last executing test programs: 7.313264921s ago: executing program 3 (id=1348): syz_open_procfs$namespace(0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x1) r1 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0xc, 0x2, 0x40eb2, 0x401, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000000c0)={0x0, 0xa841}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x9, 0x0) readv$auto(r1, &(0x7f0000000100)={0x0, 0x100000001}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000240)=ANY=[@ANYBLOB="20020000e55bcf2f7eafa1623b883c1ddf2ea69705a0ea502964b86deaf0f015abd5adcd59de9d4bc434588d04fa1871ddbb5680042d48d121e2", @ANYRES16=r3, @ANYBLOB="010026bd7000fbdbdf251a0000000c00018008000100", @ANYRES32=r4, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40801}, 0x80) read$auto_state_fops_(0xffffffffffffffff, &(0x7f0000000180)=""/81, 0x51) writev$auto(0x3, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) read$auto(0x3, 0x0, 0x80) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) write$auto(r5, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 6.087418444s ago: executing program 3 (id=1353): move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/010/001\x00', 0x20000, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/021/001\x00', 0x25003, 0x0) 5.156937943s ago: executing program 2 (id=1355): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) landlock_restrict_self$auto(r1, 0x1) mremap$auto(0x200000001000, 0x4, 0x4, 0x3, 0x100000000) 4.668130622s ago: executing program 2 (id=1357): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8002) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x80002, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0xffffffffffffffff, 0xd12, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x8080aea1, 0x0) r3 = geteuid() fstat$auto(0xffffffffffffffff, &(0x7f0000000040)={0x6, 0xc, 0x200, 0x3, 0xee01, 0x0, 0x0, 0x3, 0x8, 0xfffffffffffffff8, 0x5, 0xb, 0xfffffffffffffffc, 0x80000001, 0x9, 0x8, 0x2}) keyctl$auto_KEY_REQKEY_DEFL_PROCESS_KEYRING(0xa, 0x2, r3, r4, 0x42) stat$auto(0x0, &(0x7f0000000380)={0x8, 0x0, 0x8, 0xfffffd5f, r3, r4, 0x0, 0x93, 0x6a01e59f, 0x9e2e, 0x1009, 0x0, 0x1, 0x6, 0x6b62612e, 0xfffffffffffffffc, 0x456}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) signalfd$auto(0xffffffffffffffff, 0x0, 0xfffffffffffff000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0) ioctl$auto_CEC_RECEIVE(r5, 0xc0386106, 0x0) getgid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) connect$auto(0x3, 0x0, 0x55) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) r6 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r6, r6, 0x0) statmount$auto(0x0, 0x0, 0x1fa, 0xd) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vlan1\x00'}) statmount$auto(0x0, &(0x7f0000000440)={0x3, 0x1, 0x9, 0x7352, 0x3f, 0x65f, 0x1ffe4, 0x7, 0x8000003, 0x8, 0xb, 0x3, 0x5, 0xffffffffffffff01, 0xb4, 0x9, 0x6, 0x7ff, 0x84, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0xb4, 0x0, 0x0, 0x0, 0x0, 0x2, [0x0, 0x8, 0x68, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x200000000, 0xffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x3, 0x3, 0x800000000000000, 0x7e30e0be], "c3236a44f54d25e8f23045eb177d6ca5a549b3748bb13c8f1d46437ffb731ac1c73064e1af3c02280bc8e08a269302395df3366917d470045ffa10b69b5bcee22b1695376ec77e999384840a35f2220418171f8bd675f0de8ca54334b8665cd96591baa78939b548afea8cae5ceeb770e89ef30a32b4ee0840c97f669b54daf2815d656c2a59a15e92a3454f34edeb3b0edba311b9687fdbcba4e617ee68d54ce4036ea4e3fd23d33ffdfd1bfa7e4df3370bd19b2dc264762d766e565f74be287479a7016ea981c2c85fa456354f03d2072a"}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 4.205584949s ago: executing program 1 (id=1358): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) landlock_restrict_self$auto(r1, 0x1) mremap$auto(0x200000001000, 0x4, 0x4, 0x3, 0x100000000) (fail_nth: 1) 4.125818659s ago: executing program 2 (id=1359): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) r1 = ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';') read$auto_proc_pid_maps_operations_internal(r1, &(0x7f0000000180)=""/98, 0x62) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x200400, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) adjtimex$auto(&(0x7f0000000440)={0x6, 0x0, 0xfffffffffffffffe, 0xffffffffffffff00, 0x8, 0x0, 0x2, 0x0, 0x9, 0x100000000, 0xb4, {0xffffffffffffac55}, 0x0, 0x7, 0x1aaa, 0x4, 0x0, 0x4, 0xf442, 0x81, 0x200, 0xdc, 0xa}) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x4000c, 0xdf, 0x9b72, r0, 0x0) msync$auto(0x1ffff0f4, 0x180000000000000, 0x400000004) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x181101, 0x0) write$auto(r3, &(0x7f0000000040)='nbd\x00', 0x4) setresuid$auto(0x2, 0x7, 0x8080) ioprio_get$auto(0x3, 0x2) 3.379695608s ago: executing program 1 (id=1362): syz_open_procfs$namespace(0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x1) setsockopt$auto(0xffffffffffffffff, 0x88, 0xa, &(0x7f0000000200)='\xba\xba\xd3\xc8[&P\x9c\xe7AJz\'\x91\xce=B}v+7n\xa2r0\x92\xc3\x0eE\x96\xf63\xec\xe0\xb2\f\xa86v\xeb\xf1\xcb\xd4\xa9\v\xe1\xcc\xa10\x11J\xb9\x06#K:7\xb9+\xb8\xeb\x18', 0x80000e) mmap$auto(0x0, 0xc, 0x2, 0x40eb2, 0x401, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000000c0)={0x0, 0xa841}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x9, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x100000001}, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000240)=ANY=[@ANYBLOB="20020000e55bcf2f7eafa1623b883c1ddf2ea69705a0ea502964b86deaf0f015abd5adcd59de9d4bc434588d04fa1871ddbb5680042d48d121e2", @ANYRES16=r2, @ANYBLOB="010026bd7000fbdbdf251a0000000c00018008000100", @ANYRES32=r3, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40801}, 0x80) read$auto_state_fops_(0xffffffffffffffff, &(0x7f0000000180)=""/81, 0x51) writev$auto(0x3, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r4 = socket(0x1e, 0x4, 0x0) read$auto(0x3, 0x0, 0x80) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) write$auto(r4, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 3.37646306s ago: executing program 3 (id=1363): mmap$auto(0x4, 0x20009, 0x40000000000000df, 0xffffffffffff8eda, 0xffffffffffffffff, 0x200000000008004) sysfs$auto(0x2, 0x27, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) read$auto(0x3, 0x0, 0xf34) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) ioctl$auto(r1, 0xc0445624, r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) madvise$auto(0x1, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) r3 = ioctl$auto_dma_heap_fops_dma_heap(r0, 0xa, &(0x7f0000000200)="bfac2a191145ec6bf8deb2442a409cf789981c44a96131a93e37758532709d3d2a9f507958910db236c160682009cfff0aafbc968c3f2d93b397b307e7da46b193bc23da654db50000d934b49a445a06732b8c4859952ee6d5659fef13c1827d00c3d12a1da7dad1b6b314691af273e8425488e883ac827f94f1994d032b5eef376112e0168ebdeb186c043a37488c31185777780fa891f67b81d972e0799c4507077ca7c6912edc215dff75dc03257745739d6761d18838e31234b50eed6ac360c8f5df05a9f3cc9669fd6e14f4a5b7eb5de9d3c7a4001b998e51f4f71b8011bbd1145050be9ddc01171ca31bd9fe916cbc72b745d60226") read$auto_proc_pid_maps_operations_internal(r3, &(0x7f0000000180)=""/98, 0x62) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) r4 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x200400, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_TUNDETACHFILTER(r3, 0x401054d6, &(0x7f0000000080)={0x7f, &(0x7f0000000000)={0x101, 0x9, 0x3, @inferred=r4}}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) adjtimex$auto(&(0x7f0000000440)={0x6, 0x0, 0xfffffffffffffffe, 0xffffffffffffff00, 0x8, 0x0, 0x2, 0x0, 0x9, 0x100000000, 0xb4, {0xffffffffffffac55}, 0x0, 0x7, 0x1aaa, 0x4, 0x0, 0x4, 0xf442, 0x81, 0x200, 0xdc, 0xa}) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x4000c, 0xdf, 0x9b72, r2, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r6 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x181101, 0x0) write$auto(r6, &(0x7f0000000040)='nbd\x00', 0x4) setresuid$auto(0x2, 0x7, 0x8080) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) pipe$auto(0x0) fcntl$auto(0x3, 0x4, 0xa553) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) 3.323097024s ago: executing program 0 (id=1364): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x8) socket(0x2b, 0x1, 0x1) socket(0x1, 0x2, 0x0) socket(0xa, 0x2, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/pid\x00') r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x41, 0x7, 0x3a, 0xfffffffffffffffa, 0x1ffde, 0x7, 0xa, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0xb29, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x200d) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) io_uring_setup$auto(0x1, &(0x7f0000000000)={0x3, 0x10002, 0x7f, 0x5, 0x6, 0x5, 0xffffffffffffffff, [], {0x2, 0x2005, 0x2, 0x8, 0x400, 0xb533, 0x7, 0x5, 0x80000000}, {0x7, 0xd, 0x6e68, 0x8, 0x6b, 0x86fe, 0x0, 0x0, 0xb1}}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="13002ebd7000fd250200000008000300aacf0057cc1900e3a33aa4376d2ddd15e547ae0f7a9b71a52ea409de3324d038116fe534fa6d1a70391f7073db79044d7b51d9e2f62eaa654a556e25bc88903c8654bbd0be12e2d1fd16c9fe701cc04a6f12f45a48b4e48c6f10d40d4fd2b39662ea282d5735db74a8ac9d9c96d1a3033018fac6773093d470e8f7ebf98800c1b676a1784aebe23ec1030bbc248e2c78a5badc0a63a75f5995573181652bc4c9ff67f308b7376ea0d7ac860d4e29376bbdff68e5d427bd89a69dfbb0b304cf388ad7c3894e0cefceb38f12cf34b42d85b23c89317b84fa62ab0aa675f0b9ade0e667dd", @ANYRES32=r3, @ANYBLOB="05003d0025000000"], 0x24}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894) getsockopt$auto(0x6, 0x40000000029, 0x3c, 0xfffffffffffffffe, 0x0) 3.026517747s ago: executing program 2 (id=1365): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="720100", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.661835683s ago: executing program 1 (id=1366): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x7, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket(0x2, 0x2, 0x0) r1 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x100) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(r0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x2) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x21, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x81) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BLKTRACESETUP32(r2, 0xc0401273, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.379679227s ago: executing program 2 (id=1367): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) syslog$auto(0x2, 0x0, 0xcf) mmap$auto(0x0, 0x20006, 0x3, 0x12, 0xffffffffffffffff, 0x8000) write$auto(0xca, &(0x7f0000000040)='\x04>2\x0f\x00\x00\x96\x18am\xea\xf4\x1b\xf8', 0x7e) close_range$auto(0x2, 0x8, 0x0) shmget$auto(0x400, 0x10563, 0x568c12f2) sendmsg$auto_NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x24048800) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0x20000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) r2 = clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, &(0x7f0000001300), 0x0) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) r3 = syz_clone(0x25342080, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) shmdt$auto(&(0x7f0000000000)=':-h!/-^@(\']@%]/\x00') mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) r4 = geteuid() sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r1, &(0x7f0000001040)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x130000}, 0xc, &(0x7f0000001000)={&(0x7f0000001200)={0x9c0, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x84, 0xc, 0x0, 0x1, [@typed={0x80, 0xde, 0x0, 0x0, @binary="9d144722d2132396c1779541f46219911243dfebabb841c8fb7c01f76df287ddac06f0bcecbc6d3c357208d431a5ea05c92dc85371df7e5a3d2edd6d0f28e4a31ef8aad6b92d2c8879f3540d869321217837c7e1222ab14f68d90660878f80b77b831ff6ab49adbd3b3874351362b8a09912178d191235397ba67b95"}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x98, 0x8, 0x0, 0x1, [@typed={0x14, 0x10a, 0x0, 0x0, @ipv6=@empty}, @generic="305c085e47dda16572c696a365cefc5f5ac2743b14e15ccd98e8bfffff2d1948ef432fa4e60706b28ee193b66d525487b0687938b7", @generic="85e267d8d1ce83aa70a5b17dffd1136fff1bb3af537a9bc2e0cd323194b6550c4b0beb6902f499d35bcab65fe1d81604166ba9252ceb6fa543cab5569716cb151a49c16cd36fb1309b7ae6"]}, @NLBL_CIPSOV4_A_MLSLVL={0x48, 0x7, 0x0, 0x1, [@nested={0x24, 0xc2, 0x0, 0x1, [@typed={0x4, 0xcd}, @nested={0x4, 0xde}, @typed={0xc, 0x30, 0x0, 0x0, @u64=0x1}, @nested={0x4, 0x9b}, @typed={0x8, 0x130, 0x0, 0x0, @uid}]}, @typed={0x14, 0x124, 0x0, 0x0, @str=':-h!/-^@(\']@%]/\x00'}, @typed={0xc, 0x23, 0x0, 0x0, @u64=0x1}]}, @NLBL_CIPSOV4_A_TAG={0x5, 0x3, 0x5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xffffffff}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5}, @NLBL_CIPSOV4_A_TAGLST={0x22c, 0x4, 0x0, 0x1, [@generic="fb96f34e99d2a292d0daeb44bcaa3e19bfe267cdab9b203baa358dc8a0a530b94c6035aefcc10d73df38331ba616", @typed={0x8, 0x103, 0x0, 0x0, @u32=0x91}, @generic="d3e6c574581b20fbde003c87b65b839ca15094954a1d2dd6c4b64c7d2194d289be8e86eaa76799f998c3afa7792415b3a05910e01e0da0ec08ec77f5a5c79276c4055e784e069084d6b63e93446d68bbdef270616e39410e7842cb275f6d439eb9d4f399d7610399a504dc50b3f305d5912adbf23bd7d15ce6635ab21cf3239623e67994508000fc1f2880e8d96c51efb28892242ef47dbbf1b3fbecd900bcfbb92ddaa70545c4c833f3d7f642819f35fbb68723d4fd58b4bf0ab98f608e65078135722613ef3fae7747414630bd7926906aa55271599a069e061db7f1dc7bda656d7b2a9dc16914e344a16888709124b79a9b02", @generic="2b2cbc6c2456b052c2128d345c06556eff142dcc1dac8c2350cfcf133a91a078707782830a0d273986d41cfbc9f5fa75e4c34e5ec5aac9de05b59eb752cb6d86004b9a8dc0abd911", @generic="42a82513695f15ed4e6715862a7a1f85ae261eae22aff32b3b04608a016d4388d38b9aab299c903e047d20d227bab9fb552e486153837f9627694f9b7e439db0dc152476af2259f547f973ecb08b7875df91e1c26d03c6248ff9db35484103f94a7940cd7de70fea93a0ca038731d34827b6de030946208fdc2176d170b4eb04d958b7576b9ae64599e3ad2ff066ada8ffb0db86d2fd", @nested={0xc, 0xec, 0x0, 0x1, [@typed={0x6, 0xe9, 0x0, 0x0, @str='@\x00'}]}, @typed={0x14, 0xad, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}]}, @NLBL_CIPSOV4_A_TAGLST={0x567, 0x4, 0x0, 0x1, [@typed={0x8, 0xea, 0x0, 0x0, @uid}, @nested={0xc, 0xb5, 0x0, 0x1, [@typed={0x8, 0x9d, 0x0, 0x0, @pid=r2}]}, @nested={0x10, 0xdd, 0x0, 0x1, [@nested={0x4, 0xb5}, @typed={0x8, 0xd, 0x0, 0x0, @pid=r3}]}, @nested={0x10b, 0x58, 0x0, 0x1, [@typed={0x8, 0x5e, 0x0, 0x0, @fd=r1}, @typed={0x4, 0x8e}, @generic="bf75e98c5aba214a15ed27c894a9f39f0845fe16a58abc49014efa9332f504f4ae53e5951b2e799269b7a490d9e9bc75d3268c1b232c5c099888f588e1d0ef7664dd869b73f7c0ab8104969bda32a701552975fba470838e8a40a21e47170906176f900e8f9e75ea94b85fb92d1865e2bbc71d4923b1da5237a4403db8f8dc28f022a034d65f2d65ae640f61f9f05c2f23e67986ec41c214ca4ece03c92f86f01b1018133790c2612bfb799f59634929ebf86628fd6d1672e1067c666322ede7f452486c2d6c0d91c8c3bd3572419d55bd673b8799cb87e21bcc688a2787dc4d735976470dafe9a9a6000e41d742eca32e82a88dc03b9645ba65bf"]}, @nested={0x20d, 0x122, 0x0, 0x1, [@nested={0x4, 0xc6}, @generic="4724238c7a177345977b4fde77e16def6d2a86fed63df728098d9ca8e09c0c31546b709fc11b3d9d7873d850de7efaf7a69c65a7a36116ba610112dc5377e9581e760d2e2d3883d5ab564c95c1dc0f1c63a3880c012a086bb0ffc5169bd5b73f9ebe9c2f933701c17cab113c4cffa93ebc0115496a92889135c918f0cb01", @generic='D\'5KPCQ', @nested={0x4, 0x10f}, @nested={0x4, 0xcf}, @generic="f7c2b8a36d80cca9abba0c4030934580804ad3ee3885e8ed7c5ab7086f72ceb3716f785029fe8d2e33e5e9ff673d018b27eab1d0ddb3f058834a3698747a7ac0b7ff9dffbd1708e3c3df7183891d75aee9aee2380279b81695b0f2be04b4312ec25597ee3585b638dc3e78041d16babc28ad9132e48d55c45517d9cd234a8ec3790aa3e808a1318af6b806ad2857dc9ce7108974255bd28df20d160972c110c7", @typed={0xc9, 0x12d, 0x0, 0x0, @binary="e0d1a47a688cfb55f5cc2dc84a5f9294d7819ad9aca4d607945cfe70a4ad18fb30f0e6b9302853d32311eb7ef17e38c86822d69bc69a9e3ef2735981ab2df5766675b97db3c62bcbe62a76f8ab6c1f5d8059c7832fa1ed0bc03f4087282497ae10fc840a8a8c7b185c9a98328b6681298954441fd3b8ef132cf17ec5166c7c583c46d1fc1920d488b123eee95d57cc6285547fc49ff2397fd4a6e276489e5a4eabab0b3d22e3fa179f167a510cafd7d7ac878b8b20cab45f9e659ca6fe8a023b2a31203ec0"}, @nested={0x4, 0x3d}, @typed={0x8, 0x12a, 0x0, 0x0, @fd=r0}]}, @nested={0x115, 0x9c, 0x0, 0x1, [@generic="9272e2a175483fff8af58e2b7a18dc4981f6c0aa7414063a4b31e13356b1c15f19c99df50612c93a63a81729d77301c6eec55fab7b14ffbd668b0c4d8db50862455129d0ea6e11c1895f56415db6c35fc872016e3eff54acd45a9487816c60bf93308ae2f3634fbcd6cd45402dfb6d9dbd6a0b3ca218142cf03f4c3ec06d65509b43a7ba1fb2191e164343c7b380d3c81146351c22819bbe2647dd06387e1af94e16234e6b25cb03cd05df46dc81b985f69672099431a751c8ef9e66a1c835404b02ffda8668976bc0250c18ef086af2070cd6f4b8ede487521800b69372aef9e592ae39db4252b0d5", @typed={0xa, 0xf2, 0x0, 0x0, @str='.*a]w\x00'}, @nested={0x4, 0x5e}, @typed={0xa, 0x5d, 0x0, 0x0, @str='~-!@[\x00'}, @nested={0x4, 0x13f}, @typed={0x8, 0x15, 0x0, 0x0, @uid=r4}]}, @typed={0x14, 0x7d, 0x0, 0x0, @ipv6=@remote}, @generic="9e10b03e321b1c4c613e0539fbbc8538e92f7d84212dd7d5057c07766a0fe2433674129c95ed653af05e4b09cc6bfb8d43c3059c07c27b901ba3aa64d7e1d35a14f4f43fd175d37d9ff3d47601dc4f1a524f42fb7872fea35ddb8008263760145571e8d9f0143614b1c4b94bd68e7af3e302309d4c8c8d42795caf11dac5c507e4de624d68857d0ecfb87ff5ffb282c18d65409a335106d91d627052e2fb65cfe8ff8f22ac37d6970c90d5cd13947223bede4384d057d476554c583cb846d62479dd5e9e15aaa7bd14b0ee4b38cf64abbc50601200c0150dc42ba9bcba85f128e3f7b550118230410c2cb707f887d9b5be659a4f75827e"]}, @NLBL_CIPSOV4_A_MLSCATLST={0x99, 0xc, 0x0, 0x1, [@typed={0x8, 0xe8, 0x0, 0x0, @pid=r3}, @typed={0x8, 0x12d, 0x0, 0x0, @u32=0xfffffff8}, @typed={0x8, 0x82, 0x0, 0x0, @ipv4=@empty}, @generic="025ffcf290ae2c0d021974e1133f0e16426df647f7e746a3a205aa2a6fbdfb29c90695194d1ea78d90324679792e8793a25807c4eb9097763ac77fc113d89ecc4ddcd8ccee1bdabb2a9e6991e947dde047536413acffc408002f779fcb3d1a6b0e9580f971aba6fd6d255b4b775822fe516eb2e8099a49d58f", @typed={0x4, 0x7b}]}]}, 0x9c0}, 0x1, 0x0, 0x0, 0x4040}, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae44, 0x10000000000402) process_vm_readv$auto(r3, &(0x7f0000000080)={&(0x7f0000000140)="66cdff317494273e38ed2170e952ade7e64a6bb613eac2574efd755d4d0274bf2af580028fc7cab24b122c680da4b2588fab69f6073355543e64468c1979f28c499463f44bcbd2bce3603cb638dfa975e477cba783bbb34caae40a1e267c3907820b28e607ebabe0b9dfb8b2ab490508341473cada6070d30b1023cfce69ff1f4fccf30eef5134", 0x6}, 0x5, &(0x7f00000002c0)={&(0x7f0000000200)="70c1fd089b73269276eed11f072c078f05cc99ad8f26fa5035badcb3bcde7bf19c18c5f4a4c3a4b769c11e9c718654056fdd363fc0e548c411eaf4b57c912c489234fc3cbbbc0cd40227ae11974e45e73c8d90eece8464fe367b8e69dfe975d9bd8ba0f673be2df016ee2d5e5173668d74d1bd9898f0b99a49ca9674f62d91ee24", 0x100000000}, 0x7, 0x9) 2.303413234s ago: executing program 0 (id=1368): unshare$auto(0x20000) unshare$auto(0x20000) (fail_nth: 27) 2.136084602s ago: executing program 1 (id=1369): mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x800000404, 0x8000) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x8, 0x3f) 2.133066596s ago: executing program 3 (id=1370): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/rose8/address\x00', 0x752502, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd0\x00', 0xc0c00, 0x0) arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3) r0 = gettid() rt_sigqueueinfo$auto(r0, 0x11, &(0x7f0000000000)={@siginfo_0_0={0x76bb, 0x3, 0x4, @_sigfault={0x0, @_trapno=0xfffffffe}}}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prlimit64$auto(0xffffffffffffffff, 0x101, 0x0, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/buffer_percent\x00', 0xbc102, 0x0) close_range$auto(r2, r3, 0x800000b) r4 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000002640)='/dev/mtd0\x00', 0x8000, 0x0) ioctl$auto_OTPSELECT(r4, 0x80044d0d, &(0x7f00000000c0)=0x10009) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket(0x2, 0x5, 0x0) setsockopt$auto(r6, 0x10000000084, 0x2, 0x0, 0x3) ioctl$auto_UI_DEV_SETUP(r5, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r5, 0x5501, 0x0) writev$auto(r5, &(0x7f0000000340)={&(0x7f00000002c0), 0xda7e}, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) 1.724145566s ago: executing program 0 (id=1371): prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) setresuid$auto(0x2, 0xee01, 0x8080) madvise$auto(0xfffffffffffffff4, 0x7fffffffffffffff, 0xa) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) 1.031040695s ago: executing program 1 (id=1372): move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/010/001\x00', 0x20000, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/021/001\x00', 0x25003, 0x0) 1.000211703s ago: executing program 0 (id=1373): r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f0000001380), 0x20000, 0x0) preadv$auto(r0, &(0x7f0000002fc0)={0x0, 0x8}, 0x2, 0x5, 0x19) 781.556253ms ago: executing program 0 (id=1374): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r0 = gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) kill$auto(r0, 0x11) acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00') r1 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000003a40), 0x80100, 0x0) ioctl$auto_RNDGETENTCNT(r1, 0x80045200, 0xfffffffffffffffe) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000015c0)={'wg1\x00', 0x0}) bpf$auto(0x0, &(0x7f0000001500)=@bpf_attr_5={@target_ifindex=r5, r3, 0x9, 0x1, r3, @relative_fd=r2, 0x1}, 0x10) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) acct$auto(0x0) r6 = io_uring_setup$auto(0x808008, 0x0) io_uring_enter$auto(r6, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3) fcntl$auto_F_SETFD(r6, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r7 = socketpair$auto(0xfffffffd, 0x5, 0xdb, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttycf/power/runtime_status\x00', 0x0, 0x0) write$auto(r8, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) connect$auto(r7, 0x0, 0x1013) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0xa0883, 0x0) select$auto(0xf, 0x0, &(0x7f0000002400)={[0x1, 0x400, 0x0, 0x8, 0x200000000000027f, 0xe0d3, 0x4, 0x17c750d60, 0xfffffffffffffac1, 0x106, 0x8000, 0x8000000000000000, 0x0, 0x10001, 0x2, 0x24f]}, &(0x7f0000002480)={[0xf, 0x5, 0x8, 0x4, 0x6, 0xffffffffffffff7a, 0x8, 0x45f6c183, 0xaeb, 0x3, 0x3, 0x8, 0x8000, 0x2, 0x8000000000000001, 0xfffffffffffffffc]}, 0x0) 336.588018ms ago: executing program 3 (id=1375): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="720100", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 287.573747ms ago: executing program 2 (id=1376): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r0 = socket(0x10, 0x2, 0x4) r1 = socket(0x2c, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) sendmsg$auto_ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x2000000, 0x28000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x2000c031) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="0c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4830) r3 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000240)=ANY=[@ANYBLOB="20020000e55bcf2f7eafa1623b883c1ddf2ea69705a0ea502964b86deaf0f015abd5adcd59de9d4bc434588d04fa1871ddbb5680042d48d121e2", @ANYRES16=r2, @ANYBLOB="010026bd7000fbdbdf251a0000000c00018008000100", @ANYRES32=r3, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40801}, 0x80) read$auto_state_fops_(0xffffffffffffffff, &(0x7f0000000180)=""/81, 0x51) writev$auto(0x3, 0x0, 0x8) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r4 = socket(0x1e, 0x4, 0x0) read$auto(0x3, 0x0, 0x80) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): e_up+0xa2f/0x1680 [ 479.524735][T11385] ___sys_sendmsg+0x134/0x1d0 [ 479.524783][T11385] ? __pfx____sys_sendmsg+0x10/0x10 [ 479.524829][T11385] ? wake_up_q+0xb0/0x160 [ 479.524897][T11385] ? do_futex+0x122/0x350 [ 479.524953][T11385] __sys_sendmsg+0x16d/0x220 [ 479.525005][T11385] ? __pfx___sys_sendmsg+0x10/0x10 [ 479.525054][T11385] ? __x64_sys_futex+0x1e0/0x4c0 [ 479.525113][T11385] do_syscall_64+0xcd/0x490 [ 479.525157][T11385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.525181][T11385] RIP: 0033:0x7f14d5d8e929 [ 479.525203][T11385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.525232][T11385] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 479.525257][T11385] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 479.525271][T11385] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 479.525288][T11385] RBP: 00007f14d5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 479.525303][T11385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 479.525316][T11385] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 479.525355][T11385] [ 480.267085][T11396] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1129'. [ 481.691811][T11435] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 481.706198][T11435] CPU: 1 UID: 0 PID: 11435 Comm: syz.1.1139 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 481.706246][T11435] Tainted: [U]=USER [ 481.706257][T11435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 481.706274][T11435] Call Trace: [ 481.706284][T11435] [ 481.706296][T11435] dump_stack_lvl+0x16c/0x1f0 [ 481.706348][T11435] sysfs_warn_dup+0x7f/0xa0 [ 481.706389][T11435] sysfs_do_create_link_sd+0x124/0x140 [ 481.706428][T11435] sysfs_create_link+0x61/0xc0 [ 481.706465][T11435] device_add+0x62c/0x1a70 [ 481.706499][T11435] ? __pfx_device_add+0x10/0x10 [ 481.706529][T11435] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 481.706568][T11435] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 481.706617][T11435] wiphy_register+0x1c9c/0x2850 [ 481.706647][T11435] ? netdev_run_todo+0x864/0x1320 [ 481.706692][T11435] ? __dev_printk+0x1e0/0x270 [ 481.706732][T11435] ? __pfx_wiphy_register+0x10/0x10 [ 481.706778][T11435] ieee80211_register_hw+0x24ac/0x4140 [ 481.706819][T11435] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 481.706851][T11435] ? find_held_lock+0x2b/0x80 [ 481.706879][T11435] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 481.706914][T11435] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 481.706941][T11435] ? __hrtimer_setup+0x176/0x280 [ 481.706978][T11435] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 481.707030][T11435] ? trace_kmalloc+0x2b/0xd0 [ 481.707055][T11435] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 481.707112][T11435] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 481.707145][T11435] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 481.707169][T11435] ? __asan_memcpy+0x3c/0x60 [ 481.707195][T11435] hwsim_new_radio_nl+0xb51/0x12c0 [ 481.707221][T11435] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 481.707249][T11435] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 481.707269][T11435] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 481.707291][T11435] genl_family_rcv_msg_doit+0x209/0x2f0 [ 481.707311][T11435] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 481.707329][T11435] ? trace_cap_capable+0x18d/0x200 [ 481.707350][T11435] ? bpf_lsm_capable+0x9/0x10 [ 481.707368][T11435] ? security_capable+0x7e/0x260 [ 481.707383][T11435] ? ns_capable+0xd7/0x110 [ 481.707402][T11435] genl_rcv_msg+0x55c/0x800 [ 481.707425][T11435] ? __pfx_genl_rcv_msg+0x10/0x10 [ 481.707445][T11435] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 481.707473][T11435] netlink_rcv_skb+0x158/0x420 [ 481.707489][T11435] ? __pfx_genl_rcv_msg+0x10/0x10 [ 481.707507][T11435] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 481.707531][T11435] ? netlink_deliver_tap+0x1ae/0xd30 [ 481.707557][T11435] genl_rcv+0x28/0x40 [ 481.707572][T11435] netlink_unicast+0x58a/0x850 [ 481.707590][T11435] ? __pfx_netlink_unicast+0x10/0x10 [ 481.707611][T11435] netlink_sendmsg+0x8d1/0xdd0 [ 481.707630][T11435] ? __pfx_netlink_sendmsg+0x10/0x10 [ 481.707653][T11435] ____sys_sendmsg+0xa98/0xc70 [ 481.707671][T11435] ? copy_msghdr_from_user+0x10a/0x160 [ 481.707691][T11435] ? __pfx_____sys_sendmsg+0x10/0x10 [ 481.707711][T11435] ? try_to_wake_up+0xa2f/0x1680 [ 481.707731][T11435] ___sys_sendmsg+0x134/0x1d0 [ 481.707753][T11435] ? __pfx____sys_sendmsg+0x10/0x10 [ 481.707774][T11435] ? wake_up_q+0xb0/0x160 [ 481.707805][T11435] ? do_futex+0x122/0x350 [ 481.707828][T11435] __sys_sendmsg+0x16d/0x220 [ 481.707849][T11435] ? __pfx___sys_sendmsg+0x10/0x10 [ 481.707869][T11435] ? __x64_sys_futex+0x1e0/0x4c0 [ 481.707899][T11435] do_syscall_64+0xcd/0x490 [ 481.707924][T11435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.707940][T11435] RIP: 0033:0x7f14d5d8e929 [ 481.707956][T11435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.707972][T11435] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 481.707989][T11435] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 481.708001][T11435] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 481.708011][T11435] RBP: 00007f14d5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 481.708022][T11435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 481.708032][T11435] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 481.708053][T11435] [ 483.492261][T11477] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 483.508846][T11477] CPU: 1 UID: 0 PID: 11477 Comm: syz.0.1152 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 483.508887][T11477] Tainted: [U]=USER [ 483.508893][T11477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 483.508904][T11477] Call Trace: [ 483.508911][T11477] [ 483.508926][T11477] dump_stack_lvl+0x16c/0x1f0 [ 483.508960][T11477] sysfs_warn_dup+0x7f/0xa0 [ 483.508982][T11477] sysfs_do_create_link_sd+0x124/0x140 [ 483.509005][T11477] sysfs_create_link+0x61/0xc0 [ 483.509027][T11477] device_add+0x62c/0x1a70 [ 483.509047][T11477] ? __pfx_device_add+0x10/0x10 [ 483.509061][T11477] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 483.509086][T11477] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 483.509118][T11477] wiphy_register+0x1c9c/0x2850 [ 483.509136][T11477] ? netdev_run_todo+0x864/0x1320 [ 483.509160][T11477] ? __dev_printk+0x1e0/0x270 [ 483.509188][T11477] ? __pfx_wiphy_register+0x10/0x10 [ 483.509217][T11477] ieee80211_register_hw+0x24ac/0x4140 [ 483.509245][T11477] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 483.509264][T11477] ? find_held_lock+0x2b/0x80 [ 483.509280][T11477] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 483.509302][T11477] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 483.509320][T11477] ? __hrtimer_setup+0x176/0x280 [ 483.509344][T11477] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 483.509377][T11477] ? trace_kmalloc+0x2b/0xd0 [ 483.509392][T11477] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 483.509415][T11477] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 483.509435][T11477] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 483.509457][T11477] ? __asan_memcpy+0x3c/0x60 [ 483.509479][T11477] hwsim_new_radio_nl+0xb51/0x12c0 [ 483.509502][T11477] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 483.509530][T11477] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 483.509550][T11477] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 483.509573][T11477] genl_family_rcv_msg_doit+0x209/0x2f0 [ 483.509593][T11477] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 483.509611][T11477] ? trace_cap_capable+0x18d/0x200 [ 483.509632][T11477] ? bpf_lsm_capable+0x9/0x10 [ 483.509650][T11477] ? security_capable+0x7e/0x260 [ 483.509666][T11477] ? ns_capable+0xd7/0x110 [ 483.509686][T11477] genl_rcv_msg+0x55c/0x800 [ 483.509707][T11477] ? __pfx_genl_rcv_msg+0x10/0x10 [ 483.509726][T11477] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 483.509754][T11477] netlink_rcv_skb+0x158/0x420 [ 483.509770][T11477] ? __pfx_genl_rcv_msg+0x10/0x10 [ 483.509788][T11477] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 483.509811][T11477] ? netlink_deliver_tap+0x1ae/0xd30 [ 483.509838][T11477] genl_rcv+0x28/0x40 [ 483.509853][T11477] netlink_unicast+0x58a/0x850 [ 483.509871][T11477] ? __pfx_netlink_unicast+0x10/0x10 [ 483.509898][T11477] netlink_sendmsg+0x8d1/0xdd0 [ 483.509939][T11477] ? __pfx_netlink_sendmsg+0x10/0x10 [ 483.509982][T11477] ____sys_sendmsg+0xa98/0xc70 [ 483.510016][T11477] ? copy_msghdr_from_user+0x10a/0x160 [ 483.510055][T11477] ? __pfx_____sys_sendmsg+0x10/0x10 [ 483.510086][T11477] ? try_to_wake_up+0xa2f/0x1680 [ 483.510106][T11477] ___sys_sendmsg+0x134/0x1d0 [ 483.510129][T11477] ? __pfx____sys_sendmsg+0x10/0x10 [ 483.510150][T11477] ? wake_up_q+0xb0/0x160 [ 483.510184][T11477] ? do_futex+0x122/0x350 [ 483.510207][T11477] __sys_sendmsg+0x16d/0x220 [ 483.510228][T11477] ? __pfx___sys_sendmsg+0x10/0x10 [ 483.510248][T11477] ? __x64_sys_futex+0x1e0/0x4c0 [ 483.510278][T11477] do_syscall_64+0xcd/0x490 [ 483.510303][T11477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.510321][T11477] RIP: 0033:0x7f8fea78e929 [ 483.510335][T11477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 483.510351][T11477] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 483.510366][T11477] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 483.510376][T11477] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 483.510386][T11477] RBP: 00007f8fea810b39 R08: 0000000000000000 R09: 0000000000000000 [ 483.510396][T11477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 483.510406][T11477] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 483.510427][T11477] [ 486.372527][T11548] serio: Serial port pty238 [ 486.579015][T11555] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 486.611812][T11555] CPU: 1 UID: 0 PID: 11555 Comm: syz.3.1158 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 486.611851][T11555] Tainted: [U]=USER [ 486.611857][T11555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 486.611869][T11555] Call Trace: [ 486.611876][T11555] [ 486.611883][T11555] dump_stack_lvl+0x16c/0x1f0 [ 486.611917][T11555] sysfs_warn_dup+0x7f/0xa0 [ 486.611941][T11555] sysfs_do_create_link_sd+0x124/0x140 [ 486.611966][T11555] sysfs_create_link+0x61/0xc0 [ 486.611987][T11555] device_add+0x62c/0x1a70 [ 486.612008][T11555] ? __pfx_device_add+0x10/0x10 [ 486.612023][T11555] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 486.612051][T11555] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 486.612080][T11555] wiphy_register+0x1c9c/0x2850 [ 486.612097][T11555] ? netdev_run_todo+0x864/0x1320 [ 486.612121][T11555] ? __dev_printk+0x1e0/0x270 [ 486.612145][T11555] ? __pfx_wiphy_register+0x10/0x10 [ 486.612172][T11555] ieee80211_register_hw+0x24ac/0x4140 [ 486.612198][T11555] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 486.612217][T11555] ? find_held_lock+0x2b/0x80 [ 486.612234][T11555] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 486.612256][T11555] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 486.612273][T11555] ? __hrtimer_setup+0x176/0x280 [ 486.612298][T11555] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 486.612331][T11555] ? trace_kmalloc+0x2b/0xd0 [ 486.612346][T11555] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 486.612369][T11555] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 486.612390][T11555] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 486.612411][T11555] ? __asan_memcpy+0x3c/0x60 [ 486.612434][T11555] hwsim_new_radio_nl+0xb51/0x12c0 [ 486.612458][T11555] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 486.612485][T11555] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 486.612505][T11555] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 486.612528][T11555] genl_family_rcv_msg_doit+0x209/0x2f0 [ 486.612549][T11555] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 486.612566][T11555] ? trace_cap_capable+0x18d/0x200 [ 486.612593][T11555] ? bpf_lsm_capable+0x9/0x10 [ 486.612613][T11555] ? security_capable+0x7e/0x260 [ 486.612630][T11555] ? ns_capable+0xd7/0x110 [ 486.612651][T11555] genl_rcv_msg+0x55c/0x800 [ 486.612671][T11555] ? __pfx_genl_rcv_msg+0x10/0x10 [ 486.612689][T11555] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 486.612717][T11555] netlink_rcv_skb+0x158/0x420 [ 486.612733][T11555] ? __pfx_genl_rcv_msg+0x10/0x10 [ 486.612751][T11555] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 486.612775][T11555] ? netlink_deliver_tap+0x1ae/0xd30 [ 486.612801][T11555] genl_rcv+0x28/0x40 [ 486.612816][T11555] netlink_unicast+0x58a/0x850 [ 486.612840][T11555] ? __pfx_netlink_unicast+0x10/0x10 [ 486.612865][T11555] netlink_sendmsg+0x8d1/0xdd0 [ 486.612884][T11555] ? __pfx_netlink_sendmsg+0x10/0x10 [ 486.612910][T11555] ____sys_sendmsg+0xa98/0xc70 [ 486.612929][T11555] ? copy_msghdr_from_user+0x10a/0x160 [ 486.612953][T11555] ? __pfx_____sys_sendmsg+0x10/0x10 [ 486.612974][T11555] ? try_to_wake_up+0xa2f/0x1680 [ 486.612993][T11555] ___sys_sendmsg+0x134/0x1d0 [ 486.613015][T11555] ? __pfx____sys_sendmsg+0x10/0x10 [ 486.613036][T11555] ? wake_up_q+0xb0/0x160 [ 486.613067][T11555] ? do_futex+0x122/0x350 [ 486.613090][T11555] __sys_sendmsg+0x16d/0x220 [ 486.613111][T11555] ? __pfx___sys_sendmsg+0x10/0x10 [ 486.613132][T11555] ? __x64_sys_futex+0x1e0/0x4c0 [ 486.613161][T11555] do_syscall_64+0xcd/0x490 [ 486.613185][T11555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.613201][T11555] RIP: 0033:0x7fba68f8e929 [ 486.613215][T11555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.613231][T11555] RSP: 002b:00007fba66df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 486.613248][T11555] RAX: ffffffffffffffda RBX: 00007fba691b5fa0 RCX: 00007fba68f8e929 [ 486.613260][T11555] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 486.613271][T11555] RBP: 00007fba69010b39 R08: 0000000000000000 R09: 0000000000000000 [ 486.613282][T11555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.613292][T11555] R13: 0000000000000000 R14: 00007fba691b5fa0 R15: 00007ffc5e98eae8 [ 486.613313][T11555] [ 489.812934][T11627] serio: Serial port pty238 [ 489.830279][T11625] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 489.880851][T11625] CPU: 0 UID: 0 PID: 11625 Comm: syz.1.1169 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 489.880905][T11625] Tainted: [U]=USER [ 489.880916][T11625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 489.880934][T11625] Call Trace: [ 489.880944][T11625] [ 489.880957][T11625] dump_stack_lvl+0x16c/0x1f0 [ 489.881009][T11625] sysfs_warn_dup+0x7f/0xa0 [ 489.881049][T11625] sysfs_do_create_link_sd+0x124/0x140 [ 489.881092][T11625] sysfs_create_link+0x61/0xc0 [ 489.881127][T11625] device_add+0x62c/0x1a70 [ 489.881162][T11625] ? __pfx_device_add+0x10/0x10 [ 489.881192][T11625] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 489.881236][T11625] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 489.881286][T11625] wiphy_register+0x1c9c/0x2850 [ 489.881328][T11625] ? netdev_run_todo+0x864/0x1320 [ 489.881376][T11625] ? __dev_printk+0x1e0/0x270 [ 489.881423][T11625] ? __pfx_wiphy_register+0x10/0x10 [ 489.881474][T11625] ieee80211_register_hw+0x24ac/0x4140 [ 489.881518][T11625] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 489.881551][T11625] ? find_held_lock+0x2b/0x80 [ 489.881581][T11625] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 489.881621][T11625] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 489.881652][T11625] ? __hrtimer_setup+0x176/0x280 [ 489.881695][T11625] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 489.881755][T11625] ? trace_kmalloc+0x2b/0xd0 [ 489.881781][T11625] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 489.881826][T11625] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 489.881862][T11625] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 489.881905][T11625] ? __asan_memcpy+0x3c/0x60 [ 489.881944][T11625] hwsim_new_radio_nl+0xb51/0x12c0 [ 489.881980][T11625] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 489.882023][T11625] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 489.882053][T11625] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 489.882090][T11625] genl_family_rcv_msg_doit+0x209/0x2f0 [ 489.882120][T11625] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 489.882148][T11625] ? trace_cap_capable+0x18d/0x200 [ 489.882180][T11625] ? bpf_lsm_capable+0x9/0x10 [ 489.882213][T11625] ? security_capable+0x7e/0x260 [ 489.882239][T11625] ? ns_capable+0xd7/0x110 [ 489.882269][T11625] genl_rcv_msg+0x55c/0x800 [ 489.882312][T11625] ? __pfx_genl_rcv_msg+0x10/0x10 [ 489.882347][T11625] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 489.882399][T11625] netlink_rcv_skb+0x158/0x420 [ 489.882426][T11625] ? __pfx_genl_rcv_msg+0x10/0x10 [ 489.882459][T11625] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 489.882502][T11625] ? netlink_deliver_tap+0x1ae/0xd30 [ 489.882548][T11625] genl_rcv+0x28/0x40 [ 489.882575][T11625] netlink_unicast+0x58a/0x850 [ 489.882609][T11625] ? __pfx_netlink_unicast+0x10/0x10 [ 489.882646][T11625] netlink_sendmsg+0x8d1/0xdd0 [ 489.882680][T11625] ? __pfx_netlink_sendmsg+0x10/0x10 [ 489.882723][T11625] ____sys_sendmsg+0xa98/0xc70 [ 489.882757][T11625] ? copy_msghdr_from_user+0x10a/0x160 [ 489.882794][T11625] ? __pfx_____sys_sendmsg+0x10/0x10 [ 489.882836][T11625] ? try_to_wake_up+0xa2f/0x1680 [ 489.882871][T11625] ___sys_sendmsg+0x134/0x1d0 [ 489.882910][T11625] ? __pfx____sys_sendmsg+0x10/0x10 [ 489.882948][T11625] ? wake_up_q+0xb0/0x160 [ 489.883008][T11625] ? do_futex+0x122/0x350 [ 489.883049][T11625] __sys_sendmsg+0x16d/0x220 [ 489.883088][T11625] ? __pfx___sys_sendmsg+0x10/0x10 [ 489.883124][T11625] ? __x64_sys_futex+0x1e0/0x4c0 [ 489.883209][T11625] do_syscall_64+0xcd/0x490 [ 489.883255][T11625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 489.883284][T11625] RIP: 0033:0x7f14d5d8e929 [ 489.883316][T11625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 489.883345][T11625] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 489.883374][T11625] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 489.883392][T11625] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 489.883409][T11625] RBP: 00007f14d5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 489.883427][T11625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 489.883442][T11625] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 489.883479][T11625] [ 492.191757][T11678] FAULT_INJECTION: forcing a failure. [ 492.191757][T11678] name failslab, interval 1, probability 0, space 0, times 0 [ 492.309035][T11678] CPU: 0 UID: 0 PID: 11678 Comm: syz.1.1176 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 492.309083][T11678] Tainted: [U]=USER [ 492.309092][T11678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 492.309108][T11678] Call Trace: [ 492.309118][T11678] [ 492.309130][T11678] dump_stack_lvl+0x16c/0x1f0 [ 492.309178][T11678] should_fail_ex+0x512/0x640 [ 492.309216][T11678] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 492.309256][T11678] should_failslab+0xc2/0x120 [ 492.309282][T11678] __kmalloc_cache_noprof+0x6a/0x3e0 [ 492.309316][T11678] ? snd_seq_port_connect+0x61/0x550 [ 492.309372][T11678] snd_seq_port_connect+0x61/0x550 [ 492.309408][T11678] ? _raw_read_unlock+0x28/0x50 [ 492.309443][T11678] ? check_subscription_permission.isra.0+0xf5/0x240 [ 492.309489][T11678] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 492.309520][T11678] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 492.309563][T11678] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 492.309592][T11678] snd_seq_oss_midi_open+0x564/0x660 [ 492.309626][T11678] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 492.309668][T11678] ? lockdep_hardirqs_on+0x7c/0x110 [ 492.309704][T11678] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 492.309743][T11678] snd_seq_oss_synth_setup_midi+0x131/0x580 [ 492.309784][T11678] snd_seq_oss_open+0x893/0xa20 [ 492.309816][T11678] odev_open+0x6f/0x90 [ 492.309850][T11678] ? __pfx_odev_open+0x10/0x10 [ 492.309886][T11678] soundcore_open+0x40c/0x580 [ 492.309927][T11678] ? __pfx_soundcore_open+0x10/0x10 [ 492.309962][T11678] chrdev_open+0x231/0x6a0 [ 492.309999][T11678] ? __pfx_apparmor_file_open+0x10/0x10 [ 492.310032][T11678] ? __pfx_chrdev_open+0x10/0x10 [ 492.310072][T11678] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 492.310113][T11678] do_dentry_open+0x744/0x1c10 [ 492.310152][T11678] ? __pfx_chrdev_open+0x10/0x10 [ 492.310197][T11678] vfs_open+0x82/0x3f0 [ 492.310234][T11678] path_openat+0x1de4/0x2cb0 [ 492.310285][T11678] ? __pfx_path_openat+0x10/0x10 [ 492.310331][T11678] ? __lock_acquire+0xb8a/0x1c90 [ 492.310372][T11678] do_filp_open+0x20b/0x470 [ 492.310407][T11678] ? __pfx_do_filp_open+0x10/0x10 [ 492.310469][T11678] ? alloc_fd+0x471/0x7d0 [ 492.310515][T11678] do_sys_openat2+0x11b/0x1d0 [ 492.310543][T11678] ? __pfx_do_sys_openat2+0x10/0x10 [ 492.310587][T11678] __x64_sys_openat+0x174/0x210 [ 492.310616][T11678] ? __pfx___x64_sys_openat+0x10/0x10 [ 492.310643][T11678] ? ksys_write+0x1ac/0x250 [ 492.310691][T11678] do_syscall_64+0xcd/0x490 [ 492.310730][T11678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.310757][T11678] RIP: 0033:0x7f14d5d8e929 [ 492.310777][T11678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 492.310801][T11678] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 492.310827][T11678] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 492.310845][T11678] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 492.310861][T11678] RBP: 00007f14d6b44090 R08: 0000000000000000 R09: 0000000000000000 [ 492.310878][T11678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 492.310893][T11678] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 492.310929][T11678] [ 493.175025][T11692] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 493.203254][T11692] CPU: 0 UID: 0 PID: 11692 Comm: syz.2.1179 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 493.203302][T11692] Tainted: [U]=USER [ 493.203311][T11692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 493.203325][T11692] Call Trace: [ 493.203335][T11692] [ 493.203348][T11692] dump_stack_lvl+0x16c/0x1f0 [ 493.203395][T11692] sysfs_warn_dup+0x7f/0xa0 [ 493.203433][T11692] sysfs_do_create_link_sd+0x124/0x140 [ 493.203473][T11692] sysfs_create_link+0x61/0xc0 [ 493.203509][T11692] device_add+0x62c/0x1a70 [ 493.203543][T11692] ? __pfx_device_add+0x10/0x10 [ 493.203570][T11692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 493.203615][T11692] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 493.203666][T11692] wiphy_register+0x1c9c/0x2850 [ 493.203695][T11692] ? netdev_run_todo+0x864/0x1320 [ 493.203737][T11692] ? __dev_printk+0x1e0/0x270 [ 493.203773][T11692] ? __pfx_wiphy_register+0x10/0x10 [ 493.203815][T11692] ieee80211_register_hw+0x24ac/0x4140 [ 493.203858][T11692] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 493.203891][T11692] ? find_held_lock+0x2b/0x80 [ 493.203917][T11692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 493.203954][T11692] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 493.204000][T11692] ? __hrtimer_setup+0x176/0x280 [ 493.204046][T11692] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 493.204100][T11692] ? trace_kmalloc+0x2b/0xd0 [ 493.204127][T11692] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 493.204175][T11692] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 493.204213][T11692] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 493.204253][T11692] ? __asan_memcpy+0x3c/0x60 [ 493.204293][T11692] hwsim_new_radio_nl+0xb51/0x12c0 [ 493.204331][T11692] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 493.204379][T11692] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 493.204410][T11692] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 493.204451][T11692] genl_family_rcv_msg_doit+0x209/0x2f0 [ 493.204487][T11692] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 493.204514][T11692] ? trace_cap_capable+0x18d/0x200 [ 493.204547][T11692] ? bpf_lsm_capable+0x9/0x10 [ 493.204583][T11692] ? security_capable+0x7e/0x260 [ 493.204611][T11692] ? ns_capable+0xd7/0x110 [ 493.204648][T11692] genl_rcv_msg+0x55c/0x800 [ 493.204684][T11692] ? __pfx_genl_rcv_msg+0x10/0x10 [ 493.204714][T11692] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 493.204760][T11692] netlink_rcv_skb+0x158/0x420 [ 493.204786][T11692] ? __pfx_genl_rcv_msg+0x10/0x10 [ 493.204815][T11692] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 493.204854][T11692] ? netlink_deliver_tap+0x1ae/0xd30 [ 493.204896][T11692] genl_rcv+0x28/0x40 [ 493.204921][T11692] netlink_unicast+0x58a/0x850 [ 493.204950][T11692] ? __pfx_netlink_unicast+0x10/0x10 [ 493.204995][T11692] netlink_sendmsg+0x8d1/0xdd0 [ 493.205034][T11692] ? __pfx_netlink_sendmsg+0x10/0x10 [ 493.205070][T11692] ____sys_sendmsg+0xa98/0xc70 [ 493.205101][T11692] ? copy_msghdr_from_user+0x10a/0x160 [ 493.205133][T11692] ? __pfx_____sys_sendmsg+0x10/0x10 [ 493.205156][T11692] ? try_to_wake_up+0xa2f/0x1680 [ 493.205177][T11692] ___sys_sendmsg+0x134/0x1d0 [ 493.205200][T11692] ? __pfx____sys_sendmsg+0x10/0x10 [ 493.205224][T11692] ? wake_up_q+0xb0/0x160 [ 493.205254][T11692] ? do_futex+0x122/0x350 [ 493.205278][T11692] __sys_sendmsg+0x16d/0x220 [ 493.205299][T11692] ? __pfx___sys_sendmsg+0x10/0x10 [ 493.205320][T11692] ? __x64_sys_futex+0x1e0/0x4c0 [ 493.205349][T11692] do_syscall_64+0xcd/0x490 [ 493.205373][T11692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.205389][T11692] RIP: 0033:0x7f9f6a78e929 [ 493.205405][T11692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.205419][T11692] RSP: 002b:00007f9f6b528038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 493.205435][T11692] RAX: ffffffffffffffda RBX: 00007f9f6a9b5fa0 RCX: 00007f9f6a78e929 [ 493.205447][T11692] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 493.205457][T11692] RBP: 00007f9f6a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 493.205468][T11692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 493.205478][T11692] R13: 0000000000000000 R14: 00007f9f6a9b5fa0 R15: 00007ffef440af98 [ 493.205499][T11692] [ 494.352113][T11720] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967293.4294967295.4294967293), cmd(2) [ 496.634372][T11763] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1187'. [ 496.719256][T11767] FAULT_INJECTION: forcing a failure. [ 496.719256][T11767] name failslab, interval 1, probability 0, space 0, times 0 [ 496.764863][T11767] CPU: 0 UID: 0 PID: 11767 Comm: syz.3.1187 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 496.764910][T11767] Tainted: [U]=USER [ 496.764919][T11767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 496.764934][T11767] Call Trace: [ 496.764944][T11767] [ 496.764955][T11767] dump_stack_lvl+0x16c/0x1f0 [ 496.765001][T11767] should_fail_ex+0x512/0x640 [ 496.765045][T11767] should_failslab+0xc2/0x120 [ 496.765070][T11767] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 496.765110][T11767] ? skb_clone+0x190/0x3f0 [ 496.765153][T11767] skb_clone+0x190/0x3f0 [ 496.765189][T11767] netlink_deliver_tap+0xabd/0xd30 [ 496.765238][T11767] netlink_unicast+0x62f/0x850 [ 496.765267][T11767] ? __pfx_netlink_unicast+0x10/0x10 [ 496.765300][T11767] netlink_sendmsg+0x8d1/0xdd0 [ 496.765333][T11767] ? __pfx_netlink_sendmsg+0x10/0x10 [ 496.765373][T11767] ____sys_sendmsg+0xa98/0xc70 [ 496.765403][T11767] ? copy_msghdr_from_user+0x10a/0x160 [ 496.765437][T11767] ? __pfx_____sys_sendmsg+0x10/0x10 [ 496.765469][T11767] ? kfree+0x24f/0x4d0 [ 496.765497][T11767] ? __pfx__kstrtoull+0x10/0x10 [ 496.765536][T11767] ___sys_sendmsg+0x134/0x1d0 [ 496.765574][T11767] ? __pfx____sys_sendmsg+0x10/0x10 [ 496.765650][T11767] ? __pfx___might_resched+0x10/0x10 [ 496.765689][T11767] __sys_sendmmsg+0x200/0x420 [ 496.765730][T11767] ? __pfx___sys_sendmmsg+0x10/0x10 [ 496.765777][T11767] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 496.765832][T11767] ? fput+0x70/0xf0 [ 496.765858][T11767] ? ksys_write+0x1ac/0x250 [ 496.765890][T11767] ? __pfx_ksys_write+0x10/0x10 [ 496.765935][T11767] __x64_sys_sendmmsg+0x9c/0x100 [ 496.765970][T11767] ? lockdep_hardirqs_on+0x7c/0x110 [ 496.766004][T11767] do_syscall_64+0xcd/0x490 [ 496.766043][T11767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 496.766069][T11767] RIP: 0033:0x7fba68f8e929 [ 496.766091][T11767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 496.766115][T11767] RSP: 002b:00007fba66dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 496.766141][T11767] RAX: ffffffffffffffda RBX: 00007fba691b6080 RCX: 00007fba68f8e929 [ 496.766159][T11767] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 496.766174][T11767] RBP: 00007fba66dd5090 R08: 0000000000000000 R09: 0000000000000000 [ 496.766189][T11767] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 496.766204][T11767] R13: 0000000000000000 R14: 00007fba691b6080 R15: 00007ffc5e98eae8 [ 496.766237][T11767] [ 496.773914][T11767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1187'. [ 497.736855][T11786] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 497.823077][T11786] CPU: 1 UID: 0 PID: 11786 Comm: syz.0.1190 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 497.823110][T11786] Tainted: [U]=USER [ 497.823117][T11786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 497.823127][T11786] Call Trace: [ 497.823135][T11786] [ 497.823142][T11786] dump_stack_lvl+0x16c/0x1f0 [ 497.823176][T11786] sysfs_warn_dup+0x7f/0xa0 [ 497.823199][T11786] sysfs_do_create_link_sd+0x124/0x140 [ 497.823222][T11786] sysfs_create_link+0x61/0xc0 [ 497.823244][T11786] device_add+0x62c/0x1a70 [ 497.823277][T11786] ? __pfx_device_add+0x10/0x10 [ 497.823306][T11786] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 497.823349][T11786] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 497.823384][T11786] wiphy_register+0x1c9c/0x2850 [ 497.823401][T11786] ? netdev_run_todo+0x864/0x1320 [ 497.823426][T11786] ? __dev_printk+0x1e0/0x270 [ 497.823449][T11786] ? __pfx_wiphy_register+0x10/0x10 [ 497.823476][T11786] ieee80211_register_hw+0x24ac/0x4140 [ 497.823505][T11786] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 497.823523][T11786] ? find_held_lock+0x2b/0x80 [ 497.823542][T11786] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 497.823564][T11786] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 497.823582][T11786] ? __hrtimer_setup+0x176/0x280 [ 497.823608][T11786] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 497.823641][T11786] ? trace_kmalloc+0x2b/0xd0 [ 497.823657][T11786] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 497.823680][T11786] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 497.823700][T11786] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 497.823723][T11786] ? __asan_memcpy+0x3c/0x60 [ 497.823749][T11786] hwsim_new_radio_nl+0xb51/0x12c0 [ 497.823782][T11786] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 497.823813][T11786] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 497.823835][T11786] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 497.823859][T11786] genl_family_rcv_msg_doit+0x209/0x2f0 [ 497.823881][T11786] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 497.823899][T11786] ? trace_cap_capable+0x18d/0x200 [ 497.823920][T11786] ? bpf_lsm_capable+0x9/0x10 [ 497.823938][T11786] ? security_capable+0x7e/0x260 [ 497.823953][T11786] ? ns_capable+0xd7/0x110 [ 497.823975][T11786] genl_rcv_msg+0x55c/0x800 [ 497.823996][T11786] ? __pfx_genl_rcv_msg+0x10/0x10 [ 497.824015][T11786] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 497.824047][T11786] netlink_rcv_skb+0x158/0x420 [ 497.824063][T11786] ? __pfx_genl_rcv_msg+0x10/0x10 [ 497.824081][T11786] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 497.824105][T11786] ? netlink_deliver_tap+0x1ae/0xd30 [ 497.824132][T11786] genl_rcv+0x28/0x40 [ 497.824146][T11786] netlink_unicast+0x58a/0x850 [ 497.824164][T11786] ? __pfx_netlink_unicast+0x10/0x10 [ 497.824185][T11786] netlink_sendmsg+0x8d1/0xdd0 [ 497.824203][T11786] ? __pfx_netlink_sendmsg+0x10/0x10 [ 497.824226][T11786] ____sys_sendmsg+0xa98/0xc70 [ 497.824244][T11786] ? copy_msghdr_from_user+0x10a/0x160 [ 497.824265][T11786] ? __pfx_____sys_sendmsg+0x10/0x10 [ 497.824286][T11786] ? try_to_wake_up+0xa2f/0x1680 [ 497.824305][T11786] ___sys_sendmsg+0x134/0x1d0 [ 497.824328][T11786] ? __pfx____sys_sendmsg+0x10/0x10 [ 497.824349][T11786] ? wake_up_q+0xb0/0x160 [ 497.824380][T11786] ? do_futex+0x122/0x350 [ 497.824403][T11786] __sys_sendmsg+0x16d/0x220 [ 497.824424][T11786] ? __pfx___sys_sendmsg+0x10/0x10 [ 497.824445][T11786] ? __x64_sys_futex+0x1e0/0x4c0 [ 497.824475][T11786] do_syscall_64+0xcd/0x490 [ 497.824500][T11786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.824517][T11786] RIP: 0033:0x7f8fea78e929 [ 497.824534][T11786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 497.824550][T11786] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 497.824567][T11786] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 497.824578][T11786] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 497.824589][T11786] RBP: 00007f8fea810b39 R08: 0000000000000000 R09: 0000000000000000 [ 497.824599][T11786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 497.824609][T11786] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 497.824631][T11786] [ 499.771140][T11819] FAULT_INJECTION: forcing a failure. [ 499.771140][T11819] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 499.855196][T11819] CPU: 0 UID: 0 PID: 11819 Comm: syz.2.1196 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 499.855245][T11819] Tainted: [U]=USER [ 499.855254][T11819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 499.855269][T11819] Call Trace: [ 499.855280][T11819] [ 499.855292][T11819] dump_stack_lvl+0x16c/0x1f0 [ 499.855341][T11819] should_fail_ex+0x512/0x640 [ 499.855385][T11819] _copy_from_user+0x2e/0xd0 [ 499.855426][T11819] kstrtouint_from_user+0xd6/0x1d0 [ 499.855457][T11819] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 499.855487][T11819] ? __lock_acquire+0xb8a/0x1c90 [ 499.855539][T11819] proc_fail_nth_write+0x83/0x250 [ 499.855573][T11819] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 499.855619][T11819] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 499.855647][T11819] vfs_write+0x29d/0x1150 [ 499.855688][T11819] ? __pfx___mutex_lock+0x10/0x10 [ 499.855725][T11819] ? __pfx_vfs_write+0x10/0x10 [ 499.855770][T11819] ? __fget_files+0x20e/0x3c0 [ 499.855815][T11819] ksys_write+0x12a/0x250 [ 499.855849][T11819] ? __pfx_ksys_write+0x10/0x10 [ 499.855895][T11819] do_syscall_64+0xcd/0x490 [ 499.855934][T11819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.855962][T11819] RIP: 0033:0x7f9f6a78d3df [ 499.855984][T11819] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 499.856009][T11819] RSP: 002b:00007f9f6b528030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 499.856034][T11819] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9f6a78d3df [ 499.856052][T11819] RDX: 0000000000000001 RSI: 00007f9f6b5280a0 RDI: 0000000000000005 [ 499.856068][T11819] RBP: 00007f9f6b528090 R08: 0000000000000000 R09: 0000000000000000 [ 499.856084][T11819] R10: 0000000000000005 R11: 0000000000000293 R12: 0000000000000002 [ 499.856098][T11819] R13: 0000000000000000 R14: 00007f9f6a9b5fa0 R15: 00007ffef440af98 [ 499.856134][T11819] [ 501.322090][T11855] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 501.374995][T11855] Unable to find swap-space signature [ 502.683744][T11889] FAULT_INJECTION: forcing a failure. [ 502.683744][T11889] name failslab, interval 1, probability 0, space 0, times 0 [ 502.696642][T11889] CPU: 0 UID: 0 PID: 11889 Comm: syz.0.1213 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 502.696670][T11889] Tainted: [U]=USER [ 502.696675][T11889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 502.696684][T11889] Call Trace: [ 502.696691][T11889] [ 502.696697][T11889] dump_stack_lvl+0x16c/0x1f0 [ 502.696727][T11889] should_fail_ex+0x512/0x640 [ 502.696750][T11889] ? __kmalloc_noprof+0xbf/0x510 [ 502.696774][T11889] ? snd_pcm_plugin_build+0x64/0x650 [ 502.696793][T11889] should_failslab+0xc2/0x120 [ 502.696808][T11889] __kmalloc_noprof+0xd2/0x510 [ 502.696831][T11889] ? __mutex_unlock_slowpath+0xc1/0x6a0 [ 502.696857][T11889] snd_pcm_plugin_build+0x64/0x650 [ 502.696875][T11889] snd_pcm_plugin_build_rate+0x27c/0x760 [ 502.696897][T11889] ? __pfx_snd_pcm_plugin_build_rate+0x10/0x10 [ 502.696917][T11889] ? snd_pcm_hw_params+0xcd/0x1b40 [ 502.696939][T11889] snd_pcm_plug_format_plugins+0x866/0x1430 [ 502.696958][T11889] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 502.696978][T11889] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 502.697000][T11889] snd_pcm_oss_change_params_locked+0x2dec/0x3a30 [ 502.697025][T11889] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 502.697056][T11889] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 502.697075][T11889] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 502.697092][T11889] ? hook_file_ioctl_common+0x145/0x410 [ 502.697110][T11889] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 502.697127][T11889] ? __fget_files+0x20e/0x3c0 [ 502.697150][T11889] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 502.697166][T11889] __x64_sys_ioctl+0x18b/0x210 [ 502.697185][T11889] do_syscall_64+0xcd/0x490 [ 502.697207][T11889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 502.697223][T11889] RIP: 0033:0x7f8fea78e929 [ 502.697237][T11889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 502.697252][T11889] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 502.697267][T11889] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 502.697277][T11889] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000003 [ 502.697286][T11889] RBP: 00007f8feb6bb090 R08: 0000000000000000 R09: 0000000000000000 [ 502.697295][T11889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 502.697303][T11889] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 502.697327][T11889] [ 507.611627][T11986] ovs_: entered promiscuous mode [ 508.529620][T12014] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 508.596062][T12014] CPU: 0 UID: 0 PID: 12014 Comm: syz.3.1230 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 508.596117][T12014] Tainted: [U]=USER [ 508.596127][T12014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 508.596146][T12014] Call Trace: [ 508.596156][T12014] [ 508.596167][T12014] dump_stack_lvl+0x16c/0x1f0 [ 508.596220][T12014] sysfs_warn_dup+0x7f/0xa0 [ 508.596257][T12014] sysfs_do_create_link_sd+0x124/0x140 [ 508.596296][T12014] sysfs_create_link+0x61/0xc0 [ 508.596328][T12014] device_add+0x62c/0x1a70 [ 508.596364][T12014] ? __pfx_device_add+0x10/0x10 [ 508.596393][T12014] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 508.596439][T12014] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 508.596500][T12014] wiphy_register+0x1c9c/0x2850 [ 508.596534][T12014] ? netdev_run_todo+0x864/0x1320 [ 508.596577][T12014] ? __dev_printk+0x1e0/0x270 [ 508.596621][T12014] ? __pfx_wiphy_register+0x10/0x10 [ 508.596666][T12014] ieee80211_register_hw+0x24ac/0x4140 [ 508.596709][T12014] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 508.596742][T12014] ? find_held_lock+0x2b/0x80 [ 508.596776][T12014] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 508.596814][T12014] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 508.596845][T12014] ? __hrtimer_setup+0x176/0x280 [ 508.596887][T12014] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 508.596945][T12014] ? trace_kmalloc+0x2b/0xd0 [ 508.596972][T12014] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 508.597013][T12014] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 508.597056][T12014] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 508.597100][T12014] ? __asan_memcpy+0x3c/0x60 [ 508.597142][T12014] hwsim_new_radio_nl+0xb51/0x12c0 [ 508.597186][T12014] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 508.597236][T12014] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 508.597271][T12014] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 508.597314][T12014] genl_family_rcv_msg_doit+0x209/0x2f0 [ 508.597351][T12014] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 508.597382][T12014] ? trace_cap_capable+0x18d/0x200 [ 508.597421][T12014] ? bpf_lsm_capable+0x9/0x10 [ 508.597451][T12014] ? security_capable+0x7e/0x260 [ 508.597477][T12014] ? ns_capable+0xd7/0x110 [ 508.597521][T12014] genl_rcv_msg+0x55c/0x800 [ 508.597556][T12014] ? __pfx_genl_rcv_msg+0x10/0x10 [ 508.597589][T12014] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 508.597643][T12014] netlink_rcv_skb+0x158/0x420 [ 508.597671][T12014] ? __pfx_genl_rcv_msg+0x10/0x10 [ 508.597704][T12014] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 508.597757][T12014] genl_rcv+0x28/0x40 [ 508.597783][T12014] netlink_unicast+0x58a/0x850 [ 508.597816][T12014] ? __pfx_netlink_unicast+0x10/0x10 [ 508.597854][T12014] netlink_sendmsg+0x8d1/0xdd0 [ 508.597888][T12014] ? __pfx_netlink_sendmsg+0x10/0x10 [ 508.597932][T12014] ____sys_sendmsg+0xa98/0xc70 [ 508.597964][T12014] ? copy_msghdr_from_user+0x10a/0x160 [ 508.598001][T12014] ? __pfx_____sys_sendmsg+0x10/0x10 [ 508.598040][T12014] ? __pfx_futex_wake_mark+0x10/0x10 [ 508.598082][T12014] ___sys_sendmsg+0x134/0x1d0 [ 508.598122][T12014] ? __pfx____sys_sendmsg+0x10/0x10 [ 508.598195][T12014] ? do_futex+0x122/0x350 [ 508.598236][T12014] __sys_sendmsg+0x16d/0x220 [ 508.598276][T12014] ? __pfx___sys_sendmsg+0x10/0x10 [ 508.598313][T12014] ? __x64_sys_futex+0x1e0/0x4c0 [ 508.598368][T12014] do_syscall_64+0xcd/0x490 [ 508.598411][T12014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.598442][T12014] RIP: 0033:0x7fba68f8e929 [ 508.598465][T12014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 508.598501][T12014] RSP: 002b:00007fba66df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 508.598530][T12014] RAX: ffffffffffffffda RBX: 00007fba691b5fa0 RCX: 00007fba68f8e929 [ 508.598552][T12014] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 508.598570][T12014] RBP: 00007fba69010b39 R08: 0000000000000000 R09: 0000000000000000 [ 508.598588][T12014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 508.598605][T12014] R13: 0000000000000000 R14: 00007fba691b5fa0 R15: 00007ffc5e98eae8 [ 508.598643][T12014] [ 509.220307][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 509.226703][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.738892][T12089] FAULT_INJECTION: forcing a failure. [ 512.738892][T12089] name failslab, interval 1, probability 0, space 0, times 0 [ 512.825740][T12089] CPU: 0 UID: 0 PID: 12089 Comm: syz.1.1241 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 512.825771][T12089] Tainted: [U]=USER [ 512.825780][T12089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 512.825789][T12089] Call Trace: [ 512.825796][T12089] [ 512.825803][T12089] dump_stack_lvl+0x16c/0x1f0 [ 512.825835][T12089] should_fail_ex+0x512/0x640 [ 512.825860][T12089] ? fs_reclaim_acquire+0xae/0x150 [ 512.825880][T12089] ? tomoyo_encode2+0x100/0x3e0 [ 512.825901][T12089] should_failslab+0xc2/0x120 [ 512.825916][T12089] __kmalloc_noprof+0xd2/0x510 [ 512.825937][T12089] ? d_absolute_path+0x136/0x1a0 [ 512.825957][T12089] tomoyo_encode2+0x100/0x3e0 [ 512.825978][T12089] tomoyo_encode+0x29/0x50 [ 512.825996][T12089] tomoyo_realpath_from_path+0x18f/0x6e0 [ 512.826020][T12089] tomoyo_path_number_perm+0x245/0x580 [ 512.826037][T12089] ? tomoyo_path_number_perm+0x237/0x580 [ 512.826055][T12089] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 512.826073][T12089] ? find_held_lock+0x2b/0x80 [ 512.826107][T12089] ? find_held_lock+0x2b/0x80 [ 512.826123][T12089] ? hook_file_ioctl_common+0x145/0x410 [ 512.826143][T12089] ? __fget_files+0x20e/0x3c0 [ 512.826167][T12089] security_file_ioctl+0x9b/0x240 [ 512.826187][T12089] __x64_sys_ioctl+0xb7/0x210 [ 512.826206][T12089] do_syscall_64+0xcd/0x490 [ 512.826228][T12089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.826244][T12089] RIP: 0033:0x7f14d5d8e929 [ 512.826257][T12089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 512.826271][T12089] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 512.826286][T12089] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 512.826296][T12089] RDX: 0000000000000000 RSI: 00000000400454a4 RDI: 0000000000000003 [ 512.826304][T12089] RBP: 00007f14d6b44090 R08: 0000000000000000 R09: 0000000000000000 [ 512.826313][T12089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 512.826322][T12089] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 512.826341][T12089] [ 512.828655][T12089] ERROR: Out of memory at tomoyo_realpath_from_path. [ 516.935723][T12166] FAULT_INJECTION: forcing a failure. [ 516.935723][T12166] name failslab, interval 1, probability 0, space 0, times 0 [ 516.957626][T12166] CPU: 0 UID: 0 PID: 12166 Comm: syz.2.1253 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 516.957679][T12166] Tainted: [U]=USER [ 516.957689][T12166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 516.957705][T12166] Call Trace: [ 516.957716][T12166] [ 516.957729][T12166] dump_stack_lvl+0x16c/0x1f0 [ 516.957788][T12166] should_fail_ex+0x512/0x640 [ 516.957827][T12166] ? fs_reclaim_acquire+0xae/0x150 [ 516.957865][T12166] ? tomoyo_encode2+0x100/0x3e0 [ 516.957902][T12166] should_failslab+0xc2/0x120 [ 516.957929][T12166] __kmalloc_noprof+0xd2/0x510 [ 516.957978][T12166] ? d_absolute_path+0x136/0x1a0 [ 516.958017][T12166] tomoyo_encode2+0x100/0x3e0 [ 516.958061][T12166] tomoyo_encode+0x29/0x50 [ 516.958097][T12166] tomoyo_realpath_from_path+0x18f/0x6e0 [ 516.958145][T12166] tomoyo_path_number_perm+0x245/0x580 [ 516.958175][T12166] ? tomoyo_path_number_perm+0x237/0x580 [ 516.958208][T12166] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 516.958274][T12166] ? find_held_lock+0x2b/0x80 [ 516.958303][T12166] ? hook_file_ioctl_common+0x145/0x410 [ 516.958342][T12166] ? __fget_files+0x20e/0x3c0 [ 516.958384][T12166] security_file_ioctl+0x9b/0x240 [ 516.958418][T12166] __x64_sys_ioctl+0xb7/0x210 [ 516.958451][T12166] do_syscall_64+0xcd/0x490 [ 516.958486][T12166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.958508][T12166] RIP: 0033:0x7f9f6a78e929 [ 516.958528][T12166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 516.958551][T12166] RSP: 002b:00007f9f685d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.958580][T12166] RAX: ffffffffffffffda RBX: 00007f9f6a9b6160 RCX: 00007f9f6a78e929 [ 516.958598][T12166] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 516.958614][T12166] RBP: 00007f9f6a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 516.958630][T12166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 516.958645][T12166] R13: 0000000000000000 R14: 00007f9f6a9b6160 R15: 00007ffef440af98 [ 516.958676][T12166] [ 517.248835][T12166] ERROR: Out of memory at tomoyo_realpath_from_path. [ 517.617016][T12188] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 517.653168][T12188] CPU: 0 UID: 0 PID: 12188 Comm: syz.0.1257 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 517.653215][T12188] Tainted: [U]=USER [ 517.653225][T12188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 517.653241][T12188] Call Trace: [ 517.653250][T12188] [ 517.653261][T12188] dump_stack_lvl+0x16c/0x1f0 [ 517.653314][T12188] sysfs_warn_dup+0x7f/0xa0 [ 517.653358][T12188] sysfs_do_create_link_sd+0x124/0x140 [ 517.653398][T12188] sysfs_create_link+0x61/0xc0 [ 517.653433][T12188] device_add+0x62c/0x1a70 [ 517.653465][T12188] ? __pfx_device_add+0x10/0x10 [ 517.653488][T12188] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 517.653532][T12188] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 517.653579][T12188] wiphy_register+0x1c9c/0x2850 [ 517.653608][T12188] ? netdev_run_todo+0x864/0x1320 [ 517.653662][T12188] ? __dev_printk+0x1e0/0x270 [ 517.653709][T12188] ? __pfx_wiphy_register+0x10/0x10 [ 517.653757][T12188] ieee80211_register_hw+0x24ac/0x4140 [ 517.653803][T12188] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 517.653836][T12188] ? find_held_lock+0x2b/0x80 [ 517.653867][T12188] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 517.653904][T12188] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 517.653936][T12188] ? __hrtimer_setup+0x176/0x280 [ 517.653979][T12188] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 517.654039][T12188] ? trace_kmalloc+0x2b/0xd0 [ 517.654067][T12188] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 517.654111][T12188] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 517.654146][T12188] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 517.654179][T12188] ? __asan_memcpy+0x3c/0x60 [ 517.654213][T12188] hwsim_new_radio_nl+0xb51/0x12c0 [ 517.654250][T12188] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 517.654293][T12188] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 517.654327][T12188] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 517.654366][T12188] genl_family_rcv_msg_doit+0x209/0x2f0 [ 517.654395][T12188] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 517.654420][T12188] ? trace_cap_capable+0x18d/0x200 [ 517.654449][T12188] ? bpf_lsm_capable+0x9/0x10 [ 517.654473][T12188] ? security_capable+0x7e/0x260 [ 517.654495][T12188] ? ns_capable+0xd7/0x110 [ 517.654524][T12188] genl_rcv_msg+0x55c/0x800 [ 517.654556][T12188] ? __pfx_genl_rcv_msg+0x10/0x10 [ 517.654581][T12188] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 517.654621][T12188] netlink_rcv_skb+0x158/0x420 [ 517.654658][T12188] ? __pfx_genl_rcv_msg+0x10/0x10 [ 517.654688][T12188] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 517.654725][T12188] ? netlink_deliver_tap+0x1ae/0xd30 [ 517.654769][T12188] genl_rcv+0x28/0x40 [ 517.654793][T12188] netlink_unicast+0x58a/0x850 [ 517.654823][T12188] ? __pfx_netlink_unicast+0x10/0x10 [ 517.654855][T12188] netlink_sendmsg+0x8d1/0xdd0 [ 517.654886][T12188] ? __pfx_netlink_sendmsg+0x10/0x10 [ 517.654918][T12188] ____sys_sendmsg+0xa98/0xc70 [ 517.654943][T12188] ? copy_msghdr_from_user+0x10a/0x160 [ 517.654972][T12188] ? __pfx_____sys_sendmsg+0x10/0x10 [ 517.655001][T12188] ? try_to_wake_up+0xa2f/0x1680 [ 517.655029][T12188] ___sys_sendmsg+0x134/0x1d0 [ 517.655060][T12188] ? __pfx____sys_sendmsg+0x10/0x10 [ 517.655090][T12188] ? wake_up_q+0xb0/0x160 [ 517.655135][T12188] ? do_futex+0x122/0x350 [ 517.655167][T12188] __sys_sendmsg+0x16d/0x220 [ 517.655196][T12188] ? __pfx___sys_sendmsg+0x10/0x10 [ 517.655225][T12188] ? __x64_sys_futex+0x1e0/0x4c0 [ 517.655267][T12188] do_syscall_64+0xcd/0x490 [ 517.655307][T12188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.655333][T12188] RIP: 0033:0x7f8fea78e929 [ 517.655355][T12188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 517.655376][T12188] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 517.655397][T12188] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 517.655413][T12188] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000002 [ 517.655428][T12188] RBP: 00007f8fea810b39 R08: 0000000000000000 R09: 0000000000000000 [ 517.655442][T12188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 517.655456][T12188] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 517.655488][T12188] [ 518.652133][T12199] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1259'. [ 518.887119][T12199] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1259'. [ 519.768620][T12223] FAULT_INJECTION: forcing a failure. [ 519.768620][T12223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 519.795161][T12223] CPU: 0 UID: 0 PID: 12223 Comm: syz.3.1265 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 519.795206][T12223] Tainted: [U]=USER [ 519.795213][T12223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 519.795229][T12223] Call Trace: [ 519.795239][T12223] [ 519.795250][T12223] dump_stack_lvl+0x16c/0x1f0 [ 519.795297][T12223] should_fail_ex+0x512/0x640 [ 519.795341][T12223] _copy_to_user+0x32/0xd0 [ 519.795383][T12223] simple_read_from_buffer+0xcb/0x170 [ 519.795421][T12223] proc_fail_nth_read+0x197/0x270 [ 519.795463][T12223] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 519.795496][T12223] ? rw_verify_area+0xcf/0x680 [ 519.795528][T12223] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 519.795558][T12223] vfs_read+0x1e4/0xc60 [ 519.795598][T12223] ? __pfx___mutex_lock+0x10/0x10 [ 519.795634][T12223] ? __pfx_vfs_read+0x10/0x10 [ 519.795678][T12223] ? __fget_files+0x20e/0x3c0 [ 519.795722][T12223] ksys_read+0x12a/0x250 [ 519.795754][T12223] ? __pfx_ksys_read+0x10/0x10 [ 519.795788][T12223] ? fput+0x70/0xf0 [ 519.795819][T12223] do_syscall_64+0xcd/0x490 [ 519.795857][T12223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.795885][T12223] RIP: 0033:0x7fba68f8d33c [ 519.795906][T12223] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 519.795926][T12223] RSP: 002b:00007fba66df6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 519.795950][T12223] RAX: ffffffffffffffda RBX: 00007fba691b5fa0 RCX: 00007fba68f8d33c [ 519.795968][T12223] RDX: 000000000000000f RSI: 00007fba66df60a0 RDI: 0000000000000005 [ 519.795981][T12223] RBP: 00007fba66df6090 R08: 0000000000000000 R09: 0000000000000000 [ 519.795996][T12223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 519.796010][T12223] R13: 0000000000000000 R14: 00007fba691b5fa0 R15: 00007ffc5e98eae8 [ 519.796041][T12223] [ 520.270404][T12224] cifs: Unknown parameter '' [ 520.326081][T12239] cifs: Unknown parameter '' [ 520.803152][T12247] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 520.818512][T12247] CPU: 0 UID: 0 PID: 12247 Comm: syz.2.1269 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 520.818550][T12247] Tainted: [U]=USER [ 520.818556][T12247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 520.818572][T12247] Call Trace: [ 520.818578][T12247] [ 520.818587][T12247] dump_stack_lvl+0x16c/0x1f0 [ 520.818624][T12247] sysfs_warn_dup+0x7f/0xa0 [ 520.818646][T12247] sysfs_do_create_link_sd+0x124/0x140 [ 520.818670][T12247] sysfs_create_link+0x61/0xc0 [ 520.818689][T12247] device_add+0x62c/0x1a70 [ 520.818711][T12247] ? __pfx_device_add+0x10/0x10 [ 520.818727][T12247] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 520.818751][T12247] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 520.818780][T12247] wiphy_register+0x1c9c/0x2850 [ 520.818798][T12247] ? netdev_run_todo+0x864/0x1320 [ 520.818822][T12247] ? __dev_printk+0x1e0/0x270 [ 520.818850][T12247] ? __pfx_wiphy_register+0x10/0x10 [ 520.818881][T12247] ieee80211_register_hw+0x24ac/0x4140 [ 520.818908][T12247] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 520.818928][T12247] ? find_held_lock+0x2b/0x80 [ 520.818946][T12247] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 520.818970][T12247] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 520.818988][T12247] ? __hrtimer_setup+0x176/0x280 [ 520.819015][T12247] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 520.819050][T12247] ? trace_kmalloc+0x2b/0xd0 [ 520.819067][T12247] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 520.819097][T12247] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 520.819122][T12247] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 520.819144][T12247] ? __asan_memcpy+0x3c/0x60 [ 520.819169][T12247] hwsim_new_radio_nl+0xb51/0x12c0 [ 520.819192][T12247] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 520.819220][T12247] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 520.819243][T12247] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 520.819266][T12247] genl_family_rcv_msg_doit+0x209/0x2f0 [ 520.819285][T12247] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 520.819306][T12247] ? trace_cap_capable+0x18d/0x200 [ 520.819331][T12247] ? bpf_lsm_capable+0x9/0x10 [ 520.819353][T12247] ? security_capable+0x7e/0x260 [ 520.819371][T12247] ? ns_capable+0xd7/0x110 [ 520.819392][T12247] genl_rcv_msg+0x55c/0x800 [ 520.819415][T12247] ? __pfx_genl_rcv_msg+0x10/0x10 [ 520.819434][T12247] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 520.819465][T12247] netlink_rcv_skb+0x158/0x420 [ 520.819486][T12247] ? __pfx_genl_rcv_msg+0x10/0x10 [ 520.819516][T12247] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 520.819553][T12247] ? netlink_deliver_tap+0x1ae/0xd30 [ 520.819610][T12247] genl_rcv+0x28/0x40 [ 520.819641][T12247] netlink_unicast+0x58a/0x850 [ 520.819670][T12247] ? __pfx_netlink_unicast+0x10/0x10 [ 520.819700][T12247] netlink_sendmsg+0x8d1/0xdd0 [ 520.819720][T12247] ? __pfx_netlink_sendmsg+0x10/0x10 [ 520.819749][T12247] ____sys_sendmsg+0xa98/0xc70 [ 520.819768][T12247] ? copy_msghdr_from_user+0x10a/0x160 [ 520.819794][T12247] ? __pfx_____sys_sendmsg+0x10/0x10 [ 520.819819][T12247] ? __pfx_futex_wake_mark+0x10/0x10 [ 520.819849][T12247] ___sys_sendmsg+0x134/0x1d0 [ 520.819874][T12247] ? __pfx____sys_sendmsg+0x10/0x10 [ 520.819915][T12247] ? do_futex+0x122/0x350 [ 520.819938][T12247] __sys_sendmsg+0x16d/0x220 [ 520.819961][T12247] ? __pfx___sys_sendmsg+0x10/0x10 [ 520.819982][T12247] ? __x64_sys_futex+0x1e0/0x4c0 [ 520.820014][T12247] do_syscall_64+0xcd/0x490 [ 520.820039][T12247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.820056][T12247] RIP: 0033:0x7f9f6a78e929 [ 520.820070][T12247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 520.820088][T12247] RSP: 002b:00007f9f6b528038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 520.820105][T12247] RAX: ffffffffffffffda RBX: 00007f9f6a9b5fa0 RCX: 00007f9f6a78e929 [ 520.820118][T12247] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 520.820130][T12247] RBP: 00007f9f6a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 520.820140][T12247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 520.820149][T12247] R13: 0000000000000000 R14: 00007f9f6a9b5fa0 R15: 00007ffef440af98 [ 520.820169][T12247] [ 522.704821][T12264] ALSA: mixer_oss: invalid OSS volume '' [ 523.554288][T12277] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1277'. [ 525.489187][T12304] FAULT_INJECTION: forcing a failure. [ 525.489187][T12304] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 525.564714][T12304] CPU: 1 UID: 0 PID: 12304 Comm: syz.1.1283 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 525.564759][T12304] Tainted: [U]=USER [ 525.564768][T12304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 525.564783][T12304] Call Trace: [ 525.564792][T12304] [ 525.564803][T12304] dump_stack_lvl+0x16c/0x1f0 [ 525.564851][T12304] should_fail_ex+0x512/0x640 [ 525.564897][T12304] _copy_from_iter+0x463/0x16f0 [ 525.564943][T12304] ? __pfx__copy_from_iter+0x10/0x10 [ 525.564982][T12304] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 525.565022][T12304] netlink_sendmsg+0x829/0xdd0 [ 525.565054][T12304] ? __pfx_netlink_sendmsg+0x10/0x10 [ 525.565093][T12304] ____sys_sendmsg+0xa98/0xc70 [ 525.565125][T12304] ? __pfx_____sys_sendmsg+0x10/0x10 [ 525.565158][T12304] ? __pfx__kstrtoull+0x10/0x10 [ 525.565195][T12304] ___sys_sendmsg+0x134/0x1d0 [ 525.565232][T12304] ? __pfx____sys_sendmsg+0x10/0x10 [ 525.565284][T12304] ? find_held_lock+0x2b/0x80 [ 525.565334][T12304] __sys_sendmmsg+0x200/0x420 [ 525.565375][T12304] ? __pfx___sys_sendmmsg+0x10/0x10 [ 525.565421][T12304] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 525.565474][T12304] ? fput+0x70/0xf0 [ 525.565501][T12304] ? ksys_write+0x1ac/0x250 [ 525.565535][T12304] ? __pfx_ksys_write+0x10/0x10 [ 525.565575][T12304] __x64_sys_sendmmsg+0x9c/0x100 [ 525.565609][T12304] ? lockdep_hardirqs_on+0x7c/0x110 [ 525.565643][T12304] do_syscall_64+0xcd/0x490 [ 525.565683][T12304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.565709][T12304] RIP: 0033:0x7f14d5d8e929 [ 525.565730][T12304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 525.565754][T12304] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 525.565780][T12304] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 525.565797][T12304] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003 [ 525.565813][T12304] RBP: 00007f14d6b44090 R08: 0000000000000000 R09: 0000000000000000 [ 525.565829][T12304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 525.565844][T12304] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 525.565877][T12304] [ 526.034723][T12305] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 526.073088][T12305] CPU: 1 UID: 0 PID: 12305 Comm: syz.2.1282 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 526.073140][T12305] Tainted: [U]=USER [ 526.073150][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 526.073166][T12305] Call Trace: [ 526.073176][T12305] [ 526.073188][T12305] dump_stack_lvl+0x16c/0x1f0 [ 526.073246][T12305] sysfs_warn_dup+0x7f/0xa0 [ 526.073285][T12305] sysfs_do_create_link_sd+0x124/0x140 [ 526.073328][T12305] sysfs_create_link+0x61/0xc0 [ 526.073365][T12305] device_add+0x62c/0x1a70 [ 526.073401][T12305] ? __pfx_device_add+0x10/0x10 [ 526.073427][T12305] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 526.073476][T12305] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 526.073526][T12305] wiphy_register+0x1c9c/0x2850 [ 526.073556][T12305] ? netdev_run_todo+0x864/0x1320 [ 526.073597][T12305] ? __dev_printk+0x1e0/0x270 [ 526.073636][T12305] ? __pfx_wiphy_register+0x10/0x10 [ 526.073680][T12305] ieee80211_register_hw+0x24ac/0x4140 [ 526.073714][T12305] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 526.073743][T12305] ? find_held_lock+0x2b/0x80 [ 526.073772][T12305] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 526.073809][T12305] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 526.073838][T12305] ? __hrtimer_setup+0x176/0x280 [ 526.073883][T12305] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 526.073949][T12305] ? trace_kmalloc+0x2b/0xd0 [ 526.073976][T12305] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 526.074018][T12305] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 526.074050][T12305] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 526.074087][T12305] ? __asan_memcpy+0x3c/0x60 [ 526.074123][T12305] hwsim_new_radio_nl+0xb51/0x12c0 [ 526.074163][T12305] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 526.074208][T12305] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 526.074243][T12305] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 526.074285][T12305] genl_family_rcv_msg_doit+0x209/0x2f0 [ 526.074316][T12305] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 526.074346][T12305] ? trace_cap_capable+0x18d/0x200 [ 526.074384][T12305] ? bpf_lsm_capable+0x9/0x10 [ 526.074416][T12305] ? security_capable+0x7e/0x260 [ 526.074442][T12305] ? ns_capable+0xd7/0x110 [ 526.074470][T12305] genl_rcv_msg+0x55c/0x800 [ 526.074502][T12305] ? __pfx_genl_rcv_msg+0x10/0x10 [ 526.074533][T12305] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 526.074578][T12305] netlink_rcv_skb+0x158/0x420 [ 526.074604][T12305] ? __pfx_genl_rcv_msg+0x10/0x10 [ 526.074633][T12305] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 526.074672][T12305] ? netlink_deliver_tap+0x1ae/0xd30 [ 526.074719][T12305] genl_rcv+0x28/0x40 [ 526.074744][T12305] netlink_unicast+0x58a/0x850 [ 526.074775][T12305] ? __pfx_netlink_unicast+0x10/0x10 [ 526.074812][T12305] netlink_sendmsg+0x8d1/0xdd0 [ 526.074844][T12305] ? __pfx_netlink_sendmsg+0x10/0x10 [ 526.074881][T12305] ____sys_sendmsg+0xa98/0xc70 [ 526.074914][T12305] ? copy_msghdr_from_user+0x10a/0x160 [ 526.074969][T12305] ? __pfx_____sys_sendmsg+0x10/0x10 [ 526.075010][T12305] ? __pfx_futex_wake_mark+0x10/0x10 [ 526.075052][T12305] ___sys_sendmsg+0x134/0x1d0 [ 526.075093][T12305] ? __pfx____sys_sendmsg+0x10/0x10 [ 526.075123][T12305] ? __lock_acquire+0x622/0x1c90 [ 526.075206][T12305] __sys_sendmsg+0x16d/0x220 [ 526.075243][T12305] ? __pfx___sys_sendmsg+0x10/0x10 [ 526.075280][T12305] ? __x64_sys_futex+0x1e0/0x4c0 [ 526.075334][T12305] do_syscall_64+0xcd/0x490 [ 526.075374][T12305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.075402][T12305] RIP: 0033:0x7f9f6a78e929 [ 526.075428][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 526.075454][T12305] RSP: 002b:00007f9f685f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 526.075479][T12305] RAX: ffffffffffffffda RBX: 00007f9f6a9b6080 RCX: 00007f9f6a78e929 [ 526.075498][T12305] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 526.075517][T12305] RBP: 00007f9f6a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 526.075535][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 526.075549][T12305] R13: 0000000000000000 R14: 00007f9f6a9b6080 R15: 00007ffef440af98 [ 526.075585][T12305] [ 529.882817][T12356] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 529.897755][T12356] CPU: 1 UID: 0 PID: 12356 Comm: syz.3.1296 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 529.897803][T12356] Tainted: [U]=USER [ 529.897812][T12356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 529.897829][T12356] Call Trace: [ 529.897838][T12356] [ 529.897850][T12356] dump_stack_lvl+0x16c/0x1f0 [ 529.897902][T12356] sysfs_warn_dup+0x7f/0xa0 [ 529.897935][T12356] sysfs_do_create_link_sd+0x124/0x140 [ 529.897973][T12356] sysfs_create_link+0x61/0xc0 [ 529.898006][T12356] device_add+0x62c/0x1a70 [ 529.898041][T12356] ? __pfx_device_add+0x10/0x10 [ 529.898070][T12356] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 529.898112][T12356] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 529.898161][T12356] wiphy_register+0x1c9c/0x2850 [ 529.898189][T12356] ? netdev_run_todo+0x864/0x1320 [ 529.898236][T12356] ? __dev_printk+0x1e0/0x270 [ 529.898278][T12356] ? __pfx_wiphy_register+0x10/0x10 [ 529.898324][T12356] ieee80211_register_hw+0x24ac/0x4140 [ 529.898366][T12356] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 529.898401][T12356] ? find_held_lock+0x2b/0x80 [ 529.898434][T12356] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 529.898471][T12356] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 529.898501][T12356] ? __hrtimer_setup+0x176/0x280 [ 529.898544][T12356] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 529.898602][T12356] ? trace_kmalloc+0x2b/0xd0 [ 529.898633][T12356] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 529.898671][T12356] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 529.898715][T12356] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 529.898755][T12356] ? __asan_memcpy+0x3c/0x60 [ 529.898791][T12356] hwsim_new_radio_nl+0xb51/0x12c0 [ 529.898830][T12356] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 529.898875][T12356] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 529.898909][T12356] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 529.898951][T12356] genl_family_rcv_msg_doit+0x209/0x2f0 [ 529.898984][T12356] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 529.899015][T12356] ? trace_cap_capable+0x18d/0x200 [ 529.899055][T12356] ? bpf_lsm_capable+0x9/0x10 [ 529.899086][T12356] ? security_capable+0x7e/0x260 [ 529.899114][T12356] ? ns_capable+0xd7/0x110 [ 529.899146][T12356] genl_rcv_msg+0x55c/0x800 [ 529.899184][T12356] ? __pfx_genl_rcv_msg+0x10/0x10 [ 529.899215][T12356] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 529.899267][T12356] netlink_rcv_skb+0x158/0x420 [ 529.899296][T12356] ? __pfx_genl_rcv_msg+0x10/0x10 [ 529.899350][T12356] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 529.899396][T12356] ? netlink_deliver_tap+0x1ae/0xd30 [ 529.899449][T12356] genl_rcv+0x28/0x40 [ 529.899478][T12356] netlink_unicast+0x58a/0x850 [ 529.899509][T12356] ? __pfx_netlink_unicast+0x10/0x10 [ 529.899547][T12356] netlink_sendmsg+0x8d1/0xdd0 [ 529.899578][T12356] ? __pfx_netlink_sendmsg+0x10/0x10 [ 529.899619][T12356] ____sys_sendmsg+0xa98/0xc70 [ 529.899651][T12356] ? copy_msghdr_from_user+0x10a/0x160 [ 529.899694][T12356] ? __pfx_____sys_sendmsg+0x10/0x10 [ 529.899741][T12356] ? try_to_wake_up+0xa2f/0x1680 [ 529.899776][T12356] ___sys_sendmsg+0x134/0x1d0 [ 529.899819][T12356] ? __pfx____sys_sendmsg+0x10/0x10 [ 529.899854][T12356] ? wake_up_q+0xb0/0x160 [ 529.899908][T12356] ? do_futex+0x122/0x350 [ 529.899948][T12356] __sys_sendmsg+0x16d/0x220 [ 529.899991][T12356] ? __pfx___sys_sendmsg+0x10/0x10 [ 529.900026][T12356] ? __x64_sys_futex+0x1e0/0x4c0 [ 529.900081][T12356] do_syscall_64+0xcd/0x490 [ 529.900126][T12356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.900155][T12356] RIP: 0033:0x7fba68f8e929 [ 529.900178][T12356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 529.900204][T12356] RSP: 002b:00007fba66df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 529.900233][T12356] RAX: ffffffffffffffda RBX: 00007fba691b5fa0 RCX: 00007fba68f8e929 [ 529.900251][T12356] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 529.900268][T12356] RBP: 00007fba69010b39 R08: 0000000000000000 R09: 0000000000000000 [ 529.900282][T12356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.900299][T12356] R13: 0000000000000000 R14: 00007fba691b5fa0 R15: 00007ffc5e98eae8 [ 529.900336][T12356] [ 530.360814][T12349] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 530.435221][T12349] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 532.061809][T12401] FAULT_INJECTION: forcing a failure. [ 532.061809][T12401] name failslab, interval 1, probability 0, space 0, times 0 [ 532.106684][T12401] CPU: 1 UID: 0 PID: 12401 Comm: syz.0.1306 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 532.106733][T12401] Tainted: [U]=USER [ 532.106740][T12401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 532.106750][T12401] Call Trace: [ 532.106757][T12401] [ 532.106763][T12401] dump_stack_lvl+0x16c/0x1f0 [ 532.106794][T12401] should_fail_ex+0x512/0x640 [ 532.106818][T12401] ? fs_reclaim_acquire+0xae/0x150 [ 532.106842][T12401] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 532.106863][T12401] should_failslab+0xc2/0x120 [ 532.106879][T12401] __kmalloc_noprof+0xd2/0x510 [ 532.106905][T12401] tomoyo_realpath_from_path+0xc2/0x6e0 [ 532.106926][T12401] ? tomoyo_profile+0x47/0x60 [ 532.106951][T12401] tomoyo_path_number_perm+0x245/0x580 [ 532.106967][T12401] ? tomoyo_path_number_perm+0x237/0x580 [ 532.106985][T12401] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 532.107003][T12401] ? find_held_lock+0x2b/0x80 [ 532.107037][T12401] ? find_held_lock+0x2b/0x80 [ 532.107050][T12401] ? hook_file_ioctl_common+0x145/0x410 [ 532.107070][T12401] ? __fget_files+0x20e/0x3c0 [ 532.107095][T12401] security_file_ioctl+0x9b/0x240 [ 532.107115][T12401] __x64_sys_ioctl+0xb7/0x210 [ 532.107135][T12401] do_syscall_64+0xcd/0x490 [ 532.107158][T12401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.107174][T12401] RIP: 0033:0x7f8fea78e929 [ 532.107187][T12401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 532.107202][T12401] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 532.107217][T12401] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 532.107227][T12401] RDX: 0000000000000000 RSI: 00000000000007cb RDI: 0000000000000004 [ 532.107236][T12401] RBP: 00007f8feb6bb090 R08: 0000000000000000 R09: 0000000000000000 [ 532.107245][T12401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 532.107253][T12401] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 532.107272][T12401] [ 532.108167][T12401] ERROR: Out of memory at tomoyo_realpath_from_path. [ 532.660068][T12410] block2mtd: error: cannot open device i [ 532.685005][T12411] netlink: 'syz.1.1307': attribute type 11 has an invalid length. [ 532.693149][T12411] netlink: 'syz.1.1307': attribute type 11 has an invalid length. [ 532.702032][T12411] netlink: 'syz.1.1307': attribute type 11 has an invalid length. [ 532.710690][T12411] netlink: 'syz.1.1307': attribute type 11 has an invalid length. [ 532.784938][T12417] FAULT_INJECTION: forcing a failure. [ 532.784938][T12417] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 532.834435][T12417] CPU: 1 UID: 0 PID: 12417 Comm: syz.3.1311 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 532.834484][T12417] Tainted: [U]=USER [ 532.834492][T12417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 532.834508][T12417] Call Trace: [ 532.834518][T12417] [ 532.834528][T12417] dump_stack_lvl+0x16c/0x1f0 [ 532.834571][T12417] should_fail_ex+0x512/0x640 [ 532.834608][T12417] should_fail_alloc_page+0xe7/0x130 [ 532.834633][T12417] prepare_alloc_pages+0x3c2/0x610 [ 532.834668][T12417] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 532.834704][T12417] ? __lock_acquire+0x622/0x1c90 [ 532.834742][T12417] ? __lock_acquire+0x622/0x1c90 [ 532.834776][T12417] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 532.834825][T12417] ? find_held_lock+0x2b/0x80 [ 532.834854][T12417] ? __lock_acquire+0xb8a/0x1c90 [ 532.834886][T12417] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 532.834926][T12417] ? policy_nodemask+0xea/0x4e0 [ 532.834953][T12417] alloc_pages_mpol+0x1fb/0x550 [ 532.834978][T12417] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 532.835006][T12417] ? mark_held_locks+0x49/0x80 [ 532.835040][T12417] folio_alloc_mpol_noprof+0x36/0x2f0 [ 532.835070][T12417] shmem_alloc_folio+0x135/0x160 [ 532.835104][T12417] shmem_alloc_and_add_folio+0x499/0xc20 [ 532.835147][T12417] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 532.835184][T12417] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 532.835225][T12417] shmem_get_folio_gfp+0x67f/0x1600 [ 532.835268][T12417] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 532.835313][T12417] shmem_fault+0x1fe/0xa30 [ 532.835349][T12417] ? __pfx_shmem_fault+0x10/0x10 [ 532.835380][T12417] ? mod_memcg_lruvec_state+0x394/0x610 [ 532.835424][T12417] ? pte_alloc_one+0x2b6/0x3a0 [ 532.835455][T12417] __do_fault+0x10a/0x490 [ 532.835493][T12417] ? __pfx_filemap_map_pages+0x10/0x10 [ 532.835528][T12417] __handle_mm_fault+0x374c/0x5490 [ 532.835568][T12417] ? __pfx___handle_mm_fault+0x10/0x10 [ 532.835597][T12417] ? __pfx_stack_trace_save+0x10/0x10 [ 532.835651][T12417] handle_mm_fault+0x589/0xd10 [ 532.835689][T12417] __get_user_pages+0x589/0x3b80 [ 532.835728][T12417] ? __pfx___get_user_pages+0x10/0x10 [ 532.835757][T12417] ? __pfx_down_read_killable+0x10/0x10 [ 532.835795][T12417] __gup_longterm_locked+0x20d/0x1840 [ 532.835834][T12417] ? __pfx___gup_longterm_locked+0x10/0x10 [ 532.835863][T12417] ? find_held_lock+0x2b/0x80 [ 532.835894][T12417] gup_fast_fallback+0x1ab3/0x29e0 [ 532.835924][T12417] ? find_held_lock+0x2b/0x80 [ 532.835970][T12417] ? __pfx_gup_fast_fallback+0x10/0x10 [ 532.836009][T12417] ? _parse_integer_limit+0x17f/0x1d0 [ 532.836048][T12417] get_user_pages_fast+0xa7/0xf0 [ 532.836078][T12417] ? __pfx_get_user_pages_fast+0x10/0x10 [ 532.836116][T12417] get_futex_key+0x2c6/0x1540 [ 532.836151][T12417] ? __pfx_get_futex_key+0x10/0x10 [ 532.836191][T12417] futex_wake_op+0x12b/0xd50 [ 532.836234][T12417] ? get_pid_task+0x106/0x250 [ 532.836270][T12417] ? __pfx_futex_wake_op+0x10/0x10 [ 532.836326][T12417] ? ksys_write+0x190/0x250 [ 532.836369][T12417] do_futex+0x2e9/0x350 [ 532.836401][T12417] ? __pfx_do_futex+0x10/0x10 [ 532.836441][T12417] __x64_sys_futex+0x1e0/0x4c0 [ 532.836474][T12417] ? fput+0x70/0xf0 [ 532.836497][T12417] ? __pfx___x64_sys_futex+0x10/0x10 [ 532.836525][T12417] ? ksys_write+0x1ac/0x250 [ 532.836557][T12417] ? __pfx_ksys_write+0x10/0x10 [ 532.836601][T12417] do_syscall_64+0xcd/0x490 [ 532.836640][T12417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.836667][T12417] RIP: 0033:0x7fba68f8e929 [ 532.836689][T12417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 532.836713][T12417] RSP: 002b:00007fba66df6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 532.836738][T12417] RAX: ffffffffffffffda RBX: 00007fba691b5fa0 RCX: 00007fba68f8e929 [ 532.836756][T12417] RDX: 0000000000000009 RSI: 0000000000000005 RDI: 0000000000000000 [ 532.836771][T12417] RBP: 00007fba66df6090 R08: 0000000000000000 R09: 00000000ffff7fff [ 532.836787][T12417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 532.836802][T12417] R13: 0000000000000000 R14: 00007fba691b5fa0 R15: 00007ffc5e98eae8 [ 532.836837][T12417] [ 533.652679][T12427] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1314'. [ 533.871757][T12427] geneve1: entered promiscuous mode [ 533.877068][T12427] geneve1: entered allmulticast mode [ 533.992293][T12427] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1314'. [ 534.864959][T12448] FAULT_INJECTION: forcing a failure. [ 534.864959][T12448] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 534.900170][T12448] CPU: 0 UID: 0 PID: 12448 Comm: syz.3.1317 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 534.900221][T12448] Tainted: [U]=USER [ 534.900232][T12448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 534.900246][T12448] Call Trace: [ 534.900254][T12448] [ 534.900265][T12448] dump_stack_lvl+0x16c/0x1f0 [ 534.900318][T12448] should_fail_ex+0x512/0x640 [ 534.900366][T12448] _copy_from_user+0x2e/0xd0 [ 534.900408][T12448] copy_msghdr_from_user+0x98/0x160 [ 534.900441][T12448] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 534.900465][T12448] ? __pfx___schedule+0x10/0x10 [ 534.900492][T12448] ? kfree+0x24f/0x4d0 [ 534.900518][T12448] ___sys_sendmsg+0xfe/0x1d0 [ 534.900544][T12448] ? __pfx____sys_sendmsg+0x10/0x10 [ 534.900586][T12448] ? __pfx___might_resched+0x10/0x10 [ 534.900610][T12448] __sys_sendmmsg+0x200/0x420 [ 534.900636][T12448] ? __pfx___sys_sendmmsg+0x10/0x10 [ 534.900665][T12448] ? __pfx_do_futex+0x10/0x10 [ 534.900693][T12448] ? __sys_socket+0xac/0x260 [ 534.900712][T12448] ? xfd_validate_state+0x61/0x180 [ 534.900734][T12448] ? __pfx___do_sys_close_range+0x10/0x10 [ 534.900761][T12448] __x64_sys_sendmmsg+0x9c/0x100 [ 534.900785][T12448] ? lockdep_hardirqs_on+0x7c/0x110 [ 534.900807][T12448] do_syscall_64+0xcd/0x490 [ 534.900831][T12448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.900849][T12448] RIP: 0033:0x7fba68f8e929 [ 534.900865][T12448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 534.900883][T12448] RSP: 002b:00007fba66df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 534.900901][T12448] RAX: ffffffffffffffda RBX: 00007fba691b5fa0 RCX: 00007fba68f8e929 [ 534.900913][T12448] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000004 [ 534.900923][T12448] RBP: 00007fba69010b39 R08: 0000000000000000 R09: 0000000000000000 [ 534.900933][T12448] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 534.900943][T12448] R13: 0000000000000000 R14: 00007fba691b5fa0 R15: 00007ffc5e98eae8 [ 534.900963][T12448] [ 536.569306][T12472] FAULT_INJECTION: forcing a failure. [ 536.569306][T12472] name failslab, interval 1, probability 0, space 0, times 0 [ 536.617576][T12472] CPU: 1 UID: 0 PID: 12472 Comm: syz.2.1322 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 536.617620][T12472] Tainted: [U]=USER [ 536.617628][T12472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 536.617642][T12472] Call Trace: [ 536.617652][T12472] [ 536.617663][T12472] dump_stack_lvl+0x16c/0x1f0 [ 536.617708][T12472] should_fail_ex+0x512/0x640 [ 536.617744][T12472] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 536.617784][T12472] should_failslab+0xc2/0x120 [ 536.617808][T12472] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 536.617853][T12472] ? __alloc_skb+0x2b2/0x380 [ 536.617891][T12472] __alloc_skb+0x2b2/0x380 [ 536.617923][T12472] ? __pfx___alloc_skb+0x10/0x10 [ 536.617969][T12472] tipc_buf_acquire+0x26/0xe0 [ 536.618003][T12472] tipc_msg_build+0x112/0x1150 [ 536.618040][T12472] ? __pfx_tipc_msg_build+0x10/0x10 [ 536.618086][T12472] __tipc_sendmsg+0xa30/0x19a0 [ 536.618129][T12472] ? __pfx___tipc_sendmsg+0x10/0x10 [ 536.618163][T12472] ? __pfx___might_resched+0x10/0x10 [ 536.618182][T12472] ? __pfx_woken_wake_function+0x10/0x10 [ 536.618209][T12472] ? __local_bh_enable_ip+0xa4/0x120 [ 536.618229][T12472] tipc_sendmsg+0x4f/0x70 [ 536.618245][T12472] ____sys_sendmsg+0xa98/0xc70 [ 536.618262][T12472] ? copy_msghdr_from_user+0x10a/0x160 [ 536.618283][T12472] ? __pfx_____sys_sendmsg+0x10/0x10 [ 536.618302][T12472] ? __pfx__kstrtoull+0x10/0x10 [ 536.618324][T12472] ___sys_sendmsg+0x134/0x1d0 [ 536.618346][T12472] ? __pfx____sys_sendmsg+0x10/0x10 [ 536.618375][T12472] ? find_held_lock+0x2b/0x80 [ 536.618404][T12472] __sys_sendmmsg+0x200/0x420 [ 536.618428][T12472] ? __pfx___sys_sendmmsg+0x10/0x10 [ 536.618454][T12472] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 536.618491][T12472] ? fput+0x70/0xf0 [ 536.618506][T12472] ? ksys_write+0x1ac/0x250 [ 536.618526][T12472] ? __pfx_ksys_write+0x10/0x10 [ 536.618548][T12472] __x64_sys_sendmmsg+0x9c/0x100 [ 536.618568][T12472] ? lockdep_hardirqs_on+0x7c/0x110 [ 536.618588][T12472] do_syscall_64+0xcd/0x490 [ 536.618611][T12472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.618627][T12472] RIP: 0033:0x7f9f6a78e929 [ 536.618640][T12472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 536.618655][T12472] RSP: 002b:00007f9f6b528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 536.618671][T12472] RAX: ffffffffffffffda RBX: 00007f9f6a9b5fa0 RCX: 00007f9f6a78e929 [ 536.618693][T12472] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000004 [ 536.618702][T12472] RBP: 00007f9f6b528090 R08: 0000000000000000 R09: 0000000000000000 [ 536.618711][T12472] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 536.618720][T12472] R13: 0000000000000000 R14: 00007f9f6a9b5fa0 R15: 00007ffef440af98 [ 536.618739][T12472] [ 538.119414][T12476] Invalid ELF header magic: != ELF [ 538.240650][T12482] FAULT_INJECTION: forcing a failure. [ 538.240650][T12482] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 538.308703][T12482] CPU: 1 UID: 0 PID: 12482 Comm: syz.1.1325 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 538.308738][T12482] Tainted: [U]=USER [ 538.308744][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 538.308754][T12482] Call Trace: [ 538.308761][T12482] [ 538.308768][T12482] dump_stack_lvl+0x16c/0x1f0 [ 538.308803][T12482] should_fail_ex+0x512/0x640 [ 538.308831][T12482] _copy_from_user+0x2e/0xd0 [ 538.308857][T12482] copy_msghdr_from_user+0x98/0x160 [ 538.308882][T12482] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 538.308909][T12482] ? kfree+0x24f/0x4d0 [ 538.308929][T12482] ? futex_unqueue+0x133/0x2c0 [ 538.308950][T12482] ___sys_sendmsg+0xfe/0x1d0 [ 538.308972][T12482] ? __pfx____sys_sendmsg+0x10/0x10 [ 538.309013][T12482] ? __pfx___might_resched+0x10/0x10 [ 538.309034][T12482] __sys_sendmmsg+0x200/0x420 [ 538.309058][T12482] ? __pfx___sys_sendmmsg+0x10/0x10 [ 538.309086][T12482] ? __pfx_do_futex+0x10/0x10 [ 538.309115][T12482] ? __pfx_sched_clock_cpu+0x10/0x10 [ 538.309135][T12482] ? __pfx_flush_tlb_func+0x10/0x10 [ 538.309154][T12482] ? rcu_is_watching+0x12/0xc0 [ 538.309170][T12482] ? __pfx_flush_tlb_func+0x10/0x10 [ 538.309190][T12482] __x64_sys_sendmmsg+0x9c/0x100 [ 538.309210][T12482] ? lockdep_hardirqs_on+0x7c/0x110 [ 538.309231][T12482] do_syscall_64+0xcd/0x490 [ 538.309254][T12482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.309270][T12482] RIP: 0033:0x7f14d5d8e929 [ 538.309283][T12482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 538.309299][T12482] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 538.309316][T12482] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 538.309326][T12482] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000004 [ 538.309336][T12482] RBP: 00007f14d5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 538.309346][T12482] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 538.309356][T12482] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 538.309377][T12482] [ 538.531638][ C1] vkms_vblank_simulate: vblank timer overrun [ 539.348055][T12490] Invalid ELF header magic: != ELF [ 539.484729][T12488] FAULT_INJECTION: forcing a failure. [ 539.484729][T12488] name failslab, interval 1, probability 0, space 0, times 0 [ 539.497707][T12488] CPU: 1 UID: 0 PID: 12488 Comm: syz.1.1326 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 539.497740][T12488] Tainted: [U]=USER [ 539.497745][T12488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 539.497754][T12488] Call Trace: [ 539.497761][T12488] [ 539.497767][T12488] dump_stack_lvl+0x16c/0x1f0 [ 539.497797][T12488] should_fail_ex+0x512/0x640 [ 539.497820][T12488] ? fs_reclaim_acquire+0xae/0x150 [ 539.497840][T12488] ? tomoyo_encode2+0x100/0x3e0 [ 539.497862][T12488] should_failslab+0xc2/0x120 [ 539.497878][T12488] __kmalloc_noprof+0xd2/0x510 [ 539.497899][T12488] ? d_absolute_path+0x136/0x1a0 [ 539.497920][T12488] tomoyo_encode2+0x100/0x3e0 [ 539.497940][T12488] tomoyo_encode+0x29/0x50 [ 539.497958][T12488] tomoyo_realpath_from_path+0x18f/0x6e0 [ 539.497982][T12488] tomoyo_path_number_perm+0x245/0x580 [ 539.497999][T12488] ? tomoyo_path_number_perm+0x237/0x580 [ 539.498016][T12488] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 539.498034][T12488] ? find_held_lock+0x2b/0x80 [ 539.498067][T12488] ? find_held_lock+0x2b/0x80 [ 539.498082][T12488] ? hook_file_ioctl_common+0x145/0x410 [ 539.498102][T12488] ? __fget_files+0x20e/0x3c0 [ 539.498125][T12488] security_file_ioctl+0x9b/0x240 [ 539.498144][T12488] __x64_sys_ioctl+0xb7/0x210 [ 539.498163][T12488] do_syscall_64+0xcd/0x490 [ 539.498185][T12488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.498200][T12488] RIP: 0033:0x7f14d5d8e929 [ 539.498213][T12488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 539.498227][T12488] RSP: 002b:00007f14d6b23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 539.498242][T12488] RAX: ffffffffffffffda RBX: 00007f14d5fb6080 RCX: 00007f14d5d8e929 [ 539.498252][T12488] RDX: 0000000000000007 RSI: 0000000080dc5521 RDI: 0000000000000008 [ 539.498261][T12488] RBP: 00007f14d6b23090 R08: 0000000000000000 R09: 0000000000000000 [ 539.498270][T12488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 539.498279][T12488] R13: 0000000000000000 R14: 00007f14d5fb6080 R15: 00007fff5c825088 [ 539.498298][T12488] [ 539.498315][T12488] ERROR: Out of memory at tomoyo_realpath_from_path. [ 540.334751][T12504] FAULT_INJECTION: forcing a failure. [ 540.334751][T12504] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 540.368430][T12504] CPU: 1 UID: 0 PID: 12504 Comm: syz.1.1330 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 540.368473][T12504] Tainted: [U]=USER [ 540.368480][T12504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 540.368493][T12504] Call Trace: [ 540.368507][T12504] [ 540.368518][T12504] dump_stack_lvl+0x16c/0x1f0 [ 540.368562][T12504] should_fail_ex+0x512/0x640 [ 540.368605][T12504] strncpy_from_user+0x3b/0x2e0 [ 540.368640][T12504] getname_flags.part.0+0x8f/0x550 [ 540.368676][T12504] getname_flags+0x93/0xf0 [ 540.368708][T12504] do_sys_openat2+0xb8/0x1d0 [ 540.368735][T12504] ? __pfx_do_sys_openat2+0x10/0x10 [ 540.368765][T12504] ? __fget_files+0x20e/0x3c0 [ 540.368806][T12504] __x64_sys_openat+0x174/0x210 [ 540.368835][T12504] ? __pfx___x64_sys_openat+0x10/0x10 [ 540.368863][T12504] ? ksys_write+0x1ac/0x250 [ 540.368910][T12504] do_syscall_64+0xcd/0x490 [ 540.368949][T12504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.368975][T12504] RIP: 0033:0x7f14d5d8e929 [ 540.368996][T12504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 540.369022][T12504] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 540.369048][T12504] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 540.369065][T12504] RDX: 0000000000109000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 540.369082][T12504] RBP: 00007f14d6b44090 R08: 0000000000000000 R09: 0000000000000000 [ 540.369098][T12504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 540.369114][T12504] R13: 0000000000000001 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 540.369148][T12504] [ 540.549648][ C1] vkms_vblank_simulate: vblank timer overrun [ 542.428133][T12525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1335'. [ 542.437721][T12525] bridge_slave_1: left allmulticast mode [ 542.444715][T12525] bridge_slave_1: left promiscuous mode [ 542.472583][T12525] bridge0: port 2(bridge_slave_1) entered disabled state [ 542.526846][T12525] bridge_slave_0: left allmulticast mode [ 542.533483][T12525] bridge_slave_0: left promiscuous mode [ 542.547841][T12525] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.082686][T12536] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 543.100372][T12536] CPU: 1 UID: 0 PID: 12536 Comm: syz.1.1339 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 543.100422][T12536] Tainted: [U]=USER [ 543.100432][T12536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 543.100450][T12536] Call Trace: [ 543.100460][T12536] [ 543.100471][T12536] dump_stack_lvl+0x16c/0x1f0 [ 543.100527][T12536] sysfs_warn_dup+0x7f/0xa0 [ 543.100568][T12536] sysfs_do_create_link_sd+0x124/0x140 [ 543.100604][T12536] sysfs_create_link+0x61/0xc0 [ 543.100641][T12536] device_add+0x62c/0x1a70 [ 543.100676][T12536] ? __pfx_device_add+0x10/0x10 [ 543.100707][T12536] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 543.100753][T12536] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 543.100810][T12536] wiphy_register+0x1c9c/0x2850 [ 543.100844][T12536] ? netdev_run_todo+0x864/0x1320 [ 543.100886][T12536] ? __dev_printk+0x1e0/0x270 [ 543.100929][T12536] ? __pfx_wiphy_register+0x10/0x10 [ 543.100980][T12536] ieee80211_register_hw+0x24ac/0x4140 [ 543.101025][T12536] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 543.101060][T12536] ? find_held_lock+0x2b/0x80 [ 543.101090][T12536] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 543.101129][T12536] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 543.101160][T12536] ? __hrtimer_setup+0x176/0x280 [ 543.101203][T12536] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 543.101273][T12536] ? trace_kmalloc+0x2b/0xd0 [ 543.101303][T12536] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 543.101344][T12536] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 543.101378][T12536] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 543.101417][T12536] ? __asan_memcpy+0x3c/0x60 [ 543.101448][T12536] hwsim_new_radio_nl+0xb51/0x12c0 [ 543.101474][T12536] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 543.101506][T12536] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 543.101527][T12536] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 543.101549][T12536] genl_family_rcv_msg_doit+0x209/0x2f0 [ 543.101569][T12536] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 543.101586][T12536] ? trace_cap_capable+0x18d/0x200 [ 543.101607][T12536] ? bpf_lsm_capable+0x9/0x10 [ 543.101625][T12536] ? security_capable+0x7e/0x260 [ 543.101640][T12536] ? ns_capable+0xd7/0x110 [ 543.101660][T12536] genl_rcv_msg+0x55c/0x800 [ 543.101682][T12536] ? __pfx_genl_rcv_msg+0x10/0x10 [ 543.101701][T12536] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 543.101730][T12536] netlink_rcv_skb+0x158/0x420 [ 543.101745][T12536] ? __pfx_genl_rcv_msg+0x10/0x10 [ 543.101763][T12536] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 543.101787][T12536] ? netlink_deliver_tap+0x1ae/0xd30 [ 543.101812][T12536] genl_rcv+0x28/0x40 [ 543.101827][T12536] netlink_unicast+0x58a/0x850 [ 543.101845][T12536] ? __pfx_netlink_unicast+0x10/0x10 [ 543.101865][T12536] netlink_sendmsg+0x8d1/0xdd0 [ 543.101883][T12536] ? __pfx_netlink_sendmsg+0x10/0x10 [ 543.101907][T12536] ____sys_sendmsg+0xa98/0xc70 [ 543.101924][T12536] ? copy_msghdr_from_user+0x10a/0x160 [ 543.101945][T12536] ? __pfx_____sys_sendmsg+0x10/0x10 [ 543.101965][T12536] ? __pfx_futex_wake_mark+0x10/0x10 [ 543.101990][T12536] ___sys_sendmsg+0x134/0x1d0 [ 543.102012][T12536] ? __pfx____sys_sendmsg+0x10/0x10 [ 543.102033][T12536] ? __futex_hash.constprop.0+0x1e9/0x440 [ 543.102068][T12536] ? do_futex+0x122/0x350 [ 543.102089][T12536] __sys_sendmsg+0x16d/0x220 [ 543.102110][T12536] ? __pfx___sys_sendmsg+0x10/0x10 [ 543.102130][T12536] ? __x64_sys_futex+0x1e0/0x4c0 [ 543.102160][T12536] do_syscall_64+0xcd/0x490 [ 543.102185][T12536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.102201][T12536] RIP: 0033:0x7f14d5d8e929 [ 543.102215][T12536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 543.102229][T12536] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 543.102254][T12536] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 543.102266][T12536] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000006 [ 543.102276][T12536] RBP: 00007f14d5e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 543.102286][T12536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 543.102295][T12536] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 543.102317][T12536] [ 543.518611][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.309394][T12555] ubi0: attaching mtd0 [ 544.311691][T12555] ubi0: scanning is finished [ 544.311822][T12555] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 544.834021][T12555] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 544.955369][T12560] FAULT_INJECTION: forcing a failure. [ 544.955369][T12560] name failslab, interval 1, probability 0, space 0, times 0 [ 544.968101][T12557] Invalid ELF header magic: != ELF [ 544.979230][T12551] ALSA: mixer_oss: invalid OSS volume '' [ 545.017601][T12560] CPU: 0 UID: 0 PID: 12560 Comm: syz.0.1344 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 545.017648][T12560] Tainted: [U]=USER [ 545.017657][T12560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 545.017671][T12560] Call Trace: [ 545.017682][T12560] [ 545.017692][T12560] dump_stack_lvl+0x16c/0x1f0 [ 545.017740][T12560] should_fail_ex+0x512/0x640 [ 545.017778][T12560] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 545.017820][T12560] should_failslab+0xc2/0x120 [ 545.017846][T12560] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 545.017897][T12560] ? find_held_lock+0x2b/0x80 [ 545.017922][T12560] ? alloc_vfsmnt+0x23/0x730 [ 545.017953][T12560] alloc_vfsmnt+0x23/0x730 [ 545.017980][T12560] clone_mnt+0x6d/0xff0 [ 545.018007][T12560] ? copy_tree+0x50d/0xa20 [ 545.018083][T12560] ? copy_mnt_ns+0x1ac/0xac0 [ 545.018123][T12560] copy_tree+0x38d/0xa20 [ 545.018169][T12560] copy_mnt_ns+0x1ac/0xac0 [ 545.018204][T12560] ? trace_kmem_cache_alloc+0x28/0xc0 [ 545.018232][T12560] ? trace_cap_capable+0x18d/0x200 [ 545.018256][T12560] ? create_new_namespaces+0x30/0xa90 [ 545.018291][T12560] create_new_namespaces+0xd3/0xa90 [ 545.018319][T12560] ? bpf_lsm_capable+0x9/0x10 [ 545.018348][T12560] ? security_capable+0x7e/0x260 [ 545.018378][T12560] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 545.018411][T12560] ksys_unshare+0x45b/0xa40 [ 545.018448][T12560] ? __pfx_ksys_unshare+0x10/0x10 [ 545.018481][T12560] ? ksys_write+0x1ac/0x250 [ 545.018527][T12560] __x64_sys_unshare+0x31/0x40 [ 545.018560][T12560] do_syscall_64+0xcd/0x490 [ 545.018600][T12560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.018627][T12560] RIP: 0033:0x7f8fea78e929 [ 545.018649][T12560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 545.018672][T12560] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 545.018697][T12560] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 545.018715][T12560] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 545.018730][T12560] RBP: 00007f8feb6bb090 R08: 0000000000000000 R09: 0000000000000000 [ 545.018746][T12560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 545.018761][T12560] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 545.018794][T12560] [ 545.956341][T12573] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1347'. [ 545.976846][T12575] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1347'. [ 546.015908][T12573] netlink: 210 bytes leftover after parsing attributes in process `syz.0.1347'. [ 546.523254][T12580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1349'. [ 546.863082][T12590] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1351'. [ 547.517358][T12604] FAULT_INJECTION: forcing a failure. [ 547.517358][T12604] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 547.540875][T12604] CPU: 0 UID: 0 PID: 12604 Comm: syz.2.1354 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 547.540922][T12604] Tainted: [U]=USER [ 547.540931][T12604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 547.540947][T12604] Call Trace: [ 547.540956][T12604] [ 547.540966][T12604] dump_stack_lvl+0x16c/0x1f0 [ 547.541019][T12604] should_fail_ex+0x512/0x640 [ 547.541063][T12604] should_fail_alloc_page+0xe7/0x130 [ 547.541089][T12604] prepare_alloc_pages+0x3c2/0x610 [ 547.541126][T12604] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 547.541172][T12604] ? find_held_lock+0x2b/0x80 [ 547.541203][T12604] ? __lock_acquire+0x622/0x1c90 [ 547.541234][T12604] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 547.541273][T12604] ? __lock_acquire+0x622/0x1c90 [ 547.541316][T12604] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 547.541357][T12604] ? policy_nodemask+0xea/0x4e0 [ 547.541385][T12604] alloc_pages_mpol+0x1fb/0x550 [ 547.541412][T12604] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 547.541436][T12604] ? kernel_text_address+0x8d/0x100 [ 547.541461][T12604] ? __kernel_text_address+0xd/0x40 [ 547.541483][T12604] ? unwind_get_return_address+0x59/0xa0 [ 547.541525][T12604] folio_alloc_mpol_noprof+0x36/0x2f0 [ 547.541556][T12604] shmem_alloc_folio+0x135/0x160 [ 547.541588][T12604] shmem_alloc_and_add_folio+0x499/0xc20 [ 547.541630][T12604] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 547.541669][T12604] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 547.541711][T12604] shmem_get_folio_gfp+0x67f/0x1600 [ 547.541754][T12604] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 547.541790][T12604] ? __lock_acquire+0x622/0x1c90 [ 547.541827][T12604] shmem_fault+0x1fe/0xa30 [ 547.541862][T12604] ? __pfx_shmem_fault+0x10/0x10 [ 547.541911][T12604] __do_fault+0x10a/0x490 [ 547.541949][T12604] ? __pfx_filemap_map_pages+0x10/0x10 [ 547.541988][T12604] __handle_mm_fault+0x374c/0x5490 [ 547.542041][T12604] ? __pfx___handle_mm_fault+0x10/0x10 [ 547.542071][T12604] ? __pfx_mt_find+0x10/0x10 [ 547.542116][T12604] ? find_vma+0xbf/0x140 [ 547.542141][T12604] ? __pfx_find_vma+0x10/0x10 [ 547.542171][T12604] handle_mm_fault+0x589/0xd10 [ 547.542205][T12604] ? __pkru_allows_pkey+0x51/0xb0 [ 547.542241][T12604] do_user_addr_fault+0x7a6/0x1370 [ 547.542281][T12604] ? rcu_is_watching+0x12/0xc0 [ 547.542313][T12604] exc_page_fault+0x5c/0xb0 [ 547.542349][T12604] asm_exc_page_fault+0x26/0x30 [ 547.542375][T12604] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 547.542406][T12604] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 547.542431][T12604] RSP: 0018:ffffc90004f8fa18 EFLAGS: 00050206 [ 547.542454][T12604] RAX: 0000000000000001 RBX: 0000000000002000 RCX: 0000000000002000 [ 547.542470][T12604] RDX: 0000000000000000 RSI: ffff888036800000 RDI: 000000000001f400 [ 547.542485][T12604] RBP: 000000000001f400 R08: 0000000000000000 R09: ffffed1006d003ff [ 547.542501][T12604] R10: ffff888036801fff R11: 0000000000000000 R12: ffff888036800000 [ 547.542517][T12604] R13: 0000000000021400 R14: 00007ffffffff000 R15: 0000000000000000 [ 547.542553][T12604] _copy_to_user+0xbb/0xd0 [ 547.542595][T12604] con_font_op+0xc2c/0xf50 [ 547.542629][T12604] ? __pfx_con_font_op+0x10/0x10 [ 547.542649][T12604] ? __might_fault+0xe3/0x190 [ 547.542679][T12604] ? __might_fault+0xe3/0x190 [ 547.542707][T12604] ? __might_fault+0x13b/0x190 [ 547.542748][T12604] vt_ioctl+0x48f/0x30a0 [ 547.542776][T12604] ? lockdep_hardirqs_on+0x7c/0x110 [ 547.542810][T12604] ? __pfx_vt_ioctl+0x10/0x10 [ 547.542840][T12604] ? tomoyo_path_number_perm+0x295/0x580 [ 547.542874][T12604] ? tomoyo_path_number_perm+0x18d/0x580 [ 547.542907][T12604] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 547.542935][T12604] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 547.542973][T12604] ? do_vfs_ioctl+0x523/0x1a60 [ 547.543003][T12604] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 547.543048][T12604] ? tty_jobctrl_ioctl+0x152/0xe00 [ 547.543082][T12604] ? __pfx_vt_ioctl+0x10/0x10 [ 547.543109][T12604] tty_ioctl+0x65e/0x1640 [ 547.543149][T12604] ? __pfx_tty_ioctl+0x10/0x10 [ 547.543198][T12604] ? fd_install+0x244/0x750 [ 547.543230][T12604] ? hook_file_ioctl_common+0x145/0x410 [ 547.543275][T12604] ? __pfx_tty_ioctl+0x10/0x10 [ 547.543313][T12604] __x64_sys_ioctl+0x18b/0x210 [ 547.543346][T12604] do_syscall_64+0xcd/0x490 [ 547.543384][T12604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.543409][T12604] RIP: 0033:0x7f9f6a78e929 [ 547.543431][T12604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.543455][T12604] RSP: 002b:00007f9f6b528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.543478][T12604] RAX: ffffffffffffffda RBX: 00007f9f6a9b5fa0 RCX: 00007f9f6a78e929 [ 547.543496][T12604] RDX: 0000000000000000 RSI: 0000000000004b72 RDI: 0000000000000000 [ 547.543511][T12604] RBP: 00007f9f6b528090 R08: 0000000000000000 R09: 0000000000000000 [ 547.543527][T12604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 547.543542][T12604] R13: 0000000000000000 R14: 00007f9f6a9b5fa0 R15: 00007ffef440af98 [ 547.543578][T12604] [ 548.296783][T12608] FAULT_INJECTION: forcing a failure. [ 548.296783][T12608] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 548.339514][T12608] CPU: 0 UID: 0 PID: 12608 Comm: syz.2.1355 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 548.339563][T12608] Tainted: [U]=USER [ 548.339572][T12608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 548.339586][T12608] Call Trace: [ 548.339595][T12608] [ 548.339606][T12608] dump_stack_lvl+0x16c/0x1f0 [ 548.339656][T12608] should_fail_ex+0x512/0x640 [ 548.339717][T12608] should_fail_alloc_page+0xe7/0x130 [ 548.339751][T12608] prepare_alloc_pages+0x3c2/0x610 [ 548.339786][T12608] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 548.339824][T12608] ? stack_trace_save+0x8e/0xc0 [ 548.339854][T12608] ? __pfx_stack_trace_save+0x10/0x10 [ 548.339861][T12610] FAULT_INJECTION: forcing a failure. [ 548.339861][T12610] name failslab, interval 1, probability 0, space 0, times 0 [ 548.339883][T12608] ? stack_depot_save_flags+0x28/0xa40 [ 548.339926][T12608] ? kasan_save_stack+0x42/0x60 [ 548.339956][T12608] ? kasan_save_stack+0x33/0x60 [ 548.339987][T12608] ? kasan_save_track+0x14/0x30 [ 548.340026][T12608] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 548.340066][T12608] ? move_page_tables+0x28c8/0x4070 [ 548.340104][T12608] ? move_vma+0x548/0x1740 [ 548.340139][T12608] ? do_syscall_64+0xcd/0x490 [ 548.340188][T12608] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.340246][T12608] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 548.340290][T12608] ? policy_nodemask+0xea/0x4e0 [ 548.340320][T12608] alloc_pages_mpol+0x1fb/0x550 [ 548.340350][T12608] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 548.340374][T12608] ? css_rstat_updated+0x9d/0xd30 [ 548.340412][T12608] alloc_pages_noprof+0x131/0x390 [ 548.340441][T12608] pte_alloc_one+0x1c/0x3a0 [ 548.340468][T12608] __pte_alloc+0x6d/0x3c0 [ 548.340496][T12608] ? __pfx___pte_alloc+0x10/0x10 [ 548.340523][T12608] ? _raw_spin_unlock+0x28/0x50 [ 548.340557][T12608] ? __pmd_alloc+0x3fb/0x930 [ 548.340590][T12608] move_page_tables+0x23af/0x4070 [ 548.340636][T12608] ? __pfx_copy_vma+0x10/0x10 [ 548.340674][T12608] ? lockdep_hardirqs_on+0x7c/0x110 [ 548.340737][T12608] ? __pfx_move_page_tables+0x10/0x10 [ 548.340783][T12608] ? __schedule+0x1181/0x5de0 [ 548.340831][T12608] ? __lock_acquire+0x622/0x1c90 [ 548.340875][T12608] copy_vma_and_data+0x216/0x750 [ 548.340919][T12608] ? __pfx_copy_vma_and_data+0x10/0x10 [ 548.340965][T12608] ? __vma_enter_locked+0x163/0x3f0 [ 548.341004][T12608] ? find_held_lock+0x2b/0x80 [ 548.341033][T12608] ? move_vma+0x536/0x1740 [ 548.341067][T12608] ? __vm_enough_memory+0x184/0x3f0 [ 548.341105][T12608] move_vma+0x548/0x1740 [ 548.341149][T12608] ? __pfx_move_vma+0x10/0x10 [ 548.341191][T12608] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 548.341225][T12608] ? cap_mmap_addr+0x4b/0x120 [ 548.341250][T12608] ? bpf_lsm_mmap_addr+0x9/0x10 [ 548.341279][T12608] ? security_mmap_addr+0x6c/0x1e0 [ 548.341313][T12608] ? __get_unmapped_area+0x267/0x440 [ 548.341346][T12608] ? vrm_set_new_addr+0x208/0x290 [ 548.341387][T12608] __do_sys_mremap+0xe07/0x1590 [ 548.341430][T12608] ? __pfx___do_sys_mremap+0x10/0x10 [ 548.341479][T12608] ? __fget_files+0x204/0x3c0 [ 548.341521][T12608] ? __x64_sys_futex+0x1e0/0x4c0 [ 548.341578][T12608] do_syscall_64+0xcd/0x490 [ 548.341622][T12608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.341650][T12608] RIP: 0033:0x7f9f6a78e929 [ 548.341675][T12608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 548.341713][T12608] RSP: 002b:00007f9f6b528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 548.341742][T12608] RAX: ffffffffffffffda RBX: 00007f9f6a9b5fa0 RCX: 00007f9f6a78e929 [ 548.341762][T12608] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 548.341778][T12608] RBP: 00007f9f6a810b39 R08: 0000000100000000 R09: 0000000000000000 [ 548.341795][T12608] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 548.341812][T12608] R13: 0000000000000000 R14: 00007f9f6a9b5fa0 R15: 00007ffef440af98 [ 548.341848][T12608] [ 548.734088][T12610] CPU: 1 UID: 0 PID: 12610 Comm: syz.0.1356 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 548.734129][T12610] Tainted: [U]=USER [ 548.734137][T12610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 548.734151][T12610] Call Trace: [ 548.734161][T12610] [ 548.734172][T12610] dump_stack_lvl+0x16c/0x1f0 [ 548.734215][T12610] should_fail_ex+0x512/0x640 [ 548.734247][T12610] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 548.734288][T12610] should_failslab+0xc2/0x120 [ 548.734310][T12610] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 548.734341][T12610] ? ptlock_alloc+0x1f/0x70 [ 548.734375][T12610] ptlock_alloc+0x1f/0x70 [ 548.734400][T12610] pte_alloc_one+0x82/0x3a0 [ 548.734423][T12610] __pte_alloc+0x6d/0x3c0 [ 548.734446][T12610] ? __pfx___pte_alloc+0x10/0x10 [ 548.734467][T12610] ? _raw_spin_unlock+0x28/0x50 [ 548.734494][T12610] ? __pmd_alloc+0x3fb/0x930 [ 548.734521][T12610] move_page_tables+0x23af/0x4070 [ 548.734561][T12610] ? __pfx_copy_vma+0x10/0x10 [ 548.734591][T12610] ? finish_task_switch.isra.0+0x21c/0xc10 [ 548.734624][T12610] ? __pfx_move_page_tables+0x10/0x10 [ 548.734653][T12610] ? finish_task_switch.isra.0+0x221/0xc10 [ 548.734701][T12610] copy_vma_and_data+0x216/0x750 [ 548.734735][T12610] ? __pfx_copy_vma_and_data+0x10/0x10 [ 548.734773][T12610] ? __vma_enter_locked+0x163/0x3f0 [ 548.734806][T12610] ? find_held_lock+0x2b/0x80 [ 548.734830][T12610] ? move_vma+0x536/0x1740 [ 548.734858][T12610] ? __vm_enough_memory+0x184/0x3f0 [ 548.734887][T12610] move_vma+0x548/0x1740 [ 548.734933][T12610] ? __pfx_move_vma+0x10/0x10 [ 548.734968][T12610] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 548.734993][T12610] ? cap_mmap_addr+0x4b/0x120 [ 548.735015][T12610] ? bpf_lsm_mmap_addr+0x9/0x10 [ 548.735039][T12610] ? security_mmap_addr+0x6c/0x1e0 [ 548.735067][T12610] ? __get_unmapped_area+0x267/0x440 [ 548.735094][T12610] ? vrm_set_new_addr+0x208/0x290 [ 548.735128][T12610] __do_sys_mremap+0xe07/0x1590 [ 548.735163][T12610] ? __pfx___do_sys_mremap+0x10/0x10 [ 548.735202][T12610] ? __fget_files+0x204/0x3c0 [ 548.735240][T12610] ? __x64_sys_futex+0x1e0/0x4c0 [ 548.735288][T12610] do_syscall_64+0xcd/0x490 [ 548.735324][T12610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.735348][T12610] RIP: 0033:0x7f8fea78e929 [ 548.735368][T12610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 548.735389][T12610] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 548.735411][T12610] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 548.735426][T12610] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 548.735440][T12610] RBP: 00007f8fea810b39 R08: 0000000100000000 R09: 0000000000000000 [ 548.735453][T12610] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 548.735466][T12610] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 548.735497][T12610] [ 549.027555][ C1] vkms_vblank_simulate: vblank timer overrun [ 549.180670][T12616] FAULT_INJECTION: forcing a failure. [ 549.180670][T12616] name failslab, interval 1, probability 0, space 0, times 0 [ 549.213953][T12616] CPU: 0 UID: 0 PID: 12616 Comm: syz.1.1358 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 549.214000][T12616] Tainted: [U]=USER [ 549.214009][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 549.214025][T12616] Call Trace: [ 549.214038][T12616] [ 549.214048][T12616] dump_stack_lvl+0x16c/0x1f0 [ 549.214095][T12616] should_fail_ex+0x512/0x640 [ 549.214130][T12616] ? fs_reclaim_acquire+0xae/0x150 [ 549.214164][T12616] ? tomoyo_encode2+0x100/0x3e0 [ 549.214195][T12616] should_failslab+0xc2/0x120 [ 549.214225][T12616] __kmalloc_noprof+0xd2/0x510 [ 549.214269][T12616] tomoyo_encode2+0x100/0x3e0 [ 549.214307][T12616] tomoyo_encode+0x29/0x50 [ 549.214339][T12616] tomoyo_realpath_from_path+0x18f/0x6e0 [ 549.214382][T12616] tomoyo_check_open_permission+0x2ab/0x3c0 [ 549.214414][T12616] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 549.214482][T12616] ? find_held_lock+0x2b/0x80 [ 549.214519][T12616] tomoyo_file_open+0x6b/0x90 [ 549.214556][T12616] security_file_open+0x84/0x1e0 [ 549.214590][T12616] do_dentry_open+0x596/0x1c10 [ 549.214644][T12616] vfs_open+0x82/0x3f0 [ 549.214670][T12616] path_openat+0x1de4/0x2cb0 [ 549.214718][T12616] ? __pfx_path_openat+0x10/0x10 [ 549.214755][T12616] ? __lock_acquire+0xb8a/0x1c90 [ 549.214793][T12616] do_filp_open+0x20b/0x470 [ 549.214829][T12616] ? __pfx_do_filp_open+0x10/0x10 [ 549.214876][T12616] ? __pfx_kfree_link+0x10/0x10 [ 549.214916][T12616] ? alloc_fd+0x471/0x7d0 [ 549.214960][T12616] do_sys_openat2+0x11b/0x1d0 [ 549.214987][T12616] ? __pfx_do_sys_openat2+0x10/0x10 [ 549.215030][T12616] __x64_sys_openat+0x174/0x210 [ 549.215059][T12616] ? __pfx___x64_sys_openat+0x10/0x10 [ 549.215103][T12616] do_syscall_64+0xcd/0x490 [ 549.215143][T12616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.215170][T12616] RIP: 0033:0x7f14d5d8d290 [ 549.215193][T12616] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 549.215217][T12616] RSP: 002b:00007f14d6b43fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 549.215242][T12616] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f14d5d8d290 [ 549.215259][T12616] RDX: 0000000000000002 RSI: 00007f14d5e10e1e RDI: 00000000ffffff9c [ 549.215275][T12616] RBP: 00007f14d5e10e1e R08: 0000000000000000 R09: 00007f14d6b45000 [ 549.215291][T12616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 549.215307][T12616] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 549.215342][T12616] [ 549.215524][T12616] ERROR: Out of memory at tomoyo_realpath_from_path. [ 549.518918][T12616] FAULT_INJECTION: forcing a failure. [ 549.518918][T12616] name failslab, interval 1, probability 0, space 0, times 0 [ 549.545401][T12616] CPU: 0 UID: 0 PID: 12616 Comm: syz.1.1358 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 549.545445][T12616] Tainted: [U]=USER [ 549.545454][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 549.545469][T12616] Call Trace: [ 549.545479][T12616] [ 549.545489][T12616] dump_stack_lvl+0x16c/0x1f0 [ 549.545536][T12616] should_fail_ex+0x512/0x640 [ 549.545572][T12616] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 549.545627][T12616] should_failslab+0xc2/0x120 [ 549.545653][T12616] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 549.545689][T12616] ? vm_area_dup+0x27/0x8d0 [ 549.545732][T12616] vm_area_dup+0x27/0x8d0 [ 549.545767][T12616] copy_vma+0x4fa/0xaa0 [ 549.545810][T12616] ? __pfx_copy_vma+0x10/0x10 [ 549.545856][T12616] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 549.545915][T12616] copy_vma_and_data+0x1cf/0x750 [ 549.545958][T12616] ? __pfx_copy_vma_and_data+0x10/0x10 [ 549.546001][T12616] ? __vma_enter_locked+0x163/0x3f0 [ 549.546037][T12616] ? find_held_lock+0x2b/0x80 [ 549.546066][T12616] ? move_vma+0x536/0x1740 [ 549.546098][T12616] ? __vm_enough_memory+0x184/0x3f0 [ 549.546132][T12616] move_vma+0x548/0x1740 [ 549.546173][T12616] ? __pfx_move_vma+0x10/0x10 [ 549.546213][T12616] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 549.546241][T12616] ? cap_mmap_addr+0x4b/0x120 [ 549.546261][T12616] ? bpf_lsm_mmap_addr+0x9/0x10 [ 549.546285][T12616] ? security_mmap_addr+0x6c/0x1e0 [ 549.546317][T12616] ? __get_unmapped_area+0x267/0x440 [ 549.546349][T12616] ? vrm_set_new_addr+0x208/0x290 [ 549.546387][T12616] __do_sys_mremap+0xe07/0x1590 [ 549.546432][T12616] ? __pfx___do_sys_mremap+0x10/0x10 [ 549.546470][T12616] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 549.546513][T12616] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 549.546558][T12616] ? __fget_files+0x20e/0x3c0 [ 549.546595][T12616] ? rcu_is_watching+0x10/0xc0 [ 549.546649][T12616] do_syscall_64+0xcd/0x490 [ 549.546692][T12616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.546718][T12616] RIP: 0033:0x7f14d5d8e929 [ 549.546739][T12616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 549.546762][T12616] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 549.546787][T12616] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 549.546804][T12616] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 549.546819][T12616] RBP: 00007f14d6b44090 R08: 0000000100000000 R09: 0000000000000000 [ 549.546839][T12616] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 549.546855][T12616] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 549.546890][T12616] [ 551.153323][T12651] FAULT_INJECTION: forcing a failure. [ 551.153323][T12651] name failslab, interval 1, probability 0, space 0, times 0 [ 551.247107][T12651] CPU: 0 UID: 0 PID: 12651 Comm: syz.0.1368 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 551.247149][T12651] Tainted: [U]=USER [ 551.247158][T12651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 551.247172][T12651] Call Trace: [ 551.247181][T12651] [ 551.247192][T12651] dump_stack_lvl+0x16c/0x1f0 [ 551.247236][T12651] should_fail_ex+0x512/0x640 [ 551.247270][T12651] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 551.247311][T12651] should_failslab+0xc2/0x120 [ 551.247334][T12651] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 551.247365][T12651] ? find_held_lock+0x2b/0x80 [ 551.247391][T12651] ? alloc_vfsmnt+0x23/0x730 [ 551.247419][T12651] alloc_vfsmnt+0x23/0x730 [ 551.247442][T12651] clone_mnt+0x6d/0xff0 [ 551.247466][T12651] ? copy_tree+0x50d/0xa20 [ 551.247494][T12651] ? copy_mnt_ns+0x1ac/0xac0 [ 551.247532][T12651] copy_tree+0x38d/0xa20 [ 551.247576][T12651] copy_mnt_ns+0x1ac/0xac0 [ 551.247611][T12651] ? trace_kmem_cache_alloc+0x28/0xc0 [ 551.247639][T12651] ? trace_cap_capable+0x18d/0x200 [ 551.247664][T12651] ? create_new_namespaces+0x30/0xa90 [ 551.247700][T12651] create_new_namespaces+0xd3/0xa90 [ 551.247734][T12651] ? bpf_lsm_capable+0x9/0x10 [ 551.247766][T12651] ? security_capable+0x7e/0x260 [ 551.247796][T12651] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 551.247828][T12651] ksys_unshare+0x45b/0xa40 [ 551.247863][T12651] ? __pfx_ksys_unshare+0x10/0x10 [ 551.247896][T12651] ? ksys_write+0x1ac/0x250 [ 551.247943][T12651] __x64_sys_unshare+0x31/0x40 [ 551.247975][T12651] do_syscall_64+0xcd/0x490 [ 551.248014][T12651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.248041][T12651] RIP: 0033:0x7f8fea78e929 [ 551.248062][T12651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 551.248087][T12651] RSP: 002b:00007f8feb6bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 551.248114][T12651] RAX: ffffffffffffffda RBX: 00007f8fea9b5fa0 RCX: 00007f8fea78e929 [ 551.248130][T12651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 551.248145][T12651] RBP: 00007f8feb6bb090 R08: 0000000000000000 R09: 0000000000000000 [ 551.248159][T12651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 551.248174][T12651] R13: 0000000000000000 R14: 00007f8fea9b5fa0 R15: 00007ffee97a2988 [ 551.248206][T12651] [ 551.760844][T12661] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 553.046460][T12679] Process accounting resumed [ 553.242346][T12684] FAULT_INJECTION: forcing a failure. [ 553.242346][T12684] name failslab, interval 1, probability 0, space 0, times 0 [ 553.286700][T12684] CPU: 0 UID: 0 PID: 12684 Comm: syz.1.1377 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 553.286747][T12684] Tainted: [U]=USER [ 553.286756][T12684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 553.286773][T12684] Call Trace: [ 553.286783][T12684] [ 553.286793][T12684] dump_stack_lvl+0x16c/0x1f0 [ 553.286840][T12684] should_fail_ex+0x512/0x640 [ 553.286877][T12684] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 553.286913][T12684] should_failslab+0xc2/0x120 [ 553.286938][T12684] __kmalloc_cache_noprof+0x6a/0x3e0 [ 553.286969][T12684] ? trace_kmalloc+0x2b/0xd0 [ 553.286993][T12684] ? __kvmalloc_node_noprof+0x298/0x620 [ 553.287026][T12684] ? gpiolib_seq_start+0x69/0x270 [ 553.287060][T12684] ? traverse.part.0.constprop.0+0x392/0x640 [ 553.287098][T12684] gpiolib_seq_start+0x69/0x270 [ 553.287132][T12684] traverse.part.0.constprop.0+0xac/0x640 [ 553.287176][T12684] seq_read_iter+0x932/0x12c0 [ 553.287210][T12684] ? aa_file_perm+0x4d6/0xfb0 [ 553.287265][T12684] seq_read+0x39e/0x4e0 [ 553.287296][T12684] ? __pfx_seq_read+0x10/0x10 [ 553.287327][T12684] ? copy_iovec_from_user+0x131/0x170 [ 553.287368][T12684] ? iovec_from_user+0xbb/0x140 [ 553.287408][T12684] full_proxy_read+0x13c/0x200 [ 553.287440][T12684] ? __pfx_full_proxy_read+0x10/0x10 [ 553.287464][T12684] vfs_readv+0x5c1/0x8b0 [ 553.287506][T12684] ? __pfx_vfs_readv+0x10/0x10 [ 553.287538][T12684] ? find_held_lock+0x2b/0x80 [ 553.287590][T12684] ? __fget_files+0x20e/0x3c0 [ 553.287631][T12684] ? do_preadv+0x1a6/0x270 [ 553.287661][T12684] do_preadv+0x1a6/0x270 [ 553.287693][T12684] ? __pfx_do_preadv+0x10/0x10 [ 553.287730][T12684] do_syscall_64+0xcd/0x490 [ 553.287764][T12684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.287789][T12684] RIP: 0033:0x7f14d5d8e929 [ 553.287810][T12684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 553.287835][T12684] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 553.287860][T12684] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 553.287877][T12684] RDX: 0000000000000002 RSI: 0000200000002fc0 RDI: 0000000000000003 [ 553.287893][T12684] RBP: 00007f14d6b44090 R08: 0000000000000019 R09: 0000000000000000 [ 553.287909][T12684] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 553.287925][T12684] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 553.287961][T12684] [ 553.288134][T12684] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 553.545478][T12684] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 553.553914][T12684] CPU: 0 UID: 0 PID: 12684 Comm: syz.1.1377 Tainted: G U 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 553.567560][T12684] Tainted: [U]=USER [ 553.571359][T12684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 553.581413][T12684] RIP: 0010:gpiolib_seq_stop+0x4c/0xe0 [ 553.586960][T12684] Code: 48 c1 ea 03 80 3c 02 00 0f 85 98 00 00 00 48 8b 9b e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 60 8b [ 553.606571][T12684] RSP: 0018:ffffc90004fcf9b0 EFLAGS: 00010247 [ 553.612639][T12684] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888027fa5a80 [ 553.620608][T12684] RDX: 0000000000000000 RSI: ffffffff85101a4e RDI: 0000000000000004 [ 553.628595][T12684] RBP: 0000000000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 553.636624][T12684] R10: ffffffff8e792ab3 R11: ffffffffffff26f8 R12: ffffffff8c196e40 [ 553.644609][T12684] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888027fa5a80 [ 553.652593][T12684] FS: 00007f14d6b446c0(0000) GS:ffff888124720000(0000) knlGS:0000000000000000 [ 553.661541][T12684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 553.668126][T12684] CR2: 0000555581853588 CR3: 0000000028056000 CR4: 00000000003526f0 [ 553.676110][T12684] Call Trace: [ 553.679408][T12684] [ 553.682348][T12684] traverse.part.0.constprop.0+0x2c0/0x640 [ 553.688188][T12684] seq_read_iter+0x932/0x12c0 [ 553.692884][T12684] ? aa_file_perm+0x4d6/0xfb0 [ 553.697592][T12684] seq_read+0x39e/0x4e0 [ 553.701813][T12684] ? __pfx_seq_read+0x10/0x10 [ 553.706533][T12684] ? copy_iovec_from_user+0x131/0x170 [ 553.711940][T12684] ? iovec_from_user+0xbb/0x140 [ 553.716810][T12684] full_proxy_read+0x13c/0x200 [ 553.721598][T12684] ? __pfx_full_proxy_read+0x10/0x10 [ 553.726984][T12684] vfs_readv+0x5c1/0x8b0 [ 553.731255][T12684] ? __pfx_vfs_readv+0x10/0x10 [ 553.736028][T12684] ? find_held_lock+0x2b/0x80 [ 553.740745][T12684] ? __fget_files+0x20e/0x3c0 [ 553.745453][T12684] ? do_preadv+0x1a6/0x270 [ 553.749882][T12684] do_preadv+0x1a6/0x270 [ 553.754136][T12684] ? __pfx_do_preadv+0x10/0x10 [ 553.758910][T12684] do_syscall_64+0xcd/0x490 [ 553.763430][T12684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.769326][T12684] RIP: 0033:0x7f14d5d8e929 [ 553.773738][T12684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 553.793351][T12684] RSP: 002b:00007f14d6b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 553.801766][T12684] RAX: ffffffffffffffda RBX: 00007f14d5fb5fa0 RCX: 00007f14d5d8e929 [ 553.809732][T12684] RDX: 0000000000000002 RSI: 0000200000002fc0 RDI: 0000000000000003 [ 553.817697][T12684] RBP: 00007f14d6b44090 R08: 0000000000000019 R09: 0000000000000000 [ 553.825660][T12684] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 553.833626][T12684] R13: 0000000000000000 R14: 00007f14d5fb5fa0 R15: 00007fff5c825088 [ 553.841600][T12684] [ 553.844610][T12684] Modules linked in: [ 553.849259][T12684] ---[ end trace 0000000000000000 ]--- [ 553.907450][T12684] RIP: 0010:gpiolib_seq_stop+0x4c/0xe0 [ 553.913016][T12684] Code: 48 c1 ea 03 80 3c 02 00 0f 85 98 00 00 00 48 8b 9b e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 60 8b [ 553.944927][T12684] RSP: 0018:ffffc90004fcf9b0 EFLAGS: 00010247 [ 553.953771][T12684] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888027fa5a80 [ 553.977182][T12684] RDX: 0000000000000000 RSI: ffffffff85101a4e RDI: 0000000000000004 [ 553.988313][T12684] RBP: 0000000000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 554.006633][T12684] R10: ffffffff8e792ab3 R11: ffffffffffff26f8 R12: ffffffff8c196e40 [ 554.031220][T12684] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888027fa5a80 [ 554.040152][T12684] FS: 00007f14d6b446c0(0000) GS:ffff888124820000(0000) knlGS:0000000000000000 [ 554.057039][T12684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 554.064018][T12684] CR2: 0000001b31207ff8 CR3: 0000000028056000 CR4: 00000000003526f0 [ 554.093988][T12684] Kernel panic - not syncing: Fatal exception [ 554.100488][T12684] Kernel Offset: disabled [ 554.104816][T12684] Rebooting in 86400 seconds..