last executing test programs: 13.787993875s ago: executing program 2 (id=1993): openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x20300, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00'}) bpf$auto(0x40000000, &(0x7f0000000100)=@iter_create={r1, 0x81}, 0x96) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x92) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) r2 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60000, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r2, &(0x7f0000000100)=""/153, 0x99) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) semget$auto(0x0, 0x13c, 0x1ff) 13.352084321s ago: executing program 1 (id=1994): ioctl$auto_X86_IOC_WRMSR_REGS(0xffffffffffffffff, 0xc02063a1, &(0x7f0000000100)=[0x7acb, 0x6, 0x9, 0xf7e6, 0x4, 0x7f, 0x3, 0x10000001]) unshare$auto(0x40000080) r0 = syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001e00)='/proc/thread-self/uid_map\x00', 0x20000, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x18, r1, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) close_range$auto(0x0, 0xfffffffffffff001, 0x2) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer2\x00', 0x40000, 0x0) socket(0x2, 0x1, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000040), 0x101800, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = setfsuid$auto(0xee00) sendmsg$auto_TIPC_NL_MON_SET(r2, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x264, r0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x24e, 0x7, 0x0, 0x1, [@nested={0x18, 0xc, 0x0, 0x1, [@nested={0x4, 0xd0}, @typed={0x10, 0x12e, 0x0, 0x0, @str='/dev/mixer2\x00'}]}, @generic="f3e43da0374206ba3142d6c5325f9528cca6f03ac2a8fb2e9992039c3e67d584153894021b929bf34135a3c3e4fa35dc02be2897bbc45be6b8e2a42693abd827d87d07d7807ef98c93d7235da065e398c51ee7581a38d1d0e33ed071c8b2697be1a7da17d574d6735fa023ef36e0e56de848977596b30f3f964d2843335244941a8a8ac1735e7ed7193a9c7671caa93d217bfb5a7afb10f1779704c2ecdd09f7d8ec32a3702157066cd4102d28c92da23b1fc1e1ed994067de4407a0192d91243743e263dcf63ba8aedbd4b3c81adc3a162b9e490cd2d7a86f06d8d5b1fb8404032a3955bbf8388bad7ce2be1d9b", @generic="3b228a9ddb66893d17b65c56cc", @generic="b16ab13e70632c4a039960a606b1349576ae9bbce755af162697f432dbf17eb470b603126953a2095f5b8efa07bd747cd9e479a1f055b21aed45ab56c4e843bb75633628130045aea111f1912c65698310025b836093779e5af164d20b219d05a9b8e2ac900803f659e94309966ecd22ba37946cf95227f65e81e7889c6b4de9cfd3f0b050b63f4e351a6cced757eca2b8b47b6e707e31aef61d9f2bd8a88d1551b52ee8888f92a67aeac6917ee09cbe783c5e0bdd217bd66c48301f7572dbaca7e97d924a113a", @typed={0x4, 0x13e}, @nested={0x61, 0xe1, 0x0, 0x1, [@generic="e9af169b87deec27a02bdafd42febd70f43d1157c9db41682eb10dcaea536c16bfa6fe3d6ab5235f5ab25bfeb2a8de068c55d6b0e4edcc510a7a12f3c631d383846e273adc5b2fabbbd4da0cf2", @typed={0x8, 0xcb, 0x0, 0x0, @u32=0x3ff}, @typed={0x8, 0x127, 0x0, 0x0, @uid=r4}]}, @nested={0x8, 0xe1, 0x0, 0x1, [@nested={0x4, 0x3b}]}]}]}, 0x264}}, 0x8040) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r3, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000003680)={0x14, r5, 0x32f, 0x70bd2a, 0x25dfdbff, {0x12, 0x0, 0xf0}}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) r6 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) writev$auto(r6, &(0x7f0000000480)={0x0, 0x5}, 0x3) semctl$auto_SETALL(0x7, 0x10, 0x11, 0x5) 11.128186638s ago: executing program 1 (id=1999): unshare$auto(0x40000080) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) write$auto(r0, 0x0, 0xfff) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) listmount$auto(0x0, &(0x7f00000001c0)=0x4, 0x4, 0x101) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x1842, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu0/hotplug/target\x00', 0x201, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0) init_module$auto(0x0, 0xffff9, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r2) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) 10.442437414s ago: executing program 0 (id=2000): mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x9) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x8, 0x400008, 0x2, 0x111, 0x2, 0x8004) poll$auto(0x0, 0x5, 0x108) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd6\x00', 0x3a3c02, 0x0) close_range$auto(0x2, 0x8, 0x0) 9.718126536s ago: executing program 2 (id=2002): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8080}, 0x24004805) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x31, 0x7f, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x0, 0x800000007ffffffb, 0x5, 0xffffffff80000003, 0x2, 0x60, 0x401}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) write$auto(0xffffffffffffffff, 0x0, 0x2) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x206100, 0x0) epoll_pwait$auto(0xffffffffffffffff, 0x0, 0x9, 0xfffffeff, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) ioctl$auto_BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event\x00', 0xc0b00, 0x0) pread64$auto(r1, 0x0, 0xc404, 0x1000) mmap$auto(0xfffffffffffffff9, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) socket(0x25, 0x1, 0x84) 9.433802416s ago: executing program 1 (id=2003): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyr7\x00', 0x101e83, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x26, 0x80805, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x800000404, 0x8000) socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend\x00', 0x1a1942, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/options/blk_cgname\x00', 0x101, 0x0) writev$auto(r2, &(0x7f0000000280)={0x0, 0x5}, 0x1) setresuid$auto(0x2, 0x7, 0x8080) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x40000000000a5, 0x7ffc) close_range$auto(0xffffffffffffffff, 0x8, 0x400007) socket$nl_generic(0x10, 0x3, 0x10) futex$auto(0x0, 0x6, 0x9, &(0x7f0000000040)={0x2}, 0x0, 0x6) mq_open$auto(0x0, 0x56a, 0xb275, 0x0) 8.858051731s ago: executing program 1 (id=2004): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x23, 0x2, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0) read$auto(r2, 0x0, 0x1f40) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r1) sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x110, r3, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_LBT_MODE={0x5, 0x13, 0x10}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x6}, @NL802154_ATTR_BEACON_INTERVAL={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x7}, @NL802154_ATTR_SEC_KEY={0xd3, 0x30, 0x0, 0x1, [@generic, @generic, @nested={0x4, 0xca}, @generic, @nested={0x10, 0x10c, 0x0, 0x1, [@typed={0x4, 0x12d}, @nested={0x4, 0x86}, @nested={0x4, 0xe}]}, @generic="12a07c246de0ca6b8fdc1d20d32affca8556cae8d29241ab262eb8e9daa3a016192cfaf2ec71c29e8119728d8e1c4060f3e92e3e1c1c5b2e08e92c7637182686b419497f6cab5a957411", @typed={0x8, 0x110, 0x0, 0x0, @u32=0x7d80e6ca}, @generic="294a89507e03413de9bd01b9d731a97494a91b7203108704621fe9c9539ccd6b630f82c0208d0c4d49db3ff9d337c392cdea8efe77af54b124fbb003819169ba526a7ba1235089d00abfffae3142b8c030e63258dacf76398cbfd430a21f7c7be1e0bae79e9adce5f8"]}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}]}, 0x110}, 0x1, 0x0, 0x0, 0x800}, 0x40) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 8.292599075s ago: executing program 0 (id=2006): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x25, 0x805, 0x3) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_system\x00', 0x0, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000003b80)='/proc/cmdline\x00', 0x400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r1, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r1, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1060}, 0x5}, 0x2, 0x100) 7.697049414s ago: executing program 2 (id=2007): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r0, 0x3, 0x1) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="04002bbd7000ffdbdf250500000008000500030000000c0001800800030008"], 0x28}, 0x1, 0x0, 0x0, 0x278e18a297a8387c}, 0x24000802) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x5, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf250300000004000800040003374b0008"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x40040, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0x80003, 0x300) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_TIOCGPTPEER2(0xffffffffffffffff, 0x5441, 0x0) 7.296797611s ago: executing program 2 (id=2008): keyctl$auto(0xf, 0x400, 0x8001, 0x100, 0x3) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000000c0), r0) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x4, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, r3, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r4, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xffffffffffffb8f1, 0x5, 0x3, 0x613, 0xfffffffffffffffa, 0x100000000000006) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r5, &(0x7f0000000040)='//\xf2\x00', 0x80000000) 7.243693026s ago: executing program 3 (id=2009): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x3, 0x10000, 0xf, 0x11, r1, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x9, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/mode\x00', 0x181002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r5, 0x4b47, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r4, 0x8, 0x401, r3, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x27, 0x8}, 0x9) 6.9240531s ago: executing program 0 (id=2010): adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x7, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x141300, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000440)={0xfff, 0x1, 0x1, 0x2, 0x7, 0xffffffffffffffff}) capset$auto(&(0x7f0000000480)={0xc}, &(0x7f0000000780)={0x40, 0xd21, 0x1}) inotify_init1$auto(0x0) connect$auto(0xffffffffffffffff, 0x0, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x7ff) bpf$auto(0x0, 0x0, 0x96) bpf$auto(0x2, 0x0, 0xc) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) fstat$auto(0xffffffffffffffff, 0x0) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x121002, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/rxrpc/calls\x00', 0x40380, 0x0) pread64$auto(r2, 0x0, 0x10001, 0x830) 6.717415707s ago: executing program 3 (id=2011): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket(0x3, 0x3, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000005, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x28800, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) mmap$auto(0xfffffffffffffff9, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) close_range$auto(0x2, 0xa, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) sendfile$auto(r3, r2, 0x0, 0x1000202) 5.060856178s ago: executing program 3 (id=2012): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x29, 0x6, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) getsockopt$auto(r0, 0x84, 0x3, 0x0, &(0x7f0000000040)=0x9000c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, &(0x7f0000000080)="188813ca58a91dd43405568f00ad590483e977bbd6de3afd4524298e6423dddc6507de84e212bffbce67573b18b154b03d0aa6ef186c647f667c1311f7b441", 0x3f) sendmsg$auto_NL80211_CMD_SET_BSS(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4c004) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x568) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/adsp1\x00', 0x141142, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0) 5.06016227s ago: executing program 0 (id=2020): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x06\x00\x00\x00\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x80, 0x20009, 0x4000000000dc, 0xeb1, r1, 0x8000) socket(0x25, 0x5, 0x6) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_XFS_IOC_FSBULKSTAT(r1, 0xc0205865, &(0x7f00000002c0)={0x0, 0x10001, 0x0, &(0x7f0000000280)=0x2}) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) 4.972259469s ago: executing program 1 (id=2013): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000008c0)=""/61, 0x3d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) memfd_create$auto(0x0, 0xe) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000000)='//\xf2\x00', 0x80000000) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r3, 0x5425, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r4, 0x5408, 0x0) 3.09489757s ago: executing program 2 (id=2014): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x981e82, 0x0) socket(0x6, 0x2, 0x80000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) preadv$auto(0xffffffffffffffff, 0x0, 0x8, 0x6, 0x5) getpgid$auto(0x0) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000000), 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x1c, 0x5, 0x7fc, 0x7fb, 0x0}) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000b00), 0xffffffffffffffff) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x44e80, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a2b5ad9df2669e6f9cd2365", 0x19) 2.501265577s ago: executing program 3 (id=2015): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) ioctl$auto(0xffffffffffffffff, 0x400064c8, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) setpriority$auto_PRIO_USER(0x2, 0x0, 0x3) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) futex$auto(0x0, 0x1, 0x3, &(0x7f00000001c0)={0x2, 0x7}, &(0x7f0000000280)=0xc7, 0x2ed4) 1.901403324s ago: executing program 0 (id=2016): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x36200, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) socket(0x2a, 0x2, 0x9) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r2 = open(0x0, 0x2e4041, 0x44) fchdir$auto(r2) mount$auto(0x0, 0x0, 0x0, 0x5, 0x0) umount2$auto(0x0, 0x4) umount2$auto(0x0, 0x4) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r2, 0x0, 0x1) write$auto(r1, &(0x7f0000000100)='/dev/audio1\x00', 0x100000a3d9) ptrace$auto_PTRACE_GETSIGMASK(0x420a, 0x0, 0xe, 0x4) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x80d, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) 1.848643503s ago: executing program 3 (id=2017): rt_sigqueueinfo$auto_SIGCONT(0x0, 0x12, &(0x7f0000000940)={@siginfo_0_0={0x4, 0x8, 0xffff1e3b, @_sigchld={0x0, 0x0, 0x200, 0x8, 0xbb7d}}}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df"], 0x1ac}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) madvise$auto(0x4, 0x10001, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x6) openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x8800, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0) ioctl$auto(r1, 0xc0585611, r1) r2 = socket(0x10, 0x2, 0x6) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x5, 0x400a) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/cpu/vulnerabilities/retbleed\x00', 0x101000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000100)={0x44, r5, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r6}, @NET_SHAPER_A_BURST={0xc, 0x5, 0x7fff}, @NET_SHAPER_A_BW_MAX={0xc, 0x4, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000}, 0x14) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000180)=""/181, 0xb5) 1.748888314s ago: executing program 2 (id=2018): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) madvise$auto(0x0, 0x3, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x1, 0x0) r0 = socket(0x2, 0x1, 0x100) getsockopt$auto(r0, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e) getsockopt$auto_SO_ERROR(r0, 0x6, 0x4, 0x0, 0x0) setsockopt$auto_SO_DEBUG(r0, 0x40, 0x1, 0x0, 0x10000) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0xffffffffffffffff, 0x110, 0x5, 0x0, 0x4) ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram8/trace/pid\x00', 0x101042, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000240)={0x1, 0x81, 0x5b, 0x4, &(0x7f0000000000), 0x9, 0xeb90, 0x2, @stream_id=0x100, 0x7, 0x476, 0x0}) close_range$auto(0x2, 0x8, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) pwritev$auto(r1, &(0x7f0000000080)={&(0x7f0000000480)="6d6bbab4a82d0511db0df3081afc5ec9b3082f140d12f5249f931f5814155ed5e8e7b12c78ad0b2d2ec318f1e47e9c839d1be2c30e73d1e38fe63b4c1eb35accc8cb6f665b98b6ed67d477195e7eaea0f0964795b2deed4b994618ebddad21d0bd2e866e3741316daaf411621e8405e9a2dda800f98e8fdc9480a0f23626355e72fe64b7d5f9f488c398301b8ca1b25a927981944c23695573b50c53e95f3c427b33156a2c1ee066836c177644e6d38f6391b7db728d019672de9810626249cb7664d3972fa306a793e37afa1159720a371f0e4207a4a5a182971e7a9bae", 0x7}, 0xffffffff80000001, 0x100, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x121002, 0x0) 1.194004755s ago: executing program 3 (id=2019): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(r0, 0x6) open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) mmap$auto(0x3, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x1a3200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x3c, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000200), r2) r6 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) kcmp$auto(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x38, r6, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x1020}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x9}]}, 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) 482.388981ms ago: executing program 0 (id=2021): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x48080) socket(0xa, 0x1, 0x84) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) socket(0x2, 0x5, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dmmidi2\x00', 0x101, 0x0) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x3, 0xa00006, 0x4, 0x40eb1, 0x602, 0x300000000000) ioprio_set$auto(0x2, 0x0, 0x208) 0s ago: executing program 1 (id=2022): close_range$auto(0x2, 0xa, 0x0) unshare$auto(0x40000080) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x105240, 0x0) r0 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r0, 0x0, 0x8fb5) sysfs$auto(0x100000e, 0x4, 0x7d) ioctl$auto(0x3, 0x541b, 0x10000000000402) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) socketpair$auto(0x2, 0xc62, 0x8000000000000000, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4611, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mlock$auto(0xfbe8, 0x1000000000000004) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x22202, 0x0) write$auto_tty_fops_tty_io(r2, 0x0, 0x0) kernel console output (not intermixed with test programs): a0 RCX: 00007faf1c98e9a9 [ 413.405309][T10251] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 413.405323][T10251] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 413.405337][T10251] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000000 [ 413.405350][T10251] R13: 0000000000000000 R14: 00007faf1cbb5fa0 R15: 00007ffc0f874328 [ 413.405379][T10251] [ 414.612101][T10257] random: crng reseeded on system resumption [ 414.661420][ T9475] ERROR: Out of memory at tomoyo_memory_ok. [ 414.685784][ T12] ERROR: Out of memory at tomoyo_memory_ok. [ 414.948786][T10258] Unrecognized hibernate image header format! [ 414.963920][T10258] PM: hibernation: Image mismatch: architecture specific data [ 415.275652][T10266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1142'. [ 415.297180][T10266] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1142'. [ 415.613430][T10274] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1144'. [ 415.818261][T10268] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 415.862396][ T5200] ERROR: Out of memory at tomoyo_memory_ok. [ 415.892057][T10270] program syz.1.1143 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 416.228559][T10284] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 418.520658][T10311] FAULT_INJECTION: forcing a failure. [ 418.520658][T10311] name failslab, interval 1, probability 0, space 0, times 0 [ 418.556659][T10311] CPU: 0 UID: 0 PID: 10311 Comm: syz.0.1154 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 418.556710][T10311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 418.556730][T10311] Call Trace: [ 418.556741][T10311] [ 418.556755][T10311] dump_stack_lvl+0x16c/0x1f0 [ 418.556804][T10311] should_fail_ex+0x512/0x640 [ 418.556839][T10311] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 418.556899][T10311] should_failslab+0xc2/0x120 [ 418.556940][T10311] __kmalloc_cache_noprof+0x6a/0x3e0 [ 418.556995][T10311] ? snd_timer_user_open+0x6b/0x180 [ 418.557044][T10311] ? __pfx_snd_timer_user_open+0x10/0x10 [ 418.557092][T10311] snd_timer_user_open+0x6b/0x180 [ 418.557139][T10311] snd_open+0x1fe/0x450 [ 418.557179][T10311] ? __pfx_snd_open+0x10/0x10 [ 418.557217][T10311] chrdev_open+0x231/0x6a0 [ 418.557253][T10311] ? __pfx_apparmor_file_open+0x10/0x10 [ 418.557308][T10311] ? __pfx_chrdev_open+0x10/0x10 [ 418.557348][T10311] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 418.557410][T10311] do_dentry_open+0x744/0x1c10 [ 418.557445][T10311] ? __pfx_chrdev_open+0x10/0x10 [ 418.557492][T10311] vfs_open+0x82/0x3f0 [ 418.557541][T10311] path_openat+0x1de4/0x2cb0 [ 418.557588][T10311] ? __pfx_path_openat+0x10/0x10 [ 418.557624][T10311] ? __lock_acquire+0xb8a/0x1c90 [ 418.557677][T10311] do_filp_open+0x20b/0x470 [ 418.557712][T10311] ? __pfx_do_filp_open+0x10/0x10 [ 418.557792][T10311] ? alloc_fd+0x471/0x7d0 [ 418.557860][T10311] do_sys_openat2+0x11b/0x1d0 [ 418.557905][T10311] ? __pfx_do_sys_openat2+0x10/0x10 [ 418.557967][T10311] __x64_sys_openat+0x174/0x210 [ 418.558014][T10311] ? __pfx___x64_sys_openat+0x10/0x10 [ 418.558078][T10311] do_syscall_64+0xcd/0x490 [ 418.558117][T10311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.558152][T10311] RIP: 0033:0x7ff348b8e9a9 [ 418.558180][T10311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.558214][T10311] RSP: 002b:00007ff349a86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 418.558246][T10311] RAX: ffffffffffffffda RBX: 00007ff348db5fa0 RCX: 00007ff348b8e9a9 [ 418.558268][T10311] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 418.558290][T10311] RBP: 00007ff348c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 418.558310][T10311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 418.558331][T10311] R13: 0000000000000000 R14: 00007ff348db5fa0 R15: 00007ffffb53efc8 [ 418.558373][T10311] [ 419.039866][T10313] [U] [ 419.042773][T10313] [U] [ 419.045533][T10313] [U] [ 419.048569][T10313] [U] [ 419.094901][T10313] [U] [ 419.097718][T10313] [U] [ 419.100478][T10313] [U] [ 419.103243][T10313] [U] [ 419.138577][T10313] [U] [ 419.141379][T10313] [U] [ 419.144161][T10313] [U] [ 419.146934][T10313] [U] [ 419.231800][T10313] [U] [ 419.234631][T10313] [U] [ 419.237421][T10313] [U] [ 419.240185][T10313] [U] [ 419.254071][T10317] ALSA: mixer_oss: invalid OSS volume '' [ 419.324005][T10313] [U] [ 419.326819][T10313] [U] [ 419.329584][T10313] [U] [ 419.332347][T10313] [U] [ 419.511686][T10313] [U] [ 423.067602][T10367] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1167'. [ 423.313810][T10375] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 425.558130][T10409] FAULT_INJECTION: forcing a failure. [ 425.558130][T10409] name failslab, interval 1, probability 0, space 0, times 0 [ 425.590729][T10409] CPU: 0 UID: 0 PID: 10409 Comm: syz.1.1176 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 425.590777][T10409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 425.590797][T10409] Call Trace: [ 425.590808][T10409] [ 425.590821][T10409] dump_stack_lvl+0x16c/0x1f0 [ 425.590860][T10409] should_fail_ex+0x512/0x640 [ 425.590893][T10409] ? __kmalloc_noprof+0xbf/0x510 [ 425.590930][T10409] ? xfrm_hash_alloc+0xd1/0x100 [ 425.590979][T10409] should_failslab+0xc2/0x120 [ 425.591016][T10409] __kmalloc_noprof+0xd2/0x510 [ 425.591050][T10409] ? xfrm_nat_keepalive_net_init+0xe1/0x140 [ 425.591095][T10409] ? __pfx_xfrm_net_init+0x10/0x10 [ 425.591127][T10409] xfrm_hash_alloc+0xd1/0x100 [ 425.591178][T10409] xfrm_state_init+0xdd/0x630 [ 425.591237][T10409] ? __pfx_xfrm_net_init+0x10/0x10 [ 425.591266][T10409] xfrm_net_init+0x210/0xcc0 [ 425.591305][T10409] ? __pfx_xfrm_net_init+0x10/0x10 [ 425.591336][T10409] ops_init+0x1df/0x5f0 [ 425.591379][T10409] setup_net+0x1ff/0x510 [ 425.591431][T10409] ? lockdep_init_map_type+0x5c/0x280 [ 425.591484][T10409] ? __pfx_setup_net+0x10/0x10 [ 425.591527][T10409] ? debug_mutex_init+0x37/0x70 [ 425.591565][T10409] copy_net_ns+0x2a6/0x5f0 [ 425.591613][T10409] create_new_namespaces+0x3ea/0xa90 [ 425.591663][T10409] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 425.591705][T10409] ksys_unshare+0x45b/0xa40 [ 425.591751][T10409] ? __pfx_ksys_unshare+0x10/0x10 [ 425.591800][T10409] ? xfd_validate_state+0x61/0x180 [ 425.591857][T10409] __x64_sys_unshare+0x31/0x40 [ 425.591904][T10409] do_syscall_64+0xcd/0x490 [ 425.591943][T10409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.591976][T10409] RIP: 0033:0x7faf1c98e9a9 [ 425.592003][T10409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.592036][T10409] RSP: 002b:00007faf1d72e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 425.592067][T10409] RAX: ffffffffffffffda RBX: 00007faf1cbb5fa0 RCX: 00007faf1c98e9a9 [ 425.592088][T10409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 425.592109][T10409] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 425.592128][T10409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 425.592148][T10409] R13: 0000000000000000 R14: 00007faf1cbb5fa0 R15: 00007ffc0f874328 [ 425.592188][T10409] syzkaller syzkaller login: [ 426.416511][T10425] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1181'. [ 426.484516][T10427] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1180'. [ 426.664525][T10427] : renamed from hsr0 (while UP) [ 427.191441][T10435] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1183'. [ 427.388405][T10437] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 428.402878][T10446] binder: BINDER_SET_CONTEXT_MGR already set [ 428.425001][T10446] binder: 10445:10446 ioctl 40046207 0 returned -16 [ 428.716008][T10458] FAULT_INJECTION: forcing a failure. [ 428.716008][T10458] name failslab, interval 1, probability 0, space 0, times 0 [ 428.737836][T10458] CPU: 0 UID: 0 PID: 10458 Comm: syz.0.1189 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 428.737883][T10458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 428.737901][T10458] Call Trace: [ 428.737909][T10458] [ 428.737920][T10458] dump_stack_lvl+0x16c/0x1f0 [ 428.737953][T10458] should_fail_ex+0x512/0x640 [ 428.737980][T10458] ? __kmalloc_noprof+0xbf/0x510 [ 428.738009][T10458] ? xfrm_hash_alloc+0xd1/0x100 [ 428.738048][T10458] should_failslab+0xc2/0x120 [ 428.738102][T10458] __kmalloc_noprof+0xd2/0x510 [ 428.738134][T10458] ? xfrm_nat_keepalive_net_init+0xe1/0x140 [ 428.738175][T10458] ? __pfx_xfrm_net_init+0x10/0x10 [ 428.738205][T10458] xfrm_hash_alloc+0xd1/0x100 [ 428.738254][T10458] xfrm_state_init+0xdd/0x630 [ 428.738309][T10458] ? __pfx_xfrm_net_init+0x10/0x10 [ 428.738348][T10458] xfrm_net_init+0x210/0xcc0 [ 428.738382][T10458] ? __pfx_xfrm_net_init+0x10/0x10 [ 428.738408][T10458] ops_init+0x1df/0x5f0 [ 428.738446][T10458] setup_net+0x1ff/0x510 [ 428.738477][T10458] ? lockdep_init_map_type+0x5c/0x280 [ 428.738519][T10458] ? __pfx_setup_net+0x10/0x10 [ 428.738554][T10458] ? debug_mutex_init+0x37/0x70 [ 428.738586][T10458] copy_net_ns+0x2a6/0x5f0 [ 428.738625][T10458] create_new_namespaces+0x3ea/0xa90 [ 428.738665][T10458] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 428.738701][T10458] ksys_unshare+0x45b/0xa40 [ 428.738739][T10458] ? __pfx_ksys_unshare+0x10/0x10 [ 428.738779][T10458] ? xfd_validate_state+0x61/0x180 [ 428.738826][T10458] __x64_sys_unshare+0x31/0x40 [ 428.738879][T10458] do_syscall_64+0xcd/0x490 [ 428.738912][T10458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.738938][T10458] RIP: 0033:0x7ff348b8e9a9 [ 428.738959][T10458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.738986][T10458] RSP: 002b:00007ff349a86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 428.739011][T10458] RAX: ffffffffffffffda RBX: 00007ff348db5fa0 RCX: 00007ff348b8e9a9 [ 428.739029][T10458] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 428.739045][T10458] RBP: 00007ff348c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 428.739062][T10458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.739078][T10458] R13: 0000000000000000 R14: 00007ff348db5fa0 R15: 00007ffffb53efc8 [ 428.739111][T10458] [ 429.816188][T10472] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1191'. [ 431.894235][T10484] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1193'. [ 434.913892][ T5856] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 435.225509][T10532] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1203'. [ 439.499566][T10569] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1211'. [ 440.806291][T10585] Falling back ldisc for pty66. [ 442.380862][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 962 with max blocks 5 with error 117 [ 442.402133][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 442.402133][ T36] [ 443.550779][T10610] binder: BINDER_SET_CONTEXT_MGR already set [ 443.557072][T10610] binder: 10609:10610 ioctl 40046207 0 returned -16 [ 443.664379][T10622] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1225'. [ 443.926365][T10628] syz.0.1226: vmalloc error: size 8192, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 444.005256][T10628] CPU: 1 UID: 0 PID: 10628 Comm: syz.0.1226 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 444.005307][T10628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 444.005329][T10628] Call Trace: [ 444.005339][T10628] [ 444.005351][T10628] dump_stack_lvl+0x16c/0x1f0 [ 444.005393][T10628] warn_alloc+0x248/0x3a0 [ 444.005429][T10628] ? __pfx_warn_alloc+0x10/0x10 [ 444.005465][T10628] ? alloc_pages_mpol+0x25a/0x550 [ 444.005506][T10628] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 444.005608][T10628] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 444.005676][T10628] ? kernel_clone+0xfc/0x960 [ 444.005731][T10628] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 444.005798][T10628] ? kernel_clone+0xfc/0x960 [ 444.005840][T10628] __vmalloc_node_noprof+0xad/0xf0 [ 444.005900][T10628] ? kernel_clone+0xfc/0x960 [ 444.005949][T10628] copy_process+0x2c70/0x7650 [ 444.005992][T10628] ? preempt_schedule_thunk+0x16/0x30 [ 444.006053][T10628] ? __pfx_copy_process+0x10/0x10 [ 444.006098][T10628] ? find_held_lock+0x2b/0x80 [ 444.006140][T10628] ? wake_up_q+0xb0/0x160 [ 444.006170][T10628] ? do_raw_spin_unlock+0x172/0x230 [ 444.006234][T10628] kernel_clone+0xfc/0x960 [ 444.006279][T10628] ? __pfx_futex_wake+0x10/0x10 [ 444.006327][T10628] ? __pfx_kernel_clone+0x10/0x10 [ 444.006369][T10628] ? __pfx_vfs_writev+0x10/0x10 [ 444.006444][T10628] __do_sys_clone+0xce/0x120 [ 444.006489][T10628] ? __pfx___do_sys_clone+0x10/0x10 [ 444.006553][T10628] ? xfd_validate_state+0x61/0x180 [ 444.006599][T10628] ? __pfx_do_writev+0x10/0x10 [ 444.006665][T10628] do_syscall_64+0xcd/0x490 [ 444.006704][T10628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.006739][T10628] RIP: 0033:0x7ff348b8e9a9 [ 444.006767][T10628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.006811][T10628] RSP: 002b:00007ff349a64fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 444.006849][T10628] RAX: ffffffffffffffda RBX: 00007ff348db6080 RCX: 00007ff348b8e9a9 [ 444.006871][T10628] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000100000 [ 444.006892][T10628] RBP: 00007ff348c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 444.006912][T10628] R10: 00002000000001c0 R11: 0000000000000206 R12: 0000000000000000 [ 444.006933][T10628] R13: 0000000000000000 R14: 00007ff348db6080 R15: 00007ffffb53efc8 [ 444.006975][T10628] [ 444.006988][T10628] Mem-Info: [ 444.327285][T10628] active_anon:7936 inactive_anon:24078 isolated_anon:0 [ 444.327285][T10628] active_file:17483 inactive_file:39376 isolated_file:0 [ 444.327285][T10628] unevictable:768 dirty:314 writeback:0 [ 444.327285][T10628] slab_reclaimable:10673 slab_unreclaimable:94762 [ 444.327285][T10628] mapped:26552 shmem:19454 pagetables:1189 [ 444.327285][T10628] sec_pagetables:0 bounce:0 [ 444.327285][T10628] kernel_misc_reclaimable:0 [ 444.327285][T10628] free:1284403 free_pcp:22512 free_cma:0 [ 444.402928][T10628] Node 0 active_anon:31744kB inactive_anon:96112kB active_file:69924kB inactive_file:157376kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:106204kB dirty:1256kB writeback:0kB shmem:76080kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11228kB pagetables:4600kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 444.526193][T10628] Node 1 active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:136kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 444.678028][T10628] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 444.745957][T10628] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 444.762902][T10628] Node 0 DMA32 free:1235608kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31700kB inactive_anon:92112kB active_file:68772kB inactive_file:157208kB unevictable:1536kB writepending:1456kB present:3129332kB managed:2540444kB mlocked:0kB bounce:0kB free_pcp:54352kB local_pcp:23688kB free_cma:0kB [ 444.796147][T10628] lowmem_reserve[]: 0 0 1 1 1 [ 444.801142][T10628] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1152kB inactive_file:168kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 444.859747][T10628] lowmem_reserve[]: 0 0 0 0 0 [ 444.864968][T10628] Node 1 Normal free:3887428kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:34980kB local_pcp:26796kB free_cma:0kB [ 444.897657][T10628] lowmem_reserve[]: 0 0 0 0 0 [ 444.906822][T10628] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 444.922230][T10628] Node 0 DMA32: 7009*4kB (UME) 2402*8kB (UME) 1318*16kB (UME) 966*32kB (UME) 430*64kB (UME) 453*128kB (UME) 181*256kB (UME) 85*512kB (UM) 40*1024kB (UME) 5*2048kB (UME) 223*4096kB (UM) = 1239220kB [ 444.942504][T10628] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 445.115119][T10628] Node 1 Normal: 216*4kB (UME) 57*8kB (UM) 41*16kB (UME) 162*32kB (UE) 54*64kB (UME) 12*128kB (UME) 0*256kB 3*512kB (UM) 3*1024kB (ME) 2*2048kB (UE) 944*4096kB (M) = 3887480kB [ 445.238295][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.244833][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.294105][T10628] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 445.359366][T10628] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=1 hugepages_size=2048kB [ 445.637993][T10628] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 445.734276][T10628] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 445.803721][T10628] 76414 total pagecache pages [ 445.846672][T10628] 32 pages in swap cache [ 445.851094][T10628] Free swap = 124940kB [ 445.905034][T10628] Total swap = 124996kB [ 445.924098][T10653] ERROR: Out of memory at tomoyo_memory_ok. [ 445.925549][T10628] 2097051 pages RAM [ 445.953962][T10628] 0 pages HighMem/MovableOnly [ 445.974709][T10628] 429962 pages reserved [ 445.978957][T10628] 0 pages cma reserved [ 446.005108][T10653] FAULT_INJECTION: forcing a failure. [ 446.005108][T10653] name failslab, interval 1, probability 0, space 0, times 0 [ 446.063018][T10653] CPU: 1 UID: 0 PID: 10653 Comm: syz.1.1234 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 446.063069][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 446.063090][T10653] Call Trace: [ 446.063102][T10653] [ 446.063115][T10653] dump_stack_lvl+0x16c/0x1f0 [ 446.063156][T10653] should_fail_ex+0x512/0x640 [ 446.063190][T10653] ? fs_reclaim_acquire+0xae/0x150 [ 446.063242][T10653] should_failslab+0xc2/0x120 [ 446.063281][T10653] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 446.063318][T10653] ? security_inode_alloc+0x3b/0x2b0 [ 446.063369][T10653] security_inode_alloc+0x3b/0x2b0 [ 446.063426][T10653] inode_init_always_gfp+0xce4/0x1030 [ 446.063491][T10653] alloc_inode+0x86/0x240 [ 446.063534][T10653] new_inode+0x22/0x1c0 [ 446.063580][T10653] __debugfs_create_file+0x11c/0x6b0 [ 446.063640][T10653] debugfs_create_file_full+0x41/0x60 [ 446.063701][T10653] kvm_arch_create_vcpu_debugfs+0x34/0x160 [ 446.063749][T10653] kvm_vm_ioctl+0x3154/0x3dd0 [ 446.063821][T10653] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 446.063900][T10653] ? kasan_quarantine_put+0x10a/0x240 [ 446.063932][T10653] ? lockdep_hardirqs_on+0x7c/0x110 [ 446.063969][T10653] ? find_held_lock+0x2b/0x80 [ 446.064005][T10653] ? tomoyo_path_number_perm+0x295/0x580 [ 446.064063][T10653] ? tomoyo_path_number_perm+0x18d/0x580 [ 446.064116][T10653] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 446.064165][T10653] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 446.064221][T10653] ? do_vfs_ioctl+0x523/0x1a60 [ 446.064269][T10653] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 446.064346][T10653] ? find_held_lock+0x2b/0x80 [ 446.064380][T10653] ? hook_file_ioctl_common+0x145/0x410 [ 446.064453][T10653] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 446.064510][T10653] __x64_sys_ioctl+0x18e/0x210 [ 446.064561][T10653] do_syscall_64+0xcd/0x490 [ 446.064600][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.064634][T10653] RIP: 0033:0x7faf1c98e9a9 [ 446.064662][T10653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.064696][T10653] RSP: 002b:00007faf1d72e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 446.064728][T10653] RAX: ffffffffffffffda RBX: 00007faf1cbb5fa0 RCX: 00007faf1c98e9a9 [ 446.064751][T10653] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 446.064771][T10653] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 446.064792][T10653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.064813][T10653] R13: 0000000000000000 R14: 00007faf1cbb5fa0 R15: 00007ffc0f874328 [ 446.064856][T10653] [ 446.064895][T10653] debugfs: out of free dentries, can not create file 'guest_mode' [ 447.173980][T10669] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1237'. [ 447.462803][T10669] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 447.695242][T10677] input: jJǸ-9%vJ86 as /devices/virtual/input/input13 [ 447.725712][ T5200] ERROR: Out of memory at tomoyo_memory_ok. [ 453.303271][T10729] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1251'. [ 453.420386][T10729] ipvlan1: entered allmulticast mode [ 453.480941][T10729] veth0_vlan: entered allmulticast mode [ 458.659694][ T30] audit: type=1804 audit(6048582059.129:19): pid=10788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1263" name="/newroot/319/file0" dev="tmpfs" ino=1705 res=1 errno=0 [ 459.671684][T10813] can0: slcan on ptm1. [ 460.235317][T10812] can0 (unregistered): slcan off ptm1. [ 460.773384][T10829] FAULT_INJECTION: forcing a failure. [ 460.773384][T10829] name failslab, interval 1, probability 0, space 0, times 0 [ 460.791139][T10835] syz.1.1269: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 460.847415][T10829] CPU: 1 UID: 0 PID: 10829 Comm: syz.2.1270 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 460.847463][T10829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 460.847483][T10829] Call Trace: [ 460.847494][T10829] [ 460.847507][T10829] dump_stack_lvl+0x16c/0x1f0 [ 460.847546][T10829] should_fail_ex+0x512/0x640 [ 460.847580][T10829] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 460.847618][T10829] should_failslab+0xc2/0x120 [ 460.847656][T10829] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 460.847691][T10829] ? alloc_empty_file+0x55/0x1e0 [ 460.847738][T10829] alloc_empty_file+0x55/0x1e0 [ 460.847781][T10829] path_openat+0xda/0x2cb0 [ 460.847810][T10829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.847857][T10829] ? __pfx_path_openat+0x10/0x10 [ 460.847892][T10829] ? __lock_acquire+0xb8a/0x1c90 [ 460.847943][T10829] do_filp_open+0x20b/0x470 [ 460.847974][T10829] ? __pfx_do_filp_open+0x10/0x10 [ 460.848035][T10829] ? alloc_fd+0x471/0x7d0 [ 460.848109][T10829] do_sys_openat2+0x11b/0x1d0 [ 460.848178][T10829] ? __pfx_do_sys_openat2+0x10/0x10 [ 460.848225][T10829] ? __do_sys_capset+0xf9/0x460 [ 460.848270][T10829] __x64_sys_openat+0x174/0x210 [ 460.848315][T10829] ? __pfx___x64_sys_openat+0x10/0x10 [ 460.848375][T10829] do_syscall_64+0xcd/0x490 [ 460.848412][T10829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.848445][T10829] RIP: 0033:0x7f619e78e9a9 [ 460.848471][T10829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.848503][T10829] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 460.848534][T10829] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 460.848555][T10829] RDX: 0000000000101840 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 460.848576][T10829] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 460.848596][T10829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.848615][T10829] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 460.848656][T10829] [ 460.892956][T10835] CPU: 0 UID: 0 PID: 10835 Comm: syz.1.1269 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 460.893011][T10835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 460.893033][T10835] Call Trace: [ 460.893046][T10835] [ 460.893058][T10835] dump_stack_lvl+0x16c/0x1f0 [ 460.893102][T10835] warn_alloc+0x248/0x3a0 [ 460.893142][T10835] ? __pfx_warn_alloc+0x10/0x10 [ 460.893184][T10835] ? alloc_pages_mpol+0x25a/0x550 [ 460.893230][T10835] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 460.893292][T10835] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 460.893398][T10835] ? kernel_clone+0xfc/0x960 [ 460.893462][T10835] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 460.893542][T10835] ? kernel_clone+0xfc/0x960 [ 460.893588][T10835] __vmalloc_node_noprof+0xad/0xf0 [ 460.893644][T10835] ? kernel_clone+0xfc/0x960 [ 460.893697][T10835] copy_process+0x2c70/0x7650 [ 460.893745][T10835] ? __pfx___futex_wait+0x10/0x10 [ 460.893799][T10835] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 460.893877][T10835] ? __pfx_copy_process+0x10/0x10 [ 460.893926][T10835] ? find_held_lock+0x2b/0x80 [ 460.893994][T10835] kernel_clone+0xfc/0x960 [ 460.894044][T10835] ? __pfx_kernel_clone+0x10/0x10 [ 460.894116][T10835] __do_sys_clone+0xce/0x120 [ 460.894162][T10835] ? __pfx___do_sys_clone+0x10/0x10 [ 460.894231][T10835] ? xfd_validate_state+0x61/0x180 [ 460.894279][T10835] ? __pfx_do_writev+0x10/0x10 [ 460.894349][T10835] do_syscall_64+0xcd/0x490 [ 460.894399][T10835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.894437][T10835] RIP: 0033:0x7faf1c98e9a9 [ 460.894465][T10835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.894500][T10835] RSP: 002b:00007faf1a7d4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 460.894546][T10835] RAX: ffffffffffffffda RBX: 00007faf1cbb6160 RCX: 00007faf1c98e9a9 [ 460.894570][T10835] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000100000 [ 460.894609][T10835] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 460.894633][T10835] R10: 00002000000001c0 R11: 0000000000000206 R12: 0000000000000000 [ 460.894657][T10835] R13: 0000000000000000 R14: 00007faf1cbb6160 R15: 00007ffc0f874328 [ 460.894703][T10835] [ 460.894714][T10835] Mem-Info: [ 461.414064][T10835] active_anon:8435 inactive_anon:39604 isolated_anon:0 [ 461.414064][T10835] active_file:21630 inactive_file:39392 isolated_file:0 [ 461.414064][T10835] unevictable:768 dirty:753 writeback:0 [ 461.414064][T10835] slab_reclaimable:11094 slab_unreclaimable:95466 [ 461.414064][T10835] mapped:35809 shmem:35568 pagetables:1362 [ 461.414064][T10835] sec_pagetables:0 bounce:0 [ 461.414064][T10835] kernel_misc_reclaimable:0 [ 461.414064][T10835] free:1270693 free_pcp:15206 free_cma:0 [ 461.695321][T10835] Node 0 active_anon:33740kB inactive_anon:161416kB active_file:83612kB inactive_file:157440kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:127432kB dirty:3012kB writeback:0kB shmem:144736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11284kB pagetables:4988kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 461.774428][T10835] Node 1 active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:136kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 461.959422][T10835] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 462.144230][T10835] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 462.150168][T10835] Node 0 DMA32 free:1174220kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33712kB inactive_anon:170328kB active_file:80868kB inactive_file:153292kB unevictable:1536kB writepending:3024kB present:3129332kB managed:2540444kB mlocked:0kB bounce:0kB free_pcp:32096kB local_pcp:7764kB free_cma:0kB [ 462.368437][T10857] ima: policy update failed [ 462.377293][T10857] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1274'. [ 462.388845][ T30] audit: type=1802 audit(6048582062.849:20): pid=10857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1274" res=0 errno=0 [ 462.452076][T10835] lowmem_reserve[]: 0 0 1 1 1 [ 462.492719][T10835] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1208kB inactive_file:112kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 462.705000][T10835] lowmem_reserve[]: 0 0 0 0 0 [ 462.810110][T10835] Node 1 Normal free:3888264kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:34196kB local_pcp:27060kB free_cma:0kB [ 462.936572][T10835] lowmem_reserve[]: 0 0 0 0 0 [ 463.009807][T10835] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 463.103886][T10835] Node 0 DMA32: 692*4kB (UM) 1135*8kB (UE) 931*16kB (UME) 470*32kB (UME) 217*64kB (UE) 326*128kB (UM) 184*256kB (UME) 85*512kB (UM) 40*1024kB (UME) 4*2048kB (UME) 223*4096kB (UM) = 1150584kB [ 463.193082][T10835] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 463.245547][T10835] Node 1 Normal: 218*4kB (UME) 58*8kB (UM) 41*16kB (UME) 172*32kB (UME) 65*64kB (UME) 12*128kB (UME) 1*256kB (M) 2*512kB (UM) 3*1024kB (ME) 2*2048kB (UE) 944*4096kB (M) = 3888264kB [ 463.372966][T10835] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 463.385083][T10835] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=1 hugepages_size=2048kB [ 463.394606][T10835] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 463.406321][T10835] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 463.415898][T10835] 99931 total pagecache pages [ 463.420832][T10835] 9 pages in swap cache [ 463.429716][T10835] Free swap = 124940kB [ 463.436388][T10835] Total swap = 124996kB [ 463.471780][T10835] 2097051 pages RAM [ 463.487705][T10835] 0 pages HighMem/MovableOnly [ 463.514360][T10835] 429962 pages reserved [ 463.529021][T10835] 0 pages cma reserved [ 464.998393][T10889] netlink: 'syz.2.1281': attribute type 1 has an invalid length. [ 465.248131][T10893] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 467.576560][T10923] ubi0: attaching mtd0 [ 467.585638][T10923] ubi0: scanning is finished [ 467.590453][T10923] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 467.844289][T10923] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 470.780253][T10969] can0: slcan on ttyS2. [ 470.942934][T10973] can0 (unregistered): slcan off ttyS2. [ 472.707802][T11008] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1303'. [ 472.799713][T11008] ipvlan1: entered allmulticast mode [ 472.842920][T11008] veth0_vlan: entered allmulticast mode [ 477.100457][T11067] Invalid ELF header magic: != ELF [ 478.604251][ T30] audit: type=1804 audit(6048582079.079:21): pid=11084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1318" name="/newroot/329/file0" dev="tmpfs" ino=1760 res=1 errno=0 [ 478.728298][ T30] audit: type=1800 audit(6048582079.079:22): pid=11084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1318" name="file0" dev="tmpfs" ino=1760 res=0 errno=0 [ 479.657773][T11087] mkiss: ax0: crc mode is auto. [ 480.444306][T11120] HfR: entered promiscuous mode [ 480.697555][T11120] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1329'. [ 480.730904][T11120] HfR: left promiscuous mode [ 483.934848][T11182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1335'. [ 484.409268][T11184] random: crng reseeded on system resumption [ 484.450394][ T13] ERROR: Out of memory at tomoyo_memory_ok. [ 484.489260][ T37] ERROR: Out of memory at tomoyo_memory_ok. [ 484.682312][T11194] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input14 [ 484.706400][ T5200] ERROR: Out of memory at tomoyo_memory_ok. [ 485.791339][T11209] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1344'. [ 486.101877][T11213] ubi0: attaching mtd0 [ 486.114666][T11213] ubi0: scanning is finished [ 486.119402][T11213] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 486.443199][T11213] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 487.686778][T11234] ALSA: mixer_oss: invalid OSS volume '' [ 488.164921][T11240] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1351'. [ 488.206259][T11240] hsr_slave_1: left promiscuous mode [ 489.650850][T11257] Invalid ELF header magic: != ELF [ 490.022408][T11257] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1355'. [ 491.692829][ T30] audit: type=1804 audit(4294967308.370:23): pid=11278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1360" name="/newroot/359/file0" dev="tmpfs" ino=1909 res=1 errno=0 [ 491.991294][T11293] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 493.323787][T11310] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1367'. [ 493.898407][T11324] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1372'. [ 494.663745][T11337] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1376'. [ 496.697464][ T30] audit: type=1804 audit(4294967313.380:24): pid=11360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1384" name="/newroot/365/file0" dev="tmpfs" ino=1943 res=1 errno=0 [ 496.811001][ T30] audit: type=1800 audit(4294967313.380:25): pid=11360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1384" name="file0" dev="tmpfs" ino=1943 res=0 errno=0 [ 497.261686][T11367] kexec: Could not allocate control_code_buffer [ 498.545781][T11388] openvswitch: netlink: IPv4 tunnel dst address is zero [ 499.156742][T11397] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1391'. [ 499.186241][T11397] HfR: left promiscuous mode [ 499.511255][T11384] kexec: Could not allocate control_code_buffer [ 500.779920][T11418] netlink: 'syz.0.1398': attribute type 1 has an invalid length. [ 501.472952][ T30] audit: type=1800 audit(4294967318.140:26): pid=11422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1407" name="discovery_nqn" dev="configfs" ino=31038 res=0 errno=0 [ 504.695343][T11458] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1410'. [ 504.703904][T11454] FAULT_INJECTION: forcing a failure. [ 504.703904][T11454] name failslab, interval 1, probability 0, space 0, times 0 [ 504.721131][T11458] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1410'. [ 504.742906][T11454] CPU: 1 UID: 0 PID: 11454 Comm: syz.2.1408 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 504.742954][T11454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 504.742976][T11454] Call Trace: [ 504.742988][T11454] [ 504.743001][T11454] dump_stack_lvl+0x16c/0x1f0 [ 504.743042][T11454] should_fail_ex+0x512/0x640 [ 504.743078][T11454] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 504.743119][T11454] should_failslab+0xc2/0x120 [ 504.743160][T11454] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 504.743198][T11454] ? __d_alloc+0x31/0xaa0 [ 504.743241][T11454] __d_alloc+0x31/0xaa0 [ 504.743282][T11454] d_alloc+0x4a/0x1e0 [ 504.743321][T11454] d_alloc_parallel+0xe3/0x12e0 [ 504.743381][T11454] ? find_held_lock+0x2b/0x80 [ 504.743418][T11454] ? __pfx_d_alloc_parallel+0x10/0x10 [ 504.743471][T11454] ? __d_lookup+0x266/0x4a0 [ 504.743529][T11454] lookup_open.isra.0+0x665/0x1580 [ 504.743599][T11454] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 504.743676][T11454] ? __pfx_down_write+0x10/0x10 [ 504.743713][T11454] ? mnt_get_write_access+0x20c/0x300 [ 504.743765][T11454] path_openat+0x893/0x2cb0 [ 504.743814][T11454] ? __pfx_path_openat+0x10/0x10 [ 504.743850][T11454] ? __lock_acquire+0xb8a/0x1c90 [ 504.743902][T11454] do_filp_open+0x20b/0x470 [ 504.743936][T11454] ? __pfx_do_filp_open+0x10/0x10 [ 504.744001][T11454] ? alloc_fd+0x471/0x7d0 [ 504.744067][T11454] do_sys_openat2+0x11b/0x1d0 [ 504.744112][T11454] ? __pfx_do_sys_openat2+0x10/0x10 [ 504.744176][T11454] __x64_sys_openat+0x174/0x210 [ 504.744223][T11454] ? __pfx___x64_sys_openat+0x10/0x10 [ 504.744289][T11454] do_syscall_64+0xcd/0x490 [ 504.744327][T11454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.744361][T11454] RIP: 0033:0x7f619e78e9a9 [ 504.744389][T11454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 504.744421][T11454] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 504.744454][T11454] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 504.744475][T11454] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 504.744497][T11454] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 504.744518][T11454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 504.744539][T11454] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 504.744590][T11454] [ 506.677379][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.683860][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.833157][T11496] Invalid ELF header magic: != ELF [ 508.150824][T11496] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1421'. [ 511.423956][T11535] ovs_: entered promiscuous mode [ 512.330291][T11561] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1436'. [ 512.391682][T11561] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1436'. [ 512.434462][T11564] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 512.730615][T11570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1437'. [ 512.736356][T11567] can: request_module (can-proto-0) failed. [ 512.837214][T11565] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 513.394914][T11582] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1446'. [ 513.437109][T11582] macsec0: entered promiscuous mode [ 513.437366][T11582] macsec0: entered allmulticast mode [ 513.437405][T11582] veth1_macvtap: entered allmulticast mode [ 513.550342][T11575] could not allocate digest TFM handle [ 514.270244][T11592] mkiss: ax0: crc mode is auto. [ 514.603992][T11598] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1444'. [ 514.869447][T11604] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1447'. [ 514.890065][T11604] ipvlan1: entered allmulticast mode [ 514.913252][T11604] veth0_vlan: entered allmulticast mode [ 514.949295][T11604] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1447'. [ 515.782415][T11616] bond0: option all_slaves_active: invalid value () [ 518.804473][T11659] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1458'. [ 518.900756][T11660] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1458'. [ 519.073289][T11659] ipvlan1: entered allmulticast mode [ 519.078808][T11659] veth0_vlan: entered allmulticast mode [ 519.553550][T11668] Invalid ELF header magic: != ELF [ 519.818710][T11668] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1461'. [ 521.907057][T11694] kafs: addr_prefs: Invalid Command [ 523.788861][T11721] Invalid ELF header magic: != ELF [ 523.962908][T11721] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1473'. [ 524.982198][T11726] syz.2.1475 (11726): attempted to duplicate a private mapping with mremap. This is not supported. [ 525.072332][T11735] netlink: 'syz.1.1476': attribute type 1 has an invalid length. [ 525.935308][T11739] FAULT_INJECTION: forcing a failure. [ 525.935308][T11739] name failslab, interval 1, probability 0, space 0, times 0 [ 525.953076][T11739] CPU: 0 UID: 0 PID: 11739 Comm: syz.2.1479 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 525.953121][T11739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 525.953139][T11739] Call Trace: [ 525.953149][T11739] [ 525.953160][T11739] dump_stack_lvl+0x16c/0x1f0 [ 525.953198][T11739] should_fail_ex+0x512/0x640 [ 525.953229][T11739] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 525.953283][T11739] should_failslab+0xc2/0x120 [ 525.953320][T11739] __kmalloc_cache_noprof+0x6a/0x3e0 [ 525.953371][T11739] ? shrinker_alloc+0xf5/0xbf0 [ 525.953408][T11739] shrinker_alloc+0xf5/0xbf0 [ 525.953443][T11739] ? mark_held_locks+0x49/0x80 [ 525.953485][T11739] ? pcpu_memcg_post_alloc_hook+0x1e/0x690 [ 525.953554][T11739] ? __pfx_shrinker_alloc+0x10/0x10 [ 525.953596][T11739] ? lockdep_init_map_type+0x5c/0x280 [ 525.953642][T11739] ? __raw_spin_lock_init+0x3a/0x110 [ 525.953692][T11739] ? __init_rwsem+0x12d/0x1b0 [ 525.953760][T11739] alloc_super+0x7c8/0xbd0 [ 525.953819][T11739] ? __pfx_test_keyed_super+0x10/0x10 [ 525.953864][T11739] sget_fc+0x116/0xc20 [ 525.953917][T11739] ? __pfx_set_anon_super_fc+0x10/0x10 [ 525.953967][T11739] ? __pfx_rpc_fill_super+0x10/0x10 [ 525.954020][T11739] get_tree_keyed+0x59/0x1d0 [ 525.954075][T11739] vfs_get_tree+0x8e/0x340 [ 525.954121][T11739] vfs_cmd_create+0xd7/0x2a0 [ 525.954162][T11739] __do_sys_fsconfig+0x7b8/0xbe0 [ 525.954204][T11739] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 525.954265][T11739] do_syscall_64+0xcd/0x490 [ 525.954301][T11739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.954335][T11739] RIP: 0033:0x7f619e78e9a9 [ 525.954360][T11739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 525.954393][T11739] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 525.954424][T11739] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 525.954447][T11739] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 525.954466][T11739] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 525.954486][T11739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 525.954506][T11739] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 525.954557][T11739] [ 526.604403][T11748] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1480'. [ 526.687254][T11748] veth1_macvtap: entered promiscuous mode [ 526.726879][T11748] veth1_macvtap: entered allmulticast mode [ 526.762069][T11743] could not allocate digest TFM handle [ 527.818122][T11752] netlink: 'syz.2.1483': attribute type 10 has an invalid length. [ 527.894246][T11752] netlink: 230 bytes leftover after parsing attributes in process `syz.2.1483'. [ 527.993500][T11752] team_slave_1: left promiscuous mode [ 528.023252][T11752] team_slave_1: left allmulticast mode [ 528.177354][T11752] team0: Port device team_slave_1 removed [ 529.019435][T11781] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 529.858906][T11778] ima: policy update failed [ 529.872608][ T30] audit: type=1802 audit(4294967346.550:27): pid=11778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1489" res=0 errno=0 [ 529.924496][T11799] __vm_enough_memory: pid: 11799, comm: syz.0.1488, bytes: 4398046511104 not enough memory for the allocation [ 530.116119][T11790] FAULT_INJECTION: forcing a failure. [ 530.116119][T11790] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 530.202252][T11790] CPU: 0 UID: 0 PID: 11790 Comm: syz.2.1492 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 530.202309][T11790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 530.202330][T11790] Call Trace: [ 530.202340][T11790] [ 530.202352][T11790] dump_stack_lvl+0x16c/0x1f0 [ 530.202391][T11790] should_fail_ex+0x512/0x640 [ 530.202430][T11790] should_fail_alloc_page+0xe7/0x130 [ 530.202470][T11790] prepare_alloc_pages+0x3c2/0x610 [ 530.202526][T11790] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 530.202567][T11790] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 530.202609][T11790] ? rcu_is_watching+0x12/0xc0 [ 530.202647][T11790] ? trace_sched_exit_tp+0xde/0x130 [ 530.202690][T11790] ? __schedule+0x1181/0x5dd0 [ 530.202744][T11790] ? page_table_check_set+0x631/0x750 [ 530.202784][T11790] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 530.202826][T11790] ? const_folio_flags+0x5b/0x100 [ 530.202883][T11790] ? __pfx___schedule+0x10/0x10 [ 530.202943][T11790] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 530.202998][T11790] ? policy_nodemask+0xea/0x4e0 [ 530.203042][T11790] alloc_pages_mpol+0x1fb/0x550 [ 530.203084][T11790] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 530.203123][T11790] ? preempt_schedule_thunk+0x16/0x30 [ 530.203178][T11790] folio_alloc_mpol_noprof+0x36/0x2f0 [ 530.203227][T11790] vma_alloc_folio_noprof+0xed/0x1e0 [ 530.203282][T11790] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 530.203331][T11790] ? rcu_read_unlock+0x2d/0xb0 [ 530.203372][T11790] do_wp_page+0x1e5b/0x4f20 [ 530.203430][T11790] ? __pfx_do_wp_page+0x10/0x10 [ 530.203480][T11790] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 530.203549][T11790] __handle_mm_fault+0x2223/0x5490 [ 530.203614][T11790] ? __pfx___handle_mm_fault+0x10/0x10 [ 530.203666][T11790] ? kernel_text_address+0x8d/0x100 [ 530.203727][T11790] ? __lock_acquire+0xb8a/0x1c90 [ 530.203799][T11790] handle_mm_fault+0x589/0xd10 [ 530.203861][T11790] __get_user_pages+0x589/0x3b80 [ 530.203923][T11790] ? __pfx___get_user_pages+0x10/0x10 [ 530.203968][T11790] ? __pfx_down_read_killable+0x10/0x10 [ 530.204021][T11790] __gup_longterm_locked+0x20d/0x1840 [ 530.204083][T11790] ? __pfx___gup_longterm_locked+0x10/0x10 [ 530.204139][T11790] ? find_held_lock+0x2b/0x80 [ 530.204186][T11790] gup_fast_fallback+0x1ab3/0x29e0 [ 530.204272][T11790] ? __pfx_gup_fast_fallback+0x10/0x10 [ 530.204320][T11790] ? __kasan_kmalloc+0xaa/0xb0 [ 530.204351][T11790] ? refill_pi_state_cache+0x89/0x250 [ 530.204397][T11790] ? futex_lock_pi+0x173/0x740 [ 530.204443][T11790] ? __x64_sys_futex+0x1e0/0x4c0 [ 530.204484][T11790] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.204539][T11790] get_user_pages_fast+0xa7/0xf0 [ 530.204588][T11790] ? __pfx_get_user_pages_fast+0x10/0x10 [ 530.204648][T11790] get_futex_key+0x2c6/0x1540 [ 530.204694][T11790] ? __pfx_get_futex_key+0x10/0x10 [ 530.204740][T11790] ? kasan_save_track+0x14/0x30 [ 530.204774][T11790] ? __kasan_kmalloc+0xaa/0xb0 [ 530.204812][T11790] futex_lock_pi+0x1ca/0x740 [ 530.204868][T11790] ? __pfx_futex_lock_pi+0x10/0x10 [ 530.204937][T11790] ? __pfx_do_wp_page+0x10/0x10 [ 530.205005][T11790] ? __pfx_futex_wake_mark+0x10/0x10 [ 530.205064][T11790] ? __lock_acquire+0x622/0x1c90 [ 530.205125][T11790] do_futex+0x11a/0x350 [ 530.205169][T11790] ? __pfx_do_futex+0x10/0x10 [ 530.205211][T11790] ? find_held_lock+0x2b/0x80 [ 530.205247][T11790] ? handle_mm_fault+0x2ab/0xd10 [ 530.205314][T11790] __x64_sys_futex+0x1e0/0x4c0 [ 530.205360][T11790] ? exc_page_fault+0x5c/0xb0 [ 530.205391][T11790] ? __pfx___x64_sys_futex+0x10/0x10 [ 530.205453][T11790] do_syscall_64+0xcd/0x490 [ 530.205493][T11790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.205528][T11790] RIP: 0033:0x7f619e78e9a9 [ 530.205555][T11790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 530.205588][T11790] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 530.205620][T11790] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 530.205643][T11790] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 530.205663][T11790] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000006 [ 530.205684][T11790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.205704][T11790] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 530.205748][T11790] [ 532.875755][T11825] ptrace attach of "./syz-executor exec"[11826] was attempted by "./syz-executor exec"[11825] [ 533.440753][T11832] netlink: 'syz.3.1501': attribute type 1 has an invalid length. [ 533.561031][T11834] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 533.752106][T11834] FAULT_INJECTION: forcing a failure. [ 533.752106][T11834] name failslab, interval 1, probability 0, space 0, times 0 [ 533.816534][T11834] CPU: 0 UID: 0 PID: 11834 Comm: syz.0.1502 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 533.816586][T11834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 533.816608][T11834] Call Trace: [ 533.816619][T11834] [ 533.816632][T11834] dump_stack_lvl+0x16c/0x1f0 [ 533.816675][T11834] should_fail_ex+0x512/0x640 [ 533.816710][T11834] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 533.816757][T11834] should_failslab+0xc2/0x120 [ 533.816798][T11834] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 533.816839][T11834] ? kasprintf+0xc7/0x100 [ 533.816886][T11834] kvasprintf+0xbc/0x160 [ 533.816924][T11834] ? __pfx_kvasprintf+0x10/0x10 [ 533.816966][T11834] ? led_classdev_register_ext+0x2f3/0xa10 [ 533.817019][T11834] ? __pfx_led_classdev_register_ext+0x10/0x10 [ 533.817075][T11834] kasprintf+0xc7/0x100 [ 533.817123][T11834] ? __pfx_kasprintf+0x10/0x10 [ 533.817176][T11834] ? input_open_device+0x296/0x390 [ 533.817213][T11834] input_leds_connect+0x403/0x8e0 [ 533.817272][T11834] input_attach_handler.isra.0+0x184/0x260 [ 533.817333][T11834] input_register_device+0xa84/0x1130 [ 533.817386][T11834] ? atkbd_set_device_attrs+0x864/0xa90 [ 533.817427][T11834] atkbd_do_set_scroll+0x3a7/0x530 [ 533.817471][T11834] ? __pfx_atkbd_do_set_scroll+0x10/0x10 [ 533.817512][T11834] ? find_held_lock+0x2b/0x80 [ 533.817553][T11834] ? __pfx_atkbd_do_set_scroll+0x10/0x10 [ 533.817592][T11834] dev_attr_store+0x58/0x80 [ 533.817631][T11834] ? __pfx_dev_attr_store+0x10/0x10 [ 533.817671][T11834] sysfs_kf_write+0xf2/0x150 [ 533.817723][T11834] kernfs_fop_write_iter+0x354/0x510 [ 533.817764][T11834] ? __pfx_sysfs_kf_write+0x10/0x10 [ 533.817816][T11834] vfs_write+0x6c4/0x1150 [ 533.817868][T11834] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 533.817915][T11834] ? __pfx___mutex_lock+0x10/0x10 [ 533.817950][T11834] ? __pfx_vfs_write+0x10/0x10 [ 533.818010][T11834] ksys_write+0x12a/0x250 [ 533.818041][T11834] ? __pfx_ksys_write+0x10/0x10 [ 533.818085][T11834] do_syscall_64+0xcd/0x490 [ 533.818133][T11834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.818166][T11834] RIP: 0033:0x7ff348b8e9a9 [ 533.818192][T11834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 533.818225][T11834] RSP: 002b:00007ff349a86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 533.818256][T11834] RAX: ffffffffffffffda RBX: 00007ff348db5fa0 RCX: 00007ff348b8e9a9 [ 533.818277][T11834] RDX: 0000000000000081 RSI: 00002000000001c0 RDI: 0000000000000008 [ 533.818297][T11834] RBP: 00007ff348c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 533.818316][T11834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.818335][T11834] R13: 0000000000000000 R14: 00007ff348db5fa0 R15: 00007ffffb53efc8 [ 533.818378][T11834] [ 534.189764][T11834] input: failed to attach handler leds to device input17, error: -12 [ 534.504575][T11848] ERROR: Out of memory at tomoyo_memory_ok. [ 534.529145][T11850] program syz.0.1506 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 534.557012][T11848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1505'. [ 534.572734][T11848] FAULT_INJECTION: forcing a failure. [ 534.572734][T11848] name failslab, interval 1, probability 0, space 0, times 0 [ 534.586039][T11848] CPU: 1 UID: 0 PID: 11848 Comm: syz.1.1505 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 534.586084][T11848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 534.586106][T11848] Call Trace: [ 534.586116][T11848] [ 534.586129][T11848] dump_stack_lvl+0x16c/0x1f0 [ 534.586169][T11848] should_fail_ex+0x512/0x640 [ 534.586204][T11848] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 534.586246][T11848] should_failslab+0xc2/0x120 [ 534.586287][T11848] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 534.586320][T11848] ? kernfs_add_one+0x37d/0x840 [ 534.586358][T11848] ? __kernfs_new_node+0xd2/0x8e0 [ 534.586421][T11848] __kernfs_new_node+0xd2/0x8e0 [ 534.586480][T11848] ? kernfs_add_one+0x14e/0x840 [ 534.586516][T11848] ? __pfx___kernfs_new_node+0x10/0x10 [ 534.586582][T11848] ? find_held_lock+0x2b/0x80 [ 534.586614][T11848] ? kernfs_root+0xee/0x2a0 [ 534.586648][T11848] kernfs_new_node+0x13c/0x1e0 [ 534.586685][T11848] kernfs_create_link+0xcc/0x240 [ 534.586728][T11848] sysfs_do_create_link_sd+0x90/0x140 [ 534.586779][T11848] sysfs_create_link+0x61/0xc0 [ 534.586824][T11848] device_add+0x50a/0x1a70 [ 534.586884][T11848] ? __pfx_device_add+0x10/0x10 [ 534.586928][T11848] ? lockdep_init_map_type+0x5c/0x280 [ 534.586972][T11848] ? __init_waitqueue_head+0xca/0x150 [ 534.587009][T11848] netdev_register_kobject+0x182/0x3a0 [ 534.587054][T11848] register_netdevice+0x13dc/0x2270 [ 534.587097][T11848] ? __pfx_register_netdevice+0x10/0x10 [ 534.587145][T11848] internal_dev_create+0x2d3/0x520 [ 534.587183][T11848] ovs_vport_add+0x144/0x4d0 [ 534.587218][T11848] new_vport+0x16/0x1d0 [ 534.587262][T11848] ovs_dp_cmd_new+0x6ba/0xe60 [ 534.587319][T11848] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 534.587374][T11848] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 534.587419][T11848] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 534.587472][T11848] genl_family_rcv_msg_doit+0x209/0x2f0 [ 534.587516][T11848] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 534.587559][T11848] ? trace_cap_capable+0x18d/0x200 [ 534.587606][T11848] ? bpf_lsm_capable+0x9/0x10 [ 534.587654][T11848] ? security_capable+0x7e/0x260 [ 534.587698][T11848] ? ns_capable+0xd7/0x110 [ 534.587738][T11848] genl_rcv_msg+0x55c/0x800 [ 534.587793][T11848] ? __pfx_genl_rcv_msg+0x10/0x10 [ 534.587844][T11848] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 534.587924][T11848] netlink_rcv_skb+0x158/0x420 [ 534.587967][T11848] ? __pfx_genl_rcv_msg+0x10/0x10 [ 534.588019][T11848] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 534.588081][T11848] ? netlink_deliver_tap+0x1ae/0xd30 [ 534.588128][T11848] genl_rcv+0x28/0x40 [ 534.588171][T11848] netlink_unicast+0x58a/0x850 [ 534.588220][T11848] ? __pfx_netlink_unicast+0x10/0x10 [ 534.588277][T11848] netlink_sendmsg+0x8d1/0xdd0 [ 534.588328][T11848] ? __pfx_netlink_sendmsg+0x10/0x10 [ 534.588389][T11848] ____sys_sendmsg+0xa95/0xc70 [ 534.588438][T11848] ? copy_msghdr_from_user+0x10a/0x160 [ 534.588475][T11848] ? __pfx_____sys_sendmsg+0x10/0x10 [ 534.588530][T11848] ? try_to_wake_up+0xa2f/0x1680 [ 534.588572][T11848] ___sys_sendmsg+0x134/0x1d0 [ 534.588612][T11848] ? __pfx____sys_sendmsg+0x10/0x10 [ 534.588642][T11848] ? __lock_acquire+0x622/0x1c90 [ 534.588743][T11848] __sys_sendmsg+0x16d/0x220 [ 534.588781][T11848] ? __pfx___sys_sendmsg+0x10/0x10 [ 534.588812][T11848] ? __x64_sys_futex+0x1e0/0x4c0 [ 534.588878][T11848] do_syscall_64+0xcd/0x490 [ 534.588912][T11848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.588943][T11848] RIP: 0033:0x7faf1c98e9a9 [ 534.588967][T11848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.588995][T11848] RSP: 002b:00007faf1d72e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 534.589022][T11848] RAX: ffffffffffffffda RBX: 00007faf1cbb5fa0 RCX: 00007faf1c98e9a9 [ 534.589042][T11848] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000007 [ 534.589063][T11848] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 534.589083][T11848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.589104][T11848] R13: 0000000000000000 R14: 00007faf1cbb5fa0 R15: 00007ffc0f874328 [ 534.589144][T11848] [ 535.358468][T11857] mkiss: ax0: crc mode is auto. [ 535.998227][T11873] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1511'. [ 536.057525][T11873] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1511'. [ 537.673978][T11884] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1513'. [ 537.810830][T11884] bridge0: port 2(bridge_slave_1) entered disabled state [ 537.977893][T11884] bridge_slave_1 (unregistering): left allmulticast mode [ 537.989614][T11884] bridge_slave_1 (unregistering): left promiscuous mode [ 538.016469][T11884] bridge0: port 2(bridge_slave_1) entered disabled state [ 538.194652][T11883] can0: slcan on pty233. [ 538.363024][T11879] can0 (unregistered): slcan off pty233. [ 539.408085][T11912] FAULT_INJECTION: forcing a failure. [ 539.408085][T11912] name failslab, interval 1, probability 0, space 0, times 0 [ 539.468138][T11912] CPU: 1 UID: 0 PID: 11912 Comm: syz.2.1519 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 539.468185][T11912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 539.468207][T11912] Call Trace: [ 539.468216][T11912] [ 539.468225][T11912] dump_stack_lvl+0x16c/0x1f0 [ 539.468254][T11912] should_fail_ex+0x512/0x640 [ 539.468284][T11912] should_failslab+0xc2/0x120 [ 539.468312][T11912] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 539.468339][T11912] ? xas_split_alloc+0x11c/0x490 [ 539.468368][T11912] xas_split_alloc+0x11c/0x490 [ 539.468401][T11912] __folio_split+0xca8/0x48d0 [ 539.468450][T11912] ? find_held_lock+0x2b/0x80 [ 539.468476][T11912] ? shmem_writeout+0x59f/0x13b0 [ 539.468519][T11912] ? __pfx___folio_split+0x10/0x10 [ 539.468553][T11912] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 539.468588][T11912] ? folio_alloc_swap+0x96b/0xca0 [ 539.468620][T11912] split_folio_to_list+0x9b/0x180 [ 539.468658][T11912] shmem_writeout+0x608/0x13b0 [ 539.468699][T11912] ? __pfx_shmem_writeout+0x10/0x10 [ 539.468749][T11912] ? inode_to_bdi+0x9e/0x160 [ 539.468775][T11912] ? folio_clear_dirty_for_io+0x112/0x810 [ 539.468812][T11912] ? __pfx_shmem_writeout+0x10/0x10 [ 539.468850][T11912] pageout+0x38f/0xa50 [ 539.468886][T11912] ? __pfx_pageout+0x10/0x10 [ 539.468954][T11912] ? __pfx_try_to_unmap_one+0x10/0x10 [ 539.468994][T11912] ? __pfx_folio_not_mapped+0x10/0x10 [ 539.469041][T11912] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 539.469087][T11912] shrink_folio_list+0x2f4d/0x3fc0 [ 539.469155][T11912] ? __pfx_shrink_folio_list+0x10/0x10 [ 539.469210][T11912] ? __lock_acquire+0x620/0x1c90 [ 539.469273][T11912] ? __lock_acquire+0xb8a/0x1c90 [ 539.469364][T11912] ? __lock_acquire+0x622/0x1c90 [ 539.469417][T11912] ? __lock_acquire+0x622/0x1c90 [ 539.469468][T11912] reclaim_folio_list+0xda/0x5d0 [ 539.469518][T11912] ? __lock_acquire+0x622/0x1c90 [ 539.469568][T11912] ? __pfx_reclaim_folio_list+0x10/0x10 [ 539.469639][T11912] ? __lock_acquire+0xb8a/0x1c90 [ 539.469693][T11912] ? css_rstat_updated+0x9d/0xd30 [ 539.469738][T11912] ? lru_gen_del_folio+0x32b/0x540 [ 539.469791][T11912] reclaim_pages+0x47b/0x650 [ 539.469851][T11912] ? __pfx_reclaim_pages+0x10/0x10 [ 539.469905][T11912] ? madvise_cold_or_pageout_pte_range+0x1ee3/0x2180 [ 539.469962][T11912] madvise_cold_or_pageout_pte_range+0x16d5/0x2180 [ 539.470027][T11912] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 539.470076][T11912] ? __lock_acquire+0x622/0x1c90 [ 539.470135][T11912] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 539.470186][T11912] walk_pgd_range+0xc53/0x1f60 [ 539.470253][T11912] ? __pfx_walk_pgd_range+0x10/0x10 [ 539.470296][T11912] ? folios_put_refs+0x5ce/0x740 [ 539.470338][T11912] __walk_page_range+0x163/0x820 [ 539.470380][T11912] ? find_vma+0xbf/0x140 [ 539.470420][T11912] ? __pfx_find_vma+0x10/0x10 [ 539.470466][T11912] ? walk_page_test+0x9b/0x180 [ 539.470505][T11912] walk_page_range_mm+0x54d/0x8a0 [ 539.470549][T11912] ? __pfx_walk_page_range_mm+0x10/0x10 [ 539.470594][T11912] ? find_held_lock+0x2b/0x80 [ 539.470630][T11912] ? mlock_drain_local+0x22d/0x4f0 [ 539.470669][T11912] walk_page_range+0x63/0x90 [ 539.470709][T11912] madvise_pageout+0x254/0x540 [ 539.470760][T11912] ? __pfx_madvise_pageout+0x10/0x10 [ 539.470822][T11912] ? mtree_range_walk+0x718/0xc00 [ 539.470875][T11912] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 539.470933][T11912] madvise_vma_behavior+0x460/0x2420 [ 539.470977][T11912] ? mas_prev_setup.constprop.0+0x81/0x830 [ 539.471038][T11912] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 539.471082][T11912] ? __pfx_mas_prev+0x10/0x10 [ 539.471127][T11912] ? find_vma_prev+0xda/0x160 [ 539.471172][T11912] ? __pfx_find_vma_prev+0x10/0x10 [ 539.471240][T11912] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 539.471282][T11912] madvise_walk_vmas+0x1d1/0x2c0 [ 539.471326][T11912] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 539.471380][T11912] madvise_do_behavior+0x15d/0x3f0 [ 539.471429][T11912] ? __pfx_madvise_do_behavior+0x10/0x10 [ 539.471499][T11912] do_madvise+0x161/0x230 [ 539.471543][T11912] ? __pfx_do_madvise+0x10/0x10 [ 539.471611][T11912] ? syscall_user_dispatch+0x78/0x140 [ 539.471674][T11912] __x64_sys_madvise+0xa9/0x110 [ 539.471720][T11912] do_syscall_64+0xcd/0x490 [ 539.471767][T11912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.471801][T11912] RIP: 0033:0x7f619e78e9a9 [ 539.471828][T11912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 539.471862][T11912] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 539.471895][T11912] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 539.471917][T11912] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 539.471938][T11912] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 539.471959][T11912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 539.471979][T11912] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 539.472021][T11912] [ 543.154238][T11971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1528'. [ 544.814448][T11988] can0: slcan on pty233. [ 545.083149][T11987] can0 (unregistered): slcan off pty233. [ 545.504248][T11999] sd 0:0:1:0: PR command failed: 1026 [ 545.509969][T11999] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 545.520089][T11999] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 546.198081][T12009] __vm_enough_memory: pid: 12009, comm: syz.3.1536, bytes: 4398046511104 not enough memory for the allocation [ 546.210119][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 945 with max blocks 22 with error 117 [ 546.224681][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 546.224681][ T12] [ 546.915738][T12018] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1539'. [ 547.492955][T12026] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 547.722179][ T5200] ERROR: Out of memory at tomoyo_memory_ok. [ 552.072016][T12092] Invalid ELF header magic: != ELF [ 552.765432][T12112] ima: policy update failed [ 552.773726][ T30] audit: type=1802 audit(4294967369.460:28): pid=12112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1559" res=0 errno=0 [ 552.796943][T12112] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1559'. [ 554.217173][T12131] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 555.507302][T12154] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1569'. [ 555.531783][T12154] bridge0: port 2(bridge_slave_1) entered disabled state [ 555.744351][T12154] bridge_slave_1 (unregistering): left allmulticast mode [ 555.751534][T12154] bridge_slave_1 (unregistering): left promiscuous mode [ 555.780736][T12154] bridge0: port 2(bridge_slave_1) entered disabled state [ 555.788326][T12160] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 556.719990][T12161] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 556.829412][T12178] FAULT_INJECTION: forcing a failure. [ 556.829412][T12178] name failslab, interval 1, probability 0, space 0, times 0 [ 556.935104][T12178] CPU: 0 UID: 0 PID: 12178 Comm: syz.2.1573 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 556.935149][T12178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 556.935169][T12178] Call Trace: [ 556.935178][T12178] [ 556.935189][T12178] dump_stack_lvl+0x16c/0x1f0 [ 556.935226][T12178] should_fail_ex+0x512/0x640 [ 556.935257][T12178] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 556.935291][T12178] should_failslab+0xc2/0x120 [ 556.935326][T12178] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 556.935356][T12178] ? _copy_from_iter+0x15d/0x16f0 [ 556.935387][T12178] ? sctp_chunkify+0x51/0x2d0 [ 556.935438][T12178] sctp_chunkify+0x51/0x2d0 [ 556.935486][T12178] _sctp_make_chunk+0x148/0x270 [ 556.935553][T12178] sctp_make_datafrag_empty+0x16f/0x240 [ 556.935589][T12178] ? __pfx_sctp_make_datafrag_empty+0x10/0x10 [ 556.935636][T12178] sctp_datamsg_from_user+0x595/0x1320 [ 556.935705][T12178] sctp_sendmsg_to_asoc+0xaf5/0x1bf0 [ 556.935761][T12178] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 556.935802][T12178] ? __pfx_autoremove_wake_function+0x10/0x10 [ 556.935852][T12178] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 556.935918][T12178] sctp_sendmsg+0xef5/0x1ee0 [ 556.935999][T12178] ? __pfx_sctp_sendmsg+0x10/0x10 [ 556.936051][T12178] ? __pfx___might_resched+0x10/0x10 [ 556.936102][T12178] ? aa_file_perm+0x4d6/0xfb0 [ 556.936137][T12178] ? __pfx_aa_sk_perm+0x10/0x10 [ 556.936190][T12178] ? __pfx_sctp_sendmsg+0x10/0x10 [ 556.936239][T12178] inet_sendmsg+0x11c/0x140 [ 556.936293][T12178] sock_write_iter+0x4aa/0x5b0 [ 556.936340][T12178] ? __pfx_sock_write_iter+0x10/0x10 [ 556.936385][T12178] ? bpf_check_uarg_tail_zero+0x127/0x1b0 [ 556.936448][T12178] ? bpf_lsm_file_permission+0x9/0x10 [ 556.936490][T12178] ? security_file_permission+0x71/0x210 [ 556.936543][T12178] ? rw_verify_area+0xcf/0x680 [ 556.936597][T12178] vfs_write+0x6c4/0x1150 [ 556.936631][T12178] ? __pfx_sock_write_iter+0x10/0x10 [ 556.936681][T12178] ? __pfx_vfs_write+0x10/0x10 [ 556.936709][T12178] ? find_held_lock+0x2b/0x80 [ 556.936772][T12178] ksys_write+0x1f8/0x250 [ 556.936804][T12178] ? __pfx_ksys_write+0x10/0x10 [ 556.936850][T12178] do_syscall_64+0xcd/0x490 [ 556.936889][T12178] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.936932][T12178] RIP: 0033:0x7f619e78e9a9 [ 556.936959][T12178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.936992][T12178] RSP: 002b:00007f619f620038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 556.937023][T12178] RAX: ffffffffffffffda RBX: 00007f619e9b6160 RCX: 00007f619e78e9a9 [ 556.937045][T12178] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 556.937064][T12178] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 556.937083][T12178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 556.937102][T12178] R13: 0000000000000000 R14: 00007f619e9b6160 R15: 00007ffeadb1f638 [ 556.937152][T12178] [ 557.362579][T12181] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 558.661870][T12180] ima: policy update failed [ 558.781392][ T30] audit: type=1802 audit(4294967375.460:29): pid=12180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1575" res=0 errno=0 [ 559.242356][T12193] netlink: 'syz.0.1578': attribute type 10 has an invalid length. [ 559.257659][T12193] netlink: 230 bytes leftover after parsing attributes in process `syz.0.1578'. [ 559.334477][T12193] team0: Port device team_slave_1 removed [ 560.182844][T12210] can0: slcan on pty233. [ 560.295223][T12207] can0 (unregistered): slcan off pty233. [ 562.070706][T12245] random: crng reseeded on system resumption [ 562.090829][ T59] ERROR: Out of memory at tomoyo_memory_ok. [ 562.100859][ T13] ERROR: Out of memory at tomoyo_memory_ok. [ 563.075704][ T30] audit: type=1804 audit(4294967379.760:30): pid=12263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1593" name="/newroot/393/file0" dev="tmpfs" ino=2094 res=1 errno=0 [ 563.122897][ T30] audit: type=1800 audit(4294967379.760:31): pid=12263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1593" name="file0" dev="tmpfs" ino=2094 res=0 errno=0 [ 563.526452][T12253] netlink: 'syz.3.1591': attribute type 10 has an invalid length. [ 563.563071][T12253] netlink: 230 bytes leftover after parsing attributes in process `syz.3.1591'. [ 563.635757][T12253] team0: Port device team_slave_1 removed [ 563.900005][T12281] bond0: option packets_per_slave: invalid value () [ 563.980591][T12281] bond0: option packets_per_slave: allowed values 0 - 65535 [ 565.321474][T12294] zswap: compressor not available [ 565.327283][T12271] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 565.338323][T12271] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 565.347320][T12271] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 565.356840][T12271] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 565.387942][T12271] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 565.399398][T12271] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 565.503236][T12303] FAULT_INJECTION: forcing a failure. [ 565.503236][T12303] name failslab, interval 1, probability 0, space 0, times 0 [ 565.522842][T12303] CPU: 1 UID: 0 PID: 12303 Comm: syz.2.1600 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 565.522895][T12303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 565.522916][T12303] Call Trace: [ 565.522928][T12303] [ 565.522942][T12303] dump_stack_lvl+0x16c/0x1f0 [ 565.522983][T12303] should_fail_ex+0x512/0x640 [ 565.523018][T12303] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 565.523059][T12303] should_failslab+0xc2/0x120 [ 565.523098][T12303] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 565.523135][T12303] ? __kernfs_new_node+0xd2/0x8e0 [ 565.523206][T12303] __kernfs_new_node+0xd2/0x8e0 [ 565.523270][T12303] ? __pfx___kernfs_new_node+0x10/0x10 [ 565.523338][T12303] ? find_held_lock+0x2b/0x80 [ 565.523376][T12303] ? kernfs_root+0xee/0x2a0 [ 565.523416][T12303] kernfs_new_node+0x13c/0x1e0 [ 565.523463][T12303] __kernfs_create_file+0x53/0x350 [ 565.523515][T12303] sysfs_add_file_mode_ns+0x207/0x3c0 [ 565.523578][T12303] sysfs_merge_group+0x1aa/0x340 [ 565.523613][T12303] ? __pfx_sysfs_merge_group+0x10/0x10 [ 565.523650][T12303] ? __pfx_dev_add_physical_location+0x10/0x10 [ 565.523694][T12303] ? bus_to_subsys+0x131/0x160 [ 565.523749][T12303] dpm_sysfs_add+0x237/0x280 [ 565.523794][T12303] device_add+0x9a6/0x1a70 [ 565.523841][T12303] ? __pfx_device_add+0x10/0x10 [ 565.523900][T12303] nfc_register_device+0x41/0x3c0 [ 565.523943][T12303] nci_register_device+0x7f1/0xb80 [ 565.524000][T12303] ? __pfx_nci_register_device+0x10/0x10 [ 565.524063][T12303] ? lockdep_init_map_type+0x5c/0x280 [ 565.524123][T12303] virtual_ncidev_open+0x141/0x220 [ 565.524177][T12303] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 565.524237][T12303] misc_open+0x35d/0x420 [ 565.524292][T12303] ? __pfx_misc_open+0x10/0x10 [ 565.524344][T12303] chrdev_open+0x231/0x6a0 [ 565.524381][T12303] ? __pfx_apparmor_file_open+0x10/0x10 [ 565.524435][T12303] ? __pfx_chrdev_open+0x10/0x10 [ 565.524476][T12303] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 565.524537][T12303] do_dentry_open+0x744/0x1c10 [ 565.524573][T12303] ? __pfx_chrdev_open+0x10/0x10 [ 565.524619][T12303] vfs_open+0x82/0x3f0 [ 565.524666][T12303] path_openat+0x1de4/0x2cb0 [ 565.524709][T12303] ? __pfx_path_openat+0x10/0x10 [ 565.524744][T12303] ? __lock_acquire+0xb8a/0x1c90 [ 565.524793][T12303] do_filp_open+0x20b/0x470 [ 565.524827][T12303] ? __pfx_do_filp_open+0x10/0x10 [ 565.524889][T12303] ? alloc_fd+0x471/0x7d0 [ 565.524951][T12303] do_sys_openat2+0x11b/0x1d0 [ 565.524996][T12303] ? __pfx_do_sys_openat2+0x10/0x10 [ 565.525062][T12303] __x64_sys_openat+0x174/0x210 [ 565.525110][T12303] ? __pfx___x64_sys_openat+0x10/0x10 [ 565.525175][T12303] do_syscall_64+0xcd/0x490 [ 565.525224][T12303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.525260][T12303] RIP: 0033:0x7f619e78e9a9 [ 565.525289][T12303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 565.525323][T12303] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 565.525356][T12303] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 565.525378][T12303] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 565.525399][T12303] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 565.525419][T12303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.525439][T12303] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 565.525480][T12303] [ 565.876419][ T5164] Bluetooth: hci1: command 0x0406 tx timeout [ 567.392794][ T5164] Bluetooth: hci3: command 0x0406 tx timeout [ 567.400268][ T5164] Bluetooth: hci0: command 0x0406 tx timeout [ 567.415149][ T5856] Bluetooth: hci2: command 0x0406 tx timeout [ 568.131401][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.137824][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.473173][T12339] Bluetooth: hci0: command 0x0406 tx timeout [ 569.473559][T12338] Bluetooth: hci3: command 0x0406 tx timeout [ 571.009930][T12399] ERROR: Out of memory at tomoyo_memory_ok. [ 571.251877][T12396] ieee80211 phy24: Failed to add default virtual iface [ 571.992834][T12413] netlink: 'syz.2.1627': attribute type 15 has an invalid length. [ 572.021966][T12413] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1627'. [ 572.055079][T12417] netlink: 'syz.2.1627': attribute type 15 has an invalid length. [ 572.087984][T12417] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1627'. [ 572.581127][T12430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1632'. [ 572.606711][T12430] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1632'. [ 572.903699][T12439] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1641'. [ 573.498048][T12443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1634'. [ 575.781402][T12475] sysfs_service_op_show: Client not running :-5: [ 577.390480][T12503] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1655'. [ 577.464674][T12502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1655'. [ 577.652778][T12509] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1384 with max blocks 21 with error 117 [ 577.668184][T12509] EXT4-fs (sda1): This should not happen!! Data will be lost [ 577.668184][T12509] [ 578.178637][T12518] Invalid ELF header magic: != ELF [ 578.414704][T12511] capability: warning: `syz.0.1647' uses deprecated v2 capabilities in a way that may be insecure [ 578.768066][T12525] device-mapper: ioctl: Unable to rename non-existent device,  to [ 579.300765][T12528] FAULT_INJECTION: forcing a failure. [ 579.300765][T12528] name failslab, interval 1, probability 0, space 0, times 0 [ 579.394354][T12528] CPU: 1 UID: 0 PID: 12528 Comm: syz.2.1652 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 579.394406][T12528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 579.394428][T12528] Call Trace: [ 579.394439][T12528] [ 579.394452][T12528] dump_stack_lvl+0x16c/0x1f0 [ 579.394494][T12528] should_fail_ex+0x512/0x640 [ 579.394530][T12528] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 579.394577][T12528] should_failslab+0xc2/0x120 [ 579.394619][T12528] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 579.394663][T12528] ? lockdep_hardirqs_on+0x7c/0x110 [ 579.394696][T12528] ? fib_notifier_ops_register+0x32/0x270 [ 579.394746][T12528] kmemdup_noprof+0x29/0x60 [ 579.394784][T12528] fib_notifier_ops_register+0x32/0x270 [ 579.394830][T12528] fib4_notifier_init+0x4f/0xd0 [ 579.394874][T12528] fib_net_init+0xbf/0x3f0 [ 579.394916][T12528] ? __pfx___register_sysctl_table+0x10/0x10 [ 579.394968][T12528] ? __pfx_fib_net_init+0x10/0x10 [ 579.395009][T12528] ? lockdep_init_map_type+0x5c/0x280 [ 579.395052][T12528] ? do_init_timer+0xc9/0x110 [ 579.395083][T12528] ? devinet_init_net+0x5c2/0x910 [ 579.395120][T12528] ? __pfx_fib_net_init+0x10/0x10 [ 579.395164][T12528] ops_init+0x1df/0x5f0 [ 579.395204][T12528] setup_net+0x1ff/0x510 [ 579.395227][T12528] ? lockdep_init_map_type+0x5c/0x280 [ 579.395258][T12528] ? __pfx_setup_net+0x10/0x10 [ 579.395284][T12528] ? debug_mutex_init+0x37/0x70 [ 579.395309][T12528] copy_net_ns+0x2a6/0x5f0 [ 579.395338][T12528] create_new_namespaces+0x3ea/0xa90 [ 579.395369][T12528] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 579.395397][T12528] ksys_unshare+0x45b/0xa40 [ 579.395427][T12528] ? __pfx_ksys_unshare+0x10/0x10 [ 579.395458][T12528] ? xfd_validate_state+0x61/0x180 [ 579.395495][T12528] __x64_sys_unshare+0x31/0x40 [ 579.395525][T12528] do_syscall_64+0xcd/0x490 [ 579.395549][T12528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.395571][T12528] RIP: 0033:0x7f619e78e9a9 [ 579.395587][T12528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 579.395627][T12528] RSP: 002b:00007f619f662038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 579.395649][T12528] RAX: ffffffffffffffda RBX: 00007f619e9b5fa0 RCX: 00007f619e78e9a9 [ 579.395664][T12528] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 579.395678][T12528] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 579.395692][T12528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 579.395705][T12528] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 579.395734][T12528] [ 579.806601][T12538] random: crng reseeded on system resumption [ 579.821058][ T13] ERROR: Out of memory at tomoyo_memory_ok. [ 579.978130][ T12] ERROR: Out of memory at tomoyo_memory_ok. [ 581.477674][T12564] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 581.511869][T12564] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 581.659098][T12566] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1662'. [ 583.595219][T12582] netlink: 5248 bytes leftover after parsing attributes in process `syz.0.1673'. [ 586.701997][T12631] Invalid ELF header magic: != ELF [ 588.643204][ T30] audit: type=1800 audit(4294967405.330:32): pid=12664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1689" name="features" dev="configfs" ino=35813 res=0 errno=0 [ 589.295750][T12670] FAULT_INJECTION: forcing a failure. [ 589.295750][T12670] name fail_futex, interval 1, probability 0, space 0, times 0 [ 589.313318][T12670] CPU: 0 UID: 0 PID: 12670 Comm: syz.2.1681 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 589.313360][T12670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 589.313373][T12670] Call Trace: [ 589.313380][T12670] [ 589.313389][T12670] dump_stack_lvl+0x16c/0x1f0 [ 589.313417][T12670] should_fail_ex+0x512/0x640 [ 589.313445][T12670] get_futex_key+0x1d0/0x1540 [ 589.313495][T12670] ? __pfx_get_futex_key+0x10/0x10 [ 589.313524][T12670] ? xas_create+0x1d7/0x1460 [ 589.313551][T12670] ? __kasan_kmalloc+0xaa/0xb0 [ 589.313579][T12670] futex_wait_setup+0x84/0x510 [ 589.313621][T12670] __futex_wait+0x194/0x2f0 [ 589.313657][T12670] ? __pfx___futex_wait+0x10/0x10 [ 589.313691][T12670] ? __lock_acquire+0xb8a/0x1c90 [ 589.313727][T12670] ? __pfx_futex_wake_mark+0x10/0x10 [ 589.313768][T12670] ? do_raw_spin_lock+0x12c/0x2b0 [ 589.313808][T12670] ? __futex_hash.constprop.0+0x1e9/0x440 [ 589.313842][T12670] futex_wait+0xe8/0x380 [ 589.313876][T12670] ? __pfx_futex_wait+0x10/0x10 [ 589.313909][T12670] ? fd_install+0x225/0x750 [ 589.313952][T12670] ? rcu_is_watching+0x12/0xc0 [ 589.313989][T12670] ? io_uring_setup+0x1789/0x2080 [ 589.314030][T12670] do_futex+0x229/0x350 [ 589.314059][T12670] ? __pfx_do_futex+0x10/0x10 [ 589.314094][T12670] __x64_sys_futex+0x1e0/0x4c0 [ 589.314127][T12670] ? __pfx___x64_sys_futex+0x10/0x10 [ 589.314156][T12670] ? xfd_validate_state+0x61/0x180 [ 589.314186][T12670] ? __pfx___do_sys_close_range+0x10/0x10 [ 589.314217][T12670] do_syscall_64+0xcd/0x490 [ 589.314244][T12670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.314267][T12670] RIP: 0033:0x7f619e78e9a9 [ 589.314285][T12670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.314307][T12670] RSP: 002b:00007f619f6620e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 589.314330][T12670] RAX: ffffffffffffffda RBX: 00007f619e9b5fa8 RCX: 00007f619e78e9a9 [ 589.314350][T12670] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f619e9b5fa8 [ 589.314364][T12670] RBP: 00007f619e9b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 589.314378][T12670] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f619e9b5fac [ 589.314393][T12670] R13: 0000000000000000 R14: 00007ffeadb1f550 R15: 00007ffeadb1f638 [ 589.314421][T12670] [ 589.798145][T12679] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 591.091161][T12678] ima: policy update failed [ 591.142329][ T30] audit: type=1802 audit(4294967407.820:33): pid=12678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1683" res=0 errno=0 [ 591.684312][T12703] Invalid ELF header magic: != ELF [ 595.905124][T12757] can0: slcan on pty233. [ 596.012818][T12756] can0 (unregistered): slcan off pty233. [ 596.676848][T12777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1709'. [ 597.793019][ T842] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 597.800531][T12339] Bluetooth: hci2: command 0x0406 tx timeout [ 599.023110][T12815] random: crng reseeded on system resumption [ 599.138698][ T36] ERROR: Out of memory at tomoyo_memory_ok. [ 600.277224][T12832] ERROR: Out of memory at tomoyo_memory_ok. [ 601.731507][T12849] can0: slcan on pty238. [ 601.820965][T12853] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1724'. [ 601.843754][T12849] can0 (unregistered): slcan off pty238. [ 602.064496][ T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1396 with max blocks 9 with error 117 [ 602.115442][ T36] EXT4-fs (sda1): This should not happen!! Data will be lost [ 602.115442][ T36] [ 602.136375][T12862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1727'. [ 602.193709][T12862] netlink: 'syz.0.1727': attribute type 1 has an invalid length. [ 602.220708][T12862] netlink: 'syz.0.1727': attribute type 6 has an invalid length. [ 602.446180][T12855] Invalid ELF header magic: != ELF [ 604.264247][T12880] FAULT_INJECTION: forcing a failure. [ 604.264247][T12880] name failslab, interval 1, probability 0, space 0, times 0 [ 604.305648][T12880] CPU: 1 UID: 0 PID: 12880 Comm: syz.0.1730 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 604.305686][T12880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 604.305701][T12880] Call Trace: [ 604.305720][T12880] [ 604.305728][T12880] dump_stack_lvl+0x16c/0x1f0 [ 604.305755][T12880] should_fail_ex+0x512/0x640 [ 604.305777][T12880] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 604.305815][T12880] should_failslab+0xc2/0x120 [ 604.305842][T12880] __kmalloc_cache_noprof+0x6a/0x3e0 [ 604.305876][T12880] ? kernfs_fop_open+0x244/0xda0 [ 604.305908][T12880] kernfs_fop_open+0x244/0xda0 [ 604.305936][T12880] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 604.305975][T12880] do_dentry_open+0x744/0x1c10 [ 604.305998][T12880] ? __pfx_kernfs_fop_open+0x10/0x10 [ 604.306031][T12880] vfs_open+0x82/0x3f0 [ 604.306062][T12880] path_openat+0x1de4/0x2cb0 [ 604.306098][T12880] ? __pfx_path_openat+0x10/0x10 [ 604.306121][T12880] ? __lock_acquire+0xb8a/0x1c90 [ 604.306155][T12880] do_filp_open+0x20b/0x470 [ 604.306176][T12880] ? __pfx_do_filp_open+0x10/0x10 [ 604.306217][T12880] ? alloc_fd+0x471/0x7d0 [ 604.306258][T12880] do_sys_openat2+0x11b/0x1d0 [ 604.306292][T12880] ? __pfx_do_sys_openat2+0x10/0x10 [ 604.306347][T12880] __x64_sys_openat+0x174/0x210 [ 604.306390][T12880] ? __pfx___x64_sys_openat+0x10/0x10 [ 604.306445][T12880] do_syscall_64+0xcd/0x490 [ 604.306479][T12880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.306511][T12880] RIP: 0033:0x7ff348b8e9a9 [ 604.306538][T12880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.306567][T12880] RSP: 002b:00007ff349a65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 604.306595][T12880] RAX: ffffffffffffffda RBX: 00007ff348db6080 RCX: 00007ff348b8e9a9 [ 604.306615][T12880] RDX: 0000000000121002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 604.306634][T12880] RBP: 00007ff348c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 604.306653][T12880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.306670][T12880] R13: 0000000000000000 R14: 00007ff348db6080 R15: 00007ffffb53efc8 [ 604.306707][T12880] [ 607.563103][T12914] netlink: 'syz.1.1738': attribute type 10 has an invalid length. [ 607.642847][T12914] netlink: 230 bytes leftover after parsing attributes in process `syz.1.1738'. [ 607.735307][T12914] team0: Port device team_slave_1 removed [ 608.061905][T12934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1743'. [ 609.424020][T12963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1748'. [ 611.159008][T12983] netlink: 'syz.3.1751': attribute type 10 has an invalid length. [ 611.180962][T12983] netlink: 230 bytes leftover after parsing attributes in process `syz.3.1751'. [ 612.560360][T13006] netlink: 'syz.2.1762': attribute type 10 has an invalid length. [ 612.589978][T13006] netlink: 230 bytes leftover after parsing attributes in process `syz.2.1762'. [ 614.574587][T13049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1760'. [ 616.188026][T13065] Unable to find swap-space signature [ 617.821397][T13091] FAULT_INJECTION: forcing a failure. [ 617.821397][T13091] name failslab, interval 1, probability 0, space 0, times 0 [ 617.886737][T13091] CPU: 1 UID: 0 PID: 13091 Comm: syz.1.1772 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 617.886787][T13091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 617.886809][T13091] Call Trace: [ 617.886819][T13091] [ 617.886832][T13091] dump_stack_lvl+0x16c/0x1f0 [ 617.886872][T13091] should_fail_ex+0x512/0x640 [ 617.886918][T13091] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 617.886958][T13091] should_failslab+0xc2/0x120 [ 617.886998][T13091] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 617.887033][T13091] ? alloc_uid+0x13d/0x4c0 [ 617.887076][T13091] ? _raw_spin_unlock_irq+0x23/0x50 [ 617.887127][T13091] alloc_uid+0x13d/0x4c0 [ 617.887159][T13091] ? __pfx_alloc_uid+0x10/0x10 [ 617.887189][T13091] ? security_prepare_creds+0xa7/0x270 [ 617.887219][T13091] __sys_setresuid+0x507/0x1160 [ 617.887251][T13091] do_syscall_64+0xcd/0x490 [ 617.887278][T13091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.887302][T13091] RIP: 0033:0x7faf1c98e9a9 [ 617.887321][T13091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 617.887344][T13091] RSP: 002b:00007faf1d72e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 617.887366][T13091] RAX: ffffffffffffffda RBX: 00007faf1cbb5fa0 RCX: 00007faf1c98e9a9 [ 617.887382][T13091] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 617.887395][T13091] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 617.887410][T13091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 617.887424][T13091] R13: 0000000000000000 R14: 00007faf1cbb5fa0 R15: 00007ffc0f874328 [ 617.887453][T13091] [ 618.459990][T13105] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1774'. [ 618.854144][ C1] sd 0:0:1:0: [sda] tag#3190 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 618.864725][ C1] sd 0:0:1:0: [sda] tag#3190 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 619.240311][T13118] bond0: option all_slaves_active: invalid value () [ 621.726638][T13132] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 622.364626][T13162] Invalid ELF header magic: != ELF [ 623.343880][T13176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1791'. [ 624.914696][T13195] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1794'. [ 625.411187][T13206] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1798'. [ 625.474872][T13206] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 625.482759][T13206] IPv6: NLM_F_CREATE should be set when creating new route [ 625.490085][T13206] IPv6: NLM_F_CREATE should be set when creating new route [ 625.543960][T13207] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1798'. [ 626.021435][T13212] Invalid ELF header magic: != ELF [ 627.303093][T13232] random: crng reseeded on system resumption [ 627.315423][ T37] ERROR: Out of memory at tomoyo_memory_ok. [ 627.347535][ T9475] ERROR: Out of memory at tomoyo_memory_ok. [ 627.519230][T13238] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1805'. [ 628.599920][T13254] syz.0.1809 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 628.950905][T13260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1810'. [ 629.565420][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.571810][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.604443][T13280] ptrace attach of "./syz-executor exec"[13281] was attempted by "./syz-executor exec"[13280] [ 633.181894][T12339] Bluetooth: hci2: unexpected event 0x14 length: 16 > 6 [ 633.554028][T13327] vivid-007: ================= START STATUS ================= [ 633.583838][T13327] vivid-007: Generate PTS: true [ 633.627236][T13327] vivid-007: Generate SCR: true [ 633.648563][T13327] tpg source WxH: 320x240 (Y'CbCr) [ 633.654223][T13327] tpg field: 1 [ 633.657900][T13327] tpg crop: (0,0)/320x240 [ 633.679465][T13327] tpg compose: (0,0)/320x240 [ 633.691571][T13327] tpg colorspace: 8 [ 633.700075][T13327] tpg transfer function: 0/0 [ 633.725948][T13327] tpg Y'CbCr encoding: 0/0 [ 633.733433][T13327] tpg quantization: 0/0 [ 633.764451][T13327] tpg RGB range: 0/2 [ 633.782676][T13327] vivid-007: ================== END STATUS ================== [ 633.801604][ T30] audit: type=1800 audit(4294967450.480:34): pid=13322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1824" name="dbroot" dev="configfs" ino=39637 res=0 errno=0 [ 635.074224][T13341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1828'. [ 637.148712][T13375] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1837'. [ 637.244035][T13378] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1837'. [ 638.247202][T13393] ubi0: attaching mtd0 [ 638.253950][T13393] ubi0: scanning is finished [ 638.258671][T13393] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 639.037349][T13393] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 641.319311][T13425] WARNING! power/level is deprecated; use power/control instead [ 641.331723][T13425] ICMPv6: process `syz.0.1846' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 644.151902][T13438] kexec: Could not allocate control_code_buffer [ 645.389119][T13482] FAULT_INJECTION: forcing a failure. [ 645.389119][T13482] name failslab, interval 1, probability 0, space 0, times 0 [ 645.465214][T13482] CPU: 1 UID: 0 PID: 13482 Comm: syz.2.1856 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 645.465263][T13482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 645.465284][T13482] Call Trace: [ 645.465295][T13482] [ 645.465308][T13482] dump_stack_lvl+0x16c/0x1f0 [ 645.465349][T13482] should_fail_ex+0x512/0x640 [ 645.465384][T13482] ? __kmalloc_noprof+0xbf/0x510 [ 645.465425][T13482] ? x509_get_sig_params+0x269/0x4a0 [ 645.465481][T13482] should_failslab+0xc2/0x120 [ 645.465522][T13482] __kmalloc_noprof+0xd2/0x510 [ 645.465580][T13482] x509_get_sig_params+0x269/0x4a0 [ 645.465644][T13482] x509_cert_parse+0x4e9/0x900 [ 645.465695][T13482] ? kasan_save_stack+0x42/0x60 [ 645.465727][T13482] ? kasan_save_stack+0x33/0x60 [ 645.465758][T13482] ? kasan_save_track+0x14/0x30 [ 645.465795][T13482] pkcs7_extract_cert+0xa4/0x320 [ 645.465836][T13482] asn1_ber_decoder+0xc5f/0x1df0 [ 645.465894][T13482] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 645.465966][T13482] pkcs7_parse_message+0x288/0x720 [ 645.466006][T13482] verify_pkcs7_signature+0x30/0xa0 [ 645.466055][T13482] valid_regdb+0x215/0x590 [ 645.466097][T13482] ? __pfx___mutex_lock+0x10/0x10 [ 645.466135][T13482] ? __pfx_valid_regdb+0x10/0x10 [ 645.466188][T13482] reg_reload_regdb+0x11e/0x460 [ 645.466236][T13482] ? __pfx_reg_reload_regdb+0x10/0x10 [ 645.466285][T13482] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 645.466313][T13482] ? nl80211_pre_doit+0x1b0/0xb10 [ 645.466352][T13482] genl_family_rcv_msg_doit+0x209/0x2f0 [ 645.466408][T13482] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 645.466457][T13482] ? rcu_is_watching+0x12/0xc0 [ 645.466509][T13482] ? bpf_lsm_capable+0x9/0x10 [ 645.466564][T13482] ? security_capable+0x7e/0x260 [ 645.466615][T13482] genl_rcv_msg+0x55c/0x800 [ 645.466670][T13482] ? __pfx_genl_rcv_msg+0x10/0x10 [ 645.466720][T13482] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 645.466751][T13482] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 645.466795][T13482] ? __pfx_nl80211_post_doit+0x10/0x10 [ 645.466843][T13482] netlink_rcv_skb+0x158/0x420 [ 645.466886][T13482] ? __pfx_genl_rcv_msg+0x10/0x10 [ 645.466938][T13482] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 645.467000][T13482] ? netlink_deliver_tap+0x1ae/0xd30 [ 645.467048][T13482] genl_rcv+0x28/0x40 [ 645.467092][T13482] netlink_unicast+0x58a/0x850 [ 645.467141][T13482] ? __pfx_netlink_unicast+0x10/0x10 [ 645.467196][T13482] netlink_sendmsg+0x8d1/0xdd0 [ 645.467247][T13482] ? __pfx_netlink_sendmsg+0x10/0x10 [ 645.467307][T13482] ____sys_sendmsg+0xa95/0xc70 [ 645.467357][T13482] ? copy_msghdr_from_user+0x10a/0x160 [ 645.467393][T13482] ? __pfx_____sys_sendmsg+0x10/0x10 [ 645.467453][T13482] ? __pfx_futex_wake_mark+0x10/0x10 [ 645.467511][T13482] ___sys_sendmsg+0x134/0x1d0 [ 645.467560][T13482] ? __pfx____sys_sendmsg+0x10/0x10 [ 645.467594][T13482] ? __lock_acquire+0x622/0x1c90 [ 645.467698][T13482] __sys_sendmsg+0x16d/0x220 [ 645.467737][T13482] ? __pfx___sys_sendmsg+0x10/0x10 [ 645.467773][T13482] ? __x64_sys_futex+0x1e0/0x4c0 [ 645.467850][T13482] do_syscall_64+0xcd/0x490 [ 645.467891][T13482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.467926][T13482] RIP: 0033:0x7f619e78e9a9 [ 645.467954][T13482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 645.467987][T13482] RSP: 002b:00007f619f641038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 645.468022][T13482] RAX: ffffffffffffffda RBX: 00007f619e9b6080 RCX: 00007f619e78e9a9 [ 645.468045][T13482] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 645.468066][T13482] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 645.468087][T13482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 645.468108][T13482] R13: 0000000000000000 R14: 00007f619e9b6080 R15: 00007ffeadb1f638 [ 645.468152][T13482] [ 645.848337][ C1] vkms_vblank_simulate: vblank timer overrun [ 647.877030][T13534] netlink: 302 bytes leftover after parsing attributes in process `syz.1.1866'. [ 647.893640][T13533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1865'. [ 648.418257][T12339] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 649.011812][T13562] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 649.702097][T13577] input: jJǸ-9%vJ86 as /devices/virtual/input/input23 [ 649.732998][ T5200] ERROR: Out of memory at tomoyo_memory_ok. [ 651.172987][T13594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1878'. [ 653.753029][T13639] ERROR: Out of memory at tomoyo_memory_ok. [ 654.638635][ T30] audit: type=1804 audit(4294967316.260:35): pid=13649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1889" name="/newroot/498/file0" dev="tmpfs" ino=2637 res=1 errno=0 [ 654.665343][ T30] audit: type=1800 audit(4294967316.290:36): pid=13649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1889" name="file0" dev="tmpfs" ino=2637 res=0 errno=0 [ 654.911022][T13655] ERROR: Out of memory at tomoyo_memory_ok. [ 655.673347][T13672] input: f as /devices/virtual/input/input24 [ 655.818938][T13675] random: crng reseeded on system resumption [ 655.846964][ T36] ERROR: Out of memory at tomoyo_memory_ok. [ 655.864871][ T4515] ERROR: Out of memory at tomoyo_memory_ok. [ 659.106539][ T30] audit: type=1800 audit(4294967320.710:37): pid=13718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1905" name="members" dev="configfs" ino=40517 res=0 errno=0 [ 659.156250][T13720] kAFS: No cell specified [ 660.545127][T13728] FAULT_INJECTION: forcing a failure. [ 660.545127][T13728] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 660.545180][T13728] CPU: 1 UID: 0 PID: 13728 Comm: syz.2.1908 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 660.545223][T13728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 660.545244][T13728] Call Trace: [ 660.545254][T13728] [ 660.545283][T13728] dump_stack_lvl+0x16c/0x1f0 [ 660.545323][T13728] should_fail_ex+0x512/0x640 [ 660.545365][T13728] should_fail_alloc_page+0xe7/0x130 [ 660.545410][T13728] prepare_alloc_pages+0x3c2/0x610 [ 660.545459][T13728] ? rcu_is_watching+0x12/0xc0 [ 660.545501][T13728] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 660.545544][T13728] ? rcu_is_watching+0x12/0xc0 [ 660.545579][T13728] ? trace_mm_page_alloc+0x11f/0x1a0 [ 660.545626][T13728] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 660.545664][T13728] ? __pfx_stack_trace_save+0x10/0x10 [ 660.545705][T13728] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 660.545755][T13728] ? alloc_vmap_area+0xdc8/0x29c0 [ 660.545796][T13728] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 660.545847][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.545895][T13728] ? do_syscall_64+0xcd/0x490 [ 660.545928][T13728] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.545981][T13728] alloc_pages_bulk_noprof+0x71c/0x1410 [ 660.546020][T13728] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 660.546081][T13728] ? policy_nodemask+0xea/0x4e0 [ 660.546135][T13728] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 660.546180][T13728] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 660.546243][T13728] kasan_populate_vmalloc+0xf1/0x1f0 [ 660.546315][T13728] alloc_vmap_area+0x959/0x29c0 [ 660.546385][T13728] ? __pfx_alloc_vmap_area+0x10/0x10 [ 660.546446][T13728] __get_vm_area_node+0x1ca/0x330 [ 660.546508][T13728] __vmalloc_node_range_noprof+0x271/0x14b0 [ 660.546566][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.546632][T13728] ? __lock_acquire+0xb8a/0x1c90 [ 660.546685][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.546754][T13728] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 660.546814][T13728] ? __alloc_pages_noprof+0xb/0x1b0 [ 660.546851][T13728] ? ___kmalloc_large_node+0x84/0x1e0 [ 660.546902][T13728] ? find_held_lock+0x2b/0x80 [ 660.546948][T13728] __kvmalloc_node_noprof+0x30a/0x620 [ 660.547042][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.547103][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.547168][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.547223][T13728] __do_sys_listmount+0x1c2/0xec0 [ 660.547286][T13728] ? __x64_sys_futex+0x1e0/0x4c0 [ 660.547331][T13728] ? __x64_sys_futex+0x1e9/0x4c0 [ 660.547380][T13728] ? __pfx___do_sys_listmount+0x10/0x10 [ 660.547458][T13728] do_syscall_64+0xcd/0x490 [ 660.547505][T13728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.547545][T13728] RIP: 0033:0x7f619e78e9a9 [ 660.547576][T13728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.547614][T13728] RSP: 002b:00007f619f641038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 660.547652][T13728] RAX: ffffffffffffffda RBX: 00007f619e9b6080 RCX: 00007f619e78e9a9 [ 660.547677][T13728] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 660.547702][T13728] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 660.547725][T13728] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 660.547749][T13728] R13: 0000000000000000 R14: 00007f619e9b6080 R15: 00007ffeadb1f638 [ 660.547797][T13728] [ 660.549418][T13728] syz.2.1908: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 660.955253][T13728] CPU: 1 UID: 0 PID: 13728 Comm: syz.2.1908 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 660.955282][T13728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 660.955295][T13728] Call Trace: [ 660.955302][T13728] [ 660.955311][T13728] dump_stack_lvl+0x16c/0x1f0 [ 660.955336][T13728] warn_alloc+0x248/0x3a0 [ 660.955359][T13728] ? __pfx_warn_alloc+0x10/0x10 [ 660.955381][T13728] ? kfree+0x2b4/0x4d0 [ 660.955419][T13728] ? __get_vm_area_node+0x208/0x330 [ 660.955454][T13728] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 660.955494][T13728] ? __lock_acquire+0xb8a/0x1c90 [ 660.955525][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.955564][T13728] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 660.955598][T13728] ? __alloc_pages_noprof+0xb/0x1b0 [ 660.955637][T13728] ? ___kmalloc_large_node+0x84/0x1e0 [ 660.955667][T13728] ? find_held_lock+0x2b/0x80 [ 660.955696][T13728] __kvmalloc_node_noprof+0x30a/0x620 [ 660.955734][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.955770][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.955809][T13728] ? __do_sys_listmount+0x1c2/0xec0 [ 660.955841][T13728] __do_sys_listmount+0x1c2/0xec0 [ 660.955880][T13728] ? __x64_sys_futex+0x1e0/0x4c0 [ 660.955907][T13728] ? __x64_sys_futex+0x1e9/0x4c0 [ 660.955935][T13728] ? __pfx___do_sys_listmount+0x10/0x10 [ 660.955992][T13728] do_syscall_64+0xcd/0x490 [ 660.956017][T13728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.956041][T13728] RIP: 0033:0x7f619e78e9a9 [ 660.956058][T13728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.956081][T13728] RSP: 002b:00007f619f641038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 660.956101][T13728] RAX: ffffffffffffffda RBX: 00007f619e9b6080 RCX: 00007f619e78e9a9 [ 660.956116][T13728] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 660.956130][T13728] RBP: 00007f619e810d69 R08: 0000000000000000 R09: 0000000000000000 [ 660.956145][T13728] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 660.956158][T13728] R13: 0000000000000000 R14: 00007f619e9b6080 R15: 00007ffeadb1f638 [ 660.956187][T13728] [ 660.956195][T13728] Mem-Info: [ 660.956204][T13728] active_anon:7751 inactive_anon:53425 isolated_anon:0 [ 660.956204][T13728] active_file:20090 inactive_file:37429 isolated_file:0 [ 660.956204][T13728] unevictable:768 dirty:1591 writeback:512 [ 660.956204][T13728] slab_reclaimable:11280 slab_unreclaimable:97815 [ 660.956204][T13728] mapped:37269 shmem:42024 pagetables:1432 [ 660.956204][T13728] sec_pagetables:0 bounce:0 [ 660.956204][T13728] kernel_misc_reclaimable:0 [ 660.956204][T13728] free:1252839 free_pcp:17816 free_cma:0 [ 660.956266][T13728] Node 0 active_anon:31004kB inactive_anon:213700kB active_file:80356kB inactive_file:149588kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:149076kB dirty:6364kB writeback:2048kB shmem:167960kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11280kB pagetables:5572kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 660.956329][T13728] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:136kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 660.956389][T13728] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 660.956453][T13728] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 660.956496][T13728] Node 0 DMA32 free:1108228kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:30960kB inactive_anon:213700kB active_file:79108kB inactive_file:149516kB unevictable:1536kB writepending:8412kB present:3129332kB managed:2540444kB mlocked:0kB bounce:0kB free_pcp:37092kB local_pcp:16716kB free_cma:0kB [ 660.956565][T13728] lowmem_reserve[]: 0 0 1 1 1 [ 660.956606][T13728] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1248kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 660.956671][T13728] lowmem_reserve[]: 0 0 0 0 0 [ 660.956712][T13728] Node 1 Normal free:3887748kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:34168kB local_pcp:6936kB free_cma:0kB [ 660.956779][T13728] lowmem_reserve[]: 0 0 0 0 0 [ 660.956831][T13728] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 660.956965][T13728] Node 0 DMA32: 141*4kB (UE) 758*8kB (UE) 331*16kB (UME) 263*32kB (UE) 368*64kB (UM) 412*128kB (UME) 183*256kB (UM) 58*512kB (UM) 31*1024kB (UM) 5*2048kB (UME) 218*4096kB (UM) = 1108084kB [ 660.957145][T13728] Node 0 Normal: 3*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 660.957267][T13728] Node 1 Normal: 3*4kB (UE) 1*8kB (U) 5*16kB (E) 11*32kB (UE) 11*64kB (UME) 4*128kB (UE) 6*256kB (UM) 1*512kB (M) 3*1024kB (UME) 1*2048kB (E) 947*4096kB (UM) = 3887748kB [ 660.957445][T13728] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 660.957463][T13728] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=2 hugepages_size=2048kB [ 660.957480][T13728] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 660.957497][T13728] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 660.957514][T13728] 99550 total pagecache pages [ 660.957523][T13728] 11 pages in swap cache [ 660.957530][T13728] Free swap = 124848kB [ 660.957538][T13728] Total swap = 124996kB [ 660.957546][T13728] 2097051 pages RAM [ 660.957554][T13728] 0 pages HighMem/MovableOnly [ 660.957561][T13728] 429962 pages reserved [ 660.957569][T13728] 0 pages cma reserved [ 665.084539][T13764] FAULT_INJECTION: forcing a failure. [ 665.084539][T13764] name failslab, interval 1, probability 0, space 0, times 0 [ 665.097403][T13764] CPU: 1 UID: 0 PID: 13764 Comm: syz.2.1915 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 665.097443][T13764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 665.097461][T13764] Call Trace: [ 665.097471][T13764] [ 665.097482][T13764] dump_stack_lvl+0x16c/0x1f0 [ 665.097517][T13764] should_fail_ex+0x512/0x640 [ 665.097547][T13764] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 665.097583][T13764] should_failslab+0xc2/0x120 [ 665.097624][T13764] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 665.097656][T13764] ? __d_alloc+0x31/0xaa0 [ 665.097692][T13764] __d_alloc+0x31/0xaa0 [ 665.097726][T13764] path_from_stashed+0x500/0xb00 [ 665.097762][T13764] ? __pfx_path_from_stashed+0x10/0x10 [ 665.097793][T13764] ? do_raw_spin_unlock+0x172/0x230 [ 665.097846][T13764] ns_get_path+0x5f/0x80 [ 665.097891][T13764] proc_ns_get_link+0x121/0x260 [ 665.097937][T13764] ? __pfx_proc_ns_get_link+0x10/0x10 [ 665.097985][T13764] ? atime_needs_update+0x8b/0x710 [ 665.098026][T13764] ? __pfx_proc_ns_get_link+0x10/0x10 [ 665.098072][T13764] step_into+0x1a29/0x2270 [ 665.098121][T13764] ? __pfx_step_into+0x10/0x10 [ 665.098163][T13764] ? find_held_lock+0x2b/0x80 [ 665.098204][T13764] path_openat+0x6db/0x2cb0 [ 665.098243][T13764] ? __pfx_path_openat+0x10/0x10 [ 665.098273][T13764] ? __lock_acquire+0xb8a/0x1c90 [ 665.098317][T13764] do_filp_open+0x20b/0x470 [ 665.098345][T13764] ? __pfx_do_filp_open+0x10/0x10 [ 665.098399][T13764] ? alloc_fd+0x471/0x7d0 [ 665.098452][T13764] do_sys_openat2+0x11b/0x1d0 [ 665.098490][T13764] ? __pfx_do_sys_openat2+0x10/0x10 [ 665.098543][T13764] __x64_sys_openat+0x174/0x210 [ 665.098582][T13764] ? __pfx___x64_sys_openat+0x10/0x10 [ 665.098641][T13764] do_syscall_64+0xcd/0x490 [ 665.098674][T13764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.098703][T13764] RIP: 0033:0x7f619e78d310 [ 665.098726][T13764] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 665.098753][T13764] RSP: 002b:00007f619f661f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 665.098780][T13764] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f619e78d310 [ 665.098798][T13764] RDX: 0000000000000002 RSI: 00007f619f661fa0 RDI: 00000000ffffff9c [ 665.098815][T13764] RBP: 00007f619f661fa0 R08: 0000000000000000 R09: 0000000000000000 [ 665.098832][T13764] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 665.098848][T13764] R13: 0000000000000000 R14: 00007f619e9b5fa0 R15: 00007ffeadb1f638 [ 665.098883][T13764] [ 667.728452][T13751] kexec: Could not allocate control_code_buffer [ 668.172156][T13800] random: crng reseeded on system resumption [ 668.181022][ T36] ERROR: Out of memory at tomoyo_memory_ok. [ 668.181587][ T9475] ERROR: Out of memory at tomoyo_memory_ok. [ 670.717521][ T30] audit: type=1107 audit(4294967332.337:38): pid=13832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 670.732708][T13833] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1930'. [ 670.822822][T13833] bond0: left allmulticast mode [ 670.836642][T13833] bond_slave_0: left allmulticast mode [ 670.903963][T13833] bond_slave_1: left allmulticast mode [ 670.974269][T13833] bond0: left promiscuous mode [ 670.979299][T13833] bond_slave_0: left promiscuous mode [ 671.036088][T13833] bond_slave_1: left promiscuous mode [ 671.042112][T13833] bridge0: port 3(bond0) entered disabled state [ 671.268772][T13833] bridge_slave_1: left allmulticast mode [ 671.339799][T13833] bridge_slave_1: left promiscuous mode [ 671.360880][T13833] bridge0: port 2(bridge_slave_1) entered disabled state [ 671.417893][T13833] bridge_slave_0: left allmulticast mode [ 671.425293][T13833] bridge_slave_0: left promiscuous mode [ 671.447218][T13833] bridge0: port 1(bridge_slave_0) entered disabled state [ 671.583963][T13836] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1931'. [ 672.075636][ T30] audit: type=1800 audit(4294967333.697:39): pid=13838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1932" name="members" dev="configfs" ino=41697 res=0 errno=0 [ 672.095972][ C1] vkms_vblank_simulate: vblank timer overrun [ 672.355730][T12339] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 674.171956][T13876] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 674.598710][ T37] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 956 with max blocks 11 with error 117 [ 674.677217][ T37] EXT4-fs (sda1): This should not happen!! Data will be lost [ 674.677217][ T37] [ 674.775277][T13882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1941'. [ 675.412080][T13890] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1944'. [ 675.792766][T12339] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 675.905593][T13907] zram: Removed device: zram0 [ 677.619520][T13916] FAULT_INJECTION: forcing a failure. [ 677.619520][T13916] name failslab, interval 1, probability 0, space 0, times 0 [ 677.737572][T13916] CPU: 0 UID: 0 PID: 13916 Comm: syz.1.1948 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 677.737620][T13916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 677.737640][T13916] Call Trace: [ 677.737650][T13916] [ 677.737664][T13916] dump_stack_lvl+0x16c/0x1f0 [ 677.737706][T13916] should_fail_ex+0x512/0x640 [ 677.737739][T13916] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 677.737786][T13916] should_failslab+0xc2/0x120 [ 677.737827][T13916] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 677.737869][T13916] ? apply_subsystem_event_filter+0x46d/0x17d0 [ 677.737922][T13916] kstrdup+0x53/0x100 [ 677.737960][T13916] apply_subsystem_event_filter+0x46d/0x17d0 [ 677.738021][T13916] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 677.738076][T13916] ? _copy_from_user+0x59/0xd0 [ 677.738120][T13916] subsystem_filter_write+0x95/0x120 [ 677.738167][T13916] ? __pfx_subsystem_filter_write+0x10/0x10 [ 677.738210][T13916] vfs_write+0x29d/0x1150 [ 677.738248][T13916] ? __pfx___mutex_lock+0x10/0x10 [ 677.738283][T13916] ? __pfx_vfs_write+0x10/0x10 [ 677.738327][T13916] ? __fget_files+0x20e/0x3c0 [ 677.738393][T13916] ksys_write+0x12a/0x250 [ 677.738424][T13916] ? __pfx_ksys_write+0x10/0x10 [ 677.738470][T13916] do_syscall_64+0xcd/0x490 [ 677.738508][T13916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.738551][T13916] RIP: 0033:0x7faf1c98e9a9 [ 677.738578][T13916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 677.738610][T13916] RSP: 002b:00007faf1a7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 677.738641][T13916] RAX: ffffffffffffffda RBX: 00007faf1cbb6080 RCX: 00007faf1c98e9a9 [ 677.738664][T13916] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 677.738686][T13916] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 677.738708][T13916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.738729][T13916] R13: 0000000000000000 R14: 00007faf1cbb6080 R15: 00007ffc0f874328 [ 677.738774][T13916] [ 679.059238][T13935] FAULT_INJECTION: forcing a failure. [ 679.059238][T13935] name failslab, interval 1, probability 0, space 0, times 0 [ 679.059291][T13935] CPU: 0 UID: 0 PID: 13935 Comm: syz.1.1953 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 679.059320][T13935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 679.059334][T13935] Call Trace: [ 679.059340][T13935] [ 679.059349][T13935] dump_stack_lvl+0x16c/0x1f0 [ 679.059376][T13935] should_fail_ex+0x512/0x640 [ 679.059418][T13935] ? __kmalloc_noprof+0xbf/0x510 [ 679.059446][T13935] ? vc_allocate+0x489/0x880 [ 679.059470][T13935] should_failslab+0xc2/0x120 [ 679.059498][T13935] __kmalloc_noprof+0xd2/0x510 [ 679.059529][T13935] vc_allocate+0x489/0x880 [ 679.059555][T13935] ? __pfx_vc_allocate+0x10/0x10 [ 679.059590][T13935] con_install+0xa1/0x600 [ 679.059618][T13935] ? __pfx_con_install+0x10/0x10 [ 679.059649][T13935] ? __pfx_con_install+0x10/0x10 [ 679.059684][T13935] tty_init_dev.part.0+0x99/0x500 [ 679.059717][T13935] tty_open+0xa50/0xf90 [ 679.059752][T13935] ? __pfx_tty_open+0x10/0x10 [ 679.059781][T13935] ? chrdev_open+0x58c/0x6a0 [ 679.059811][T13935] ? __pfx_tty_open+0x10/0x10 [ 679.059839][T13935] chrdev_open+0x231/0x6a0 [ 679.059866][T13935] ? __pfx_chrdev_open+0x10/0x10 [ 679.059894][T13935] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 679.059938][T13935] do_dentry_open+0x744/0x1c10 [ 679.059968][T13935] ? __pfx_chrdev_open+0x10/0x10 [ 679.059999][T13935] vfs_open+0x82/0x3f0 [ 679.060034][T13935] path_openat+0x1de4/0x2cb0 [ 679.060067][T13935] ? __pfx_path_openat+0x10/0x10 [ 679.060092][T13935] ? __lock_acquire+0xb8a/0x1c90 [ 679.060129][T13935] do_filp_open+0x20b/0x470 [ 679.060153][T13935] ? __pfx_do_filp_open+0x10/0x10 [ 679.060198][T13935] ? alloc_fd+0x471/0x7d0 [ 679.060244][T13935] do_sys_openat2+0x11b/0x1d0 [ 679.060276][T13935] ? __pfx_do_sys_openat2+0x10/0x10 [ 679.060320][T13935] __x64_sys_openat+0x174/0x210 [ 679.060353][T13935] ? __pfx___x64_sys_openat+0x10/0x10 [ 679.060398][T13935] do_syscall_64+0xcd/0x490 [ 679.060428][T13935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.060453][T13935] RIP: 0033:0x7faf1c98e9a9 [ 679.060471][T13935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 679.060495][T13935] RSP: 002b:00007faf1d72e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 679.060530][T13935] RAX: ffffffffffffffda RBX: 00007faf1cbb5fa0 RCX: 00007faf1c98e9a9 [ 679.060545][T13935] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 679.060560][T13935] RBP: 00007faf1ca10d69 R08: 0000000000000000 R09: 0000000000000000 [ 679.060573][T13935] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 679.060587][T13935] R13: 0000000000000000 R14: 00007faf1cbb5fa0 R15: 00007ffc0f874328 [ 679.060616][T13935] [ 681.425535][T13951] QAT: Stopping all acceleration devices. [ 685.591883][T13988] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1965'. [ 685.737787][T13986] usb usb36: usbfs: process 13986 (syz.2.1963) did not claim interface 0 before use [ 686.642868][T14015] vhci_hcd: invalid port number 16 [ 686.648149][T14015] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 687.059153][T14022] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1971'. [ 687.206454][T14022] veth1_macvtap (unregistering): left allmulticast mode [ 689.328754][T12339] Bluetooth: hci0: unexpected event 0x30 length: 47 > 3 [ 690.913907][T14070] netlink: 'syz.2.1982': attribute type 4 has an invalid length. [ 690.965680][T14070] netlink: 'syz.2.1982': attribute type 5 has an invalid length. [ 691.000445][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.006943][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.102704][T14070] netlink: 10 bytes leftover after parsing attributes in process `syz.2.1982'. [ 691.836110][T14087] tipc: Started in network mode [ 691.841290][T14087] tipc: Node identity ee00, cluster identity 4711 [ 691.904023][T14087] tipc: Node number set to 60928 [ 691.966726][T14082] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 952 with max blocks 15 with error 117 [ 692.024974][T14082] EXT4-fs (sda1): This should not happen!! Data will be lost [ 692.024974][T14082] [ 694.450991][T14114] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 957 with max blocks 10 with error 117 [ 694.523900][T14114] EXT4-fs (sda1): This should not happen!! Data will be lost [ 694.523900][T14114] [ 695.332762][T14122] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1992'. [ 695.343153][T14122] netlink: 'syz.3.1992': attribute type 1 has an invalid length. [ 695.350942][T14122] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1992'. [ 695.501178][T14135] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 696.063809][ T36] ERROR: Out of memory at tomoyo_memory_ok. [ 696.123196][T12339] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 696.123243][T12339] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 696.138275][T12339] Bluetooth: hci1: Dropping invalid advertising data [ 696.145053][T12339] Bluetooth: hci1: Dropping invalid advertising data [ 696.151800][T12339] Bluetooth: hci1: Dropping invalid advertising data [ 696.158587][T12339] Bluetooth: hci1: Malformed LE Event: 0x02 [ 696.390548][T14145] tipc: Started in network mode [ 696.398584][T14145] tipc: Node identity ee00, cluster identity 4711 [ 696.419462][T14145] tipc: Node number set to 60928 [ 696.434211][T14134] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 696.443064][T14134] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 696.449211][T14134] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 696.607070][T14141] Process accounting resumed [ 697.256684][T14153] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 698.516793][T12339] Bluetooth: hci0: command 0x0406 tx timeout [ 698.522923][T12339] Bluetooth: hci1: command 0x0406 tx timeout [ 698.529003][ T5164] Bluetooth: hci3: command 0x0406 tx timeout [ 700.581696][T14188] syz.1.2004 (14188): /proc/14185/oom_adj is deprecated, please use /proc/14185/oom_score_adj instead. [ 701.249768][T14203] netlink: 266 bytes leftover after parsing attributes in process `syz.2.2007'. [ 701.259151][T14203] IPv6: NLM_F_CREATE should be specified when creating new route [ 701.848660][T14216] ubi0: attaching mtd0 [ 701.854519][T14216] ubi0: scanning is finished [ 701.859192][T14216] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 702.641588][T14216] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 706.675237][T14244] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 707.009648][T14255] netlink: 306 bytes leftover after parsing attributes in process `syz.3.2017'. [ 708.375755][T14269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2019'. [ 708.785541][ T37] [ 708.788011][ T37] ====================================================== [ 708.795025][ T37] WARNING: possible circular locking dependency detected [ 708.802066][ T37] 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 Not tainted [ 708.809209][ T37] ------------------------------------------------------ [ 708.816229][ T37] kworker/u8:3/37 is trying to acquire lock: [ 708.822206][ T37] ffff88805a609358 (&disk->open_mutex){+.+.}-{4:4}, at: __del_gendisk+0xf5/0xbd0 [ 708.831358][ T37] [ 708.831358][ T37] but task is already holding lock: [ 708.838717][ T37] ffff88807b85d988 (&set->update_nr_hwq_lock){++++}-{4:4}, at: del_gendisk+0x136/0x1e0 [ 708.848403][ T37] [ 708.848403][ T37] which lock already depends on the new lock. [ 708.848403][ T37] [ 708.858818][ T37] [ 708.858818][ T37] the existing dependency chain (in reverse order) is: [ 708.867852][ T37] [ 708.867852][ T37] -> #2 (&set->update_nr_hwq_lock){++++}-{4:4}: [ 708.876326][ T37] down_write+0x92/0x200 [ 708.881113][ T37] blk_mq_update_nr_hw_queues+0x32/0xcb0 [ 708.887302][ T37] nbd_start_device+0x172/0xcd0 [ 708.892712][ T37] nbd_genl_connect+0x134b/0x1c60 [ 708.892746][ T37] genl_family_rcv_msg_doit+0x209/0x2f0 [ 708.904428][ T37] genl_rcv_msg+0x55c/0x800 [ 708.909513][ T37] netlink_rcv_skb+0x158/0x420 [ 708.914857][ T37] genl_rcv+0x28/0x40 [ 708.919439][ T37] netlink_unicast+0x58a/0x850 [ 708.924788][ T37] netlink_sendmsg+0x8d1/0xdd0 [ 708.930122][ T37] ____sys_sendmsg+0xa95/0xc70 [ 708.935457][ T37] ___sys_sendmsg+0x134/0x1d0 [ 708.940729][ T37] __sys_sendmsg+0x16d/0x220 [ 708.945885][ T37] do_syscall_64+0xcd/0x490 [ 708.950950][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.957380][ T37] [ 708.957380][ T37] -> #1 (&nbd->config_lock){+.+.}-{4:4}: [ 708.965229][ T37] __mutex_lock+0x199/0xb90 [ 708.970263][ T37] refcount_dec_and_mutex_lock+0x51/0xc0 [ 708.976431][ T37] nbd_config_put+0x31/0x750 [ 708.981558][ T37] nbd_release+0xb7/0x190 [ 708.986410][ T37] blkdev_put_whole+0xb0/0xf0 [ 708.991635][ T37] bdev_release+0x47e/0x6d0 [ 708.996705][ T37] blkdev_release+0x15/0x20 [ 709.001769][ T37] __fput+0x402/0xb70 [ 709.006319][ T37] fput_close_sync+0x118/0x260 [ 709.011626][ T37] __x64_sys_close+0x8b/0x120 [ 709.016863][ T37] do_syscall_64+0xcd/0x490 [ 709.021905][ T37] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.028335][ T37] [ 709.028335][ T37] -> #0 (&disk->open_mutex){+.+.}-{4:4}: [ 709.036187][ T37] __lock_acquire+0x126f/0x1c90 [ 709.041588][ T37] lock_acquire+0x179/0x350 [ 709.046647][ T37] __mutex_lock+0x199/0xb90 [ 709.051784][ T37] __del_gendisk+0xf5/0xbd0 [ 709.056832][ T37] del_gendisk+0x13e/0x1e0 [ 709.061841][ T37] nbd_dev_remove+0x3b/0xe0 [ 709.066892][ T37] process_one_work+0x9cc/0x1b70 [ 709.072392][ T37] worker_thread+0x6c8/0xf10 [ 709.077550][ T37] kthread+0x3c5/0x780 [ 709.082183][ T37] ret_from_fork+0x5d4/0x6f0 [ 709.087331][ T37] ret_from_fork_asm+0x1a/0x30 [ 709.092647][ T37] [ 709.092647][ T37] other info that might help us debug this: [ 709.092647][ T37] [ 709.102910][ T37] Chain exists of: [ 709.102910][ T37] &disk->open_mutex --> &nbd->config_lock --> &set->update_nr_hwq_lock [ 709.102910][ T37] [ 709.117209][ T37] Possible unsafe locking scenario: [ 709.117209][ T37] [ 709.124687][ T37] CPU0 CPU1 [ 709.130074][ T37] ---- ---- [ 709.135463][ T37] rlock(&set->update_nr_hwq_lock); [ 709.140788][ T37] lock(&nbd->config_lock); [ 709.147915][ T37] lock(&set->update_nr_hwq_lock); [ 709.155657][ T37] lock(&disk->open_mutex); [ 709.160286][ T37] [ 709.160286][ T37] *** DEADLOCK *** [ 709.160286][ T37] [ 709.168442][ T37] 3 locks held by kworker/u8:3/37: [ 709.173580][ T37] #0: ffff8880265e0148 ((wq_completion)nbd-del){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 709.184162][ T37] #1: ffffc90000ad7d10 ((work_completion)(&nbd->remove_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 709.195882][ T37] #2: ffff88807b85d988 (&set->update_nr_hwq_lock){++++}-{4:4}, at: del_gendisk+0x136/0x1e0 [ 709.206042][ T37] [ 709.206042][ T37] stack backtrace: [ 709.211951][ T37] CPU: 0 UID: 0 PID: 37 Comm: kworker/u8:3 Not tainted 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 709.211984][ T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 709.212003][ T37] Workqueue: nbd-del nbd_dev_remove_work [ 709.212029][ T37] Call Trace: [ 709.212038][ T37] [ 709.212047][ T37] dump_stack_lvl+0x116/0x1f0 [ 709.212074][ T37] print_circular_bug+0x275/0x350 [ 709.212111][ T37] check_noncircular+0x14c/0x170 [ 709.212149][ T37] __lock_acquire+0x126f/0x1c90 [ 709.212189][ T37] lock_acquire+0x179/0x350 [ 709.212224][ T37] ? __del_gendisk+0xf5/0xbd0 [ 709.212249][ T37] ? __pfx___might_resched+0x10/0x10 [ 709.212277][ T37] ? check_path.constprop.0+0x24/0x50 [ 709.212311][ T37] __mutex_lock+0x199/0xb90 [ 709.212336][ T37] ? __del_gendisk+0xf5/0xbd0 [ 709.212361][ T37] ? __del_gendisk+0xf5/0xbd0 [ 709.212385][ T37] ? __pfx___mutex_lock+0x10/0x10 [ 709.212417][ T37] ? __pfx___might_resched+0x10/0x10 [ 709.212448][ T37] ? __del_gendisk+0xf5/0xbd0 [ 709.212471][ T37] __del_gendisk+0xf5/0xbd0 [ 709.212496][ T37] ? down_read+0x13d/0x480 [ 709.212523][ T37] ? del_gendisk+0xb7/0x1e0 [ 709.212548][ T37] ? __pfx___del_gendisk+0x10/0x10 [ 709.212578][ T37] ? up_write+0x1b2/0x520 [ 709.212625][ T37] del_gendisk+0x13e/0x1e0 [ 709.212654][ T37] nbd_dev_remove+0x3b/0xe0 [ 709.212680][ T37] process_one_work+0x9cc/0x1b70 [ 709.212727][ T37] ? __pfx_process_one_work+0x10/0x10 [ 709.212783][ T37] ? assign_work+0x1a0/0x250 [ 709.212830][ T37] worker_thread+0x6c8/0xf10 [ 709.212874][ T37] ? __kthread_parkme+0x19e/0x250 [ 709.212902][ T37] ? __pfx_worker_thread+0x10/0x10 [ 709.212938][ T37] kthread+0x3c5/0x780 [ 709.212988][ T37] ? __pfx_kthread+0x10/0x10 [ 709.213023][ T37] ? rcu_is_watching+0x12/0xc0 [ 709.213049][ T37] ? __pfx_kthread+0x10/0x10 [ 709.213084][ T37] ret_from_fork+0x5d4/0x6f0 [ 709.213120][ T37] ? __pfx_kthread+0x10/0x10 [ 709.213155][ T37] ret_from_fork_asm+0x1a/0x30 [ 709.213188][ T37]