffffa, 0x8001) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r2 = prctl$auto(0x16, 0x800000000000012, 0x0, 0x9, 0x10000) r3 = ioctl$auto_TUNGETVNETBE2(r2, 0x800454df, &(0x7f0000000040)=0x2) ioctl$auto_PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f00000000c0)=0x2070bb26) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0xffffffffffffffff, 0x40005, 0x337, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x2020009, 0x80000000000003, 0x10, r1, 0x5) prctl$auto(0x2000001a, 0x1, 0x0, 0xd, 0x32) msgget$auto(0x0, 0x5) r5 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2a801, 0x0) pwrite64$auto(r5, &(0x7f0000000040)='/dev/vcsa\x00', 0x7b05, 0x5) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      syzkaller syzkaller login: [ 605.631159][T12643] kexec: Could not allocate control_code_buffer [ 610.857810][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1420 with max blocks 12 with error 117 [ 610.938784][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 610.938784][ T36] [ 613.095562][T12757] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 974 with max blocks 21 with error 117 [ 613.111109][T12757] EXT4-fs (sda1): This should not happen!! Data will be lost [ 613.111109][T12757] [ 621.176457][T12844] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 622.283533][T12857] FAULT_INJECTION: forcing a failure. [ 622.283533][T12857] name failslab, interval 1, probability 0, space 0, times 0 [ 622.377042][T12857] CPU: 1 UID: 0 PID: 12857 Comm: syz.2.1582 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 622.377089][T12857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 622.377109][T12857] Call Trace: [ 622.377120][T12857] [ 622.377132][T12857] dump_stack_lvl+0x16c/0x1f0 [ 622.377190][T12857] should_fail_ex+0x512/0x640 [ 622.377237][T12857] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 622.377286][T12857] should_failslab+0xc2/0x120 [ 622.377319][T12857] __kmalloc_cache_noprof+0x6a/0x3e0 [ 622.377366][T12857] ? ptp_open+0xe3/0x520 [ 622.377408][T12857] ptp_open+0xe3/0x520 [ 622.377452][T12857] ? __pfx_ptp_open+0x10/0x10 [ 622.377505][T12857] ? __pfx_ptp_open+0x10/0x10 [ 622.377542][T12857] posix_clock_open+0x17b/0x290 [ 622.377582][T12857] ? __pfx_posix_clock_open+0x10/0x10 [ 622.377618][T12857] chrdev_open+0x234/0x6a0 [ 622.377669][T12857] ? __pfx_apparmor_file_open+0x10/0x10 [ 622.377713][T12857] ? __pfx_chrdev_open+0x10/0x10 [ 622.377770][T12857] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 622.377824][T12857] do_dentry_open+0x741/0x1c10 [ 622.377875][T12857] ? __pfx_chrdev_open+0x10/0x10 [ 622.377943][T12857] vfs_open+0x82/0x3f0 [ 622.377987][T12857] path_openat+0x1de4/0x2cb0 [ 622.378052][T12857] ? __pfx_path_openat+0x10/0x10 [ 622.378104][T12857] ? __lock_acquire+0xb8a/0x1c90 [ 622.378153][T12857] do_filp_open+0x20b/0x470 [ 622.378202][T12857] ? __pfx_do_filp_open+0x10/0x10 [ 622.378283][T12857] ? alloc_fd+0x471/0x7d0 [ 622.378340][T12857] do_sys_openat2+0x11b/0x1d0 [ 622.378377][T12857] ? __pfx_do_sys_openat2+0x10/0x10 [ 622.378443][T12857] __x64_sys_openat+0x174/0x210 [ 622.378480][T12857] ? __pfx___x64_sys_openat+0x10/0x10 [ 622.378534][T12857] do_syscall_64+0xcd/0x490 [ 622.378588][T12857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.378634][T12857] RIP: 0033:0x7f1b8d98e929 [ 622.378658][T12857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 622.378687][T12857] RSP: 002b:00007f1b8e8be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 622.378716][T12857] RAX: ffffffffffffffda RBX: 00007f1b8dbb6080 RCX: 00007f1b8d98e929 [ 622.378735][T12857] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 622.378754][T12857] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 622.378772][T12857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.378790][T12857] R13: 0000000000000000 R14: 00007f1b8dbb6080 R15: 00007ffc13bba5c8 [ 622.378828][T12857] [ 623.618590][T12874] FAULT_INJECTION: forcing a failure. [ 623.618590][T12874] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 623.663138][T12874] CPU: 0 UID: 0 PID: 12874 Comm: syz.2.1585 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 623.663179][T12874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 623.663197][T12874] Call Trace: [ 623.663206][T12874] [ 623.663217][T12874] dump_stack_lvl+0x16c/0x1f0 [ 623.663262][T12874] should_fail_ex+0x512/0x640 [ 623.663296][T12874] should_fail_alloc_page+0xe7/0x130 [ 623.663319][T12874] prepare_alloc_pages+0x3c2/0x610 [ 623.663343][T12874] ? __lock_acquire+0x622/0x1c90 [ 623.663374][T12874] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 623.663419][T12874] ? find_held_lock+0x2b/0x80 [ 623.663439][T12874] ? mtree_load+0x309/0xa40 [ 623.663470][T12874] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 623.663505][T12874] ? mtree_load+0x325/0xa40 [ 623.663554][T12874] ? __up_read+0x1f8/0x750 [ 623.663585][T12874] ? __pfx___up_read+0x10/0x10 [ 623.663613][T12874] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 623.663645][T12874] ? policy_nodemask+0xea/0x4e0 [ 623.663666][T12874] alloc_pages_mpol+0x1fb/0x550 [ 623.663686][T12874] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 623.663705][T12874] ? do_raw_spin_lock+0x12c/0x2b0 [ 623.663752][T12874] ? __pfx___access_remote_vm+0x10/0x10 [ 623.663792][T12874] alloc_pages_noprof+0x131/0x390 [ 623.663812][T12874] get_free_pages_noprof+0x10/0xb0 [ 623.663852][T12874] proc_pid_cmdline_read+0x46d/0x900 [ 623.663882][T12874] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 623.663911][T12874] ? rw_verify_area+0xcf/0x680 [ 623.663937][T12874] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 623.663964][T12874] vfs_read+0x1e1/0xc60 [ 623.663997][T12874] ? __pfx___mutex_lock+0x10/0x10 [ 623.664030][T12874] ? __pfx_vfs_read+0x10/0x10 [ 623.664085][T12874] ? __fget_files+0x20e/0x3c0 [ 623.664124][T12874] ksys_read+0x12a/0x250 [ 623.664167][T12874] ? __pfx_ksys_read+0x10/0x10 [ 623.664205][T12874] do_syscall_64+0xcd/0x490 [ 623.664240][T12874] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.664262][T12874] RIP: 0033:0x7f1b8d98e929 [ 623.664279][T12874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 623.664300][T12874] RSP: 002b:00007f1b8e8df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 623.664320][T12874] RAX: ffffffffffffffda RBX: 00007f1b8dbb5fa0 RCX: 00007f1b8d98e929 [ 623.664334][T12874] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000007 [ 623.664347][T12874] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 623.664360][T12874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 623.664373][T12874] R13: 0000000000000000 R14: 00007f1b8dbb5fa0 R15: 00007ffc13bba5c8 [ 623.664399][T12874] [ 625.053583][T12891] Invalid ELF header magic: != ELF [ 625.068591][T12891] netlink: zone id is out of range [ 625.077379][T12891] netlink: zone id is out of range [ 625.087397][T12891] netlink: zone id is out of range [ 625.092598][T12891] netlink: zone id is out of range [ 625.173631][T12891] netlink: zone id is out of range [ 625.299881][T12894] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1587'. [ 626.225321][T12908] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1590'. [ 626.323432][T12910] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1590'. [ 626.380137][T12908] geneve1: entered promiscuous mode [ 626.386853][T12908] geneve1: entered allmulticast mode [ 629.383186][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.391210][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 632.389718][ T30] audit: type=1800 audit(4294967586.416:26): pid=12992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1604" name="members" dev="configfs" ino=69492 res=0 errno=0 [ 632.415948][T12987] can: request_module (can-proto-3) failed. [ 633.269500][T13006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1606'. [ 636.214203][T13041] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1621'. [ 636.416344][T13048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1621'. syzkaller syzkaller login: [ 638.847914][T13085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1620'. [ 641.372762][ T1149] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1420 with max blocks 12 with error 117 [ 641.425089][ T1149] EXT4-fs (sda1): This should not happen!! Data will be lost [ 641.425089][ T1149] [ 641.572341][T13120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1626'. [ 641.774792][T13123] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1626'. [ 646.849209][T13172] Invalid ELF header magic: != ELF [ 647.512694][T13178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1638'. [ 647.848085][T13178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1638'. [ 648.541000][T13189] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 650.111896][T13205] FAULT_INJECTION: forcing a failure. [ 650.111896][T13205] name failslab, interval 1, probability 0, space 0, times 0 [ 650.125585][T13205] CPU: 1 UID: 0 PID: 13205 Comm: syz.0.1644 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 650.125630][T13205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.125651][T13205] Call Trace: [ 650.125662][T13205] [ 650.125675][T13205] dump_stack_lvl+0x16c/0x1f0 [ 650.125729][T13205] should_fail_ex+0x512/0x640 [ 650.125763][T13205] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 650.125803][T13205] should_failslab+0xc2/0x120 [ 650.125825][T13205] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 650.125861][T13205] ? __kernfs_new_node+0xd2/0x8e0 [ 650.125897][T13205] __kernfs_new_node+0xd2/0x8e0 [ 650.125933][T13205] ? __pfx___kernfs_new_node+0x10/0x10 [ 650.125973][T13205] ? find_held_lock+0x2b/0x80 [ 650.126004][T13205] ? kernfs_root+0xee/0x2a0 [ 650.126057][T13205] kernfs_new_node+0x13c/0x1e0 [ 650.126099][T13205] ? net_ns_get_ownership+0xf8/0x1b0 [ 650.126141][T13205] kernfs_create_dir_ns+0x4c/0x1a0 [ 650.126181][T13205] internal_create_group+0x34d/0xf30 [ 650.126225][T13205] ? __pfx_internal_create_group+0x10/0x10 [ 650.126264][T13205] ? kernfs_create_link+0x1bd/0x240 [ 650.126295][T13205] internal_create_groups+0x9d/0x150 [ 650.126331][T13205] device_add+0xf30/0x1a70 [ 650.126358][T13205] ? __pfx_device_add+0x10/0x10 [ 650.126382][T13205] ? lockdep_init_map_type+0x5c/0x280 [ 650.126415][T13205] ? __init_waitqueue_head+0xca/0x150 [ 650.126459][T13205] netdev_register_kobject+0x182/0x3a0 [ 650.126496][T13205] register_netdevice+0x13dc/0x2270 [ 650.126526][T13205] ? __pfx_register_netdevice+0x10/0x10 [ 650.126559][T13205] __ip_tunnel_create+0x540/0x6e0 [ 650.126590][T13205] ? __pfx___ip_tunnel_create+0x10/0x10 [ 650.126627][T13205] ip_tunnel_init_net+0x22f/0x7d0 [ 650.126661][T13205] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 650.126709][T13205] ? trace_kmalloc+0x2b/0xd0 [ 650.126741][T13205] ? __kmalloc_noprof+0x242/0x510 [ 650.126787][T13205] ? lockdep_init_map_type+0x5c/0x280 [ 650.126824][T13205] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 650.126847][T13205] ops_init+0x1e2/0x5f0 [ 650.126871][T13205] setup_net+0x1ff/0x510 [ 650.126891][T13205] ? lockdep_init_map_type+0x5c/0x280 [ 650.126923][T13205] ? __pfx_setup_net+0x10/0x10 [ 650.126947][T13205] ? debug_mutex_init+0x37/0x70 [ 650.126973][T13205] copy_net_ns+0x2a6/0x5f0 [ 650.127001][T13205] create_new_namespaces+0x3ea/0xa90 [ 650.127033][T13205] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 650.127061][T13205] ksys_unshare+0x45b/0xa40 [ 650.127092][T13205] ? __pfx_ksys_unshare+0x10/0x10 [ 650.127124][T13205] ? xfd_validate_state+0x61/0x180 [ 650.127163][T13205] __x64_sys_unshare+0x31/0x40 [ 650.127193][T13205] do_syscall_64+0xcd/0x490 [ 650.127236][T13205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.127261][T13205] RIP: 0033:0x7fd90d78e929 [ 650.127280][T13205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.127302][T13205] RSP: 002b:00007fd90e542038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 650.127325][T13205] RAX: ffffffffffffffda RBX: 00007fd90d9b5fa0 RCX: 00007fd90d78e929 [ 650.127341][T13205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 650.127356][T13205] RBP: 00007fd90d810b39 R08: 0000000000000000 R09: 0000000000000000 [ 650.127371][T13205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 650.127385][T13205] R13: 0000000000000000 R14: 00007fd90d9b5fa0 R15: 00007ffc05299ef8 [ 650.127415][T13205] [ 650.871376][T13221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1647'. [ 650.916554][T13221] geneve1: entered promiscuous mode [ 650.921940][T13221] geneve1: entered allmulticast mode [ 650.932949][T13221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1647'. [ 651.497877][T13227] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 653.056784][T13246] Invalid ELF header magic: != ELF [ 653.473352][T13255] FAULT_INJECTION: forcing a failure. [ 653.473352][T13255] name failslab, interval 1, probability 0, space 0, times 0 [ 653.684554][T13255] CPU: 0 UID: 0 PID: 13255 Comm: syz.2.1653 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 653.684600][T13255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 653.684620][T13255] Call Trace: [ 653.684631][T13255] [ 653.684644][T13255] dump_stack_lvl+0x16c/0x1f0 [ 653.684700][T13255] should_fail_ex+0x512/0x640 [ 653.684747][T13255] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 653.684802][T13255] should_failslab+0xc2/0x120 [ 653.684833][T13255] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 653.684883][T13255] ? prepare_creds+0x2c/0x7d0 [ 653.684947][T13255] prepare_creds+0x2c/0x7d0 [ 653.684997][T13255] prepare_exec_creds+0x10/0x240 [ 653.685044][T13255] bprm_execve+0xc0/0x1650 [ 653.685086][T13255] ? up_write+0x1b2/0x520 [ 653.685138][T13255] ? __pfx_bprm_execve+0x10/0x10 [ 653.685180][T13255] ? copy_string_kernel+0x444/0x510 [ 653.685233][T13255] do_execveat_common.isra.0+0x4a5/0x610 [ 653.685288][T13255] __x64_sys_execve+0x8e/0xb0 [ 653.685335][T13255] do_syscall_64+0xcd/0x490 [ 653.685389][T13255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.685424][T13255] RIP: 0033:0x7f1b8d98e929 [ 653.685450][T13255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.685482][T13255] RSP: 002b:00007f1b8e8be038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 653.685512][T13255] RAX: ffffffffffffffda RBX: 00007f1b8dbb6080 RCX: 00007f1b8d98e929 [ 653.685533][T13255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 653.685553][T13255] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 653.685572][T13255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 653.685591][T13255] R13: 0000000000000000 R14: 00007f1b8dbb6080 R15: 00007ffc13bba5c8 [ 653.685631][T13255] [ 654.052661][T13263] tipc: Started in network mode [ 654.057770][T13263] tipc: Node identity ee00, cluster identity 4711 [ 654.064709][T13263] tipc: Node number set to 60928 [ 654.629573][ T30] audit: type=1804 audit(4294967608.645:27): pid=13260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1654" name="/newroot/428/file0" dev="tmpfs" ino=2274 res=1 errno=0 [ 658.063967][T13285] kexec: Could not allocate control_code_buffer [ 658.078365][T13297] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1662'. [ 659.003899][T13315] FAULT_INJECTION: forcing a failure. [ 659.003899][T13315] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 659.060600][T13315] CPU: 0 UID: 0 PID: 13315 Comm: syz.1.1666 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 659.060648][T13315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 659.060669][T13315] Call Trace: [ 659.060680][T13315] [ 659.060693][T13315] dump_stack_lvl+0x16c/0x1f0 [ 659.060755][T13315] should_fail_ex+0x512/0x640 [ 659.060812][T13315] should_fail_alloc_page+0xe7/0x130 [ 659.060850][T13315] prepare_alloc_pages+0x3c2/0x610 [ 659.060900][T13315] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 659.060955][T13315] ? kasan_save_stack+0x42/0x60 [ 659.061011][T13315] ? __lock_acquire+0x622/0x1c90 [ 659.061062][T13315] ? __vmf_anon_prepare+0x11c/0x240 [ 659.061099][T13315] ? __handle_mm_fault+0x27f6/0x5490 [ 659.061142][T13315] ? handle_mm_fault+0x589/0xd10 [ 659.061185][T13315] ? __get_user_pages+0x589/0x3b80 [ 659.061222][T13315] ? get_user_pages_remote+0x258/0xb20 [ 659.061263][T13315] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 659.061320][T13315] ? __lock_acquire+0x622/0x1c90 [ 659.061377][T13315] ? __lock_acquire+0xb8a/0x1c90 [ 659.061430][T13315] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 659.061500][T13315] ? policy_nodemask+0xea/0x4e0 [ 659.061537][T13315] alloc_pages_mpol+0x1fb/0x550 [ 659.061574][T13315] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 659.061611][T13315] ? __anon_vma_prepare+0x2db/0x5e0 [ 659.061668][T13315] folio_alloc_mpol_noprof+0x36/0x2f0 [ 659.061713][T13315] vma_alloc_folio_noprof+0xed/0x1e0 [ 659.061754][T13315] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 659.061793][T13315] ? __anon_vma_prepare+0x2e2/0x5e0 [ 659.061857][T13315] __handle_mm_fault+0x2f21/0x5490 [ 659.061917][T13315] ? __pfx___handle_mm_fault+0x10/0x10 [ 659.062004][T13315] handle_mm_fault+0x589/0xd10 [ 659.062062][T13315] __get_user_pages+0x589/0x3b80 [ 659.062124][T13315] ? __pfx___get_user_pages+0x10/0x10 [ 659.062182][T13315] get_user_pages_remote+0x258/0xb20 [ 659.062234][T13315] ? __pfx_get_user_pages_remote+0x10/0x10 [ 659.062273][T13315] ? __pfx_vma_link+0x10/0x10 [ 659.062343][T13315] get_arg_page+0xf4/0x310 [ 659.062391][T13315] ? __pfx_get_arg_page+0x10/0x10 [ 659.062437][T13315] ? up_write+0x1b2/0x520 [ 659.062519][T13315] copy_string_kernel+0x180/0x510 [ 659.062577][T13315] do_execveat_common.isra.0+0x2ed/0x610 [ 659.062651][T13315] __x64_sys_execve+0x8e/0xb0 [ 659.062701][T13315] do_syscall_64+0xcd/0x490 [ 659.062760][T13315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.062796][T13315] RIP: 0033:0x7fc17718e929 [ 659.062825][T13315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.062859][T13315] RSP: 002b:00007fc17802b038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 659.062892][T13315] RAX: ffffffffffffffda RBX: 00007fc1773b6080 RCX: 00007fc17718e929 [ 659.062915][T13315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 659.062936][T13315] RBP: 00007fc177210b39 R08: 0000000000000000 R09: 0000000000000000 [ 659.062956][T13315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.062975][T13315] R13: 0000000000000000 R14: 00007fc1773b6080 R15: 00007ffe381c3a98 [ 659.063019][T13315] [ 660.801571][T13322] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1676'. [ 663.096635][ T30] audit: type=1804 audit(4294967617.101:28): pid=13346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1670" name="/newroot/378/file0" dev="tmpfs" ino=2024 res=1 errno=0 [ 668.874130][T13404] netlink: set zone limit has 8 unknown bytes [ 668.960998][T13399] Invalid ELF header magic: != ELF [ 669.722551][ T30] audit: type=1804 audit(4294967623.718:29): pid=13410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1684" name="/newroot/204/file0" dev="tmpfs" ino=1090 res=1 errno=0 [ 671.399944][T13422] random: crng reseeded on system resumption [ 672.167800][ T2991] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1420 with max blocks 12 with error 117 [ 672.228046][ T2991] EXT4-fs (sda1): This should not happen!! Data will be lost [ 672.228046][ T2991] [ 673.832952][T13435] bond0: option all_slaves_active: invalid value () [ 674.806908][T13456] netlink: set zone limit has 8 unknown bytes [ 675.877857][T13461] Invalid ELF header magic: != ELF [ 676.807445][T13469] random: crng reseeded on system resumption [ 677.480205][ T30] audit: type=1804 audit(4294967631.474:30): pid=13473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1698" name="/newroot/438/file0" dev="tmpfs" ino=2328 res=1 errno=0 [ 679.641735][T13480] kexec: Could not allocate control_code_buffer [ 680.260838][T13489] Invalid ELF header magic: != ELF [ 681.515512][T13507] FAULT_INJECTION: forcing a failure. [ 681.515512][T13507] name failslab, interval 1, probability 0, space 0, times 0 [ 681.571895][T13507] CPU: 1 UID: 0 PID: 13507 Comm: syz.0.1711 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 681.571936][T13507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 681.571953][T13507] Call Trace: [ 681.571962][T13507] [ 681.571973][T13507] dump_stack_lvl+0x16c/0x1f0 [ 681.572024][T13507] should_fail_ex+0x512/0x640 [ 681.572063][T13507] ? __kmalloc_noprof+0xbf/0x510 [ 681.572108][T13507] ? lsm_blob_alloc+0x68/0x90 [ 681.572148][T13507] should_failslab+0xc2/0x120 [ 681.572175][T13507] __kmalloc_noprof+0xd2/0x510 [ 681.572224][T13507] lsm_blob_alloc+0x68/0x90 [ 681.572265][T13507] security_sk_alloc+0x30/0x270 [ 681.572296][T13507] sk_prot_alloc+0x1c7/0x2a0 [ 681.572329][T13507] sk_alloc+0x36/0xc20 [ 681.572370][T13507] tap_open+0x2f0/0x1170 [ 681.572401][T13507] ? __pfx_tap_open+0x10/0x10 [ 681.572428][T13507] chrdev_open+0x234/0x6a0 [ 681.572471][T13507] ? __pfx_apparmor_file_open+0x10/0x10 [ 681.572506][T13507] ? __pfx_chrdev_open+0x10/0x10 [ 681.572552][T13507] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 681.572596][T13507] do_dentry_open+0x741/0x1c10 [ 681.572636][T13507] ? __pfx_chrdev_open+0x10/0x10 [ 681.572694][T13507] vfs_open+0x82/0x3f0 [ 681.572726][T13507] path_openat+0x1de4/0x2cb0 [ 681.572769][T13507] ? __pfx_path_openat+0x10/0x10 [ 681.572805][T13507] ? __lock_acquire+0xb8a/0x1c90 [ 681.572840][T13507] do_filp_open+0x20b/0x470 [ 681.572874][T13507] ? __pfx_do_filp_open+0x10/0x10 [ 681.572929][T13507] ? alloc_fd+0x471/0x7d0 [ 681.572968][T13507] do_sys_openat2+0x11b/0x1d0 [ 681.572993][T13507] ? __pfx_do_sys_openat2+0x10/0x10 [ 681.573030][T13507] __x64_sys_openat+0x174/0x210 [ 681.573057][T13507] ? __pfx___x64_sys_openat+0x10/0x10 [ 681.573095][T13507] do_syscall_64+0xcd/0x490 [ 681.573134][T13507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.573158][T13507] RIP: 0033:0x7fd90d78e929 [ 681.573178][T13507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.573201][T13507] RSP: 002b:00007fd90e521038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 681.573223][T13507] RAX: ffffffffffffffda RBX: 00007fd90d9b6080 RCX: 00007fd90d78e929 [ 681.573238][T13507] RDX: 0000000000020000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 681.573254][T13507] RBP: 00007fd90d810b39 R08: 0000000000000000 R09: 0000000000000000 [ 681.573268][T13507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.573282][T13507] R13: 0000000000000000 R14: 00007fd90d9b6080 R15: 00007ffc05299ef8 [ 681.573311][T13507] [ 682.121013][T13510] bond0: option all_slaves_active: invalid value () [ 683.222221][T13520] netlink: set zone limit has 8 unknown bytes [ 683.505190][T13526] FAULT_INJECTION: forcing a failure. [ 683.505190][T13526] name failslab, interval 1, probability 0, space 0, times 0 [ 683.533294][T13526] CPU: 1 UID: 0 PID: 13526 Comm: syz.2.1707 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 683.533342][T13526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 683.533362][T13526] Call Trace: [ 683.533372][T13526] [ 683.533385][T13526] dump_stack_lvl+0x16c/0x1f0 [ 683.533438][T13526] should_fail_ex+0x512/0x640 [ 683.533477][T13526] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 683.533518][T13526] should_failslab+0xc2/0x120 [ 683.533546][T13526] __kmalloc_cache_noprof+0x6a/0x3e0 [ 683.533584][T13526] ? __io_uring_add_tctx_node+0x132/0x500 [ 683.533627][T13526] __io_uring_add_tctx_node+0x132/0x500 [ 683.533655][T13526] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 683.533684][T13526] ? __anon_inode_getfile+0x18b/0x3a0 [ 683.533729][T13526] io_uring_setup+0x1579/0x2080 [ 683.533769][T13526] ? __pfx_io_uring_setup+0x10/0x10 [ 683.533829][T13526] ? xfd_validate_state+0x61/0x180 [ 683.533873][T13526] __x64_sys_io_uring_setup+0xc2/0x170 [ 683.533911][T13526] do_syscall_64+0xcd/0x490 [ 683.533957][T13526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.533985][T13526] RIP: 0033:0x7f1b8d98e929 [ 683.534006][T13526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.534033][T13526] RSP: 002b:00007f1b8e8be038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 683.534059][T13526] RAX: ffffffffffffffda RBX: 00007f1b8dbb6080 RCX: 00007f1b8d98e929 [ 683.534078][T13526] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 683.534094][T13526] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 683.534112][T13526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.534128][T13526] R13: 0000000000000000 R14: 00007f1b8dbb6080 R15: 00007ffc13bba5c8 [ 683.534161][T13526] [ 686.929245][T13549] Invalid ELF header magic: != ELF [ 690.834074][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.841729][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.184418][T13608] random: crng reseeded on system resumption [ 694.225247][T13611] kexec: Could not allocate control_code_buffer [ 696.408833][T13653] netlink: set zone limit has 8 unknown bytes [ 697.448147][T13666] FAULT_INJECTION: forcing a failure. [ 697.448147][T13666] name failslab, interval 1, probability 0, space 0, times 0 [ 697.476200][T13666] CPU: 0 UID: 0 PID: 13666 Comm: syz.1.1733 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 697.476249][T13666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 697.476270][T13666] Call Trace: [ 697.476282][T13666] [ 697.476311][T13666] dump_stack_lvl+0x16c/0x1f0 [ 697.476369][T13666] should_fail_ex+0x512/0x640 [ 697.476416][T13666] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 697.476470][T13666] should_failslab+0xc2/0x120 [ 697.476503][T13666] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 697.476556][T13666] ? security_file_alloc+0x34/0x2b0 [ 697.476604][T13666] security_file_alloc+0x34/0x2b0 [ 697.476647][T13666] init_file+0x93/0x4c0 [ 697.476680][T13666] alloc_empty_file+0x73/0x1e0 [ 697.476717][T13666] alloc_file_pseudo+0x13a/0x230 [ 697.476755][T13666] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 697.476803][T13666] __anon_inode_getfile+0xf7/0x3a0 [ 697.476858][T13666] io_uring_setup+0x154d/0x2080 [ 697.476905][T13666] ? __pfx_io_uring_setup+0x10/0x10 [ 697.476989][T13666] ? xfd_validate_state+0x61/0x180 [ 697.477044][T13666] __x64_sys_io_uring_setup+0xc2/0x170 [ 697.477090][T13666] do_syscall_64+0xcd/0x490 [ 697.477144][T13666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.477177][T13666] RIP: 0033:0x7fc17718e929 [ 697.477204][T13666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.477240][T13666] RSP: 002b:00007fc17802b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 697.477278][T13666] RAX: ffffffffffffffda RBX: 00007fc1773b6080 RCX: 00007fc17718e929 [ 697.477301][T13666] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 697.477320][T13666] RBP: 00007fc177210b39 R08: 0000000000000000 R09: 0000000000000000 [ 697.477340][T13666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.477360][T13666] R13: 0000000000000000 R14: 00007fc1773b6080 R15: 00007ffe381c3a98 [ 697.477401][T13666] [ 699.507973][ T30] audit: type=1804 audit(4294967653.493:31): pid=13681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1736" name="/newroot/218/file0" dev="tmpfs" ino=1162 res=1 errno=0 [ 701.975603][T13696] netlink: set zone limit has 8 unknown bytes [ 702.743265][ T1149] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1420 with max blocks 12 with error 117 [ 702.802592][ T1149] EXT4-fs (sda1): This should not happen!! Data will be lost [ 702.802592][ T1149] [ 703.518801][T13716] netlink: set zone limit has 8 unknown bytes [ 707.951846][T13773] netlink: set zone limit has 8 unknown bytes [ 711.393023][T13820] Invalid ELF header magic: != ELF [ 714.470035][T13867] futex_wake_op: syz.3.1765 tries to shift op by -9; fix this program [ 714.872497][T13866] netlink: set zone limit has 8 unknown bytes [ 715.301182][T13854] random: crng reseeded on system resumption [ 717.447822][T13898] FAULT_INJECTION: forcing a failure. [ 717.447822][T13898] name failslab, interval 1, probability 0, space 0, times 0 [ 717.554574][T13898] CPU: 1 UID: 0 PID: 13898 Comm: syz.2.1770 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 717.554614][T13898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 717.554631][T13898] Call Trace: [ 717.554641][T13898] [ 717.554652][T13898] dump_stack_lvl+0x16c/0x1f0 [ 717.554701][T13898] should_fail_ex+0x512/0x640 [ 717.554736][T13898] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 717.554774][T13898] should_failslab+0xc2/0x120 [ 717.554797][T13898] __kmalloc_cache_noprof+0x6a/0x3e0 [ 717.554829][T13898] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 717.554864][T13898] snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 717.554893][T13898] ? preempt_count_sub+0x95/0x160 [ 717.554922][T13898] ? trace_contention_end+0xdd/0x130 [ 717.554958][T13898] ? __mutex_lock+0x1ca/0xb90 [ 717.554994][T13898] ? rcu_is_watching+0x12/0xc0 [ 717.555021][T13898] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 717.555053][T13898] ? __pfx___mutex_lock+0x10/0x10 [ 717.555101][T13898] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 717.555149][T13898] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 717.555183][T13898] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 717.555214][T13898] ? hook_file_ioctl_common+0x145/0x410 [ 717.555242][T13898] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 717.555273][T13898] ? __fget_files+0x20e/0x3c0 [ 717.555310][T13898] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 717.555341][T13898] __x64_sys_ioctl+0x18e/0x210 [ 717.555371][T13898] do_syscall_64+0xcd/0x490 [ 717.555411][T13898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.555436][T13898] RIP: 0033:0x7f1b8d98e929 [ 717.555463][T13898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.555488][T13898] RSP: 002b:00007f1b8e8be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 717.555510][T13898] RAX: ffffffffffffffda RBX: 00007f1b8dbb6080 RCX: 00007f1b8d98e929 [ 717.555526][T13898] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009 [ 717.555541][T13898] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 717.555556][T13898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.555570][T13898] R13: 0000000000000000 R14: 00007f1b8dbb6080 R15: 00007ffc13bba5c8 [ 717.555601][T13898] [ 725.971929][T14020] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 961 with max blocks 34 with error 117 [ 726.295922][T14020] EXT4-fs (sda1): This should not happen!! Data will be lost [ 726.295922][T14020] [ 727.717071][T14046] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1379 with max blocks 53 with error 117 [ 727.730707][T14046] EXT4-fs (sda1): This should not happen!! Data will be lost [ 727.730707][T14046] [ 728.403215][T14046] netlink: set zone limit has 8 unknown bytes [ 731.859773][T14084] FAULT_INJECTION: forcing a failure. [ 731.859773][T14084] name failslab, interval 1, probability 0, space 0, times 0 [ 731.936503][T14084] CPU: 1 UID: 0 PID: 14084 Comm: syz.1.1802 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 731.936541][T14084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 731.936559][T14084] Call Trace: [ 731.936568][T14084] [ 731.936579][T14084] dump_stack_lvl+0x16c/0x1f0 [ 731.936629][T14084] should_fail_ex+0x512/0x640 [ 731.936671][T14084] ? __kmalloc_noprof+0xbf/0x510 [ 731.936716][T14084] ? lsm_blob_alloc+0x68/0x90 [ 731.936755][T14084] should_failslab+0xc2/0x120 [ 731.936802][T14084] __kmalloc_noprof+0xd2/0x510 [ 731.936857][T14084] lsm_blob_alloc+0x68/0x90 [ 731.936901][T14084] security_sk_alloc+0x30/0x270 [ 731.936934][T14084] sk_prot_alloc+0x1c7/0x2a0 [ 731.936969][T14084] sk_alloc+0x36/0xc20 [ 731.937011][T14084] tap_open+0x2f0/0x1170 [ 731.937044][T14084] ? __pfx_tap_open+0x10/0x10 [ 731.937071][T14084] chrdev_open+0x234/0x6a0 [ 731.937114][T14084] ? __pfx_apparmor_file_open+0x10/0x10 [ 731.937150][T14084] ? __pfx_chrdev_open+0x10/0x10 [ 731.937206][T14084] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 731.937251][T14084] do_dentry_open+0x741/0x1c10 [ 731.937294][T14084] ? __pfx_chrdev_open+0x10/0x10 [ 731.937368][T14084] vfs_open+0x82/0x3f0 [ 731.937408][T14084] path_openat+0x1de4/0x2cb0 [ 731.937471][T14084] ? __pfx_path_openat+0x10/0x10 [ 731.937520][T14084] ? __lock_acquire+0xb8a/0x1c90 [ 731.937571][T14084] do_filp_open+0x20b/0x470 [ 731.937620][T14084] ? __pfx_do_filp_open+0x10/0x10 [ 731.937699][T14084] ? alloc_fd+0x471/0x7d0 [ 731.937757][T14084] do_sys_openat2+0x11b/0x1d0 [ 731.937793][T14084] ? __pfx_do_sys_openat2+0x10/0x10 [ 731.937846][T14084] __x64_sys_openat+0x174/0x210 [ 731.937884][T14084] ? __pfx___x64_sys_openat+0x10/0x10 [ 731.937940][T14084] do_syscall_64+0xcd/0x490 [ 731.937995][T14084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.938030][T14084] RIP: 0033:0x7fc17718e929 [ 731.938057][T14084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.938091][T14084] RSP: 002b:00007fc17802b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 731.938121][T14084] RAX: ffffffffffffffda RBX: 00007fc1773b6080 RCX: 00007fc17718e929 [ 731.938143][T14084] RDX: 0000000000020000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 731.938173][T14084] RBP: 00007fc177210b39 R08: 0000000000000000 R09: 0000000000000000 [ 731.938194][T14084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.938214][T14084] R13: 0000000000000000 R14: 00007fc1773b6080 R15: 00007ffe381c3a98 [ 731.938258][T14084] [ 733.168238][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1424 with max blocks 8 with error 117 [ 733.197811][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 733.197811][ T36] [ 733.877661][T14110] futex_wake_op: syz.0.1805 tries to shift op by -9; fix this program [ 734.255384][T14106] netlink: set zone limit has 8 unknown bytes [ 738.527203][T14152] FAULT_INJECTION: forcing a failure. [ 738.527203][T14152] name failslab, interval 1, probability 0, space 0, times 0 [ 738.563699][T14152] CPU: 1 UID: 0 PID: 14152 Comm: syz.2.1814 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 738.563730][T14152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 738.563742][T14152] Call Trace: [ 738.563748][T14152] [ 738.563755][T14152] dump_stack_lvl+0x16c/0x1f0 [ 738.563791][T14152] should_fail_ex+0x512/0x640 [ 738.563819][T14152] ? __kmalloc_noprof+0xbf/0x510 [ 738.563850][T14152] ? lsm_blob_alloc+0x68/0x90 [ 738.563878][T14152] should_failslab+0xc2/0x120 [ 738.563897][T14152] __kmalloc_noprof+0xd2/0x510 [ 738.563932][T14152] lsm_blob_alloc+0x68/0x90 [ 738.563962][T14152] security_sk_alloc+0x30/0x270 [ 738.563984][T14152] sk_prot_alloc+0x1c7/0x2a0 [ 738.564008][T14152] sk_alloc+0x36/0xc20 [ 738.564037][T14152] tap_open+0x2f0/0x1170 [ 738.564060][T14152] ? __pfx_tap_open+0x10/0x10 [ 738.564078][T14152] chrdev_open+0x234/0x6a0 [ 738.564109][T14152] ? __pfx_apparmor_file_open+0x10/0x10 [ 738.564134][T14152] ? __pfx_chrdev_open+0x10/0x10 [ 738.564166][T14152] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 738.564197][T14152] do_dentry_open+0x741/0x1c10 [ 738.564227][T14152] ? __pfx_chrdev_open+0x10/0x10 [ 738.564262][T14152] vfs_open+0x82/0x3f0 [ 738.564286][T14152] path_openat+0x1de4/0x2cb0 [ 738.564331][T14152] ? __pfx_path_openat+0x10/0x10 [ 738.564362][T14152] ? __lock_acquire+0xb8a/0x1c90 [ 738.564392][T14152] do_filp_open+0x20b/0x470 [ 738.564420][T14152] ? __pfx_do_filp_open+0x10/0x10 [ 738.564466][T14152] ? alloc_fd+0x471/0x7d0 [ 738.564499][T14152] do_sys_openat2+0x11b/0x1d0 [ 738.564521][T14152] ? __pfx_do_sys_openat2+0x10/0x10 [ 738.564552][T14152] __x64_sys_openat+0x174/0x210 [ 738.564574][T14152] ? __pfx___x64_sys_openat+0x10/0x10 [ 738.564607][T14152] do_syscall_64+0xcd/0x490 [ 738.564659][T14152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 738.564685][T14152] RIP: 0033:0x7f1b8d98e929 [ 738.564702][T14152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 738.564722][T14152] RSP: 002b:00007f1b8e8df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 738.564742][T14152] RAX: ffffffffffffffda RBX: 00007f1b8dbb5fa0 RCX: 00007f1b8d98e929 [ 738.564756][T14152] RDX: 0000000000020000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 738.564769][T14152] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 738.564781][T14152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 738.564793][T14152] R13: 0000000000000000 R14: 00007f1b8dbb5fa0 R15: 00007ffc13bba5c8 [ 738.564819][T14152]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    syzkaller syzkaller login: [ 852.615883][T15469] netlink: 296 bytes leftover after parsing attributes in process `syz.2.2056'. [ 855.462110][ T1149] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 855.545806][ T1149] EXT4-fs (sda1): This should not happen!! Data will be lost [ 855.545806][ T1149] [ 855.598888][T15505] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input24 [ 857.275701][T15511] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 871.312759][T15631] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 970 with max blocks 25 with error 117 [ 871.427611][T15631] EXT4-fs (sda1): This should not happen!! Data will be lost [ 871.427611][T15631] [ 873.963855][T15663] bridge0: port 3(batadv0) entered blocking state [ 873.978127][T15663] bridge0: port 3(batadv0) entered disabled state [ 873.985000][T15663] batadv0: entered allmulticast mode [ 874.070861][T15663] batadv0: entered promiscuous mode [ 874.100893][T15663] bridge0: port 3(batadv0) entered blocking state [ 874.107712][T15663] bridge0: port 3(batadv0) entered forwarding state [ 874.269372][ T2952] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 874.279688][ T2952] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 874.646839][T15672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2094'. [ 874.690543][T15671] ima: policy update failed [ 874.708551][ T30] audit: type=1802 audit(4294967828.595:32): pid=15671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2094" res=0 errno=0 [ 875.234086][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.240567][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 878.877729][T15716] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 884.264935][T15767] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2113'. [ 884.350733][T15767] netlink: 98 bytes leftover after parsing attributes in process `syz.2.2113'. [ 886.010836][T15789] netlink: 'syz.0.2118': attribute type 2 has an invalid length. [ 886.076187][T15781] netlink: 296 bytes leftover after parsing attributes in process `syz.2.2117'. [ 886.274530][ T2991] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 886.338492][ T2991] EXT4-fs (sda1): This should not happen!! Data will be lost [ 886.338492][ T2991] [ 890.786798][T15841] netlink: 296 bytes leftover after parsing attributes in process `syz.2.2128'. [ 893.659438][T15880] Invalid ELF header magic: != ELF [ 896.820201][T15915] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 896.924651][T15916] netlink: 'syz.1.2142': attribute type 1 has an invalid length. [ 897.003423][T15916] netlink: 33 bytes leftover after parsing attributes in process `syz.1.2142'. [ 902.058971][T15971] netlink: 296 bytes leftover after parsing attributes in process `syz.1.2154'. [ 903.594446][T15994] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 904.203639][T16004] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2159'. [ 904.323878][T16004] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2159'. [ 905.402497][T16021] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 910.940215][T16075] can: request_module (can-proto-0) failed. [ 912.918182][T16100] FAULT_INJECTION: forcing a failure. [ 912.918182][T16100] name failslab, interval 1, probability 0, space 0, times 0 [ 913.039226][T16100] CPU: 0 UID: 0 PID: 16100 Comm: syz.0.2178 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 913.039272][T16100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 913.039291][T16100] Call Trace: [ 913.039301][T16100] [ 913.039314][T16100] dump_stack_lvl+0x16c/0x1f0 [ 913.039375][T16100] should_fail_ex+0x512/0x640 [ 913.039423][T16100] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 913.039486][T16100] should_failslab+0xc2/0x120 [ 913.039515][T16100] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 913.039560][T16100] ? lockdep_init_map_type+0x5c/0x280 [ 913.039598][T16100] ? seq_open+0x55/0x170 [ 913.039634][T16100] seq_open+0x55/0x170 [ 913.039665][T16100] kernfs_fop_open+0x59f/0xda0 [ 913.039698][T16100] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 913.039744][T16100] do_dentry_open+0x741/0x1c10 [ 913.039789][T16100] ? __pfx_kernfs_fop_open+0x10/0x10 [ 913.039828][T16100] vfs_open+0x82/0x3f0 [ 913.039865][T16100] path_openat+0x1de4/0x2cb0 [ 913.039920][T16100] ? __pfx_path_openat+0x10/0x10 [ 913.039966][T16100] ? __lock_acquire+0xb8a/0x1c90 [ 913.040018][T16100] do_filp_open+0x20b/0x470 [ 913.040061][T16100] ? __pfx_do_filp_open+0x10/0x10 [ 913.040155][T16100] ? alloc_fd+0x471/0x7d0 [ 913.040209][T16100] do_sys_openat2+0x11b/0x1d0 [ 913.040243][T16100] ? __pfx_do_sys_openat2+0x10/0x10 [ 913.040294][T16100] __x64_sys_openat+0x174/0x210 [ 913.040331][T16100] ? __pfx___x64_sys_openat+0x10/0x10 [ 913.040385][T16100] do_syscall_64+0xcd/0x490 [ 913.040438][T16100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 913.040469][T16100] RIP: 0033:0x7fd90d78e929 [ 913.040495][T16100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 913.040527][T16100] RSP: 002b:00007fd90e521038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 913.040557][T16100] RAX: ffffffffffffffda RBX: 00007fd90d9b6080 RCX: 00007fd90d78e929 [ 913.040578][T16100] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 913.040598][T16100] RBP: 00007fd90d810b39 R08: 0000000000000000 R09: 0000000000000000 [ 913.040633][T16100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 913.040653][T16100] R13: 0000000000000000 R14: 00007fd90d9b6080 R15: 00007ffc05299ef8 [ 913.040711][T16100] [ 914.822837][T16111] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2180'. [ 914.864149][T16111] team_slave_0: entered allmulticast mode [ 916.135033][T16125] syz.2.2183 (16125): attempted to duplicate a private mapping with mremap. This is not supported. [ 916.851657][ T2991] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 916.851778][ T2991] EXT4-fs (sda1): This should not happen!! Data will be lost [ 916.851778][ T2991] [ 917.801697][T16145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2184'. [ 924.705579][T16220] FAULT_INJECTION: forcing a failure. [ 924.705579][T16220] name failslab, interval 1, probability 0, space 0, times 0 [ 924.741974][T16220] CPU: 1 UID: 0 PID: 16220 Comm: syz.0.2202 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 924.742015][T16220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 924.742033][T16220] Call Trace: [ 924.742043][T16220] [ 924.742054][T16220] dump_stack_lvl+0x16c/0x1f0 [ 924.742106][T16220] should_fail_ex+0x512/0x640 [ 924.742149][T16220] ? __kmalloc_noprof+0xbf/0x510 [ 924.742196][T16220] ? mpi_alloc_limb_space+0x31/0x60 [ 924.742230][T16220] should_failslab+0xc2/0x120 [ 924.742258][T16220] __kmalloc_noprof+0xd2/0x510 [ 924.742311][T16220] mpi_alloc_limb_space+0x31/0x60 [ 924.742347][T16220] mpi_powm+0xbe2/0x1bf0 [ 924.742391][T16220] ? kasan_quarantine_put+0x10a/0x240 [ 924.742439][T16220] ? __pfx_mpi_powm+0x10/0x10 [ 924.742473][T16220] ? kfree+0x2b4/0x4d0 [ 924.742508][T16220] ? mpi_free+0xe1/0x160 [ 924.742546][T16220] ? mpi_free+0xe1/0x160 [ 924.742585][T16220] rsa_enc+0x1fe/0x3b0 [ 924.742632][T16220] ? __pfx_rsa_enc+0x10/0x10 [ 924.742676][T16220] ? __virt_addr_valid+0x81/0x610 [ 924.742716][T16220] ? __phys_addr+0xe8/0x180 [ 924.742746][T16220] ? sg_init_one+0xf5/0x1b0 [ 924.742787][T16220] rsassa_pkcs1_verify+0x4ff/0xb60 [ 924.742831][T16220] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 924.742883][T16220] ? rsa_max_size+0xd/0x70 [ 924.742925][T16220] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 924.742961][T16220] public_key_verify_signature+0x66f/0x970 [ 924.743005][T16220] ? __pfx_public_key_verify_signature+0x10/0x10 [ 924.743073][T16220] x509_check_for_self_signed+0x31a/0x500 [ 924.743120][T16220] x509_cert_parse+0x5f8/0x900 [ 924.743156][T16220] ? kasan_save_stack+0x42/0x60 [ 924.743198][T16220] ? kasan_save_stack+0x33/0x60 [ 924.743239][T16220] ? kasan_save_track+0x14/0x30 [ 924.743287][T16220] pkcs7_extract_cert+0xa4/0x320 [ 924.743333][T16220] asn1_ber_decoder+0xc5f/0x1df0 [ 924.743398][T16220] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 924.743471][T16220] pkcs7_parse_message+0x288/0x720 [ 924.743519][T16220] verify_pkcs7_signature+0x30/0xa0 [ 924.743556][T16220] valid_regdb+0x215/0x590 [ 924.743589][T16220] ? __pfx___mutex_lock+0x10/0x10 [ 924.743638][T16220] ? __pfx_valid_regdb+0x10/0x10 [ 924.743678][T16220] reg_reload_regdb+0x11e/0x460 [ 924.743725][T16220] ? __pfx_reg_reload_regdb+0x10/0x10 [ 924.743765][T16220] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 924.743811][T16220] ? nl80211_pre_doit+0x1b0/0xb10 [ 924.743861][T16220] genl_family_rcv_msg_doit+0x206/0x2f0 [ 924.743903][T16220] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 924.743940][T16220] ? rcu_is_watching+0x12/0xc0 [ 924.743985][T16220] ? bpf_lsm_capable+0x9/0x10 [ 924.744023][T16220] ? security_capable+0x7e/0x260 [ 924.744079][T16220] genl_rcv_msg+0x55c/0x800 [ 924.744121][T16220] ? __pfx_genl_rcv_msg+0x10/0x10 [ 924.744160][T16220] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 924.744211][T16220] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 924.744242][T16220] ? __pfx_nl80211_post_doit+0x10/0x10 [ 924.744298][T16220] netlink_rcv_skb+0x155/0x420 [ 924.744329][T16220] ? __pfx_genl_rcv_msg+0x10/0x10 [ 924.744366][T16220] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 924.744413][T16220] ? netlink_deliver_tap+0x1ae/0xd30 [ 924.744447][T16220] genl_rcv+0x28/0x40 [ 924.744494][T16220] netlink_unicast+0x53a/0x7f0 [ 924.744530][T16220] ? __pfx_netlink_unicast+0x10/0x10 [ 924.744575][T16220] netlink_sendmsg+0x8d1/0xdd0 [ 924.744615][T16220] ? __pfx_netlink_sendmsg+0x10/0x10 [ 924.744663][T16220] ____sys_sendmsg+0xa95/0xc70 [ 924.744709][T16220] ? copy_msghdr_from_user+0x10a/0x160 [ 924.744756][T16220] ? __pfx_____sys_sendmsg+0x10/0x10 [ 924.744789][T16220] ? preempt_schedule_thunk+0x16/0x30 [ 924.744834][T16220] ? try_to_wake_up+0xa2f/0x1680 [ 924.744870][T16220] ___sys_sendmsg+0x134/0x1d0 [ 924.744919][T16220] ? __pfx____sys_sendmsg+0x10/0x10 [ 924.744961][T16220] ? __lock_acquire+0x622/0x1c90 [ 924.745047][T16220] __sys_sendmsg+0x16d/0x220 [ 924.745093][T16220] ? __pfx___sys_sendmsg+0x10/0x10 [ 924.745139][T16220] ? __x64_sys_futex+0x1e0/0x4c0 [ 924.745200][T16220] do_syscall_64+0xcd/0x490 [ 924.745251][T16220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 924.745281][T16220] RIP: 0033:0x7fd90d78e929 [ 924.745306][T16220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 924.745338][T16220] RSP: 002b:00007fd90e542038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 924.745366][T16220] RAX: ffffffffffffffda RBX: 00007fd90d9b5fa0 RCX: 00007fd90d78e929 [ 924.745386][T16220] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000008 [ 924.745403][T16220] RBP: 00007fd90d810b39 R08: 0000000000000000 R09: 0000000000000000 [ 924.745421][T16220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 924.745438][T16220] R13: 0000000000000000 R14: 00007fd90d9b5fa0 R15: 00007ffc05299ef8 [ 924.745476][T16220] [ 925.706722][T16213] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 972 with max blocks 23 with error 117 [ 925.719557][T16213] EXT4-fs (sda1): This should not happen!! Data will be lost [ 925.719557][T16213] [ 926.066003][T16216] random: crng reseeded on system resumption [ 926.628840][T16248] FAULT_INJECTION: forcing a failure. [ 926.628840][T16248] name failslab, interval 1, probability 0, space 0, times 0 [ 926.663548][T16248] CPU: 1 UID: 0 PID: 16248 Comm: syz.1.2208 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 926.663577][T16248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 926.663590][T16248] Call Trace: [ 926.663597][T16248] [ 926.663605][T16248] dump_stack_lvl+0x16c/0x1f0 [ 926.663643][T16248] should_fail_ex+0x512/0x640 [ 926.663674][T16248] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 926.663706][T16248] should_failslab+0xc2/0x120 [ 926.663727][T16248] __kmalloc_cache_noprof+0x6a/0x3e0 [ 926.663756][T16248] ? cuse_channel_open+0x1de/0x7f0 [ 926.663790][T16248] cuse_channel_open+0x1de/0x7f0 [ 926.663818][T16248] ? __pfx_cuse_channel_open+0x10/0x10 [ 926.663848][T16248] misc_open+0x35d/0x420 [ 926.663882][T16248] ? __pfx_misc_open+0x10/0x10 [ 926.663908][T16248] chrdev_open+0x234/0x6a0 [ 926.663941][T16248] ? __pfx_apparmor_file_open+0x10/0x10 [ 926.663969][T16248] ? __pfx_chrdev_open+0x10/0x10 [ 926.664004][T16248] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 926.664038][T16248] do_dentry_open+0x741/0x1c10 [ 926.664070][T16248] ? __pfx_chrdev_open+0x10/0x10 [ 926.664108][T16248] vfs_open+0x82/0x3f0 [ 926.664133][T16248] path_openat+0x1de4/0x2cb0 [ 926.664173][T16248] ? __pfx_path_openat+0x10/0x10 [ 926.664205][T16248] ? __lock_acquire+0xb8a/0x1c90 [ 926.664236][T16248] do_filp_open+0x20b/0x470 [ 926.664267][T16248] ? __pfx_do_filp_open+0x10/0x10 [ 926.664317][T16248] ? alloc_fd+0x471/0x7d0 [ 926.664352][T16248] do_sys_openat2+0x11b/0x1d0 [ 926.664376][T16248] ? __pfx_do_sys_openat2+0x10/0x10 [ 926.664410][T16248] __x64_sys_openat+0x174/0x210 [ 926.664434][T16248] ? __pfx___x64_sys_openat+0x10/0x10 [ 926.664469][T16248] do_syscall_64+0xcd/0x490 [ 926.664504][T16248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 926.664526][T16248] RIP: 0033:0x7fc17718e929 [ 926.664543][T16248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 926.664565][T16248] RSP: 002b:00007fc17802b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 926.664586][T16248] RAX: ffffffffffffffda RBX: 00007fc1773b6080 RCX: 00007fc17718e929 [ 926.664601][T16248] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 926.664614][T16248] RBP: 00007fc177210b39 R08: 0000000000000000 R09: 0000000000000000 [ 926.664627][T16248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 926.664640][T16248] R13: 0000000000000000 R14: 00007fc1773b6080 R15: 00007ffe381c3a98 [ 926.664666][T16248] [ 928.719158][T16266] GUP no longer grows the stack in syz.1.2212 (16266): 14000-401000 (4000) [ 928.828531][T16266] CPU: 0 UID: 0 PID: 16266 Comm: syz.1.2212 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 928.828580][T16266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 928.828593][T16266] Call Trace: [ 928.828611][T16266] [ 928.828618][T16266] dump_stack_lvl+0x16c/0x1f0 [ 928.828661][T16266] gup_vma_lookup+0x1d2/0x220 [ 928.828684][T16266] __get_user_pages+0x271/0x3b80 [ 928.828714][T16266] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 928.828748][T16266] ? kasan_save_stack+0x42/0x60 [ 928.828778][T16266] ? __pfx___get_user_pages+0x10/0x10 [ 928.828800][T16266] ? register_lock_class+0x41/0x4c0 [ 928.828826][T16266] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 928.828857][T16266] ? do_syscall_64+0xcd/0x490 [ 928.828895][T16266] __gup_longterm_locked+0x20d/0x1850 [ 928.828919][T16266] ? __lock_acquire+0xb8a/0x1c90 [ 928.828949][T16266] ? __pfx___gup_longterm_locked+0x10/0x10 [ 928.828995][T16266] pin_user_pages_remote+0xed/0x140 [ 928.829033][T16266] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 928.829057][T16266] ? mm_access+0x22d/0x2e0 [ 928.829089][T16266] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 928.829133][T16266] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 928.829169][T16266] ? iovec_from_user+0xbb/0x140 [ 928.829212][T16266] ? iovec_from_user+0xbb/0x140 [ 928.829245][T16266] process_vm_rw+0x216/0x2c0 [ 928.829278][T16266] ? __pfx_process_vm_rw+0x10/0x10 [ 928.829317][T16266] ? __pfx___sys_sendmmsg+0x10/0x10 [ 928.829372][T16266] ? xfd_validate_state+0x61/0x180 [ 928.829397][T16266] ? __task_pid_nr_ns+0x17c/0x500 [ 928.829426][T16266] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 928.829459][T16266] ? do_syscall_64+0x91/0x490 [ 928.829489][T16266] ? lockdep_hardirqs_on+0x7c/0x110 [ 928.829519][T16266] do_syscall_64+0xcd/0x490 [ 928.829551][T16266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.829571][T16266] RIP: 0033:0x7fc17718e929 [ 928.829587][T16266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 928.829606][T16266] RSP: 002b:00007fc17802b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 928.829625][T16266] RAX: ffffffffffffffda RBX: 00007fc1773b6080 RCX: 00007fc17718e929 [ 928.829638][T16266] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 00000000000008f6 [ 928.829658][T16266] RBP: 00007fc177210b39 R08: 0000000000000003 R09: 0000000000000000 [ 928.829670][T16266] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 928.829682][T16266] R13: 0000000000000000 R14: 00007fc1773b6080 R15: 00007ffe381c3a98 [ 928.829707][T16266] [ 929.733423][T16295] FAULT_INJECTION: forcing a failure. [ 929.733423][T16295] name failslab, interval 1, probability 0, space 0, times 0 [ 929.746610][T16295] CPU: 1 UID: 0 PID: 16295 Comm: syz.1.2219 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 929.746648][T16295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 929.746666][T16295] Call Trace: [ 929.746675][T16295] [ 929.746686][T16295] dump_stack_lvl+0x16c/0x1f0 [ 929.746737][T16295] should_fail_ex+0x512/0x640 [ 929.746778][T16295] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 929.746846][T16295] should_failslab+0xc2/0x120 [ 929.746876][T16295] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 929.746924][T16295] ? lockdep_init_map_type+0x5c/0x280 [ 929.746966][T16295] ? seq_open+0x55/0x170 [ 929.747003][T16295] seq_open+0x55/0x170 [ 929.747036][T16295] kernfs_fop_open+0x59f/0xda0 [ 929.747071][T16295] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 929.747121][T16295] do_dentry_open+0x741/0x1c10 [ 929.747168][T16295] ? __pfx_kernfs_fop_open+0x10/0x10 [ 929.747210][T16295] vfs_open+0x82/0x3f0 [ 929.747266][T16295] path_openat+0x1de4/0x2cb0 [ 929.747328][T16295] ? __pfx_path_openat+0x10/0x10 [ 929.747379][T16295] ? __lock_acquire+0xb8a/0x1c90 [ 929.747444][T16295] do_filp_open+0x20b/0x470 [ 929.747494][T16295] ? __pfx_do_filp_open+0x10/0x10 [ 929.747576][T16295] ? alloc_fd+0x471/0x7d0 [ 929.747640][T16295] do_sys_openat2+0x11b/0x1d0 [ 929.747677][T16295] ? __pfx_do_sys_openat2+0x10/0x10 [ 929.747730][T16295] __x64_sys_openat+0x174/0x210 [ 929.747767][T16295] ? __pfx___x64_sys_openat+0x10/0x10 [ 929.747822][T16295] do_syscall_64+0xcd/0x490 [ 929.747879][T16295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.747912][T16295] RIP: 0033:0x7fc17718e929 [ 929.747938][T16295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 929.747970][T16295] RSP: 002b:00007fc17804c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 929.748001][T16295] RAX: ffffffffffffffda RBX: 00007fc1773b5fa0 RCX: 00007fc17718e929 [ 929.748022][T16295] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 929.748042][T16295] RBP: 00007fc177210b39 R08: 0000000000000000 R09: 0000000000000000 [ 929.748062][T16295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 929.748081][T16295] R13: 0000000000000000 R14: 00007fc1773b5fa0 R15: 00007ffe381c3a98 [ 929.748124][T16295] [ 931.238141][T16307] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1406 with max blocks 26 with error 117 [ 931.327675][T16307] EXT4-fs (sda1): This should not happen!! Data will be lost [ 931.327675][T16307] [ 932.696049][T16334] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1424 with max blocks 8 with error 117 [ 932.724962][T16334] EXT4-fs (sda1): This should not happen!! Data will be lost [ 932.724962][T16334] [ 933.350451][T16251] Bluetooth: hci0: unexpected event 0x3d length: 726 > 14 [ 934.670902][T16353] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 934.678137][T16353] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 934.687634][T16353] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 936.224837][T16251] Bluetooth: hci2: command 0x0c1a tx timeout [ 936.679150][T16394] sd 0:0:1:0: PR command failed: 1026 [ 936.693676][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.700051][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 936.706929][T16251] Bluetooth: hci1: command 0x0406 tx timeout [ 936.713071][T16251] Bluetooth: hci0: command 0x0c1a tx timeout [ 936.856815][T16394] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 936.964867][T16394] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 938.937019][T16419] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2244'. [ 938.999791][T16419] veth1_macvtap: left promiscuous mode [ 941.349717][T16463] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 978 with max blocks 17 with error 117 [ 941.397746][T16463] EXT4-fs (sda1): This should not happen!! Data will be lost [ 941.397746][T16463] [ 943.276822][T16477] Console: switching to colour frame buffer device 128x48 [ 943.538400][T16478] zswap: compressor not available [ 946.593246][T16516] hub 8-0:1.0: USB hub found [ 946.607250][T16516] hub 8-0:1.0: 1 port detected [ 947.336017][T16226] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 947.355994][T16226] EXT4-fs (sda1): This should not happen!! Data will be lost [ 947.355994][T16226] [ 948.038336][ T30] audit: type=1804 audit(4294967901.894:33): pid=16531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2267" name="/newroot/345/file0" dev="tmpfs" ino=1830 res=1 errno=0 [ 948.082380][ T30] audit: type=1800 audit(4294967901.894:34): pid=16531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2267" name="file0" dev="tmpfs" ino=1830 res=0 errno=0 [ 949.858478][T16541] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 949.865047][T16541] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 949.871435][T16541] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 951.464735][T16562] random: crng reseeded on system resumption [ 951.573117][T16395] Bluetooth: hci2: command 0x0c1a tx timeout [ 951.900471][T16395] Bluetooth: hci1: command 0x0406 tx timeout [ 951.906661][T16395] Bluetooth: hci0: command 0x0c1a tx timeout [ 957.076558][T16646] sd 0:0:1:0: PR command failed: 1026 [ 957.273852][T16646] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 957.324802][T16646] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 960.662324][T16690] FAULT_INJECTION: forcing a failure. [ 960.662324][T16690] name failslab, interval 1, probability 0, space 0, times 0 [ 960.719283][T16690] CPU: 0 UID: 0 PID: 16690 Comm: syz.1.2298 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 960.719317][T16690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 960.719332][T16690] Call Trace: [ 960.719340][T16690] [ 960.719350][T16690] dump_stack_lvl+0x16c/0x1f0 [ 960.719393][T16690] should_fail_ex+0x512/0x640 [ 960.719427][T16690] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 960.719465][T16690] should_failslab+0xc2/0x120 [ 960.719498][T16690] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 960.719535][T16690] ? getname_flags.part.0+0x4c/0x550 [ 960.719567][T16690] getname_flags.part.0+0x4c/0x550 [ 960.719597][T16690] getname_flags+0x93/0xf0 [ 960.719644][T16690] do_sys_openat2+0xb8/0x1d0 [ 960.719682][T16690] ? __pfx_do_sys_openat2+0x10/0x10 [ 960.719710][T16690] ? __sys_sendmsg+0x18c/0x220 [ 960.719757][T16690] __x64_sys_openat+0x174/0x210 [ 960.719785][T16690] ? __pfx___x64_sys_openat+0x10/0x10 [ 960.719823][T16690] do_syscall_64+0xcd/0x490 [ 960.719862][T16690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.719885][T16690] RIP: 0033:0x7fc17718e929 [ 960.719904][T16690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 960.719926][T16690] RSP: 002b:00007fc17804c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 960.719948][T16690] RAX: ffffffffffffffda RBX: 00007fc1773b5fa0 RCX: 00007fc17718e929 [ 960.719963][T16690] RDX: 0000000000000002 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 960.719978][T16690] RBP: 00007fc177210b39 R08: 0000000000000000 R09: 0000000000000000 [ 960.719992][T16690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 960.720006][T16690] R13: 0000000000000000 R14: 00007fc1773b5fa0 R15: 00007ffe381c3a98 [ 960.720034][T16690] [ 962.857915][T16395] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14 [ 966.151130][T16748] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input26 [ 968.605931][T16767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2316'. [ 969.592753][T16395] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 970.565790][T16798] FAULT_INJECTION: forcing a failure. [ 970.565790][T16798] name failslab, interval 1, probability 0, space 0, times 0 [ 970.596245][T16798] CPU: 1 UID: 0 PID: 16798 Comm: syz.2.2329 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 970.596292][T16798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 970.596312][T16798] Call Trace: [ 970.596323][T16798] [ 970.596336][T16798] dump_stack_lvl+0x16c/0x1f0 [ 970.596400][T16798] should_fail_ex+0x512/0x640 [ 970.596449][T16798] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 970.596505][T16798] should_failslab+0xc2/0x120 [ 970.596538][T16798] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 970.596587][T16798] ? __proc_create+0xc3/0x8c0 [ 970.596637][T16798] ? __proc_create+0x2ce/0x8c0 [ 970.596697][T16798] __proc_create+0x2ce/0x8c0 [ 970.596761][T16798] ? __pfx___proc_create+0x10/0x10 [ 970.596820][T16798] ? proc_register+0x314/0x5f0 [ 970.596881][T16798] proc_create_reg+0x7d/0x180 [ 970.596918][T16798] proc_create_net_data+0x8e/0x1b0 [ 970.596974][T16798] ? __pfx_proc_create_net_data+0x10/0x10 [ 970.597023][T16798] ? __pfx_uevent_net_rcv+0x10/0x10 [ 970.597065][T16798] ? __pfx_dev_mc_net_init+0x10/0x10 [ 970.597110][T16798] dev_mc_net_init+0x50/0x70 [ 970.597155][T16798] ops_init+0x1e2/0x5f0 [ 970.597192][T16798] setup_net+0x1ff/0x510 [ 970.597222][T16798] ? lockdep_init_map_type+0x5c/0x280 [ 970.597271][T16798] ? __pfx_setup_net+0x10/0x10 [ 970.597304][T16798] ? debug_mutex_init+0x37/0x70 [ 970.597341][T16798] copy_net_ns+0x2a6/0x5f0 [ 970.597379][T16798] create_new_namespaces+0x3ea/0xa90 [ 970.597427][T16798] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 970.597469][T16798] ksys_unshare+0x45b/0xa40 [ 970.597514][T16798] ? __pfx_ksys_unshare+0x10/0x10 [ 970.597559][T16798] ? xfd_validate_state+0x61/0x180 [ 970.597615][T16798] __x64_sys_unshare+0x31/0x40 [ 970.597658][T16798] do_syscall_64+0xcd/0x490 [ 970.597726][T16798] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.597761][T16798] RIP: 0033:0x7f1b8d98e929 [ 970.597793][T16798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 970.597826][T16798] RSP: 002b:00007f1b8e8be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 970.597857][T16798] RAX: ffffffffffffffda RBX: 00007f1b8dbb6080 RCX: 00007f1b8d98e929 [ 970.597878][T16798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 970.597898][T16798] RBP: 00007f1b8da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 970.597919][T16798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 970.597938][T16798] R13: 0000000000000000 R14: 00007f1b8dbb6080 R15: 00007ffc13bba5c8 [ 970.597979][T16798] [ 973.394991][T16813] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 973.716476][T16827] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input27 [ 977.228835][T16865] ima: policy update failed [ 977.237872][T16865] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2343'. [ 977.239756][ T30] audit: type=1802 audit(4294967931.124:35): pid=16865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2343" res=0 errno=0 [ 977.603331][T16276] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 977.627613][T16276] EXT4-fs (sda1): This should not happen!! Data will be lost [ 977.627613][T16276] [ 978.601868][T16876] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1391 with max blocks 39 with error 117 [ 978.623938][T16876] EXT4-fs (sda1): This should not happen!! Data will be lost [ 978.623938][T16876] [ 980.861213][T16902] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 980.875517][T16902] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 980.890575][T16902] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 982.401705][T16395] Bluetooth: hci2: command 0x0c1a tx timeout [ 982.930311][T16224] Bluetooth: hci0: command 0x0c1a tx timeout [ 982.936536][T16395] Bluetooth: hci1: command 0x0406 tx timeout [ 984.859844][T16948] [U] [ 984.862806][T16948] [U] [ 984.865543][T16948] [U] [ 984.868270][T16948] [U] [ 984.900511][T16948] [U] [ 984.903325][T16948] [U] [ 984.906201][T16948] [U] [ 984.909189][T16948] [U] [ 984.939957][T16948] [U] [ 984.942751][T16948] [U] [ 984.945829][T16948] [U] [ 984.948642][T16948] [U] [ 985.028161][T16948] [U] [ 985.031516][T16948] [U] [ 985.034281][T16948] [U] [ 985.037388][T16948] [U] [ 985.204040][T16948] [U] [ 985.207945][T16948] [U] [ 985.210873][T16948] [U] [ 985.213618][T16948] [U] [ 985.222879][T16952] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 985.240289][T16948] [U] [ 985.243126][T16948] [U] [ 985.246173][T16948] [U] [ 985.249311][T16948] [U] [ 985.423570][T16948] [U] [ 985.426504][T16948] [U] [ 985.429277][T16948] [U] [ 985.432030][T16948] [U] [ 985.479495][T16948] [U] [ 985.482353][T16948] [U] [ 985.485136][T16948] [U] [ 985.487895][T16948] [U] [ 985.491108][T16948] [U] [ 985.493892][T16948] [U] [ 985.496655][T16948] [U] [ 985.499426][T16948] [U] [ 985.502505][T16948] [U] [ 985.505292][T16948] [U] [ 985.508140][T16948] [U] [ 985.511612][T16948] [U] [ 985.567349][T16948] [U] [ 985.570244][T16948] [U] [ 985.573896][T16948] [U] [ 985.577528][T16948] [U] [ 985.617796][T16948] [U] [ 985.620641][T16948] [U] [ 985.623424][T16948] [U] [ 985.626211][T16948] [U] [ 985.670223][T16948] [U] [ 985.673166][T16948] [U] [ 985.675940][T16948] [U] [ 985.678720][T16948] [U] [ 985.785597][T16948] [U] [ 985.788422][T16948] [U] [ 985.791320][T16948] [U] [ 985.794239][T16948] [U] [ 985.808689][T16948] [U] [ 985.811572][T16948] [U] [ 985.814384][T16948] [U] [ 985.817174][T16948] [U] [ 985.831413][T16948] [U] [ 986.737373][T16224] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 986.749740][T16224] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 986.761517][T16224] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 986.771338][T16224] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 986.784304][T16224] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 987.536820][T16968] chnl_net:caif_netlink_parms(): no params data found [ 988.042437][T16968] bridge0: port 1(bridge_slave_0) entered blocking state [ 988.059474][T16968] bridge0: port 1(bridge_slave_0) entered disabled state [ 988.067147][T16968] bridge_slave_0: entered allmulticast mode [ 988.088098][T16968] bridge_slave_0: entered promiscuous mode [ 988.107620][T16968] bridge0: port 2(bridge_slave_1) entered blocking state [ 988.129434][T16968] bridge0: port 2(bridge_slave_1) entered disabled state [ 988.137099][T16968] bridge_slave_1: entered allmulticast mode [ 988.188280][T16968] bridge_slave_1: entered promiscuous mode [ 988.404610][T16968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 988.444220][T16968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 988.660530][T16968] team0: Port device team_slave_0 added [ 988.683863][T16968] team0: Port device team_slave_1 added [ 988.849329][T16395] Bluetooth: hci4: command tx timeout [ 988.951410][T16968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 989.009344][T16968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 989.036629][ C1] vkms_vblank_simulate: vblank timer overrun [ 989.081276][T16968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 989.105227][T16968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 989.115656][T16968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 989.145382][T16968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 989.320484][T16968] hsr_slave_0: entered promiscuous mode [ 989.327890][T16968] hsr_slave_1: entered promiscuous mode [ 989.547433][T16395] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 990.145594][T16968] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 990.158317][T16968] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 990.212351][T16968] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 990.236167][T16968] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 990.322307][T17000] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 990.341513][T17000] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 990.347897][T17000] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 990.369627][T17000] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 990.380659][T17000] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 990.386844][T17000] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 990.402661][T17000] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 990.623081][T16968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 990.684731][T16968] 8021q: adding VLAN 0 to HW filter on device team0 [ 990.713651][T16226] bridge0: port 1(bridge_slave_0) entered blocking state [ 990.720997][T16226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 990.783800][T16276] bridge0: port 2(bridge_slave_1) entered blocking state [ 990.791234][T16276] bridge0: port 2(bridge_slave_1) entered forwarding state [ 990.814013][T17026] Invalid ELF header magic: != ELF [ 990.994069][T16968] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 991.936996][T16968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 991.969226][T16224] Bluetooth: hci2: command 0x0c1a tx timeout [ 992.269314][T17036] can: request_module (can-proto-0) failed. [ 992.377942][T16224] Bluetooth: hci0: command 0x0c1a tx timeout [ 992.450974][T16224] Bluetooth: hci4: command 0x040f tx timeout [ 992.457148][T16395] Bluetooth: hci1: command 0x0406 tx timeout [ 992.793979][T16968] veth0_vlan: entered promiscuous mode [ 992.859543][T16968] veth1_vlan: entered promiscuous mode [ 992.924701][T16968] veth0_macvtap: entered promiscuous mode [ 992.946928][T16968] veth1_macvtap: entered promiscuous mode [ 992.988624][T16968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 993.017524][T16968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 993.051498][T16968] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 993.061828][T16968] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 993.079127][T16968] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 993.087959][T16968] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 993.403302][T16225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 993.434315][T16225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 993.631311][T16223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 993.659574][T16223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 994.449862][T16395] Bluetooth: hci0: command 0x0c1a tx timeout [ 994.530956][T16395] Bluetooth: hci4: command 0x040f tx timeout [ 996.626406][T16395] Bluetooth: hci4: command 0x040f tx timeout [ 997.835923][T17112] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 997.835923][T17112] M' is too long [ 997.854150][T17112] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 997.854150][T17112] W ' is too long [ 998.163822][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.171117][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 998.691454][T16395] Bluetooth: hci4: command 0x040f tx timeout [ 1000.769672][T16395] Bluetooth: hci4: command 0x040f tx timeout [ 1004.586377][T17184] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2398'. [ 1004.659478][T17184] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2398'. [ 1004.719462][T17184] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2398'. [ 1004.746920][T17188] netlink: 102 bytes leftover after parsing attributes in process `syz.4.2398'. [ 1007.556527][T17213] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 978 with max blocks 17 with error 117 [ 1007.610343][T17213] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1007.610343][T17213] [ 1007.971488][T16225] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 1008.099101][T16225] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1008.099101][T16225] [ 1012.052636][T17266] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 1012.161805][T17267] netlink: 'syz.2.2417': attribute type 1 has an invalid length. [ 1012.239175][T17267] netlink: 33 bytes leftover after parsing attributes in process `syz.2.2417'. [ 1017.747991][T17308] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1022.410258][T17387] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2448'. [ 1022.424313][T17387] netlink: 262 bytes leftover after parsing attributes in process `syz.0.2448'. [ 1022.539797][T17389] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input30 [ 1024.528548][T17409] Invalid ELF header magic: != ELF [ 1026.455638][T17426] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 1030.848517][T17474] can: request_module (can-proto-0) failed. [ 1033.909488][T17500] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2455'. [ 1033.993162][T17500] netlink: 102 bytes leftover after parsing attributes in process `syz.1.2455'. [ 1038.459569][T16255] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 1038.472933][T16255] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1038.472933][T16255] [ 1047.683841][T17615] can: request_module (can-proto-0) failed. [ 1050.408942][T17634] kafs: addr_prefs: Invalid Command [ 1056.012731][T17705] netlink: 'syz.0.2502': attribute type 1 has an invalid length. [ 1056.032901][T17705] netlink: 33 bytes leftover after parsing attributes in process `syz.0.2502'. [ 1058.541175][T17716] kafs: addr_prefs: Invalid Command [ 1059.574087][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1059.582419][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1059.592936][T17726] can: request_module (can-proto-0) failed. [ 1061.316195][T17737] can: request_module (can-proto-0) failed. [ 1063.528158][T17764] kafs: addr_prefs: Invalid Command [ 1068.771971][T16226] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1430 with max blocks 2 with error 117 [ 1068.859177][T16226] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1068.859177][T16226] [ 1070.026819][T17825] can: request_module (can-proto-0) failed. [ 1070.057738][T17822] can: request_module (can-proto-0) failed. [ 1076.877386][T17887] can: request_module (can-proto-0) failed. [ 1077.069564][T17889] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 975 with max blocks 20 with error 117 [ 1077.083307][T17889] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1077.083307][T17889] [ 1086.344338][T17960] can: request_module (can-proto-0) failed. [ 1089.009939][ T31] INFO: task kworker/u8:8:2952 blocked for more than 143 seconds. [ 1089.026162][ T31] Not tainted 6.16.0-rc3-syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1089.216335][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1089.241648][ T31] task:kworker/u8:8 state:D stack:23512 pid:2952 tgid:2952 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 1089.279373][ T31] Workqueue: netns cleanup_net [ 1089.384066][T17997] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 993 with max blocks 2 with error 117 [ 1089.399752][ T31] Call Trace: [ 1089.403161][ T31] [ 1089.406127][ T31] __schedule+0x116a/0x5de0 [ 1089.417431][T17997] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1089.417431][T17997] [ 1089.491088][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1089.527938][ T31] ? rcu_watching_snap_stopped_since+0x81/0x110 [ 1089.587006][ T31] ? __lock_acquire+0x622/0x1c90 [ 1089.629272][ T31] ? __pfx___schedule+0x10/0x10 [ 1089.634676][ T31] ? find_held_lock+0x2b/0x80 [ 1089.754009][ T31] ? schedule+0x2d7/0x3a0 [ 1089.814848][ T31] schedule+0xe7/0x3a0 [ 1089.877610][ T31] schedule_timeout+0x257/0x290 [ 1089.919128][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1089.989141][ T31] ? mark_held_locks+0x49/0x80 [ 1089.994206][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1090.009086][ T31] __wait_for_common+0x2ff/0x4e0 [ 1090.035356][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1090.059099][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1090.086330][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1090.106600][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 1090.120120][ T31] __flush_workqueue+0x3e2/0x1230 [ 1090.127147][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 1090.149153][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 1090.154711][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1090.167902][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1090.178139][ T31] rds_tcp_listen_stop+0x104/0x150 [ 1090.199413][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1090.205113][ T31] rds_tcp_exit_net+0xcb/0x810 [ 1090.220665][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1090.226904][ T31] ? __pfx___might_resched+0x10/0x10 [ 1090.249193][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1090.264006][ T31] ops_undo_list+0x2ee/0xab0 [ 1090.289090][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 1090.294555][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 1090.314570][ T31] cleanup_net+0x408/0x890 [ 1090.334909][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1090.340550][ T31] ? rcu_is_watching+0x12/0xc0 [ 1090.345432][ T31] process_one_work+0x9cc/0x1b70 [ 1090.376531][ T31] ? __pfx_rds_connect_worker+0x10/0x10 [ 1090.389092][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1090.394642][ T31] ? assign_work+0x1a0/0x250 [ 1090.429153][ T31] worker_thread+0x6c8/0xf10 [ 1090.433926][ T31] ? __kthread_parkme+0x19e/0x250 [ 1090.445037][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1090.461177][ T31] kthread+0x3c5/0x780 [ 1090.465841][ T31] ? __pfx_kthread+0x10/0x10 [ 1090.479104][ T31] ? rcu_is_watching+0x12/0xc0 [ 1090.484007][ T31] ? __pfx_kthread+0x10/0x10 [ 1090.499131][ T31] ret_from_fork+0x5d4/0x6f0 [ 1090.503891][ T31] ? __pfx_kthread+0x10/0x10 [ 1090.508665][ T31] ret_from_fork_asm+0x1a/0x30 [ 1090.539125][ T31] [ 1090.542403][ T31] [ 1090.542403][ T31] Showing all locks held in the system: [ 1090.579080][ T31] 1 lock held by khungtaskd/31: [ 1090.584042][ T31] #0: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1090.609940][ T31] 3 locks held by kworker/u8:8/2952: [ 1090.616627][ T31] #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1090.659065][ T31] #1: ffffc9000b3dfd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1090.681680][ T31] #2: ffffffff90338190 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 1090.699057][ T31] 2 locks held by syz-executor/5821: [ 1090.704913][ T31] 2 locks held by getty/15447: [ 1090.729169][ T31] #0: ffff8880322c50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1090.744307][ T31] #1: ffffc90004be92f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1090.799134][ T31] 1 lock held by syz.3.2320/16804: [ 1090.804367][ T31] #0: ffffffff90338190 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 1090.859411][ T31] 2 locks held by syz-executor/16968: [ 1090.865005][ T31] 1 lock held by syz.4.2549/17964: [ 1090.889084][ T31] 2 locks held by dhcpcd/18000: [ 1090.919123][ T31] #0: ffff8880782e4408 (&sb->s_type->i_mutex_key#11){+.+.}-{4:4}, at: __sock_release+0x86/0x270 [ 1090.956841][ T31] #1: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0 [ 1090.971190][ T31] 2 locks held by dhcpcd/18001: [ 1090.979408][ T31] #0: ffff888040e5c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf60 [ 1090.989789][ T31] #1: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 1091.002735][ T31] [ 1091.006468][ T31] ============================================= [ 1091.006468][ T31] [ 1091.059947][ T31] NMI backtrace for cpu 0 [ 1091.059973][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1091.060013][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1091.060031][ T31] Call Trace: [ 1091.060041][ T31] [ 1091.060053][ T31] dump_stack_lvl+0x116/0x1f0 [ 1091.060110][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1091.060168][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1091.060218][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1091.060263][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1091.060308][ T31] watchdog+0xf70/0x12c0 [ 1091.060364][ T31] ? __pfx_watchdog+0x10/0x10 [ 1091.060410][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1091.060462][ T31] ? __kthread_parkme+0x19e/0x250 [ 1091.060504][ T31] ? __pfx_watchdog+0x10/0x10 [ 1091.060550][ T31] kthread+0x3c5/0x780 [ 1091.060597][ T31] ? __pfx_kthread+0x10/0x10 [ 1091.060646][ T31] ? rcu_is_watching+0x12/0xc0 [ 1091.060679][ T31] ? __pfx_kthread+0x10/0x10 [ 1091.060727][ T31] ret_from_fork+0x5d4/0x6f0 [ 1091.060770][ T31] ? __pfx_kthread+0x10/0x10 [ 1091.060816][ T31] ret_from_fork_asm+0x1a/0x30 [ 1091.060871][ T31] [ 1091.060882][ T31] Sending NMI from CPU 0 to CPUs 1: [ 1091.187813][ C1] NMI backtrace for cpu 1 [ 1091.187832][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1091.187864][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1091.187879][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 1091.187923][ C1] Code: ab 75 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 bf 2d 00 fb f4 0c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 1091.187949][ C1] RSP: 0000:ffffc90000197df8 EFLAGS: 000002c2 [ 1091.187969][ C1] RAX: 000000000059adc5 RBX: 0000000000000001 RCX: ffffffff8b7c4be9 [ 1091.187986][ C1] RDX: 0000000000000000 RSI: ffffffff8de13a4d RDI: ffffffff8c156420 [ 1091.188003][ C1] RBP: ffffed1003d54b40 R08: 0000000000000001 R09: ffffed10170a6645 [ 1091.188019][ C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001 [ 1091.188035][ C1] R13: ffff88801eaa5a00 R14: ffffffff90a82c50 R15: 0000000000000000 [ 1091.188052][ C1] FS: 0000000000000000(0000) GS:ffff88812485f000(0000) knlGS:0000000000000000 [ 1091.188076][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1091.188108][ C1] CR2: 0000000002924000 CR3: 000000004b50e000 CR4: 00000000003526f0 [ 1091.188125][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1091.188148][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1091.188164][ C1] Call Trace: [ 1091.188172][ C1] [ 1091.188180][ C1] default_idle+0x13/0x20 [ 1091.188205][ C1] default_idle_call+0x6d/0xb0 [ 1091.188230][ C1] do_idle+0x391/0x510 [ 1091.188257][ C1] ? __pfx_do_idle+0x10/0x10 [ 1091.188282][ C1] ? trace_sched_exit_tp+0x31/0x130 [ 1091.188315][ C1] cpu_startup_entry+0x4f/0x60 [ 1091.188340][ C1] start_secondary+0x21d/0x2b0 [ 1091.188371][ C1] ? __pfx_start_secondary+0x10/0x10 [ 1091.188406][ C1] common_startup_64+0x13e/0x148 [ 1091.188456][ C1] [ 1091.398453][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1091.405387][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1091.416735][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1091.427202][ T31] Call Trace: [ 1091.430551][ T31] [ 1091.433537][ T31] dump_stack_lvl+0x3d/0x1f0 [ 1091.438213][ T31] panic+0x71c/0x800 [ 1091.442279][ T31] ? __pfx___irq_work_queue_local+0x10/0x10 [ 1091.448350][ T31] ? __pfx_panic+0x10/0x10 [ 1091.452858][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1091.458414][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1091.464659][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1091.470189][ T31] ? watchdog+0xdda/0x12c0 [ 1091.474691][ T31] ? watchdog+0xdcd/0x12c0 [ 1091.479189][ T31] watchdog+0xdeb/0x12c0 [ 1091.483535][ T31] ? __pfx_watchdog+0x10/0x10 [ 1091.488724][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1091.494019][ T31] ? __kthread_parkme+0x19e/0x250 [ 1091.499269][ T31] ? __pfx_watchdog+0x10/0x10 [ 1091.504043][ T31] kthread+0x3c5/0x780 [ 1091.508226][ T31] ? __pfx_kthread+0x10/0x10 [ 1091.512903][ T31] ? rcu_is_watching+0x12/0xc0 [ 1091.518170][ T31] ? __pfx_kthread+0x10/0x10 [ 1091.523189][ T31] ret_from_fork+0x5d4/0x6f0 [ 1091.527862][ T31] ? __pfx_kthread+0x10/0x10 [ 1091.533324][ T31] ret_from_fork_asm+0x1a/0x30 [ 1091.538784][ T31] [ 1091.542257][ T31] Kernel Offset: disabled [ 1091.546832][ T31] Rebooting in 86400 seconds..