last executing test programs: 5.608411676s ago: executing program 2 (id=635): sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x9) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)) r1 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) read$auto_objects_fops_(r1, &(0x7f0000000080)=""/108, 0x6c) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbff, {0x11, 0x0, 0xfcff}}, 0x14}}, 0x400c0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) 5.449922646s ago: executing program 1 (id=636): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mremap$auto(0xa00000000000, 0x40000000004, 0x3, 0x3, 0x100000000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/cx2341x/parameters/debug\x00', 0x181842, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x10000000001013, 0x2, 0x8000) r2 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x1000, 0xd, 0x8eb3, r1, 0x1000000000008000) sendfile$auto(r3, 0x3, 0x0, 0x4) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setresuid$auto(0x0, 0x8, 0x0) setuid$auto(0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) r4 = socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(r2, &(0x7f0000000000)=@generic={0x8, "8ce3030000010000000080d22afe"}, 0x6b) sendmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x109, 0x0, 0x1f, 0xb}, 0x7}, 0x7, 0x5) move_pages$auto(0x0, 0xffe, 0x0, &(0x7f00000000c0), 0x0, 0x2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x7) 4.464383149s ago: executing program 2 (id=639): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x202, 0x0) mmap$auto(0x200000, 0x402008, 0x8, 0x9b72, 0x2, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r3, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x509080, 0x64) fchdir$auto(r4) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103042, 0x0) getxattrat$auto(r2, &(0x7f0000000080)='./cgroup\x00', 0x1, &(0x7f0000000180)='\x00', &(0x7f00000001c0)={0x2, 0x2, 0xfffffffb}, 0x4) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') close_range$auto(0x2, 0x8, 0x0) getuid() socket(0xa, 0x1, 0x0) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffff7effffd05, &(0x7f00000001c0)) socket(0x2, 0x1, 0x84) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) listen$auto(0x3, 0x81) listen$auto(0x3, 0x0) listen$auto(0x3, 0x81) sendfile$auto(r0, r0, 0x0, 0x7fffe000) socket$nl_generic(0x10, 0x3, 0x10) 3.515369959s ago: executing program 3 (id=641): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r0 = socket(0x2b, 0x1, 0x1) listen$auto(r0, 0x6) setsockopt$auto(0x3, 0x6, 0x13, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) pread64$auto(r1, 0x0, 0x8, 0xffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0x2, 0x1, 0x84) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d) 3.450989449s ago: executing program 2 (id=642): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/lru_gen\x00', 0x40803, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x4, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r1, 0x40045565, 0x1f) socket(0x23, 0x80805, 0x0) setsockopt$auto_SO_PROTOCOL(0xffffffffffffffff, 0x4, 0x26, &(0x7f0000000200)='\x00', 0x2ac00) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680), 0x0) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) 3.178084548s ago: executing program 3 (id=643): mmap$auto(0x8, 0xa00006, 0x400002, 0x16, 0x602, 0x300000000000) (async) madvise$auto(0x0, 0xffffffffffff0006, 0x17) (async) mmap$auto(0x0, 0x0, 0x40000000000000e2, 0x80000011, 0x2, 0x8000) (async) madvise$auto(0x1, 0x4, 0x7) (async) socket(0x2, 0x1, 0x106) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) openat$dir(0xffffffffffffff9c, 0x0, 0x4c000, 0x10) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) (async) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x141000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x94201, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (async) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x7, 0xd3a, 0xb, 0x1, 0x3, 0x95f4da0a, 0x9, 0x9, 0x100, 0x80000001, 0x8, 0x6d3f, 0x9, 0x5, 0x5]}, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x2000000000004, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x0, 0xfffffffffffffff4, 0x0, 0x3f80, 0x79d, 0x338, 0x9, 0x2, 0xb]}, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) socket(0x1e, 0x1, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000100)={0xbc, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x4}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_WIPHY_SELF_MANAGED_REG={0x4}, @NL80211_ATTR_MLO_TTLM_DLINK={0x7b, 0x148, "4034ff2bf6b5b44acb413113952354a2ff7b492a581e0e83b07fdbdeee58ca649e3fa0f50be6fd9b705e33b851e393c136753d1233a71b52f0b272d8fd15143c24b15b9e0e9f27c799ce4f0856be90abaf47907a0910b2ad0604bdc66139d0cd6c7eb9c11c9f3505a6be29fa8cee78c8f99970bbe5c5de"}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x6}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0xcc7}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4010}, 0x4000044) bpf$auto(0x24, 0x0, 0x88) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0x2003ec, 0x14) bpf$auto_BPF_PROG_DETACH(0x9, &(0x7f0000000340)=@raw_tracepoint={0x40, r0, 0x0, 0x9}, 0x577) mmap$auto(0x0, 0x202000d, 0x8000000002, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x4, 0x2020009, 0x100000003, 0x9000000e91, r2, 0x7) 2.963796417s ago: executing program 3 (id=644): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x201, 0x0) r1 = socket(0x3, 0x3, 0x200) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r1) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r2, 0x900, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x14, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x401}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x14, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x7}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x9}]}]}, 0x3c}}, 0x0) (async) chdir$auto(&(0x7f0000000180)='./file0\x00') (async, rerun: 32) r3 = prctl$auto_PR_SYS_DISPATCH_OFF(0xa8, 0x0, 0x0, 0x7, 0x2) (rerun: 32) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) (async, rerun: 64) r4 = socket(0x11, 0x80000, 0x8) (async, rerun: 64) r5 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000240)={0x234, r5, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0x1b, 0x5, "a111972724383c881631583af5550c815afe54ce5a6475"}, @OVS_VPORT_ATTR_OPTIONS={0x201, 0x4, 0x0, 0x1, [@typed={0xc, 0xec, 0x0, 0x0, @u64=0x80000000}, @nested={0x70, 0xe1, 0x0, 0x1, [@typed={0x6b, 0x11, 0x0, 0x0, @binary="4a8e6e7a9809e27849b89e244dc2b5561b4c2a1544be8bbf70c289bb43b0c30ebadb789d104d7bbf0d342bb2f983125b5082594e85f85f00bc1c4f6766234b3cc2072bab2f10aad9d878907546b56c52ef5e45dd8948c63cc323f5812aaad40f3010e75c4e0726"}]}, @nested={0x4, 0xdf, 0x0, 0x1, [@generic]}, @generic="56083337305f0ef1b425103cf1ac7ffc35d2620cf1d5f0fef018166a759c209de88bd233bb667d9b9e2cdb8e62e103eac511ebb88e9f8c7aaed57d9e1e42c90203136b5f3a8e52bb19bdfbbe27b290ca1af880d49a86e567856b4ad7e08ded0a0a14c8968fcff7b6abc2c5cf9631e95a3a348e64d3a672b0d1c9c39ca8bbd59417130b4176662d9a87c664a3a85c80445fafdc4b3de2c79c0b218019c46237f1f48df859547b35e23467bc90059acbeae3fb45a31185c872dd6be0637be4c49736177ba2c0", @nested={0xb0, 0x115, 0x0, 0x1, [@generic="e44187702c76cca2ba842cfe428d442c26229c78caba1ae646cd1dcfb7a86b0e735cc65323f8ac6181a6393cade699d2aeaca37d43831bcd851dda4625deebe05aab76886cbb49a9151eec84b6231cf641c0898fce35889847656a9e75f69bc48cae5f77d7c0a7da9ea5d27d7290e9b375df89998d8ad73f7c1f3b26bdc2c32792a0a9c774563cbb36af41dd1ce3607c7c0eb88bc185ccbeb26a21c39a7913bb0b0cf293280d63653aed073a"]}, @typed={0x8, 0xc9, 0x0, 0x0, @fd=r3}]}]}, 0x234}, 0x1, 0x0, 0x0, 0x48800}, 0x890) bind$auto(r4, &(0x7f0000000500)=@nl=@kern={0x10, 0x0, 0x0, 0x2000}, 0x7fff) (async) r6 = clone$auto(0x8, 0x1000, &(0x7f0000000540)=0x4, &(0x7f0000000580)=0x6, 0x5) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f0000000780)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000740)={&(0x7f0000000600)={0x108, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_CNTDWN_OFFS_BEACON={0xea, 0xba, "168b8abc20624534d91e5bd358d6a68161d3ca0950cb92587e19720f3eaea6068221dab5869ef342e28dd608f930d6d45504b2be9a99756aebe3a671508501871a30c6d8da278247f0e047ec338a9cdf954fdf1ba960b284bcd6c9d5975fba16fb46de40adfaa5a90292157c6a1b897455bab192d60910a46960c05816c3606952ba332a64dadcad51097a5d9028cb999bb200bc60948adf5d88f4645b0b5b9ec7b02fbf81a2af3e01702a00f31978070cfc20bd8ff3905fe2a843a9346b9fa2cd68a1a5176d7bd8d1f16beebb56794b3cf603c8874db0123a8c47210b448c50cefc3ac335a3"}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x5}]}, 0x108}, 0x1, 0x0, 0x0, 0x5}, 0x8c0) r7 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000800), r3) sendmsg$auto_ILA_CMD_ADD(r0, &(0x7f00000008c0)={&(0x7f00000007c0), 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x3c, r7, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0xe9}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x4}, @ILA_ATTR_LOCATOR={0xc, 0x1, 0xfffffffffffffe01}, @ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000000) (async) r8 = prctl$auto_PR_SET_MM_ARG_END(0x6, 0x9, r6, 0xfffffffffffffff7, 0x0) (async) msgctl$auto_IPC_STAT(0x3, 0x2, &(0x7f00000019c0)={{0x7, 0xee00, 0x0, 0x81, 0x2, 0x0, 0x1}, &(0x7f0000001940)=0x80, &(0x7f0000001980)=0x6, 0x10, 0x2, 0x9, 0x0, 0x2, 0x7, 0xd9, 0xff, @raw=0x6, @inferred=r6}) fsconfig$auto(r8, 0xffffff00, &(0x7f0000000900)='ila\x00', &(0x7f0000000940)="1f16aad4a3c2e88f061578ef7865877ea921cde6448a40b8ae1ba29ca0c4409cba45699892ec2e09a5c6577059e2298bd732cc24bc116dff25cdbbc708c68f9f0127b7f6ed0c7cbdf91b82e36847aa304d72efc09b3d466ad9ba2318cfa4a8b2e6b22b03aaa324a39ae46502650e75054fa3bb46a27de25ec69aaff6a52daf74bf89131265977a0f88891b28ca1820396bfd5ffe882a410aac23673fb112abb449bdcab8a7aaad01bd1f78db4ae3707f15876d6c83c7b189ca4a4ab8e225a149d80766eb5f29397d3868633e318015f0947da07e5f2cf30bb1830c1fb05ec3c4cf5b429cf3dee495cacc32c7fbec6c1660a2b8c3cb3d22200206772bec7ee216531e97f6c613ec30691c1f5b9d4117b9eb1b5d881550bc8e3908a78d6be28111f2fedb7f781a94505c187c63f4b788a0060d009cc2f6c60ab6f6d0d1cde90af52572e4cce11da5f7de8355b02b63d1eb3dc9d7e6b66fae2cfbfb8bade45c6023385a6e0f7d2a31d6c9bc6266c1030f4754b41acca8c211a07b6cd5d1f02164ee518b9abf0f29ca92710027f717b1723bc48d864ed59b3ae72c3b947a434e93cb96d2dd512644f31dadb7665c1e56430849e8c7678f0cfa675f75718d584956cc13dfdf80666b5ee071b9a99613f80abc1b808cd52d33341ff7d6b59a80f8672fa40f5c88ad38aa3e5f750bd332663e8d6d535deaccf5fc99d8bad6efb4921bddf843695f1210d3934c5e1544f68fd588a873747064b0f2d67b353e60c2e7cf12388fc503dd2dbf5e0e81b00c2059dd864edc341fca987b76a07da2174a0a9010280200649761b1dca29af71b2a485c933d3c1c4e5860020640714b00682939f102e79e7ba99efeb54174ea03126bdb0a440641b29abee3e0f26b58032b029fca8dbd4dacb8d7ccb767d2dc2eb41aad3c201db057d17d29f05f2dc72fbda75174637c84745a52583302af1ffdc1ed7fe13d8593788f6daeccd7d0cf3500c6082aba74ec720bb4b0954bc577d79bcd4ea66fcf2681fe49ca247b21af4ec3c26cca462f92f26da842bda812ff80b2a132d32d040ee5b3ef425761c7b4bde6dd1a874b380b049579f6bab8519520d32411316565afec26c4999edd9717f76998d8ad900f5fd3999e2e2a3fdf7370e1d8d7648fd90d2430d13870e11ba0616ae31eade1907827fdae2e4642d2449d04b721f1b3e1c6cca2ba82b3e319c5e4990c5fafb1d432e26145906b225fcce8417fe2240c5f70b3cb662d37bee90155e6947ccd092085bacd2f0f40f96ecf4dbbb3a2a5d88d5a10a27fe282ae37a4aa18be0fd2ae05ea917477740773b5ddf3928f928f3e3b633be3097e542e8e5d035a2210b73cac9410a2c044778839369039100e5dded54094351d542c01219768f900bca032098f36abc9db3b24a218c70036fd3157cd7d688da7906ff83d8d43ce466cc8a50a553529a60cef0ec823d21329e66370139f9a1190e0562f2adeee6929f1251044e6165884a50b57862d2aef7455f42e1de48c07cdbe2501f479f36948087c73ec62ba5ddb1097e6edeed3c7a9718b003e7a441dfa47060019c2f9301f9419341d40d9dc754dce11f95ebb736e95082325449693541b0ca161c08fcf11911bb3d1634de08bc53bb96ef622afc41acbaa3d3f505248a5afbd9b8619574bc4cba8d8f1f271535c841ca652cef274514d0fcb5343f1767db579bfb5451ccb809477dcb60ddae1bec0c81992706f352c55be7d5e2fcf85a136e3e13d6192d9db9b1b2c81f96c01d4bbffdd4f4b82a63cddbee26160b3d4b93b68ecd1d56e51aa61addc41d8bae6db931e173b4e314d28a94d3982e4a2d773e3c0ddfe24991c53a1d85c86aa4fc2252b1ca7027abcb8cf60f537c5e45f22a9202c07d5f1ec5c3e9b23c00f5235498a663801742c959b1b358082d115a99f32725f9aabd4b1e230bdc40b4310bd13b400589639951d4251f97fe309669d75142a6629f0c8534c1b261782f9dd35c17f5aeb14d2a167a77621f4c1f6941e19fba65659d06106cd71fb5b22653dff808fe88202398ad1783c78ad6ea493acf3073f9ee18aebdb5124022141aeb58882e2a01545a7f7c4fff08df4e78f827407197ca9ca6f7904ec03357643372c5edec69aa5b22ef815357fb329753c24784e8383f2a388680a9279ebe2a974d5d828dc2df045df646500e1e89c111725e2393a0a217b1b957041056455e24924a5e64ffb1df66e3735a779327719f1bcc7a3ee264cb30ffc7a7859026a846d71ae3b5ecec244ced527ea8d9668a1299cfac5b982a4c54442720164c13fd5b7fabcb58f403a836dbffd9746a0d063a555a09e6ae42b3685a3bf0e68623e65fa62eb42816cb19353e03ca8404943fc0f00abf3e7804e64083cea6f23e90d567c536f2fb1e194452d970a7759713ad66782374787900144fb69aa66927195ed488009f9c21839fc9dfd597159482866d8420aa48e8301d6d47709561aa45f5834700d3942d2eba0ec1e3d1eb7ad73b5948a75048e83352ccc8643da01278b1b68ad78d4d3a02945727bdd5be089b736ec664c55dd55eca68bfc30e59558c4521ef107a1f90323b4eb8bca9d97c3e1b41219aa461d33dd5a5801111043945ef9125dbd9c5fed049cfe92a2b75618e4cbe520456876c6ba931a3d27d14c3b72aa7ae483d558d79adf1375909aabb1fac2ba5ad12f994f1d38a806db51391efd570ef418c5ca868b2db1415c8e6f5d99044a59859462ad738684403c7b44640a524e454a355a1f82c3919dd706a5a46cde6c25f3a1a1107c3f19de7a3b351d7c7ee62596eb47df273bda18acfb5f11559f54e5f61e24284229c5f04a759771cb21440e0489ff7a98d3783c1f7f770f6555ec538909df992cbb01f2ebae1a13d0d8f2930a04ec10856eb79dff8052ae9630af14a17f147181b3304ecd015e02ca65eb75e82ff5f29a949e4ffb2073893f54d492f8201ea3cd922def77cdd30d0719e170f771e0c3e50b526d3790c46c0a9a1d8bac411f52918c0409251ca338c159a1bd482295660c9af77f3e08bae84d89cf5c1dbee07a53b67484b795ff019444e75f40212bb6468c70ddae5483b037ee13d59806eb17399b292cb9b690dae10775f994e36325f2425cab2bca12ad0534ef480a03b8fee4c605049e3cc8e47a23d828db83e1db94eafe1775c0db068122d486c300cf7216acdf9927145d9e774f024028788ad6bb960a02998abfda6dda21ef01eb0a4edea11062ab42698566e2a95b823aeb74de59530c6a452055e9375b2adb9294ee5581d8620391f1e89cdeb1b90e63984d6e1fb18abf274a8668a3a7f51977b3f6c86f0ca7a616c5d2e174c5e2cb3bf20a43bab16b0e2f7b46c39ba3567585f515efb292964838b84f887248965f7fe248970308e26405a55a6fadbfee122677820d97962865d3617f3b6b7bd7fd17c1032f3f423f214e58e1b6a65d91a55e5408109f8d82edf1e9e1a94a4cd072f7f4f0b4382dcce30fce75a6c727ba610ba91db80d80847d770684577f18721e63db53def83c959f4aeec2a7347daa5775d3ff143cf1da69afdfd95d8f17ec4c8e865ba0c7ed3c289772f7a2c2a987d58b25fe5c3fd6477ddeeeca2dbb206b245b0a8c11703ee86951e7d564d2079cfc244b68b4f837cd479f629cd3d05df1152272bb292f9a855d63a34787f1c4a7d7338bdb77330ffbff569815a7acb1ac7f19f14bca40ab2b261e262b27cdc84eebabd41ec544ac9d1928424b1fb52fad5b61967b84a65091179ae74f803787ea1674f164fcc852d5e3c20870bf5a23a71d07191217abe79248d85ca0d30ffe74f71cba8f965c2fba0df45c60fa9717550386213a14630dc412b15ef47cc7d5f8129149857db94153e986488fce478470ddf772b5b8b08dbe8d3760530e27dc3630fede2e0a537cf32b9e4b82078e94becc822b1a8b85199f2fec6017c77065b0f337a5c0f6c9f4a6f2b97154fe17bb3e6a38b01840b9eb0212908bf4fe1c032a6edd5aee521774dd24313561f93cfae320deffdf52b30fac8e23a5e3bfa75620f1e595886708c8c199bb011b968932ec1f610947718135a985bf3105f0c89bb2978967d0ecdba3576e8fa38c0dd1294b89d720b377195017e2397e2b827ae00a40ef4febfc5c0853230982842d31f1954dafc25f83ad5211fc2e49701367503c1fd0fee18123528da90eaa3d1599f2c9afe926fd4947c73ee9883b1ffb9ded8cdbf89b10eca6fa55fdca01e666c45e3578f4dae189859ba6598fe1b73d8d359797547a7f4c4ed8f291eeb79bbf8affda4df2020d6e4c939d42847f01296520391c208a3cb91907079118ce0a611341d7a7e72859f92495d7b6c02e171b26d21c4913566925c03d687a1815e374168f218e4a3039e68fad132812f3dc9577e75158f3dd141b438d795c6dfc0373d794a2ae784036505544f0590cb3a4dd3f1107784560668748c8b38774895ec01034c00ea11579402bc30ca85565075e156e256fd43fd4abaee797b644d651fbdf6bf52db2ab791a96e166b7c7500a75f2d9c8c8d98a399293a952689443f01dc513cf56101cc9222c4e79accf39d20bdde8de758408eb42f6e4e1662bd35ad52b4b49ee71731fb73c3711efe419821eedaf74aa6958d7a9db5a7f6961ffa1126035529fb066912a34e021cbed8f8babbdfef6f60782986a9e06a0929ee47a9940ba23bf3d5a9e9fc6de1ab9ef0c4ad1370c5469f16da5123b777f5eff50fd5f9f97af13bbc90e19b27fcba0da6c230b504cc01f6c793a8c6382d8b17395fb6b2935b3d4840d699a35e3bc65bc85c374d88787da543837ff44fc37a9ca60b2bb987d7b40285ea01f724ada431368877bc43ba39d69906890b509e73ddeb65e4458f88e036fb49287bb5b76bb5c2896f952005ddbc33a1381e3587b22b9e2e694a7dff92ad121fbbbc83c2f11999934b9b878ab59bde109a4c684bc09505b46a3342871b595378005920dc71be55756d4b5368b383d5d6f7cbf905b1b726947b40f83fc246cc8db85fced56adb2d21309639d54239e92e8b47dc1892f762ba4249d86ade01c04cce031dcef29cdbde01787cc961b5b4e47459a1bdbe5bbd6730f2f6d844843d2f62aaee1d10e40b78d8b94372e048e3a165cf2a510b957752bae0a2b99b22279e7871f01c45c3175be608b6352d45ec0c683a23c75d533c6e6d7b6af2f6e03ae325b951cb3f8d8e27bd88eb5c68f969183615ddbc5f358f6dd9d0be5c9edcea277f73dc831f931bb4bd52caa5181e183cfd61534b8e3b7609b6e8df5afd51cf98b68c6d4b187d65dc026a5af573f8a37a843837bc4a39bf85a45ed79874c6f36223467d22c116e58ba5b115a9746f46ae22eed2ac40cf236533640ab643de4b678055e2647226b7dde3a8dd84cd6afa55b6e2e4e55ebf1a2efd81d33f3653f67b51502f66e59684837810c7bfc31e80846c2c513431bfd28920b63d0bb088e7b05847cab0bc0ff3df561bea417eda11b7cd2842d4a320de1caeec1e7d6df6b1f654a3d1370fe49e220e8ac0021a035bae3858dc0936340ab0efe1bae238f2ffd608d61bcf564e27d981ee30a1921dba8c06dd2147bb248d6411b703ec98258a5ab36e0287c9f607c012eeacb053666092fdb7a167aa58e2d26750bdf7ed68e4b1e04b9d29974687bd474f614d0030e53f9d064fd7e7ce7881959a321ef7f9d2b571b8e5ebfd70c22741e809117f0ddd7c7d73e4f100ac7cc9c13549f5e06fa86f29d8a63e521348930a5379d862778f8385b5ed94900055212", r10) (async) ioctl$auto_IOCTL_START_ACCEL_DEV(r3, 0x40096102, &(0x7f0000001a40)={@padding, 0x4}) (async) r11 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000001ac0), r0) sendmsg$auto_GTP_CMD_GETPDP(r8, &(0x7f0000001b80)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001b00)={0x24, r11, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_FAMILY={0x5, 0xd, 0x81}, @GTPA_VERSION={0x8, 0x2, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x8000) read$auto_seq_oss_f_ops_seq_oss(r3, &(0x7f0000001bc0)=""/47, 0x2f) (async, rerun: 64) sendmsg$auto_TIPC_NL_KEY_SET(r3, &(0x7f0000003180)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000003140)={&(0x7f0000001c40)={0x14d0, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_NAME_TABLE={0xf4, 0x8, 0x0, 0x1, [@nested={0xec, 0xf2, 0x0, 0x1, [@typed={0x8, 0x28, 0x0, 0x0, @u32=0x5}, @typed={0xc, 0x84, 0x0, 0x0, @u64=0x1}, @nested={0x4, 0x128}, @generic="6129a498e789b42c266586ba58fae3fbbfa6b4fea1ef31b74b6da355f47770a5579b9ad6309d34c522be287ead7622b93fb14def2cb63675d60d7a24b3e393d31d1070a2b357284ba95ffcede3daf7e22f7d3793894bd46e36943c475e7b72ae81a369ca3e2da07fd1e6d8ec082bbc576dde73f3b294d017ab4a0a80e5efc330491b1a14d76feb88aea93c7cb08ba8cf16da6bb7af185644edd26bea81f61ad5c5fdad8c49a7771e1cd926f063b9adbc7d435e470d1e5cfdebda38c8f2d3af41bbc45ed0", @typed={0xc, 0x14, 0x0, 0x0, @u64=0x7}]}, @typed={0x4, 0x12f}]}, @TIPC_NLA_MEDIA={0x1e8, 0x5, 0x0, 0x1, [@generic="2b27034bf1fb9c4acfed2fc392e8a20296d839d65b1ccd19916afef43353c594ee58cd0b3b86fc6f156e7f1f57f2a810976d3227e8e1369c0636270c7218e864327697db5187615038c99cf0014a05c507f4341919bdf4e430eeb7cab57ea9359bf9d2c3d41bbe175b297bcb591df18b6d1fe8cfdfd89cfa9ee8993b314ee1fe25c62534158e76d170282fa9772d59345fc047083ebfdc", @generic="3230337f120c888dc72e24fc9c620b5d191305596911458138f2ff6be06813553f9cc2a4a9c2ddf304eaac081f2d8789ac02844662b3d0967615f7dfdb0235591e5c47a2b4e12a0da095acdd7c4005bf64d28a09f7ba64a487389da24c07a84e1df0aa46e768729053bcc5fec5c50ccc6fa52a116fd4072c23eb2a5c45be22e4e8172d0f5defc867464f45661b935b5690fb3fcb4eca2a86792bd1c5c4ef15425c2ffc5b47936d92a12e30696015cd98af511d5ee6af79f94237d04b8fc2cfb41478176a21de4028a1", @nested={0x81, 0x3c, 0x0, 0x1, [@generic="e0d2da33e05b770141239e158176ae55dc98406bc0d8009623099df4dd11acd6a57d98fcf7c269dab135faefd6a6cc316d0a814eedfe3fb395e9eb537c15c4079d227c2a411f5770a6fb5ef940f30ae889e648d90b83c66ea175a55bb4ba0f71264d2ba732318a2bd905057492d8bedcb44027c4480ae50f8a", @nested={0x4, 0xd}]}]}, @TIPC_NLA_MEDIA={0x106a, 0x5, 0x0, 0x1, [@generic="20d1251b54a08ee2901e7393d0130b7f0ce416fedafb33e31b9eecfd2f2852e68fb3324e3a4147284720f7ebd7bcc76ecb214e98008102c8c5b9b7a3163dea28edacb4e05424ba3d879f6ae4e7421735be77c8cb92263cc00466", @typed={0x4, 0x73}, @generic="ff78a661b96db7b779fefc8147a362994fb0ec517c0ece2aa73e1ce2737057921e34d968566574067293a8b937322a40c5004f29943bd8f430d8494acb2be9fe96dfd7f1d1f775ffb56707bb3498c6d8a31e32946d3d381c4eee153a15880125dac59a11fc73f60631a8ea5b6368405e3e97e509f16f4c1350dc47c001fd4a2d351e0906171013016fcc87c9c180b9ef3ee7728d3283755dc46e090c1d97978295957549e46b65525e0e540b6f4aa373b23092b8b441e9d71be986045211a22898ffb36eb59a5f49a9633121232a7d7a15471e5f7c50f52eee2dac5f7f08cb791c76a047e1e251513c19f2c607452fed87d49289fe9e31081c8757250286103265c14de44d27fc3ffa686f8f792bb9439817a5b6bfa9351efec943629cdbffb82a4befb79f463854a3d310e1a763869aef4d3135b0ead306a7a1c312194c00c3f0171ead1043b4d23667a894d98dfa9e130ff64212b0379da01ae2908c63ea8291a0d4ab743f176cfdaa65177c392717a65073efee94b461c609a8817f6d06343b5043bcae6e07480b1345227136f73904dbea3b74229261ee6e0c3b5fab6b0d6c54ab7a2a5500a09ee3c57ab219f691c3899f5ed2cbb43e5de1d4c3ace5efff286d3f04de026d91094d74b2de571616ba71bd9022f5c22492b34840ab493634b92366964b4b4d3513feaee1eaa5844de90bf1fb67b2086ca6dca7d45625b8c3be9adf1196e2b530e217bb3b40a1720e628d133373005a4b793bb098d79922a41b55de1481e1f7ce1e80cb0b285693a3ce683518a44bfa18a9c88e4e6846cd6b82316467f427b29e99cede831680421ce5c2f471a3221a3217699b152b383dfa16b971b0afc968b19c9d9c2a34eefd3a327df250b9426abfab198dd888d3cc454c80b9ca54629b26f46fc3e0b3aaadcc358a7ad7f787623820545d104d5b358e19dbcdbc32e92248c9f52940d425830e2b9ee819b763714f8eb41ddb03b43ed0565d9a9bd2c9d1e6e7483d382bed432e960d7631732a16be6d510d76af28854c34c378d5a036f732f11a7d0ac06439751b2cb0991ac1a911a31d0acc79822719e25f55d667cd04667afae7171ffa996bf3505394527fbad119691b0d4ce3c90b0d15fcc9ced34a03aeab5dd3c2541438eb39b45a657710e6fbcbdf4b14f3cfaf196faf16faf59c36329b8f95949834543f14bb62062530ce26f0f3e00927b3a8dd32a74198a061149b87f91440e47cd611bb703159e4e8677ae0ff380533a7278522359196f2970e92bbfb343c0e6dbb927db569b4286943c8b881dc2cb36d9ee453388a1bac59999fc9e8369e48f9489e0f1ddf6d6a87c262ac86b6a4bfa815afff4a5d59cecf6ffaf3cb99152acbe521c94c8830862a98f08fc9bda531217e7fd9ca259f7b7321d1b3737faca76289281fffecf73298e6a0fd56ddb62c71a5cac7a6dbee1b6147f46998bde56f13eaa381bd28a11c0b62484fbd94fc0ef9c1d833543196c011c31e8e1cf96563fa837ccba51fbf91f7dcb7f7ec081df988cd5c52d000a6b2ad24e4aaadcaf09840b8bb0b6a16c803624213d96fe5ba4d5cf2ef1f255145bb5513e6e12c34817c351535f1661b42f2ebdb504b1fd0ae6389972bf0d0f21251b207e846ec288e98d7758fba3ad9dc910a40d6210a647b097aefecf6e5a99166c60211a63c985d6fd05360d9c4dcad36de70023ade146fdc4210020fc0cca9d61b235ffed6bba5a1f9da92a150039fc38e7a8888cc536de16f1765da94a1ebccad1f08b3707c6753fe5709f9b1c1ac02b394752ec4c1dbe2357b65f5db31d5197a61dcca3e2b02393b9c44b3e05d3e606aeffc12459b71234069483d1d8ff17302f2aa8687e981403d8fcf4e64c85cad7e7f142c04cc22ebb02f47f4a04655b6c3e9f73402ad6c566fa4f90ceceac150c45041ef76264d18b2221710e2d1e3cd6adc3dfbf18ee054b84f4342b477d0008c6f7d01ee79184a87432a32bb35ee8cf59a86ad1fe125c29c74d1e04b356a2337aed2c791001b5e48f1e53ed135cf78c83ddb65b69efdaf5eb903a759ebcfc135ecf3058646c01018ae86071a5d7d0e4a7af7fb4f1ff9ebb254cb734119b1923d96045f37dcef4dc87efdc832e6f536d1213684bc0862db9c01951a4448c9540f75d78a909d30d5f1e2aa4284cc6e059c535d5e656209d52bd48b83d4499b5ddcdd0d6380e2eaaa4fea9c8e10392c0dcf65e2c7ac5ac53d08623394c64e161c0bf38273432c1ba3bfbd6999730443d0ce4f3288acb1738475d84f46e19879ed9d63e64e11b8d9defb396b9fe8da052297b9badaac5c96600355a4d53983edef30b22cfb90ee9dd915908398744b37e2c3abfd99fb54dd12cd030ed0517ac6e669ac9273b53cdbae90f8c7a1e0f2e817471b59809282995c1603fc4f55993832bbdc164b4b71eb59a24ed929f89fa725d41bce1f3a08c2f6254ea0ed225d5069ea9bc516ccfd838283de459c66536a649925dcf087c675c6c2583837a20f780077a84240e83712dccb89f87ac4d5af8f56211c1322ee0d002851bb6f1f31024d769e8e3c73d43e4ce52ee44b507e1fb7813bdce41e2683e385e18cec92affdba8858edaf1b193b35556d3cc735b11ac33b14a7f3f0aa7f19fac9b71a5b2007f764447df7498793a9ffdbcd2a77b7b2f44e792d247914f2147b40ec4bfd263a701293cbff751e7fd6ca4b93c2652af7f0e2da39b3e4122edb69e5dfe760d1f8b561d8d801651d408d4215f8ae17a6308acf61e1952022924a528905b38ba242ac68890ad0a6df9a4b7f2e14df213967a30ff8d708da2bc5a3a9e5918da0c99f3494511dbc985253493950805b2211ea45037048e5f8f1c01ff754be91d1d076a1126ced6ef0a324bdb7a897096d7288413d530df8dee5e77196cf3152669496e47c4926a359e3fe25afae59d6cd9c404dc76e9add5b6cc0f1a1b1a1256401105d4d859b13c00d734c6182aabfd388e6cedbbedcaab87df5d837ea888010fe052a38139e3890217f70fba50b3be7ca26a34ac2a3e35a535cbf7e8b5ea27413148ed15cddae0763bf41ff17cefc85293409d5f55b77593b5b8738fedf59107b4603e4654e7ce0ffb5ed98d27e53eba4a2c705946184b2d9a2b565915bd9469093ceedb6aff34dfa018e83bd29ed8e90c4da662263b72c3c409da123044d620f2998563bf367f67805db342c7d06d8d8ac63df92eb19117565214d4721d1d5e9f854f296e4fe21d49f5018bef59e83b9e8bdbd6cec80f089ff3bc1b4f7eda3a6a4431d549e5969ca3e89c06ff82af10db96b004a6961ab1cd924734f9b7c331d052ae88d8567dbdfee43cfe64d0878cf66a983297522d935d436a49aba4cce4b895e771dfec4e2cb5ac0612f654d56bf8e5c4b5527c0269d21a8c2b7152a6dea179c42d8fe16b898a041ed62d6ae2093ca95caae41fbd48a4744238c0361ac82e4bd62c3a476919570b1f575c5150b2a3e82178b583e275f19b0b650edda73f39b060b838baa0b4683a29032bcd390f884e2481bdb2807400f7cce70092714c800d66e3221d8d5ab130ae934e569785a000c728feed87924536fc01414ddd7d08e0d3bb79451375102a73645f638770673c7b5d42b0421b31ef2d91d728040c5665047c83c93608bd57e6ad69319260b49b33cf45d78842f6ee86e51fd99f491414ebd1d0701b3fe651275f3aabe8e1e63099b31727d589bfee5978d771ed9ef717816719866c5fef38bde3ca428be578cc7b18516dda9c93cf18f9281cbe1eca40ba672f881a425c3d1571c8de3c7ae37df0adcb55a82788a42f28f873bb030f0171a65c1010948d7a9c7cd4bd6e99351bf7b3e6e5df4866da79b7ef6d61311557796b5c4e95fa7d01556c28cd4a49996e5c9ae66e5fe6806012defd530e6a587563f25c9e28cc7820e939d6d8f5049d2d6cbc9aa7b1431334c09c88ef6e4bf5de471c00bced72f11ec423f670081799893a29d3c472ad9076839911f3cc90bd4617e64c779ff2242a2b0030b011105a0cd73aa7f68d0a02976a26e23f6284fa39fee2f5c53f08a0aa314ec57d572a0f421e0a8371977191fb25996c47fa88672559f7f309452f8eb16a48d2cfbd8c1ad2ee402f188f0c539b540d62948ce629aaa1c4fde7fa8e852fc6188bc73d99a58a5550fd3a39d7d493620f399c100ccd8206d8f43903a70bc59294097000a16da73418f889b37dd7e7c43821a1a2272f1c8dd7a0350284f47ced701cb4c96a26da0ccbd76ea87814f93cc6cedf9bebc36d8bdc8c51e7e9faaf463039ef5c4b13a510480219e6dd30ca59a96fe19113506349a70403b1085e229c2cfdd992122427470caff322ef1dfc83c2f19dbf31c80a3172d48488eae7b989bf565af354dee1c7c598dcfba0e9f1113ba2a1fc912dc0eff94835414e4ab12ab88d79c50285c162edd07d57844f9cab728c92fa601ad30d875f96e6b7ac055f84fcf3c851b4e2829cb84514870ebc534170d6dc13f12f4f621965114c544a48bd3ef4f541815d69e79c862ae16d0c14e5e22b0041ae816c35d1187a2028fbe2acab127df63d57451e00d9c2c385654e7a15f71ef7b8ff0e4d9f64e9a2b695cb8e8aad871af39a24df358ad196540d66059cdac393aad1413c43e1a0f4a52a7b0594fb4a7f69c41b57223479708e19d83eb3f4e25b4c855b7c6822be6447cd373e66de8ad63f5827208cd35c27d2c7ea7b8a5f1aa769ad82934b35fdaff06368ac804be7489014a527d1346b094afa98770264c54bda42e42463b19963c1c32ae80497b689ce8a8d8a90f97864730b4db397ebb5bad0ccdd73aabdf0589313b0a1e294ba93f9550cd15bc244872e2fae7178c98485a7dcc8df14583748a139bc93f181f72610c859f758966f23d3ce612aeca179ff7b80406fbccb9ecb9b9e5ada5349450f83bc9befa7688a0c1b5e954ef4959ae51b975f481745f95174ffae1139c37329daa74f3d662e613d4e0a932e130793b0c5956f22b7300956c62a15f1dcca64791e00324e668db975880729a491a5080801709d0f9035db854620add1beb496500280ae53f62ba0864c0c0558e008f5a9e2bd2fc7658f585094c047f73043b93181767959f1e3ae02a92d2a277c2c37bab62bf12179c92e55a8813ac2565eafd8f0fa8ae64e4a8eda2e2b7c9ac995bb16fd0821818e5201c6870f283b8d39fde9d227c98d66ddad0e5526e6b24f91c682ae2ac7e155d4bd2c40a7df04dc7c2e63677f9261ac0ff91139b2656f35fe1314f6f0b1922ca9d4a9d4fe76ee94a1b40fc0ee7e10dd144fde683710e77d5db95fe29143fb868e2036117ad39242bcf75fd79e34078d3bcd080dd8411ef805d764491a095892776ab57786b7d2231849151e3f8cfba8e2217662eb00081cdd0c030a7a360356d0ade2617aa3d4c71fab456f569e9de962f950ea849ab3c8cdbc5f5f00de3db8dfce672c178a90067723e944179c65523725bc5e0ad5d4d203e76412d2a2cd3b92e8433d1432cf22b6aba18ec1831355f349bc7f80cfeeb748b9fc6e4c66f318fcbed6a75569d369447bea6f1438be64ea79e49e718aa29aa7d1679754bb04c3647d9d61bdc376fe36ea66a743529915c0edf826d91ee16991b808a64b9406134563bae4649a79f6fc87e1af747b529ba50e57b522a21eda5a6c94dc9e5218dedd6ce2f218e9037c37e1a2a4ef629fcddb054e65bffc4c5bc7429f2ca06d485fc4847e41ca6c4290ef3bf83c930161ff01ab3e83e8a1a483ad17c4a55e9f39c737bdbd14bdc5635", @typed={0x8, 0xd, 0x0, 0x0, @uid=r9}]}, @TIPC_NLA_MON={0x171, 0x9, 0x0, 0x1, [@typed={0xc, 0xda, 0x0, 0x0, @u64=0xfff}, @nested={0xb3, 0x6a, 0x0, 0x1, [@generic="ca29f367d05644511094af518705a66b8c4743acebd121bc1135921788fdd1d528e935d98bc7d0c906d1ec982fad2acbe49ec6efe5ea79edb9e3dcd3b0ea4d", @nested={0x4, 0x105}, @generic="a9be54f9325e190929864dc624426968951ab7540196ab8f33131d240a22f81e6510f641fa20374e9d10609a4ad7b9566dd6e3f48d8343ebca62bc8e67bdbb219d8db28a532ca8fdd6cd0c8747b0745f634b4c8b88a2aba0ecf02194858d5be20b729a230b40422f8ee353e1"]}, @generic="7365637acd8a3137f7c4e171615f425a542b10ab1df311391f06bac26fe4404990c5561b1cc6510c61be1b0eac246a1a79dda5eb030a10ff6d0bbc6df9483299168b5e0bf46290baee335c6d1f0d6e68c198fab39878faa5877e9f8d789eb0e3b8fd41f703e03a0b9ba864282631467d12b4c5facf7cd5b3a594cdd20af126d3cb4b10058427643f43dc5537999197aab4abeddc7fc3570cdea5fd0c4a43afd5b17f64ec7605215bbcadfabf09"]}]}, 0x14d0}, 0x1, 0x0, 0x0, 0x8040}, 0x4) (rerun: 64) r12 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x1ff, 0x3, r6, 0x1, 0x4) (async, rerun: 64) r13 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f00000031c0), 0x100, 0x0) (rerun: 64) ioctl$auto_VHOST_SET_VRING_KICK2(r12, 0x4008af20, &(0x7f0000003200)={0x23, r13}) (async, rerun: 32) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000003240)={{0xb539, 0x7, 0x6, 0x1, 0x7}, "ea3b35fdb60ea8cae3040f4c3a800ee6cc25925d0662f3c9ca2e4488d0656ecd"}) (async, rerun: 32) ioctl$auto_I2C_SLAVE(r12, 0x703, &(0x7f0000003280)="62af373f6be9c49dd6b6c4b092de977d468c6b20880a4a6b5e1d8d65cfc9256ad9d4ac0e2fbba3c586743d6a3960b9f966359e9925e580ad45ee909d6e5b0979999534f401d061d4a713be33c41568a08df68411f1af") (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000003300)='/dev/nbd11\x00', 0x800, 0x0) 2.930922555s ago: executing program 0 (id=645): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyx3\x00', 0x101000, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) getpid() socket(0x22, 0x2, 0x10000000000002) 2.53480761s ago: executing program 1 (id=646): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x6c, 0x0, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x81}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xe}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @local}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_SEQ={0x0, 0x7, 0x4}, @HSR_A_IF1_AGE={0x1, 0x3, 0x3e}, @HSR_A_IF2_SEQ={0x0, 0x7, 0x6}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf25030000000400080004000337"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xfffffffe, &(0x7f00000002c0)={0x0, 0xc6}, 0x8, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0xc208ae62, 0x38) bpf$auto(0xfffffffd, 0x0, 0xa3) write$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffffff, &(0x7f0000000000)="706f3a82d9e5cc7c2ceda8d50bfc94be9fe6c22ffaf8493a38", 0x19) sendto$auto(r1, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) setsockopt$auto(r0, 0x6, 0x3, &(0x7f0000000040)='/dev/ram7\x00', 0x8) 2.415669417s ago: executing program 0 (id=647): bind$auto(0xffffffffffffffff, 0x0, 0x7fffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0xecc6, 0x0, 0x7352, 0x2d, 0x200000000045f, 0x6, 0x7, 0x3, 0x2, 0x9, 0x36e, 0x6, 0x2, 0x3000, 0x9, 0x8, 0x10003, 0x8, 0xffffffffffffffff, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x100000001, 0x9d8d, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9, 0x4, 0x0, 0xffffffffffffff00, 0x0, 0x0, 0x3, 0x3ba0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0xffffffffffffffff]}, 0x9, 0x11) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x5f, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)="0743108afca3959f2debbcaa46d4de6a84660849af631842323ed4a4dc91ae022de5f9a22c812a6860a7aeb9d2efa70529424074957d1fc997575e238b07", 0x9d}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0xc00}, 0x7, 0x4008) memfd_create$auto(0x0, 0xb) mmap$auto(0x0, 0xffffffd, 0x68, 0x9b75, r1, 0x28001) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'ip6tnl0\x00'}) rt_sigqueueinfo$auto(0x0, 0xc74, 0x0) r2 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r2, 0x0, 0x5, 0x100) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x1, 0x0, 0x8004) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) 2.164026433s ago: executing program 3 (id=648): select$auto(0xe, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) ioperm$auto(0x3, 0xe, 0x2000000000000149) close_range$auto(0x2, 0x8, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) listen$auto(0x3, 0x83) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = socket(0xa, 0x80803, 0x6) bind$auto(r1, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x66) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000000)="b24d954ef7b86552ce3da8f9500d781380c090c21fe51cbd52cac1ae3693b21abad6a2238e7e64922af3da781ffcdedf76d1469fbe58093745782eb61ef06cddc2e63385c873e7fb905d5d19678d833b61c87ebf237203c0623cb55c368c6ab23b69167f1e9cd4d65f8617133abae2de7d", 0x3, &(0x7f0000000100)={&(0x7f0000000080)="c4e4d1f9f6627b4f80bf124cf127e3b697f42dbadeed32b281be54eee45d2448b530e462afae7fb6ab97ea002612beadfdc8173b84848b43d17ebda760bbe576c83086e9ce4e801350b7625dd1b33d83c400c7ec38dff7fc75790930", 0x51a}, 0x6, &(0x7f0000000140)="e49715f768fe536dd34f625c7764c6", 0x0, 0x2}, 0xf8}, 0x10001, 0xffffffff) 2.104046378s ago: executing program 2 (id=649): r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x7, 0x0, 0x9, 0x81, 0x8, 0xa747, 0xdead, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000440)={0xfff, 0x1, 0x1, 0x2, 0x7, 0xffffffffffffffff}) capset$auto(&(0x7f0000000480)={0xc}, &(0x7f0000000780)={0x40, 0xd21, 0x1}) r2 = inotify_init1$auto(0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000300)='/dev/audio1\x00', 0x66a540, 0x0) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x121002, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/rxrpc/calls\x00', 0x40380, 0x0) socket(0x1d, 0x2, 0x7) pread64$auto(r4, 0x0, 0x10001, 0x830) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r5 = socket(0x2, 0xa, 0x1) r6 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r5, 0x10000}, 0x10) mmap$auto(0x0, 0x2009, 0xfffffffffffffffa, 0x8000200008011, r6, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57699, 0x9b72, 0x2, 0x8000000000008000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/phonet\x00', 0x42000, 0x0) bpf$auto(0xe, &(0x7f00000001c0)=@query={@target_ifindex, 0xff, 0x1b18, 0x6, 0xdef0, @count=0x3, 0x0, 0x1, 0xffffffff80000001, 0xffffffff, 0xffffffffffffffff}, 0x9) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCSTI2(r7, 0x5412, &(0x7f0000000340)="7fb9d5") read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000002c0)=""/15, 0xf) bpf$auto(0x1, &(0x7f0000000100)=@link_detach={r3}, 0x6f4) 1.625080709s ago: executing program 1 (id=650): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0x4000ff, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYRES64=r3, @ANYRESHEX=r1, @ANYRESDEC=r0, @ANYRESDEC=r0, @ANYRESHEX, @ANYRESOCT=r1, @ANYRESHEX=r3, @ANYRES32=r1, @ANYRESDEC=r1], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x6, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x6, 0x4008) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x1ad240, 0x1b1) landlock_create_ruleset$auto(0x0, 0x18, 0x0) mmap$auto(0xffffffffffffffff, 0x20009, 0x4000000040df, 0xeb2, r0, 0x8000) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) readv$auto(r5, &(0x7f0000000080)={&(0x7f0000000000), 0x197188}, 0x8) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0) r7 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r7, 0x0, 0x1f40) writev$auto(r6, &(0x7f0000000200)={0x0, 0x9}, 0x7) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) 1.358089151s ago: executing program 2 (id=651): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x1, 0x106) recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0) listen$auto(0x3, 0x3fffff) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) vmsplice$auto(0xffffffffffffffff, 0x0, 0x6, 0x1) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0x10b, 0x400, 0xffffffffffffffff}]}) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd01, &(0x7f00000001c0)) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x7ffd) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x2, 0x2, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) sendmsg$auto_GTP_CMD_GETPDP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x28008000}, 0x240018d0) ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, 0x0) 1.167357052s ago: executing program 1 (id=652): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r0 = socket(0x2b, 0x1, 0x1) listen$auto(r0, 0x6) setsockopt$auto(0x3, 0x6, 0x13, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) pread64$auto(r1, 0x0, 0x8, 0xffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0x2, 0x1, 0x84) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d) 1.061863736s ago: executing program 0 (id=653): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000640)='/sys/firmware/acpi/tables/APIC\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(r0, 0x0, 0x7) 766.719932ms ago: executing program 0 (id=654): r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r1 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000100)={&(0x7f0000000040)="4a67d2", 0x14}, 0x6, &(0x7f0000000180), 0x5, 0x1001}, 0x5}, 0x2, 0x100) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmmsg$auto(r0, &(0x7f0000000440)={{&(0x7f0000000200)="ed6500149f6a9c0b2759043c642a5bd8bb855dbe91cce33b30421cdcb0a5b41bf902f308a0b8d92ffdc87ff671674cd2f88a3c8454bb2e46b530188efa1a9313f7dfc696566adcbfd41003d1e93fce7c3dff575bc07f2597f587698b242037d576b158e73de89c6b87888781064c03785f3c4cbffb3fd39cb5d620ef53159c7fe91581d46bf6f487974658c160ccd9111b1621939de5fe390c2c68ec1461da4344d6d8fe31d0472a04e56464dca2d4506774e4fe1073bb1a5a68e67090bea4e4e47ba3aa085a7c2bc6109feca4bb0ebb22b742f9018c23f1fa5d054930960bc41edda39c015b9931e7633f77c47098b4fc30b0284f481cec", 0x1, &(0x7f00000000c0)={&(0x7f0000000300)="fac69fba3444a788ea720cefcb38d1bf2163d66d80ec9856225292ffb89b1e2ea18dc52819b419deee74b93e4bb06d33a46e4e300167a2777ca78f95f9bb32c2cb2aebab316752970a8aa99b31657fe18cd176496269ceb111f9bc1f9256ad322bcddd27a1aaa758a9cff5c2140dcab5b84efd676caf2a31e7790217cf508b6878791aca091d73cf4f5d344db6ac9512d2aa632ebefa81cf908633089692ec073f0cacc9941bdd0f5d18409ffd3c745a867201ace700b8e7860adae741f0d7db25bd5a6d7638581197c67ba2c95c", 0x6}, 0x3, &(0x7f0000000140)="23e6fc85734acb74c6f589191ed395165b40cd0fee46e9753b7a55c9c5cd7a72473e4c82a1b5b3329dca7575b0ad6e758dc44afb5c94702f4b9e5cbd405a26fcac562bb04716d655240e10a2a9df76b20c6b61d59f673ab375f67ee88fc1ad82ed2bc307aebe50662d724eea", 0x7af, 0x3}, 0x6}, 0x9, 0x8) r4 = openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x62081, 0x0) writev$auto(r4, &(0x7f0000000080)={0x0, 0x3cd}, 0x8) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r1, 0xa, &(0x7f0000000080)="ffba0ecf", 0xffff) 557.206476ms ago: executing program 3 (id=655): r0 = prctl$auto_PR_SCHED_CORE_GET(0x1, 0x0, 0x0, 0x7ca9, 0x6954) mmap$auto(0x0, 0x7f, 0x100003, 0x14, r0, 0x4) socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @private=0xa010101}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c06, 0x0, 0x1, 0x0, 0x4, 0x9}, 0x6}, 0x9, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x3, 0x80000, 0xfffffffd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0xa, 0x100) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2, 0x1, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x44040080}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0xf, 0x9, 0x63, 0x0, 0x0, 0x0, 0xfffffffffefffffe, 0x40000000002f, 0x1000, 0xffffffffffffeffd, 0x7ffffffb, 0xc, 0xffffffff7ffffffc, 0x9, 0x9, 0x200000100103}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$auto_BLKTRACESTART2(r3, 0x1274, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 417.654742ms ago: executing program 2 (id=656): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) r1 = socket(0x10, 0x2, 0x0) sched_setattr$auto(0x0, 0x0, 0x0) close_range$auto(r1, 0x8, 0x7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x10, 0xffffffff, 0x1ffe0, 0x3, 0x6, 0xfffffffffffffffe, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, [0x0, 0xbf8, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x53b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x101, 0x0, 0x20000000000000]}, 0x1fe, 0x81) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 381.555013ms ago: executing program 0 (id=657): r0 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000001240)={@_si_pad}, 0xc, &(0x7f00000012c0)={{0xffffffffffffffff, 0x80000000}, {0xb, 0x3}, 0x8, 0x4, 0x2c, 0xd48c, 0x5e07, 0x0, 0x37, 0x4, 0xfff, 0x0, 0x0, 0x69dc, 0x7fff, 0x1000}) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000140)={0x5, 0x5, 0x4, 0x7dd5, 0x8, 0x0}) r2 = prctl$auto_PR_SCHED_CORE_SHARE_TO(0x2, 0x2, 0x0, 0x23e17334, 0x2) utimensat$auto(r2, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x200, 0x2}, 0x401) syz_clone3(&(0x7f00000013c0)={0x10000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0xa}, &(0x7f0000000100)=""/18, 0x12, &(0x7f0000001180)=""/178, &(0x7f0000001380)=[0x0, r0, r1], 0x3, {r2}}, 0x58) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x8, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x4}]}]}, 0x1c}}, 0x20000885) r3 = socket(0x10, 0x3, 0x15) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}}, 0x400c001) write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb) 188.858746ms ago: executing program 1 (id=658): r0 = socket(0x2, 0x3, 0xa) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x20002, 0x0) (async) r1 = openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x20002, 0x0) mmap$auto(0x105, 0x693, 0x3, 0xeb1, r1, 0x8000007) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000000), r0) 126.413637ms ago: executing program 0 (id=659): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r0, 0x5646, r0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000280)=""/40, 0x28) read$auto(r0, &(0x7f0000000000)='/proc/asound/card1/cable#1\x00', 0xffffffff) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) socket(0x2, 0x1, 0x106) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TCSBRK2(r1, 0x5409, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xf, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) setsockopt$auto_SO_PASSSEC(r0, 0x1, 0x22, &(0x7f0000000040)='/dev/video37\x00', 0x7fffffff) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x8a240, 0x0) (async) ioctl$auto(r0, 0x5646, r0) (async) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000280)=""/40, 0x28) (async) read$auto(r0, &(0x7f0000000000)='/proc/asound/card1/cable#1\x00', 0xffffffff) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) (async) socket(0x2, 0x1, 0x106) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) (async) ioctl$auto_TCSBRK2(r1, 0x5409, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x2, 0x1, 0x106) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) select$auto(0xf, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) setsockopt$auto_SO_PASSSEC(r0, 0x1, 0x22, &(0x7f0000000040)='/dev/video37\x00', 0x7fffffff) (async) 107.355239ms ago: executing program 3 (id=660): r0 = socket(0x28, 0x1, 0x100) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r1, 0xc1004111, 0x0) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, &(0x7f0000000340)='/dev/virtual_nci\x005\xffib\xe2}\x81\xda\x9b\xbaZ\xc0/\x8dBD\xe4\xf5k\x02\xda\xe5]a\x949\xa3a\x7f\xde\xe7\xb2\xe2\xdf\x14\xb4\x1c\x13\xe5`\x8f\x8e\x8aQ\xa6\xa5\xe9e\xbaK\xd3#\xba\xe1*\x16\xb7\xf5\xe2\xf9\xe8\xd2\xca\x99$\x9ex\x05\xb0\x9fe\xf3g\xdb\xd88\x1f\xcd\"F\x13\xf1\x9a\xf3X\x9a\xf8;+e\xf9\xc1\xfb\xb2\xaf\xd0H\xc6{\x9b', &(0x7f0000000240)=0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/lru_gen_full\x00', 0x509080, 0x0) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0x40305839, 0x0) socket(0x27, 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) read$auto(0x3, 0x0, 0x81) sendmsg$auto(r4, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x200000000000007, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x4, 0x1c, 0x5, 0x7, 0x1, 0x7, 0x1, 0x1]}, 0x0) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptysc\x00', 0x100, 0x0) ioctl$auto_TIOCSCTTY(r5, 0x540e, &(0x7f0000000280)="514ef245f9b8bdade53f2c6a73f588ab4ddd14e1f7db6c0c48cf40112d941d6742f258b60beef62b3abd7ada7a5f5a82576676167747f0") write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ef, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5, 0x8000001f, 0x7, 0x3b, 0x9, 0x2, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x403) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x1, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) 0s ago: executing program 1 (id=661): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x202, 0x0) mmap$auto(0x200000, 0x402008, 0x8, 0x9b72, 0x2, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r3, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000000)='./cgroup\x00', 0x509080, 0x64) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103042, 0x0) getxattrat$auto(r2, &(0x7f0000000080)='./cgroup\x00', 0x1, &(0x7f0000000180)='\x00', &(0x7f00000001c0)={0x2, 0x2, 0xfffffffb}, 0x4) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') close_range$auto(0x2, 0x8, 0x0) getuid() socket(0xa, 0x1, 0x0) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffff7effffd05, &(0x7f00000001c0)) socket(0x2, 0x1, 0x84) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) listen$auto(0x3, 0x81) listen$auto(0x3, 0x0) listen$auto(0x3, 0x81) sendfile$auto(r0, r0, 0x0, 0x7fffe000) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): netdevsim0 netdevsim0: renamed from eth0 [ 87.256530][ T5852] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.283912][ T5852] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.296184][ T5852] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.341631][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.415939][ T5851] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.436461][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.461760][ T3499] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.469032][ T3499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.484694][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.509541][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.516789][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.538150][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.567908][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.599658][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.606764][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.622367][ T3499] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.629521][ T3499] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.670479][ T3499] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.677583][ T3499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.694147][ T3499] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.701421][ T3499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.801258][ T5852] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.866828][ T5852] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.896307][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.903494][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.927086][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.934264][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.148540][ T5860] Bluetooth: hci1: command tx timeout [ 88.170526][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.224083][ T5857] Bluetooth: hci0: command tx timeout [ 88.229559][ T5849] Bluetooth: hci2: command tx timeout [ 88.235283][ T5860] Bluetooth: hci3: command tx timeout [ 88.356443][ T5851] veth0_vlan: entered promiscuous mode [ 88.391849][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.411001][ T5851] veth1_vlan: entered promiscuous mode [ 88.465419][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.534875][ T5851] veth0_macvtap: entered promiscuous mode [ 88.559372][ T5851] veth1_macvtap: entered promiscuous mode [ 88.573736][ T5848] veth0_vlan: entered promiscuous mode [ 88.597952][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.610321][ T5848] veth1_vlan: entered promiscuous mode [ 88.627847][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.656862][ T5852] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.665994][ T5851] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.675187][ T5851] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.684283][ T5851] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.693584][ T5851] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.727248][ T5845] veth0_vlan: entered promiscuous mode [ 88.747293][ T5845] veth1_vlan: entered promiscuous mode [ 88.805523][ T5848] veth0_macvtap: entered promiscuous mode [ 88.841606][ T5848] veth1_macvtap: entered promiscuous mode [ 88.870730][ T5845] veth0_macvtap: entered promiscuous mode [ 88.897910][ T5845] veth1_macvtap: entered promiscuous mode [ 88.915103][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.934858][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.937944][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.964683][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.973204][ T5852] veth0_vlan: entered promiscuous mode [ 89.006055][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.017223][ T5845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.027086][ T5845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.037650][ T5845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.046561][ T5845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.061712][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.072964][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.081675][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.090572][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.099426][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.111811][ T5852] veth1_vlan: entered promiscuous mode [ 89.123374][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.131477][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.180170][ T5852] veth0_macvtap: entered promiscuous mode [ 89.226409][ T5851] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.257063][ T5852] veth1_macvtap: entered promiscuous mode [ 89.393235][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.400545][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.408761][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.433179][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.454061][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.459828][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.527610][ T3499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.536305][ T3499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.545756][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.570019][ T5852] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.587096][ T5852] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.588757][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.596134][ T5852] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.613557][ T5852] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.716982][ T5945] process 'syz.2.3' launched ':,' with NULL argv: empty string added [ 90.073947][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.097709][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.179795][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.202625][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.223169][ T5860] Bluetooth: hci1: command tx timeout [ 90.315116][ T5860] Bluetooth: hci3: command tx timeout [ 90.321418][ T5860] Bluetooth: hci2: command tx timeout [ 90.326883][ T5849] Bluetooth: hci0: command tx timeout [ 90.407629][ T5952] netlink: 'syz.1.2': attribute type 2 has an invalid length. [ 90.563098][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.633056][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.668208][ T5951] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 91.361346][ T5972] syz.0.1 uses obsolete (PF_INET,SOCK_PACKET) [ 91.753024][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 91.868398][ T3090] cfg80211: failed to load regulatory.db [ 92.053212][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.284020][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.303107][ T5860] Bluetooth: hci1: command tx timeout [ 92.383885][ T5860] Bluetooth: hci2: command tx timeout [ 92.383920][ T5857] Bluetooth: hci0: command tx timeout [ 92.389311][ T5860] Bluetooth: hci3: command tx timeout [ 92.697564][ T5981] raw_sendmsg: syz.3.7 forgot to set AF_INET. Fix it! [ 92.863333][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6'. [ 92.908510][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.923008][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 92.931659][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.931724][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 92.949994][ T5986] Zero length message leads to an empty skb [ 93.043677][ T30] audit: type=1326 audit(1753592598.471:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5980 comm="syz.0.6" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f16fd18e9a9 code=0x0 [ 93.073300][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.455529][ T5991] mkiss: ax0: crc mode is auto. [ 93.535844][ T30] audit: type=1800 audit(1753592598.971:3): pid=5991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8" name="dbroot" dev="configfs" ino=7225 res=0 errno=0 [ 96.973821][ T6037] ima: policy update failed [ 97.002780][ T30] audit: type=1802 audit(1753592602.421:4): pid=6037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.16" res=0 errno=0 [ 97.733351][ T6042] random: crng reseeded on system resumption [ 99.921143][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 99.935810][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 99.946901][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 99.958813][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 100.125648][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 100.131987][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 100.143553][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 100.150689][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 103.913548][ T6118] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 103.933603][ T6118] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 103.993439][ T6118] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 104.026684][ T6118] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 104.082853][ T6118] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 104.118662][ T6118] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 104.169649][ T6118] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 104.188268][ T6118] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 104.411255][ T6118] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 104.426701][ T6118] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 104.442864][ T6118] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 104.532430][ T6118] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 105.352798][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 105.868312][ T6180] netlink: 28 bytes leftover after parsing attributes in process `syz.1.45'. [ 105.888930][ T6172] syz.2.42 (6172): /proc/6158/oom_adj is deprecated, please use /proc/6158/oom_score_adj instead. [ 105.903910][ T6180] veth1_macvtap: left promiscuous mode [ 106.063082][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout [ 106.232825][ T5860] Bluetooth: hci2: command 0x0c1a tx timeout [ 106.472911][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 106.832881][ T6197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.47'. [ 107.432859][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 107.568293][ T6216] netlink: 12 bytes leftover after parsing attributes in process `syz.0.50'. [ 107.577679][ T6216] unsupported nlmsg_type 40 [ 107.587437][ T6214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.50'. [ 108.143153][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout [ 108.329739][ T5860] Bluetooth: hci2: command 0x0c1a tx timeout [ 108.610925][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 109.249593][ T6215] syz.1.49 (6215) used greatest stack depth: 19784 bytes left [ 109.513235][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 110.233518][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout [ 110.392950][ T5860] Bluetooth: hci2: command 0x0c1a tx timeout [ 110.702982][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 111.262667][ T6276] FAULT_INJECTION: forcing a failure. [ 111.262667][ T6276] name failslab, interval 1, probability 0, space 0, times 1 [ 111.275745][ T6276] CPU: 1 UID: 0 PID: 6276 Comm: syz.0.60 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 111.275782][ T6276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 111.275802][ T6276] Call Trace: [ 111.275812][ T6276] [ 111.275826][ T6276] dump_stack_lvl+0x16c/0x1f0 [ 111.275863][ T6276] should_fail_ex+0x512/0x640 [ 111.275891][ T6276] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 111.275923][ T6276] should_failslab+0xc2/0x120 [ 111.275952][ T6276] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 111.275980][ T6276] ? security_file_alloc+0x34/0x2b0 [ 111.276024][ T6276] security_file_alloc+0x34/0x2b0 [ 111.276061][ T6276] init_file+0x93/0x4c0 [ 111.276093][ T6276] alloc_empty_file+0x73/0x1e0 [ 111.276125][ T6276] alloc_file_pseudo+0x13a/0x230 [ 111.276159][ T6276] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 111.276195][ T6276] ? do_raw_spin_unlock+0x172/0x230 [ 111.276238][ T6276] __anon_inode_getfile+0xe8/0x280 [ 111.276281][ T6276] anon_inode_getfile_fmode+0x37/0xa0 [ 111.276322][ T6276] do_eventfd+0x19b/0x2c0 [ 111.276347][ T6276] ? rcu_is_watching+0x12/0xc0 [ 111.276376][ T6276] __x64_sys_eventfd+0x32/0x50 [ 111.276404][ T6276] do_syscall_64+0xcd/0x490 [ 111.276434][ T6276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.276460][ T6276] RIP: 0033:0x7f16fd18e9a9 [ 111.276485][ T6276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.276513][ T6276] RSP: 002b:00007f16fdfd8038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 111.276538][ T6276] RAX: ffffffffffffffda RBX: 00007f16fd3b6080 RCX: 00007f16fd18e9a9 [ 111.276557][ T6276] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 111.276572][ T6276] RBP: 00007f16fd210d69 R08: 0000000000000000 R09: 0000000000000000 [ 111.276595][ T6276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.276610][ T6276] R13: 0000000000000000 R14: 00007f16fd3b6080 R15: 00007ffcf977c9a8 [ 111.276641][ T6276] [ 111.499337][ T6263] ima: policy update failed [ 111.523444][ T30] audit: type=1802 audit(1753592616.941:5): pid=6263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.59" res=0 errno=0 [ 112.092852][ T6293] netlink: 28 bytes leftover after parsing attributes in process `syz.0.63'. [ 112.929155][ T6303] netlink: 24 bytes leftover after parsing attributes in process `syz.0.66'. [ 113.076639][ T6304] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 113.579845][ T6317] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 114.525146][ T6324] random: crng reseeded on system resumption [ 115.412418][ T6328] Unrecognized hibernate image header format! [ 115.433009][ T6328] PM: hibernation: Image mismatch: architecture specific data [ 117.458546][ T6378] sysfs_service_op_show: Client not running :-5: [ 118.285743][ T6378] sysfs_service_op_show: Client not running :-5: [ 121.526144][ T6437] sctp: failed to load transform for md5: -4 [ 122.632373][ T6465] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.877368][ T6463] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 122.884955][ T6463] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.891694][ T6463] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 122.898816][ T6463] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 123.158929][ T6476] netlink: 12 bytes leftover after parsing attributes in process `syz.1.96'. [ 123.690971][ T6483] FAULT_INJECTION: forcing a failure. [ 123.690971][ T6483] name failslab, interval 1, probability 0, space 0, times 0 [ 123.712920][ T6483] CPU: 1 UID: 0 PID: 6483 Comm: syz.2.99 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 123.712954][ T6483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 123.712969][ T6483] Call Trace: [ 123.712976][ T6483] [ 123.712986][ T6483] dump_stack_lvl+0x16c/0x1f0 [ 123.713029][ T6483] should_fail_ex+0x512/0x640 [ 123.713054][ T6483] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 123.713085][ T6483] should_failslab+0xc2/0x120 [ 123.713114][ T6483] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 123.713137][ T6483] ? sk_prot_alloc+0x60/0x2a0 [ 123.713170][ T6483] sk_prot_alloc+0x60/0x2a0 [ 123.713203][ T6483] sk_alloc+0x36/0xc20 [ 123.713229][ T6483] tipc_sk_create+0xcf/0x21a0 [ 123.713269][ T6483] ? find_held_lock+0x2b/0x80 [ 123.713294][ T6483] ? __sock_create+0x2f2/0x8d0 [ 123.713331][ T6483] __sock_create+0x335/0x8d0 [ 123.713375][ T6483] __sys_socket+0x14d/0x260 [ 123.713408][ T6483] ? __pfx___sys_socket+0x10/0x10 [ 123.713442][ T6483] ? xfd_validate_state+0x61/0x180 [ 123.713480][ T6483] __x64_sys_socket+0x72/0xb0 [ 123.713509][ T6483] ? lockdep_hardirqs_on+0x7c/0x110 [ 123.713531][ T6483] do_syscall_64+0xcd/0x490 [ 123.713557][ T6483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.713581][ T6483] RIP: 0033:0x7f8ade58e9a9 [ 123.713605][ T6483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.713628][ T6483] RSP: 002b:00007f8adf36e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 123.713650][ T6483] RAX: ffffffffffffffda RBX: 00007f8ade7b5fa0 RCX: 00007f8ade58e9a9 [ 123.713667][ T6483] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 123.713680][ T6483] RBP: 00007f8ade610d69 R08: 0000000000000000 R09: 0000000000000000 [ 123.713694][ T6483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.713708][ T6483] R13: 0000000000000000 R14: 00007f8ade7b5fa0 R15: 00007ffd6162fef8 [ 123.713738][ T6483] [ 124.463408][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 124.952812][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 124.956255][ T5857] Bluetooth: hci2: command 0x0c1a tx timeout [ 124.959216][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.933630][ T6536] FAULT_INJECTION: forcing a failure. [ 125.933630][ T6536] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 125.979558][ T6536] CPU: 1 UID: 0 PID: 6536 Comm: syz.3.106 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 125.979593][ T6536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 125.979607][ T6536] Call Trace: [ 125.979615][ T6536] [ 125.979625][ T6536] dump_stack_lvl+0x16c/0x1f0 [ 125.979654][ T6536] should_fail_ex+0x512/0x640 [ 125.979686][ T6536] _copy_to_user+0x32/0xd0 [ 125.979715][ T6536] simple_read_from_buffer+0xcb/0x170 [ 125.979752][ T6536] proc_fail_nth_read+0x197/0x270 [ 125.979786][ T6536] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 125.979821][ T6536] ? rw_verify_area+0xcf/0x680 [ 125.979854][ T6536] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 125.979897][ T6536] vfs_read+0x1e4/0xc60 [ 125.979925][ T6536] ? __pfx___mutex_lock+0x10/0x10 [ 125.979950][ T6536] ? __pfx_vfs_read+0x10/0x10 [ 125.979983][ T6536] ? __fget_files+0x20e/0x3c0 [ 125.980028][ T6536] ksys_read+0x12a/0x250 [ 125.980050][ T6536] ? __pfx_ksys_read+0x10/0x10 [ 125.980083][ T6536] do_syscall_64+0xcd/0x490 [ 125.980111][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.980136][ T6536] RIP: 0033:0x7fb4d898d3bc [ 125.980155][ T6536] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 125.980176][ T6536] RSP: 002b:00007fb4d97d4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 125.980197][ T6536] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898d3bc [ 125.980213][ T6536] RDX: 000000000000000f RSI: 00007fb4d97d40a0 RDI: 0000000000000003 [ 125.980227][ T6536] RBP: 00007fb4d97d4090 R08: 0000000000000000 R09: 0000000000000000 [ 125.980241][ T6536] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 125.980255][ T6536] R13: 0000000000000001 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 125.980288][ T6536] [ 126.644686][ T5860] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 126.644725][ T5860] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 126.659660][ T5860] Bluetooth: hci0: Dropping invalid advertising data [ 126.667598][ T5860] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 126.667635][ T5860] Bluetooth: hci0: Dropping invalid advertising data [ 126.683011][ T5860] Bluetooth: hci0: Malformed LE Event: 0x02 [ 127.210226][ T6545] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 127.216502][ T6545] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 127.223343][ T6545] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 127.229516][ T6545] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 127.863128][ T6568] netlink: 20 bytes leftover after parsing attributes in process `syz.1.112'. [ 127.877304][ T6571] GUP no longer grows the stack in syz.3.114 (6571): 14000-401000 (4000) [ 127.938085][ T6568] netlink: 28 bytes leftover after parsing attributes in process `syz.1.112'. [ 127.948580][ T6571] CPU: 1 UID: 0 PID: 6571 Comm: syz.3.114 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 127.948602][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 127.948611][ T6571] Call Trace: [ 127.948616][ T6571] [ 127.948622][ T6571] dump_stack_lvl+0x16c/0x1f0 [ 127.948642][ T6571] gup_vma_lookup+0x1d2/0x220 [ 127.948663][ T6571] __get_user_pages+0x271/0x3b80 [ 127.948688][ T6571] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 127.948706][ T6571] ? kasan_save_stack+0x42/0x60 [ 127.948720][ T6571] ? __pfx___get_user_pages+0x10/0x10 [ 127.948738][ T6571] ? register_lock_class+0x41/0x4c0 [ 127.948758][ T6571] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 127.948773][ T6571] ? do_syscall_64+0xcd/0x490 [ 127.948792][ T6571] __gup_longterm_locked+0x20d/0x1840 [ 127.948813][ T6571] ? __lock_acquire+0xb8a/0x1c90 [ 127.948835][ T6571] ? __pfx___gup_longterm_locked+0x10/0x10 [ 127.948863][ T6571] pin_user_pages_remote+0xed/0x140 [ 127.948884][ T6571] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 127.948902][ T6571] ? mm_access+0x22d/0x2e0 [ 127.948934][ T6571] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 127.948960][ T6571] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 127.948979][ T6571] ? iovec_from_user+0xbb/0x140 [ 127.949006][ T6571] ? iovec_from_user+0xbb/0x140 [ 127.949023][ T6571] process_vm_rw+0x216/0x2c0 [ 127.949041][ T6571] ? __pfx_process_vm_rw+0x10/0x10 [ 127.949081][ T6571] ? xfd_validate_state+0x61/0x180 [ 127.949100][ T6571] ? __task_pid_nr_ns+0x17c/0x500 [ 127.949121][ T6571] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 127.949137][ T6571] ? do_syscall_64+0x91/0x490 [ 127.949151][ T6571] ? lockdep_hardirqs_on+0x7c/0x110 [ 127.949164][ T6571] do_syscall_64+0xcd/0x490 [ 127.949180][ T6571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.949194][ T6571] RIP: 0033:0x7fb4d898e9a9 [ 127.949206][ T6571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.949219][ T6571] RSP: 002b:00007fb4d97d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 127.949233][ T6571] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898e9a9 [ 127.949242][ T6571] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000074 [ 127.949250][ T6571] RBP: 00007fb4d8a10d69 R08: 0000000000000003 R09: 0000000000000000 [ 127.949259][ T6571] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 127.949268][ T6571] R13: 0000000000000000 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 127.949286][ T6571] [ 128.703044][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.907792][ T6591] ICMPv6: process `syz.0.117' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 129.272880][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.278982][ T5857] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.285008][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.007507][ T6643] ptrace attach of "./syz-executor exec"[5851] was attempted by ""[6643] [ 132.619651][ T6665] ima: policy update failed [ 132.628122][ T6681] netlink: 334 bytes leftover after parsing attributes in process `syz.0.130'. [ 132.653119][ T30] audit: type=1802 audit(1753592638.091:6): pid=6665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.128" res=0 errno=0 [ 132.788932][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.801488][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.611777][ T6735] random: crng reseeded on system resumption [ 135.216042][ T6748] FAULT_INJECTION: forcing a failure. [ 135.216042][ T6748] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 135.225393][ T6746] FAULT_INJECTION: forcing a failure. [ 135.225393][ T6746] name failslab, interval 1, probability 0, space 0, times 0 [ 135.263187][ T6746] CPU: 0 UID: 0 PID: 6746 Comm: syz.1.143 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 135.263222][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 135.263237][ T6746] Call Trace: [ 135.263245][ T6746] [ 135.263255][ T6746] dump_stack_lvl+0x16c/0x1f0 [ 135.263288][ T6746] should_fail_ex+0x512/0x640 [ 135.263314][ T6746] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 135.263345][ T6746] should_failslab+0xc2/0x120 [ 135.263375][ T6746] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 135.263402][ T6746] ? security_file_alloc+0x34/0x2b0 [ 135.263445][ T6746] security_file_alloc+0x34/0x2b0 [ 135.263482][ T6746] init_file+0x93/0x4c0 [ 135.263512][ T6746] alloc_empty_file+0x73/0x1e0 [ 135.263544][ T6746] alloc_file_pseudo+0x13a/0x230 [ 135.263577][ T6746] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 135.263612][ T6746] ? do_raw_spin_unlock+0x172/0x230 [ 135.263654][ T6746] __anon_inode_getfile+0xe8/0x280 [ 135.263697][ T6746] anon_inode_getfile_fmode+0x37/0xa0 [ 135.263737][ T6746] do_eventfd+0x19b/0x2c0 [ 135.263763][ T6746] ? rcu_is_watching+0x12/0xc0 [ 135.263790][ T6746] __x64_sys_eventfd+0x32/0x50 [ 135.263819][ T6746] do_syscall_64+0xcd/0x490 [ 135.263848][ T6746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.263873][ T6746] RIP: 0033:0x7f15fc38e9a9 [ 135.263893][ T6746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.263916][ T6746] RSP: 002b:00007f15fd1b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 135.263940][ T6746] RAX: ffffffffffffffda RBX: 00007f15fc5b5fa0 RCX: 00007f15fc38e9a9 [ 135.263957][ T6746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 135.263972][ T6746] RBP: 00007f15fc410d69 R08: 0000000000000000 R09: 0000000000000000 [ 135.263988][ T6746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.264003][ T6746] R13: 0000000000000000 R14: 00007f15fc5b5fa0 R15: 00007ffe89f5e3e8 [ 135.264045][ T6746] [ 135.469806][ C0] vkms_vblank_simulate: vblank timer overrun [ 135.607674][ T6748] CPU: 1 UID: 0 PID: 6748 Comm: syz.3.144 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 135.607710][ T6748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 135.607725][ T6748] Call Trace: [ 135.607733][ T6748] [ 135.607743][ T6748] dump_stack_lvl+0x16c/0x1f0 [ 135.607772][ T6748] should_fail_ex+0x512/0x640 [ 135.607802][ T6748] _copy_to_iter+0x29f/0x16f0 [ 135.607832][ T6748] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 135.607867][ T6748] ? bpf_ksym_find+0x124/0x1c0 [ 135.607906][ T6748] ? __pfx__copy_to_iter+0x10/0x10 [ 135.607937][ T6748] ? __skb_recv_datagram+0x1b2/0x220 [ 135.607976][ T6748] ? __pfx___skb_recv_datagram+0x10/0x10 [ 135.608015][ T6748] simple_copy_to_iter+0x46/0x90 [ 135.608048][ T6748] __skb_datagram_iter+0x129/0x900 [ 135.608079][ T6748] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 135.608112][ T6748] ? skb_recv_datagram+0x88/0xc0 [ 135.608149][ T6748] skb_copy_datagram_iter+0x40/0x50 [ 135.608184][ T6748] netlink_recvmsg+0x27e/0xa90 [ 135.608213][ T6748] ? __pfx_netlink_recvmsg+0x10/0x10 [ 135.608253][ T6748] sock_recvmsg+0x1f9/0x250 [ 135.608284][ T6748] sock_read_iter+0x2b9/0x3b0 [ 135.608313][ T6748] ? __pfx_sock_read_iter+0x10/0x10 [ 135.608353][ T6748] ? bpf_lsm_file_permission+0x9/0x10 [ 135.608380][ T6748] ? security_file_permission+0x71/0x210 [ 135.608415][ T6748] ? rw_verify_area+0xcf/0x680 [ 135.608450][ T6748] vfs_read+0xa98/0xc60 [ 135.608478][ T6748] ? __pfx_vfs_read+0x10/0x10 [ 135.608495][ T6748] ? find_held_lock+0x2b/0x80 [ 135.608539][ T6748] ksys_read+0x1f8/0x250 [ 135.608561][ T6748] ? __pfx_ksys_read+0x10/0x10 [ 135.608591][ T6748] do_syscall_64+0xcd/0x490 [ 135.608618][ T6748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.608642][ T6748] RIP: 0033:0x7fb4d898e9a9 [ 135.608662][ T6748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.608683][ T6748] RSP: 002b:00007fb4d97d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 135.608705][ T6748] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898e9a9 [ 135.608720][ T6748] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003 [ 135.608733][ T6748] RBP: 00007fb4d97d4090 R08: 0000000000000000 R09: 0000000000000000 [ 135.608747][ T6748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.608760][ T6748] R13: 0000000000000000 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 135.608792][ T6748] [ 135.943606][ T6755] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.267750][ T6773] netlink: 28 bytes leftover after parsing attributes in process `syz.2.149'. [ 137.958806][ T6803] FAULT_INJECTION: forcing a failure. [ 137.958806][ T6803] name failslab, interval 1, probability 0, space 0, times 0 [ 137.979659][ T6803] CPU: 1 UID: 0 PID: 6803 Comm: syz.0.152 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 137.979683][ T6803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 137.979692][ T6803] Call Trace: [ 137.979697][ T6803] [ 137.979702][ T6803] dump_stack_lvl+0x16c/0x1f0 [ 137.979722][ T6803] should_fail_ex+0x512/0x640 [ 137.979737][ T6803] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 137.979761][ T6803] should_failslab+0xc2/0x120 [ 137.979778][ T6803] __kmalloc_cache_noprof+0x6a/0x3e0 [ 137.979799][ T6803] ? do_eventfd+0x67/0x2c0 [ 137.979817][ T6803] do_eventfd+0x67/0x2c0 [ 137.979831][ T6803] ? rcu_is_watching+0x12/0xc0 [ 137.979846][ T6803] __x64_sys_eventfd+0x32/0x50 [ 137.979862][ T6803] do_syscall_64+0xcd/0x490 [ 137.979878][ T6803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.979892][ T6803] RIP: 0033:0x7f16fd18e9a9 [ 137.979903][ T6803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.979916][ T6803] RSP: 002b:00007f16fdfb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 137.979938][ T6803] RAX: ffffffffffffffda RBX: 00007f16fd3b6160 RCX: 00007f16fd18e9a9 [ 137.979948][ T6803] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 137.979956][ T6803] RBP: 00007f16fd210d69 R08: 0000000000000000 R09: 0000000000000000 [ 137.979964][ T6803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.979973][ T6803] R13: 0000000000000000 R14: 00007f16fd3b6160 R15: 00007ffcf977c9a8 [ 137.979991][ T6803] [ 138.191437][ T6800] block nbd0: Unsupported socket: shutdown callout must be supported. [ 138.602957][ T6809] FAULT_INJECTION: forcing a failure. [ 138.602957][ T6809] name failslab, interval 1, probability 0, space 0, times 0 [ 138.648514][ T6809] CPU: 0 UID: 0 PID: 6809 Comm: syz.2.156 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 138.648555][ T6809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 138.648571][ T6809] Call Trace: [ 138.648579][ T6809] [ 138.648588][ T6809] dump_stack_lvl+0x16c/0x1f0 [ 138.648620][ T6809] should_fail_ex+0x512/0x640 [ 138.648647][ T6809] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 138.648677][ T6809] should_failslab+0xc2/0x120 [ 138.648707][ T6809] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 138.648733][ T6809] ? security_file_alloc+0x34/0x2b0 [ 138.648775][ T6809] security_file_alloc+0x34/0x2b0 [ 138.648809][ T6809] init_file+0x93/0x4c0 [ 138.648846][ T6809] alloc_empty_file+0x73/0x1e0 [ 138.648880][ T6809] alloc_file_pseudo+0x13a/0x230 [ 138.648914][ T6809] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 138.648950][ T6809] ? do_raw_spin_unlock+0x172/0x230 [ 138.648991][ T6809] __anon_inode_getfile+0xe8/0x280 [ 138.649035][ T6809] anon_inode_getfile_fmode+0x37/0xa0 [ 138.649075][ T6809] do_eventfd+0x19b/0x2c0 [ 138.649100][ T6809] ? rcu_is_watching+0x12/0xc0 [ 138.649129][ T6809] __x64_sys_eventfd+0x32/0x50 [ 138.649157][ T6809] do_syscall_64+0xcd/0x490 [ 138.649184][ T6809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.649210][ T6809] RIP: 0033:0x7f8ade58e9a9 [ 138.649229][ T6809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.649253][ T6809] RSP: 002b:00007f8adf36e038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 138.649277][ T6809] RAX: ffffffffffffffda RBX: 00007f8ade7b5fa0 RCX: 00007f8ade58e9a9 [ 138.649294][ T6809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 138.649308][ T6809] RBP: 00007f8ade610d69 R08: 0000000000000000 R09: 0000000000000000 [ 138.649323][ T6809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.649338][ T6809] R13: 0000000000000000 R14: 00007f8ade7b5fa0 R15: 00007ffd6162fef8 [ 138.649373][ T6809] [ 138.850177][ C0] vkms_vblank_simulate: vblank timer overrun [ 139.592733][ T6831] FAULT_INJECTION: forcing a failure. [ 139.592733][ T6831] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.644421][ T6831] CPU: 1 UID: 0 PID: 6831 Comm: syz.2.161 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 139.644447][ T6831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 139.644456][ T6831] Call Trace: [ 139.644461][ T6831] [ 139.644466][ T6831] dump_stack_lvl+0x16c/0x1f0 [ 139.644485][ T6831] should_fail_ex+0x512/0x640 [ 139.644510][ T6831] _copy_from_user+0x2e/0xd0 [ 139.644526][ T6831] do_semtimedop+0x182/0x2e0 [ 139.644547][ T6831] ? __pfx_do_semtimedop+0x10/0x10 [ 139.644587][ T6831] ? __fget_files+0x20e/0x3c0 [ 139.644613][ T6831] __x64_sys_semtimedop+0x1b4/0x1f0 [ 139.644633][ T6831] ? __pfx___x64_sys_semtimedop+0x10/0x10 [ 139.644658][ T6831] do_syscall_64+0xcd/0x490 [ 139.644674][ T6831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.644688][ T6831] RIP: 0033:0x7f8ade58e9a9 [ 139.644699][ T6831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.644712][ T6831] RSP: 002b:00007f8adf36e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dc [ 139.644725][ T6831] RAX: ffffffffffffffda RBX: 00007f8ade7b5fa0 RCX: 00007f8ade58e9a9 [ 139.644734][ T6831] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000000 [ 139.644742][ T6831] RBP: 00007f8adf36e090 R08: 0000000000000000 R09: 0000000000000000 [ 139.644750][ T6831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.644758][ T6831] R13: 0000000000000000 R14: 00007f8ade7b5fa0 R15: 00007ffd6162fef8 [ 139.644775][ T6831] [ 140.155775][ T6835] ima: policy update failed [ 140.166034][ T30] audit: type=1802 audit(1753592645.601:7): pid=6835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.164" res=0 errno=0 [ 140.244809][ T5860] Bluetooth: hci3: Malformed Event: 0x02 [ 140.382662][ T6850] random: crng reseeded on system resumption [ 141.599890][ T6881] : renamed from gre0 (while UP) [ 143.713291][ T6892] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 143.990766][ T6919] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 144.031968][ T6921] kAFS: No cell specified [ 144.235634][ T30] audit: type=1800 audit(1753592649.671:8): pid=6926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.181" name="dbroot" dev="configfs" ino=11154 res=0 errno=0 [ 144.383094][ T6930] mmap: syz.2.183 (6930) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 144.559447][ T6944] ptrace attach of "./syz-executor exec"[5852] was attempted by ""[6944] [ 146.833893][ T6964] tipc: Withdrawal distribution failure [ 147.083976][ T6987] synth uevent: /devices/platform/vicodec.0/video4linux/video2: unknown uevent action string [ 147.203076][ T6987] video4linux video2: uevent: failed to send synthetic uevent: -22 [ 147.302292][ T6985] synth uevent: /devices/platform/vicodec.0/video4linux/video2: unknown uevent action string [ 147.315476][ T6985] video4linux video2: uevent: failed to send synthetic uevent: -22 [ 147.797903][ T7015] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 148.048727][ T7019] bridge0: port 3(bond0) entered blocking state [ 148.115021][ T7019] bridge0: port 3(bond0) entered disabled state [ 148.205787][ T7019] bond0: entered allmulticast mode [ 148.281159][ T7019] bond_slave_0: entered allmulticast mode [ 148.340000][ T7019] bond_slave_1: entered allmulticast mode [ 148.386252][ T7019] bond0: entered promiscuous mode [ 148.397005][ T7019] bond_slave_0: entered promiscuous mode [ 148.409353][ T7019] bond_slave_1: entered promiscuous mode [ 148.422362][ T7019] bridge0: port 3(bond0) entered blocking state [ 148.429019][ T7019] bridge0: port 3(bond0) entered forwarding state [ 148.436509][ T7027] random: crng reseeded on system resumption [ 151.646927][ T7082] netlink: 52 bytes leftover after parsing attributes in process `syz.2.206'. [ 152.295031][ T7102] netlink: 20 bytes leftover after parsing attributes in process `syz.3.210'. [ 153.430788][ T7134] ima: policy update failed [ 153.435601][ T30] audit: type=1802 audit(1753592658.871:9): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.214" res=0 errno=0 [ 153.934674][ T7149] netlink: 8 bytes leftover after parsing attributes in process `syz.3.218'. [ 153.944753][ T7149] FAULT_INJECTION: forcing a failure. [ 153.944753][ T7149] name failslab, interval 1, probability 0, space 0, times 0 [ 153.984936][ T7149] CPU: 1 UID: 0 PID: 7149 Comm: syz.3.218 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 153.984973][ T7149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 153.984988][ T7149] Call Trace: [ 153.984996][ T7149] [ 153.985007][ T7149] dump_stack_lvl+0x16c/0x1f0 [ 153.985039][ T7149] should_fail_ex+0x512/0x640 [ 153.985066][ T7149] ? __kmalloc_noprof+0xbf/0x510 [ 153.985096][ T7149] ? ovs_vport_alloc+0x30/0x3d0 [ 153.985122][ T7149] should_failslab+0xc2/0x120 [ 153.985152][ T7149] __kmalloc_noprof+0xd2/0x510 [ 153.985178][ T7149] ? ovs_dp_cmd_new+0x5d9/0xe60 [ 153.985222][ T7149] ovs_vport_alloc+0x30/0x3d0 [ 153.985255][ T7149] internal_dev_create+0x25/0x520 [ 153.985287][ T7149] ovs_vport_add+0x144/0x4d0 [ 153.985325][ T7149] new_vport+0x16/0x1d0 [ 153.985361][ T7149] ovs_dp_cmd_new+0x6ba/0xe60 [ 153.985409][ T7149] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 153.985456][ T7149] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 153.985493][ T7149] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 153.985538][ T7149] genl_family_rcv_msg_doit+0x209/0x2f0 [ 153.985576][ T7149] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 153.985612][ T7149] ? trace_cap_capable+0x18d/0x200 [ 153.985652][ T7149] ? bpf_lsm_capable+0x9/0x10 [ 153.985686][ T7149] ? security_capable+0x7e/0x260 [ 153.985718][ T7149] ? ns_capable+0xd7/0x110 [ 153.985749][ T7149] genl_rcv_msg+0x55c/0x800 [ 153.985788][ T7149] ? __pfx_genl_rcv_msg+0x10/0x10 [ 153.985823][ T7149] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 153.985875][ T7149] netlink_rcv_skb+0x158/0x420 [ 153.985908][ T7149] ? __pfx_genl_rcv_msg+0x10/0x10 [ 153.985948][ T7149] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 153.985996][ T7149] ? netlink_deliver_tap+0x1ae/0xd30 [ 153.986032][ T7149] genl_rcv+0x28/0x40 [ 153.986061][ T7149] netlink_unicast+0x58a/0x850 [ 153.986097][ T7149] ? __pfx_netlink_unicast+0x10/0x10 [ 153.986140][ T7149] netlink_sendmsg+0x8d1/0xdd0 [ 153.986177][ T7149] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.986224][ T7149] ____sys_sendmsg+0xa95/0xc70 [ 153.986259][ T7149] ? copy_msghdr_from_user+0x10a/0x160 [ 153.986286][ T7149] ? __pfx_____sys_sendmsg+0x10/0x10 [ 153.986335][ T7149] ? __pfx_futex_wake_mark+0x10/0x10 [ 153.986377][ T7149] ___sys_sendmsg+0x134/0x1d0 [ 153.986407][ T7149] ? __pfx____sys_sendmsg+0x10/0x10 [ 153.986432][ T7149] ? __lock_acquire+0x622/0x1c90 [ 153.986515][ T7149] __sys_sendmsg+0x16d/0x220 [ 153.986543][ T7149] ? __pfx___sys_sendmsg+0x10/0x10 [ 153.986569][ T7149] ? __x64_sys_futex+0x1e0/0x4c0 [ 153.986623][ T7149] do_syscall_64+0xcd/0x490 [ 153.986654][ T7149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.986680][ T7149] RIP: 0033:0x7fb4d898e9a9 [ 153.986701][ T7149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.986724][ T7149] RSP: 002b:00007fb4d97d4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 153.986749][ T7149] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898e9a9 [ 153.986766][ T7149] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000007 [ 153.986782][ T7149] RBP: 00007fb4d8a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 153.986798][ T7149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.986810][ T7149] R13: 0000000000000000 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 153.986843][ T7149] [ 155.128297][ T7182] FAULT_INJECTION: forcing a failure. [ 155.128297][ T7182] name failslab, interval 1, probability 0, space 0, times 0 [ 155.143702][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: syz.1.225 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 155.143741][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 155.143756][ T7182] Call Trace: [ 155.143764][ T7182] [ 155.143774][ T7182] dump_stack_lvl+0x16c/0x1f0 [ 155.143807][ T7182] should_fail_ex+0x512/0x640 [ 155.143833][ T7182] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 155.143876][ T7182] should_failslab+0xc2/0x120 [ 155.143906][ T7182] __kmalloc_cache_noprof+0x6a/0x3e0 [ 155.143956][ T7182] ? do_eventfd+0x67/0x2c0 [ 155.143990][ T7182] do_eventfd+0x67/0x2c0 [ 155.144015][ T7182] ? rcu_is_watching+0x12/0xc0 [ 155.144043][ T7182] __x64_sys_eventfd+0x32/0x50 [ 155.144071][ T7182] do_syscall_64+0xcd/0x490 [ 155.144099][ T7182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.144128][ T7182] RIP: 0033:0x7f15fc38e9a9 [ 155.144149][ T7182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.144174][ T7182] RSP: 002b:00007f15fd1b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 155.144198][ T7182] RAX: ffffffffffffffda RBX: 00007f15fc5b5fa0 RCX: 00007f15fc38e9a9 [ 155.144216][ T7182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 155.144230][ T7182] RBP: 00007f15fc410d69 R08: 0000000000000000 R09: 0000000000000000 [ 155.144245][ T7182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.144259][ T7182] R13: 0000000000000000 R14: 00007f15fc5b5fa0 R15: 00007ffe89f5e3e8 [ 155.144290][ T7182] [ 155.266384][ T7186] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 157.981197][ T7240] netlink: 20 bytes leftover after parsing attributes in process `syz.3.236'. [ 158.882906][ T7275] FAULT_INJECTION: forcing a failure. [ 158.882906][ T7275] name failslab, interval 1, probability 0, space 0, times 0 [ 158.958297][ T7271] random: crng reseeded on system resumption [ 158.958875][ T7275] CPU: 1 UID: 0 PID: 7275 Comm: syz.2.239 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 158.958907][ T7275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 158.958920][ T7275] Call Trace: [ 158.958928][ T7275] [ 158.958937][ T7275] dump_stack_lvl+0x16c/0x1f0 [ 158.958966][ T7275] should_fail_ex+0x512/0x640 [ 158.958990][ T7275] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 158.959020][ T7275] should_failslab+0xc2/0x120 [ 158.959046][ T7275] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 158.959072][ T7275] ? __d_alloc+0x31/0xaa0 [ 158.959101][ T7275] __d_alloc+0x31/0xaa0 [ 158.959132][ T7275] d_alloc_pseudo+0x1c/0xc0 [ 158.959162][ T7275] alloc_file_pseudo+0xcf/0x230 [ 158.959193][ T7275] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 158.959232][ T7275] __shmem_file_setup+0x1a3/0x330 [ 158.959269][ T7275] shmem_zero_setup+0x93/0x1a0 [ 158.959296][ T7275] __mmap_region+0x1ece/0x25e0 [ 158.959325][ T7275] ? __pfx___mmap_region+0x10/0x10 [ 158.959348][ T7275] ? rcu_is_watching+0x12/0xc0 [ 158.959379][ T7275] ? rcu_is_watching+0x12/0xc0 [ 158.959403][ T7275] ? trace_sched_exit_tp+0xde/0x130 [ 158.959431][ T7275] ? __schedule+0x1181/0x5dd0 [ 158.959469][ T7275] ? __lock_acquire+0xb21/0x1c90 [ 158.959512][ T7275] ? __pfx___schedule+0x10/0x10 [ 158.959585][ T7275] ? trace_cap_capable+0x18d/0x200 [ 158.959624][ T7275] mmap_region+0x1ab/0x3f0 [ 158.959648][ T7275] ? __get_unmapped_area+0x267/0x440 [ 158.959681][ T7275] do_mmap+0xa3e/0x1210 [ 158.959717][ T7275] ? __pfx_do_mmap+0x10/0x10 [ 158.959746][ T7275] ? __pfx_down_write_killable+0x10/0x10 [ 158.959780][ T7275] vm_mmap_pgoff+0x281/0x450 [ 158.959821][ T7275] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 158.959857][ T7275] ? __x64_sys_futex+0x1e0/0x4c0 [ 158.959884][ T7275] ? __x64_sys_futex+0x1e9/0x4c0 [ 158.959915][ T7275] ksys_mmap_pgoff+0x7d/0x5c0 [ 158.959943][ T7275] ? xfd_validate_state+0x61/0x180 [ 158.959971][ T7275] ? __pfx_do_writev+0x10/0x10 [ 158.960008][ T7275] __x64_sys_mmap+0x125/0x190 [ 158.960044][ T7275] do_syscall_64+0xcd/0x490 [ 158.960070][ T7275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.960094][ T7275] RIP: 0033:0x7f8ade58e9a9 [ 158.960112][ T7275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.960134][ T7275] RSP: 002b:00007f8adf36e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 158.960155][ T7275] RAX: ffffffffffffffda RBX: 00007f8ade7b5fa0 RCX: 00007f8ade58e9a9 [ 158.960171][ T7275] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 158.960185][ T7275] RBP: 00007f8ade610d69 R08: fffffffffffffffa R09: 0000000000008000 [ 158.960199][ T7275] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 158.960213][ T7275] R13: 0000000000000000 R14: 00007f8ade7b5fa0 R15: 00007ffd6162fef8 [ 158.960245][ T7275] [ 160.216718][ T7303] FAULT_INJECTION: forcing a failure. [ 160.216718][ T7303] name failslab, interval 1, probability 0, space 0, times 0 [ 160.305307][ T7303] CPU: 1 UID: 0 PID: 7303 Comm: syz.1.243 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 160.305345][ T7303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 160.305359][ T7303] Call Trace: [ 160.305367][ T7303] [ 160.305378][ T7303] dump_stack_lvl+0x16c/0x1f0 [ 160.305409][ T7303] should_fail_ex+0x512/0x640 [ 160.305437][ T7303] ? __kvmalloc_node_noprof+0x124/0x620 [ 160.305482][ T7303] should_failslab+0xc2/0x120 [ 160.305512][ T7303] __kvmalloc_node_noprof+0x137/0x620 [ 160.305551][ T7303] ? trace_kmalloc+0x2b/0xd0 [ 160.305584][ T7303] ? alloc_netdev_mqs+0xd2/0x1570 [ 160.305619][ T7303] ? __pfx_do_setup+0x10/0x10 [ 160.305647][ T7303] ? alloc_netdev_mqs+0xd2/0x1570 [ 160.305673][ T7303] alloc_netdev_mqs+0xd2/0x1570 [ 160.305711][ T7303] ? ovs_vport_alloc+0x2a0/0x3d0 [ 160.305745][ T7303] internal_dev_create+0x8a/0x520 [ 160.305780][ T7303] ovs_vport_add+0x144/0x4d0 [ 160.305812][ T7303] new_vport+0x16/0x1d0 [ 160.305848][ T7303] ovs_dp_cmd_new+0x6ba/0xe60 [ 160.305897][ T7303] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 160.305944][ T7303] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 160.305982][ T7303] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 160.306026][ T7303] genl_family_rcv_msg_doit+0x209/0x2f0 [ 160.306065][ T7303] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 160.306100][ T7303] ? trace_cap_capable+0x18d/0x200 [ 160.306141][ T7303] ? bpf_lsm_capable+0x9/0x10 [ 160.306176][ T7303] ? security_capable+0x7e/0x260 [ 160.306208][ T7303] ? ns_capable+0xd7/0x110 [ 160.306240][ T7303] genl_rcv_msg+0x55c/0x800 [ 160.306279][ T7303] ? __pfx_genl_rcv_msg+0x10/0x10 [ 160.306315][ T7303] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 160.306366][ T7303] netlink_rcv_skb+0x158/0x420 [ 160.306397][ T7303] ? __pfx_genl_rcv_msg+0x10/0x10 [ 160.306433][ T7303] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 160.306480][ T7303] ? netlink_deliver_tap+0x1ae/0xd30 [ 160.306516][ T7303] genl_rcv+0x28/0x40 [ 160.306546][ T7303] netlink_unicast+0x58a/0x850 [ 160.306582][ T7303] ? __pfx_netlink_unicast+0x10/0x10 [ 160.306624][ T7303] netlink_sendmsg+0x8d1/0xdd0 [ 160.306662][ T7303] ? __pfx_netlink_sendmsg+0x10/0x10 [ 160.306716][ T7303] ____sys_sendmsg+0xa95/0xc70 [ 160.306753][ T7303] ? copy_msghdr_from_user+0x10a/0x160 [ 160.306781][ T7303] ? __pfx_____sys_sendmsg+0x10/0x10 [ 160.306823][ T7303] ? try_to_wake_up+0xa2f/0x1680 [ 160.306856][ T7303] ___sys_sendmsg+0x134/0x1d0 [ 160.306886][ T7303] ? __pfx____sys_sendmsg+0x10/0x10 [ 160.306911][ T7303] ? __lock_acquire+0x622/0x1c90 [ 160.306992][ T7303] __sys_sendmsg+0x16d/0x220 [ 160.307021][ T7303] ? __pfx___sys_sendmsg+0x10/0x10 [ 160.307051][ T7303] ? __x64_sys_futex+0x1e0/0x4c0 [ 160.307106][ T7303] do_syscall_64+0xcd/0x490 [ 160.307138][ T7303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.307165][ T7303] RIP: 0033:0x7f15fc38e9a9 [ 160.307186][ T7303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.307209][ T7303] RSP: 002b:00007f15fd1b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 160.307234][ T7303] RAX: ffffffffffffffda RBX: 00007f15fc5b5fa0 RCX: 00007f15fc38e9a9 [ 160.307252][ T7303] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 160.307269][ T7303] RBP: 00007f15fc410d69 R08: 0000000000000000 R09: 0000000000000000 [ 160.307286][ T7303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.307301][ T7303] R13: 0000000000000000 R14: 00007f15fc5b5fa0 R15: 00007ffe89f5e3e8 [ 160.307337][ T7303] [ 160.695258][ T7305] ima: policy update failed [ 160.702916][ T7305] netlink: 25 bytes leftover after parsing attributes in process `syz.2.244'. [ 160.843079][ T30] audit: type=1802 audit(1753592666.131:10): pid=7305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.244" res=0 errno=0 [ 163.501280][ T7351] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request [ 165.146095][ T7391] openvswitch: netlink: Duplicate or invalid key (type 0). [ 166.896909][ T7425] FAULT_INJECTION: forcing a failure. [ 166.896909][ T7425] name failslab, interval 1, probability 0, space 0, times 0 [ 166.929984][ T7425] CPU: 1 UID: 0 PID: 7425 Comm: syz.2.262 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 166.930028][ T7425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 166.930038][ T7425] Call Trace: [ 166.930044][ T7425] [ 166.930050][ T7425] dump_stack_lvl+0x16c/0x1f0 [ 166.930069][ T7425] should_fail_ex+0x512/0x640 [ 166.930084][ T7425] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 166.930103][ T7425] should_failslab+0xc2/0x120 [ 166.930120][ T7425] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 166.930134][ T7425] ? security_file_alloc+0x34/0x2b0 [ 166.930160][ T7425] security_file_alloc+0x34/0x2b0 [ 166.930182][ T7425] init_file+0x93/0x4c0 [ 166.930199][ T7425] alloc_empty_file+0x73/0x1e0 [ 166.930217][ T7425] alloc_file_pseudo+0x13a/0x230 [ 166.930235][ T7425] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 166.930255][ T7425] ? do_raw_spin_unlock+0x172/0x230 [ 166.930279][ T7425] __anon_inode_getfile+0xe8/0x280 [ 166.930304][ T7425] anon_inode_getfile_fmode+0x37/0xa0 [ 166.930327][ T7425] do_eventfd+0x19b/0x2c0 [ 166.930341][ T7425] ? rcu_is_watching+0x12/0xc0 [ 166.930356][ T7425] __x64_sys_eventfd+0x32/0x50 [ 166.930372][ T7425] do_syscall_64+0xcd/0x490 [ 166.930388][ T7425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.930405][ T7425] RIP: 0033:0x7f8ade58e9a9 [ 166.930416][ T7425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.930429][ T7425] RSP: 002b:00007f8adf32c038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 166.930442][ T7425] RAX: ffffffffffffffda RBX: 00007f8ade7b6160 RCX: 00007f8ade58e9a9 [ 166.930451][ T7425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 166.930460][ T7425] RBP: 00007f8ade610d69 R08: 0000000000000000 R09: 0000000000000000 [ 166.930468][ T7425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.930475][ T7425] R13: 0000000000000000 R14: 00007f8ade7b6160 R15: 00007ffd6162fef8 [ 166.930493][ T7425] [ 167.841005][ T7440] netlink: 330 bytes leftover after parsing attributes in process `syz.0.266'. [ 167.886130][ T7441] netlink: 4 bytes leftover after parsing attributes in process `syz.2.267'. [ 167.945499][ T7436] netlink: 338 bytes leftover after parsing attributes in process `syz.1.265'. [ 168.089203][ T7440] veth1_macvtap: left promiscuous mode [ 168.112824][ T7440] macsec0: entered promiscuous mode [ 168.127791][ T7440] macsec0: entered allmulticast mode [ 168.231638][ T7458] netlink: 74 bytes leftover after parsing attributes in process `syz.2.270'. [ 170.496304][ T7490] FAULT_INJECTION: forcing a failure. [ 170.496304][ T7490] name failslab, interval 1, probability 0, space 0, times 0 [ 170.546421][ T7490] CPU: 1 UID: 0 PID: 7490 Comm: syz.0.276 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 170.546462][ T7490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 170.546477][ T7490] Call Trace: [ 170.546486][ T7490] [ 170.546496][ T7490] dump_stack_lvl+0x16c/0x1f0 [ 170.546529][ T7490] should_fail_ex+0x512/0x640 [ 170.546556][ T7490] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 170.546587][ T7490] should_failslab+0xc2/0x120 [ 170.546615][ T7490] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 170.546643][ T7490] ? security_file_alloc+0x34/0x2b0 [ 170.546694][ T7490] security_file_alloc+0x34/0x2b0 [ 170.546733][ T7490] init_file+0x93/0x4c0 [ 170.546764][ T7490] alloc_empty_file+0x73/0x1e0 [ 170.546795][ T7490] alloc_file_pseudo+0x13a/0x230 [ 170.546828][ T7490] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 170.546863][ T7490] ? do_raw_spin_unlock+0x172/0x230 [ 170.546905][ T7490] __anon_inode_getfile+0xe8/0x280 [ 170.546948][ T7490] anon_inode_getfile_fmode+0x37/0xa0 [ 170.546988][ T7490] do_eventfd+0x19b/0x2c0 [ 170.547014][ T7490] ? rcu_is_watching+0x12/0xc0 [ 170.547042][ T7490] __x64_sys_eventfd+0x32/0x50 [ 170.547069][ T7490] do_syscall_64+0xcd/0x490 [ 170.547099][ T7490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.547125][ T7490] RIP: 0033:0x7f16fd18e9a9 [ 170.547146][ T7490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.547170][ T7490] RSP: 002b:00007f16fdff9038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 170.547195][ T7490] RAX: ffffffffffffffda RBX: 00007f16fd3b5fa0 RCX: 00007f16fd18e9a9 [ 170.547213][ T7490] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 170.547228][ T7490] RBP: 00007f16fd210d69 R08: 0000000000000000 R09: 0000000000000000 [ 170.547243][ T7490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.547258][ T7490] R13: 0000000000000000 R14: 00007f16fd3b5fa0 R15: 00007ffcf977c9a8 [ 170.547293][ T7490] [ 172.938061][ T7524] bridge0: port 3(bond0) entered blocking state [ 172.957286][ T7524] bridge0: port 3(bond0) entered disabled state [ 173.001752][ T7524] bond0: entered allmulticast mode [ 173.076760][ T7524] bond_slave_0: entered allmulticast mode [ 173.103513][ T7524] bond_slave_1: entered allmulticast mode [ 173.114696][ T7524] bond0: entered promiscuous mode [ 173.119933][ T7524] bond_slave_0: entered promiscuous mode [ 173.152940][ T7524] bond_slave_1: entered promiscuous mode [ 173.165571][ T7524] bridge0: port 3(bond0) entered blocking state [ 173.171979][ T7524] bridge0: port 3(bond0) entered forwarding state [ 173.586623][ T7531] FAULT_INJECTION: forcing a failure. [ 173.586623][ T7531] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.599908][ T7531] CPU: 0 UID: 0 PID: 7531 Comm: syz.3.287 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 173.599946][ T7531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.599961][ T7531] Call Trace: [ 173.599971][ T7531] [ 173.599981][ T7531] dump_stack_lvl+0x16c/0x1f0 [ 173.600015][ T7531] should_fail_ex+0x512/0x640 [ 173.600047][ T7531] _copy_to_user+0x32/0xd0 [ 173.600080][ T7531] rng_dev_read+0x1ea/0x810 [ 173.600116][ T7531] ? __pfx_virtio_read+0x10/0x10 [ 173.600150][ T7531] ? __pfx_rng_dev_read+0x10/0x10 [ 173.600190][ T7531] ? bpf_lsm_file_permission+0x9/0x10 [ 173.600222][ T7531] ? security_file_permission+0x71/0x210 [ 173.600260][ T7531] ? rw_verify_area+0xcf/0x680 [ 173.600295][ T7531] ? __pfx_rng_dev_read+0x10/0x10 [ 173.600328][ T7531] vfs_read+0x1e4/0xc60 [ 173.600367][ T7531] ? __pfx_vfs_read+0x10/0x10 [ 173.600389][ T7531] ? find_held_lock+0x2b/0x80 [ 173.600418][ T7531] ? __fget_files+0x204/0x3c0 [ 173.600462][ T7531] ? __fget_files+0x20e/0x3c0 [ 173.600510][ T7531] ksys_read+0x12a/0x250 [ 173.600534][ T7531] ? __pfx_ksys_read+0x10/0x10 [ 173.600569][ T7531] do_syscall_64+0xcd/0x490 [ 173.600599][ T7531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.600625][ T7531] RIP: 0033:0x7fb4d898e9a9 [ 173.600647][ T7531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.600671][ T7531] RSP: 002b:00007fb4d97d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 173.600696][ T7531] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898e9a9 [ 173.600713][ T7531] RDX: 00000000fffffe82 RSI: 0000200000000040 RDI: 0000000000000003 [ 173.600729][ T7531] RBP: 00007fb4d8a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 173.600745][ T7531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.600761][ T7531] R13: 0000000000000000 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 173.600797][ T7531] [ 173.839666][ T7533] ima: policy update failed [ 173.840041][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.1.289'. [ 173.847361][ T7533] netlink: 25 bytes leftover after parsing attributes in process `syz.2.288'. [ 173.954852][ T30] audit: type=1802 audit(1753592679.281:11): pid=7533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.288" res=0 errno=0 [ 176.002924][ T7580] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 176.525714][ T7599] synth uevent: /devices/virtual/block/nbd9: unknown uevent action string [ 176.555434][ T7599] block nbd9: uevent: failed to send synthetic uevent: -22 [ 178.278328][ T7632] random: crng reseeded on system resumption [ 179.446114][ T7659] bridge0: port 3(bond0) entered blocking state [ 179.469871][ T7659] bridge0: port 3(bond0) entered disabled state [ 179.500420][ T7659] bond0: entered allmulticast mode [ 179.550382][ T7659] bond_slave_0: entered allmulticast mode [ 179.645144][ T7659] bond_slave_1: entered allmulticast mode [ 179.687456][ T7659] bond0: entered promiscuous mode [ 179.720564][ T7659] bond_slave_0: entered promiscuous mode [ 179.765020][ T7659] bond_slave_1: entered promiscuous mode [ 179.821316][ T7659] bridge0: port 3(bond0) entered blocking state [ 179.827679][ T7659] bridge0: port 3(bond0) entered forwarding state [ 180.048386][ T7667] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 181.203955][ T7685] netlink: 12 bytes leftover after parsing attributes in process `syz.1.322'. [ 181.332366][ T7685] netlink: 12 bytes leftover after parsing attributes in process `syz.1.322'. [ 181.738087][ T7699] FAULT_INJECTION: forcing a failure. [ 181.738087][ T7699] name failslab, interval 1, probability 0, space 0, times 0 [ 181.752616][ T7699] CPU: 0 UID: 0 PID: 7699 Comm: syz.1.325 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 181.752657][ T7699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 181.752675][ T7699] Call Trace: [ 181.752684][ T7699] [ 181.752698][ T7699] dump_stack_lvl+0x16c/0x1f0 [ 181.752730][ T7699] should_fail_ex+0x512/0x640 [ 181.752756][ T7699] ? fs_reclaim_acquire+0xae/0x150 [ 181.752792][ T7699] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 181.752816][ T7699] should_failslab+0xc2/0x120 [ 181.752845][ T7699] __kmalloc_noprof+0xd2/0x510 [ 181.752881][ T7699] tomoyo_realpath_from_path+0xc2/0x6e0 [ 181.752918][ T7699] tomoyo_check_open_permission+0x2ab/0x3c0 [ 181.752955][ T7699] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 181.753026][ T7699] ? do_raw_spin_lock+0x12c/0x2b0 [ 181.753075][ T7699] tomoyo_file_open+0x6b/0x90 [ 181.753106][ T7699] security_file_open+0x84/0x1e0 [ 181.753143][ T7699] do_dentry_open+0x596/0x1c10 [ 181.753182][ T7699] vfs_open+0x82/0x3f0 [ 181.753218][ T7699] path_openat+0x1de4/0x2cb0 [ 181.753257][ T7699] ? __pfx_path_openat+0x10/0x10 [ 181.753293][ T7699] ? __lock_acquire+0xb8a/0x1c90 [ 181.753332][ T7699] do_filp_open+0x20b/0x470 [ 181.753360][ T7699] ? __pfx_do_filp_open+0x10/0x10 [ 181.753414][ T7699] ? alloc_fd+0x471/0x7d0 [ 181.753464][ T7699] do_sys_openat2+0x11b/0x1d0 [ 181.753497][ T7699] ? __pfx_do_sys_openat2+0x10/0x10 [ 181.753544][ T7699] __x64_sys_openat+0x174/0x210 [ 181.753577][ T7699] ? __pfx___x64_sys_openat+0x10/0x10 [ 181.753625][ T7699] do_syscall_64+0xcd/0x490 [ 181.753656][ T7699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.753682][ T7699] RIP: 0033:0x7f15fc38e9a9 [ 181.753704][ T7699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.753727][ T7699] RSP: 002b:00007f15fd190038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 181.753751][ T7699] RAX: ffffffffffffffda RBX: 00007f15fc5b6080 RCX: 00007f15fc38e9a9 [ 181.753768][ T7699] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 181.753785][ T7699] RBP: 00007f15fc410d69 R08: 0000000000000000 R09: 0000000000000000 [ 181.753800][ T7699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.753816][ T7699] R13: 0000000000000000 R14: 00007f15fc5b6080 R15: 00007ffe89f5e3e8 [ 181.753852][ T7699] [ 181.987351][ T7699] ERROR: Out of memory at tomoyo_realpath_from_path. [ 184.920626][ T7763] FAULT_INJECTION: forcing a failure. [ 184.920626][ T7763] name failslab, interval 1, probability 0, space 0, times 0 [ 184.952092][ T7763] CPU: 1 UID: 0 PID: 7763 Comm: syz.1.340 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 184.952115][ T7763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 184.952124][ T7763] Call Trace: [ 184.952130][ T7763] [ 184.952136][ T7763] dump_stack_lvl+0x16c/0x1f0 [ 184.952156][ T7763] should_fail_ex+0x512/0x640 [ 184.952171][ T7763] ? __kmalloc_noprof+0xbf/0x510 [ 184.952188][ T7763] ? sk_prot_alloc+0x1a8/0x2a0 [ 184.952212][ T7763] should_failslab+0xc2/0x120 [ 184.952230][ T7763] __kmalloc_noprof+0xd2/0x510 [ 184.952245][ T7763] ? evm_inode_alloc_security+0x49/0xc0 [ 184.952265][ T7763] sk_prot_alloc+0x1a8/0x2a0 [ 184.952284][ T7763] sk_alloc+0x36/0xc20 [ 184.952299][ T7763] __netlink_create+0x5e/0x2c0 [ 184.952314][ T7763] __netlink_kernel_create+0xed/0x750 [ 184.952332][ T7763] ? __pfx___netlink_kernel_create+0x10/0x10 [ 184.952352][ T7763] ? proc_create_reg+0xe3/0x180 [ 184.952370][ T7763] xfrm_user_net_init+0xc6/0x190 [ 184.952389][ T7763] ? __pfx_xfrm_user_net_init+0x10/0x10 [ 184.952408][ T7763] ? __pfx_xfrm_netlink_rcv+0x10/0x10 [ 184.952427][ T7763] ? __pfx_tls_init_net+0x10/0x10 [ 184.952442][ T7763] ? tls_proc_init+0x58/0x70 [ 184.952462][ T7763] ? __pfx_xfrm_user_net_init+0x10/0x10 [ 184.952479][ T7763] ops_init+0x1df/0x5f0 [ 184.952497][ T7763] setup_net+0x1ff/0x510 [ 184.952512][ T7763] ? lockdep_init_map_type+0x5c/0x280 [ 184.952532][ T7763] ? __pfx_setup_net+0x10/0x10 [ 184.952549][ T7763] ? debug_mutex_init+0x37/0x70 [ 184.952565][ T7763] copy_net_ns+0x2a6/0x5f0 [ 184.952584][ T7763] create_new_namespaces+0x3ea/0xa90 [ 184.952605][ T7763] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 184.952622][ T7763] ksys_unshare+0x45b/0xa40 [ 184.952645][ T7763] ? __pfx_ksys_unshare+0x10/0x10 [ 184.952678][ T7763] ? xfd_validate_state+0x61/0x180 [ 184.952723][ T7763] __x64_sys_unshare+0x31/0x40 [ 184.952753][ T7763] do_syscall_64+0xcd/0x490 [ 184.952783][ T7763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.952809][ T7763] RIP: 0033:0x7f15fc38e9a9 [ 184.952830][ T7763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.952849][ T7763] RSP: 002b:00007f15fd1b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 184.952862][ T7763] RAX: ffffffffffffffda RBX: 00007f15fc5b5fa0 RCX: 00007f15fc38e9a9 [ 184.952872][ T7763] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 184.952880][ T7763] RBP: 00007f15fc410d69 R08: 0000000000000000 R09: 0000000000000000 [ 184.952889][ T7763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.952897][ T7763] R13: 0000000000000000 R14: 00007f15fc5b5fa0 R15: 00007ffe89f5e3e8 [ 184.952916][ T7763] [ 185.767336][ T7762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78020 [ 185.790525][ T7762] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 185.810568][ T7762] memcg:ffff88807ff4dd01 [ 185.815182][ T7762] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 185.835281][ T7762] page_type: f5(slab) [ 185.845223][ T7762] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 185.863867][ T7762] raw: 0000000000000000 0000000080100010 00000000f5000000 ffff88807ff4dd01 [ 185.873743][ T7762] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 185.882447][ T7762] head: 0000000000000000 0000000080100010 00000000f5000000 ffff88807ff4dd01 [ 185.913001][ T7762] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 185.921724][ T7762] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 186.012887][ T7762] page dumped because: unmovable page [ 186.022520][ T7762] page_owner tracks the page as allocated [ 186.036976][ T7762] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 186.069172][ T7762] post_alloc_hook+0x1c0/0x230 [ 186.116662][ T7762] get_page_from_freelist+0x1321/0x3890 [ 186.154918][ T7762] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 186.181513][ T7762] alloc_pages_mpol+0x1fb/0x550 [ 186.214211][ T7762] new_slab+0x23b/0x330 [ 186.218391][ T7762] ___slab_alloc+0xd9c/0x1940 [ 186.251585][ T7762] __slab_alloc.constprop.0+0x56/0xb0 [ 186.273233][ T7762] kmem_cache_alloc_noprof+0xef/0x3b0 [ 186.294588][ T7762] sk_prot_alloc+0x60/0x2a0 [ 186.318024][ T7762] sk_alloc+0x36/0xc20 [ 186.322106][ T7762] inet6_create+0x381/0x12b0 [ 186.382882][ T7762] __sock_create+0x335/0x8d0 [ 186.387520][ T7762] __sys_socket+0x14d/0x260 [ 186.397226][ T7762] __x64_sys_socket+0x72/0xb0 [ 186.422624][ T7762] do_syscall_64+0xcd/0x490 [ 186.439910][ T7762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.466929][ T7762] page last free pid 5834 tgid 5834 stack trace: [ 186.477039][ T7762] __free_frozen_pages+0x7fe/0x1180 [ 186.484156][ T7762] __folio_put+0x329/0x450 [ 186.490774][ T7762] skb_release_data+0x7fb/0x9c0 [ 186.501540][ T7762] __kfree_skb+0x4f/0x70 [ 186.517094][ T7762] tcp_ack+0x19b2/0x5c90 [ 186.532074][ T7762] tcp_rcv_established+0xda1/0x22e0 [ 186.548284][ T7762] tcp_v4_do_rcv+0x5ca/0xa90 [ 186.558476][ T7762] __release_sock+0x31b/0x400 [ 186.567509][ T7762] release_sock+0x5a/0x220 [ 186.590483][ T7762] tcp_sendmsg+0x38/0x50 [ 186.615366][ T7762] inet_sendmsg+0xb9/0x140 [ 186.630308][ T7762] sock_write_iter+0x4aa/0x5b0 [ 186.639592][ T7762] vfs_write+0x6c4/0x1150 [ 186.662154][ T7762] ksys_write+0x1f8/0x250 [ 186.679202][ T7762] do_syscall_64+0xcd/0x490 [ 186.689713][ T7762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.806203][ T7803] bridge0: port 3(bond0) entered blocking state [ 187.836206][ T7803] bridge0: port 3(bond0) entered disabled state [ 187.849550][ T7803] bond0: entered allmulticast mode [ 187.870429][ T7803] bond_slave_0: entered allmulticast mode [ 187.883591][ T7803] bond_slave_1: entered allmulticast mode [ 187.901162][ T7803] bond0: entered promiscuous mode [ 187.938151][ T7803] bond_slave_0: entered promiscuous mode [ 187.952968][ T7803] bond_slave_1: entered promiscuous mode [ 187.973573][ T7803] bridge0: port 3(bond0) entered blocking state [ 187.980759][ T7803] bridge0: port 3(bond0) entered forwarding state [ 190.747076][ T7833] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 190.771080][ T7841] FAULT_INJECTION: forcing a failure. [ 190.771080][ T7841] name failslab, interval 1, probability 0, space 0, times 0 [ 190.820044][ T7841] CPU: 0 UID: 0 PID: 7841 Comm: syz.1.355 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 190.820065][ T7841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 190.820074][ T7841] Call Trace: [ 190.820079][ T7841] [ 190.820085][ T7841] dump_stack_lvl+0x16c/0x1f0 [ 190.820105][ T7841] should_fail_ex+0x512/0x640 [ 190.820120][ T7841] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 190.820144][ T7841] should_failslab+0xc2/0x120 [ 190.820160][ T7841] __kmalloc_cache_noprof+0x6a/0x3e0 [ 190.820182][ T7841] ? do_eventfd+0x67/0x2c0 [ 190.820200][ T7841] do_eventfd+0x67/0x2c0 [ 190.820214][ T7841] ? rcu_is_watching+0x12/0xc0 [ 190.820230][ T7841] __x64_sys_eventfd+0x32/0x50 [ 190.820245][ T7841] do_syscall_64+0xcd/0x490 [ 190.820261][ T7841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.820275][ T7841] RIP: 0033:0x7f15fc38e9a9 [ 190.820287][ T7841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.820299][ T7841] RSP: 002b:00007f15fd1b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 190.820313][ T7841] RAX: ffffffffffffffda RBX: 00007f15fc5b5fa0 RCX: 00007f15fc38e9a9 [ 190.820322][ T7841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 190.820330][ T7841] RBP: 00007f15fc410d69 R08: 0000000000000000 R09: 0000000000000000 [ 190.820338][ T7841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.820345][ T7841] R13: 0000000000000000 R14: 00007f15fc5b5fa0 R15: 00007ffe89f5e3e8 [ 190.820370][ T7841] [ 190.979027][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.204642][ T7875] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(12.0.1), cmd(3) [ 192.318251][ T7872] can: request_module (can-proto-5) failed. [ 192.989167][ T7902] netlink: 4 bytes leftover after parsing attributes in process `syz.2.369'. [ 193.024672][ T7902] netlink: 9 bytes leftover after parsing attributes in process `syz.2.369'. [ 193.054505][ T7902] netlink: 4 bytes leftover after parsing attributes in process `syz.2.369'. [ 194.227570][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.234008][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.246004][ T7945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.379'. [ 194.361827][ T7949] sd 0:0:1:0: PR command failed: 1026 [ 194.373800][ T7949] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 194.394095][ T7949] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 194.583149][ T7918] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 194.707853][ T7960] random: crng reseeded on system resumption [ 195.143537][ T7971] netlink: 28 bytes leftover after parsing attributes in process `syz.3.384'. [ 196.004077][ T7989] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 196.151090][ T7997] random: crng reseeded on system resumption [ 197.680196][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b294000: rx timeout, send abort [ 198.189317][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b294000: abort rx timeout. Force session deactivation [ 198.730784][ T8044] netlink: 28 bytes leftover after parsing attributes in process `syz.2.403'. [ 201.767618][ T30] audit: type=1800 audit(4831838234.564:12): pid=8087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.412" name="features" dev="configfs" ino=16009 res=0 errno=0 [ 202.618367][ T8100] FAULT_INJECTION: forcing a failure. [ 202.618367][ T8100] name failslab, interval 1, probability 0, space 0, times 0 [ 202.666565][ T8100] CPU: 1 UID: 0 PID: 8100 Comm: syz.3.415 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 202.666603][ T8100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 202.666619][ T8100] Call Trace: [ 202.666628][ T8100] [ 202.666639][ T8100] dump_stack_lvl+0x16c/0x1f0 [ 202.666671][ T8100] should_fail_ex+0x512/0x640 [ 202.666704][ T8100] ? fs_reclaim_acquire+0xae/0x150 [ 202.666742][ T8100] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 202.666769][ T8100] should_failslab+0xc2/0x120 [ 202.666799][ T8100] __kmalloc_noprof+0xd2/0x510 [ 202.666836][ T8100] tomoyo_realpath_from_path+0xc2/0x6e0 [ 202.666873][ T8100] tomoyo_check_open_permission+0x2ab/0x3c0 [ 202.666910][ T8100] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 202.666984][ T8100] ? do_raw_spin_lock+0x12c/0x2b0 [ 202.667032][ T8100] tomoyo_file_open+0x6b/0x90 [ 202.667063][ T8100] security_file_open+0x84/0x1e0 [ 202.667100][ T8100] do_dentry_open+0x596/0x1c10 [ 202.667138][ T8100] vfs_open+0x82/0x3f0 [ 202.667174][ T8100] path_openat+0x1de4/0x2cb0 [ 202.667211][ T8100] ? __pfx_path_openat+0x10/0x10 [ 202.667239][ T8100] ? __lock_acquire+0xb8a/0x1c90 [ 202.667276][ T8100] do_filp_open+0x20b/0x470 [ 202.667303][ T8100] ? __pfx_do_filp_open+0x10/0x10 [ 202.667356][ T8100] ? alloc_fd+0x471/0x7d0 [ 202.667402][ T8100] do_sys_openat2+0x11b/0x1d0 [ 202.667434][ T8100] ? __pfx_do_sys_openat2+0x10/0x10 [ 202.667490][ T8100] __x64_sys_openat+0x174/0x210 [ 202.667524][ T8100] ? __pfx___x64_sys_openat+0x10/0x10 [ 202.667574][ T8100] do_syscall_64+0xcd/0x490 [ 202.667605][ T8100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.667631][ T8100] RIP: 0033:0x7fb4d898e9a9 [ 202.667653][ T8100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.667676][ T8100] RSP: 002b:00007fb4d97d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 202.667701][ T8100] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898e9a9 [ 202.667719][ T8100] RDX: 0000000000000002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 202.667736][ T8100] RBP: 00007fb4d8a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 202.667752][ T8100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.667767][ T8100] R13: 0000000000000000 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 202.667802][ T8100] [ 202.667812][ T8100] ERROR: Out of memory at tomoyo_realpath_from_path. [ 203.514388][ T8114] netlink: 330 bytes leftover after parsing attributes in process `syz.3.418'. [ 204.263263][ T8136] program syz.0.423 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.335039][ T8132] FAULT_INJECTION: forcing a failure. [ 204.335039][ T8132] name failslab, interval 1, probability 0, space 0, times 0 [ 204.349837][ T8132] CPU: 1 UID: 0 PID: 8132 Comm: syz.3.422 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 204.349858][ T8132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 204.349867][ T8132] Call Trace: [ 204.349873][ T8132] [ 204.349879][ T8132] dump_stack_lvl+0x16c/0x1f0 [ 204.349898][ T8132] should_fail_ex+0x512/0x640 [ 204.349914][ T8132] ? __kmalloc_noprof+0xbf/0x510 [ 204.349931][ T8132] ? xfrm_hash_alloc+0xd1/0x100 [ 204.349951][ T8132] should_failslab+0xc2/0x120 [ 204.349968][ T8132] __kmalloc_noprof+0xd2/0x510 [ 204.349982][ T8132] ? xfrm_nat_keepalive_net_init+0xe1/0x140 [ 204.350002][ T8132] xfrm_hash_alloc+0xd1/0x100 [ 204.350091][ T8132] xfrm_state_init+0x11e/0x630 [ 204.350119][ T8132] ? __pfx_xfrm_net_init+0x10/0x10 [ 204.350133][ T8132] xfrm_net_init+0x210/0xcc0 [ 204.350150][ T8132] ? __pfx_xfrm_net_init+0x10/0x10 [ 204.350164][ T8132] ops_init+0x1df/0x5f0 [ 204.350182][ T8132] setup_net+0x1ff/0x510 [ 204.350197][ T8132] ? lockdep_init_map_type+0x5c/0x280 [ 204.350218][ T8132] ? __pfx_setup_net+0x10/0x10 [ 204.350236][ T8132] ? debug_mutex_init+0x37/0x70 [ 204.350253][ T8132] copy_net_ns+0x2a6/0x5f0 [ 204.350276][ T8132] create_new_namespaces+0x3ea/0xa90 [ 204.350297][ T8132] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 204.350314][ T8132] ksys_unshare+0x45b/0xa40 [ 204.350334][ T8132] ? __pfx_ksys_unshare+0x10/0x10 [ 204.350353][ T8132] ? xfd_validate_state+0x61/0x180 [ 204.350377][ T8132] __x64_sys_unshare+0x31/0x40 [ 204.350401][ T8132] do_syscall_64+0xcd/0x490 [ 204.350418][ T8132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.350436][ T8132] RIP: 0033:0x7fb4d898e9a9 [ 204.350449][ T8132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.350463][ T8132] RSP: 002b:00007fb4d97d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 204.350481][ T8132] RAX: ffffffffffffffda RBX: 00007fb4d8bb5fa0 RCX: 00007fb4d898e9a9 [ 204.350490][ T8132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 204.350498][ T8132] RBP: 00007fb4d8a10d69 R08: 0000000000000000 R09: 0000000000000000 [ 204.350506][ T8132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.350514][ T8132] R13: 0000000000000000 R14: 00007fb4d8bb5fa0 R15: 00007ffd1a4cf468 [ 204.350532][ T8132] [ 206.240787][ T8168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020000 pfn:0x78020 [ 206.251709][ T8168] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 206.300687][ T8168] memcg:ffff88807ff4dd01 [ 206.355986][ T8168] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 206.364723][ T8168] page_type: f5(slab) [ 206.371354][ T8168] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 206.381303][ T8168] raw: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 206.391174][ T8168] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 206.422959][ T8168] head: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 206.431726][ T8168] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 206.441707][ T8168] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 206.470008][ T8130] kexec: Could not allocate control_code_buffer [ 206.529572][ T8168] page dumped because: unmovable page [ 206.563076][ T8168] page_owner tracks the page as allocated [ 206.569885][ T8168] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 206.595784][ T8168] post_alloc_hook+0x1c0/0x230 [ 206.600727][ T8168] get_page_from_freelist+0x1321/0x3890 [ 206.622801][ T8168] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 206.636464][ T8168] alloc_pages_mpol+0x1fb/0x550 [ 206.659084][ T8168] new_slab+0x23b/0x330 [ 206.664635][ T8168] ___slab_alloc+0xd9c/0x1940 [ 206.672359][ T8168] __slab_alloc.constprop.0+0x56/0xb0 [ 206.679388][ T8168] kmem_cache_alloc_noprof+0xef/0x3b0 [ 206.688613][ T8168] sk_prot_alloc+0x60/0x2a0 [ 206.694103][ T8168] sk_alloc+0x36/0xc20 [ 206.698286][ T8168] inet6_create+0x381/0x12b0 [ 206.704301][ T8168] __sock_create+0x335/0x8d0 [ 206.708974][ T8168] __sys_socket+0x14d/0x260 [ 206.729490][ T8168] __x64_sys_socket+0x72/0xb0 [ 206.760788][ T8168] do_syscall_64+0xcd/0x490 [ 206.795393][ T8168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.843648][ T8168] page last free pid 5834 tgid 5834 stack trace: [ 206.856108][ T8168] __free_frozen_pages+0x7fe/0x1180 [ 206.861405][ T8168] __folio_put+0x329/0x450 [ 206.892840][ T8168] skb_release_data+0x7fb/0x9c0 [ 206.897834][ T8168] __kfree_skb+0x4f/0x70 [ 206.902119][ T8168] tcp_ack+0x19b2/0x5c90 [ 206.906476][ T8168] tcp_rcv_established+0xda1/0x22e0 [ 206.911723][ T8168] tcp_v4_do_rcv+0x5ca/0xa90 [ 206.954391][ T8168] __release_sock+0x31b/0x400 [ 206.979556][ T8168] release_sock+0x5a/0x220 [ 207.001147][ T8168] tcp_sendmsg+0x38/0x50 [ 207.025586][ T8168] inet_sendmsg+0xb9/0x140 [ 207.030043][ T8168] sock_write_iter+0x4aa/0x5b0 [ 207.132737][ T8168] vfs_write+0x6c4/0x1150 [ 207.166899][ T8168] ksys_write+0x1f8/0x250 [ 207.191150][ T8168] do_syscall_64+0xcd/0x490 [ 207.198005][ T8168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.424848][ T8213] openvswitch: netlink: Key type 274 is out of range max 32 [ 208.893573][ T8215] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 210.143982][ T8259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020000 pfn:0x78020 [ 210.158489][ T8259] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 210.171110][ T8259] memcg:ffff88807ff4dd01 [ 210.175692][ T8259] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 210.183555][ T8259] page_type: f5(slab) [ 210.187755][ T8259] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 210.196701][ T8259] raw: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 210.205636][ T8259] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 210.217617][ T8259] head: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 210.227143][ T8259] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 210.236674][ T8259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 210.261568][ T8259] page dumped because: unmovable page [ 210.268957][ T8259] page_owner tracks the page as allocated [ 210.282743][ T8259] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 210.322734][ T8259] post_alloc_hook+0x1c0/0x230 [ 210.344266][ T8259] get_page_from_freelist+0x1321/0x3890 [ 210.378590][ T8259] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 210.385245][ T8259] alloc_pages_mpol+0x1fb/0x550 [ 210.393118][ T8259] new_slab+0x23b/0x330 [ 210.398638][ T8259] ___slab_alloc+0xd9c/0x1940 [ 210.405274][ T8259] __slab_alloc.constprop.0+0x56/0xb0 [ 210.411916][ T8259] kmem_cache_alloc_noprof+0xef/0x3b0 [ 210.418541][ T8259] sk_prot_alloc+0x60/0x2a0 [ 210.428527][ T8259] sk_alloc+0x36/0xc20 [ 210.435506][ T8259] inet6_create+0x381/0x12b0 [ 210.442085][ T8259] __sock_create+0x335/0x8d0 [ 210.449750][ T8259] __sys_socket+0x14d/0x260 [ 210.456325][ T8259] __x64_sys_socket+0x72/0xb0 [ 210.462896][ T8259] do_syscall_64+0xcd/0x490 [ 210.469488][ T8259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.477224][ T8259] page last free pid 5834 tgid 5834 stack trace: [ 210.484919][ T8259] __free_frozen_pages+0x7fe/0x1180 [ 210.490850][ T8259] __folio_put+0x329/0x450 [ 210.495513][ T8259] skb_release_data+0x7fb/0x9c0 [ 210.501300][ T8259] __kfree_skb+0x4f/0x70 [ 210.505770][ T8259] tcp_ack+0x19b2/0x5c90 [ 210.510105][ T8259] tcp_rcv_established+0xda1/0x22e0 [ 210.515720][ T8259] tcp_v4_do_rcv+0x5ca/0xa90 [ 210.522852][ T8259] __release_sock+0x31b/0x400 [ 210.529475][ T8259] release_sock+0x5a/0x220 [ 210.536123][ T8259] tcp_sendmsg+0x38/0x50 [ 210.550687][ T8259] inet_sendmsg+0xb9/0x140 [ 210.556447][ T8259] sock_write_iter+0x4aa/0x5b0 [ 210.561291][ T8259] vfs_write+0x6c4/0x1150 [ 210.572701][ T8259] ksys_write+0x1f8/0x250 [ 210.580226][ T8259] do_syscall_64+0xcd/0x490 [ 210.584949][ T8259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.706771][ T8296] random: crng reseeded on system resumption [ 213.763888][ T8340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020000 pfn:0x78020 [ 213.807338][ T8340] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 213.850453][ T8340] memcg:ffff88807ff4dd01 [ 213.862706][ T8340] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 213.890659][ T8340] page_type: f5(slab) [ 213.902924][ T8340] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 213.930719][ T8340] raw: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 213.972748][ T8340] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 213.983026][ T8340] head: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 213.991754][ T8340] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 214.074750][ T8340] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 214.105128][ T8340] page dumped because: unmovable page [ 214.125904][ T8340] page_owner tracks the page as allocated [ 214.162190][ T8340] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 214.199121][ T8340] post_alloc_hook+0x1c0/0x230 [ 214.208982][ T8340] get_page_from_freelist+0x1321/0x3890 [ 214.232709][ T8340] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 214.252691][ T8340] alloc_pages_mpol+0x1fb/0x550 [ 214.257596][ T8340] new_slab+0x23b/0x330 [ 214.282723][ T8340] ___slab_alloc+0xd9c/0x1940 [ 214.302995][ T8340] __slab_alloc.constprop.0+0x56/0xb0 [ 214.318620][ T8340] kmem_cache_alloc_noprof+0xef/0x3b0 [ 214.342792][ T8340] sk_prot_alloc+0x60/0x2a0 [ 214.357524][ T8340] sk_alloc+0x36/0xc20 [ 214.366981][ T8340] inet6_create+0x381/0x12b0 [ 214.371684][ T8340] __sock_create+0x335/0x8d0 [ 214.378316][ T8340] __sys_socket+0x14d/0x260 [ 214.387375][ T8340] __x64_sys_socket+0x72/0xb0 [ 214.392214][ T8340] do_syscall_64+0xcd/0x490 [ 214.398651][ T8340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.422788][ T8340] page last free pid 5834 tgid 5834 stack trace: [ 214.439981][ T8340] __free_frozen_pages+0x7fe/0x1180 [ 214.445554][ T8340] __folio_put+0x329/0x450 [ 214.460246][ T8340] skb_release_data+0x7fb/0x9c0 [ 214.472670][ T8340] __kfree_skb+0x4f/0x70 [ 214.477059][ T8340] tcp_ack+0x19b2/0x5c90 [ 214.482415][ T8340] tcp_rcv_established+0xda1/0x22e0 [ 214.488232][ T8340] tcp_v4_do_rcv+0x5ca/0xa90 [ 214.494232][ T8340] __release_sock+0x31b/0x400 [ 214.498952][ T8340] release_sock+0x5a/0x220 [ 214.506800][ T8340] tcp_sendmsg+0x38/0x50 [ 214.511096][ T8340] inet_sendmsg+0xb9/0x140 [ 214.515934][ T8340] sock_write_iter+0x4aa/0x5b0 [ 214.520843][ T8340] vfs_write+0x6c4/0x1150 [ 214.544448][ T8340] ksys_write+0x1f8/0x250 [ 214.548821][ T8340] do_syscall_64+0xcd/0x490 [ 214.553878][ T8340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.652615][ T8347] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 214.823097][ T8361] capability: warning: `syz.2.465' uses 32-bit capabilities (legacy support in use) [ 216.113384][ T8384] usb usb24: usbfs: process 8384 (syz.0.471) did not claim interface 0 before use [ 216.919572][ T8407] ubi0: attaching mtd0 [ 216.931544][ T8407] ubi0: scanning is finished [ 216.936836][ T8407] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 217.156837][ T8409] netlink: 25 bytes leftover after parsing attributes in process `syz.1.478'. [ 217.203219][ T8409] ima: policy update failed [ 217.211195][ T8407] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 217.227353][ T30] audit: type=1802 audit(4831838250.014:13): pid=8409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.478" res=0 errno=0 [ 218.584463][ T8393] kexec: Could not allocate control_code_buffer [ 219.706081][ T8453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020000 pfn:0x78020 [ 219.753970][ T8453] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 219.788679][ T8453] memcg:ffff88807ff4dd01 [ 219.797402][ T8453] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 219.843910][ T8453] page_type: f5(slab) [ 219.850808][ T8453] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 219.897433][ T8453] raw: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 219.919048][ T8453] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 219.938697][ T8453] head: ffff888078020000 000000008010000e 00000000f5000000 ffff88807ff4dd01 [ 219.952249][ T8453] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 219.970636][ T8453] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 220.009858][ T8453] page dumped because: unmovable page [ 220.017584][ T8453] page_owner tracks the page as allocated [ 220.025262][ T8453] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 220.082271][ T8453] post_alloc_hook+0x1c0/0x230 [ 220.098651][ T8453] get_page_from_freelist+0x1321/0x3890 [ 220.112713][ T8453] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 220.122997][ T8453] alloc_pages_mpol+0x1fb/0x550 [ 220.127904][ T8453] new_slab+0x23b/0x330 [ 220.132134][ T8453] ___slab_alloc+0xd9c/0x1940 [ 220.137646][ T8453] __slab_alloc.constprop.0+0x56/0xb0 [ 220.143357][ T8453] kmem_cache_alloc_noprof+0xef/0x3b0 [ 220.148929][ T8453] sk_prot_alloc+0x60/0x2a0 [ 220.153841][ T8453] sk_alloc+0x36/0xc20 [ 220.157968][ T8453] inet6_create+0x381/0x12b0 [ 220.164397][ T8453] __sock_create+0x335/0x8d0 [ 220.169053][ T8453] __sys_socket+0x14d/0x260 [ 220.174141][ T8453] __x64_sys_socket+0x72/0xb0 [ 220.178946][ T8453] do_syscall_64+0xcd/0x490 [ 220.183967][ T8453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.190034][ T8453] page last free pid 5834 tgid 5834 stack trace: [ 220.196840][ T8453] __free_frozen_pages+0x7fe/0x1180 [ 220.202199][ T8453] __folio_put+0x329/0x450 [ 220.207092][ T8453] skb_release_data+0x7fb/0x9c0 [ 220.211988][ T8453] __kfree_skb+0x4f/0x70 [ 220.216668][ T8453] tcp_ack+0x19b2/0x5c90 [ 220.221029][ T8453] tcp_rcv_established+0xda1/0x22e0 [ 220.227141][ T8453] tcp_v4_do_rcv+0x5ca/0xa90 [ 220.231854][ T8453] __release_sock+0x31b/0x400 [ 220.236969][ T8453] release_sock+0x5a/0x220 [ 220.241515][ T8453] tcp_sendmsg+0x38/0x50 [ 220.246461][ T8453] inet_sendmsg+0xb9/0x140 [ 220.251001][ T8453] sock_write_iter+0x4aa/0x5b0 [ 220.256888][ T8453] vfs_write+0x6c4/0x1150 [ 220.261331][ T8453] ksys_write+0x1f8/0x250 [ 220.268025][ T8453] do_syscall_64+0xcd/0x490 [ 220.272881][ T8453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.555162][ T8463] random: crng reseeded on system resumption [ 221.975780][ T8487] sp0: Synchronizing with TNC [ 222.261707][ T8483] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 222.332919][ T8483] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 222.339321][ T8483] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 222.359509][ T8483] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 223.982830][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 224.139078][ T8538] random: crng reseeded on system resumption [ 224.382783][ T5857] Bluetooth: hci2: command 0x0c1a tx timeout [ 224.388800][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout [ 224.394871][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 227.395969][ T8637] netlink: 4 bytes leftover after parsing attributes in process `syz.2.530'. [ 229.246745][ T8674] can: request_module (can-proto-0) failed. [ 230.828732][ T8690] FAULT_INJECTION: forcing a failure. [ 230.828732][ T8690] name failslab, interval 1, probability 0, space 0, times 0 [ 230.862770][ T8690] CPU: 0 UID: 0 PID: 8690 Comm: syz.0.542 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 230.862805][ T8690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 230.862819][ T8690] Call Trace: [ 230.862828][ T8690] [ 230.862838][ T8690] dump_stack_lvl+0x16c/0x1f0 [ 230.862870][ T8690] should_fail_ex+0x512/0x640 [ 230.862895][ T8690] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 230.862921][ T8690] should_failslab+0xc2/0x120 [ 230.862947][ T8690] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 230.862972][ T8690] ? security_file_alloc+0x34/0x2b0 [ 230.863013][ T8690] security_file_alloc+0x34/0x2b0 [ 230.863048][ T8690] init_file+0x93/0x4c0 [ 230.863078][ T8690] alloc_empty_file+0x73/0x1e0 [ 230.863110][ T8690] alloc_file_pseudo+0x13a/0x230 [ 230.863142][ T8690] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 230.863176][ T8690] ? do_raw_spin_unlock+0x172/0x230 [ 230.863218][ T8690] __anon_inode_getfile+0xe8/0x280 [ 230.863260][ T8690] anon_inode_getfile_fmode+0x37/0xa0 [ 230.863299][ T8690] do_eventfd+0x19b/0x2c0 [ 230.863323][ T8690] ? rcu_is_watching+0x12/0xc0 [ 230.863351][ T8690] __x64_sys_eventfd+0x32/0x50 [ 230.863391][ T8690] do_syscall_64+0xcd/0x490 [ 230.863421][ T8690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.863446][ T8690] RIP: 0033:0x7f16fd18e9a9 [ 230.863467][ T8690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.863489][ T8690] RSP: 002b:00007f16fdff9038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 230.863512][ T8690] RAX: ffffffffffffffda RBX: 00007f16fd3b5fa0 RCX: 00007f16fd18e9a9 [ 230.863530][ T8690] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 230.863545][ T8690] RBP: 00007f16fd210d69 R08: 0000000000000000 R09: 0000000000000000 [ 230.863561][ T8690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.863576][ T8690] R13: 0000000000000000 R14: 00007f16fd3b5fa0 R15: 00007ffcf977c9a8 [ 230.863608][ T8690] [ 231.428537][ T5860] Bluetooth: hci3: Malformed LE Event: 0x1b [ 231.718277][ T8708] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 232.061634][ T8713] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 234.151274][ T8748] syz.2.553 (8748): drop_caches: 0 [ 234.472607][ T8766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020f80 pfn:0x78020 [ 234.486756][ T8766] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 234.495362][ T8766] memcg:ffff88807ff4dd01 [ 234.537884][ T8766] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 234.579614][ T8766] page_type: f5(slab) [ 234.636958][ T8766] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 234.662810][ T8766] raw: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 234.732808][ T8766] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 234.757058][ T8766] head: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 234.766946][ T8766] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 234.775945][ T8766] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 234.784900][ T8766] page dumped because: unmovable page [ 234.792945][ T8766] page_owner tracks the page as allocated [ 234.817563][ T8766] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 234.873203][ T8766] post_alloc_hook+0x1c0/0x230 [ 234.879908][ T8766] get_page_from_freelist+0x1321/0x3890 [ 234.887042][ T8766] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 234.893071][ T8766] alloc_pages_mpol+0x1fb/0x550 [ 234.898776][ T8766] new_slab+0x23b/0x330 [ 234.923476][ T8766] ___slab_alloc+0xd9c/0x1940 [ 234.953465][ T8766] __slab_alloc.constprop.0+0x56/0xb0 [ 234.959213][ T8766] kmem_cache_alloc_noprof+0xef/0x3b0 [ 234.964982][ T8766] sk_prot_alloc+0x60/0x2a0 [ 234.970472][ T8766] sk_alloc+0x36/0xc20 [ 234.979083][ T8766] inet6_create+0x381/0x12b0 [ 234.984132][ T8766] __sock_create+0x335/0x8d0 [ 234.992539][ T8766] __sys_socket+0x14d/0x260 [ 235.002701][ T8766] __x64_sys_socket+0x72/0xb0 [ 235.007466][ T8766] do_syscall_64+0xcd/0x490 [ 235.014267][ T8766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.020473][ T8766] page last free pid 5834 tgid 5834 stack trace: [ 235.027702][ T8766] __free_frozen_pages+0x7fe/0x1180 [ 235.033455][ T8766] __folio_put+0x329/0x450 [ 235.037971][ T8766] skb_release_data+0x7fb/0x9c0 [ 235.043240][ T8766] __kfree_skb+0x4f/0x70 [ 235.047704][ T8766] tcp_ack+0x19b2/0x5c90 [ 235.052046][ T8766] tcp_rcv_established+0xda1/0x22e0 [ 235.057806][ T8766] tcp_v4_do_rcv+0x5ca/0xa90 [ 235.062479][ T8766] __release_sock+0x31b/0x400 [ 235.067598][ T8766] release_sock+0x5a/0x220 [ 235.072106][ T8766] tcp_sendmsg+0x38/0x50 [ 235.076763][ T8766] inet_sendmsg+0xb9/0x140 [ 235.081358][ T8766] sock_write_iter+0x4aa/0x5b0 [ 235.089665][ T8766] vfs_write+0x6c4/0x1150 [ 235.095368][ T8766] ksys_write+0x1f8/0x250 [ 235.100846][ T8766] do_syscall_64+0xcd/0x490 [ 235.109088][ T8766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.362240][ T8796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020f80 pfn:0x78020 [ 236.372504][ T8796] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 236.381714][ T8796] memcg:ffff88807ff4dd01 [ 236.454973][ T8796] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 236.487175][ T8796] page_type: f5(slab) [ 236.491252][ T8796] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 236.500314][ T8796] raw: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 236.525801][ T8796] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 236.535882][ T8796] head: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 236.561266][ T8796] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 236.586510][ T8796] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 236.610410][ T8796] page dumped because: unmovable page [ 236.617009][ T8796] page_owner tracks the page as allocated [ 236.622970][ T8796] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 236.678182][ T8796] post_alloc_hook+0x1c0/0x230 [ 236.685825][ T8796] get_page_from_freelist+0x1321/0x3890 [ 236.691472][ T8796] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 236.697493][ T8796] alloc_pages_mpol+0x1fb/0x550 [ 236.730651][ T8796] new_slab+0x23b/0x330 [ 236.763664][ T8796] ___slab_alloc+0xd9c/0x1940 [ 236.792587][ T8796] __slab_alloc.constprop.0+0x56/0xb0 [ 236.798150][ T8796] kmem_cache_alloc_noprof+0xef/0x3b0 [ 236.803961][ T8796] sk_prot_alloc+0x60/0x2a0 [ 236.808539][ T8796] sk_alloc+0x36/0xc20 [ 236.813683][ T8796] inet6_create+0x381/0x12b0 [ 236.818411][ T8796] __sock_create+0x335/0x8d0 [ 236.823441][ T8796] __sys_socket+0x14d/0x260 [ 236.828210][ T8796] __x64_sys_socket+0x72/0xb0 [ 236.833362][ T8796] do_syscall_64+0xcd/0x490 [ 236.838013][ T8796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.844494][ T8796] page last free pid 5834 tgid 5834 stack trace: [ 236.850985][ T8796] __free_frozen_pages+0x7fe/0x1180 [ 236.858077][ T8796] __folio_put+0x329/0x450 [ 236.862553][ T8796] skb_release_data+0x7fb/0x9c0 [ 236.933323][ T8796] __kfree_skb+0x4f/0x70 [ 236.978635][ T8796] tcp_ack+0x19b2/0x5c90 [ 236.985778][ T8796] tcp_rcv_established+0xda1/0x22e0 [ 236.993005][ T8796] tcp_v4_do_rcv+0x5ca/0xa90 [ 237.006179][ T8796] __release_sock+0x31b/0x400 [ 237.083783][ T8796] release_sock+0x5a/0x220 [ 237.088318][ T8796] tcp_sendmsg+0x38/0x50 [ 237.092603][ T8796] inet_sendmsg+0xb9/0x140 [ 237.100605][ T8796] sock_write_iter+0x4aa/0x5b0 [ 237.106219][ T8796] vfs_write+0x6c4/0x1150 [ 237.110666][ T8796] ksys_write+0x1f8/0x250 [ 237.117226][ T8796] do_syscall_64+0xcd/0x490 [ 237.121852][ T8796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.886454][ T8839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020f80 pfn:0x78020 [ 238.918628][ T8839] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 238.992996][ T8839] memcg:ffff88807ff4dd01 [ 238.998880][ T8839] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 239.008076][ T8839] page_type: f5(slab) [ 239.022923][ T8839] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 239.032149][ T8839] raw: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 239.045584][ T8839] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 239.058715][ T8839] head: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 239.068984][ T8839] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 239.079984][ T8839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 239.092746][ T8839] page dumped because: unmovable page [ 239.100109][ T8839] page_owner tracks the page as allocated [ 239.110510][ T8839] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 239.137102][ T8839] post_alloc_hook+0x1c0/0x230 [ 239.141970][ T8839] get_page_from_freelist+0x1321/0x3890 [ 239.148277][ T8839] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 239.155886][ T8839] alloc_pages_mpol+0x1fb/0x550 [ 239.161518][ T8839] new_slab+0x23b/0x330 [ 239.166463][ T8839] ___slab_alloc+0xd9c/0x1940 [ 239.171504][ T8839] __slab_alloc.constprop.0+0x56/0xb0 [ 239.177510][ T8839] kmem_cache_alloc_noprof+0xef/0x3b0 [ 239.183514][ T8839] sk_prot_alloc+0x60/0x2a0 [ 239.188487][ T8839] sk_alloc+0x36/0xc20 [ 239.193432][ T8839] inet6_create+0x381/0x12b0 [ 239.198286][ T8839] __sock_create+0x335/0x8d0 [ 239.214045][ T8839] __sys_socket+0x14d/0x260 [ 239.222909][ T8839] __x64_sys_socket+0x72/0xb0 [ 239.227782][ T8839] do_syscall_64+0xcd/0x490 [ 239.232404][ T8839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.239418][ T8839] page last free pid 5834 tgid 5834 stack trace: [ 239.246259][ T8839] __free_frozen_pages+0x7fe/0x1180 [ 239.253327][ T8839] __folio_put+0x329/0x450 [ 239.262947][ T8839] skb_release_data+0x7fb/0x9c0 [ 239.267875][ T8839] __kfree_skb+0x4f/0x70 [ 239.274329][ T8839] tcp_ack+0x19b2/0x5c90 [ 239.282180][ T8839] tcp_rcv_established+0xda1/0x22e0 [ 239.287550][ T8839] tcp_v4_do_rcv+0x5ca/0xa90 [ 239.295888][ T8839] __release_sock+0x31b/0x400 [ 239.329886][ T8839] release_sock+0x5a/0x220 [ 239.336502][ T8839] tcp_sendmsg+0x38/0x50 [ 239.341976][ T8839] inet_sendmsg+0xb9/0x140 [ 239.347588][ T8839] sock_write_iter+0x4aa/0x5b0 [ 239.353128][ T8839] vfs_write+0x6c4/0x1150 [ 239.359353][ T8839] ksys_write+0x1f8/0x250 [ 239.364131][ T8839] do_syscall_64+0xcd/0x490 [ 239.368725][ T8839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.998889][ T8869] FAULT_INJECTION: forcing a failure. [ 239.998889][ T8869] name failslab, interval 1, probability 0, space 0, times 0 [ 240.059200][ T8869] CPU: 1 UID: 0 PID: 8869 Comm: syz.2.582 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 240.059228][ T8869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 240.059237][ T8869] Call Trace: [ 240.059242][ T8869] [ 240.059248][ T8869] dump_stack_lvl+0x16c/0x1f0 [ 240.059268][ T8869] should_fail_ex+0x512/0x640 [ 240.059283][ T8869] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 240.059301][ T8869] should_failslab+0xc2/0x120 [ 240.059318][ T8869] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 240.059333][ T8869] ? security_file_alloc+0x34/0x2b0 [ 240.059358][ T8869] security_file_alloc+0x34/0x2b0 [ 240.059379][ T8869] init_file+0x93/0x4c0 [ 240.059396][ T8869] alloc_empty_file+0x73/0x1e0 [ 240.059414][ T8869] alloc_file_pseudo+0x13a/0x230 [ 240.059433][ T8869] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 240.059456][ T8869] ? do_raw_spin_unlock+0x172/0x230 [ 240.059480][ T8869] __anon_inode_getfile+0xe8/0x280 [ 240.059505][ T8869] anon_inode_getfile_fmode+0x37/0xa0 [ 240.059528][ T8869] do_eventfd+0x19b/0x2c0 [ 240.059543][ T8869] ? rcu_is_watching+0x12/0xc0 [ 240.059558][ T8869] __x64_sys_eventfd+0x32/0x50 [ 240.059574][ T8869] do_syscall_64+0xcd/0x490 [ 240.059590][ T8869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.059604][ T8869] RIP: 0033:0x7f8ade58e9a9 [ 240.059616][ T8869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 240.059629][ T8869] RSP: 002b:00007f8adf36e038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 240.059642][ T8869] RAX: ffffffffffffffda RBX: 00007f8ade7b5fa0 RCX: 00007f8ade58e9a9 [ 240.059651][ T8869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 240.059659][ T8869] RBP: 00007f8ade610d69 R08: 0000000000000000 R09: 0000000000000000 [ 240.059667][ T8869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.059675][ T8869] R13: 0000000000000000 R14: 00007f8ade7b5fa0 R15: 00007ffd6162fef8 [ 240.059699][ T8869] [ 240.870668][ T8883] netlink: 28 bytes leftover after parsing attributes in process `syz.0.586'. [ 240.926703][ T8879] could not allocate digest TFM handle [ 241.351629][ T8889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020f80 pfn:0x78020 [ 241.364141][ T8889] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 241.373118][ T8889] memcg:ffff88807ff4dd01 [ 241.377463][ T8889] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 241.450395][ T8889] page_type: f5(slab) [ 241.537597][ T8889] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 241.550069][ T8889] raw: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 241.559032][ T8889] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 241.570520][ T8889] head: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 241.580469][ T8889] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 241.591734][ T8889] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 241.600981][ T8889] page dumped because: unmovable page [ 241.607884][ T8889] page_owner tracks the page as allocated [ 241.629076][ T8889] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 241.658460][ T8889] post_alloc_hook+0x1c0/0x230 [ 241.688882][ T8889] get_page_from_freelist+0x1321/0x3890 [ 241.694735][ T8889] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 241.702674][ T8889] alloc_pages_mpol+0x1fb/0x550 [ 241.712977][ T8889] new_slab+0x23b/0x330 [ 241.717344][ T8889] ___slab_alloc+0xd9c/0x1940 [ 241.722087][ T8889] __slab_alloc.constprop.0+0x56/0xb0 [ 241.727557][ T8889] kmem_cache_alloc_noprof+0xef/0x3b0 [ 241.753409][ T8889] sk_prot_alloc+0x60/0x2a0 [ 241.757995][ T8889] sk_alloc+0x36/0xc20 [ 241.764868][ T8889] inet6_create+0x381/0x12b0 [ 241.769931][ T8889] __sock_create+0x335/0x8d0 [ 241.774772][ T8889] __sys_socket+0x14d/0x260 [ 241.780504][ T8889] __x64_sys_socket+0x72/0xb0 [ 241.790029][ T8889] do_syscall_64+0xcd/0x490 [ 241.847153][ T8889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.847199][ T8889] page last free pid 5834 tgid 5834 stack trace: [ 241.847210][ T8889] __free_frozen_pages+0x7fe/0x1180 [ 241.847233][ T8889] __folio_put+0x329/0x450 [ 241.847251][ T8889] skb_release_data+0x7fb/0x9c0 [ 241.847267][ T8889] __kfree_skb+0x4f/0x70 [ 241.847282][ T8889] tcp_ack+0x19b2/0x5c90 [ 241.847300][ T8889] tcp_rcv_established+0xda1/0x22e0 [ 241.847320][ T8889] tcp_v4_do_rcv+0x5ca/0xa90 [ 241.847340][ T8889] __release_sock+0x31b/0x400 [ 241.847353][ T8889] release_sock+0x5a/0x220 [ 241.847367][ T8889] tcp_sendmsg+0x38/0x50 [ 241.847387][ T8889] inet_sendmsg+0xb9/0x140 [ 241.847407][ T8889] sock_write_iter+0x4aa/0x5b0 [ 241.847425][ T8889] vfs_write+0x6c4/0x1150 [ 241.847438][ T8889] ksys_write+0x1f8/0x250 [ 241.847450][ T8889] do_syscall_64+0xcd/0x490 [ 241.847465][ T8889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.697648][ T8918] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 243.137289][ T8909] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 243.480268][ T8937] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input13 [ 243.796873][ T8947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078020f80 pfn:0x78020 [ 243.813034][ T8947] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 243.823683][ T8947] memcg:ffff88807ff4dd01 [ 243.828081][ T8947] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 243.836730][ T8947] page_type: f5(slab) [ 243.840862][ T8947] raw: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 243.873218][ T8947] raw: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 243.882449][ T8947] head: 00fff00000000040 ffff8880310c6140 dead000000000122 0000000000000000 [ 243.891976][ T8947] head: ffff888078020f80 000000008010000d 00000000f5000000 ffff88807ff4dd01 [ 243.901024][ T8947] head: 00fff00000000003 ffffea0001e00801 00000000ffffffff 00000000ffffffff [ 243.956883][ T8947] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 243.977057][ T8947] page dumped because: unmovable page [ 243.982566][ T8947] page_owner tracks the page as allocated [ 243.997138][ T8947] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7580, tgid 7577 (syz.3.298), ts 175984008050, free_ts 175919957479 [ 244.108912][ T8947] post_alloc_hook+0x1c0/0x230 [ 244.167827][ T8947] get_page_from_freelist+0x1321/0x3890 [ 244.221712][ T8947] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 244.229145][ T8947] alloc_pages_mpol+0x1fb/0x550 [ 244.238674][ T8947] new_slab+0x23b/0x330 [ 244.245308][ T8947] ___slab_alloc+0xd9c/0x1940 [ 244.251934][ T8947] __slab_alloc.constprop.0+0x56/0xb0 [ 244.257743][ T8947] kmem_cache_alloc_noprof+0xef/0x3b0 [ 244.265282][ T8947] sk_prot_alloc+0x60/0x2a0 [ 244.270785][ T8947] sk_alloc+0x36/0xc20 [ 244.281021][ T8947] inet6_create+0x381/0x12b0 [ 244.287634][ T8947] __sock_create+0x335/0x8d0 [ 244.317016][ T8947] __sys_socket+0x14d/0x260 [ 244.352917][ T8947] __x64_sys_socket+0x72/0xb0 [ 244.368374][ T8947] do_syscall_64+0xcd/0x490 [ 244.397241][ T8947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.403558][ T8947] page last free pid 5834 tgid 5834 stack trace: [ 244.410012][ T8947] __free_frozen_pages+0x7fe/0x1180 [ 244.415966][ T8947] __folio_put+0x329/0x450 [ 244.420529][ T8947] skb_release_data+0x7fb/0x9c0 [ 244.425906][ T8947] __kfree_skb+0x4f/0x70 [ 244.430438][ T8947] tcp_ack+0x19b2/0x5c90 [ 244.435930][ T8947] tcp_rcv_established+0xda1/0x22e0 [ 244.441405][ T8947] tcp_v4_do_rcv+0x5ca/0xa90 [ 244.467886][ T8947] __release_sock+0x31b/0x400 [ 244.487574][ T8947] release_sock+0x5a/0x220 [ 244.492143][ T8947] tcp_sendmsg+0x38/0x50 [ 244.498337][ T8947] inet_sendmsg+0xb9/0x140 [ 244.506698][ T8947] sock_write_iter+0x4aa/0x5b0 [ 244.511614][ T8947] vfs_write+0x6c4/0x1150 [ 244.516055][ T8947] ksys_write+0x1f8/0x250 [ 244.520526][ T8947] do_syscall_64+0xcd/0x490 [ 244.525626][ T8947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.711655][ T8965] netlink: 'syz.3.603': attribute type 1 has an invalid length. [ 245.928722][ T8993] FAULT_INJECTION: forcing a failure. [ 245.928722][ T8993] name failslab, interval 1, probability 0, space 0, times 0 [ 246.020525][ T8993] CPU: 0 UID: 0 PID: 8993 Comm: syz.2.610 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 246.020562][ T8993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 246.020584][ T8993] Call Trace: [ 246.020589][ T8993] [ 246.020595][ T8993] dump_stack_lvl+0x16c/0x1f0 [ 246.020616][ T8993] should_fail_ex+0x512/0x640 [ 246.020632][ T8993] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 246.020650][ T8993] should_failslab+0xc2/0x120 [ 246.020667][ T8993] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 246.020682][ T8993] ? __d_alloc+0x31/0xaa0 [ 246.020700][ T8993] __d_alloc+0x31/0xaa0 [ 246.020716][ T8993] d_alloc_pseudo+0x1c/0xc0 [ 246.020735][ T8993] alloc_file_pseudo+0xcf/0x230 [ 246.020754][ T8993] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 246.020777][ T8993] ? do_raw_spin_unlock+0x172/0x230 [ 246.020802][ T8993] __anon_inode_getfile+0xe8/0x280 [ 246.020827][ T8993] anon_inode_getfile_fmode+0x37/0xa0 [ 246.020859][ T8993] do_eventfd+0x19b/0x2c0 [ 246.020876][ T8993] ? rcu_is_watching+0x12/0xc0 [ 246.020893][ T8993] __x64_sys_eventfd+0x32/0x50 [ 246.020909][ T8993] do_syscall_64+0xcd/0x490 [ 246.020925][ T8993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.020939][ T8993] RIP: 0033:0x7f8ade58e9a9 [ 246.020951][ T8993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.020965][ T8993] RSP: 002b:00007f8adf36e038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 246.020979][ T8993] RAX: ffffffffffffffda RBX: 00007f8ade7b5fa0 RCX: 00007f8ade58e9a9 [ 246.020988][ T8993] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 246.020996][ T8993] RBP: 00007f8ade610d69 R08: 0000000000000000 R09: 0000000000000000 [ 246.021004][ T8993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.021012][ T8993] R13: 0000000000000000 R14: 00007f8ade7b5fa0 R15: 00007ffd6162fef8 [ 246.021030][ T8993] [ 246.214620][ C0] vkms_vblank_simulate: vblank timer overrun [ 246.854144][ T8991] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 247.292150][ T9011] netlink: 28 bytes leftover after parsing attributes in process `syz.2.613'. [ 247.302731][ T9011] ipvlan0: entered allmulticast mode [ 247.308120][ T9011] veth0_vlan: entered allmulticast mode [ 247.376769][ T8996] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 250.648519][ T5846] udevd[5846]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 253.078480][ T9155] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 253.175509][ T9155] FAULT_INJECTION: forcing a failure. [ 253.175509][ T9155] name failslab, interval 1, probability 0, space 0, times 0 [ 253.422756][ T9155] CPU: 0 UID: 0 PID: 9155 Comm: syz.0.637 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 253.422790][ T9155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 253.422805][ T9155] Call Trace: [ 253.422813][ T9155] [ 253.422823][ T9155] dump_stack_lvl+0x16c/0x1f0 [ 253.422844][ T9155] should_fail_ex+0x512/0x640 [ 253.422859][ T9155] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 253.422877][ T9155] should_failslab+0xc2/0x120 [ 253.422893][ T9155] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 253.422908][ T9155] ? __kernfs_new_node+0xd2/0x8e0 [ 253.422934][ T9155] __kernfs_new_node+0xd2/0x8e0 [ 253.422958][ T9155] ? __pfx___kernfs_new_node+0x10/0x10 [ 253.422986][ T9155] ? find_held_lock+0x2b/0x80 [ 253.423001][ T9155] ? kernfs_root+0xee/0x2a0 [ 253.423018][ T9155] kernfs_new_node+0x13c/0x1e0 [ 253.423037][ T9155] __kernfs_create_file+0x53/0x350 [ 253.423059][ T9155] sysfs_add_file_mode_ns+0x207/0x3c0 [ 253.423085][ T9155] internal_create_group+0x578/0xf30 [ 253.423104][ T9155] ? __pfx_internal_create_group+0x10/0x10 [ 253.423121][ T9155] ? kernfs_create_link+0x1bd/0x240 [ 253.423150][ T9155] internal_create_groups+0x9d/0x150 [ 253.423166][ T9155] device_add+0x6d1/0x1a70 [ 253.423187][ T9155] ? __pfx_device_add+0x10/0x10 [ 253.423204][ T9155] ? kfree+0x24f/0x4d0 [ 253.423222][ T9155] ? kstrdup+0xb5/0x100 [ 253.423243][ T9155] device_create_groups_vargs+0x1f8/0x270 [ 253.423265][ T9155] device_create_with_groups+0xf4/0x130 [ 253.423286][ T9155] ? __pfx_device_create_with_groups+0x10/0x10 [ 253.423318][ T9155] led_classdev_register_ext+0x55f/0xa10 [ 253.423342][ T9155] ? __pfx_led_classdev_register_ext+0x10/0x10 [ 253.423367][ T9155] ? __pfx_kasprintf+0x10/0x10 [ 253.423390][ T9155] ? input_open_device+0x296/0x390 [ 253.423406][ T9155] input_leds_connect+0x552/0x8e0 [ 253.423432][ T9155] input_attach_handler.isra.0+0x184/0x260 [ 253.423458][ T9155] input_register_device+0xa84/0x1130 [ 253.423480][ T9155] ? atkbd_set_device_attrs+0x864/0xa90 [ 253.423498][ T9155] atkbd_do_set_scroll+0x3a7/0x530 [ 253.423519][ T9155] ? __pfx_atkbd_do_set_scroll+0x10/0x10 [ 253.423536][ T9155] ? find_held_lock+0x2b/0x80 [ 253.423553][ T9155] ? __pfx_atkbd_do_set_scroll+0x10/0x10 [ 253.423569][ T9155] dev_attr_store+0x58/0x80 [ 253.423586][ T9155] ? __pfx_dev_attr_store+0x10/0x10 [ 253.423602][ T9155] sysfs_kf_write+0xf2/0x150 [ 253.423623][ T9155] kernfs_fop_write_iter+0x354/0x510 [ 253.423640][ T9155] ? __pfx_sysfs_kf_write+0x10/0x10 [ 253.423661][ T9155] vfs_write+0x6c4/0x1150 [ 253.423676][ T9155] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 253.423695][ T9155] ? __pfx___mutex_lock+0x10/0x10 [ 253.423709][ T9155] ? __pfx_vfs_write+0x10/0x10 [ 253.423736][ T9155] ksys_write+0x12a/0x250 [ 253.423749][ T9155] ? __pfx_ksys_write+0x10/0x10 [ 253.423769][ T9155] do_syscall_64+0xcd/0x490 [ 253.423785][ T9155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.423799][ T9155] RIP: 0033:0x7f16fd18e9a9 [ 253.423811][ T9155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.423824][ T9155] RSP: 002b:00007f16fdfd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 253.423838][ T9155] RAX: ffffffffffffffda RBX: 00007f16fd3b6080 RCX: 00007f16fd18e9a9 [ 253.423847][ T9155] RDX: 0000000000000081 RSI: 00002000000001c0 RDI: 0000000000000009 [ 253.423855][ T9155] RBP: 00007f16fd210d69 R08: 0000000000000000 R09: 0000000000000000 [ 253.423863][ T9155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.423871][ T9155] R13: 0000000000000000 R14: 00007f16fd3b6080 R15: 00007ffcf977c9a8 [ 253.423890][ T9155] [ 253.425029][ T9155] input input17: failed to register LED input17::scrolllock: -12 [ 254.642565][ T9155] input: failed to attach handler leds to device input17, error: -12 [ 254.943422][ T9190] random: crng reseeded on system resumption [ 255.383506][ T9207] FAULT_INJECTION: forcing a failure. [ 255.383506][ T9207] name failslab, interval 1, probability 0, space 0, times 0 [ 255.435662][ T9207] CPU: 1 UID: 0 PID: 9207 Comm: syz.0.645 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 255.435684][ T9207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 255.435693][ T9207] Call Trace: [ 255.435698][ T9207] [ 255.435704][ T9207] dump_stack_lvl+0x16c/0x1f0 [ 255.435725][ T9207] should_fail_ex+0x512/0x640 [ 255.435741][ T9207] ? __kmalloc_noprof+0xbf/0x510 [ 255.435759][ T9207] ? sk_prot_alloc+0x1a8/0x2a0 [ 255.435777][ T9207] should_failslab+0xc2/0x120 [ 255.435795][ T9207] __kmalloc_noprof+0xd2/0x510 [ 255.435813][ T9207] sk_prot_alloc+0x1a8/0x2a0 [ 255.435833][ T9207] sk_alloc+0x36/0xc20 [ 255.435847][ T9207] mISDN_sock_create+0x275/0x410 [ 255.435864][ T9207] __sock_create+0x335/0x8d0 [ 255.435887][ T9207] __sys_socket+0x14d/0x260 [ 255.435907][ T9207] ? __pfx___sys_socket+0x10/0x10 [ 255.435926][ T9207] ? xfd_validate_state+0x61/0x180 [ 255.435944][ T9207] ? __task_pid_nr_ns+0x17c/0x500 [ 255.435967][ T9207] __x64_sys_socket+0x72/0xb0 [ 255.435986][ T9207] ? lockdep_hardirqs_on+0x7c/0x110 [ 255.435999][ T9207] do_syscall_64+0xcd/0x490 [ 255.436015][ T9207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.436029][ T9207] RIP: 0033:0x7f16fd18e9a9 [ 255.436040][ T9207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.436054][ T9207] RSP: 002b:00007f16fdff9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 255.436068][ T9207] RAX: ffffffffffffffda RBX: 00007f16fd3b5fa0 RCX: 00007f16fd18e9a9 [ 255.436077][ T9207] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 0000000000000022 [ 255.436086][ T9207] RBP: 00007f16fd210d69 R08: 0000000000000000 R09: 0000000000000000 [ 255.436094][ T9207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.436102][ T9207] R13: 0000000000000000 R14: 00007f16fd3b5fa0 R15: 00007ffcf977c9a8 [ 255.436120][ T9207] [ 255.632487][ C1] vkms_vblank_simulate: vblank timer overrun [ 255.668967][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.682792][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.047675][ T9221] netlink: 20 bytes leftover after parsing attributes in process `syz.0.647'. [ 257.047375][ T9221] hsr_slave_0 (unregistering): left promiscuous mode [ 257.381515][ T9247] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 257.676972][ T9257] random: crng reseeded on system resumption [ 258.010589][ T9266] netlink: 'syz.0.657': attribute type 1 has an invalid length. [ 258.114744][ T9267] netlink: 28 bytes leftover after parsing attributes in process `syz.2.656'. [ 258.206074][ T9267] team0: entered promiscuous mode [ 258.211148][ T9267] team_slave_0: entered promiscuous mode [ 258.239327][ T9273] vivid-007: ================= START STATUS ================= [ 258.252886][ T9273] vivid-007: Generate PTS: true [ 258.263004][ T9273] vivid-007: Generate SCR: true [ 258.267945][ T9273] tpg source WxH: 320x240 (Y'CbCr) [ 258.271219][ T9267] team_slave_1: entered promiscuous mode [ 258.273225][ T9273] tpg field: 1 [ 258.280151][ T9267] team0: entered allmulticast mode [ 258.282740][ T9273] tpg crop: (0,0)/320x240 [ 258.291706][ T9273] tpg compose: (0,0)/320x240 [ 258.296380][ T9273] tpg colorspace: 8 [ 258.301813][ T9273] tpg transfer function: 0/0 [ 258.306586][ T9267] team_slave_0: entered allmulticast mode [ 258.312353][ T9267] team_slave_1: entered allmulticast mode [ 258.323520][ T9273] tpg Y'CbCr encoding: 0/0 [ 258.327959][ T9273] tpg quantization: 0/0 [ 258.380630][ T9273] tpg RGB range: 0/2 [ 258.429206][ T9273] vivid-007: ================== END STATUS ================== [ 258.492977][ T9282] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 258.609415][ T9288] vivid-007: ================= START STATUS ================= [ 258.622228][ T9288] vivid-007: Generate PTS: true [ 258.627397][ T9288] vivid-007: Generate SCR: true [ 258.632908][ T9288] tpg source WxH: 320x240 (Y'CbCr) [ 258.640891][ T9288] tpg field: 1 [ 258.648324][ T9288] tpg crop: (0,0)/320x240 [ 258.666249][ T9288] tpg compose: (0,0)/320x240 [ 258.722177][ T9288] tpg colorspace: 8 [ 258.752752][ T9288] tpg transfer function: 0/0 [ 258.757517][ T9288] tpg Y'CbCr encoding: 0/0 [ 258.771526][ T9288] tpg quantization: 0/0 [ 258.781599][ T9288] tpg RGB range: 0/2 [ 258.822545][ T9288] vivid-007: ================== END STATUS ================== [ 258.874141][ T5860] ================================================================== [ 258.882208][ T5860] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 258.890041][ T5860] Read of size 140 at addr ffffc90004b13000 by task kworker/u9:5/5860 [ 258.898188][ T5860] [ 258.900500][ T5860] CPU: 1 UID: 0 PID: 5860 Comm: kworker/u9:5 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 258.900519][ T5860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 258.900529][ T5860] Workqueue: hci0 hci_devcd_timeout [ 258.900558][ T5860] Call Trace: [ 258.900563][ T5860] [ 258.900569][ T5860] dump_stack_lvl+0x116/0x1f0 [ 258.900585][ T5860] print_report+0xcd/0x630 [ 258.900601][ T5860] ? __virt_addr_valid+0x81/0x610 [ 258.900618][ T5860] ? hci_devcd_dump+0x142/0x240 [ 258.900637][ T5860] kasan_report+0xe0/0x110 [ 258.900652][ T5860] ? hci_devcd_dump+0x142/0x240 [ 258.900673][ T5860] kasan_check_range+0x100/0x1b0 [ 258.900691][ T5860] __asan_memcpy+0x23/0x60 [ 258.900711][ T5860] hci_devcd_dump+0x142/0x240 [ 258.900732][ T5860] hci_devcd_timeout+0xb5/0x2e0 [ 258.900751][ T5860] ? rcu_is_watching+0x12/0xc0 [ 258.900767][ T5860] process_one_work+0x9cc/0x1b70 [ 258.900792][ T5860] ? __pfx_process_one_work+0x10/0x10 [ 258.900815][ T5860] ? assign_work+0x1a0/0x250 [ 258.900835][ T5860] worker_thread+0x6c8/0xf10 [ 258.900859][ T5860] ? __pfx_worker_thread+0x10/0x10 [ 258.900880][ T5860] kthread+0x3c5/0x780 [ 258.900899][ T5860] ? __pfx_kthread+0x10/0x10 [ 258.900919][ T5860] ? rcu_is_watching+0x12/0xc0 [ 258.900932][ T5860] ? __pfx_kthread+0x10/0x10 [ 258.900951][ T5860] ret_from_fork+0x5d4/0x6f0 [ 258.900975][ T5860] ? __pfx_kthread+0x10/0x10 [ 258.900994][ T5860] ret_from_fork_asm+0x1a/0x30 [ 258.901013][ T5860] [ 258.901018][ T5860] [ 259.047641][ T5860] The buggy address belongs to a vmalloc virtual mapping [ 259.054650][ T5860] Memory state around the buggy address: [ 259.060261][ T5860] ffffc90004b12f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 259.068312][ T5860] ffffc90004b12f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 259.076364][ T5860] >ffffc90004b13000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 259.084404][ T5860] ^ [ 259.088450][ T5860] ffffc90004b13080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 259.096494][ T5860] ffffc90004b13100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 259.104577][ T5860] ================================================================== [ 259.115752][ T5860] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 259.122963][ T5860] CPU: 1 UID: 0 PID: 5860 Comm: kworker/u9:5 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) [ 259.135118][ T5860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.145161][ T5860] Workqueue: hci0 hci_devcd_timeout [ 259.150359][ T5860] Call Trace: [ 259.153631][ T5860] [ 259.156549][ T5860] dump_stack_lvl+0x3d/0x1f0 [ 259.161126][ T5860] panic+0x71c/0x800 [ 259.165018][ T5860] ? __pfx_panic+0x10/0x10 [ 259.169428][ T5860] ? mark_held_locks+0x49/0x80 [ 259.174185][ T5860] ? preempt_schedule_thunk+0x16/0x30 [ 259.179549][ T5860] ? hci_devcd_dump+0x142/0x240 [ 259.184398][ T5860] ? preempt_schedule_common+0x44/0xc0 [ 259.189852][ T5860] ? check_panic_on_warn+0x1f/0xb0 [ 259.194958][ T5860] ? hci_devcd_dump+0x142/0x240 [ 259.199802][ T5860] check_panic_on_warn+0xab/0xb0 [ 259.204733][ T5860] end_report+0x107/0x170 [ 259.209054][ T5860] kasan_report+0xee/0x110 [ 259.213475][ T5860] ? hci_devcd_dump+0x142/0x240 [ 259.218328][ T5860] kasan_check_range+0x100/0x1b0 [ 259.223260][ T5860] __asan_memcpy+0x23/0x60 [ 259.227668][ T5860] hci_devcd_dump+0x142/0x240 [ 259.232339][ T5860] hci_devcd_timeout+0xb5/0x2e0 [ 259.237184][ T5860] ? rcu_is_watching+0x12/0xc0 [ 259.241937][ T5860] process_one_work+0x9cc/0x1b70 [ 259.246875][ T5860] ? __pfx_process_one_work+0x10/0x10 [ 259.252245][ T5860] ? assign_work+0x1a0/0x250 [ 259.256830][ T5860] worker_thread+0x6c8/0xf10 [ 259.261436][ T5860] ? __pfx_worker_thread+0x10/0x10 [ 259.266546][ T5860] kthread+0x3c5/0x780 [ 259.270612][ T5860] ? __pfx_kthread+0x10/0x10 [ 259.275198][ T5860] ? rcu_is_watching+0x12/0xc0 [ 259.279953][ T5860] ? __pfx_kthread+0x10/0x10 [ 259.284548][ T5860] ret_from_fork+0x5d4/0x6f0 [ 259.289153][ T5860] ? __pfx_kthread+0x10/0x10 [ 259.293738][ T5860] ret_from_fork_asm+0x1a/0x30 [ 259.298493][ T5860] [ 259.301746][ T5860] Kernel Offset: disabled [ 259.306068][ T5860] Rebooting in 86400 seconds..