last executing test programs: 1m49.737556909s ago: executing program 2 (id=3263): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) getsockopt$auto(0xffffffffffffffff, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r1 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r1, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 1m49.040076142s ago: executing program 2 (id=3266): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r0, 0x0, 0x98c7) 1m48.90239069s ago: executing program 2 (id=3267): select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) 1m48.733512239s ago: executing program 2 (id=3270): mmap$auto(0x0, 0xfffffffffffffffe, 0x3, 0xeb3, 0xfffffffffffffffa, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x1) io_uring_register$auto_IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, 0x0, 0xc) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) open_by_handle_at$auto(r0, &(0x7f0000000480)={0xb4, 0x1e, "d5cb45bf3a85257cf184925b8dd3c6b4ba2f10e67122cbf74010d219333f2c634c3e01dae068eb200fac11aac7036e00eb07ace5ad056bcdf5bc266f99d6467f70017e9482374eff37af7bbecdc2d6389d2b5e78a50a4210767c870668ddcd0d3ae336ade6a363271b2fbaddc9ae97bf6ad4800dc0e850a5215973a1192b18930549f786880174c404722d369ef05a03034ac9241f0eaffe52d4363dc2e5c258bf3c4c5eab9b19fac68b638608cd45c7364f871b"}, 0x403) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x2c, 0x3, 0x9) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0xc00, 0x0) r2 = socket(0x15, 0x5, 0x0) getsockopt$auto(r2, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) write$auto(0x1, 0x0, 0x80000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) write$auto(r3, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) fcntl$auto(0x0, 0x407, 0x100000) 1m47.766527859s ago: executing program 2 (id=3273): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) timerfd_create$auto(0x9, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/49, 0x31) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, &(0x7f0000000000)={0x8, [0x2, 0xffffffff, 0x80000000], [{0x80, 0x2, 0x1, 0x1, 0x1}, {0x8000, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x6, 0x0, 0x1, 0x1}, {0x95, 0x400, 0x1, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x1}, {0x9, 0xfffffffe, 0x1, 0x1}, {0x1, 0xc1f, 0x1, 0x0, 0x1}, {0x2, 0xfe, 0x1, 0x0, 0x0, 0x1}, {0x3ff, 0x1, 0x0, 0x1, 0x1}, {0xc12, 0x5, 0x1, 0x0, 0x1}, {0x7ff, 0x4d3c, 0x0, 0x0, 0x1}, {0x2, 0x9, 0x1, 0x1, 0x1}], 0x7f, 0xfff, 0x3, 0x3, 0x6, 0x9, 0x80000000, "64b91cc75e50f9bfb73422d302bb9262ca4383f3137e87364ff62cfa69013312b39e05e3bb4c990e99e06e310552976c2f5b0732887c3a8873bae9024b524de3"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(r0, &(0x7f00000001c0)={&(0x7f0000000100)="6044bb67f5459d8e4e1e504b25452ef3e83b0b52c8f49e50044485180830a1ed51282827b917476d5ad380335434bdb1c564508879b5e5d57f2e26b641f809355a93e70dbfaf2f0b63d20cbc16247dc38b5b9a471f4ae0e2e7ba7d1b81eb247c8f12d9dc892059ba5533480195d2cf6ae62b01db81c6a987ae4049f3c8a3792bfa2ffd7fe02e4488d3f8cb44073a7975173dbeb67b1bbce6f6dbdd6b06f4236720ac56b65894942276743116", 0x4}, 0x3) ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, 0x0) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000540)={0x0, 0x6, "7636151d9b02ba4db36efb8adaeb205490055c8160618a793bc0ef02be6b53ab874d163664e76626154e19585266b4280ac77b4953f03208c9d0d81de29f87c95b44caf734b5f2e59f69b0fe4a5494f48d5300607cd488d34e391975e1aa7743568be0d261cfaa4f9b6174c390954234be5d151787f0c9c66dc02b5a5a89a56682d58f67fb6efb456c4569af2df4c3e2fe0f9223c43727d728cc77183d2ceb9a4b6797048cd4d028ae420b7deabcd6b4a367d87ec44bbe2522223a45c3c8c504c1bae057da778451ca39ef604724c73e5f577cda46ab42dd3392401d1c9bf8ba15c8299371980687c12430b63a504592439e0580a6f2a60bed1efbb23b7596b3"}) ioctl$auto(0xffffffffffffffff, 0x1403, r1) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x2, 0x9, 0x2, 0x6]}, 0x0) 1m46.629970934s ago: executing program 2 (id=3278): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) unlink$auto(&(0x7f0000000380)='./file0\x00') execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) write$auto_sg_fops_sg(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0x275e, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) 1m31.55756045s ago: executing program 32 (id=3278): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) unlink$auto(&(0x7f0000000380)='./file0\x00') execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) write$auto_sg_fops_sg(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129302, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0x275e, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) 11.213269123s ago: executing program 4 (id=3697): r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket(0xa, 0x1, 0x100) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x1000005, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioprio_set$auto(0x3, 0x0, 0x4b34) madvise$auto(0x16, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x204}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x9}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x973}]}, 0x50}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) 9.495680467s ago: executing program 4 (id=3709): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r2 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r2, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 8.88083929s ago: executing program 4 (id=3713): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r2 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r2, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 7.833645717s ago: executing program 4 (id=3717): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) ioctl$auto_SG_GET_ACCESS_COUNT(r2, 0x2289, &(0x7f00000001c0)="748c71542be98e770ba5c6ba43dff2587884738ab8c9fd79566afe07fed0766d2e8bd35c75d932c63b808ac700554d6a78d7bbe34b9917458bbc021fdb7ee40383d779897f9063e4b275c918f0673b89058d76baf95d9101d716f1deb20e64fb1855a6998b29bb21f4557521a2e6b09332284f8a1c410f8cb5237a2c2dfdf413c7896d1dbd0321cc7b0d144d5d53515e268687110969051804deb3cce3b2b0f81123e08f43a5d7120934107ad931d62e53d861d3f5e79eb900e9f537cc2f62eca0b4348aec16bb8ab6ad1463b157d37dbef4b455fead5a81a4f5149a5cd1c4") modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) pread64$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getpid() prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x48080, 0x0) fcntl$auto(0x3, 0x4, 0xa553) process_mrelease$auto(0xffffffffffffffff, 0x0) 7.109651135s ago: executing program 3 (id=3719): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r2 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r2, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 6.906471794s ago: executing program 1 (id=3720): close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/input/event2\x00', 0x40800, 0x0) ioctl$auto_EVIOCSKEYCODE(r0, 0x40084504, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, 0x0, 0x98c7) socket(0x10, 0x2, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) socket(0xa, 0x5, 0x84) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000002c0)={{@inferred, 0x5, 0x9, 0x1, "4941aa833e2fc65b6b3cf7cec76d6778ad8eac3cda35ba9c2b2d43eeb0dc59c8dd3500f11581916caa0d3053"}, 0x4, 0xfffffff9, 0x1, @inferred, @enumerated={0xffff, 0xffe, "4bd04167d52dbe3758dcb7641f58661870525adcaedaa5deaa336a58b7382f979a0ff0b3d9583c08610104000049d9f994ef5578e78507d4f25cd03a4c4b5700", 0x9, 0x3fd}, "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b05ba1183bedbd31b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) setsockopt$auto(0x3, 0x6d, 0x7, 0xffffffffffffffff, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socket(0x10, 0x2, 0xc) close_range$auto(0x2, 0x8, 0x0) 6.71070386s ago: executing program 4 (id=3721): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r2 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r2, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 6.601796136s ago: executing program 0 (id=3722): unshare$auto(0x40000080) ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) unshare$auto(0x20000080) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) accept4$auto(0xffffffffffffffff, &(0x7f0000000180)=@l2tp={0x2, 0x0, @remote, 0x3}, &(0x7f00000001c0)=0x5, 0x8001) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) capset$auto(0x0, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x5, 0x100000003, 0x9, 0x6, 0x1ff, 0x100000000, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0x1000, 0x80000001, 0x1]}, 0x0, &(0x7f0000000280)={0x10006, 0xcc}) 6.477400013s ago: executing program 3 (id=3723): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000180)='/proc/softirqs\x00', 0x400, 0x0) kill$auto(0x0, 0x12) preadv$auto(r0, &(0x7f0000009180)={&(0x7f0000008180), 0x7}, 0x26, 0x80, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0) clone$auto(0x20003b46, 0x100000000000005, 0x0, 0x0, 0x2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0xfffffffffffffffe, 0x200006, 0x6, 0x40eb1, 0x602, 0xcf05) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) mmap$auto(0x0, 0xffffffffffffffff, 0xffb, 0x8000000008011, r1, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto(r1, 0x541d, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 6.425528491s ago: executing program 1 (id=3724): socket(0x11, 0x80003, 0x300) rt_sigqueueinfo$auto(0x0, 0xc74, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/65, 0x41) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x3, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) syz_clone3(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) 4.822195286s ago: executing program 0 (id=3725): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0030e5", @ANYRES16=r1, @ANYBLOB="01002dbd7000f9dbdf25010000000500070058000000080009009c781e01060002000100000008001800030000000800190006000000"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) mmap$auto(0x1, 0x3, 0x1, 0xe31, 0xffffffffffffffff, 0xe0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) socket(0x2, 0x5, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dmmidi2\x00', 0x101, 0x0) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x3, 0xa00006, 0x4, 0x40eb1, 0x602, 0x300000000000) ioprio_set$auto(0x2, 0x0, 0x208) 4.821666033s ago: executing program 1 (id=3726): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r2 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r2, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 4.821514426s ago: executing program 4 (id=3727): ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = socket(0x1e, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendfile$auto(r2, r0, &(0x7f0000000080)=0x8, 0x3508) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getdents$auto(r3, 0x0, 0x41000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x18, 0x4, 0x0) ioctl$auto_RTC_WKALM_SET(r4, 0x4028700f, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20040, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r5 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) sendmsg$auto_IEEE802154_LLSEC_LIST_DEVKEY(r3, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x222c8518}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="e70229055399a2"], 0x14}, 0x1, 0x0, 0x0, 0x24000080}, 0x4000) ioctl$auto_posix_clock_file_operations_posix_clock(r5, 0x43403d05, 0x0) madvise$auto(0x0, 0x53, 0x9) 4.821388621s ago: executing program 3 (id=3728): close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/input/event2\x00', 0x40800, 0x0) ioctl$auto_EVIOCSKEYCODE(r0, 0x40084504, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, 0x0, 0x98c7) socket(0x10, 0x2, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000002c0)={{@inferred, 0x5, 0x9, 0x1, "4941aa833e2fc65b6b3cf7cec76d6778ad8eac3cda35ba9c2b2d43eeb0dc59c8dd3500f11581916caa0d3053"}, 0x4, 0xfffffff9, 0x1, @inferred, @enumerated={0xffff, 0xffe, "4bd04167d52dbe3758dcb7641f58661870525adcaedaa5deaa336a58b7382f979a0ff0b3d9583c08610104000049d9f994ef5578e78507d4f25cd03a4c4b5700", 0x9, 0x3fd}, "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b05ba1183bedbd31b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) setsockopt$auto(0x3, 0x6d, 0x7, 0xffffffffffffffff, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socket(0x10, 0x2, 0xc) close_range$auto(0x2, 0x8, 0x0) 3.435279849s ago: executing program 0 (id=3729): openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x468401, 0x0) r0 = socket(0x10, 0x2, 0x4) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) fstatfs$auto(0x3, 0x0) ioctl$auto(r2, 0x4b67, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x203, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x7, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, 0x0, 0x100000a3d9) write$auto(0xffffffffffffffff, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x6) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) read$auto_def_blk_fops_fs(r3, &(0x7f0000000140)=""/194, 0xc2) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x161640, 0x0) open(0x0, 0x80842, 0x20) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) madvise$auto(0xffffffffffff08b1, 0x20499c, 0x9) 3.200042071s ago: executing program 3 (id=3730): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x6, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0x70) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) adjtimex$auto(0x0) 3.197795706s ago: executing program 0 (id=3731): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x1f, 0x3, 0x400001) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[], 0x1ac}}, 0x4c041) r1 = socket(0xf, 0x5, 0xf) setsockopt$auto(r1, 0x6, 0xc, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mountinfo\x00', 0x42100, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r3) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) pidfd_open$auto(0xffffffffffffffff, 0x5) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_clock\x00', 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio1\x00', 0x20040, 0x0) fsopen$auto(0x0, 0x1) 3.187926065s ago: executing program 1 (id=3732): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={"6a95fb871712b7b953f18f982600960ad111411be8ac47c2164cf791ec7b1333", 0x9, 0x8, 0x2, 0x3, 0x9, 0xffffffffffffffff}) capset$auto(0x0, &(0x7f0000000100)={0x1000, 0xef, 0x5}) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) socket(0x2, 0x1, 0x0) r2 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r2, 0x0, 0x0) socket(0x11, 0x80003, 0x300) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) select$auto(0x5, &(0x7f00000001c0)={[0x1, 0x2, 0x8, 0x0, 0x8000, 0x3, 0x8, 0x5, 0x81, 0x0, 0x9, 0xe, 0x4, 0x1, 0x5, 0x8]}, &(0x7f0000000240)={[0x6, 0x6, 0x9, 0xfffffffffffffff4, 0x9, 0x2, 0x1, 0x1, 0x8000000000000000, 0x10, 0x4, 0x8, 0x100000000, 0x8, 0x9, 0x1000]}, &(0x7f00000002c0)={[0x0, 0xfffffffffffffffd, 0x2, 0x3, 0x4, 0xa398, 0x2, 0x80, 0x4, 0x597, 0x3, 0x400, 0x7, 0x40, 0x10000, 0x80000001]}, &(0x7f0000000340)={0x1, 0x9}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x3, 0xa) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a) 2.929905207s ago: executing program 1 (id=3733): socket(0x11, 0x80003, 0x300) rt_sigqueueinfo$auto(0x0, 0xc74, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/65, 0x41) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x3, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8) madvise$auto(0x0, 0x200007, 0x19) syz_clone3(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) 1.910966872s ago: executing program 0 (id=3734): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0xfc, 0x1, 0x2052, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) ioperm$auto(0x7, 0x800, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0xd, 0x1, 0x948d, 0x6, 0x15f4da0a, 0x3, 0x3, 0x33c, 0x8000001d, 0x20000007, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) ioctl$auto(r1, 0x400454cb, 0x5) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) unshare$auto(0x40000080) mmap$auto(0x7, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r3, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 1.585422105s ago: executing program 1 (id=3735): r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket(0xa, 0x1, 0x100) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x1000005, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioprio_set$auto(0x3, 0x0, 0x4b34) madvise$auto(0x16, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x204}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x9}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x973}]}, 0x50}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) 1.085138292s ago: executing program 3 (id=3736): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x15, 0x5, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x0, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x1, 0x0, 0x0, 0x0, 0x0, [0x90, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0xb, 0x0, 0xffffffffffffffff]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xc02, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x2, 0x0) socket(0x2b, 0x1, 0x1) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0}) close_range$auto(0x2, 0x8, 0x0) 270.277092ms ago: executing program 0 (id=3737): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/97, 0x61) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r2, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getpid() prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) process_mrelease$auto(0xffffffffffffffff, 0x0) fchown$auto(0x2, 0xffffffff, 0xa1a9) 0s ago: executing program 3 (id=3738): close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/input/event2\x00', 0x40800, 0x0) ioctl$auto_EVIOCSKEYCODE(r0, 0x40084504, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, 0x0, 0x98c7) socket(0x10, 0x2, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000002c0)={{@inferred, 0x5, 0x9, 0x1, "4941aa833e2fc65b6b3cf7cec76d6778ad8eac3cda35ba9c2b2d43eeb0dc59c8dd3500f11581916caa0d3053"}, 0x4, 0xfffffff9, 0x1, @inferred, @enumerated={0xffff, 0xffe, "4bd04167d52dbe3758dcb7641f58661870525adcaedaa5deaa336a58b7382f979a0ff0b3d9583c08610104000049d9f994ef5578e78507d4f25cd03a4c4b5700", 0x9, 0x3fd}, "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b05ba1183bedbd31b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) setsockopt$auto(0x3, 0x6d, 0x7, 0xffffffffffffffff, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socket(0x10, 0x2, 0xc) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): 0007ff17a1e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 479.773398][T12284] RAX: ffffffffffffffda RBX: 00007ff1795b5fa0 RCX: 00007ff17938e929 [ 479.773414][T12284] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 479.773430][T12284] RBP: 00007ff179410b39 R08: 0000000000000000 R09: 0000000000000000 [ 479.773445][T12284] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 479.773459][T12284] R13: 0000000000000000 R14: 00007ff1795b5fa0 R15: 00007fff82d7a248 [ 479.773493][T12284] [ 479.773502][T12284] Mem-Info: [ 480.137035][T12284] active_anon:44713 inactive_anon:2 isolated_anon:0 [ 480.137035][T12284] active_file:18992 inactive_file:41315 isolated_file:0 [ 480.137035][T12284] unevictable:768 dirty:738 writeback:1 [ 480.137035][T12284] slab_reclaimable:10788 slab_unreclaimable:94276 [ 480.137035][T12284] mapped:40541 shmem:21220 pagetables:1302 [ 480.137035][T12284] sec_pagetables:0 bounce:0 [ 480.137035][T12284] kernel_misc_reclaimable:0 [ 480.137035][T12284] free:1275026 free_pcp:25070 free_cma:0 [ 480.249758][T12284] Node 0 active_anon:177452kB inactive_anon:8kB active_file:75968kB inactive_file:165128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:156564kB dirty:2952kB writeback:4kB shmem:79812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11184kB pagetables:4844kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 480.339106][T12284] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3568kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 480.401214][T12284] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 480.437812][T12296] net_ratelimit: 78 callbacks suppressed [ 480.437832][T12296] netlink: zone id is out of range [ 480.449101][T12296] netlink: zone id is out of range [ 480.454233][T12296] netlink: zone id is out of range [ 480.460434][T12296] netlink: zone id is out of range [ 480.465580][T12296] netlink: zone id is out of range [ 480.470913][T12296] netlink: zone id is out of range [ 480.476045][T12296] netlink: zone id is out of range [ 480.481364][T12296] netlink: zone id is out of range [ 480.486497][T12296] netlink: zone id is out of range [ 480.496460][T12284] lowmem_reserve[]: 0 2481 2482 2482 2482 [ 480.497102][T12296] netlink: zone id is out of range [ 480.540662][T12284] Node 0 DMA32 free:1210312kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:179308kB inactive_anon:8kB active_file:75968kB inactive_file:163816kB unevictable:1536kB writepending:2956kB present:3129332kB managed:2540868kB mlocked:0kB bounce:0kB free_pcp:49508kB local_pcp:24540kB free_cma:0kB [ 480.634728][T12284] lowmem_reserve[]: 0 0 1 1 1 [ 480.666883][T12284] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:8kB free_cma:0kB [ 480.776657][T12284] lowmem_reserve[]: 0 0 0 0 0 [ 480.787595][T12284] Node 1 Normal free:3873212kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:55360kB local_pcp:29532kB free_cma:0kB [ 480.885558][T12284] lowmem_reserve[]: 0 0 0 0 0 [ 480.890655][T12284] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 480.903627][T12284] Node 0 DMA32: 38*4kB (UE) 846*8kB (UE) 349*16kB (UE) 335*32kB (UME) 469*64kB (UME) 357*128kB (UME) 273*256kB (UM) 142*512kB (UM) 74*1024kB (UME) 10*2048kB (UE) 213*4096kB (UM) = 1210232kB [ 480.922784][T12284] Node 0 Normal: 1*4kB (M) 2*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 480.935491][T12284] Node 1 Normal: 202*4kB (UME) 67*8kB (UME) 45*16kB (UE) 223*32kB (UE) 40*64kB (UE) 8*128kB (UE) 18*256kB (UME) 3*512kB (UM) 4*1024kB (UME) 6*2048kB (UME) 937*4096kB (UM) = 3873264kB [ 480.954021][T12284] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 480.963745][T12284] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 480.973227][T12284] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 480.982921][T12284] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 480.992414][T12284] 80739 total pagecache pages [ 480.997372][T12284] 14 pages in swap cache [ 481.001634][T12284] Free swap = 124984kB [ 481.005901][T12284] Total swap = 124996kB [ 481.010282][T12284] 2097051 pages RAM [ 481.014109][T12284] 0 pages HighMem/MovableOnly [ 481.018938][T12284] 429856 pages reserved [ 481.023113][T12284] 0 pages cma reserved [ 481.027313][T12284] tty tty26: ldisc open failed (-12), clearing slot 25 [ 481.057818][ T30] audit: type=1804 audit(4294967363.911:19): pid=12304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1693" name="/newroot/404/file0" dev="tmpfs" ino=2145 res=1 errno=0 [ 481.089479][ T30] audit: type=1800 audit(4294967363.911:20): pid=12304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1693" name="file0" dev="tmpfs" ino=2145 res=0 errno=0 [ 481.971551][ T5837] Bluetooth: hci2: unexpected event for opcode 0x0400 [ 483.293483][T12329] ERROR: Out of memory at tomoyo_memory_ok. [ 484.734077][T12362] ERROR: Out of memory at tomoyo_memory_ok. [ 484.842999][T12369] zswap: compressor not available [ 485.321059][T12384] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1711'. [ 486.047893][ T5837] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 486.057496][ T5837] Bluetooth: hci2: Injecting HCI hardware error event [ 486.066475][ T5837] Bluetooth: hci2: hardware error 0x00 [ 486.717752][T12402] net_ratelimit: 164 callbacks suppressed [ 486.717771][T12402] netlink: zone id is out of range [ 486.769291][T12402] netlink: zone id is out of range [ 486.774447][T12402] netlink: zone id is out of range [ 486.896410][T12402] netlink: zone id is out of range [ 486.901589][T12402] netlink: zone id is out of range [ 487.026250][T12402] netlink: zone id is out of range [ 487.031545][T12402] netlink: zone id is out of range [ 487.041659][T12402] netlink: zone id is out of range [ 487.051851][T12402] netlink: zone id is out of range [ 487.080349][T12402] netlink: zone id is out of range [ 487.136666][T12360] kexec: Could not allocate control_code_buffer [ 488.098557][T12413] FAULT_INJECTION: forcing a failure. [ 488.098557][T12413] name failslab, interval 1, probability 0, space 0, times 0 [ 488.111809][T12413] CPU: 0 UID: 0 PID: 12413 Comm: syz.0.1726 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 488.111832][T12413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 488.111842][T12413] Call Trace: [ 488.111847][T12413] [ 488.111853][T12413] dump_stack_lvl+0x16c/0x1f0 [ 488.111880][T12413] should_fail_ex+0x512/0x640 [ 488.111900][T12413] ? __kmalloc_noprof+0xbf/0x510 [ 488.111923][T12413] ? constrain_params_by_rules+0x175/0xca0 [ 488.111939][T12413] should_failslab+0xc2/0x120 [ 488.111953][T12413] __kmalloc_noprof+0xd2/0x510 [ 488.111972][T12413] ? unwind_get_return_address+0x59/0xa0 [ 488.111994][T12413] ? arch_stack_walk+0xa6/0x100 [ 488.112019][T12413] constrain_params_by_rules+0x175/0xca0 [ 488.112038][T12413] ? stack_trace_save+0x8e/0xc0 [ 488.112054][T12413] ? stack_depot_save_flags+0x28/0xa40 [ 488.112075][T12413] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 488.112095][T12413] ? __kasan_kmalloc+0xaa/0xb0 [ 488.112114][T12413] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 488.112130][T12413] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 488.112145][T12413] ? snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 488.112166][T12413] ? rcu_is_watching+0x12/0xc0 [ 488.112180][T12413] ? snd_interval_refine+0x2fa/0x580 [ 488.112202][T12413] snd_pcm_hw_refine+0x7de/0xad0 [ 488.112231][T12413] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 488.112254][T12413] ? __asan_memset+0x23/0x50 [ 488.112273][T12413] ? _snd_pcm_hw_param_min+0x259/0x630 [ 488.112291][T12413] snd_pcm_oss_change_params_locked+0x65e/0x3a30 [ 488.112308][T12413] ? preempt_count_sub+0x90/0x160 [ 488.112327][T12413] ? __mutex_lock+0x1ca/0xb90 [ 488.112347][T12413] ? rcu_is_watching+0x12/0xc0 [ 488.112362][T12413] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 488.112380][T12413] ? __pfx___mutex_lock+0x10/0x10 [ 488.112414][T12413] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 488.112433][T12413] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 488.112450][T12413] ? hook_file_ioctl_common+0x145/0x410 [ 488.112466][T12413] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 488.112484][T12413] ? __fget_files+0x20e/0x3c0 [ 488.112505][T12413] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 488.112522][T12413] __x64_sys_ioctl+0x18b/0x210 [ 488.112540][T12413] do_syscall_64+0xcd/0x490 [ 488.112563][T12413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 488.112577][T12413] RIP: 0033:0x7fe8ecd8e929 [ 488.112590][T12413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 488.112603][T12413] RSP: 002b:00007fe8edba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 488.112616][T12413] RAX: ffffffffffffffda RBX: 00007fe8ecfb6080 RCX: 00007fe8ecd8e929 [ 488.112625][T12413] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008 [ 488.112634][T12413] RBP: 00007fe8ece10b39 R08: 0000000000000000 R09: 0000000000000000 [ 488.112643][T12413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 488.112651][T12413] R13: 0000000000000000 R14: 00007fe8ecfb6080 R15: 00007fffc57d5748 [ 488.112669][T12413] [ 488.532311][ T5837] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 488.838098][T12426] syz.2.1720 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 489.050385][T12415] random: crng reseeded on system resumption [ 489.261831][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.272567][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.281905][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.292388][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.301951][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.314496][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.335374][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.345112][T12434] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1723'. [ 489.617363][T12438] ERROR: Out of memory at tomoyo_memory_ok. [ 489.771086][T12439] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1724'. [ 490.109135][T12422] kexec: Could not allocate control_code_buffer [ 492.213088][T12480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1734'. [ 492.225080][T12480] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1734'. [ 496.671575][T12551] vivid-007: ================= START STATUS ================= [ 496.684444][T12551] vivid-007: Generate PTS: true [ 496.724073][T12551] vivid-007: Generate SCR: true [ 496.742087][T12551] tpg source WxH: 320x240 (Y'CbCr) [ 496.752232][T12551] tpg field: 1 [ 496.764085][T12551] tpg crop: (0,0)/320x240 [ 496.776916][T12551] tpg compose: (0,0)/320x240 [ 496.792649][T12551] tpg colorspace: 8 [ 496.801437][T12551] tpg transfer function: 0/0 [ 496.812107][T12551] tpg Y'CbCr encoding: 0/0 [ 496.829752][T12551] tpg quantization: 0/0 [ 496.838803][T12551] tpg RGB range: 0/2 [ 496.863228][T12551] vivid-007: ================== END STATUS ================== [ 497.041411][T12561] ERROR: Out of memory at tomoyo_memory_ok. [ 497.285810][ T30] audit: type=1804 audit(4294967310.950:21): pid=12553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1750" name="/newroot/446/file0" dev="tmpfs" ino=2373 res=1 errno=0 [ 497.331092][ T30] audit: type=1800 audit(4294967310.980:22): pid=12553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1750" name="file0" dev="tmpfs" ino=2373 res=0 errno=0 [ 498.234335][T12580] bond0: option all_slaves_active: invalid value () [ 499.769366][T12611] random: crng reseeded on system resumption [ 499.854780][T12605] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1763'. [ 500.696772][T12617] net_ratelimit: 77 callbacks suppressed [ 500.696792][T12617] netlink: set zone limit has 8 unknown bytes [ 501.570064][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.576730][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.418624][T12652] ERROR: Out of memory at tomoyo_memory_ok. [ 503.348361][T12672] random: crng reseeded on system resumption [ 503.486748][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 503.504404][T12677] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1778'. [ 503.657772][T12680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1779'. [ 503.668792][T12680] netlink: 'syz.1.1779': attribute type 1 has an invalid length. [ 503.679150][T12680] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1779'. [ 504.859363][ T5837] Bluetooth: hci3: unexpected event 0x14 length: 11 > 6 [ 506.639904][T12743] ima: policy update failed [ 506.656587][ T30] audit: type=1802 audit(4294967320.310:23): pid=12743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1789" res=0 errno=0 [ 506.692298][T12731] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1789'. [ 508.198441][T12766] FAULT_INJECTION: forcing a failure. [ 508.198441][T12766] name failslab, interval 1, probability 0, space 0, times 0 [ 508.214323][T12766] CPU: 1 UID: 0 PID: 12766 Comm: syz.2.1794 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 508.214360][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 508.214376][T12766] Call Trace: [ 508.214385][T12766] [ 508.214395][T12766] dump_stack_lvl+0x16c/0x1f0 [ 508.214438][T12766] should_fail_ex+0x512/0x640 [ 508.214471][T12766] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 508.214515][T12766] should_failslab+0xc2/0x120 [ 508.214540][T12766] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 508.214581][T12766] ? cache_create_net+0x2b/0x220 [ 508.214624][T12766] kmemdup_noprof+0x29/0x60 [ 508.214662][T12766] cache_create_net+0x2b/0x220 [ 508.214703][T12766] ip_map_cache_create+0x60/0x130 [ 508.214742][T12766] ? __pfx_sunrpc_init_net+0x10/0x10 [ 508.214774][T12766] sunrpc_init_net+0x55/0x190 [ 508.214809][T12766] ops_init+0x1df/0x5f0 [ 508.214850][T12766] setup_net+0x1ff/0x510 [ 508.214871][T12766] ? lockdep_init_map_type+0x5c/0x280 [ 508.214904][T12766] ? __pfx_setup_net+0x10/0x10 [ 508.214931][T12766] ? debug_mutex_init+0x37/0x70 [ 508.214959][T12766] copy_net_ns+0x2a6/0x5f0 [ 508.214989][T12766] create_new_namespaces+0x3ea/0xa90 [ 508.215024][T12766] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 508.215054][T12766] ksys_unshare+0x45b/0xa40 [ 508.215086][T12766] ? __pfx_ksys_unshare+0x10/0x10 [ 508.215120][T12766] ? syscall_user_dispatch+0x78/0x140 [ 508.215166][T12766] __x64_sys_unshare+0x31/0x40 [ 508.215196][T12766] do_syscall_64+0xcd/0x490 [ 508.215234][T12766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.215268][T12766] RIP: 0033:0x7ff17938e929 [ 508.215290][T12766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.215320][T12766] RSP: 002b:00007ff17a1e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 508.215345][T12766] RAX: ffffffffffffffda RBX: 00007ff1795b5fa0 RCX: 00007ff17938e929 [ 508.215363][T12766] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 508.215378][T12766] RBP: 00007ff179410b39 R08: 0000000000000000 R09: 0000000000000000 [ 508.215395][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 508.215412][T12766] R13: 0000000000000000 R14: 00007ff1795b5fa0 R15: 00007fff82d7a248 [ 508.215448][T12766] [ 509.657240][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 512.201575][T12819] tipc: Started in network mode [ 512.211442][T12819] tipc: Node identity ee00, cluster identity 4711 [ 512.226250][T12819] tipc: Node number set to 60928 [ 513.321935][T12838] ERROR: Out of memory at tomoyo_memory_ok. [ 513.396397][T12838] FAULT_INJECTION: forcing a failure. [ 513.396397][T12838] name failslab, interval 1, probability 0, space 0, times 0 [ 513.437863][T12838] CPU: 1 UID: 0 PID: 12838 Comm: syz.0.1809 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 513.437902][T12838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 513.437919][T12838] Call Trace: [ 513.437928][T12838] [ 513.437938][T12838] dump_stack_lvl+0x16c/0x1f0 [ 513.437979][T12838] should_fail_ex+0x512/0x640 [ 513.438013][T12838] ? __kmalloc_noprof+0xbf/0x510 [ 513.438051][T12838] ? kernfs_fop_write_iter+0x237/0x510 [ 513.438078][T12838] should_failslab+0xc2/0x120 [ 513.438103][T12838] __kmalloc_noprof+0xd2/0x510 [ 513.438146][T12838] kernfs_fop_write_iter+0x237/0x510 [ 513.438179][T12838] vfs_write+0x6c4/0x1150 [ 513.438213][T12838] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 513.438242][T12838] ? __pfx___mutex_lock+0x10/0x10 [ 513.438277][T12838] ? __pfx_vfs_write+0x10/0x10 [ 513.438335][T12838] ksys_write+0x12a/0x250 [ 513.438369][T12838] ? __pfx_ksys_write+0x10/0x10 [ 513.438427][T12838] do_syscall_64+0xcd/0x490 [ 513.438467][T12838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.438494][T12838] RIP: 0033:0x7fe8ecd8e929 [ 513.438515][T12838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 513.438540][T12838] RSP: 002b:00007fe8edbca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 513.438565][T12838] RAX: ffffffffffffffda RBX: 00007fe8ecfb5fa0 RCX: 00007fe8ecd8e929 [ 513.438583][T12838] RDX: 0000000000000004 RSI: 0000200000000440 RDI: 000000000000000a [ 513.438599][T12838] RBP: 00007fe8ece10b39 R08: 0000000000000000 R09: 0000000000000000 [ 513.438614][T12838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.438629][T12838] R13: 0000000000000000 R14: 00007fe8ecfb5fa0 R15: 00007fffc57d5748 [ 513.438663][T12838] [ 519.734284][T12922] Invalid ELF header magic: != ELF [ 522.951355][T12948] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1844'. [ 523.460879][T12966] vivid-007: ================= START STATUS ================= [ 523.472451][T12966] vivid-007: Generate PTS: true [ 523.477548][T12966] vivid-007: Generate SCR: true [ 523.482673][T12966] tpg source WxH: 320x240 (Y'CbCr) [ 523.488708][T12966] tpg field: 1 [ 523.562094][T12966] tpg crop: (0,0)/320x240 [ 523.612353][T12966] tpg compose: (0,0)/320x240 [ 523.637728][T12966] tpg colorspace: 8 [ 523.672567][T12966] tpg transfer function: 0/0 [ 523.705599][T12966] tpg Y'CbCr encoding: 0/0 [ 523.735216][T12966] tpg quantization: 0/0 [ 523.783770][T12966] tpg RGB range: 0/2 [ 523.796413][T12966] vivid-007: ================== END STATUS ================== [ 525.381233][T12983] Invalid ELF header magic: != ELF [ 525.591931][T12989] ALSA: mixer_oss: invalid OSS volume '' [ 526.041693][T12994] can0: slcan on ttyS2. [ 526.138317][T12993] can0 (unregistered): slcan off ttyS2. [ 526.669322][T13003] netlink: set zone limit has 8 unknown bytes [ 528.587111][T13027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1854'. [ 533.557527][ T30] audit: type=1804 audit(4294967347.220:24): pid=13093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1867" name="file0" dev="tmpfs" ino=2639 res=1 errno=0 [ 533.625557][ T30] audit: type=1800 audit(4294967347.220:25): pid=13093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1867" name="file0" dev="tmpfs" ino=2639 res=0 errno=0 [ 535.290850][T13114] Invalid ELF header magic: != ELF [ 535.731249][ T30] audit: type=1804 audit(4294967349.400:26): pid=13123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1882" name="file0" dev="tmpfs" ino=2651 res=1 errno=0 [ 536.947934][T13137] sp0: Synchronizing with TNC [ 537.820223][ T30] audit: type=1800 audit(4294967351.480:27): pid=13157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1880" name="dbroot" dev="configfs" ino=39301 res=0 errno=0 [ 538.229746][T13162] syz.1.1892 (13162): /proc/13160/oom_adj is deprecated, please use /proc/13160/oom_score_adj instead. [ 538.378843][T13162] netlink: 'syz.1.1892': attribute type 1 has an invalid length. [ 538.396810][T13162] netlink: 33 bytes leftover after parsing attributes in process `syz.1.1892'. [ 538.837049][T13161] bond0: option all_slaves_active: invalid value () [ 540.636302][T13201] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1894'. [ 541.858758][T13214] Invalid ELF header magic: != ELF [ 542.004445][T13214] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1896'. [ 547.209977][T13263] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 547.216565][T13263] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 547.236357][T13263] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 548.216238][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 549.246668][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 549.246730][T10886] Bluetooth: hci1: command 0x0c1a tx timeout [ 551.313574][ T30] audit: type=1800 audit(4294967364.980:28): pid=13337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1922" name="dbroot" dev="configfs" ino=38620 res=0 errno=0 [ 556.611655][T13402] Invalid ELF header magic: != ELF                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        [ 623.051840][T14421] netlink: 296 bytes leftover after parsing attributes in process `syz.3.2147'. [ 623.954936][T14435] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2151'. [ 623.984976][T14435] netlink: 354 bytes leftover after parsing attributes in process `syz.3.2151'. [ 624.452623][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.459263][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.080689][T14445] Invalid ELF header magic: != ELF [ 631.829203][ T5837] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 635.481025][T14584] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2179'. [ 635.977130][T14596] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 635.977130][T14596] The task syz.0.2181 (14596) triggered the difference, watch for misbehavior. [ 637.831085][T14620] ima: policy update failed [ 637.854557][ T30] audit: type=1802 audit(4294967459.509:30): pid=14620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2187" res=0 errno=0 [ 637.855229][T14620] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2187'. [ 640.430351][ T5837] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 642.583710][T14667] Invalid ELF header magic: != ELF [ 643.130221][T10886] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 643.997968][T14686] tipc: can't start tipc receive workqueue [ 648.642504][T14757] Invalid ELF header magic: != ELF [ 650.895830][ T5837] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 650.904760][ T5837] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0' [ 650.915503][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: kworker/u9:3 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 650.915524][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 650.915535][ T5837] Workqueue: hci0 hci_rx_work [ 650.915553][ T5837] Call Trace: [ 650.915558][ T5837] [ 650.915564][ T5837] dump_stack_lvl+0x16c/0x1f0 [ 650.915588][ T5837] sysfs_warn_dup+0x7f/0xa0 [ 650.915608][ T5837] sysfs_create_dir_ns+0x24b/0x2b0 [ 650.915627][ T5837] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 650.915644][ T5837] ? find_held_lock+0x2b/0x80 [ 650.915662][ T5837] ? do_raw_spin_unlock+0x172/0x230 [ 650.915685][ T5837] kobject_add_internal+0x2c4/0x9b0 [ 650.915703][ T5837] kobject_add+0x16e/0x240 [ 650.915716][ T5837] ? __pfx_kobject_add+0x10/0x10 [ 650.915731][ T5837] ? do_raw_spin_unlock+0x172/0x230 [ 650.915752][ T5837] ? kobject_put+0xab/0x5a0 [ 650.915779][ T5837] device_add+0x288/0x1a70 [ 650.915794][ T5837] ? __pfx_dev_set_name+0x10/0x10 [ 650.915811][ T5837] ? __pfx_device_add+0x10/0x10 [ 650.915825][ T5837] ? mgmt_send_event_skb+0x2fb/0x460 [ 650.915851][ T5837] hci_conn_add_sysfs+0x17e/0x230 [ 650.915866][ T5837] le_conn_complete_evt+0x1075/0x1d70 [ 650.915892][ T5837] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 650.915912][ T5837] ? bt_warn+0xe4/0x120 [ 650.915930][ T5837] ? __pfx_bt_warn+0x10/0x10 [ 650.915953][ T5837] hci_le_conn_complete_evt+0x23c/0x370 [ 650.915978][ T5837] hci_le_meta_evt+0x354/0x5e0 [ 650.915997][ T5837] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 650.916022][ T5837] hci_event_packet+0x685/0x11c0 [ 650.916043][ T5837] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 650.916057][ T5837] ? __pfx_hci_event_packet+0x10/0x10 [ 650.916081][ T5837] ? kcov_remote_start+0x3c9/0x6d0 [ 650.916101][ T5837] ? lockdep_hardirqs_on+0x7c/0x110 [ 650.916126][ T5837] hci_rx_work+0x2c5/0x16b0 [ 650.916139][ T5837] ? rcu_is_watching+0x12/0xc0 [ 650.916156][ T5837] process_one_work+0x9cc/0x1b70 [ 650.916185][ T5837] ? __pfx_process_one_work+0x10/0x10 [ 650.916211][ T5837] ? assign_work+0x1a0/0x250 [ 650.916232][ T5837] worker_thread+0x6c8/0xf10 [ 650.916261][ T5837] ? __pfx_worker_thread+0x10/0x10 [ 650.916281][ T5837] kthread+0x3c5/0x780 [ 650.916301][ T5837] ? __pfx_kthread+0x10/0x10 [ 650.916321][ T5837] ? rcu_is_watching+0x12/0xc0 [ 650.916335][ T5837] ? __pfx_kthread+0x10/0x10 [ 650.916355][ T5837] ret_from_fork+0x5d4/0x6f0 [ 650.916373][ T5837] ? __pfx_kthread+0x10/0x10 [ 650.916392][ T5837] ret_from_fork_asm+0x1a/0x30 [ 650.916416][ T5837] [ 650.916434][ T5837] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 651.177271][ T5837] Bluetooth: hci0: failed to register connection device [ 651.855490][T14794] Invalid ELF header magic: != ELF [ 653.285895][T14818] Invalid ELF header magic: != ELF [ 656.751671][T14872] random: crng reseeded on system resumption [ 657.936609][T14879] FAULT_INJECTION: forcing a failure. [ 657.936609][T14879] name failslab, interval 1, probability 0, space 0, times 0 [ 657.951455][T14879] CPU: 1 UID: 0 PID: 14879 Comm: syz.0.2237 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 657.951491][T14879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 657.951507][T14879] Call Trace: [ 657.951515][T14879] [ 657.951525][T14879] dump_stack_lvl+0x16c/0x1f0 [ 657.951570][T14879] should_fail_ex+0x512/0x640 [ 657.951604][T14879] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 657.951644][T14879] should_failslab+0xc2/0x120 [ 657.951668][T14879] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 657.951706][T14879] ? __kernfs_new_node+0xd2/0x8e0 [ 657.951744][T14879] __kernfs_new_node+0xd2/0x8e0 [ 657.951782][T14879] ? __pfx___kernfs_new_node+0x10/0x10 [ 657.951824][T14879] ? find_held_lock+0x2b/0x80 [ 657.951850][T14879] ? kernfs_root+0xee/0x2a0 [ 657.951889][T14879] kernfs_new_node+0x13c/0x1e0 [ 657.951931][T14879] __kernfs_create_file+0x53/0x350 [ 657.951962][T14879] sysfs_add_file_mode_ns+0x207/0x3c0 [ 657.952002][T14879] internal_create_group+0x578/0xf30 [ 657.952045][T14879] ? __pfx_internal_create_group+0x10/0x10 [ 657.952085][T14879] ? kernfs_create_link+0x1bd/0x240 [ 657.952118][T14879] internal_create_groups+0x9d/0x150 [ 657.952155][T14879] device_add+0x6d1/0x1a70 [ 657.952185][T14879] ? __pfx_device_add+0x10/0x10 [ 657.952210][T14879] ? lockdep_init_map_type+0x5c/0x280 [ 657.952243][T14879] ? __init_waitqueue_head+0xca/0x150 [ 657.952299][T14879] netdev_register_kobject+0x182/0x3a0 [ 657.952332][T14879] register_netdevice+0x13dc/0x2270 [ 657.952365][T14879] ? __pfx_register_netdevice+0x10/0x10 [ 657.952402][T14879] __ip_tunnel_create+0x540/0x6e0 [ 657.952432][T14879] ? __pfx___ip_tunnel_create+0x10/0x10 [ 657.952472][T14879] ip_tunnel_init_net+0x22f/0x7d0 [ 657.952504][T14879] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 657.952540][T14879] ? trace_kmalloc+0x2b/0xd0 [ 657.952563][T14879] ? __kmalloc_noprof+0x242/0x510 [ 657.952595][T14879] ? lockdep_init_map_type+0x5c/0x280 [ 657.952631][T14879] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 657.952667][T14879] ops_init+0x1df/0x5f0 [ 657.952707][T14879] setup_net+0x1ff/0x510 [ 657.952729][T14879] ? lockdep_init_map_type+0x5c/0x280 [ 657.952762][T14879] ? __pfx_setup_net+0x10/0x10 [ 657.952787][T14879] ? debug_mutex_init+0x37/0x70 [ 657.952816][T14879] copy_net_ns+0x2a6/0x5f0 [ 657.952845][T14879] create_new_namespaces+0x3ea/0xa90 [ 657.952882][T14879] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 657.952912][T14879] ksys_unshare+0x45b/0xa40 [ 657.952943][T14879] ? __pfx_ksys_unshare+0x10/0x10 [ 657.952976][T14879] ? xfd_validate_state+0x61/0x180 [ 657.953018][T14879] __x64_sys_unshare+0x31/0x40 [ 657.953047][T14879] do_syscall_64+0xcd/0x490 [ 657.953086][T14879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.953112][T14879] RIP: 0033:0x7fe8ecd8e929 [ 657.953133][T14879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.953157][T14879] RSP: 002b:00007fe8edbca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 657.953182][T14879] RAX: ffffffffffffffda RBX: 00007fe8ecfb5fa0 RCX: 00007fe8ecd8e929 [ 657.953199][T14879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 657.953214][T14879] RBP: 00007fe8ece10b39 R08: 0000000000000000 R09: 0000000000000000 [ 657.953230][T14879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.953244][T14879] R13: 0000000000000000 R14: 00007fe8ecfb5fa0 R15: 00007fffc57d5748 [ 657.953286][T14879] [ 659.020320][T14895] Invalid ELF header magic: != ELF [ 659.060771][T14903] FAULT_INJECTION: forcing a failure. [ 659.060771][T14903] name failslab, interval 1, probability 0, space 0, times 0 [ 659.118073][T14903] CPU: 0 UID: 0 PID: 14903 Comm: syz.2.2243 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 659.118112][T14903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 659.118128][T14903] Call Trace: [ 659.118136][T14903] [ 659.118160][T14903] dump_stack_lvl+0x16c/0x1f0 [ 659.118203][T14903] should_fail_ex+0x512/0x640 [ 659.118236][T14903] ? __kmalloc_noprof+0xbf/0x510 [ 659.118273][T14903] ? snd_pcm_plugin_build+0x434/0x650 [ 659.118302][T14903] should_failslab+0xc2/0x120 [ 659.118327][T14903] __kmalloc_noprof+0xd2/0x510 [ 659.118361][T14903] ? __mutex_unlock_slowpath+0x91/0x6a0 [ 659.118404][T14903] snd_pcm_plugin_build+0x434/0x650 [ 659.118431][T14903] ? snd_pcm_plugin_build+0x4b7/0x650 [ 659.118465][T14903] snd_pcm_plugin_build_linear+0x29d/0x850 [ 659.118503][T14903] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 659.118541][T14903] ? snd_pcm_hw_params+0xcd/0x1b40 [ 659.118576][T14903] snd_pcm_plug_format_plugins+0x614/0x1430 [ 659.118611][T14903] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 659.118647][T14903] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 659.118689][T14903] snd_pcm_oss_change_params_locked+0x2dec/0x3a30 [ 659.118735][T14903] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 659.118793][T14903] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 659.118828][T14903] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 659.118859][T14903] ? hook_file_ioctl_common+0x145/0x410 [ 659.118887][T14903] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 659.118918][T14903] ? __fget_files+0x20e/0x3c0 [ 659.118955][T14903] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 659.118985][T14903] __x64_sys_ioctl+0x18b/0x210 [ 659.119017][T14903] do_syscall_64+0xcd/0x490 [ 659.119056][T14903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.119081][T14903] RIP: 0033:0x7ff17938e929 [ 659.119102][T14903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.119129][T14903] RSP: 002b:00007ff17a1bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 659.119164][T14903] RAX: ffffffffffffffda RBX: 00007ff1795b6080 RCX: 00007ff17938e929 [ 659.119182][T14903] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008 [ 659.119198][T14903] RBP: 00007ff179410b39 R08: 0000000000000000 R09: 0000000000000000 [ 659.119214][T14903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.119229][T14903] R13: 0000000000000000 R14: 00007ff1795b6080 R15: 00007fff82d7a248 [ 659.119266][T14903] [ 660.269119][T14920] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 664.771867][T14972] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 664.794445][T14972] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 664.855117][T14972] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 664.923029][T14972] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 664.943953][T14972] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 664.973182][T14972] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 665.040420][T14972] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 665.071720][T14972] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 665.889364][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 665.963882][T15010] Invalid ELF header magic: != ELF [ 666.822882][T15019] ERROR: Out of memory at tomoyo_memory_ok. [ 666.865605][T15023] ERROR: Out of memory at tomoyo_memory_ok. [ 667.017807][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 667.087979][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 667.846695][T15039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2273'. [ 667.969213][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 667.975536][T15039] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2273'. [ 669.087752][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 669.169817][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 670.047717][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 670.244974][T15073] FAULT_INJECTION: forcing a failure. [ 670.244974][T15073] name failslab, interval 1, probability 0, space 0, times 0 [ 670.277752][T15073] CPU: 1 UID: 0 PID: 15073 Comm: syz.1.2282 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 670.277790][T15073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 670.277806][T15073] Call Trace: [ 670.277815][T15073] [ 670.277824][T15073] dump_stack_lvl+0x16c/0x1f0 [ 670.277862][T15073] should_fail_ex+0x512/0x640 [ 670.277895][T15073] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 670.277928][T15073] should_failslab+0xc2/0x120 [ 670.277955][T15073] __kmalloc_cache_noprof+0x6a/0x3e0 [ 670.277989][T15073] ? slip_open+0x8cc/0x1150 [ 670.278018][T15073] ? kasan_save_track+0x14/0x30 [ 670.278071][T15073] slip_open+0x8cc/0x1150 [ 670.278104][T15073] ? __pfx_n_tty_close+0x10/0x10 [ 670.278137][T15073] ? __pfx_slip_open+0x10/0x10 [ 670.278167][T15073] ? down_write+0x14d/0x200 [ 670.278194][T15073] ? __pfx_slip_open+0x10/0x10 [ 670.278225][T15073] tty_ldisc_open+0x9f/0x120 [ 670.278260][T15073] tty_set_ldisc+0x32b/0x780 [ 670.278300][T15073] tty_ioctl+0xc2e/0x1640 [ 670.278339][T15073] ? __pfx_tty_ioctl+0x10/0x10 [ 670.278387][T15073] ? find_held_lock+0x2b/0x80 [ 670.278413][T15073] ? hook_file_ioctl_common+0x145/0x410 [ 670.278449][T15073] ? __fget_files+0x20e/0x3c0 [ 670.278487][T15073] ? __pfx_tty_ioctl+0x10/0x10 [ 670.278526][T15073] __x64_sys_ioctl+0x18b/0x210 [ 670.278560][T15073] do_syscall_64+0xcd/0x490 [ 670.278600][T15073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.278627][T15073] RIP: 0033:0x7f692598e929 [ 670.278649][T15073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.278676][T15073] RSP: 002b:00007f692680a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.278703][T15073] RAX: ffffffffffffffda RBX: 00007f6925bb5fa0 RCX: 00007f692598e929 [ 670.278721][T15073] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000a [ 670.278741][T15073] RBP: 00007f6925a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 670.278758][T15073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.278775][T15073] R13: 0000000000000000 R14: 00007f6925bb5fa0 R15: 00007ffc21519308 [ 670.278818][T15073] [ 671.100014][T15077] FAULT_INJECTION: forcing a failure. [ 671.100014][T15077] name failslab, interval 1, probability 0, space 0, times 0 [ 671.167761][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 671.221782][T15035] delete_channel: no stack [ 671.248958][T15077] CPU: 1 UID: 0 PID: 15077 Comm: syz.1.2283 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 671.249004][T15077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 671.249021][T15077] Call Trace: [ 671.249030][T15077] [ 671.249039][T15077] dump_stack_lvl+0x16c/0x1f0 [ 671.249082][T15077] should_fail_ex+0x512/0x640 [ 671.249115][T15077] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 671.249158][T15077] should_failslab+0xc2/0x120 [ 671.249183][T15077] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 671.249223][T15077] ? sysctl_core_net_init+0x42/0x280 [ 671.249260][T15077] kmemdup_noprof+0x29/0x60 [ 671.249297][T15077] sysctl_core_net_init+0x42/0x280 [ 671.249330][T15077] ? __pfx_sysctl_core_net_init+0x10/0x10 [ 671.249361][T15077] ops_init+0x1df/0x5f0 [ 671.249401][T15077] setup_net+0x1ff/0x510 [ 671.249423][T15077] ? lockdep_init_map_type+0x5c/0x280 [ 671.249458][T15077] ? __pfx_setup_net+0x10/0x10 [ 671.249486][T15077] ? debug_mutex_init+0x37/0x70 [ 671.249516][T15077] copy_net_ns+0x2a6/0x5f0 [ 671.249547][T15077] create_new_namespaces+0x3ea/0xa90 [ 671.249584][T15077] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 671.249615][T15077] ksys_unshare+0x45b/0xa40 [ 671.249647][T15077] ? __pfx_ksys_unshare+0x10/0x10 [ 671.249680][T15077] ? xfd_validate_state+0x61/0x180 [ 671.249720][T15077] __x64_sys_unshare+0x31/0x40 [ 671.249751][T15077] do_syscall_64+0xcd/0x490 [ 671.249790][T15077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 671.249817][T15077] RIP: 0033:0x7f692598e929 [ 671.249839][T15077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 671.249864][T15077] RSP: 002b:00007f692680a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 671.249889][T15077] RAX: ffffffffffffffda RBX: 00007f6925bb5fa0 RCX: 00007f692598e929 [ 671.249907][T15077] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 671.249923][T15077] RBP: 00007f6925a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 671.249939][T15077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 671.249955][T15077] R13: 0000000000000000 R14: 00007f6925bb5fa0 R15: 00007ffc21519308 [ 671.249997][T15077] [ 672.167712][T15094] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2286'. [ 672.260962][T15091] Invalid ELF header magic: != ELF [ 673.234894][T15101] Invalid ELF header magic: != ELF [ 673.851984][T15113] ERROR: Out of memory at tomoyo_memory_ok. [ 673.994399][T15113] FAULT_INJECTION: forcing a failure. [ 673.994399][T15113] name failslab, interval 1, probability 0, space 0, times 0 [ 674.144667][T15113] CPU: 1 UID: 0 PID: 15113 Comm: syz.1.2292 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 674.144692][T15113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 674.144702][T15113] Call Trace: [ 674.144709][T15113] [ 674.144715][T15113] dump_stack_lvl+0x16c/0x1f0 [ 674.144743][T15113] should_fail_ex+0x512/0x640 [ 674.144765][T15113] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 674.144790][T15113] should_failslab+0xc2/0x120 [ 674.144805][T15113] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 674.144827][T15113] ? __kernfs_new_node+0xd2/0x8e0 [ 674.144849][T15113] __kernfs_new_node+0xd2/0x8e0 [ 674.144871][T15113] ? __pfx___kernfs_new_node+0x10/0x10 [ 674.144895][T15113] ? find_held_lock+0x2b/0x80 [ 674.144910][T15113] ? kernfs_root+0xee/0x2a0 [ 674.144933][T15113] kernfs_new_node+0x13c/0x1e0 [ 674.144959][T15113] __kernfs_create_file+0x53/0x350 [ 674.144977][T15113] sysfs_add_file_mode_ns+0x207/0x3c0 [ 674.145001][T15113] internal_create_group+0x578/0xf30 [ 674.145026][T15113] ? __pfx_internal_create_group+0x10/0x10 [ 674.145049][T15113] ? kernfs_create_link+0x1bd/0x240 [ 674.145068][T15113] internal_create_groups+0x9d/0x150 [ 674.145091][T15113] device_add+0x6d1/0x1a70 [ 674.145108][T15113] ? __pfx_device_add+0x10/0x10 [ 674.145123][T15113] ? lockdep_init_map_type+0x5c/0x280 [ 674.145143][T15113] ? __init_waitqueue_head+0xca/0x150 [ 674.145171][T15113] netdev_register_kobject+0x182/0x3a0 [ 674.145190][T15113] register_netdevice+0x13dc/0x2270 [ 674.145209][T15113] ? __pfx_register_netdevice+0x10/0x10 [ 674.145229][T15113] internal_dev_create+0x2d3/0x520 [ 674.145246][T15113] ovs_vport_add+0x144/0x4d0 [ 674.145270][T15113] new_vport+0x16/0x1d0 [ 674.145290][T15113] ovs_dp_cmd_new+0x6ba/0xe60 [ 674.145314][T15113] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 674.145338][T15113] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 674.145358][T15113] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 674.145381][T15113] genl_family_rcv_msg_doit+0x209/0x2f0 [ 674.145400][T15113] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 674.145418][T15113] ? trace_cap_capable+0x18d/0x200 [ 674.145437][T15113] ? bpf_lsm_capable+0x9/0x10 [ 674.145455][T15113] ? security_capable+0x7e/0x260 [ 674.145478][T15113] ? ns_capable+0xd7/0x110 [ 674.145495][T15113] genl_rcv_msg+0x55c/0x800 [ 674.145515][T15113] ? __pfx_genl_rcv_msg+0x10/0x10 [ 674.145533][T15113] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 674.145555][T15113] ? __lock_acquire+0x622/0x1c90 [ 674.145576][T15113] netlink_rcv_skb+0x158/0x420 [ 674.145592][T15113] ? __pfx_genl_rcv_msg+0x10/0x10 [ 674.145611][T15113] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 674.145634][T15113] ? netlink_deliver_tap+0x1ae/0xd30 [ 674.145658][T15113] ? is_vmalloc_addr+0x86/0xa0 [ 674.145687][T15113] genl_rcv+0x28/0x40 [ 674.145703][T15113] netlink_unicast+0x53a/0x7f0 [ 674.145721][T15113] ? __pfx_netlink_unicast+0x10/0x10 [ 674.145742][T15113] netlink_sendmsg+0x8d1/0xdd0 [ 674.145760][T15113] ? __pfx_netlink_sendmsg+0x10/0x10 [ 674.145783][T15113] ____sys_sendmsg+0xa98/0xc70 [ 674.145801][T15113] ? copy_msghdr_from_user+0x10a/0x160 [ 674.145822][T15113] ? __pfx_____sys_sendmsg+0x10/0x10 [ 674.145843][T15113] ? __pfx_futex_wake_mark+0x10/0x10 [ 674.145867][T15113] ___sys_sendmsg+0x134/0x1d0 [ 674.145890][T15113] ? __pfx____sys_sendmsg+0x10/0x10 [ 674.145909][T15113] ? __lock_acquire+0x622/0x1c90 [ 674.145951][T15113] __sys_sendmsg+0x16d/0x220 [ 674.145974][T15113] ? __pfx___sys_sendmsg+0x10/0x10 [ 674.145995][T15113] ? __x64_sys_futex+0x1e0/0x4c0 [ 674.146024][T15113] do_syscall_64+0xcd/0x490 [ 674.146047][T15113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.146063][T15113] RIP: 0033:0x7f692598e929 [ 674.146076][T15113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.146090][T15113] RSP: 002b:00007f692680a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 674.146104][T15113] RAX: ffffffffffffffda RBX: 00007f6925bb5fa0 RCX: 00007f692598e929 [ 674.146114][T15113] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000008 [ 674.146123][T15113] RBP: 00007f6925a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 674.146133][T15113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.146141][T15113] R13: 0000000000000000 R14: 00007f6925bb5fa0 R15: 00007ffc21519308 [ 674.146160][T15113] [ 675.074729][T15123] HfR: entered promiscuous mode [ 675.111361][T15123] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2293'. [ 675.151288][T15123] openvswitch: HfR: Dropping previously announced user features [ 675.523836][T15126] Invalid ELF header magic: != ELF [ 676.350447][T15144] random: crng reseeded on system resumption [ 680.679726][T15198] Invalid ELF header magic: != ELF [ 681.850576][T15209] Invalid ELF header magic: != ELF [ 683.564690][T15244] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input23 [ 684.491678][T15261] Invalid ELF header magic: != ELF [ 684.709173][T15263] Invalid ELF header magic: != ELF [ 684.793863][T15262] Invalid ELF header magic: != ELF [ 685.681400][T15279] Invalid ELF header magic: != ELF [ 685.897447][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.904822][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.488502][T15288] Invalid ELF header magic: != ELF [ 690.374517][T15330] Invalid ELF header magic: != ELF [ 690.490491][T15325] Invalid ELF header magic: != ELF [ 690.996168][T15335] Invalid ELF header magic: != ELF [ 691.623099][T15348] FAULT_INJECTION: forcing a failure. [ 691.623099][T15348] name failslab, interval 1, probability 0, space 0, times 0 [ 691.672523][T15348] CPU: 1 UID: 0 PID: 15348 Comm: syz.2.2334 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 691.672563][T15348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 691.672579][T15348] Call Trace: [ 691.672587][T15348] [ 691.672598][T15348] dump_stack_lvl+0x16c/0x1f0 [ 691.672641][T15348] should_fail_ex+0x512/0x640 [ 691.672673][T15348] ? __kmalloc_noprof+0xbf/0x510 [ 691.672712][T15348] ? ptp_open+0x103/0x520 [ 691.672738][T15348] should_failslab+0xc2/0x120 [ 691.672762][T15348] __kmalloc_noprof+0xd2/0x510 [ 691.672803][T15348] ptp_open+0x103/0x520 [ 691.672836][T15348] ? __pfx_ptp_open+0x10/0x10 [ 691.672874][T15348] ? __pfx_ptp_open+0x10/0x10 [ 691.672900][T15348] posix_clock_open+0x17b/0x290 [ 691.672929][T15348] ? __pfx_posix_clock_open+0x10/0x10 [ 691.672956][T15348] chrdev_open+0x231/0x6a0 [ 691.672990][T15348] ? __pfx_apparmor_file_open+0x10/0x10 [ 691.673030][T15348] ? __pfx_chrdev_open+0x10/0x10 [ 691.673070][T15348] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 691.673110][T15348] do_dentry_open+0x744/0x1c10 [ 691.673146][T15348] ? __pfx_chrdev_open+0x10/0x10 [ 691.673188][T15348] vfs_open+0x82/0x3f0 [ 691.673219][T15348] path_openat+0x1de4/0x2cb0 [ 691.673264][T15348] ? __pfx_path_openat+0x10/0x10 [ 691.673299][T15348] ? __lock_acquire+0xb8a/0x1c90 [ 691.673334][T15348] do_filp_open+0x20b/0x470 [ 691.673368][T15348] ? __pfx_do_filp_open+0x10/0x10 [ 691.673428][T15348] ? alloc_fd+0x471/0x7d0 [ 691.673469][T15348] do_sys_openat2+0x11b/0x1d0 [ 691.673495][T15348] ? __pfx_do_sys_openat2+0x10/0x10 [ 691.673536][T15348] __x64_sys_openat+0x174/0x210 [ 691.673564][T15348] ? __pfx___x64_sys_openat+0x10/0x10 [ 691.673606][T15348] do_syscall_64+0xcd/0x490 [ 691.673643][T15348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.673669][T15348] RIP: 0033:0x7ff17938e929 [ 691.673691][T15348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 691.673715][T15348] RSP: 002b:00007ff17a1bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 691.673741][T15348] RAX: ffffffffffffffda RBX: 00007ff1795b6080 RCX: 00007ff17938e929 [ 691.673759][T15348] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 691.673776][T15348] RBP: 00007ff179410b39 R08: 0000000000000000 R09: 0000000000000000 [ 691.673792][T15348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 691.673808][T15348] R13: 0000000000000000 R14: 00007ff1795b6080 R15: 00007fff82d7a248 [ 691.673843][T15348] [ 693.783513][T15360] tipc: Started in network mode [ 693.819010][T15360] tipc: Node identity ee00, cluster identity 4711 [ 693.825496][T15360] tipc: Node number set to 60928 [ 694.440577][T15371] Invalid ELF header magic: != ELF [ 694.560636][T15364] Invalid ELF header magic: != ELF [ 694.611134][T15364] netlink: zone id is out of range [ 694.646636][T15364] netlink: zone id is out of range [ 694.658475][T15364] netlink: zone id is out of range [ 694.678239][T15364] netlink: zone id is out of range [ 694.683416][T15364] netlink: zone id is out of range [ 695.382588][T15387] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 695.715477][T15397] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input24 [ 696.533554][T15409] Invalid ELF header magic: != ELF [ 698.125322][T15426] Invalid ELF header magic: != ELF [ 698.570340][T15442] Invalid ELF header magic: != ELF [ 701.349503][T15476] Invalid ELF header magic: != ELF [ 701.398389][T15475] Invalid ELF header magic: != ELF [ 702.375472][T15486] Invalid ELF header magic: != ELF [ 703.728121][T15501] FAULT_INJECTION: forcing a failure. [ 703.728121][T15501] name failslab, interval 1, probability 0, space 0, times 0 [ 703.771066][T15501] CPU: 0 UID: 0 PID: 15501 Comm: syz.1.2365 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 703.771107][T15501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 703.771124][T15501] Call Trace: [ 703.771133][T15501] [ 703.771145][T15501] dump_stack_lvl+0x16c/0x1f0 [ 703.771190][T15501] should_fail_ex+0x512/0x640 [ 703.771225][T15501] ? __kmalloc_noprof+0xbf/0x510 [ 703.771262][T15501] ? mpi_alloc_limb_space+0x31/0x60 [ 703.771291][T15501] should_failslab+0xc2/0x120 [ 703.771315][T15501] __kmalloc_noprof+0xd2/0x510 [ 703.771359][T15501] mpi_alloc_limb_space+0x31/0x60 [ 703.771388][T15501] mpi_powm+0xbe2/0x1bf0 [ 703.771427][T15501] ? kasan_quarantine_put+0x10a/0x240 [ 703.771465][T15501] ? __pfx_mpi_powm+0x10/0x10 [ 703.771493][T15501] ? kfree+0x2b4/0x4d0 [ 703.771522][T15501] ? mpi_free+0xe1/0x160 [ 703.771556][T15501] ? mpi_free+0xe1/0x160 [ 703.771588][T15501] rsa_enc+0x1fe/0x3b0 [ 703.771626][T15501] ? __pfx_rsa_enc+0x10/0x10 [ 703.771660][T15501] ? __virt_addr_valid+0x81/0x610 [ 703.771685][T15501] ? __phys_addr+0xe8/0x180 [ 703.771719][T15501] ? sg_init_one+0xf5/0x1b0 [ 703.771756][T15501] rsassa_pkcs1_verify+0x502/0xb60 [ 703.771796][T15501] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 703.771845][T15501] ? rsa_max_size+0xd/0x70 [ 703.771877][T15501] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 703.771908][T15501] public_key_verify_signature+0x672/0x970 [ 703.771945][T15501] ? __pfx_public_key_verify_signature+0x10/0x10 [ 703.772004][T15501] x509_check_for_self_signed+0x31a/0x500 [ 703.772047][T15501] x509_cert_parse+0x5f8/0x900 [ 703.772077][T15501] ? kasan_save_stack+0x42/0x60 [ 703.772111][T15501] ? kasan_save_stack+0x33/0x60 [ 703.772143][T15501] ? kasan_save_track+0x14/0x30 [ 703.772179][T15501] pkcs7_extract_cert+0xa4/0x320 [ 703.772218][T15501] asn1_ber_decoder+0xc5f/0x1df0 [ 703.772271][T15501] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 703.772334][T15501] pkcs7_parse_message+0x288/0x720 [ 703.772373][T15501] verify_pkcs7_signature+0x30/0xa0 [ 703.772406][T15501] valid_regdb+0x215/0x590 [ 703.772436][T15501] ? __pfx___mutex_lock+0x10/0x10 [ 703.772475][T15501] ? __pfx_valid_regdb+0x10/0x10 [ 703.772510][T15501] reg_reload_regdb+0x11e/0x460 [ 703.772543][T15501] ? __pfx_reg_reload_regdb+0x10/0x10 [ 703.772573][T15501] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 703.772607][T15501] ? nl80211_pre_doit+0x1b0/0xb10 [ 703.772648][T15501] genl_family_rcv_msg_doit+0x209/0x2f0 [ 703.772682][T15501] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 703.772723][T15501] ? rcu_is_watching+0x12/0xc0 [ 703.772763][T15501] ? bpf_lsm_capable+0x9/0x10 [ 703.772792][T15501] ? security_capable+0x7e/0x260 [ 703.772837][T15501] genl_rcv_msg+0x55c/0x800 [ 703.772872][T15501] ? __pfx_genl_rcv_msg+0x10/0x10 [ 703.772902][T15501] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 703.772936][T15501] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 703.772962][T15501] ? __pfx_nl80211_post_doit+0x10/0x10 [ 703.773002][T15501] ? __lock_acquire+0x622/0x1c90 [ 703.773039][T15501] netlink_rcv_skb+0x158/0x420 [ 703.773066][T15501] ? __pfx_genl_rcv_msg+0x10/0x10 [ 703.773098][T15501] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 703.773140][T15501] ? netlink_deliver_tap+0x1ae/0xd30 [ 703.773166][T15501] ? is_vmalloc_addr+0x86/0xa0 [ 703.773203][T15501] genl_rcv+0x28/0x40 [ 703.773230][T15501] netlink_unicast+0x53a/0x7f0 [ 703.773261][T15501] ? __pfx_netlink_unicast+0x10/0x10 [ 703.773298][T15501] netlink_sendmsg+0x8d1/0xdd0 [ 703.773332][T15501] ? __pfx_netlink_sendmsg+0x10/0x10 [ 703.773374][T15501] ____sys_sendmsg+0xa98/0xc70 [ 703.773405][T15501] ? copy_msghdr_from_user+0x10a/0x160 [ 703.773440][T15501] ? __pfx_____sys_sendmsg+0x10/0x10 [ 703.773476][T15501] ? __pfx_futex_wake_mark+0x10/0x10 [ 703.773515][T15501] ___sys_sendmsg+0x134/0x1d0 [ 703.773553][T15501] ? __pfx____sys_sendmsg+0x10/0x10 [ 703.773586][T15501] ? __lock_acquire+0x622/0x1c90 [ 703.773661][T15501] __sys_sendmsg+0x16d/0x220 [ 703.773708][T15501] ? __pfx___sys_sendmsg+0x10/0x10 [ 703.773746][T15501] ? __x64_sys_futex+0x1e0/0x4c0 [ 703.773799][T15501] do_syscall_64+0xcd/0x490 [ 703.773839][T15501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.773867][T15501] RIP: 0033:0x7f692598e929 [ 703.773889][T15501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.773915][T15501] RSP: 002b:00007f692680a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 703.773941][T15501] RAX: ffffffffffffffda RBX: 00007f6925bb5fa0 RCX: 00007f692598e929 [ 703.773959][T15501] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000008 [ 703.773976][T15501] RBP: 00007f6925a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 703.773992][T15501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 703.774008][T15501] R13: 0000000000000000 R14: 00007f6925bb5fa0 R15: 00007ffc21519308 [ 703.774042][T15501] [ 707.925565][T15557] random: crng reseeded on system resumption [ 708.360151][T15574] tipc: Started in network mode [ 708.365077][T15574] tipc: Node identity ee00, cluster identity 4711 [ 708.371787][T15574] tipc: Node number set to 60928 [ 708.522278][T15571] Invalid ELF header magic: != ELF [ 709.918681][T15601] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input25 [ 711.637045][T15625] Invalid ELF header magic: != ELF [ 712.987947][T15637] Invalid ELF header magic: != ELF [ 714.538959][ T5837] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 715.560331][T15687] FAULT_INJECTION: forcing a failure. [ 715.560331][T15687] name fail_futex, interval 1, probability 0, space 0, times 0 [ 715.603654][T15687] CPU: 0 UID: 0 PID: 15687 Comm: syz.0.2400 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 715.603694][T15687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 715.603711][T15687] Call Trace: [ 715.603720][T15687] [ 715.603731][T15687] dump_stack_lvl+0x16c/0x1f0 [ 715.603771][T15687] should_fail_ex+0x512/0x640 [ 715.603804][T15687] ? unwind_get_return_address+0x59/0xa0 [ 715.603844][T15687] get_futex_key+0x1d0/0x1540 [ 715.603879][T15687] ? __pfx_get_futex_key+0x10/0x10 [ 715.603908][T15687] ? stack_trace_save+0x8e/0xc0 [ 715.603934][T15687] ? __pfx_stack_trace_save+0x10/0x10 [ 715.603960][T15687] ? stack_depot_save_flags+0x28/0xa40 [ 715.603998][T15687] futex_wait_setup+0x9d/0x550 [ 715.604041][T15687] __futex_wait+0x194/0x2f0 [ 715.604075][T15687] ? __pfx___futex_wait+0x10/0x10 [ 715.604115][T15687] ? __pfx_futex_wake_mark+0x10/0x10 [ 715.604169][T15687] futex_wait+0xe8/0x380 [ 715.604201][T15687] ? __pfx_futex_wait+0x10/0x10 [ 715.604242][T15687] ? kmem_cache_free+0x2d1/0x4d0 [ 715.604274][T15687] ? fd_install+0x225/0x750 [ 715.604311][T15687] ? putname+0x154/0x1a0 [ 715.604340][T15687] do_futex+0x229/0x350 [ 715.604369][T15687] ? __pfx_do_futex+0x10/0x10 [ 715.604405][T15687] __x64_sys_futex+0x1e0/0x4c0 [ 715.604437][T15687] ? __x64_sys_openat+0x174/0x210 [ 715.604465][T15687] ? __pfx___x64_sys_futex+0x10/0x10 [ 715.604504][T15687] do_syscall_64+0xcd/0x490 [ 715.604542][T15687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.604567][T15687] RIP: 0033:0x7fe8ecd8e929 [ 715.604588][T15687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.604612][T15687] RSP: 002b:00007fe8edbca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 715.604635][T15687] RAX: ffffffffffffffda RBX: 00007fe8ecfb5fa8 RCX: 00007fe8ecd8e929 [ 715.604652][T15687] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe8ecfb5fa8 [ 715.604668][T15687] RBP: 00007fe8ecfb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 715.604683][T15687] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe8ecfb5fac [ 715.604698][T15687] R13: 0000000000000000 R14: 00007fffc57d5660 R15: 00007fffc57d5748 [ 715.604733][T15687] [ 717.084029][T15706] Invalid ELF header magic: != ELF [ 718.302325][T15718] Invalid ELF header magic: != ELF [ 721.205472][T15778] Invalid ELF header magic: != ELF [ 723.612972][T15810] Invalid ELF header magic: != ELF [ 724.296907][T15826] FAULT_INJECTION: forcing a failure. [ 724.296907][T15826] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 724.312572][T15826] CPU: 1 UID: 0 PID: 15826 Comm: syz.1.2428 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 724.312610][T15826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 724.312626][T15826] Call Trace: [ 724.312635][T15826] [ 724.312646][T15826] dump_stack_lvl+0x16c/0x1f0 [ 724.312679][T15826] should_fail_ex+0x512/0x640 [ 724.312708][T15826] should_fail_alloc_page+0xe7/0x130 [ 724.312724][T15826] prepare_alloc_pages+0x3c2/0x610 [ 724.312742][T15826] ? __lock_acquire+0x622/0x1c90 [ 724.312763][T15826] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 724.312791][T15826] ? find_held_lock+0x2b/0x80 [ 724.312806][T15826] ? mtree_load+0x309/0xa40 [ 724.312825][T15826] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 724.312849][T15826] ? mtree_load+0x325/0xa40 [ 724.312874][T15826] ? __up_read+0x1f8/0x750 [ 724.312895][T15826] ? __pfx___up_read+0x10/0x10 [ 724.312914][T15826] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 724.312937][T15826] ? policy_nodemask+0xea/0x4e0 [ 724.312952][T15826] alloc_pages_mpol+0x1fb/0x550 [ 724.312966][T15826] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 724.312980][T15826] ? do_raw_spin_lock+0x12c/0x2b0 [ 724.313001][T15826] ? __pfx___access_remote_vm+0x10/0x10 [ 724.313026][T15826] alloc_pages_noprof+0x131/0x390 [ 724.313041][T15826] get_free_pages_noprof+0x10/0xb0 [ 724.313055][T15826] proc_pid_cmdline_read+0x46d/0x900 [ 724.313075][T15826] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 724.313094][T15826] ? rw_verify_area+0xcf/0x680 [ 724.313112][T15826] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 724.313130][T15826] vfs_read+0x1e4/0xc60 [ 724.313152][T15826] ? __pfx___mutex_lock+0x10/0x10 [ 724.313174][T15826] ? __pfx_vfs_read+0x10/0x10 [ 724.313205][T15826] ? __fget_files+0x20e/0x3c0 [ 724.313230][T15826] ksys_read+0x12a/0x250 [ 724.313249][T15826] ? __pfx_ksys_read+0x10/0x10 [ 724.313276][T15826] do_syscall_64+0xcd/0x490 [ 724.313300][T15826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.313315][T15826] RIP: 0033:0x7f692598e929 [ 724.313328][T15826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.313342][T15826] RSP: 002b:00007f692680a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 724.313356][T15826] RAX: ffffffffffffffda RBX: 00007f6925bb5fa0 RCX: 00007f692598e929 [ 724.313367][T15826] RDX: 000000000000009f RSI: 0000200000000040 RDI: 0000000000000007 [ 724.313377][T15826] RBP: 00007f6925a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 724.313386][T15826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.313395][T15826] R13: 0000000000000000 R14: 00007f6925bb5fa0 R15: 00007ffc21519308 [ 724.313414][T15826] [ 724.854701][T15828] Invalid ELF header magic: != ELF [ 726.276990][T15845] Invalid ELF header magic: != ELF [ 727.485702][T15870] Invalid ELF header magic: != ELF [ 727.663358][T15873] netlink: 296 bytes leftover after parsing attributes in process `syz.1.2437'. [ 728.677755][T15895] Invalid ELF header magic: != ELF [ 731.001641][T15932] Invalid ELF header magic: != ELF [ 731.325226][T15936] Invalid ELF header magic: != ELF [ 732.982373][T15956] Invalid ELF header magic: != ELF [ 734.465603][T15981] Invalid ELF header magic: != ELF [ 738.756414][T16041] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2469'. [ 738.793130][T16041] netlink: 102 bytes leftover after parsing attributes in process `syz.1.2469'. [ 743.280629][T16095] Invalid ELF header magic: != ELF [ 744.962632][T16123] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2486'. [ 747.355431][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.361885][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 750.298738][T16212] Invalid ELF header magic: != ELF [ 751.346382][T16234] Invalid ELF header magic: != ELF [ 753.183968][T16259] Invalid ELF header magic: != ELF [ 755.598460][T16294] Invalid ELF header magic: != ELF [ 758.259399][T16340] Invalid ELF header magic: != ELF [ 758.848022][T16356] Invalid ELF header magic: != ELF [ 761.311251][T16390] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2532'. [ 763.088274][T16421] Invalid ELF header magic: != ELF [ 764.497133][T16430] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2540'. [ 765.804408][T16456] Invalid ELF header magic: != ELF [ 767.499396][T16487] Invalid ELF header magic: != ELF [ 767.847574][T16479] kafs: addr_prefs: Invalid Command [ 768.391182][T16478] kexec: Could not allocate control_code_buffer [ 768.644498][T16496] Invalid ELF header magic: != ELF [ 771.306762][T16535] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 772.872329][T16551] Invalid ELF header magic: != ELF [ 773.952444][T16577] Invalid ELF header magic: != ELF [ 775.218123][T16596] ERROR: Out of memory at tomoyo_memory_ok. [ 775.266952][T16599] ERROR: Out of memory at tomoyo_memory_ok. [ 775.304106][T16597] Invalid ELF header magic: != ELF [ 775.719920][T16603] random: crng reseeded on system resumption [ 777.904676][T16639] Invalid ELF header magic: != ELF [ 778.040492][T16644] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2578'. [ 778.123165][T16644] netlink: 102 bytes leftover after parsing attributes in process `syz.3.2578'. [ 780.056673][T16666] Invalid ELF header magic: != ELF [ 782.122336][T16694] Invalid ELF header magic: != ELF [ 782.532640][T16707] Invalid ELF header magic: != ELF [ 783.385558][T16722] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2591'. [ 783.435473][T16722] netlink: 102 bytes leftover after parsing attributes in process `syz.0.2591'. [ 785.505905][T16745] Invalid ELF header magic: != ELF [ 786.832064][T16716] delete_channel: no stack [ 787.472477][T16767] ERROR: Out of memory at tomoyo_memory_ok. [ 787.563728][T16767] FAULT_INJECTION: forcing a failure. [ 787.563728][T16767] name failslab, interval 1, probability 0, space 0, times 0 [ 787.768791][T16767] CPU: 1 UID: 0 PID: 16767 Comm: syz.0.2599 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 787.768832][T16767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 787.768849][T16767] Call Trace: [ 787.768858][T16767] [ 787.768868][T16767] dump_stack_lvl+0x16c/0x1f0 [ 787.768914][T16767] should_fail_ex+0x512/0x640 [ 787.768948][T16767] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 787.768990][T16767] should_failslab+0xc2/0x120 [ 787.769015][T16767] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 787.769052][T16767] ? __kernfs_new_node+0xd2/0x8e0 [ 787.769092][T16767] __kernfs_new_node+0xd2/0x8e0 [ 787.769127][T16767] ? kernfs_add_one+0x14e/0x840 [ 787.769161][T16767] ? __pfx___kernfs_new_node+0x10/0x10 [ 787.769203][T16767] ? find_held_lock+0x2b/0x80 [ 787.769231][T16767] ? kernfs_root+0xee/0x2a0 [ 787.769270][T16767] kernfs_new_node+0x13c/0x1e0 [ 787.769314][T16767] kernfs_create_link+0xcc/0x240 [ 787.769345][T16767] sysfs_do_create_link_sd+0x90/0x140 [ 787.769383][T16767] sysfs_create_link+0x61/0xc0 [ 787.769424][T16767] device_add+0x50a/0x1a70 [ 787.769458][T16767] ? __pfx_device_add+0x10/0x10 [ 787.769485][T16767] ? lockdep_init_map_type+0x5c/0x280 [ 787.769519][T16767] ? __init_waitqueue_head+0xca/0x150 [ 787.769564][T16767] netdev_register_kobject+0x182/0x3a0 [ 787.769597][T16767] register_netdevice+0x13dc/0x2270 [ 787.769631][T16767] ? __pfx_register_netdevice+0x10/0x10 [ 787.769667][T16767] internal_dev_create+0x2d3/0x520 [ 787.769697][T16767] ovs_vport_add+0x144/0x4d0 [ 787.769738][T16767] new_vport+0x16/0x1d0 [ 787.769771][T16767] ovs_dp_cmd_new+0x6ba/0xe60 [ 787.769815][T16767] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 787.769857][T16767] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 787.769889][T16767] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 787.769930][T16767] genl_family_rcv_msg_doit+0x209/0x2f0 [ 787.769992][T16767] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 787.770025][T16767] ? trace_cap_capable+0x18d/0x200 [ 787.770060][T16767] ? bpf_lsm_capable+0x9/0x10 [ 787.770090][T16767] ? security_capable+0x7e/0x260 [ 787.770129][T16767] ? ns_capable+0xd7/0x110 [ 787.770157][T16767] genl_rcv_msg+0x55c/0x800 [ 787.770193][T16767] ? __pfx_genl_rcv_msg+0x10/0x10 [ 787.770224][T16767] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 787.770272][T16767] netlink_rcv_skb+0x158/0x420 [ 787.770298][T16767] ? __pfx_genl_rcv_msg+0x10/0x10 [ 787.770330][T16767] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 787.770372][T16767] ? netlink_deliver_tap+0x1ae/0xd30 [ 787.770413][T16767] genl_rcv+0x28/0x40 [ 787.770441][T16767] netlink_unicast+0x53a/0x7f0 [ 787.770472][T16767] ? __pfx_netlink_unicast+0x10/0x10 [ 787.770511][T16767] netlink_sendmsg+0x8d1/0xdd0 [ 787.770545][T16767] ? __pfx_netlink_sendmsg+0x10/0x10 [ 787.770586][T16767] ____sys_sendmsg+0xa98/0xc70 [ 787.770617][T16767] ? copy_msghdr_from_user+0x10a/0x160 [ 787.770654][T16767] ? __pfx_____sys_sendmsg+0x10/0x10 [ 787.770680][T16767] ? preempt_schedule_thunk+0x16/0x30 [ 787.770718][T16767] ? try_to_wake_up+0xa2f/0x1680 [ 787.770750][T16767] ___sys_sendmsg+0x134/0x1d0 [ 787.770790][T16767] ? __pfx____sys_sendmsg+0x10/0x10 [ 787.770822][T16767] ? __lock_acquire+0x622/0x1c90 [ 787.770899][T16767] __sys_sendmsg+0x16d/0x220 [ 787.770936][T16767] ? __pfx___sys_sendmsg+0x10/0x10 [ 787.770971][T16767] ? __x64_sys_futex+0x1e0/0x4c0 [ 787.771025][T16767] do_syscall_64+0xcd/0x490 [ 787.771065][T16767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 787.771092][T16767] RIP: 0033:0x7fe8ecd8e929 [ 787.771115][T16767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 787.771149][T16767] RSP: 002b:00007fe8edbca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 787.771173][T16767] RAX: ffffffffffffffda RBX: 00007fe8ecfb5fa0 RCX: 00007fe8ecd8e929 [ 787.771192][T16767] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000008 [ 787.771209][T16767] RBP: 00007fe8ece10b39 R08: 0000000000000000 R09: 0000000000000000 [ 787.771226][T16767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 787.771242][T16767] R13: 0000000000000000 R14: 00007fe8ecfb5fa0 R15: 00007fffc57d5748 [ 787.771278][T16767] [ 788.238019][T16768] Invalid ELF header magic: != ELF [ 790.710564][T16814] Invalid ELF header magic: != ELF [ 790.898023][T16820] Invalid ELF header magic: != ELF [ 792.307394][T16842] Invalid ELF header magic: != ELF [ 793.854876][T16851] Invalid ELF header magic: != ELF [ 797.712152][T16917] Invalid ELF header magic: != ELF [ 802.407741][T16983] Invalid ELF header magic: != ELF [ 802.923737][T16995] ERROR: Out of memory at tomoyo_memory_ok. [ 802.975780][T16995] openvswitch: HfR: Dropping previously announced user features [ 806.254477][T17035] Invalid ELF header magic: != ELF [ 807.868067][T17058] Invalid ELF header magic: != ELF [ 808.817392][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.823916][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.864102][T17085] Invalid ELF header magic: != ELF [ 810.103927][T17092] Invalid ELF header magic: != ELF [ 810.445083][T17094] Invalid ELF header magic: != ELF [ 811.791897][T17112] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2661'. [ 813.682682][T17129] Invalid ELF header magic: != ELF [ 815.218681][T17140] Invalid ELF header magic: != ELF [ 816.573586][T17168] FAULT_INJECTION: forcing a failure. [ 816.573586][T17168] name failslab, interval 1, probability 0, space 0, times 0 [ 816.630837][T17168] CPU: 1 UID: 0 PID: 17168 Comm: syz.2.2671 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 816.630878][T17168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 816.630893][T17168] Call Trace: [ 816.630903][T17168] [ 816.630913][T17168] dump_stack_lvl+0x16c/0x1f0 [ 816.630957][T17168] should_fail_ex+0x512/0x640 [ 816.630993][T17168] ? __kmalloc_noprof+0xbf/0x510 [ 816.631031][T17168] ? ops_init+0x77/0x5f0 [ 816.631066][T17168] should_failslab+0xc2/0x120 [ 816.631092][T17168] __kmalloc_noprof+0xd2/0x510 [ 816.631123][T17168] ? lockdep_init_map_type+0x5c/0x280 [ 816.631165][T17168] ops_init+0x77/0x5f0 [ 816.631206][T17168] setup_net+0x1ff/0x510 [ 816.631237][T17168] ? lockdep_init_map_type+0x5c/0x280 [ 816.631272][T17168] ? __pfx_setup_net+0x10/0x10 [ 816.631299][T17168] ? debug_mutex_init+0x37/0x70 [ 816.631329][T17168] copy_net_ns+0x2a6/0x5f0 [ 816.631359][T17168] create_new_namespaces+0x3ea/0xa90 [ 816.631395][T17168] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 816.631426][T17168] ksys_unshare+0x45b/0xa40 [ 816.631458][T17168] ? __pfx_ksys_unshare+0x10/0x10 [ 816.631491][T17168] ? xfd_validate_state+0x61/0x180 [ 816.631533][T17168] __x64_sys_unshare+0x31/0x40 [ 816.631565][T17168] do_syscall_64+0xcd/0x490 [ 816.631603][T17168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.631630][T17168] RIP: 0033:0x7ff17938e929 [ 816.631653][T17168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 816.631677][T17168] RSP: 002b:00007ff17a1bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 816.631702][T17168] RAX: ffffffffffffffda RBX: 00007ff1795b6080 RCX: 00007ff17938e929 [ 816.631720][T17168] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 816.631736][T17168] RBP: 00007ff179410b39 R08: 0000000000000000 R09: 0000000000000000 [ 816.631753][T17168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 816.631769][T17168] R13: 0000000000000000 R14: 00007ff1795b6080 R15: 00007fff82d7a248 [ 816.631804][T17168] [ 817.412340][T17167] Invalid ELF header magic: != ELF [ 818.128418][T17193] Invalid ELF header magic: != ELF [ 818.208294][T17193] netlink: zone id is out of range [ 818.213469][T17193] netlink: zone id is out of range [ 818.311648][T17193] netlink: zone id is out of range [ 818.393688][T17193] netlink: zone id is out of range [ 818.448288][T17193] netlink: zone id is out of range [ 820.995386][T17221] Invalid ELF header magic: != ELF [ 825.894622][T17301] Invalid ELF header magic: != ELF [ 829.967769][T17352] Invalid ELF header magic: != ELF [ 830.286615][T17343] random: crng reseeded on system resumption [ 831.742738][T17370] kafs: addr_prefs: Invalid Command [ 831.922096][T17382] Invalid ELF header magic: != ELF [ 832.421010][T17394] Invalid ELF header magic: != ELF [ 836.792449][T17445] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2721'. [ 836.818024][T17445] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2721'. [ 838.803329][T17465] Invalid ELF header magic: != ELF [ 839.222057][T17476] Invalid ELF header magic: != ELF [ 840.450950][T17484] Invalid ELF header magic: != ELF [ 842.010282][T17509] FAULT_INJECTION: forcing a failure. [ 842.010282][T17509] name failslab, interval 1, probability 0, space 0, times 0 [ 842.129627][T17509] CPU: 1 UID: 0 PID: 17509 Comm: syz.0.2735 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 842.129668][T17509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 842.129685][T17509] Call Trace: [ 842.129694][T17509] [ 842.129703][T17509] dump_stack_lvl+0x16c/0x1f0 [ 842.129746][T17509] should_fail_ex+0x512/0x640 [ 842.129779][T17509] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 842.129817][T17509] should_failslab+0xc2/0x120 [ 842.129842][T17509] __kmalloc_cache_noprof+0x6a/0x3e0 [ 842.129876][T17509] ? __io_uring_add_tctx_node+0x132/0x500 [ 842.129902][T17509] __io_uring_add_tctx_node+0x132/0x500 [ 842.129928][T17509] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 842.129963][T17509] ? __anon_inode_getfile+0x18b/0x3a0 [ 842.130004][T17509] io_uring_setup+0x1579/0x2080 [ 842.130042][T17509] ? __pfx_io_uring_setup+0x10/0x10 [ 842.130099][T17509] ? xfd_validate_state+0x61/0x180 [ 842.130140][T17509] __x64_sys_io_uring_setup+0xc2/0x170 [ 842.130173][T17509] do_syscall_64+0xcd/0x490 [ 842.130211][T17509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.130238][T17509] RIP: 0033:0x7fe8ecd8e929 [ 842.130259][T17509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.130284][T17509] RSP: 002b:00007fe8edba9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 842.130309][T17509] RAX: ffffffffffffffda RBX: 00007fe8ecfb6080 RCX: 00007fe8ecd8e929 [ 842.130329][T17509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 842.130345][T17509] RBP: 00007fe8ece10b39 R08: 0000000000000000 R09: 0000000000000000 [ 842.130360][T17509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 842.130375][T17509] R13: 0000000000000000 R14: 00007fe8ecfb6080 R15: 00007fffc57d5748 [ 842.130409][T17509] [ 843.861018][T17530] Invalid ELF header magic: != ELF [ 846.444495][T17562] Invalid ELF header magic: != ELF [ 846.885588][T17570] Invalid ELF header magic: != ELF [ 851.856462][T17638] Invalid ELF header magic: != ELF [ 852.467050][T17646] Invalid ELF header magic: != ELF [ 852.635050][T17643] Invalid ELF header magic: != ELF [ 854.144097][T17666] Invalid ELF header magic: != ELF [ 855.965999][T17703] hub 8-0:1.0: USB hub found [ 855.985606][T17703] hub 8-0:1.0: 1 port detected [ 856.287580][T17703] WARNING! power/level is deprecated; use power/control instead [ 856.383773][T17710] Invalid ELF header magic: != ELF [ 858.249837][T17712] kexec: Could not allocate control_code_buffer [ 858.570147][T17726] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 858.597330][T17726] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 858.603487][T17726] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 860.437979][T10886] Bluetooth: hci0: command 0x0c1a tx timeout [ 860.483553][T17773] [U] [ 860.486365][T17773] [U] [ 860.489043][T17773] [U] [ 860.491720][T17773] [U] [ 860.515022][T17773] [U] [ 860.517772][T17773] [U] [ 860.520470][T17773] [U] [ 860.523147][T17773] [U] [ 860.579417][T17773] [U] [ 860.582142][T17773] [U] [ 860.584820][T17773] [U] [ 860.587491][T17773] [U] [ 860.641343][T17773] [U] [ 860.644106][T17773] [U] [ 860.646838][T17773] [U] [ 860.649561][T17773] [U] [ 860.652560][T17773] [U] [ 860.655285][T17773] [U] [ 860.658001][T17773] [U] [ 860.660715][T17773] [U] [ 860.663656][T17773] [U] [ 860.666377][T17773] [U] [ 860.669093][T17773] [U] [ 860.671817][T17773] [U] [ 860.674723][T17773] [U] [ 860.677442][T17773] [U] [ 860.680175][T17773] [U] [ 860.682893][T17773] [U] [ 860.685927][T17773] [U] [ 860.688652][T17773] [U] [ 860.691355][T17773] [U] [ 860.694054][T17773] [U] [ 860.708073][T10886] Bluetooth: hci3: command 0x0c1a tx timeout [ 860.714251][T10886] Bluetooth: hci1: command 0x0c1a tx timeout [ 860.738448][T17773] [U] [ 860.741215][T17773] [U] [ 860.743940][T17773] [U] [ 860.746667][T17773] [U] [ 860.785120][T17773] [U] [ 860.787873][T17773] [U] [ 860.790552][T17773] [U] [ 860.793227][T17773] [U] [ 860.796793][T17773] [U] [ 860.799538][T17773] [U] [ 860.802264][T17773] [U] [ 860.804987][T17773] [U] [ 860.807969][T17773] [U] [ 860.810698][T17773] [U] [ 860.813421][T17773] [U] [ 860.816143][T17773] [U] [ 860.907874][T17773] [U] [ 860.910610][T17773] [U] [ 860.913287][T17773] [U] [ 860.915962][T17773] [U] [ 860.984926][T17773] [U] [ 860.987691][T17773] [U] [ 860.990418][T17773] [U] [ 860.993135][T17773] [U] [ 861.003360][T17773] [U] [ 861.006115][T17773] [U] [ 861.008833][T17773] [U] [ 861.011559][T17773] [U] [ 861.052704][T17773] [U] [ 861.055476][T17773] [U] [ 861.058194][T17773] [U] [ 861.060908][T17773] [U] [ 861.077255][T17773] [U] [ 861.080020][T17773] [U] [ 861.082750][T17773] [U] [ 861.085470][T17773] [U] [ 861.199619][T17773] [U] [ 863.063624][T17805] Invalid ELF header magic: != ELF [ 863.844224][T17820] FAULT_INJECTION: forcing a failure. [ 863.844224][T17820] name failslab, interval 1, probability 0, space 0, times 0 [ 863.857013][T17820] CPU: 0 UID: 0 PID: 17820 Comm: syz.0.2800 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 863.857050][T17820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 863.857067][T17820] Call Trace: [ 863.857078][T17820] [ 863.857089][T17820] dump_stack_lvl+0x16c/0x1f0 [ 863.857133][T17820] should_fail_ex+0x512/0x640 [ 863.857168][T17820] ? fs_reclaim_acquire+0xae/0x150 [ 863.857201][T17820] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 863.857235][T17820] should_failslab+0xc2/0x120 [ 863.857261][T17820] __kmalloc_noprof+0xd2/0x510 [ 863.857307][T17820] tomoyo_realpath_from_path+0xc2/0x6e0 [ 863.857351][T17820] tomoyo_check_open_permission+0x2ab/0x3c0 [ 863.857384][T17820] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 863.857453][T17820] ? find_held_lock+0x2b/0x80 [ 863.857488][T17820] tomoyo_file_open+0x6b/0x90 [ 863.857527][T17820] security_file_open+0x84/0x1e0 [ 863.857559][T17820] do_dentry_open+0x596/0x1c10 [ 863.857606][T17820] vfs_open+0x82/0x3f0 [ 863.857639][T17820] path_openat+0x1de4/0x2cb0 [ 863.857687][T17820] ? __pfx_path_openat+0x10/0x10 [ 863.857724][T17820] ? __lock_acquire+0xb8a/0x1c90 [ 863.857761][T17820] do_filp_open+0x20b/0x470 [ 863.857797][T17820] ? __pfx_do_filp_open+0x10/0x10 [ 863.857867][T17820] ? alloc_fd+0x471/0x7d0 [ 863.857913][T17820] do_sys_openat2+0x11b/0x1d0 [ 863.857943][T17820] ? __pfx_do_sys_openat2+0x10/0x10 [ 863.857987][T17820] __x64_sys_openat+0x174/0x210 [ 863.858018][T17820] ? __pfx___x64_sys_openat+0x10/0x10 [ 863.858063][T17820] do_syscall_64+0xcd/0x490 [ 863.858102][T17820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 863.858129][T17820] RIP: 0033:0x7fe8ecd8e929 [ 863.858151][T17820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 863.858178][T17820] RSP: 002b:00007fe8edba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 863.858205][T17820] RAX: ffffffffffffffda RBX: 00007fe8ecfb6080 RCX: 00007fe8ecd8e929 [ 863.858223][T17820] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 863.858242][T17820] RBP: 00007fe8ece10b39 R08: 0000000000000000 R09: 0000000000000000 [ 863.858259][T17820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 863.858276][T17820] R13: 0000000000000000 R14: 00007fe8ecfb6080 R15: 00007fffc57d5748 [ 863.858314][T17820] [ 863.858325][T17820] ERROR: Out of memory at tomoyo_realpath_from_path. [ 864.591836][T17823] Invalid ELF header magic: != ELF [ 865.518755][T17838] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2805'. [ 865.528622][T17838] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2805'. [ 865.703102][T17845] netlink: 'syz.2.2808': attribute type 2 has an invalid length. [ 865.902541][T17837] Invalid ELF header magic: != ELF [ 869.371437][T17898] Invalid ELF header magic: != ELF [ 869.614865][ T30] audit: type=1800 audit(4294967691.194:31): pid=17906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2820" name="members" dev="configfs" ino=130807 res=0 errno=0 [ 870.286566][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.293131][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.546868][T17914] Invalid ELF header magic: != ELF [ 871.059752][T17921] Invalid ELF header magic: != ELF [ 871.786991][T17936] Invalid ELF header magic: != ELF [ 873.037639][T17949] Invalid ELF header magic: != ELF [ 873.591942][T17964] hub 8-0:1.0: USB hub found [ 873.596937][T17964] hub 8-0:1.0: 1 port detected [ 873.885612][T17967] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2832'. [ 873.894991][T17967] team_slave_0: entered allmulticast mode [ 874.694036][T17973] Invalid ELF header magic: != ELF [ 877.307820][T18013] Invalid ELF header magic: != ELF [ 877.356561][T18006] Invalid ELF header magic: != ELF [ 878.293554][T18022] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2845'. [ 878.369855][T18022] team_slave_0: entered allmulticast mode [ 881.582279][T18066] Invalid ELF header magic: != ELF [ 881.701947][T18070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2856'. [ 883.454484][T18095] Invalid ELF header magic: != ELF [ 884.203213][T18108] Invalid ELF header magic: != ELF [ 888.642799][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 888.649110][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 888.663459][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 888.670220][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 888.769908][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 888.782486][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 888.791456][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 888.798784][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 889.436930][T18207] Invalid ELF header magic: != ELF [ 889.483727][T18200] Invalid ELF header magic: != ELF [ 889.524741][T18208] Invalid ELF header magic: != ELF [ 890.657503][T18227] Invalid ELF header magic: != ELF [ 891.899752][T18241] Invalid ELF header magic: != ELF [ 894.280700][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.289103][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 894.336320][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.342671][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 894.355049][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.361412][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 894.381653][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.388043][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 894.731378][T18284] netlink: 'syz.1.2899': attribute type 2 has an invalid length. [ 895.282114][T18282] Invalid ELF header magic: != ELF [ 895.905516][T18310] Invalid ELF header magic: != ELF [ 899.101832][T18358] Invalid ELF header magic: != ELF [ 899.586463][T18366] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 899.586463][T18366] M' is too long [ 899.600077][T18366] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 899.600077][T18366] W ' is too long [ 901.623194][T18390] Invalid ELF header magic: != ELF [ 902.174846][T18378] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 902.224018][T18378] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 902.259196][T18378] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 903.740954][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 903.942290][T18438] Invalid ELF header magic: != ELF [ 904.271347][T18427] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 904.301561][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 904.330849][T18427] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 904.337031][T18427] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 905.980980][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 906.381098][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 906.387250][T17782] Bluetooth: hci1: command 0x0c1a tx timeout [ 908.295511][T18493] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 908.304682][T18493] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 908.353199][T18493] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 909.900916][T18523] Invalid ELF header magic: != ELF [ 910.230652][T17782] Bluetooth: hci0: command 0x0c1a tx timeout [ 910.384542][T17782] Bluetooth: hci3: command 0x0c1a tx timeout [ 910.384575][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 911.318166][T18548] Invalid ELF header magic: != ELF [ 911.863117][T18558] Invalid ELF header magic: != ELF [ 912.601643][T18569] Invalid ELF header magic: != ELF [ 914.473324][T18598] Invalid ELF header magic: != ELF [ 916.267699][T18626] Invalid ELF header magic: != ELF [ 916.598548][T18629] Invalid ELF header magic: != ELF [ 917.091920][T18641] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 918.320437][T18658] Invalid ELF header magic: != ELF [ 918.521736][T18667] Invalid ELF header magic: != ELF [ 918.712416][T18662] Invalid ELF header magic: != ELF [ 918.730724][T18675] Invalid ELF header magic: != ELF [ 920.031579][T18689] Invalid ELF header magic: != ELF [ 921.650175][T18718] ERROR: Out of memory at tomoyo_memory_ok. [ 924.936114][T18763] Invalid ELF header magic: != ELF [ 927.271549][T18798] sd 0:0:1:0: PR command failed: 1026 [ 927.281724][T18798] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 927.288781][T18798] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 928.444061][T18784] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 928.482631][T18784] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 928.504446][T18784] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 928.872172][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 929.977607][T18835] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3022'. [ 930.553111][T17782] Bluetooth: hci1: command 0x0c1a tx timeout [ 930.562964][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 931.756786][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.763100][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.970938][T18869] Invalid ELF header magic: != ELF [ 933.576499][T18888] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input27 [ 933.610404][T18877] can: request_module (can-proto-0) failed. [ 936.281722][T18921] Invalid ELF header magic: != ELF [ 940.662120][T18982] Invalid ELF header magic: != ELF [ 941.938968][T19002] Invalid ELF header magic: != ELF [ 944.673387][T19051] Invalid ELF header magic: != ELF [ 944.914550][T19058] Invalid ELF header magic: != ELF [ 945.166845][T19049] Invalid ELF header magic: != ELF [ 949.596192][T19105] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 949.603125][T19105] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 949.617466][T19105] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 950.895304][T19139] Invalid ELF header magic: != ELF [ 950.901423][T19129] Bluetooth: hci0: command 0x0c1a tx timeout [ 951.051595][T19152] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3093'. [ 951.683912][T19147] Bluetooth: hci1: command 0x0c1a tx timeout [ 951.690503][T19149] Bluetooth: hci3: command 0x0c1a tx timeout [ 953.796994][T19209] Invalid ELF header magic: != ELF [ 955.412296][T19243] Invalid ELF header magic: != ELF [ 955.440895][T19236] Invalid ELF header magic: != ELF [ 955.545308][T19242] Invalid ELF header magic: != ELF [ 957.638042][T19279] syz.0.3122 (19279): attempted to duplicate a private mapping with mremap. This is not supported. [ 957.940764][T19292] Invalid ELF header magic: != ELF [ 958.019314][T19293] Invalid ELF header magic: != ELF [ 958.680591][T19303] Invalid ELF header magic: != ELF [ 960.189910][T19332] ERROR: Out of memory at tomoyo_memory_ok. [ 960.559114][T19341] Invalid ELF header magic: != ELF [ 960.801198][T19350] Invalid ELF header magic: != ELF [ 961.972307][T19370] Invalid ELF header magic: != ELF [ 963.515955][T19399] Invalid ELF header magic: != ELF [ 963.836058][T19409] Invalid ELF header magic: != ELF [ 965.232462][T19438] Invalid ELF header magic: != ELF [ 965.837645][T19447] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 965.991464][ T5187] ERROR: Out of memory at tomoyo_memory_ok. [ 966.289143][T19448] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 971.140831][T19509] Invalid ELF header magic: != ELF [ 973.205532][T19539] Invalid ELF header magic: != ELF [ 974.378076][T19555] Invalid ELF header magic: != ELF [ 976.348163][T19583] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 976.511274][T19590] Invalid ELF header magic: != ELF [ 976.720784][T19585] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 977.357341][T19607] Invalid ELF header magic: != ELF [ 979.167656][T19641] Invalid ELF header magic: != ELF [ 979.873838][T19651] Invalid ELF header magic: != ELF [ 982.800984][T19673] GUP no longer grows the stack in syz.1.3208 (19673): 14000-401000 (4000) [ 982.900929][T19673] CPU: 0 UID: 0 PID: 19673 Comm: syz.1.3208 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 982.900969][T19673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 982.900993][T19673] Call Trace: [ 982.901003][T19673] [ 982.901015][T19673] dump_stack_lvl+0x16c/0x1f0 [ 982.901062][T19673] gup_vma_lookup+0x1d2/0x220 [ 982.901092][T19673] __get_user_pages+0x271/0x3b80 [ 982.901133][T19673] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 982.901174][T19673] ? kasan_save_stack+0x42/0x60 [ 982.901209][T19673] ? __pfx___get_user_pages+0x10/0x10 [ 982.901238][T19673] ? register_lock_class+0x41/0x4c0 [ 982.901270][T19673] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 982.901307][T19673] ? do_syscall_64+0xcd/0x490 [ 982.901353][T19673] __gup_longterm_locked+0x20d/0x1840 [ 982.901384][T19673] ? __lock_acquire+0xb8a/0x1c90 [ 982.901419][T19673] ? __pfx___gup_longterm_locked+0x10/0x10 [ 982.901466][T19673] pin_user_pages_remote+0xed/0x140 [ 982.901498][T19673] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 982.901526][T19673] ? mm_access+0x22d/0x2e0 [ 982.901569][T19673] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 982.901626][T19673] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 982.901668][T19673] ? iovec_from_user+0xbb/0x140 [ 982.901724][T19673] ? iovec_from_user+0xbb/0x140 [ 982.901763][T19673] process_vm_rw+0x216/0x2c0 [ 982.901804][T19673] ? __pfx_process_vm_rw+0x10/0x10 [ 982.901852][T19673] ? __pfx___sys_sendmmsg+0x10/0x10 [ 982.901932][T19673] ? xfd_validate_state+0x61/0x180 [ 982.901965][T19673] ? __task_pid_nr_ns+0x17c/0x500 [ 982.902011][T19673] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 982.902052][T19673] ? do_syscall_64+0x91/0x490 [ 982.902089][T19673] ? lockdep_hardirqs_on+0x7c/0x110 [ 982.902126][T19673] do_syscall_64+0xcd/0x490 [ 982.902166][T19673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 982.902193][T19673] RIP: 0033:0x7f692598e929 [ 982.902215][T19673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 982.902242][T19673] RSP: 002b:00007f69267e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 982.902267][T19673] RAX: ffffffffffffffda RBX: 00007f6925bb6080 RCX: 00007f692598e929 [ 982.902285][T19673] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000bc6 [ 982.902302][T19673] RBP: 00007f6925a10b39 R08: 0000000000000003 R09: 0000000000000000 [ 982.902319][T19673] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 982.902335][T19673] R13: 0000000000000000 R14: 00007f6925bb6080 R15: 00007ffc21519308 [ 982.902371][T19673] [ 984.259860][T19705] Invalid ELF header magic: != ELF [ 984.629753][T19713] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 985.342638][T19724] Invalid ELF header magic: != ELF [ 985.380028][T19716] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 985.499384][T19725] Invalid ELF header magic: != ELF [ 988.838172][T19780] Invalid ELF header magic: != ELF [ 989.051054][T19783] Invalid ELF header magic: != ELF [ 989.101138][T19784] Invalid ELF header magic: != ELF [ 990.509071][T19805] Invalid ELF header magic: != ELF [ 990.743307][T19811] Invalid ELF header magic: != ELF [ 990.815040][T19814] Invalid ELF header magic: != ELF [ 992.264249][T19841] Invalid ELF header magic: != ELF [ 992.825454][T19849] Invalid ELF header magic: != ELF [ 993.064487][T19865] Invalid ELF header magic: != ELF [ 993.210555][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.216980][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.412584][T19868] Invalid ELF header magic: != ELF [ 993.951252][T19888] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 994.017854][T19893] netlink: 'syz.0.3260': attribute type 1 has an invalid length. [ 994.025817][T19893] netlink: 33 bytes leftover after parsing attributes in process `syz.0.3260'. [ 994.289767][T19891] Invalid ELF header magic: != ELF [ 994.894083][T19909] Invalid ELF header magic: != ELF [ 995.090407][T19918] Invalid ELF header magic: != ELF [ 995.984198][T19933] Invalid ELF header magic: != ELF [ 996.001605][T19934] Invalid ELF header magic: != ELF [ 996.429996][T19944] Invalid ELF header magic: != ELF [ 997.389347][T19965] snd_virmidi snd_virmidi.0: control 5:9:1:IA>/[k/[k/[k/[k 1 [ 1012.781580][T19147] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1012.790040][T19147] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1012.799349][T19147] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1012.807987][T19147] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1013.029945][T20245] chnl_net:caif_netlink_parms(): no params data found [ 1013.166956][T20245] bridge0: port 1(bridge_slave_0) entered blocking state [ 1013.174073][T20245] bridge0: port 1(bridge_slave_0) entered disabled state [ 1013.181799][T20245] bridge_slave_0: entered allmulticast mode [ 1013.189002][T20245] bridge_slave_0: entered promiscuous mode [ 1013.196892][T20245] bridge0: port 2(bridge_slave_1) entered blocking state [ 1013.204041][T20245] bridge0: port 2(bridge_slave_1) entered disabled state [ 1013.211501][T20245] bridge_slave_1: entered allmulticast mode [ 1013.219694][T20245] bridge_slave_1: entered promiscuous mode [ 1013.247390][T20245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1013.260361][T20245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1013.291386][T20245] team0: Port device team_slave_0 added [ 1013.300239][T20245] team0: Port device team_slave_1 added [ 1013.325190][T20245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1013.332621][T20245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1013.358602][T20245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1013.371360][T20245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1013.378389][T20245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1013.404754][T20245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1013.447182][T20245] hsr_slave_0: entered promiscuous mode [ 1013.453527][T20245] hsr_slave_1: entered promiscuous mode [ 1013.459996][T20245] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1013.467895][T20245] Cannot create hsr debugfs directory [ 1013.601136][T20245] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1013.611187][T20245] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1013.621171][T20245] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1013.631411][T20245] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1013.657587][T20245] bridge0: port 2(bridge_slave_1) entered blocking state [ 1013.664697][T20245] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1013.672236][T20245] bridge0: port 1(bridge_slave_0) entered blocking state [ 1013.679383][T20245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1013.739319][T20245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1013.754354][T19127] bridge0: port 1(bridge_slave_0) entered disabled state [ 1013.762774][T19127] bridge0: port 2(bridge_slave_1) entered disabled state [ 1013.780261][T20245] 8021q: adding VLAN 0 to HW filter on device team0 [ 1013.794802][T19179] bridge0: port 1(bridge_slave_0) entered blocking state [ 1013.801950][T19179] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1013.818002][T19179] bridge0: port 2(bridge_slave_1) entered blocking state [ 1013.825096][T19179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1013.996424][T20245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1014.201168][T20245] veth0_vlan: entered promiscuous mode [ 1014.211669][T20245] veth1_vlan: entered promiscuous mode [ 1014.239823][T20245] veth0_macvtap: entered promiscuous mode [ 1014.249122][T20245] veth1_macvtap: entered promiscuous mode [ 1014.268326][T20245] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1014.282646][T20245] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1014.294836][T20245] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1014.303687][T20245] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1014.312923][T20245] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1014.321702][T20245] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1014.391772][T19153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1014.408489][T19153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1014.431768][T19127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1014.440546][T19127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1014.554562][T20279] snd_virmidi snd_virmidi.0: control 5:9:1:IA>/[k/[k/[k 18 [ 1038.091041][T20686] snd_virmidi snd_virmidi.0: control 5:9:1:IA>/[k/[k/[k/[k/[k/[k/[k/[k/[k/[k/[k/[k/[k /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1103.986874][ T31] task:kworker/u10:1 state:D stack:27832 pid:19131 tgid:19131 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 1104.013320][ T31] Workqueue: netns cleanup_net [ 1104.034444][ T31] Call Trace: [ 1104.042356][ T31] [ 1104.045340][ T31] __schedule+0x116a/0x5de0 [ 1104.079103][ T31] ? __lock_acquire+0x622/0x1c90 [ 1104.093407][ T31] ? __pfx___schedule+0x10/0x10 [ 1104.100343][ T31] ? find_held_lock+0x2b/0x80 [ 1104.124350][ T31] ? schedule+0x2d7/0x3a0 [ 1104.142237][ T31] schedule+0xe7/0x3a0 [ 1104.157985][ T31] schedule_timeout+0x257/0x290 [ 1104.213841][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1104.223953][ T31] ? mark_held_locks+0x49/0x80 [ 1104.244162][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1104.262427][ T31] __wait_for_common+0x2ff/0x4e0 [ 1104.297061][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1104.353513][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1104.359133][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1104.364408][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 1104.374859][ T31] __flush_workqueue+0x3e2/0x1230 [ 1104.380008][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 1104.385593][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 1104.393408][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1104.427807][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1104.458025][ T31] rds_tcp_listen_stop+0x104/0x150 [ 1104.484523][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1104.500338][ T31] rds_tcp_exit_net+0xcb/0x810 [ 1104.505538][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1104.515152][ T31] ? __pfx___might_resched+0x10/0x10 [ 1104.527319][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1104.532901][ T31] ops_undo_list+0x2eb/0xab0 [ 1104.539683][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 1104.544844][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 1104.556621][ T31] cleanup_net+0x408/0x890 [ 1104.564704][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1104.606602][ T31] ? rcu_is_watching+0x12/0xc0 [ 1104.676734][ T31] process_one_work+0x9cc/0x1b70 [ 1104.681773][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1104.687463][ T31] ? assign_work+0x1a0/0x250 [ 1104.692108][ T31] worker_thread+0x6c8/0xf10 [ 1104.706716][ T31] ? __kthread_parkme+0x19e/0x250 [ 1104.711808][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1104.721948][ T31] kthread+0x3c5/0x780 [ 1104.726172][ T31] ? __pfx_kthread+0x10/0x10 [ 1104.734987][ T31] ? rcu_is_watching+0x12/0xc0 [ 1104.739992][ T31] ? __pfx_kthread+0x10/0x10 [ 1104.744627][ T31] ret_from_fork+0x5d4/0x6f0 [ 1104.750941][ T31] ? __pfx_kthread+0x10/0x10 [ 1104.755583][ T31] ret_from_fork_asm+0x1a/0x30 [ 1104.760681][ T31] [ 1104.763823][ T31] [ 1104.763823][ T31] Showing all locks held in the system: [ 1104.773180][ T31] 1 lock held by khungtaskd/31: [ 1104.783661][ T31] #0: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1104.793829][ T31] 2 locks held by syz-executor/5819: [ 1104.799326][ T31] 2 locks held by getty/14370: [ 1104.804102][ T31] #0: ffff888036a220a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1104.814419][ T31] #1: ffffc900021ca2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1104.825733][ T31] 3 locks held by kworker/u10:1/19131: [ 1104.831426][ T31] #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1104.846082][ T31] #1: ffffc90004667d10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1104.856263][ T31] #2: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 1104.867347][ T31] 1 lock held by syz.2.3278/19963: [ 1104.872486][ T31] #0: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 1104.882332][ T31] 1 lock held by syz.4.3727/21821: [ 1104.890118][ T31] #0: ffffffff90338250 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 1104.943386][ T31] [ 1104.945765][ T31] ============================================= [ 1104.945765][ T31] [ 1104.976231][ T31] NMI backtrace for cpu 1 [ 1104.976258][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 1104.976290][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1104.976305][ T31] Call Trace: [ 1104.976314][ T31] [ 1104.976324][ T31] dump_stack_lvl+0x116/0x1f0 [ 1104.976363][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1104.976394][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1104.976425][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1104.976457][ T31] watchdog+0xf70/0x12c0 [ 1104.976497][ T31] ? __pfx_watchdog+0x10/0x10 [ 1104.976527][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1104.976564][ T31] ? __kthread_parkme+0x19e/0x250 [ 1104.976593][ T31] ? __pfx_watchdog+0x10/0x10 [ 1104.976626][ T31] kthread+0x3c5/0x780 [ 1104.976659][ T31] ? __pfx_kthread+0x10/0x10 [ 1104.976693][ T31] ? rcu_is_watching+0x12/0xc0 [ 1104.976718][ T31] ? __pfx_kthread+0x10/0x10 [ 1104.976751][ T31] ret_from_fork+0x5d4/0x6f0 [ 1104.976781][ T31] ? __pfx_kthread+0x10/0x10 [ 1104.976813][ T31] ret_from_fork_asm+0x1a/0x30 [ 1104.976861][ T31] [ 1105.090553][ T31] Sending NMI from CPU 1 to CPUs 0: [ 1105.095822][ C0] NMI backtrace for cpu 0 [ 1105.095840][ C0] CPU: 0 UID: 0 PID: 7412 Comm: syz.3.440 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 1105.095872][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1105.095887][ C0] RIP: 0010:write_comp_data+0x11/0x90 [ 1105.095924][ C0] Code: cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 d2 49 89 f8 49 89 f1 65 48 8b 15 87 7c 10 12 <65> 8b 05 98 7c 10 12 a9 00 01 ff 00 74 1d f6 c4 01 74 67 a9 00 00 [ 1105.095947][ C0] RSP: 0018:ffffc900049ff538 EFLAGS: 00000286 [ 1105.095967][ C0] RAX: 0000000000000000 RBX: ffff88801ea4bed8 RCX: ffffffff822d1412 [ 1105.095984][ C0] RDX: ffff888032d11e00 RSI: 0000000000000000 RDI: 0000000000000001 [ 1105.096000][ C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1105.096015][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801ea4be90 [ 1105.096030][ C0] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000 [ 1105.096046][ C0] FS: 0000000000000000(0000) GS:ffff888124760000(0000) knlGS:0000000000000000 [ 1105.096068][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1105.096085][ C0] CR2: 00007f69266e7d60 CR3: 000000000e382000 CR4: 00000000003526f0 [ 1105.096101][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1105.096116][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1105.096131][ C0] Call Trace: [ 1105.096139][ C0] [ 1105.096148][ C0] page_table_check_clear+0x242/0x740 [ 1105.096189][ C0] __page_table_check_pte_clear+0xf1/0x100 [ 1105.096226][ C0] ? __pfx___page_table_check_pte_clear+0x10/0x10 [ 1105.096263][ C0] ? __tlb_remove_folio_pages_size.constprop.0+0x162/0x560 [ 1105.096301][ C0] unmap_page_range+0x24bd/0x4350 [ 1105.096341][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 1105.096371][ C0] ? uprobe_munmap+0x20/0x5c0 [ 1105.096396][ C0] unmap_single_vma.constprop.0+0x153/0x240 [ 1105.096425][ C0] unmap_vmas+0x218/0x470 [ 1105.096451][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 1105.096489][ C0] exit_mmap+0x1b9/0xb90 [ 1105.096518][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 1105.096564][ C0] __mmput+0x12a/0x410 [ 1105.096596][ C0] mmput+0x62/0x70 [ 1105.096620][ C0] do_exit+0x7c4/0x2bd0 [ 1105.096654][ C0] ? __pfx_do_exit+0x10/0x10 [ 1105.096683][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 1105.096718][ C0] ? find_held_lock+0x2b/0x80 [ 1105.096744][ C0] do_group_exit+0xd3/0x2a0 [ 1105.096776][ C0] get_signal+0x2673/0x26d0 [ 1105.096807][ C0] ? __pfx_get_signal+0x10/0x10 [ 1105.096832][ C0] ? do_futex+0x122/0x350 [ 1105.096860][ C0] ? __pfx_do_futex+0x10/0x10 [ 1105.096889][ C0] arch_do_signal_or_restart+0x8f/0x790 [ 1105.096917][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1105.096954][ C0] exit_to_user_mode_loop+0x84/0x110 [ 1105.096991][ C0] do_syscall_64+0x3f6/0x490 [ 1105.097029][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1105.097054][ C0] RIP: 0033:0x7f053a78e929 [ 1105.097077][ C0] Code: Unable to access opcode bytes at 0x7f053a78e8ff. [ 1105.097088][ C0] RSP: 002b:00007f053b5680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1105.097110][ C0] RAX: fffffffffffffe00 RBX: 00007f053a9b5fa8 RCX: 00007f053a78e929 [ 1105.097126][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f053a9b5fa8 [ 1105.097142][ C0] RBP: 00007f053a9b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1105.097157][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f053a9b5fac [ 1105.097173][ C0] R13: 0000000000000000 R14: 00007ffd8c997c40 R15: 00007ffd8c997d28 [ 1105.097197][ C0] [ 1105.445715][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1105.452624][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 1105.464454][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1105.474529][ T31] Call Trace: [ 1105.477825][ T31] [ 1105.480770][ T31] dump_stack_lvl+0x3d/0x1f0 [ 1105.485392][ T31] panic+0x71c/0x800 [ 1105.489307][ T31] ? __pfx___irq_work_queue_local+0x10/0x10 [ 1105.495216][ T31] ? __pfx_panic+0x10/0x10 [ 1105.499645][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1105.505028][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1105.511017][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1105.516400][ T31] ? watchdog+0xdda/0x12c0 [ 1105.520832][ T31] ? watchdog+0xdcd/0x12c0 [ 1105.525261][ T31] watchdog+0xdeb/0x12c0 [ 1105.529523][ T31] ? __pfx_watchdog+0x10/0x10 [ 1105.534217][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1105.539440][ T31] ? __kthread_parkme+0x19e/0x250 [ 1105.544489][ T31] ? __pfx_watchdog+0x10/0x10 [ 1105.549180][ T31] kthread+0x3c5/0x780 [ 1105.553260][ T31] ? __pfx_kthread+0x10/0x10 [ 1105.557865][ T31] ? rcu_is_watching+0x12/0xc0 [ 1105.562636][ T31] ? __pfx_kthread+0x10/0x10 [ 1105.567240][ T31] ret_from_fork+0x5d4/0x6f0 [ 1105.571864][ T31] ? __pfx_kthread+0x10/0x10 [ 1105.576465][ T31] ret_from_fork_asm+0x1a/0x30 [ 1105.581248][ T31] [ 1105.584508][ T31] Kernel Offset: disabled [ 1105.588831][ T31] Rebooting in 86400 seconds..